Garner R.,Computer History Museum
Proceedings of the IEEE | Year: 2013
Discusses the developments that led to the end of the century-long era of punch-card data processing and ushered in the era of stored program computing for the period 1950 through 1970. © 1963-2012 IEEE.
News Article | March 22, 2015
Analysts have estimated that in 2012, nearly 10 billion ad impressions were compromised by malvertising. Who knows how high that number is today? MOUNTAIN VIEW, Calif. -- If malware and virus-infected email, spoofed identities, phishing exploits and straightforward hacking into personal and enterprise IT systems aren't enough, there's a lesser-known security phenomenon wreaking plenty of havoc on its own: malvertising. Malvertising, derived from "malicious advertising," is the use of online advertising to spread malware. Simply mousing over an infected ad potentially can inject malware-laden code from legitimate online advertising networks and Web pages into your browser, and then eventually into your PC, if the PC is not properly protected. Some of the more sophisticated malvertising ads can even work around firewalls. Malvertising is a relatively new concept for spreading malware; it is even harder to combat than other forms because it can work its way into a Web page and spread through a system unknown to a user.Malvertising does not require user action (such as a click) to compromise the system and it does not exploit any vulnerabilities on the website or the server on which it is hosted. Infections delivered through malvertising silently travel through Web page advertisements.Online advertisements are a powerful platform for spreading malware, because significant effort is put into them in order to attract users and sell a product. "The punch line here is that this (malvertising) is very attractive to bad guys," Elias Manousos, co-founder and CEO of RiskIQ told the audience March 18 at the Security Innovation Network's IT Security Entrepreneurs Forum 2015 at the Computer History Museum here. "And why is it attractive? It comes down to targeting. Ads have evolved to target you as a consumer. The bad guys have figured this out. "If you're using the Internet at a hotel, a coffee shop, or even here at this conference, you're being targeted by ads. When you go home, you're being targeted by ads. Those advertisers know you were here and you went home."Targeting is characteristic of the perfect weapon, Manousos said. "Weapon delivery systems need targeting, and the ad ecosystem is delivering a targeting vehicle. Fundamentally, targeting breaks down into geolocation, IP address, your interests, and the intent that you have to actually buy a product or service. It's a very big representation of who you are," Manousos said. So the sophisticated Internet vehicle for delivering advertisements -- which has evolved into a true science 20 years into the history of the mainstream Internet -- is also carrying a huge amount of malware through its networks. Analysts have estimated that in 2012, nearly 10 billion ad impressions were compromised by malvertising. Who knows how high that number might be today? What's probably most disturbing about these malvertising ads is that they can scale very quickly, Manousos said. "They (the bad actors) can actually take an ad and scale it very broadly. Now that it's much targeted, once I get one person, then I can scale that around to thousands of Web sites and touch millions of people," he said. They are hard to detect, because if the bad guys just want to get one user, there's no collateral damage, Manousos said."The ad is the lowest barrier (to security), because the ad ecosystem has fundamental flaws," he said. "When I found this out, I almost considered being a bad guy -- almost literally. I don't have to hack a site; I don't have to send out a million emails; I don't have to do a botnet. I can get to the same people, in a targeted way, through this ad system." Malvertising has been utilized for a long time -- undoubtedly for years -- but a publicly reported example came to light big time last fall, when advertisements with malicious code began showing up on a group of popular news and entertainment sites. They were infecting some visitors' computers with a backdoor botnet designed to gather information on their systems and install additional malicious code. This was chronicled here by eWEEK security contributor Robert Lemos in Ars Technica. The attack impacted visitors to The Jerusalem Post, The Times of Israel, The Hindustan Times, Internet music service Last.fm , and India-focused movie portal Bollywood Hungama, among other sites. The malware campaign involved the compromise of San Francisco-based Internet advertising network Zedo, which provided advertising for the sites -- and whose network was used to distribute malicious ads. For 10 days, the company investigated multiple malware reports, retracing the attacker's digital footsteps to identify the malicious files and shut the back door to its systems. It took some time, but Zedo eventually was able to shut off the flow of malvertising for all its sites.That's what it's all about: back doors. Data and device protection from malvertising requires attention from all sides: *Web developers have to take stock of these threats when building their sites to make sure that these back doors either a) do not exist, or b) cannot be entered. *Ad-serving providers must be equally vigilant. * Users must have Web-aware security software active at all times. “We need new approaches in order for protection schemes to anticipate and identify these ads and disable them before they can do damage,” Manousos said. Security thought leaders and companies must keep innovating and working to find ways to stop and/or circumvent the malevolent interests who are perpetrating malvertising. "As it is right now, the malvertising bad guys can just sit at home and let their wares work and don't have to change a thing in this ecosystem," Manousos said. "The Internet economy is at risk of the very thing that powers it: Internet advertising. Global adversaries now infiltrate the ad ecosystem on a daily basis, injecting malware into Web and mobile devices via malvertisements. Ads are everywhere; everyone is affected. With so much at stake, it’s critical we detect and defend against this threat," Manousos said.
