Ghostery revamps its privacy-focused mobile browsers

Ghostery revamps its privacy-focused mobile browsers

Ghostery is launching new versions of its browsers for iOS and Android. In fact, Director of Product Jeremy Tillman said this is the first big update to Ghostery’s mobile browsers in several years.

It’s not that mobile wasn’t a priority for the team before this, but Tillman said, “In our previous company, we didn’t have a ton of resources — we always had to choose which thing to work on.” Apparently that changed last year with Ghostery’s acquisition by German browser company Cliqz.

The first big launch after the acquisition was Ghostery 8, the latest version of the team’s privacy-focused extension for desktop browsers. Next up: Bringing those features over to mobile.

Tillman said the goal was to create “a browser that can go toe-to-toe with Chrome” while also incorporating Ghostery’s privacy protection capabilities. Those capabilities include the ability to block different kinds of ad tracking by category (tracking for advertising, adult advertising and site analytics are turned on by default).

There’s also a built-in ad blocker, and Ghost Search, a privacy-focused search engine based on Cliqz technology that does not store any personally identifiable information. (If you’re not satisfied with the Ghost Search results, you can also see results from other search engines.) The presentation is different from a standard search engine, with three “dynamic result cards” that surface content as soon as you start entering search terms. And there’s Start Tab, a home screen that highlights your favorite or most visited sites, as well as the latest news stories.

The Android version includes additional features, including AI-powered anti-tracking and “smart blocking” that’s supposed to improve page performance.

Tillman described the result as “a cleaner, faster, safer mobile browsing experience.” He also said that moving forward, Ghostery will be working to provide “an ecosystem of products” that “protect our users wherever they’re interacting with the Internet.”

The launch comes as the big Internet platforms face growing scrutiny over how they handle user data. Tillman argued that by simply giving consumers a more privacy-friendly alternative, “We’re sort of collectively negotiating a better Internet for them” — and he’s hoping Ghostery can be more involved as publishers try to find alternatives to advertising.

“Our goal isn’t to, say, topple Google and Facebook, but to provide that alternative to those that want it — both for content creators but also for users themselves,” he said.

Source: Mobile – Techcruch

Committed to privacy, Snips founder wants to take on Alexa and Google, with blockchain

