Blog of the website «TechCrunch» Прогноз погоды

People

John Smith

John Smith, 49

Joined: 28 January 2014

Interests: No data

Jonnathan Coleman

Jonnathan Coleman, 32

Joined: 18 June 2014

About myself: You may say I'm a dreamer

Interests: Snowboarding, Cycling, Beer

Andrey II

Andrey II, 41

Joined: 08 January 2014

Interests: No data

David

David

Joined: 05 August 2014

Interests: No data

David Markham

David Markham, 65

Joined: 13 November 2014

Interests: No data

Michelle Li

Michelle Li, 41

Joined: 13 August 2014

Interests: No data

Max Almenas

Max Almenas, 53

Joined: 10 August 2014

Interests: No data

29Jan

29Jan, 32

Joined: 29 January 2014

Interests: No data

s82 s82

s82 s82, 26

Joined: 16 April 2014

Interests: No data

Wicca

Wicca, 37

Joined: 18 June 2014

Interests: No data

Phebe Paul

Phebe Paul, 27

Joined: 08 September 2014

Interests: No data

Артем Ступаков

Артем Ступаков, 93

Joined: 29 January 2014

About myself: Радуюсь жизни!

Interests: No data

sergei jkovlev

sergei jkovlev, 59

Joined: 03 November 2019

Interests: музыка, кино, автомобили

Алексей Гено

Алексей Гено, 8

Joined: 25 June 2015

About myself: Хай

Interests: Интерес1daasdfasf, http://apple.com

technetonlines

technetonlines

Joined: 24 January 2019

Interests: No data



Main article: Information

<< Back Forward >>
Topics from 1 to 10 | in all: 40

A US House candidate says she was hacked — now she’s warning others

00:53 | 11 February

“I cannot think of a reason not to share this with the public,” said Brianna Wu

.

“Two of my non-campaign Google accounts were compromised by someone in Russia,” she said.

Wu isn’t just any other target. As a Democratic candidate for the U.S. House of Representatives in Massachusetts’ 8th District, she has a larger target on her back for hackers than the average constituent. And as a former software engineer, she knows all too well the cybersecurity risks that come along with running for political office.

But the breach of two of her non-campaign Google accounts was still a wake-up call.

Wu said she recently discovered that the two accounts had been breached. One of the accounts was connected to her Nest camera system at home, and the other was her Gmail account she used during the Gamergate controversy, during which Wu was a frequent target of vitriol and death threats. TechCrunch agreed to keep the details of the breach off the record as to not give any potential attackers an advantage. Attribution in cyberattacks, however, can be notoriously difficult because hackers can mask their tracks using proxies and other anonymity tools.

“I don’t believe anyone in Russia is targeting me specifically. I think it’s more likely they target everyone running for office,” she tweeted.

Wu said that both of her accounts had “solid protection measures” in place, including “unique, randomly generated passwords for both accounts.” She said that she reported the intrusions to the FBI.

“The worry is obviously that it could hurt the campaign,” she told TechCrunch. But she remains concerned that it could be an “active measure,” a term often used to describe Russian-led political interference in U.S. politics.

Politicians and political candidates are frequently targeted by hackers both in the U.S. and overseas. During the 2016 presidential election, Democratic candidate Hillary Clinton’s campaign manager John Podesta had his personal email account hacked and thousands of emails published by WikiLeaks. The recently released report by Special Counsel Robert Mueller blamed hackers working for Russian intelligence for the intrusion as part of a wider effort to discredit then-candidate Clinton and get President Trump elected.

Yet to this day, political campaigns remain largely responsible for their own cybersecurity.

“There is only so much the feds can do here, given the sheer size of the candidate pool for federal office,” said Joseph Lorenzo Hall, an election security expert and senior vice president at the Internet Society.

Hall said much of the federal government’s efforts have been on raising awareness and on “low-hanging fruit,” like enabling two-factor authentication. Homeland Security continues to brief both parties to the major cybersecurity threats ahead of voting later in November, and the FBI has online resources for political campaigns.

It’s only been in the past few months that tech companies have been allowed to step in to help.