News Article | March 19, 2015
In late February, Tom Harari sat down to do something he hadn't done for a few months: plot his company’s revenue on a simple line graph. Harari’s laundry-on-demand startup, Cleanly, had been in growth mode, rapidly expanding its laundry delivery service from two New York City neighborhoods in early January to cover much of Manhattan by the end of February. The number of orders had jumped by an average of 25% per week. He looked at the chart and saw an arrow skyrocketing to the top right quadrant. Even if everything fell apart before Cleanly completed Y Combinator's winter 2015 batch, a program organized by the ultracompetitive Silicon Valley startup factory that I’ve been writing about for the past few months, even if growth slowed considerably, Harari and his cofounders, Itay Forer and Chen Atlas, would have six or seven times the number of weekly orders they’d started with. His growth plan was working. In fact, in the parlance of Y Combinator, Cleanly had entered the rarified territory known as hypergrowth. "Oh, shit," Harari recalls thinking. "It’s really taking off." Up until this point, Harari had felt apprehensive. Cleanly is one of 114 startups working in the current class. While just getting into YC had been an accomplishment, at present, only one of every 100 YC startups reaches a valuation in excess of $1 billion (aka, unicorn status), making the odds of breakout success long indeed. Moreover, washing people's whites for $1.50 a pound, as Harari's startup does, seems sort of pedestrian when compared with the biotech and hardware startups that YC has lately embraced. Harari doesn't make artificial limbs, and his company hasn't raised $14 million in venture-capital funding. "There are these darlings of the batch," Harari says. "Some of these people are doing really advanced stuff. We’re delivering laundry." Early next week, Harari will share a spruced-up version of his hypergrowth chart as the centerpiece of his Demo Day presentation. Harari, like every YC founder, will have 150 seconds to pitch 500 investors, entrepreneurs, and journalists at the two-day, invitation-only event. Harari's self-deprecation notwithstanding, competition to buy a piece of a fast-growing company like Cleanly as part of a seed investment round is so hot that some top angel investors, seemingly unable to avoid getting sucked into the deal-making frenzy, have preferred to stay away. Meanwhile, the high valuations and on-the-spot check writing has caused some investors to warn of a looming crisis in startup finance, the so-called "Series A Crunch." YC founders begin thinking about Demo Day, which starts Monday, March 23 at the Computer History Museum, as soon as they're accepted into the program. But practice began in earnest just this week, with startups pitching their peers first in small groups, and then running their spiel in front of the entire batch. On Sunday, founders will pitch a room full of YC graduates as part of Alumni Demo Day, a sort of dress rehearsal before the big show. Officially speaking, nobody will be soliciting investment from the stage, and Harari tells me that he doesn't need to raise money. "We're a few months away from being profitable," he says. "We don't want to get distracted by fundraising." This may be true, but it's also undoubtedly a bit of gamesmanship that allows him and his peers to ensure that when they do raise money, they'll be able to do so at the most favorable terms possible. "No one wants you if you seem desperate," Paul Graham wrote in 2013, comparing fundraising to courtship. Almost no YC startup will admit to raising money in the days before Demo Day, but almost everybody secretly is. "The common strategy is there’s a deal offered before Demo Day, and a different deal after," says Paige Craig, a Los Angeles-based angel investor whose portfolio includes Lyft and the recent YC standout ZenPayroll. "It’s invest now and get a better deal, or invest later." Typically, a hot company might offer a handful of well-respected investors a chance to invest at, say, an $8 million cap before Demo Day, with an eye to doubling that valuation for those who invest after the big event. The idea is to create a little buzz and help convince others who might be on the fence to hurry up and make a decision before it’s too late. "Almost every smart founder does that," Craig explains. The process resembles the invisible primary in presidential elections, when candidates feel out influential donors before officially announcing their candidacy. "If you show up on Demo Day with no investors, it can be harder to get that first handshake," says Kyle Vogt, a two-time YC grad who cofounded the company that became Twitch, and who now runs the self-driving-car startup Cruise. During the last few weeks of Cruise's stint at YC, Vogt says he and his fellow startup founders felt pressure to close at least one deal before taking the Demo Day stage. "You hear about other people in the batch doing deals," he