Committed to privacy, Snips founder wants to take on Alexa and Google, with blockchain
Earlier this year we saw the headlines of how the users of popular voice assistants like Alexa and Siri and continue to face issues when their private data is compromised, or even sent to random people. In May it was reported that Amazon’s Alexa recorded a private conversation and sent it to a random contact. Amazon insists its Echo devices aren’t always recording, but it did confirm the audio was sent.
The story could be a harbinger of things to come when voice becomes more and more ubiquitous. After all, Amazon announced the launch of Alexa for Hospitality, its Alexa system for hotels, in June. News stories like this simply reinforce the idea that voice control is seeping into our daily lives.
The French startup Snips thinks it might have an answer to the issue of security and data privacy. Its built its software to run 100% on-device, independently from the cloud. As a result, user data is processed on the device itself, acting as a potentially stronger guarantor of privacy. Unlike centralized assistants like Alexa and Google, Snips knows nothing about its users.
Its approach is convincing investors. To date, Snips has raised €22 million in funding from investors like Korelya Capital, MAIF Avenir, BPI France and Eniac Ventures. Created in 2013 by 3 PhDs, and now employing more than 60 people in Paris and New York, Snips offers its voice assistant technology as a white-labelled solution for enterprise device manufacturers.
It’s tested its theories about voice by releasing the result of a consumer poll. The survey of 410 people found that 66% of respondents said they would be apprehensive of using a voice assistant in a hotel room, because of concerns over privacy, 90% said they would like to control the ways corporations use their data, even if it meant sacrificing convenience.
“Сonsumers are increasingly aware of the privacy concerns with voice assistants that rely on cloud storage — and that these concerns will actually impact their usage,” says Dr Rand Hindi, co-founder and CEO at Snips. “However, emerging technologies like blockchain are helping us to create safer and fairer alternatives for voice assistants.”
Indeed, blockchain is very much part of Snip’s future. As Hindi told TechCrunch in May, the company will release a new set of consumer devices independent of its enterprise business. The idea is to create a consumer business that will prompt further enterprise development. At the same time, they will issue a cryptographic token via an ICO to incentivize developers to improve the Snips platform, as an alternative to using data from consumers. The theory goes that this will put it at odds with the approach used by Google and Amazon, who are constantly criticised for invading our private lives merely to improve their platforms.
As a result Hindi believes that as voice-controlled devices become an increasingly common sight in public spaces, there could be a significant shift in public opinion about how their privacy is being protected.
In an interview conducted last month with TechCrunch, Hindi told me the company’s plans for its new consumer product are well advanced, and will be designed from the beginning to be improved over time using a combination of decentralized machine learning and cryptography.
By using blockchain technology to share data, they will be able to train the network “without ever anybody sending unencrypted data anywhere,” he told me.
And ‘training the network” is where it gets interesting. By issuing a cryptographic token for developers to use, Hindi says they will incentivize devs to work on their platform and process data in a decentralized fashion. They are starting from a good place. He claims they already have 14,000 developers on the platform who will be further incentivized by a token economy.
“Otherwise people have no incentive to process that data in a decentralized fashion, right?” he says.
“We got into blockchain because we’re trying to find a way to get people to participate in decentralized machine learning. We’ve been wanting to get into consumer [devices] for a couple of years but didn’t really figure out the end goal because we had always had this missing element which was: how do you keep making it better over time.”
“This is the main argument for Google and Amazon to pretend that you need to send your data to them, to make the service better. If we can fix this [by using blockchain] then we can offer a real alternative to Alexa that guarantees Privacy by Design,” he says.
“We now have over 14000 developers building for us and that’s really completely organic growth, zero marketing, purely word of mouth, which is really nice because it shows that there’s a very big demand for decentralized voice assistance, effectively.”
It could be a high-risk strategy. Launching a voice-controlled device is one thing. Layering it with applications produced by developed supposedly incentivized by tokens, especially when crypto prices have crashed, is quite another.
It does definitely feel like a moonshot idea, however, and we’ll really only know if Snips can live up to such lofty ideals after the launch.

Source: Gadgets – techcrunch

PoLTE lets you track devices using LTE signal

PoLTE lets you track devices using LTE signal
Meet PoLTE, a Dallas-based startup that wants to make location-tracking more efficient. Thanks to PoLTE’s software solution, logistics and shipment companies can much more easily track packages and goods. The startup is participating in TechCrunch’s Startup Battlefield at Disrupt SF.
If you want to use a connected device to track a package, you currently need a couple of things — a way to determine the location of the package, and a way to transmit this information over the air. The most straightforward way of doing it is by using a GPS chipset combined with a cellular chipset.
Systems-on-chip have made this easier as they usually integrate multiple modules. You can get a GPS signal and wireless capabilities in the same chip. While GPS is insanely accurate, it also requires a ton of battery just to position a device on a map. That’s why devices often triangulate your position using Wi-Fi combined with a database of Wi-Fi networks and their positions.
And yet, using GPS or Wi-Fi as well as an LTE modem doesn’t work if you want to track a container over multiple weeks or months. At some point, your device will run out of battery. Or you’ll have to spend a small fortune to buy a ton of trackers with big batteries.
PoLTE has developed a software solution that lets you turn data from the cell modem into location information. It works with existing modems and only requires a software update. The company has been working with Riot Micro for instance.

