Tag: open source

Posted on by

Gretel announces $12M Series A to make it easier to anonymize data

As companies work with data, one of the big obstacles they face is making sure they are not exposing personally identifiable information (PII) or other sensitive data. It usually requires a painstaking manual effort to strip out that data. Gretel, an early stage startup, wants to change that by making it faster and easier to anonymize data sets. Today the company announced a $12 million Series A led by Greylock. The company has now raised $15.5 million.

Gretel co-founder and CEO Alex Watson says that his company was founded to make it simpler to anonymize data and unlock data sets that were previously out of reach because of privacy concerns.

“As a developer, you want to test an idea or build a new feature, and it can take weeks to get access to the data you need. Then essentially it boils down to getting approvals to get started, then snapshotting a database, and manually removing what looks like personal data and hoping that you got everything,”

Watson, who previously worked as a GM at AWS, believed that there needed to be a faster and more reliable way to anonymize the data, and that’s why he started Gretel. The first product is an open source, synthetic machine learning library for developers that strips out personally identifiable information.

“Developers use our open source library, which trains machine learning models on their sensitive data, then as that training is happening we are enforcing something called differential privacy, which basically ensures that the model doesn’t memorize details about secrets for individual people inside of the data,” he said. The result is a new artificial data set that is anonymized and safe to share across a business.

The company was founded last year, and they have actually used this year to develop the open source product and build an open source community around it. “So our approach and our go-to-market here is we’ve open sourced our underlying libraries, and we will also build a SaaS service that makes it really easy to generate synthetic data and anonymized data at scale,” he said.

As the founders build the company, they are looking at how to build a diverse and inclusive organization, something that they discuss at their regular founders’ meetings, especially as they look to take these investment dollars and begin to hire additional senior people.

“We make a conscious effort to have diverse candidates apply, and to really make sure we reach out to them and have a conversation, and that’s paid off, or is in the process of paying off I would say, with the candidates in our pipeline right now. So we’re excited. It’s tremendously important that we avoid group think that happens so often,” he said.

The company doesn’t have paying customers, but the plan is to build off the relationships it has with design partners and begin taking in revenue next year. Sridhar Ramaswamy, the partner at Greylock, who is leading the investment, says that his firm is placing a bet on a pre-revenue company because he sees great potential for a service like this.

“We think Gretel will democratize safe and controlled access to data for the whole world the way Github democratized source code access and control,” Ramaswamy said.

Read More

Posted on by

Tim Berners Lee’s startup Inrupt releases Solid privacy platform for enterprises

Inrupt, the startup from World Wide Web founder Tim Berners-Lee, announced an enterprise version of the Solid privacy platform today, which allows large organizations and governments to build applications that put users in control of their data.

Berners-Lee has always believed that the web should be free and open, but large organizations have grown up over the last 20 years that make their money using our data. He wanted to put people back in charge of their data, and the Solid open source project, developed at MIT, was the first step in that process.

Three years ago he launched Inrupt, a startup built on top of the open source project, and hired John Bruce to run the company. The two shared the same vision of shifting data ownership without changing the way websites get developed. With Solid, developers use the same standards and methods of building sites, and these applications will work in any browser. What Solid aims to do is alter the balance of data power and redirect it to the user.

“Fast forward to today, and we’re releasing the first significant technology as the fruits of our labor, which is an enterprise version of Solid to be deployed at scale by large organizations,” Bruce explained.

The core idea behind this approach is that users control their data in online storage entities called Personal Online Data Stores or Pods for short. The enterprise version consists of Solid Server to manage the Pods, and developers can build applications using an SDK to take advantage of the Pods and access the data they need to do a particular job like pay taxes or interact with a healthcare provider. Bruce points out that the enterprise version is fully compatible with the open source Solid project specifications.

The company has been working with some major organizations prior to today’s release including the BBC and National Health Service in the UK and the Government of Flanders in Belgium as they have been working to bring this to market.