Fearing a repeat of 2016, the Federal Elections Commission last year relaxed the rules to allow political campaigns to receive discounted cybersecurity help. That has also allowed companies like Cloudflare to enter the political campaign space, offering cybersecurity services to campaigns — which was previously considered a campaign finance violation.

It’s not a catch-all fix. A patchwork of laws and rules across the U.S. make it difficult for campaigns to prioritize internal cybersecurity efforts. It’s illegal in Maryland, for example, to use campaign finances for securing the personal accounts of candidates and their staff — the same kind of accounts that hackers used to break into Podesta’s email account in 2016. It’s an attack that remains in hackers’ arsenals. Just last year, Microsoft found Iranian-backed hackers were targeting personal email accounts “associated” with a 2020 presidential candidate — which later transpired to be President Trump’s campaign.

Both of the major U.S. political parties have made efforts to bolster cybersecurity at the campaign level. The Democrats recently updated their security checklist for campaigns and published recommendations for countering disinformation, and the Republicans have put on training sessions to better educate campaign officials.

But Wu said that the Democrats could do more to support campaign cybersecurity, and that she was speaking out to implore others who are running for Congress to do more to bolster their campaign’s cybersecurity.

“There is absolutely no culture of information security within the Democratic Party that I have seen,” said Wu. Fundraising lists are “freely swapped in unencrypted states,” she said, giving an example.

“There is generally not a culture of updating software or performing security audits,” she said. “The fact that this is not taken seriously is really underscored by Iowa and the Shadow debacle,” she said, referring to the Iowa caucus last week, in which a result-reporting app failed to work. It was later reported that the app, built by Shadow Inc., had several security flaws that made it vulnerable to hacking.

Spokespeople for the FBI and the Democratic Congressional Campaign Committee did not respond to a request for comment prior to publication.

“Infosec is expensive, and I know for many campaigns it may seem like a low priority,” Wu told TechCrunch.

“But how can we lead the country on cybersecurity issues if we don’t hold ourselves to the same standards we’re asking the American people to follow?” she said.

 


0

Recommendations for fintech startups navigating the procurement process

22:15 | 7 February

Marc Gilman Contributor
Marc Gilman is general counsel and VP of compliance at Theta Lake. He is also an adjunct professor at Fordham University School of Law.

The expanding scope of fintech has been well documented in these digital pages. Payments, investing, financial planning and lending often spring to mind as “classic” fintech startups, but other business models like regtech, compliance, human resources and marketing are on the ascent.

For passionate and talented founders, the tireless pursuit of building innovative technology is critical and fundamental. That said, to be successful in financial services, significant time and effort needs to be dedicated to other business fundamentals: corporate setup, privacy and security. The financial services customer base presents unique challenges for fintech startups as the regulatory and operational requirements for third-party vendor assessment and management are, in comparison to most other industries, brutal. Issues that might go overlooked during the early stages of product design and team-building could turn into obstacles during the sales process.

Understanding the dynamics of the financial services procurement process is essential if you want to negotiate it as quickly and seamlessly as possible. And before diving head-first into the development of your killer fintech app, consider the following questions:

  • Is my technical architecture secure?
  • Who is responsible for cybersecurity in the organization?

 


0

Privacy experts slam UK’s “disastrous” failure to tackle unlawful adtech

17:08 | 17 January

The UK’s data protection regulator has been slammed by privacy experts for once again failing to take enforcement action over systematic breaches of the law linked to behaviorally targeted ads — despite warning last summer that the adtech industry is out of control.

The Information Commissioner’s Office (ICO) has also previously admitted it suspects the real-time bidding (RTB) system involved in some programmatic online advertising to be unlawfully processing people’s sensitive information. But rather than take any enforcement against companies it suspects of law breaches it has today issued another mildly worded blog post — in which it frames what it admits is a “systemic problem” as fixable via (yet more) industry-led “reform”.

Yet it’s exactly such industry-led self-regulation that’s created the unlawful adtech mess in the first place, data protection experts warn.

