Facebook is turning its attention to Canada with a new AI research office in Montreal. Google and Microsoft already have outposts in the city and countless other tech companies, including Uber, have researchers based in Canada. McGill University’s Joelle Pineau will be leading Facebook’s AI efforts in Montreal.
Pineau’s research focus tends to lean heavily on robotics and dialog systems, particularly applications of reinforcement learning. Dialog research and natural language processing (NLP) more broadly is one of the core interests of Facebook’s AI Research (FAIR) Lab for obvious reasons — Facebook is home to a lot of text. And Facebook M, its personal assistant, in particular relies heavily on dialog.
With uncertainty in the American immigration system, Canada is emerging as a center for research work. While the U.S. still leads the world in AI talent, some of the best researchers come from abroad. Canada’s own schools like Waterloo and McGill (to name a few) are AI research centers and programs further abroad at schools like Tsinghua and Cambridge are exceedingly strong.
With there still being a shortage of AI talent, Facebook’s office in Montreal will provide the company access to a secure pipeline of gifted researchers. While Yann LeCun, head of Facebook AI Research, said that immigration policy didn’t play into his team’s decision to expand to Montreal, he did note the clear benefits of operating in the region.
“Part of the reason for establishing ourselves here is taking advantage of this pool of talent,” LeCun noted in an interview. “This didn’t factor into our decision, but immigration in Canada is more well organized than immigration into the U.S..”
Facebook currently operates AI research centers in Paris, New York City and Menlo Park, employing about 105 researchers. The aim is to grow the Montreal group from its founding team of four to 30 or 40 FAIRly quickly.
As part of this announcement, Facebook is donating money to McGill and the University of Montreal to support graduate students and help improve computational infrastructure. While working to hire a team for Facebook, Pineau will be maintaining her academic position at McGill. If you’re interested in reading some of Pineau’s work, including some particularly interesting applications of machine learning to medical use cases, you can find the papers on the McGill site.
Applications are officially closed for TechCrunch’s Battlefield Australia, and the response exceeded expectations. There are 272 early-stage companies from Australia and New Zealand that are now vying for a spot in Battlefield Australia and for a chance to walk away with the $25,000 prize and an all-expense paid trip to Disrupt SF in 2018. That’s an impressive number of applicants by any standard.
The majority of the companies come from New South Wales and Victoria, but we’re happy to see applicants from all across Australia and New Zealand alike. The November 16 event in Sydney at the ATP Locomotive Workshop will provide a gob-smacking intro for the global audience to the amazing startup scene Down Under. Want a ticket to the event? Click here.
Next up in the process, our editors will review the applications to find the top 15. We will notify the selected companies no later than October 11, but the identity of the participants will remain a secret until the day of the show, when they pitch the Battlefield judges, all of whom are top investors and founders from the region and beyond.
Meanwhile, TechCrunch’s editors will be working with the final 15 to sharpen pitches, improve stage presence and role play potential questions from the judges.
All eyes will be on these founders, and TechCrunch’s goal is to put them in the best position prior to them taking the stage in front of the judges, a live audience, and a global audience online. The Battlefield will be streamed live on TechCrunch, YouTube, Twitter and Facebook.
TechCrunch is sending a cohort of writers and editors to help with the event. Leading the team is TechCrunch’s Editor-in-Chief, Matthew Panzarino, and joining him are Josh Constine, Jordan Crook, Anthony Ha, and Greg Kumparak. Needless to say, they are looking forward to catching up on the ANZ ecosystem and unearthing great stories.
The event’s agenda is filling fast with speakers and Battlefield judges. Look for the full agenda in a few weeks. But we’re happy to let on the names of a few speakers and judges, including Melanie Perkins, a co-founder and CEO at Canva, Steve Ji, a partner at Sequoia Capital China, and David Gowdey, managing partner at Singapore’s Jungle Ventures, and Ian Gardiner, head of startup ecosystems for ANZ at Amazon Web Services.
There’s more to come next week. In the meantime, wish us well at TC Disrupt SF, which starts next Monday.
Facebook enabled advertisers to target the news feeds of users who expressed anti-Semitic interests, according to a report by ProPublica Thursday.
ProPublica said it paid Facebook $30 to display three so-called “promoted posts” in the news feeds of people who expressed interest in topics like “Jew hater,” “How to burn jews,” or, “History of ‘why jews ruin the world.'”
“Facebook approved all three ads within 15 minutes,” the site said in its report.
ProPublica said Facebook removed the anti-Semitic categories after the social network was alerted to them this week.
