Source Code: Your daily look at what matters in tech.
To give you the best possible experience, this site uses cookies. If you continue browsing. you accept our use of cookies. You can review our privacy policy to find out more about the cookies we use.
enterpriseprotocol | enterpriseTom KrazitNoneAre you keeping up with the latest cloud developments? Get Tom Krazit and Joe Williams' newsletter every Monday and Thursday.d3d5b92349
Subscribe to
Want to better understand the $150 billion gaming industry? Get our newsletter every Tuesday.
Are you keeping up with the latest cloud developments? Get Tom Krazit and Joe Williams' newsletter every Monday and Thursday.
David Wertime and our data-obsessed China team analyze China tech for you. Every Wednesday, with alerts on key stories and research.
Want your finger on the pulse of everything that's happening in tech? Sign up to get David Pierce's daily newsletter.
Do you know what's going on in the venture capital and startup world? Get the Pipeline newsletter every Saturday.
Do you know what's coming next up in the world of tech and entertainment? Get Janko Roettgers' newsletter every Thursday.
Hear from Protocol's experts on the biggest questions in tech. Get Braintrust in your inbox every Thursday.
Get access to the Protocol | Fintech newsletter, research, news alerts and events.
June 22, 2020
The world's best software developers have a not-so-well-kept secret: Most of the crucial back-end systems that power the world rest on a precarious foundation of software held together with the digital equivalent of popsicle sticks and chewing gum. But they're also excited about an emerging programming language that promises something better.
For the fourth consecutive year, Rust topped Stack Overflow's 2020 survey of the "most loved" programming languages in software development, and there are some easy-to-understand reasons why. Rust was designed to prevent developers from making memory-handling mistakes that can lead to damaging (and prevalent) security flaws, and it also helps those developers figure out why their software isn't working.
That's why the language is increasingly gaining momentum, as a new generation of companies start to rewrite their critical infrastructure for the cloud computing era. AWS used Rust to build Firecracker, an open-source serverless computing platform that runs the company's strategically important Lambda and Fargate services. Dropbox rewrote some of its core systems software in Rust as part of the process of rolling out its own hardware infrastructure. And at Mozilla, where Rust was originally developed, the language was used to build the core browsing engine at the heart of Firefox.
Those companies are all hoping to avoid the security mistakes of the past. Rust may have its own issues — it's particularly difficult to learn, for instance — but it's "the industry's best chance for addressing this issue head-on," said Ryan Levick, principal cloud developer advocate at Microsoft, in a recent talk.
Lessons from the past
Over the last few decades, a huge percentage of the low-level systems software that controls the world's computers has been written in a language called C++, which was first released in 1985 and became a big part of Microsoft's product strategy. C++ is a powerful and efficient language that introduced the object-oriented programming concepts, now present in so many languages, to the seminal C language. But it has one glaring drawback.
It is very, very easy for programmers using C++ to make memory-handling mistakes. And according to Levick, over the last 15 years or so, around 70% of the security vulnerabilities in Microsoft products that required a CVE disclosure were memory-related.
Those mistakes allow malicious attackers to flood memory registers with data, creating a "buffer overflow" security problem that can overwrite data in memory registers adjacent to one program, and allow attackers to run code without the user's knowledge or consent. "C++, at its core, is not a safe language," Levick said in his talk.
By design, Rust prevents developers from making those mistakes.
"For years and years, Microsoft has been trying to get its C++ developers to use best practices and write more secure code," said Nell Shamrell-Harrington, senior staff research engineer at Mozilla and one of the people working directly on the advancement of the language. "In Rust, that security is built into the code itself."
Rust also helps developers debug their code by providing hints and pointers when their software isn't working, rather than just throwing out a vague error message, Shamrell-Harrington said. In some cases it will pinpoint the exact line of code that needs fixing, she said, saving developers a ton of time and anxiety.
The downside? Rust has a steep learning curve. "I would not recommend anybody use it as their first language, and maybe their second," Shamrell-Harrington said. Newcomers to Rust find it fairly easy to learn the basics, she said, but struggle when trying to move into the intermediate stage.
