Uber’s ex-security chief was found guilty of covering up a major data breach in 2016

Joseph Sullivan, who used to serve as Uber’s security chief, was convicted of federal charges for hiding a 2016 data breach from authorities. According to The New York Times, a jury in a San Francisco federal court has found Sullivan guilty of obstructing the FTC’s ongoing investigation into Uber at the time for another breach that occurred in 2014. He was also found guilty of actively hiding a felony from authorities. Sullivan’s case, believed to be the first time an executive has faced criminal charges over a hack, revolves around how the former executive dealt with the bad actors who infiltrated Uber’s Amazon server and demanded $100,000 from the company.

The hackers got in touch with Uber shortly after Sullivan sat for a deposition with the FTC for its investigation of the 2014 cybersecurity incident. They told him they found a security vulnerability that allowed them to download the personal data of 600,000 drivers and additional information linked to 57 million drivers and passengers. As The Washington Post reports, it was revealed later on that the hackers found a digital key that they used to get into Uber’s Amazon account. There, they found an unencrypted backup collection of personal data on passengers and drivers.

Sullivan pointed them to the company’s bug bounty program, which had a max payout of $10,000. The hackers wanted at least $100,000, however, and threatened to release the data they’d stolen if Uber didn’t pay up. The former security chief paid them the amount they demanded in bitcoin and made it appear as if they’d been paid under the bug bounty program — an action reportedly sanction by then Uber chief executive Travis Kalanick. He also tracked them down and made them sign nondisclosure agreements.

The former executive’s camp argued that Sullivan felt Uber’s user data was protected after the hackers signed an NDA. “Mr. Sullivan believed that their customers’ data was safe and that this was not some incident that needed to be reported. There was no coverup and there was no obstruction,” his lawyer David Angeli said. But prosecutors disagreed and viewed his use of NDAs as a way to cover up the incident. Further, they stressed that the incident shouldn’t have been qualified for a payout under the bug bounty program, which is meant to reward friendly security researchers, when the bad actors threatened to release users’ personal information if they didn’t get paid the amount they wanted.

In the end, the jury agreed with the prosecutors that Sullivan should have notified the FTC about the data breach. It wasn’t until Dara Khosrowshahi took over as CEO that the FTC was informed of the event. A sentence hasn’t been handed down yet, but Sullivan now faces five years in prison for obstruction and up to three more years for failing to report a felony. 

Zipline drones will deliver medicine to communities in Utah

Zipline has teamed up with a healthcare provider servicing the Intermountain Region in the US to deliver medicine to customers using its drones. The company has started doing drone deliveries to select Intermountain Healthcare patients in the Salt Lake Valley area. For now, it can only do drops for local communities within several miles of its distribution center. Zipline intends to add more centers over the next five years, though, so it can eventually expand beyond Salt Lake Valley and deliver medicine throughout Utah. 

As TechCrunch notes, Zipline has long been deploying drones for delivery in Africa, and it wasn’t until the pandemic that it started doing drops in the US. In 2020, it teamed up with Novant Health to ferry personal protective gear and other types of medical equipment to frontline healthcare workers tending to COVID-19 patients in North Carolina. Later that year, it signed a deal with Walmart to deliver health and wellness supplies to customers near the retailer’s headquarters in northwest Arkansas.

In June this year, the FAA authorized Zipline to conduct long range on-demand commercial drone deliveries in the US. The company said that the certification it received from the agency allows it to significantly expand its services in the country. That means we’ll see it expand its covered areas with current partners and perhaps see it sign agreements with more partner companies in the future. 

Intermountain Healthcare patients in the Salt Lake Valley area can now sign up for Zipline deliveries. The company will then evaluate their eligibility based on their location, their yard size — its target delivery area must be at least two parking spaces big — and their surrounding airspace. Zipline’s drones are six-foot gliders with a wingspan that’s 10 feet long. These drones fly 300 to 400 feet above the ground, though they drop down to an altitude of around 60 to 80 feet to deliver packages outfitted with a parachute.

Bijal Mehta, head of global fulfillment operations at Zipline, said in a statement:

“Think back to the last time you had a doctor’s visit and then had to trek to the pharmacy for your prescription, making what can already be a time-consuming experience that much more draining, or the last time your child was ill and you had to pack the family in the car just to get cold medicine. Zipline and Intermountain Healthcare are working together to eliminate the burdens that make it harder to get the care you need when you need it. We believe instant delivery is a key element to the future of healthcare and we are excited to bring our service to the Salt Lake City area to make people’s lives better, easier, and healthier.”