In an email to Fox News, a Facebook spokeswoman said the anti-Semitic categories were “self-reported based on how people filled out their profiles.”
“Essentially, users filling out their profiles may have added descriptions like ‘Jew hater’,” the spokeswoman wrote, “which then would appear to advertisers as potential categories of users to which ads could be directed, no algorithm involved.”
“We don’t allow hate speech on Facebook,” Rob Leathern, product management director at Facebook, said in a statement. “Our community standards strictly prohibit attacking people based on their protected characteristics, including religion, and we prohibit advertisers from discriminating against people based on religion and other attributes.
“However, there are times where content is surfaced on our platform that violates our standards,” Leathern added. “In this case, we’ve removed the associated targeting fields in question. We know we have more work to do, so we’re also building new guardrails in our product and review processes to prevent other issues like this from happening in the future.
Facebook disclosed last week that thousands of fake accounts that appeared to be affiliated with Russia bought $100,000 worth of ads that focused on controversial issues during last year’s presidential election.
In an era where art is shared and streamed for free, Patreon offers new hope for turning content creation into a career. Illustrators, comedians, game makers, and musicians use Patreon to let fans pay a monthly subscription fee for special access to their work. In exchange, Patreon takes only a tiny 5% cut.
With 50,000 creators and 1 million subscribers on board paying an average of $12 per month for early and exclusive looks at their content, Patreon is on track to pay out $150 million in 2017. That means Patreon will only earn about $7.5 million this year despite doubling in size.
But investors are betting that if enough artists sign on and bring their fans, Patreon could grow into a pillar of the new creator economy. TechCrunch has learned that Patreon has closed a big Series C round of funding, three sources confirm. Two say it values the startup at around $450 million and that Index Ventures participated in the round but didn’t lead it. Patreon declined to comment for this story.
The cash should give Patreon the muscle needed to compete with other big platforms that help creators monetize, including YouTube and Facebook’s new Watch tab of original video. While those two have massive user bases and teams to court artists, they only pay out 55% of the ad revenue earned off a creator’s content. With some more marketing to boost awareness that Patreon pays out 95%, and that direct payments from fans deliver many orders of magnitude more revenue that ad views, Patreon could gain ground.
To Fund The Creative Class
Musician and videographer Jack Conte had struggled to earn enough from his work, and found one-off project crowdfunding platforms like Kickstarter didn’t provide the steady capital artists need to focus on creativity. So in 2013 he co-founded Patreon, “whose mission it is to fund the creative class” he told me in June. “Advertising? It doesn’t pay enough. Consumer payments has to be come a bigger portion of the financial mechanics that support art.”
Patreon had raised $47.1 million to date up through its January 2016 $30 million Series B led by Thrive Capital and joined by Index that also participated in the Series A. But this big infusion of new capital could boost the confidence of creators in the platform. If they know Patreon isn’t going to run out of money any time soon, they may be more enthusiastic about building a subscriber base for the long-run on the platform.
Deeper pockets could also allow Patreon to build out its suite of bonus tools for creators, some of which it could charge extra for. “There’s going to be new opportunities to build revenue streams into the product” Conte has promised me. He suggested that could include selling event tickets or merchandise, or better helping creators understand and communicate with fans. That could grow Patreon’s take beyond the 5% rake it takes that seems paltry compared to what platforms like iTunes or Spotify earn.
Illustrator WLOP offers 4K-sized version of their art with no watermarks to Patreon subscribers
To its advantage, Patreon is relatively lenient about what types of content are monetized on its platform. Erotic drawings, adult games, and marijuana-related news and entertainment are all attracting subscribers on Patreon. Much of this isn’t even allowed on Facebook or YouTube, or can’t be monetized with ads following YouTube’s Adpocalypse crack down after the PewDiePie scandal or the new rules Facebook published this week.
Though this is a double-edged sword. Patreon has seen some right-wing political pundits raise money through hate speech. It kicked off several, leading to the creation of its alt-right clone Hatreon. More funding will bring more scrutiny, and Patreon will have the tough job of walking the free-speech-without-filth tightrope in codifying what exactly is allowed and enforcing those rules.
So far, Patreon hasn’t been too focused on helping people discover new creators to fund. That’s a massive opportunity for it to grow its revenue and assist artists. But it would also produce challenges. How much should Patreon promote already-popular creators who might have better conversion rates even if it makes the site into a bit of an echo chamber? Making editorial decisions about who to spotlight could also leave Patreon vulnerable if any of those creators end up offending people.