Behind the scene PoLTE’s magic happens on their servers. IoT devices don’t need to do any of the computing. They just need to send a tiny sample of LTE signals and PoLTE can figure out the location from their servers. Customers can then get this data using an API.
It only takes 300 bytes of data to get location information with precision of less than a few meters. You don’t need a powerful CPU, Wi-Fi, GPS or Bluetooth.
“We offer 80 percent cost reduction on IoT devices together with longer battery life,” CEO Ed Chao told me.
On the business side, PoLTE is using a software-as-a-service model. You can get started for free if you don’t need a lot of API calls. You then start paying depending on the size of your fleet of devices and the number of location requests.
It doesn’t really matter if the company finds a good business opportunity. PoLTE is a low-level technology company at heart. Its solution is interesting by itself and could help bigger companies that are looking for an efficient location-tracking solution.

Source: Gadgets – techcrunch

Stealthy wants to become the WeChat of blockchain apps

Stealthy wants to become the WeChat of blockchain apps

Meet Stealthy a new messaging app that leverages Blockstack’s decentralized application platform to build a messaging app. The company is participating in TechCrunch’s Startup Battlefield at Disrupt SF and launching its app on iOS and Android today.

On the surface, Stealthy works like many messaging apps out there. But it gets interesting once you start digging to understand the protocol behind it. Stealthy is a decentralized platform with privacy in mind. It could become the glue that makes various decentralized applications stick together.

“We started Stealthy because Blockstack had a global hackathon in December of last year,” co-founder Prabhaav Bhardwaj told me. “We won that hackathon in February.” After that, the #deletefacebook movement combined with the overall decentralization trend motivated Bhardwaj and Alex Carreira to ship the app.

Blockstack manages your identity. You get an ID and a 12-word passphrase to recover your account. Blockstack creates a blockchain record for each new user. You use your Blockstack ID to connect to Stealthy.

Stealthy users then choose how they want to store their messages. You can connect your account with Dropbox, Amazon Web Services, Microsoft Azure, etc.

Every time you message someone, the message is first encrypted on your device and sent to your recipient’s cloud provider. Your recipient can then open the Stealthy app and decrypt the message from their storage system.

All of this is seamless for the end user. It works like an iMessage conversation, which means that Microsoft or Amazon can’t open and read your messages without your private key. You remain in control of your data. Stealthy plans to open source their protocol and mobile product so that anybody can audit their code.

Some features require a certain level of centralization. For instance, Stealthy relies on Firebase for push notifications. If you’re uncomfortable with that, you can disable that feature.

The company also wants to become your central hub for all sorts of decentralized apps (or dapps for short). For instance, you can launch Graphite Docs or Blockusign from Stealty. Those dapps are built on top of Blockstack as well, but Stealthy plans to integrate with other dapps that don’t work on Blockstack.

“We have dapp integrations in place right now and we want to make it easier to add dapp integrations. If somebody wants to come in and start selling messaging stickers, you could do that. If you want to come in and implement a payment system to pay bloggers, you could do that,” Bhardwaj said. “Eventually, what we want to be is to make it as easy as submitting an app in the App Store.”

When you build a digital product, chances are you’ll end up adding a messaging feature at some point. You can chat in Google Docs, Airbnb, Venmo, YouTube… And the same is likely to be true with dapps. Stealthy believes that many developers could benefit from a solid communication infrastructure — this way, other companies can focus on their core products and let Stealthy handle the communication layer.

Stealthy is an ambitious company. In many ways, the startup is trying to build a decentralized WeChat with the encryption features of Signal. It’s a messaging app, but it’s also a platform for many other use cases.

A handful of messaging apps have become so powerful that they’ve become a weakness. Governments can block them or leverage them to create a social ranking. Authorities can get a warrant to ask tech companies to hand them data. And of course, the top tech companies have become too powerful. More decentralization is always a good thing.


Source: Mobile – Techcruch

Sinemia takes aim at MoviePass again, with new $9.99 plan

Sinemia takes aim at MoviePass again, with new .99 plan

Sinemia continues its campaign to take advantage of MoviePass’s high-profile struggles and win over the better-known movie ticket subscription service’s customers. Today, it announced a new plan priced at $9.99 per month.

MoviePass, after all, recently announced that it would be keeping its monthly subscription price at $9.95, but limiting subscribers to three movies per month (with discounts on additional tickets).