To give you a sense of how this works, the National Health Service has been building an application for patients interacting with them, who using Solid can control their health data. “Patients will be able to permit doctors, family or at-home caregivers to read certain data from their Solid Pods, and add caretaking notes or observations that doctors can then read in order to improve patient care,” the company explained.

The difference between this and more conventional web or phone apps is that it is up to the user who can access this information and the application owner has to ask the user for permission and the user has to explicitly grant it and under what conditions.

The startup launched in 2017 and has raised about $20 million so far. Bruce and Berners-Lee understand that for this to take root, it has to be easy to use, be standards-based and and have the capacity to handle massive scale. Anyone can download and use the open source version of Solid, but by having an enterprise version, it gives large organizations like the ones they have been working with the support, security and scale that these companies require.

Read More

Posted on by

Microsoft launches Open Service Mesh

Microsoft today announced the launch of a new open-source service mesh based on the Envoy proxy. The Open Service Mesh is meant to be a reference implementation of the Service Mesh Interface (SMI) spec, a standard interface for service meshes on Kubernetes that has the backing of most of the players in this ecosystem.

The company plans to donate Open Service Mesh to the Cloud Native Computing Foundation (CNCF) to ensure that it is community-led and has open governance.

“SMI is really resonating with folks and so we really thought that there was room in the ecosystem for a reference implementation of SMI where the mesh technology was first and foremost implementing those SMI APIs and making it the best possible SMI experience for customers,” Microsoft partner program manager (and CNCF board member) Gabe Monroy told me.

Image Credits: Microsoft

He also added that, because SMI provides the lowest common denominator API design, Open Service Mesh gives users the ability to “bail out” to raw Envoy if they need some more advanced features. This “no cliffs” design, Monroy noted, is core to the philosophy behind Open Service Mesh.

As for its feature set, SMI handles all of the standard service mesh features you’d expect, including securing communications between services using mTLS, managing access control policies, service monitoring and more.

Image Credits: Microsoft

There are plenty of other service mesh technologies in the market today, though. So why would Microsoft launch this?

“What our customers have been telling us is that solutions that are out there today, Istio being a good example, are extremely complex,” he said. “It’s not just me saying this. We see the data in the AKS support queue of customers who are trying to use this stuff — and they’re struggling right here. This is just hard technology to use, hard technology to build at scale. And so the solutions that were out there all had something that wasn’t quite right and we really felt like something lighter weight and something with more of an SMI focus was what was going to hit the sweet spot for the customers that are dabbling in this technology today.”

Monroy also noted that Open Service Mesh can sit alongside other solutions like Linkerd, for example.

A lot of pundits expected Google to also donate its Istio service mesh to the CNCF. That move didn’t materialize. “It’s funny. A lot of people are very focused on the governance aspect of this,” he said. “I think when people over-focus on that, you lose sight of how are customers doing with this technology. And the truth is that customers are not having a great time with Istio in the wild today. I think even folks who are deep in that community will acknowledge that and that’s really the reason why we’re not interested in contributing to that ecosystem at the moment.”

Read More

Posted on by

Mozilla goes full incubator with ‘Fix The Internet’ startup lab and early stage investments

After testing the waters this spring with its incubator-esque MVP Lab, Mozilla is doubling down on the effort with a formal program dangling $75,000 investments in front of early stage companies. The focus on “a better society” and the company’s open-source clout should help differentiate it from the other options out there.

Spurred on by the success of a college hackathon using a whole four Apple Watches in February, Mozilla decided to try a more structured program in the spring. The first test batch of companies is underway, having started in April an 8-week program offering $2,500 per team member and $40,000 in prizes to give away at the end. Developers in a variety of domains were invited to apply, as long as they fit the themes of empowerment, privacy, decentralization, community, and so on.