The pervasive profiling of Internet users by the adtech ‘data industrial complex’ has been coming under wider scrutiny by lawmakers and civic society in recent years — with sweeping concerns being raised in parliaments around the world that individually targeted ads provide a conduit for discrimination, exploit the vulnerable, accelerate misinformation and undermine democratic processes as a consequence of platform asymmetries and the lack of transparency around how ads are targeted.

In Europe, which has a comprehensive framework of data protection rights, the core privacy complaint is that these creepy individually targeted ads rely on a systemic violation of people’s privacy from what amounts to industry-wide, Internet-enabled mass surveillance — which also risks the security of people’s data at vast scale.

It’s now almost a year and a half since the ICO was the recipient of a major complaint into RTB — filed by Dr Johnny Ryan of private browser Brave; Jim Killock, director of the Open Rights Group; and Dr Michael Veale, a data and policy lecturer at University College London — laying out what the complainants described then as “wide-scale and systemic” breaches of Europe’s data protection regime.

The complaint — which has also been filed with other EU data protection agencies — agues that the systematic broadcasting of people’s personal data to bidders in the adtech chain is inherently insecure and thereby contravenes Europe’s General Data Protection Regulation (GDPR), which stipulates that personal data be processed “in a manner that ensures appropriate security of the personal data”.

The regulation also requires data processors to have a valid legal basis for processing people’s information in the first place — and RTB fails that test, per privacy experts — either if ‘consent’ is claimed (given the sheer number of entities and volumes of data being passed around, which means it’s not credible to achieve GDPR’s ‘informed, specific and freely given’ threshold for consent to be valid); or ‘legitimate interests’ — which requires data processors carry out a number of balancing assessment tests to demonstrate it does actually apply.

“We have reviewed a number of justifications for the use of legitimate interests as the lawful basis for the processing of personal data in RTB. Our current view is that the justification offered by organisations is insufficient,” writes Simon McDougall, the ICO’s executive director of technology and innovation, developing a warning over the industry’s rampant misuse of legitimate interests to try to pass off RTB’s unlawful data processing as legit.

The ICO also isn’t exactly happy about what it’s found adtech doing on the Data Protection Impact Assessment front — saying, in so many words, that it’s come across widespread industry failure to actually, er, assess impacts.

“The Data Protection Impact Assessments we have seen have been generally immature, lack appropriate detail, and do not follow the ICO’s recommended steps to assess the risk to the rights and freedoms of the individual,” writes McDougall.

“We have also seen examples of basic data protection controls around security, data retention and data sharing being insufficient,” he adds.

Yet — again — despite fresh admissions of adtech’s lawfulness problem the regulator is choosing more stale inaction.

In the blog post McDougall does not rule out taking “formal” action at some point — but there’s only a vague suggestion of such activity being possible, and zero timeline for “develop[ing] an appropriate regulatory response”, as he puts it. (His preferred ‘E’ word in the blog is ‘engagement’; you’ll only find the word ‘enforcement’ in the footer link on the ICO’s website.)

“We will continue to investigate RTB. While it is too soon to speculate on the outcome of that investigation, given our understanding of the lack of maturity in some parts of this industry we anticipate it may be necessary to take formal regulatory action and will continue to progress our work on that basis,” he adds.

McDougall also trumpets some incremental industry fiddling — such as trade bodies agreeing to update their guidance — as somehow relevant to turning the tanker in a fundamentally broken system.

(Trade body, the Internet Advertising Bureau’s UK branch, has responded to developments with an upbeat note from its head of policy and regulatory affairs, Christie Dennehy-Neil, who lauds the ICO’s engagement as “a constructive process”, claiming: “We have made good progress” — before going on to urge its members and the wider industry to implement “the actions outlined in our response to the ICO” and “deliver meaningful change”. The statement climaxes with: “We look forward to continuing to engage with the ICO as this process develops.”)

McDougall also points to Google removing content categories from its RTB platform from next month (a move it announced months back, in November) as an important development; and seizes on the tech giant’s recent announcement of a proposal to phase out support for third party cookies within the next two years as ‘encouraging’.

Privacy experts have responded with facepalmed outrage to yet another can-kicking exercise by the UK regulator — warning that cosmetic tweaks to adtech won’t fix a system that’s designed to feast off unlawful and insecure high velocity background trading of Internet users’ personal data.