The new Sinemia tier also includes three tickets each month, but it has the additional benefit of allowing subscribers to buy tickets for any 2D, non-IMAX screen, and to buy those tickets in advance. MoviePass, in contrast, is rotating the available movies each day, and it requires subscribers to buy their tickets at the theater, on the same day as the screening.

Just a couple weeks ago, Sinemia announced a refer-a-friend program that rewards subscribers who convince their friends to leave other subscription services. The company makes no secret of the fact that it’s targeting MoviePass in particular — in today’s announcement, it describes the new plan as one that “matches MoviePass’ latest.”

Sinemia offers a variety of other options, ranging from $3.99 per month for one ticket, to $14.99 for three tickets, with IMAX and 3D access.

Source: Mobile – Techcruch

Movado Group acquires watch startup MVMT

Movado Group acquires watch startup MVMT
The Movado Group, which sells multiple brands, including Lacoste, Tommy Hilfiger and Hugo Boss, has purchased MVMT, a small watch company founded by Jacob Kassan and Kramer LaPlante in 2013. The company, which advertised heavily on Facebook, logged $71 million in revenue in 2017. Movado purchased the company for $100 million.
“The acquisition of MVMT will provide us greater access to millennials and advances our Digital Center of Excellence initiative with the addition of a powerful brand managed by a successful team of highly creative, passionate and talented individuals,” Movado Chief Executive Efraim Grinberg said.
MVMT makes simple watches for the millennial market in the vein of Fossil or Daniel Wellington. However, the company carved out a niche by advertising heavily on social media and being one of the first microbrands with a solid online presence.
“It provides an opportunity to Movado Group’s portfolio as MVMT continues to cross-sell products within its existing portfolio, expand product offerings within its core categories of watches, sunglasses and accessories, and grow its presence in new markets through its direct-to-consumer and wholesale business,” said Grinberg.

MVMT is well-known as a “fashion brand,” namely a brand that sells cheaper quartz watches that are sold on style versus complexity or cost. Their pieces include standard three-handed models and newer quartz chronographs.

Source: Gadgets – techcrunch

DoorDash raises another $250M, nearly triples valuation to $4B

DoorDash raises another 0M, nearly triples valuation to B

Food delivery startup DoorDash announced this afternoon that it has raised $250 million, just five months since the company announced a $535 million round.

Why raise more money so soon? CEO Tony Xu told Axios that he wasn’t actively looking for additional investment, but was open to investor interest because it could help the company expand more quickly. (Maybe he’ll have more to say about those plans at Disrupt SF next month.)

The new funding was led by Coatue Management and DST Global. It sounds like the terms were pretty appealing too, with the valuation growing from $1.4 billion to $4 billion.

In a blog post, the company said it’s had a good 2018, with deliveries increasing 250 percent year-over-year, restaurant chains like Chipotle and IHOP signing up and last week’s launch of the DashPass subscription service, where you can pay $9.99 per month to get unlimited free deliveries.

“As we grow, we will stay true to our values and our mission of connecting people with possibility  —  and, trust us, we’re just getting started,” DoorDash wrote.

Source: Mobile – Techcruch

Autonomous retail startup Inokyo’s first store feels like stealing

Autonomous retail startup Inokyo’s first store feels like stealing

Inokyo wants to be the indie Amazon Go. It’s just launched its prototype cashierless autonomous retail store. Cameras track what you grab from shelves, and with a single QR scan of its app on your way in and out of the store, you’re charged for what you got.

Inokyo‘s first store is now open on Mountain View’s Castro Street selling an array of bougie kombuchas, snacks, protein powders and bath products. It’s sparse and a bit confusing, but offers a glimpse of what might be a commonplace shopping experience five years from now. You can get a glimpse yourself in our demo video below:

“Cashierless stores will have the same level of impact on retail as self-driving cars will have on transportation,” Inokyo co-founder Tony Francis tells me. “This is the future of retail. It’s inevitable that stores will become increasingly autonomous.”