It’s all worth the risk, though, as a mission and as a business. Content distribution is moving online. Creators beyond video-makers and Indiegogo inventors want a steady paycheck. Ad platforms are proving to be restrictive, stingy, and just don’t bring in enough cash. Automation threatens old professions. The Internet is able to connect niche artists with niche audiences. And with all the new ways to forge bonds with your favorite creators, consumers are increasingly willing to pay for enhanced access to the personalities they love.
Patreon sits at the center of all these trends. Not every artist has to be starving.
It’s about as good a timing as any for Lyft to capitalize on the tidal wave of negative publicity that Uber is facing right now, and it looks like it might end up with a significant investment from Alphabet in the middle of that train wreck, according to a report by Axios.
That’s not to say that this is directly related to Uber, which has a new CEO and is trying to move on from the disaster of the past few months. Still, Alphabet appears to be discussing a $1 billion investment in Lyft in an effort led by CEO Larry Page, according to the report. Lyft last raised $600 million at a $7.5 billion valuation in April.
This would be an interesting move for Google, which invested in Uber early in its life through its investment arm GV. We’d heard some murmurs of something brewing between Alphabet and Lyft for a few weeks, but it was unclear what the outcome would be. Bloomberg also reported the news this afternoon. In the end, it appears that Lyft may get a big infusion of cash to fuel its efforts to pick away at Uber — especially as it appears primed to begin its move internationally, according to a report from The Information.
A big financing round like this would go a long way for Lyft, which can use the capital to provide aggressive driver and rider benefits through promotions. Lyft may have an opportunity to snag momentum away from Uber in key cities by ramping up in marketing and discounts. That is an expensive proposition, to be sure, but Lyft also has the benefit of the wave of troubles Uber has had recently. Such a large investment would also help Lyft remain independent.
Makeup Crew will sell NYX products, feature “shoppable content,” including video tutorials by customers and beauty bloggers and let users leave reviews, earn rewards and download stickers.
NYX’s inclusive brand philosophy — its marketing features a much more diverse array of people than most other beauty brands, with different races and genders represented — and social media initiatives were considered innovative, but now many competitors have adopted the same strategies to reach younger consumers.
“That means we need to continue to innovate and this app is unlike anything else we’ve seen in the market,” says Mehdi Mehdi, NYX’s vice president of digital and e-commerce.
“We also feel like the technology is finally available to create an app that integrates all of our key strategies without compromising on quality, such as shoppable videos and user-generated content.”
In order to scale its digital content, NYX uses algorithms created by Olapic, a visual marketing platform, to decide which crowdsourced selfies are featured on its e-commerce site. Mehdi says NYX was the first beauty brand to launch Olapic’s tool and it will continue to use the tech in its app. Most of Makeup Crew’s technology, however, was custom-built by Texas-based software development agency Oven Bits, including the app’s shoppable video platform and its integration with NYX’s brick-and-mortar stores.
When the app launches, it will give NYX a third channel (the other two are its site and standalone brick-and-mortar stores) to gather data about customers’ shopping habits. Like other e-commerce companies, NYX uses predictive intelligence tools to recommend products based on each shopper’s browsing and purchasing history.
“In terms of the shopping experience, being disconnected from a web browser gives us the flexibility to re-think the e-commerce flow. Every piece of content is fully shoppable without being funneled through a product page,” Mehdi says.
“You can watch a video and add products to your cart as the artist is using them or you can shop the full look as a bundle,” he adds. “We really wanted to push the envelope and re-think the way consumers shop for products, otherwise there would have been no need to develop an app that just follows the same flow as our website on mobile.”
Makeup Crew will serve as a digital hub for NYX, pulling together user-generated content from its social media platforms. Instagram photos will feature on its homepage, while another section will have YouTube videos. The app also helps NYX gather data to help it develop future product lines. For example, users can create a personalized beauty profile with information about their preferences by swiping left or right on photos.
“We’re not a brand that promotes models or celebrity spokespeople to market our products. When you open the app, you’re going to see real people posting their artistry and product feedback without editing,” says Mehdi. “We’re prioritizing authenticity and transparency, which goes against the grain of many of the brands that are overly protective of their image.”
Over $10 billion is wasted every year due to fraudulent e-commerce charges and that number is growing. This is not only costly and time-consuming for the businesses, but also the credit card companies and customers.
But now there are several startups including Signifyd that believe they can use technology to cut down on some of this fraud before it occurs. Another is CashShield, which has been building a big business out of Singapore and counts clients like Alibaba and Razer.