The numbers bear that out: Only 3.2% of developers surveyed by Stack Overflow actually use Rust on a regular basis. Twice as many people are still using Assembly, a low-level machine language that dates back to the 1940s. In fact, one of Shamrell-Harrington's jobs is to help produce content for the developer community that will bridge the knowledge gap and make it a more widely used language.
The one of many?
Rust is by no means the only modern programming language that provides memory safety for its users. Longtime stalwart Java offers some memory-handling protections. And Swift, Apple's iOS-friendly application development language, also puts strict boundaries around memory handling.
But they're high-level languages, which trade efficiency to gain ease of use. In comparison, Rust was designed for writing the sorts of lower-level systems software that runs the internet, offering performance at the same level provided by C++ and well beyond the capabilities of languages such as Java and Swift.
Perhaps Rust's main rival is Go, developed at Google, which is also used for system-level development and emphasizes memory safety. It's currently used more widely than Rust and is also considered easier to learn — but has less cachet among developers according to Stack Overflow's survey and lacks some of Rust's features.
As more and more business activity flows through software delivered over the internet, secure software has never been more important. If the best way to prevent 70% of serious security vulnerabilities is to adopt a programming language that makes it impossible to introduce memory-related security flaws, expect to see a lot more Rust in the future.
From Your Site Articles
- Writing a quantum algorithm? Avoid using a quantum computer ›
- Protocol Cloud: How developers really want to work - Protocol ›
- Can the cloud save us from COBOL? - Protocol ›
- Mozilla laid off 250 people, and the company overhaul is just beginning - Protocol ›
- Ex-Mozilla employees lead the tech reform charge - Protocol — The people, power and politics of tech ›
Tom Krazit
Tom Krazit ( @tomkrazit) is a senior reporter at Protocol, covering cloud computing and enterprise technology out of the Pacific Northwest. He has written and edited stories about the technology industry for almost two decades for publications such as IDG, CNET, paidContent, and GeekWire. He has written and edited stories about the technology industry for almost two decades for publications such as IDG, CNET and paidContent, and served as executive editor of Gigaom and Structure.
Image: Protocol
March 21, 2021
David Pierce ( @pierce) is Protocol's editor at large. Prior to joining Protocol, he was a columnist at The Wall Street Journal, a senior writer with Wired, and deputy editor at The Verge. He owns all the phones.
March 21, 2021
This week on the Source Code podcast: Issie Lapowsky joins the show to talk about why researchers and social platforms want to work together, and why that's a lot more complicated than it sounds. Then, Joe Williams explains why the digital signature industry is so hot right now, and where it goes from here.
For more on the topics in this episode:
<ul class="ee-ul"><li><a href="https://twitter.com/issielapowsky" rel="noopener noreferrer" target="_blank">Issie Lapowsky on Twitter</a></li><li><a href="/nyu-facebook-researchers-scraping" target="_self">Platforms vs. PhDs: How tech giants court and crush the people who study them</a></li><li><a href="https://twitter.com/JoePWilliams31" rel="noopener noreferrer" target="_blank">Joe Williams on Twitter</a></li><li><a href="/enterprise/docusign-adobe-e-signature" target="_self">The e-signature war is going beyond the dotted line</a></li></ul><strong>Subscribe to the show: <a href="https://podcasts.apple.com/us/podcast/protocols-source-code/id1497440658" rel="noopener noreferrer" target="_blank">Apple Podcasts</a> | <a href="https://open.spotify.com/show/1mc6ODYq0nZ8hrVDuvQfeL?si=HDPznyjDSEqv5EvMZxhKxQ" rel="noopener noreferrer" target="_blank">Spotify</a> | <a href="https://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkcy5zaW1wbGVjYXN0LmNvbS95OVNfTjJfaw==" rel="noopener noreferrer" target="_blank">Google Podcasts</a></strong>
Keep Reading
Show less
David Pierce ( @pierce) is Protocol's editor at large. Prior to joining Protocol, he was a columnist at The Wall Street Journal, a senior writer with Wired, and deputy editor at The Verge. He owns all the phones.