Inokyo (rhymes with Tokyo) is now accepting signups for beta customers who want early access to its Mountain View store. The goal is to collect enough data to dictate the future product array and business model. Inokyo is deciding whether it wants to sell its technology as a service to other retail stores, run its own stores or work with brands to improve their product’s positioning based on in-store sensor data on custom behavior.

We knew that building this technology in a lab somewhere wouldn’t yield a successful product,” says Francis. “Our hypothesis here is that whoever ships first, learns in the real world and iterates the fastest on this technology will be the ones to make these stores ubiquitous.” Inokyo might never rise into a retail giant ready to compete with Amazon and Whole Foods. But its tech could even the playing field, equipping smaller businesses with the tools to keep tech giants from having a monopoly on autonomous shopping experiences.

It’s about what cashiers do instead

Amazon isn’t as ahead as we assumed,” Francis remarks. He and his co-founder Rameez Remsudeen took a trip to Seattle to see the Amazon Go store that first traded cashiers for cameras in the U.S. Still, they realized, “This experience can be magical.” The two met at Carnegie Mellon through machine learning classes before they went on to apply that knowledge at Instagram and Uber. The two decided that if they jumped into autonomous retail soon enough, they could still have a say in shaping its direction.

Next week, Inokyo will graduate from Y Combinator’s accelerator that provided its initial seed funding. In six weeks during the program, they found a retail space on Mountain View’s main drag, studied customer behaviors in traditional stores, built an initial product line and developed the technology to track what users are taking off the shelves.

Here’s how the Inokyo store works. You download its app and connect a payment method, and you get a QR code that you wave in front of a little sensor as you stroll into the shop. Overhead cameras will scan your body shape and clothing without facial recognition in order to track you as you move around the store. Meanwhile, on-shelf cameras track when products are picked up or put back. Combined, knowing who’s where and what’s grabbed lets it assign the items to your cart. You scan again on your way out, and later you get a receipt detailing the charges.

Originally, Inokyo actually didn’t make you scan on the way out, but it got the feedback that customers were scared they were actually stealing. The scan-out is more about peace of mind than engineering necessity. There is a subversive pleasure to feeling like, “well, if Inokyo didn’t catch all the stuff I chose, that’s not my problem.” And if you’re overcharged, there’s an in-app support button for getting a refund.

Inokyo co-founders (from left): Tony Francis and Rameez Remsudeen

Inokyo was accurate in what it charged me despite me doing a few switcharoos with products I nabbed. But there were only about three people in the room at the time. The real test for these kinds of systems are when a rush of customers floods in and cameras have to differentiate between multiple similar-looking people. Inokyo will likely need to be more than 99 percent accurate to be more of a help than a headache. An autonomous store that constantly over- or undercharges would be more trouble than it’s worth, and patrons would just go to the nearest classic shop.

Just because autonomous retail stores will be cashier-less doesn’t mean they’ll have no staff. To maximize cost-cutting, they could just trust that people won’t loot it. However, Inokyo plans to have someone minding the shop to make sure people scan in the first place and to answer questions about the process. But there’s also an opportunity in reassigning labor from being cashiers to concierges that can recommend the best products or find what’s the right fit for the customer. These stores will be judged by the convenience of the holistic experience, not just the tech. At the very least, a single employee might be able to handle restocking, customer support and store maintenance once freed from cashier duties.

The Amazon Go autonomous retail store in Seattle is equipped with tons of overhead cameras

While Amazon Go uses cameras in a similar way to Inokyo, it also relies on weight sensors to track items. There are plenty of other companies chasing the cashierless dream. China’s BingoBox has nearly $100 million in funding and has more than 300 stores, though they use less sophisticated RFID tags. Fellow Y Combinator startup Standard Cognition has raised $5 million to equip old-school stores with autonomous camera-tech. AiFi does the same, but touts that its cameras can detect abnormal behavior that might signal someone is a shoplifter.