“When an industry is premised and profiting from clear and entrenched illegality that breach individuals’ fundamental rights, engagement is not a suitable remedy,” said UCL’s Veale. “The ICO cannot continue to look back at its past precedents for enforcement action, because it is exactly that timid approach that has led us to where we are now.”

The trio behind the RTB complaints (which includes Veale) have also issued a scathing collective response to more “regulatory ambivalence” — denouncing the lack of any “substantive action to end the largest data breach ever recorded in the UK”.

“The ‘Real-Time Bidding’ data breach at the heart of RTB market exposes every person in the UK to mass profiling, and the attendant risks of manipulation and discrimination,” they warn. “Regulatory ambivalence cannot continue. The longer this data breach festers, the deeper the rot sets in and the further our data gets exploited. This must end. We are considering all options to put an end to the systemic breach, including direct challenges to the controllers and judicial oversight of the ICO.”

Wolfie Christl, a privacy researcher who focuses on adtech — including contributing to a recent study looking at how extensively popular apps are sharing user data with advertisers, dubbed the ICO’s response “disastrous”.

“Last summer the ICO stated in their report that millions of people were affected by thousands of companies’ GDPR violations. I was sceptical when they announced they would give the industry six more months without enforcing the law. My impression is they are trying to find a way to impose cosmetic changes and keep the data industry happy rather than acting on their own findings and putting an end to the ubiquitous data misuse in today’s digital marketing, which should have happened years ago. The ICO seems to prioritize appeasing the industry over the rights of data subjects, and this is disastrous,” he told us.

“The way data-driven online marketing currently works is illegal at scale and it needs to be stopped from happening,” Christl added. “Each day EU data protection authorities allow these practices to continue further violates people’s rights and freedoms and perpetuates a toxic digital economy.

“This undermines the GDPR and generally trust in tech, perpetuates legal uncertainty for businesses, and punishes companies who comply and create privacy-respecting services and business models. 20 months after the GDPR came into full force, it is still not enforced in major areas. We still see large-scale misuse of personal information all over the digital world. There is no GDPR enforcement against the tech giants and there is no enforcement against thousands of data companies beyond the large platforms. It seems that data protection authorities across the EU are either not able — or not willing — to stop many kinds of GDPR violations conducted for business purposes. We won’t see any change without massive fines and data processing bans. EU member states and the EU commission must act.”

 


0

Cloudflare is giving away its security tools to US political campaigns

15:30 | 15 January

Network security giant Cloudflare said it will provide its free security tools and services to U.S. political campaigns, as part of its efforts to secure upcoming elections against cyberattacks and election interference.

The company said its new Cloudflare for Campaigns offering will include distributed denial-of-service attack mitigation, load balancing for campaign websites, a website firewall, and anti-bot protections.

It’s an expansion of the company’s security offering for journalists, civil rights activists and humanitarian groups under its Project Galileo, which aims to protect against disruptive cyberattacks. The project later expanded to smaller state and local government sites in 2018, with an aim of protecting servers containing voter registration data and other election infrastructure from attacks.

Now the company is offering its security services to 11 of the 17 presidential campaigns, it said, but wants to ensure that its offering is “available to the largest campaigns are also available to smaller campaigns as well.”

Cloudflare’s co-founder and chief executive Matthew Prince said there was a “clear need” to help campaigns secure not only their public facing websites but also their internal data security.

The company said it’s working with the non-partisan, non-profit organization Defending Digital Campaigns to provide its services to campaigns. Last year the Federal Elections Commission changed the rules to allow political campaigns to receive discounted cybersecurity assistance, which was previously a campaign finance violation.

 


0

Medigate partners with Cerner to secure medical devices and networks

17:00 | 19 December

Medigate, an Israeli startup working to secure medical devices and manage assets inside a hospital, has partnered with the medical information technology juggernaut Cerner on services and support for the Israli company’s security software.

Under the agreement, if customers work with Medigate, they’ll receive support from Cerner’s cybersecurity team to help with inventory of the devices in a location. Cerner will also offer remediation services to limit attacks if an organization has a security breach.