It drew the interest of some 1,500 people in 520 projects, and 25 were chosen to receive the full package and stipend during the development of their MVP. The rest were invited to an “Open Lab” with access to some of Mozilla’s resources.

One example of what they were looking for is Ameelio, a startup whose members are hoping to render paid video calls in prisons obsolete with a free system, and provide free letter delivery to inmates as well.

“The mission of this incubator is to catalyze a new generation of internet products and services where the people are in control of how the internet is used to shape society,” said Bart Decrem, a Mozilla veteran (think Firefox 1.0) and one of the principals at the Builders Studio. “And where business models should be sustainable and valuable, but do not need to squeeze every last dollar (or ounce of attention) from the user.”

“We think we are tapping into the energy in the student and professional ‘builder communities’ around wanting to work on ideas that matter. That clarion call really resonates,” he said. Not only that, but students with canceled internships are showing up in droves, it seems — mostly computer science, but design and other disciplines as well. There are no restrictions on applicants, like country of origin, previous funding, or anything like that.

The new incubator will be divided into three tiers.

First is the “Startup Studio,” which involves a $75,000 investment, “a post-money SAFE for 3.5% of the company when the SAFE converts (or we will participate in an already active funding round),” Decrem clarified.

Below that, as far as pecuniary commitment goes, is the “MVP Lab,” similar to the spring program but offering a total of $16,000 per team. And below that is the Open Lab again, but with ten $10,000 prizes rather than a top 3.

There are no hard numbers on how many teams will make up the two subsidized tiers, but think 20-30 total as opposed to 50 or 100. Meanwhile, collaboration, cross-pollination, and open source code is encouraged, as you might expect in a Mozilla project. And the social good aspect is strong as well, as a sampling of the companies in the spring batch shows.

Neutral is a browser plugin that shows the carbon footprint of your Amazon purchases, adding some crucial guilt to transactions we forget are powered by footsore humans and gas-guzzling long-distance goods transport. Meething, Cabal, and Oasis are taking on video conferencing, team chat, and social feeds from a decentralized standpoint, using the miracles of modern internet architecture to accomplish with distributed systems what once took centralized servers.

This summer will see the program inaugurated, but it’s only “the beginning of a multiyear effort,” Decrem said.

Read More

Posted on by

Mozilla names long-time chairwoman Mitchell Baker as CEO

Mozilla Corporation announced today that it has chosen long-time chairwoman Mitchell Baker to be CEO, replacing Chris Beard who announced he would be stepping down at the end of the year last August.
Baker represents a logical choice to lead the company. At a time of great turmoil in the world at large, she brings the stability of someone who has been with Mozilla Corporation since 2003. Writing in a company blog post, she certainly recognized the challenges ahead, navigating through the current economic uncertainty and the competitive challenges the company faces with its flagship Firefox browser..
“It’s a time …

Read More

Posted on by

Deviceplane wants to bring over-the-air updates to Linux edge devices

Deviceplane, a member of the Y Combinator Winter 2020 class is developing an open source toolset to manage, monitor and update Linux devices running at the edge,

“We solve the hard infrastructure problems that all these companies face including network conductivity, SSH access, orchestrating and deployment of remote updates, hosting, application monitoring and access and security controls. It’s 100% open source, available under an Apache License. You can either host it yourself or you can run on the hosted version,” company founder and CEO Josh Curl told TechCrunch.

He could see this working with a variety of hardware including robotics, consumer appliances, drones, autonomous vehicles and medical devices.

Curl, who has a background in software engineering, was drawn to this problem and found that most companies were going with home-grown solutions. He said once he studied the issue, he found that the set of infrastructure resources required to manage, monitor and update these devices didn’t change that much across industries.

The over-the-air updates are a big part of keeping these devices secure, a major concern with edge devices. “Security is challenging, and one of the core tenets of security is just the ability to update things. So if you as a company are hesitant to update because you’re afraid that things are going to break, or you don’t have a proper infrastructure to do those upgrades, that makes you more hesitant to do upgrades, and it slows down development velocity,” Curl said.