Amazon is killing its interactive Glow video device for kids

It has only been a year since Amazon launched Glow, its kid-focused video calling device that can also be used for interactive gaming. Now according to Bloomberg, Amazon is already discontinuing it, most likely due to lackluster sales. As the publication notes, Glow, while highly rated on Amazon, only has a bit over 500 reviews on the website. 

Another possible reason why the company is giving up on the device is a change in people’s behavior. Glow was created so kids could stay in touch with and play with relatives they don’t live with or regularly see. Now that people have gone back to their pre-pandemic routines, there’s even less of a demand for a specialized video calling device. 

Amazon spokesperson Kristy Schmidt confirmed to Bloomberg that the company is killing the device. They said:

“At Amazon we think big, experiment, and invest in new ideas to delight customers. We also continually evaluate the progress and potential of our products to deliver customer value, and we regularly make adjustments based on those assessments. We will be sharing updates and guidance with Glow customers soon.”

Glow was a product of Amazon’s secretive Grand Challenge moonshot laboratory, which works on experimental projects, such as those involving cancer and last-mile delivery. It has a projector that beams games onto a 19-inch mat, and kids can interact with the projected image to play with their loved ones even from afar. The device comes with Tangram Bits, which are physical pieces kids can use to solve puzzles. It also comes with a free year-long subscription to Amazon Kids+ that’s necessary to be able to access its games, books and other activities. After that ends, users will have to pay $8 per month for the subscription, or $5 if they’re a Prime member. 

Only those who already have a Glow will have to worry about future costs associated with the subscription, though. Amazon listed the device for 55 percent off, or $150, a few days ago, but now it doesn’t seem to be available for purchase anymore.

DDoS attack on ‘Overwatch 2’ servers prevents fans from playing the game on launch day

Overwatch 2’s early access launch has been marred by a few bugs and a massive DDoS attack preventing players from getting into the game. Fans have been reporting getting stuck on the loading screen and getting one error after another. They’re also put in queue behind hundreds — and in some cases, even tens of thousands — of other players also trying to get in. Blizzard president Mike Ybarra initially tweeted that the game is experiencing server issues and that the company’s teams are working hard to fix it. In a follow-up tweet, though, the executive admitted that the game is “experiencing a mass DDoS attack” on its servers causing drop and connection issues.

Blizzard developed the new free-to-play shooter for the Nintendo Switch, PlayStation 4, PlayStation 5, Windows, Xbox One and Xbox Series X|S. The new game reduces team sizes from six to five, so a team gets only one tank. It also comes with new maps, new heroes and new features, such as the ability to place a Ping on the enemy’s location to point them out to the rest of the team. Servers for the original Overwatch went offline shortly after its sequel launched, so fans have no choice but to wait for Blizzard to fix the issue before they can play the game again. 

Aside from mitigating the DDoS attack, Blizzard also has to fix quite a few bugs that made themselves known upon launch. They include items and currency going missing from players’ collections, sections not populating, some areas becoming inaccessible, actions resulting in a blackscreen and Blizzard’s SMS Protect leaving the client unusable. 

In a tweet, Overwatch 2 game director Aaron Keller said Blizzard will work throughout the night to deal with server issues and a second DDoS attack.

Google’s second-gen wired Nest Doorbell is smaller and offers improved imaging

Google has launched Nest’s second-generation wired doorbell for those who don’t want to monitor their device’s battery levels or to worry about spotty WiFi. The device is around 30 percent smaller than its battery-powered counterpart and could better fit smaller and narrower spaces. 

Google said it spent a lot of time fine-tuning this model, testing it in various conditions to ensure the images it produces are clear and identifiable and giving it HDR support to capture more details. It was also able eliminate the distorted fish-eye effect that’s typical in footage seen from doorbell cameras. Apparently, DXOMark, a website known for assessing smartphone lenses and cameras, consider the device the best doorbell camera it has tested in terms of image quality. Images taken by the doorbell have a high level of details so that it’s easy to recognize who’s at the door, even at night, the website said. 

Like other Nest camera devices, this one has the power to recognize what it sees, whether it’s a person, a pet or a vehicle that passes by, so it can send accurate alerts. Users can also chat with whoever’s at the door with its “talk and listen” feature, or they could also pre-record messages to respond to visitors dropping in. 