“With IDC estimating about 41.6 billion IoT devices in the field by 2025, it is extremely important that healthcare organizations have more visibility and control over what’s going on in their clinical network – and that needs to include medical devices and IoT devices,” said Medigate chief executive Jonathan Langer, in a statement. “Cerner has spent the last 40 years connecting people and systems within the healthcare industry. Working together will help thousands of health systems establish and maintain better control, to protect their data, ongoing operations and, ultimately, patient care.”

The security risks associated with increasingly networked healthcare technologies is an increasing area of concern for security professionals and a growing area of interest among venture investors and large corporation in the healthcare space alike.

“It’s important that the healthcare industry proactively work to prevent data breaches and cyberthreats rather than wait to react after the damage has been done, ,” said Jay Savaiano, Senior Director of Security Solutions at Cerner. “Our work with Medigate is a critical step in the right direction towards effective medical device security across healthcare organizations. We’re committed to helping our clients discover, manage and protect operations from today’s attacks and tomorrow’s threats.”

Medigate has a number of competitors looking at medical device and network security in the healthcare industry. Medcrypt, a recent graduate of the Y Combinator accelerator, raised $5.3 million earlier this year to tackle the problem and other companies, like Elektra Labs, are also looking at the security profiles of devices and therapies as part of an overall assessment of their efficacy.

 


0

Satori Cyber raises $5.25M to help businesses protect their data flows

17:00 | 17 December

The amount of data that most companies now store — and the places they store it — continues to increase rapidly. With that, the risk of the wrong people managing to get access to this data also increases, so it’s no surprise that we’re now seeing a number of startups that focus on protecting this data and how it flows between clouds and on-premises servers. Satori Cyber, which focuses on data protecting and governance, today announced that it has raised a $5.25 million seed round led by YL Ventures.

“We believe in the transformative power of data to drive innovation and competitive advantage for businesses,” the company says. “We are also aware of the security, privacy and operational challenges data-driven organizations face in their journey to enable broad and optimized data access for their teams, partners and customers. This is especially true for companies leveraging cloud data technologies.”

Satori is officially coming out of stealth mode today and launching its first product, the Satori Cyber Secure Data Access Cloud. This service provides enterprises with the tools to provide access controls for their data, but maybe just as importantly, it also offers these companies and their security teams visibility into their data flows across cloud and hybrid environments. The company argues that data is “a moving target” because it’s often hard to know how exactly it moves between services and who actually has access to it. With most companies now splitting their data between lots of different data stores, that problem only becomes more prevalent over time and continuous visibility becomes harder to come by.

“Until now, security teams have relied on a combination of highly segregated and restrictive data access and one-off technology-specific access controls within each data store, which has only slowed enterprises down,” said Satori Cyber CEO and Co-founder Eldad Chai. “The Satori Cyber platform streamlines this process, accelerates data access and provides a holistic view across all organizational data flows, data stores and access, as well as granular access controls, to accelerate an organization’s data strategy without those constraints.”

Both co-founders previously spent nine years building security solutions at Imperva and Incapsula (which acquired Imperva in 2014). Based on this experience, they understood that onboarding had to be as easy as possible and that operations would have to be transparent to the users. “We built Satori’s Secure Data Access Cloud with that in mind, and have designed the onboarding process to be just as quick, easy and painless. On-boarding Satori involves a simple host name change and does not require any changes in how your organizational data is accessed or used,” they explain.

 

 

 


0

A bug in Microsoft’s login system put users at risk of account hijacks

18:00 | 2 December

Microsoft has fixed a vulnerability in its login system, which security researchers say could have been used to trick unsuspecting victims into giving over complete access to their online accounts.

The bug allowed attackers to quietly steal account tokens, which websites and apps use to grant users access to their accounts without having them to constantly re-enter their passwords. These tokens are created by an app or a website in place of a username and password after a user logs in. That keeps the user persistently logged into the site, but also allows users to access third-party apps and websites without having to directly hand over their passwords.

Researchers at Israeli cybersecurity company CyberArk found that Microsoft left open an accidental loophole which, if exploited, could’ve been used to siphon off these account tokens used to access that victim’s account — potentially without ever alerting the user.