Bootstrapped and profitable, CashShield is raising its first round of funding since it was founded in 2008. The $5.5 million was led by GGV Capital, with participation from Nest co-founder and iPod creator Tony Fadell.
Fadell provided the following statement to TechCrunch. “CashShield is at the forefront of fraud reduction through machine learning that best’s all current technologies on the market by an order of magnitude. It’s the only company in the sector with a Wall Street-style, high-frequency trading approach to weighing fraud risk for companies, and it’s clear that their technology will be in demand by many industries.”
Jenny Lee, managing partner at GGV Capital, said she invested because “CashShield solves a problem that has international scalability. Any transaction – ecommerce, gaming, medical – is subject to fraud.”
Its business model works by charging customers for every transaction that they’ve been sent to validate, instead of per subscription. CashShield could not share its revenue, but it’s on track to process more than $1 billion in GMV this year.
The new funding will help CashShield expand to Silicon Valley. CEO Justin Lie said he now wants to use CashShield’s technology for social media account verification as well. He believes that CashShield can help combat “fake news” or misleading information that is sometimes shared by hacked accounts.
Lindy Fishburne has spent most of the last six years heading up Breakout Labs, a San Francisco-based program that’s underwritten by renowned investor Peter Thiel and that in 2011 began offering nascent science-focused startups up to $350,000 in funding with no strings attached.
The idea from the start was to support scientist-entrepreneurs for a year or two so they might reach the next critical milestone of their research. If the teams should catch the attention of investors afterward, all the better.
Turns out some of its companies have done just that. One of the first outfits to receive seed capital from Breakout Labs, a tissue imaging platform called 3Scan, has gone on to raise $20.7 million from Lux Capital and Data Collective, among other investors. Another, Modern Meadow, which grows leather in a lab and has been partnering with fashion companies and tanneries, has raised $53.5 million from investors.
Little wonder that Fishburne — who is also senior vice president of investments at the Thiel Foundation — decided it might make sense to enlist her Breakout Labs colleagues — including its scientific director, Hemai Parthasarathy and portfolio director Julia Moore — and create a more traditional venture fund that can support some of these companies as they, yes, break out.
Toward that end, their year-old outfit, Breakout Ventures, has just closed its debut fund with $60.1 million in capital commitments. (An SEC filing had popped up earlier this morning; Fishburne, with whom we communicated over email earlier today, confirmed for us that the fund is now closed.)
Asked if Thiel is an anchor investor in the fund, Fishburne declined to say, but she tells us Thiel Foundation is a limited partner, along with other “family offices and institutions interested in building a future powered by science,” including DCVC co-founders Matt Ocko and Zach Bogue, S-Cubed Capital, and Dolby Family Ventures.
Fishburne also says the firm has already begun writing some checks. It owns stakes in 3Scan and Modern Meadow, for example. It also owns stakes in two other companies that have received seed funding from Breakout Labs: Cortexyme and Immusoft.
Cortexyme is at work on therapies for Alzheimer’s disease and other degenerative disorders and has so far raised at least $23 million, including from Pfizer. Immusoft, a gene therapy company that re-programs a patient’s own B cells to attack diseases like HIV, has meanwhile raised roughly $5 million, shows Crunchbase.
Broadly speaking, Fishburne says that Breakout Ventures plans to focus on Series A- and Series B-stage “deep science” companies, and that it plans to leverage the Breakout Labs pipeline. “We know those companies better than anyone else and have seen them execute from the very beginning,” she notes.
The team will occasionally invest outside of that pipeline, Fishburne adds. In fact, she estimates that between 20 and 30 percent of investments from this new fund will be made in teams outside the universe of Breakout Lab companies.
In the meantime, to keep that pipeline full, Fishburne, Parthasarathy and Moore continue to manage Breakout Labs. There, they’ll keep selecting between 6 and 10 new deep-science companies each year to support.
Pictured above, left to right: Hemai Parthasarathy, Lindy Fishburne, Julia Moore.
Instagram, the Facebook-owned photo app, has become a lucrative shop window for many small entrepreneurs. So what are the secrets of its success?
When Facebook bought the photo app Instagram in 2012 for a cool $1bn (£760m), eyebrows were raised at the value the tech giant had placed on this 18-month-old start-up.
Fast forward to 2017, and while Instagram may still be Facebook’s little sister, it has built a sizeable community of 700 million users – dwarfing both Twitter and Snapchat.