says. "It turns into this thing where it’s like, ‘How’s your product doing? How’s your growth? How much have you raised?’" YC’s weekly dinners give big investors exposure to the superstars of the batch. (A few weeks back, Ron Conway told me he would use his speaking slot to suss out the best deals.) YC also organizes a series of informal meetings between startup founders and investors, generally at least three per startup. These one-on-one sessions are, technically speaking, practice, and investors are encouraged to give feedback rather than write checks. "Most startups freeze up the first time they meet investors," YC President Sam Altman explains. "It’s terrible; they don’t know what to talk about." These meetings sometimes result in early deals that help stoke further interest come Demo Day. Altman insists that matters of investor buzz and stagecraft are secondary, a sentiment echoed by every YC founder I've spoken with over the course of my reporting over the past few months. "We’ve been focused as much as possible on the product," says Mike Chen, CEO of Magic, the text-for-what-you-want startup that launched last month and which, over the past five weeks, has grown from an initial founding team of five to more than 20 employees to handle the demand. "None of us believes that raising money is the secret to making this work." Chen's two-and-a-half minute pitch will likely be among the most anticipated come Demo Day. He and his team entered YC with Bettir, a blood-pressure-tracking app, but pivoted last month after they decided that the company was failing to live up to its potential. "We were hitting our metrics and everything on paper looked good," Chen says. "But there was this itch in our brains that we were not nailing it the way we could." One afternoon, Chen joked to one of his cofounders that they should take Graham's aphorism, "Make something people want," literally. And what Chen really wanted was to send a text message and have food appear. So he built a little app, someone posted it to Product Hunt, a YC alum and the cool tech kids' hangout to learn about new stuff. In a matter of days, tens of thousands of people signed up for Magic's waiting list, and tech blogs went crazy for it. Chen says that in addition to the hundreds of orders a day that his company is processing, a few people have texted that what they really desired from Magic was the chance to invest in the sudden hypergrowth startup. Did Chen give them what they wanted? "I don’t want to comment on that," he says, coyly. Next Week: Y Combinator's New Launchpad. This is part 11 in a series. Clarification: An earlier version of this story overstated the regulatory risks of startup fundraising.
News Article | November 2, 2015
It’s a big day for us at 500 Startups. Today, we officially open applications for Batch 16 on AngelList, and welcome the arrival of our Batch 15 companies! Batch 15 is a group of scrappy start-ups that explores unusual markets, including postpartum care, underwater robots, airplane maintenance, and even crocheting. Most are later-stage seed companies, doing anywhere between $10K-$100K per month in revenue. 33% of Batch 15 have at least one female founder, and 43% are international. Check out the official coverage of Batch 15 by TechCrunch. More details on the latest additions to the 500 Family below (including fun facts submitted by the founders themselves!). Applications for Batch 16 here. #links Ultimate personalized & visual job hunting app for startup & …
News Article | November 2, 2015
500 is not your typical VC. So it should come to no surprise that when it comes to important events like Demo Day, we like to do things a little differently. As 500 Partner and Master of Ceremonies Sean Percival quipped, “This is not YC Demo Day. You’re allowed to have fun here.” On the eve of the spookiest day of the year, our fourteenth batch of accelerator startups and nine post-seed companies pitched at 500’s first-ever “Demo-Ween”. Hundreds of investors and a cast of colorful characters packed the Computer History Museum, including a quirky queen of hearts (Founding Partner Christine Tsai) and one greedy, blood-sucking count of a VC (our very own Dave McClure). Thousands more tuned into our live stream at 500demoday.co. At 500, our investments are as diverse as our people. Friday’s pitches covered a variety of industries including health care, cannabis, neighborhood watch, and custom 3D printing. 38% of Batch 14 founders are international and 25% are female. Check out the original batch announcement here. We’d like to thank all the guests and friends who attended or watched the live stream of our first-ever DEMO-WEEN. Missed out on the action? Get caught up and learn about the companies that presented here. You can also check out coverage by TechCrunch, Inc., and VentureBeat. Mattermark also ranked Batch 14 by their Mattermark growth scores. To get more details on Batch 15 and applications for Batch 16, follow us on Twitter and Facebook.