CyberArk’s latest research, shared exclusively with TechCrunch, found dozens of unregistered subdomains connected to a handful of apps built by Microsoft. These in-house apps are highly trusted and as such, associated subdomains can be used to generate access tokens automatically without requiring any explicit consent from the user.

With the subdomains in hand, all an attacker would need is trick an unsuspecting victim into clicking on a specially crafted link in an email or on a website, and the token can be stolen.

In some cases, the researchers said, this could be done in a “zero-click” way, which as the name suggests requires almost no user interaction at all. A malicious website hiding an embedded webpage could silently trigger the same request as a link in a malicious email to steal a user’s account token.

Luckily, the researchers registered as many of the subdomains they could find from the vulnerable Microsoft apps to prevent any malicious misuse, but warned there could be more.

The security flaw was reported to Microsoft in late October and was fixed three weeks later.

“We resolved the issue with the applications mentioned in this report in November and customers remain protected,” said a Microsoft spokesperson.

It’s not the first time Microsoft has acted to fix a bug in its login system. Almost exactly a year ago, the software and services giant fixed a similar vulnerability in which researchers were allowed to alter the records of an improperly configured Microsoft subdomain and steal Office account tokens.

Read more:

 


0

‘Magic: The Gathering’ game maker exposed 452,000 players’ account data

22:28 | 16 November

The maker of Magic: The Gathering has confirmed that a security lapse exposed the data on hundreds of thousands of game players.

The game’s developer, the Washington-based Wizards of the Coast, left a database backup file in a public Amazon Web Services storage bucket. The database file contained user account information for the game’s online arena. But there was no password on the storage bucket, allowing who with the bucket’s name to access the files inside.

The bucket is not believed to have been exposed for long — since around early-September — but it was long enough for U.K. cybersecurity firm Fidus Information Security to find the database.

A review of the database file showed there were 452,634 players’ information, including about 470 email addresses associated with Wizards’ staff. The database included player names and usernames, email addresses, and the date and time of the account’s creation. The database also had user passwords, which were hashed and salted, making it difficult but not impossible to unscramble.

None of the data was encrypted. The accounts date back to at least 2012, according to our review of the data.

Fidus reached out to Wizards of the Coast but did not hear back. It was only after TechCrunch reached out that the game maker pulled the storage bucket offline.

Bruce Dugan, a spokesperson for the game developer, told TechCrunch in a statement: “We learned that a database file from a decommissioned website had inadvertently been made accessible outside the company.”

“We removed the database file from our server and commenced an investigation to determine the scope of the incident,” he said. “We believe that this was an isolated incident and we have no reason to believe that any malicious use has been made of the data,” but the spokesperson did not provide any evidence for this claim.

“However, in an abundance of caution, we are notifying players whose information was contained in the database and requiring them to reset their passwords on our current system,” he said.

Harriet Lester, Fidus’ director of research and development, said it was “surprising in this day and age that misconfigurations and lack of basic security hygiene still exist on this scale, especially when referring to such large companies with a userbase of over 450,000 accounts.”

“Our research team work continuously, looking for misconfigurations such as this to alert companies as soon as possible to avoid the data falling into the wrong hands. It’s our small way of helping make the internet a safer place,” she told TechCrunch.

The game maker said it informed the U.K. data protection authorities about the exposure, in line with breach notification rules under Europe’s GDPR regulations. The U.K.’s Information Commissioner’s Office did not immediately return an email to confirm the disclosure.

Companies can be fined up to 4% of their annual turnover for GDPR violations.

 


0

IoT security startup Particle raises $40M in Series C

18:00 | 30 October

Particle, a platform for Internet of Things devices, has raised $40 million in its latest round of funding.

Qualcomm Ventures and Energy Impact Partners led the Series C raise, with backing from existing investors including Root Ventures, Bonfire Ventures, Industry Ventures, Spark Capital, Green D Ventures, Counterpart Ventures, and SOSV.

With its latest round of funding, Particle has raised comes to $81 million to date.

The San Francisco-based startup provides the back-end for its customers to bring Internet of Things devices to market without having to shell out for their own software infrastructure. The platform aims to be the all-in-one solution for IoT devices, with encryption and security, as well as data autonomy and scalability.