The store of the future seems like more and more of a sure thing. The race’s winner will be determined by who builds the most accurate tracking software, easy-to-install hardware and pleasant overall shopping flow. If this modular technology can cut costs and lines without alienating customers, we could see our local brick-and-mortars adapt quickly. The bigger question than if or even when this future arrives is what it will mean for the millions of workers who make their living running the checkout lane.

Source: Mobile – Techcruch

Coinbase acquires Distributed Systems to build ‘Login with Coinbase’

Coinbase acquires Distributed Systems to build ‘Login with Coinbase’

Coinbase wants to be Facebook Connect for crypto. The blockchain giant plans to develop “Login with Coinbase” or a similar identity platform for decentralized app developers to make it much easier for users to sign up and connect their crypto wallets. To fuel that platform, today Coinbase announced it has acquired Distributed Systems, a startup founded in 2015 that was building an identity standard for dApps called the Clear Protocol.

The five-person Distributed Systems team and its technology will join Coinbase. Three of the team members will work with Coinbase’s Toshi decentralized mobile browser team, while CEO Nikhil Srinivasan and his co-founder Alex Kern are forming the new decentralized identity team that will work on the Login with Coinbase product. They’ll be building it atop the “know your customer” anti-money laundering data Coinbase has on its 20 million customers. Srinivasan tells me the goal is to figure out “How can we allow that really rich identity data to enable a new class of applications?”

Distributed Systems had raised a $1.7 million seed round last year led by Floodgate and was considering raising a $4 million to $8 million round this summer. But Srinivasan says, “No one really understood what we’re building,” and it wanted a partner with KYC data. It began talking to Coinbase Ventures about an investment, but after they saw Distributed Systems’ progress and vision, “they quickly tried to move to find a way to acquire us.”

Distributed Systems began to hold acquisition talks with multiple major players in the blockchain space, and the CEO tells me it was deciding between going to “Facebook, or Robinhood, or Binance, or Coinbase,” having been in formal talks with at least one of the first three. Of Coinbase the CEO said, they “were able to convince us they were making big bets, weaving identity across their products.” The financial terms of the deal weren’t disclosed.

Coinbase’s plan to roll out the Login with Coinbase-style platform is an SDK that others apps could integrate, though that won’t necessarily be the feature’s name. That mimics the way Facebook colonized the web with its SDK and login buttons that splashed its brand in front of tons of new and existing users. This turned Facebook into a fundamental identity utility beyond its social network.

Developers eager to improve conversions on their signup flow could turn to Coinbase instead of requiring users to set up whole new accounts and deal with crypto-specific headaches of complicated keys and procedures for connecting their wallet to make payments. One prominent dApp developer told me yesterday that forcing users to set up the MetaMask browser extension for identity was the part of their signup flow where they’re losing the most people.

This morning Coinbase CEO Brian Armstrong confirmed these plans to work on an identity SDK. When Coinbase investor Garry Tan of Initialized Capital wrote that “The main issue preventing dApp adoption is lack of native SDK so you can just download a mobile app and a clean fiat to crypto in one clean UX. Still have to download a browser plugin and transfer Eth to Metamask for now Too much friction,” Armstrong replied “On it :)”

In effect, Coinbase and Distributed Systems could build a safer version of identity than we get offline. As soon as you give your Social Security number to someone or it gets stolen, it can be used anywhere without your consent, and that leads to identity theft. Coinbase wants to build a vision of identity where you can connect to decentralized apps while retaining control. “Decentralized identity will let you prove that you own an identity, or that you have a relationship with the Social Security Administration, without making a copy of that identity,” writes Coinbase’s PM for identity B. Byrne, who’ll oversee Srinivasan’s new decentralized identity team. “If you stretch your imagination a little further, you can imagine this applying to your photos, social media posts, and maybe one day your passport too.”

Considering Distributed Systems and Coinbase are following the Facebook playbook, they may soon have competition from the social network. It’s spun up its own blockchain team and an identity and single sign-on platform for dApps is one of the products I think Facebook is most likely to build. But given Coinbase’s strong reputation in the blockchain industry and its massive head start in terms of registered crypto users, today’s acquisition well position it to be how we connect our offline identity with the rising decentralized economy.