The model can record an hour’s worth of important events — significant sounds, motion and other activity that it detects — in its internal memory. Plus, Nest can keep three hours of event video history with footage of up to five minutes each for free. Users who choose to upgrade and pay for Nest Aware subscription worth $6 a month can have access to event video history for 30 days. Those willing to pay $12 for a Nest Aware Plus subscription will have access to 60 days of event video history and 10 days of 24/7 continuous video recording.

Finally, the new wired Nest doorbell was built to work more seamlessly with the Google Home app, allowing users to create routines, such as programming their porch lights to change settings when someone rings the doorbell. In the future, Google also will roll out an update to the Home website, giving users a way to view all their Nest doorbell and camera feeds on the web. The model is now available in Snow, Linen, Ash and Ivy in the US for $180. In Canada, the Snow and Ash color variants are now also out for CA$240.

Google Nest
Google Nest

Google’s Nest Renew program can now help US customers prioritize clean energy use

Google introduced an initiative called Nest Renew last year to help you use more clean energy for your home if you have one of the brand’s thermostats. Back then, only those who got an invite to preview the solution could join the program. Starting today, however, you can join Nest Renew for free, so long as you’re in the continental US and have a third-gen Nest Learning Thermostat, the latest base Nest Thermostat model or a low-cost Nest Thermostat E

The program comes with a feature called Energy Shift that can automatically activate cooling or heating when there’s a higher concentration of electricity from clean sources by adjusting your thermostat accordingly. Power grids typically obtain energy from both fossil fuel and renewable sources, and the mixture isn’t always 50:50. Energy Shift works by gathering power grid forecasts from across the US every five minutes and then using its algorithms to determine the best times for when to run cooling and heating for your home. For instance, it can run cooling earlier in the day when the grid is getting power from more renewable sources and before emissions from electricity use are expected to rise.

Google said the feature was designed to make changes so subtle that you won’t even notice them. When the program launched, Nest product manager Jeff Gleeson told Engadget that “customers are always in control.” You can manually adjust your thermostat even after Energy Shift kicks in. The tech giant also said in its announcement that Energy Shift helped users prioritize cleaner energy usage for over 20,000,000 hours in all during the preview period.

While you can join the program for free, you can also choose to pay $10 a month for Nest Renew Premium if you want to match the fossil fuel electricity used in your home with renewable energy credits generated clean energy project from Google’s portfolio.

‘The Onion’ filed a real brief with the Supreme Court supporting man jailed for making fun of cops

When was the last time you’ve read an amicus brief? If you’re not involved in the legal profession, chances are you may have never actually spent precious time reading one. This amicus brief (PDF) could change that. It was submitted by The Onion, which describes itself in the brief as “the world’s leading news publication” with “4.3 trillion” readers that maintains “a towering standard of excellence to which the rest of the industry aspires.” In addition to running a highly successful news publication, The Onion said it “owns and operates the majority of the world’s transoceanic shipping lanes, stands on the nation’s leading edge on matters of deforestation and strip mining, and proudly conducts tests on millions of animals daily.” Oh, and its motto is “Tu stultus es.” That’s “you are dumb” in Latin. 

The Onion, of course, is the popular parody website that once named Kim Jong-un as the sexiest man alive. Its team has filed a very real amicus brief with the Supreme Court in support of Anthony Novak, who was arrested and jailed for four days after briefly running a Facebook page parodying the police department of Parma, Ohio back in 2016.

According to The Washington Times, Novak had suggested that the cops were racist and lacked compassion in about half a dozen posts within 12 hours that the page was up. Parma’s police department claimed back then that people were confusing its posts with real information from law enforcement. Novak filed a civil suit against the officers that arrested him and the city of Parma, arguing that his constitutional rights were violated. After a federal appeals ruled that the officers were protected by what’s known as “qualified immunity” for law enforcement, he took the battle to the Supreme Court. 

Despite writing the brief in the same voice its publication uses, and despite filling it with outlandish claims and hilarious quips, The Onion made a very real argument defending the use of parody and explaining how it works:

“Put simply, for parody to work, it has to plausibly mimic the original. The Sixth Circuit’s decision in this case would condition the First Amendment’s protection for parody upon a requirement that parodists explicitly say, up-front, that their work is nothing more than an elaborate fiction. But that would strip parody of the very thing that makes it function.