With improved photo filters and the addition of Instagram Stories, a feature that lets users upload short videos that disappear after 24 hours, the platform has become a big hit with freelancers and small organisations looking to reach new audiences.
So how can you use it to make money?
“Instagram is your shop front,” says Donna McCulloch, a fashion stylist who works under the name Sulky Doll.
“People don’t ask for business cards any more – they ask for your ‘handle’ [Instagram nickname]. It’s instant – you both get your phones out, and you’re connected.”
For yoga instructor Cat Meffan, the glamorous images she posts of herself in impressive yoga positions in picturesque locations around the world are intended to inspire and motivate her 77,000 followers.
But they also help her to build her business.
“I sold out my first yoga retreat in five days and all I did was put up one Instagram post,” she says.
“I was extremely shocked and excited. That’s the power of Instagram.”
Cat says she’ll spend up to an hour crafting the captions alongside her photos – sometimes more than she’ll spend on taking the photo itself.
“Sometimes I’ll go out and do a photoshoot with my partner. But usually it’s me with a self-timer or holding the phone.”
Like Donna, Cat finds adding hashtags to her photos a useful way of reaching a new audience. A search for #yoga, for example, will bring up her images, along with those of others, while Donna’s #OOTD (Outfit of The Day) are by far her most popular.
“It’s a nice way of finding like-minded people,” says Cat.
Both women also use the Stories feature to post videos which, they say, show them as they really are – an antidote to the artificial gloss that many Instagrammers are notorious for adding to their images.
“Stories allow people to get more of a handle on you as a person and a brand,” says Donna.
“Stories are like peeking behind the net curtains. The biggest compliment is when people say you come across the same in real life as you do on your feed [Instagram page].”
Both Cat and Donna have built their Instagram pages tightly around a very specific theme – yoga/wellness and fashion, respectively.
That’s important if you want to grow the number of people who follow you says Danny Coy, a photographer with 173,000 followers who now also works as an Instagram consultant.
For £300 a month his firm Vibrance says it can “typically” grow an account by 2,000 followers every four weeks. Techniques for attracting followers include posting regularly and having a bank of interesting images to hand.
“You don’t have to post every day, but engagement peaks – after 24 hours it’s done,” he says.
“It’s important to stick to your niche.”
That’s Instagram’s advice, too.
“If you tell a different story every time you come to Instagram people will struggle to understand what you’re trying to communicate,” says Jen Ronan, the firm’s head of small business for Europe, Middle East and Africa.
“Make sure you’re thoughtful about what you want your customers to know and ensure that you’re consistently reinforcing this over time.”
Many of Danny’s clients are companies, he says, who want to boost their numbers in order to look “legitimate” on the platform.
“From time to time it’ll be an up-and-coming photographer who feels they can’t get the numbers they deserve,” he says. “Everyone has to start somewhere.”
Instagrammers with a significant number of followers may be approached by brands seeking “influencers” or “ambassadors” to represent them – for a fee.
Incorporating brand products and imagery into photos and videos can be a lucrative sideline, although you have to make clear which content is sponsored under Instagram rules.
Donna McCulloch doesn’t do it: “I think I would lose my integrity,” she says, although she does admit to wearing clothes she’s been given.
“But it’s because I wanted it,” she maintains.
And Cat Meffan says she spends a lot of time “saying no” to brands she doesn’t think are right for her – but she does accept some.
“There’s no set fee in the Instagram world,” she says. “You have a discussion [with the brand] and you have what you think you’re worth.”
Danny Coy says: “Eighteen months ago I could easily be turning over £2,000-£3,000 a month in terms of influencer content.”
But he says the market is tailing off because brands have wised up. If an Instagrammer tags a brand in a post independently, the brand can use the image without payment.
“Most will ask first,” he says. “But once you’ve tagged them and put it on Instagram they don’t have to ask your permission.”
But isn’t it a bit of a turn-off being marketed to by people whose content you admire? And do viewers sometimes not realise they are looking at paid-for content?
Mariann Hardey, assistant professor of marketing at Durham University, thinks the Instagram community isn’t that gullible.
“It’s easy to get het up that influencers are taking over and people don’t understand they are seeing paid content, but the main users of Instagram are extremely savvy at being able to filter content that is branded or sponsored,” she says.
What’s most important is “whether the post is fun” and the pictures are “pretty”, she adds.
So, the consensus seems to be that if the sponsored Instagrammer is well-liked and engaging, and the content is entertaining, Generation Instagram doesn’t mind.