Source: Mobile – Techcruch

‘Unhackable’ BitFi crypto wallet has been hacked

‘Unhackable’ BitFi crypto wallet has been hacked
The BitFi crypto wallet was supposed to be unhackable and none other than famous weirdo John McAfee claimed that the device – essentially an Android-based mini tablet – would withstand any attack. Spoiler alert: it couldn’t.
First, a bit of background. The $120 device launched at the beginning of this month to much fanfare. It consisted of a device that McAfee claimed contained no software or storage and was instead a standalone wallet similar to the Trezor. The website featured a bold claim by McAfee himself, one that would give a normal security researcher pause:

Further, the company offered a bug bounty that seems to be slowly being eroded by outside forces. They asked hackers to pull coins off of a specially prepared $10 wallet, a move that is uncommon in the world of bug bounties. They wrote:
We deposit coins into a Bitfi wallet
If you wish to participate in the bounty program, you will purchase a Bitfi wallet that is preloaded with coins for just an additional $10 (the reason for the charge is because we need to ensure serious inquiries only)
If you successfully extract the coins and empty the wallet, this would be considered a successful hack
You can then keep the coins and Bitfi will make a payment to you of $250,000
Please note that we grant anyone who participates in this bounty permission to use all possible attack vectors, including our servers, nodes, and our infrastructure
Hackers began attacking the device immediately, eventually hacking it to find the passphrase used to move crypto in and out of the the wallet. In a detailed set of tweets, security researchers Andrew Tierney and Alan Woodward began finding holes by attacking the operating system itself. However, this did not match the bounty to the letter, claimed BitFi, even though they did not actually ship any bounty-ready devices.

Something that I feel should be getting more attention is the fact that there is zero evidence that a #bitfi bounty device was ever shipped to a researcher. They literally created an impossible task by refusing to send the device required to satisfy the terms of the engagement.
— Gallagher (@DanielGallagher) August 8, 2018

Then, to add insult to injury, the company earned a Pwnies award at security conference Defcon. The award was given for worst vendor response. As hackers began dismantling the device, BitFi went on the defensive, consistently claiming that their device was secure. And the hackers had a field day. One hacker, 15-year-old Saleem Rashid, was able to play Doom on the device.

Well, that's a transaction made with a MitMed Bitfi, with the phrase and seed being sent to a remote machine.
That sounds a lot like Bounty 2 to me. pic.twitter.com/qBOVQ1z6P2
— Ask Cybergibbons! (@cybergibbons) August 13, 2018

The hacks kept coming. McAfee, for his part, kept refusing to accept the hacks as genuine.

The press claiming the BitFi wallet has been hacked. Utter nonsense. The wallet is hacked when someone gets the coins. No-one got any coins. Gaining root access in an attempt to get the coins is not a hack. It's a failed attempt. All these alleged "hacks" did not get the coins.
— John McAfee (@officialmcafee) August 3, 2018

Unfortunately, the latest hack may have just fulfilled all of BitFi’s requirements. Rashid and Tierney have been able to pull cash out of the wallet by hacking the passphrase, a primary requirement for the bounty. “We have sent the seed and phrase from the device to another server, it just gets sent using netcat, nothing fancy.” Tierney told TheNextWeb. “We believe all conditions have been met.”
The end state of this crypto mess? BitFi did what most hacked crypto companies do: double down on the threats. In a recently deleted Tweet they made it clear that they were not to be messed with:

I haven’t really been following this Bitfi nonsense, but I do so love when companies threaten security researchers. pic.twitter.com/McyBGqM3bt
— Matthew Green (@matthew_d_green) August 6, 2018

The researchers, however, may still have the last laugh.

Claiming your front door has an unpickable lock does not make your house secure. No more does offering a reward only for defeating that front door lock, and repeatedly saying no one has claimed the reward, prove your house is secure, especially when you’ve left the windows open.
— Alan Woodward (@ProfWoodward) August 14, 2018

Source: Gadgets – techcrunch