That means more traditional businesses can buy a fleet of sensors and other monitoring devices, hook them up to their own machines, and use Particle’s infrastructure for monitoring.

That’s a common theme that Particle sees, according to Zach Supalla, the company’s chief executive.

“More and more of our customers are in old-fashioned, even unglamorous, businesses like stormwater management, industrial equipment, shipping, or monitoring any number of compressors, pumps, and valves,” he said in remarks. “These businesses are diverse, but the common thread is that they need to monitor and control mission-critical machines, and we see it as our mission to help bring their machines, vehicles, and devices into the 21st century.”

Particle said the funding round follows “significant growth” for its enterprise platform, seeing 150 percent year-over-year growth in revenue.

The company currently has 100 staff working to support 85 enterprise clients across agriculture, automotive, smart city and other industries.

 


0

In a victory over Amazon, Microsoft wins $10B Pentagon JEDI cloud contract

02:15 | 26 October

The U.S. Department of Defense today announced that Microsoft has won its Joint Enterprise Defense Infrastructure (JEDI) cloud contract, worth up to $10B over a period of ten years. With this, Microsoft will provide infrastructure and platform services for both the Pentagon’s business and mission operations.

“The National Defense Strategy dictates that we must improve the speed and effectiveness with which we develop and deploy modernized technical capabilities to our women and men in uniform,” DOD Chief Information Officer Dana Deasy said in a related announcement. “The DOD Digital Modernization Strategy was created to support this imperative. This award is an important step in execution of the Digital Modernization Strategy.”

Microsoft beat out Amazon in the final round for this lucrative contract after the two cloud giants beat out other competitors like IBM and Oracle in an earlier round. Most pundits considered Amazon to be the frontrunner to win the deal.

The process to get to this point has been anything but uncomplicated, though, with various lawsuits, last-minute recusals and other controversies, with even the President getting involved at one point.

It’ll remain to be seen how Microsoft’s employees will react to this news. Last year, a number of Microsoft employees posted an open letter, asking the company not to bid for the contract. More recently, its employees also protested against GitHub’s relatively small $200,000 contract with the U.S. Immigration and Customs Enforcement agency. Against this backdrop, chances are we’ll see similar protests now that the company has won this deal with the Pentagon.

 


0
<< Back Forward >>
Topics from 1 to 10 | in all: 40

Site search


Last comments

Walmart retreats from its UK Asda business to hone its focus on competing with Amazon
Peter Short
Good luck
Peter Short

Evolve Foundation launches a $100 million fund to find startups working to relieve human suffering
Peter Short
Money will give hope
Peter Short

Boeing will build DARPA’s XS-1 experimental spaceplane
Peter Short
Great
Peter Short

Is a “robot tax” really an “innovation penalty”?
Peter Short
It need to be taxed also any organic substance ie food than is used as a calorie transfer needs tax…
Peter Short

Twitter Is Testing A Dedicated GIF Button On Mobile
Peter Short
Sounds great Facebook got a button a few years ago
Then it disappeared Twitter needs a bottom maybe…
Peter Short

Apple’s Next iPhone Rumored To Debut On September 9th
Peter Short
Looks like a nice cycle of a round year;)
Peter Short

AncestryDNA And Google’s Calico Team Up To Study Genetic Longevity
Peter Short
I'm still fascinated by DNA though I favour pure chemistry what could be
Offered is for future gen…
Peter Short

U.K. Push For Better Broadband For Startups
Verg Matthews
There has to an email option icon to send to the clowns in MTNL ... the govt of India's service pro…
Verg Matthews

CrunchWeek: Apple Makes Music, Oculus Aims For Mainstream, Twitter CEO Shakeup
Peter Short
Noted Google maybe grooming Twitter as a partner in Social Media but with whistle blowing coming to…
Peter Short

CrunchWeek: Apple Makes Music, Oculus Aims For Mainstream, Twitter CEO Shakeup
Peter Short
Noted Google maybe grooming Twitter as a partner in Social Media but with whistle blowing coming to…
Peter Short