Customers can connect to the Deviceplane API via WiFi, cellular or ethernet. If you’re worried about someone tapping into that, Curl says the software assigns the device a unique identity that is difficult to spoof.

“Devices are assigned an identity in Deviceplane and this identity is what authorizes it to make API calls to Deviceplane. The access key for this identity is stored only on the device, which makes it impossible for someone else to spoof this device without physical access to it.

“Even if someone were able to spoof this identity, they would not be able to deploy malicious code to the spoofed device. Devices never have access to control what software they’re running — this is something that can be done only by the developer pushing out updates to devices,” Curl explained.

The company intends to offer both the hosted version and installed versions of the software as open source, something that he considers key. He hopes to make money supporting companies with more complex installations, but he believes that by offering the software as open source, it will drive developer interest and help build a community around the project.

As for joining YC, Curl said he has friends that had been through the program in the past, and had recommended he join as well. Curl sees being part of the cohort as a way to build his business. “We were excited to be tapping into the YC network — and then being able to tap into that network in the future. I think that YC has funded many companies in the past that can be DevicePlane customers, and that can accelerate going forward.”

Curl wasn’t ready to share download numbers just yet, but it’s still an early stage startup looking  to build the company. It’s using an open source model to drive interest, while helping solve a sticky problem.

Source: TechCrunch

Posted on by

HPE acquires cloud native security startup Scytale

HPE announced today that it has acquired Scytale, a cloud native security startup that is built on the open-source Secure Production Identity Framework for Everyone (SPIFFE) protocol. The companies did not share the acquisition price.

Specifically, Scytale looks at application-to-application identity and access management, something that is increasingly important as more transactions take place between applications without any human intervention. It’s imperative that the application knows it’s OK to share information with the other application.

This is an area that HPE wants to expand into, Dave Husak, HPE fellow and GM of cloudless initiative wrote in a blog post announcing the acquisition. “As HPE progresses into this next chapter, delivering on our differentiated, edge to cloud platform as-a-service strategy, security will continue to play a fundamental role. We recognize that every organization that operates in a hybrid, multi-cloud environment requires 100% secure, zero trust systems, that can dynamically identify and authenticate data and applications in real-time,” Husak wrote.

He also was careful to stress that HPE would continue to be good stewards of the SPIFFE and SPIRE (the SPIFFE Runtime Environment) projects, both of which are under the auspices of the Cloud Native Computing Foundation.

Scytale co-founder Sunil James, writing in a blog post about the deal, indicated that this was important to the founders that HPE respect the startup’s open-source roots. “Scytale’s DNA is security, distributed systems, and open-source. Under HPE, Scytale will continue to help steward SPIFFE. Our ever-growing and vocal community will lead us. We’ll toil to maintain this transparent and vendor-neutral project, which will be fundamental in HPE’s plans to deliver a dynamic, open, and secure edge-to-cloud platform,” he wrote.

Scytale was founded in 2017 and had raised $8 million, according to PitchBook data. The bulk of that was in a $5 million Series A last March led by Bessemer. The deal closed today.

Source: TechCrunch

Posted on by

Hyperledger Fabric, the open source distributed ledger, reaches release 2.0

The open source Hyperledger Foundation announced the release of Hyperledger Fabric 2.0 today, the first such project to reach a 2.0 release.

It’s a notable milestone. The blockchain as a business tool has certainly had a rocky road over the last few years, but there is still plenty to like about smart contracts that have automated compliance checks built in. Hyperledger Fabric 2.0 has lots of new features with that in mind.

The biggest updates involve forcing agreement among the parties before any new data can be added to the ledger, known as decentralized governance of the smart contracts. In practice, it means that the system will prevent any entity from writing to the ledger until there is consensus among the parties involved in the transaction, a basic blockchain tenet.