Sponsored Content
Everyone's moving to the cloud – here's how to keep your data secure while it's there
March 15, 2021
James Daly has a deep knowledge of creating brand voice identity, including understanding various audiences and targeting messaging accordingly. He enjoys commissioning, editing, writing, and business development, particularly in launching new ventures and building passionate audiences. Daly has led teams large and small to multiple awards and quantifiable success through a strategy built on teamwork, passion, fact-checking, intelligence, analytics, and audience growth while meeting budget goals and production deadlines in fast-paced environments. Daly is the Editorial Director of 2030 Media and a contributor at Wired.
February 16, 2021
For corporate IT managers, there are many motivations to move dynamic workloads to the cloud. It provides an irresistible trifecta of flexibility, scalability, and costs savings for those managing varying workloads.
The past year of widespread shutdowns caused by COVID-19 have increased this demand. That's one reason the global cloud computing market size is expected to grow from $371.4 billion in 2020 to $832.1 billion by 2025, at a Compound Annual Growth Rate (CAGR) of 17.5%, according to Research and Markets.
<p>While cloud deployments benefit CISOs and security administrators in many ways, they often don't suppress a critical attack vector — protecting data in use. Data exists <em>at rest</em> when it's stored, <em>in transit</em> when moving through the network, and <em>in use</em> as it's being processed. Data is often encrypted in the first two states, but not while processed. </p><p class="pull-quote">"Security is an evolving journey and an evolving conversation, but confidential computing is going to be a big part of that future." -Vikas Bhatia, Head of Product for Azure Confidential Computing at Microsoft</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="1">
</div>
</div></p><p>That's where the confidential computing approach offered by <a href="https://aka.ms/azure-sql-enclaves" rel="noopener noreferrer" target="_blank">Always Encrypted with secure enclaves</a> in Azure SQL comes in, plugging that final "in use" security gap. It does this by isolating computations to a hardware-based trusted execution environment (TEE), which provides a protected container by securing a portion of the processor and memory. Users run software inside the protected environment to shield portions of code and data from view, preventing modification outside the TEE.</p><p>Always Encrypted is a client-side technology that ensures that sensitive data stored in specific database columns (for example, credit card numbers, national identification numbers) are never revealed to the SQL Server on Azure Virtual Machines, or Azure SQL Database, a managed cloud database. This defense includes protection against database administrators or other privileged users, including cloud providers, who are ized to access the database to perform management tasks but have no business need to access the information in the encrypted columns. </p><p>"You have a hardware-backed guarantee that your data will not be exposed to any of the attack vectors such as your own database administrator, bugs in the guest or host operating system, or even the hypervisor that your workload is running on," said Vikas Bhatia Head of Product for Azure Confidential Computing at Microsoft.. "Your data is safe and completely within your control."<a href="#_msocom_1" rel="noopener noreferrer" target="_blank"></a></p><p><strong>The power of secure enclaves</strong></p><p>Always Encrypted enables the Database Engine to process some queries on encrypted data while preserving the confidentiality of the data at a column granularity. The data is decrypted from encrypted database columns only for processing by client applications with access to the encryption key. While current database systems provide sophisticated access control mechanisms and encryption support for data-at-rest, they do not protect the data against attackers with administrative privileges on the database or on the server that hosts the database. </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="2">
</div>
</div></p><p>Always Encrypted works using <em>secure enclaves, </em>a protected region of memory within the Database Engine process that can contain plaintext data. The secure enclave appears as an opaque box to the rest of the Database Engine and other processes on the hosting machine. There is no way to view any data or code inside the enclave from the outside, even with a debugger. These properties make the secure enclave a <em>trusted execution environment</em> that can safely access cryptographic keys and sensitive data in plaintext, without compromising data confidentiality. </p><p><a rel="noopener noreferrer" target="_blank"></a><a rel="noopener noreferrer" target="_blank"></a>Always Encrypted used by a wide variety of <a href="https://aka.ms/AlwaysEncryptedEnclavesAzureSQLDBBlog" rel="noopener noreferrer" target="_blank">customers</a> requiring confidentiality and governmental rules compliance, from financial institutions (such as Royal Bank of Canada, Financial Fabric) to insurance companies and health care organizations. These customers use Always Encrypted mostly for online transactional processing applications and encrypt only personally identifiable identifier (PII) columns such as social security numbers, names, email addresses, and credit card numbers. </p><p>That's an essential advantage. "With these businesses, their entire infrastructure is built on trust," Bhatia noted. "So security must not just be part of their technical foundation but part of their essence. Always Encrypted allows them to do that." </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="3">
</div>
</div></p><p>Azure confidential computing can also be scaled horizontally, meaning that it offers the ability to increase capacity by connecting multiple hardware or software entities so that they work as a single logical unit. Conversely, vertical scaling means that you scale by adding more power (CPU, RAM) to an existing machine.</p><p>"Security is an evolving journey and an evolving conversation," Bhatia said. "But confidential computing is going to be a big part of that future."</p>
Keep Reading
Show less
James Daly has a deep knowledge of creating brand voice identity, including understanding various audiences and targeting messaging accordingly. He enjoys commissioning, editing, writing, and business development, particularly in launching new ventures and building passionate audiences. Daly has led teams large and small to multiple awards and quantifiable success through a strategy built on teamwork, passion, fact-checking, intelligence, analytics, and audience growth while meeting budget goals and production deadlines in fast-paced environments. Daly is the Editorial Director of 2030 Media and a contributor at Wired.
