Mac and cheese. Peanut butter and jelly. Asparagus and … cannabis oil with a citrusy terpene profile? Welcome to the heady world of cannabis cuisine.
Source: Wired
The company filed a sprawling environmental report for the Loop, a proposed network of tunnels that would move people from Baltimore to Washington in 15 minutes.
Source: Wired
The console is headed to shelves in the region thanks to technology company Tencent.
Source: Wired
The French government just launched its own messaging app called Tchap in order to protect conversations from hackers, private companies and foreign entities. But Elliot Alderson, also known as Baptiste Robert, immediately found a security flaw. He was able to create an account even though the service is supposed to be restricted to government officials.
Tchap wasn’t built from scratch. The DINSIC, France’s government agency in charge of all things digital, forked an open source project called Riot, which is based on an open source protocol called Matrix.
In a few words, Matrix is a messaging protocol that features end-to-end encryption. It competes with other protocols, such as the Signal Protocol that is widely used by consumer apps, such as WhatsApp, Signal, Messenger’s secret conversations and Google Allo’s incognito conversions — Messenger and Allo conversations aren’t end-to-end encrypted by default.
Riot is a Matrix client that works on desktop and mobile. You can join rooms, start private conversations, share photos and do everything you’d expect from a modern messaging app. Here’s what it looks like:
Developing Tchap became essential as Emmanuel Macron’s campaign team relied heavily on Telegram — the French government still uses Telegram and WhatsApp for many sensitive conversations. By default, Telegram doesn’t use end-to-end encryption. In other words, people working for Telegram could easily read Macron’s conversations. It’s a serious security weakness.
Similarly, you don’t want the Ministry of Defense to use Slack to talk about sensitive operations. The U.S. government could potentially issue a warrant to access those conversations on Slack’s servers.
Tchap features end-to-end encryption, and encrypted messages are stored on French servers. Access is restricted to government officials as you need to have an active email address that ends in @something.gouv.fr, or in @elysee.fr.
Yesterday, Alderson found out that you can create an account and access public channels even if you don’t have an official address. Adding @elysee.fr at the end of his email address was enough to receive the confirmation email to his real email address.
Alderson quickly disclosed the bug to the Matrix team. Matrix quickly issued a fix and deployed it. It was related to the identification system used by the French government.
According to Alderson, there’s a bug in the parsing method used in a well-known Python module. The bug hasn’t been fixed since July 2018.
The good news is that Tchap is officially launching today. The DINSIC managed to fix this security flaw just in time before the official launch and somebody could leverage it. In its press release, the government says that the DINSIC will launch a bug bounty program to identify other vulnerabilities.
Source: TechCrunch
Tired of your Mac’s default music player? Take a look at our picks for the best free music players available for your Apple rig. Whether you’re a casual listener or an audiophile, you’re sure to find something that fits your needs here.
The post The best free music players for MacOS appeared first on Digital Trends.
Source: Digital trends
Australian comic Chris Lilley returns to playing multiple grotesqueries—but fails to update his comedic sensibility to the times.
Source: Wired
At TED 2019, neuroscientist Matthew Walker argued that sleep deprivation is having a catastrophic effect on our health and safety—here are all the ways.
Source: Wired
We review the Motorola Moto G7, Moto G7 Power, and Moto G7 Play, three good reasons to consider a cheaper phone this year.
Source: Wired
Another day, another dollar off. Normally $149, the screen-equipped smart assistant hits its lowest price yet.
Source: CNET
Back in January, Sequoia India announced plans for its first early-stage startup accelerator program in India and Southeast Asia, and today the firm revealed the first cohort of 17 startups.
To recap, the program — which is called Surge — gives each startup a $1.5 million check and participation in a four-month program that’s split across India and Singapore, as well as the wider Sequoia global presence in China and San Francisco.
The program kicked off last month, but the startups were only unveiled for the first time today — here they are:
There’s one additional startup which is being kept ‘under the radar’ for now, Sequoia said.
Sequoia India managing director Shailendra Singh previously told TechCrunch that Surge would support a ‘curated’ selections of fellow VCs who could invest alongside in the cohort alongside the firm, and Sequoia said that the 17 startups have attracted a total of $36 million in investment. A spokesperson also pointed out that five of the selection have at least one female co-founders, which is almost certainly above average for the region although it is tricky to get reliable data covering India and (in particular) Southeast Asia.
Surge is an interesting effort for Sequoia, which has traditionally played in post-seed and growth stages of the investment cycle. Sequoia closed its most recent fund for India and Southeast Asia at $695 million last year, and it also has access to a globally active ‘growth’ fund that is targeted at $8 billion. Reports have suggested that Surge will get its own sparkling new $200 million fund, which would make a lot of sense given the potential conflict and confusion of investing via its main fund. But the firm is declining to comment on that possibility for now.
One major addition to the program that has been confirmed, however, is Rajan Anandan, the executive who previously ran Google’s business in India and Southeast Asia and is a well-known angel investor. His arrival was announced earlier this month and he will lead the Surge initiative.
His recruitment is a major win for Sequoia, which is betting that Surge’s early stage push will reap it richer dividends in India and Southeast Asia. That part remains to be seen, but certainly, there is a dearth of early-stage programs in both regions compared to other parts of the world.
Source: TechCrunch