This is a requirement because the beauty and the curse of the distributed ledger is that it is an immutable record. Once you have written something in the ledger, it becomes very difficult to change it without the agreement of all those involved in the contract. You want to make sure you get it right before you commit something to the ledger.

Along those same lines, developers can build in automated checks along the way. As they say, this ensures the parties can “validate additional information before endorsing a transaction proposal.”

Brian Behlendorf, Executive Director at Hyperledger and a big advocate of open source distributed ledger technology, says this is a big milestone for the project and the organization as it looks to help organizations adopt distributed ledger technology.

“Fabric 2.0 is a new generation framework developed by and for the enterprises that are building distributed ledger capabilities into the core of their businesses. This new release reflects both the development and deployment experience of the Fabric community and confirms the arrival of the production era for enterprise blockchain,” Behlendorf said in a statement.

That remains to be seen. The rise of blockchain in business has moved at a slow pace, but this release shows that the open source community is still committed to building enterprise-grade distributed ledger technology. Today’s announcement is another step in that direction.

Source: TechCrunch

Posted on by

Kadena fulfills hybrid blockchain vision with launch of public chain

For the last few years blockchain startup Kadena, has been working on a vision of bringing blockchain to the enterprise. Today it announced the final piece of that vision with the launch of the Kadena public blockchain.

In earlier releases, the company offered the ability to build private blockchains on AWS or Azure. Company co-founder and CEO Will Martino says the public network brings together public and private chains in a hybrid vision for the first time.

“The big exciting thing is that the public chain is out, smart contracts are about to turn on, and that allows us to then go and hit the market with what we’re calling these hybrid applications. These are applications that run both on a private blockchain, but have public smart contracts that allow people on the public side to interact with the private chain,” Martino explained.

The smart contracts are a set of rules that must be met and validated for the private and public chains to interact. Only valid actors and actions as defined in the smart contract will be allowed to move between the two chains.

Overcoming scaling issues

One of the major challenges with building a chain like this has been scaling it to meet the needs of enterprise users. Martino says that his company has solved this problem and can scale from the 10 chains today to 10,000 or more in the future as the company grows. He further claims that his company is the only one one with a tractable roadmap capable of achieving this.

Martino says this could help push companies who have been dabbling in blockchain technology in the last couple of years to take a bigger leap. “This is a watershed moment for enterprises. Up until now, they’ve never had a platform that they could go and use on a public blockchain platform and know that it’s going to have the throughput they need if the product they deployed on that blockchain has legs and starts to take off.” Martino says this blockchain has that.

Kadena public blockchain in action.

Kadena has also developed an open source smart contract language called Pact that Martino says allows a lawyer with Excel-level programming understanding to write these contracts and place them on the chain.

“There are a lot of lawyers who are good with Excel, so you can actually hand the smart contracts to a lawyer and have them review them for compliance. And that’s a crazy idea but we think it’s fundamental because when you’re representing core business workflows that are sensitive, you need to be absolutely certain they are compliant.”

Show me the money

The company is making all of the basic pieces available for free. That includes the private chain development tools on AWS and Azure, the public chain released today along with the Pact smart contract language.

Martino says that there are a couple of ways for the business to make money. For starters, it’s building partnerships where it helps companies in various sectors from financial services to insurance and healthcare build viable hybrid applications on the Kadena blockchain. When they make money so will Kadena.

Secondly, they control a bushel of tokens on their public network, which have value, and if the vision comes to fruition, will have much more over time. They will be able to sell some of these tokens on the public market and make money. Right now he says the tokens have a value of between 20 cents and a dollar, but he expects that to increase as the network becomes more viable.

The blockchain has lost some of its luster as it has moved through the enterprise hype cycle in recent years, but if Kadena can succeed in building a fully decentralized, scalable blockchain, it could help push the technology deeper into the enterprise.

Source: TechCrunch