The Onion cannot stand idly by in the face of a ruling that threatens to disembowel a form of rhetoric that has existed for millennia, that is particularly potent in the realm of political debate, and that, purely incidentally, forms the basis of The Onion’s writers’ paychecks.”

As Bloomberg notes, Supreme Court Justices have yet to decide whether to hear the case.

Twitter gives its DMs on the Android app a more modern look

Twitter has started rolling out some changes for its Android app that gives people sliding into DMs a more visually appealing interface. The social network’s Android app has remained largely the same over the years, but this update, while pretty minor, was meant to give users “a smoother, more consistent experience overall.” Twitter says it set to work redesigning its DMs on Android after its teams evaluated the experience on the OS and determined that it needed an improvement. 

As you can see in the screenshots below, the messages view on the app look cleaner now, with rounder speech bubbles and text box at the bottom. The inbox itself also looks much less cluttered and is devoid of line breaks. Ditto for the message requests view, which now also shows an “x” button for each request that makes it easy to delete them. 

Twitter
Twitter

Twitter didn’t just give DMs on Android a shiny new veneer, though. The company said it also worked on its back-end and rebuilt it with proper architecture, improving its responsiveness and its scrolling performance. Twitter said it also redesigned the message composer, as well as the app’s tweet forwarding capabilities. 

The company has historically been slow to bring new features to the Android app — search, for instance, had been available on iOS and the web for almost a couple of years before it came to the mobile platform. Earlier this year, Twitter expanded search’s capability to make it easier to find the exact conversations users are looking for. That feature is available for both iOS and Android users.

Twitter
Twitter

Intel-owned autonomous driving tech company Mobileye files for an IPO

Mobileye, the self-driving tech firm that Intel had purchased for $15.3 billion back in 2017, has filed for an IPO with the Securities and Exchange Commission. When Intel first announced its plans to take Mobileye public late last year, the autonomous driving firm was expected to have a valuation of over $50 billion. Now according to Bloomberg, Intel expects Mobileye to be valued at around $30 billion, due to soaring inflation rates and poor market conditions. Regardless, it’s still bound to become one of the biggest offerings in the US for 2022 if the listing takes place this year. 

Intel intends to retain a majority stake in Mobileye, but Chief Executive Pat Gelsinger previously said that taking it public would give it the ability to grow more easily. He also said that the company plans to use some of the funds raised from the IPO to build more chip factories. Intel revealed its big and bold foundry ambitions in 2021 when it announced that the company is investing $20 billion in two Arizona fabrication plants. Back then, Gelsinger even proclaimed that he was pursuing Apple’s business. Earlier this year, the CEO revealed earmarking another $20 billion to build two fabrication plants in Columbus, Ohio. The company expects that facility to eventually become “the largest silicon manufacturing location on the planet.”

Mobileye didn’t specify how much a share would cost in its filing with the SEC. It did say, however, that it will use portion of the proceeds it will get from the IPO to pay debts. The firm also talked about its history in the filing and how its revenue grew from $879 million in 2019 to $1.4 billion in 2021, representing a growth of 43 percent year-over-year. 

Amazon’s Fire TV Stick 4K Max drops back down to an all-time low of $35

Amazon’s most powerful streaming stick is on sale yet again for Amazon’s second Prime Day sale in 2022. You can grab the Fire TV Stick 4K Max for $35, or $20 off its regular price. That’s how much it went for at this year’s first Prime Day event back in July, and it’s also the lowest price we’ve seen for the device on the website. The Fire TV Stick 4K Max supports Dolby Vision, HDR and HDR10+ content, as well as Dolby Atmos audio. It can also join WiFi 6 networks, and Amazon says it can start apps faster and has more fluid navigation than the basic Fire TV Stick 4K.

Buy Fire TV Stick 4K Max at Amazon – $35

Like other models, this one comes with a remote control that has preset buttons for Netflix, Prime Video, Disney+ and Hulu. Said remote is also powered by Alexa and can search content and launch them with just voice commands. You can even ask Alexa through the remote to dim your connected lights or check the weather. And if you have a compatible doorbell or security camera around your home, you can use its picture-in-picture capability to view its live feed on your screen without having to pause or remove whatever it is you’re watching. 

Out of all the Fire TV streaming devices, only the Cube set-top box is more powerful than the 4K Max. The Fire TV Cube is also on sale for $60 at the moment, or half off its original price. But if you want something cheaper, you can also get the non-Max Fire TV Stick 4K for $25 or the base Fire TV Stick for $20.

Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.