IBM on Tuesday launched LinuxOne Emperor II, the second generation of its open source mainframe computer system, at the annual Open Source Summit in Los Angeles.
The new model has a layer of security and privacy not seen in a Linux-based platform before, the company said.
“We saw in our success stories for Emperor that security was a recurring theme attracting new customers to the platform,” noted Mark Figley, director of LinuxOne Offerings at IBM.
“Later, our experience with blockchain — and specifically being the platform for IBM’s premier blockchain offering because of our security capabilities — reinforced that lesson for us,” he told LinuxInsider.
LinuxOne Emperor II includes a proprietary Secure Service Container technology that protects data against external threats, as well as internal threats from users with elevated credentials or from hackers who gain access to an insider’s credentials.
The system is the most advanced enterprise Linux platform anywhere, IBM said. It features the fastest microprocessor in the industry and a unique I/O architecture with up to 64 cores dedicated to I/O processing.
“LinuxOne is a highly engineered platform with unique security, data privacy and regulatory compliance capabilities, combined with a design optimized for data serving and transaction processing at extreme scale,” said Ross Mauri, general manager of IBM LinuxOne.
More than 4 billion data records were lost or stolen in 2016 — a 556 percent jump from the year before, IBM noted.
Of the 9 billion records breached over the past year, only 4 percent previously were encrypted, the company said.
LinuxOne Emperor II’s vertically integrated, shared everything design allows it to support a 17-TB MongoDB Enterprise instance in a single system, with up to 10 times better read/write latency than an x86 based implementation, according to IBM. That gives applications faster, more secure access to data, while allowing greater scale.
The system also provides integrated, pause-less garbage collection, which allows Java applications to run concurrently. It provides constant transaction processing 2.6 times that of x86-based systems, which need to stop workloads to conduct garbage collection.
Further, the new system provides certified Docker EE, with integrated management and scale tested with up to 2 million containers.
“As a service provider, LinuxOne allows us to set up a complete IT infrastructure capable of supporting millions of users in the blink of an eye for clients like the Plastic Bank,” said Ron Argent, CEO of the Cognition Foundry. That cuts the risk of outside hacking threats due to separate user environments running on the system.
IBM is offering beta participation for both developers and clients, working in an observation or hands-on mode.
The Open Source Factor
“Something being open source does not make it less secure because it is open source, but it is true that many new-generation open source projects focus on capability enablement before they focus on high-security assurance, especially in the early days of a project,” noted IBM’s Figley.
“Security isn’t the only thing often out of focus for an open source project in its early stages,” he pointed out.
“Other enterprise quality of service issues — such as scalability, reliability and consistency — are often focused on later in the life of an open source project as it matures,” Figley said.
“We believe that LinuxOne can accelerate the rate of adoption of new open source technologies, and allow companies to do so safely, because the LinuxOne platform can help solve many of the security, scalability, reliability and consistency issues at the system level while the software layer continues to mature,” he explained.
“Certainly with the rise of Linux and a whole host of other open source technologies in very wide use in enterprises handling very critical apps and data, there isn’t any general concern about open source and security,” observed Gary Chen, research manager, software defined compute, at IDC.
“You really have to look at vendors and any software project, open or closed, individually,” he told LinuxInsider. “Some have very good security initiatives and prioritize security, and some don’t. Being open or closed has nothing to do with that, and you can find good and bad examples in each camp.”
Over the Shoulder
The Secure Service Container technology performs a couple of tasks that system administrators could do on their own — but they tend not to on a regular basis, said Paul Teich, principal analyst at Tirias Research.
First, it limits access to those authorized in secure service LPAR, (instead of allowing SSH credentials) he told LinuxInsider. Second, it disables direct memory access to secure containers.
As for IBM’s LinuxOne Emperor II security claims, Jeff Williams, chief technology officer at Contrast Security, dashed a bit of cold water on them.
“For application security, the Emperor II has no clothes,” he told LinuxInsider. “From what I understand here, Emperor II is container security. I believe it has enhanced access control and possibly encryption capabilities, but those are irrelevant at the application layer.”
The belief that you can drop “a vulnerable application into a secure container and everything will be OK,” Williams said, is one of the most “pernicious and dangerous ideas in security.”
The correct approach would be to secure the application itself, either using IAST to prevent vulnerabilities during the development phase, or using application runtime protection with RASP to prevent exploits.
David Jones is a freelance writer based in Essex County, New Jersey. He has written for Reuters, Bloomberg, Crain’s New York Business and The New York Times.