Power
Don't sacrifice security for performance when computing at the edge
Companies must look at security in tandem with networking.
Federal IT managers and security analysts need to weigh the risk and reward of each upgrade or improvement to minimize new risk, writes Jim Richberg.
Image: Florian Olivo/Unsplash
March 9, 2021
March 3, 2021
Jim Richberg is the Public Sector Field CISO at Fortinet.
As federal agencies increasingly push for improved performance and agility through their networks and devices, they must also consider the lack of visibility that comes with deploying cutting-edge technology. Centralized visibility and unified controls are sometimes being sacrificed in favor of performance and agility through smart devices collecting and processing data at the edge.
<p>A recent FortiGuard Labs <a href="https://www.fortinet.com/content/dam/maindam/PUBLIC/02_MARKETING/02_Collateral/WhitePaper/wp-cyber-threat-predictions-for-2021.pdf" target="_blank">report</a> showed that threat actors are shifting significant resources to strategically target and exploit these emerging network-edge capabilities. The SolarWinds breach and other attacks are proof that this continues. </p><p>There's promise in the pipeline under the <a href="https://www.congress.gov/bill/116th-congress/house-bill/1668/text" rel="noopener noreferrer" target="_blank">IoT Cybersecurity Improvement Act</a>, which became law in early December 2020. The directive tasks the National Institute of Standards and Technology with developing binding recommendations for the government on securing new edge environments. Its impact will likely be felt outside of the government as well, since the private sector commonly adopts NIST recommendations, and many of them become default international standards.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="1">
</div>
</div></p><p>It should be noted, though, that agencies should look at the actions set out by the IoT Act and the subsequent NIST standards as a minimum baseline for defending the edge. There is more that could and should be done to bolster cyber defenses beyond the minimum requirements.</p><p>Much of this work can be done now, even as NIST continues to develop its standards recommendations. But to do this work effectively, agencies must look at security in tandem with networking. The convergence of these two worlds means you cannot have a conversation about one without also addressing the effects on the other. Faster networks might mean a more efficient work environment, but agencies also have to think about the <a href="https://www.fortinet.com/blog/industry-trends/fortiguard-labs-global-threat-landscape-report-2021" rel="noopener noreferrer" target="_blank">impact network upgrades will have on security</a>. For example, upgrading to a platform that allows federal workers in the field to process massive amounts of data at the edge would certainly make things more efficient and effective because those researchers would no longer have to send the information back to the data center for analysis. But doing that also opens up agencies to new risks. Federal IT managers and security analysts need to weigh the risk and reward of each upgrade or improvement to minimize new risk.</p><p>This kind of approach enables agencies to provide true security-driven networking, not just networking with security layered on top. </p><h3>Don't trust by default</h3><p>The bill's focus on IoT security and standardization lends itself to a zero-trust architecture approach. At its core, zero trust is a network security philosophy that states that no one inside or outside the network should be trusted unless their identification has been thoroughly checked. And trust should be conditional, bestowing the least amount of privilege necessary to accomplish the ized task. For instance, if reading a file but not modifying it is needed, don't grant the "excess" privilege of writing to or deleting data.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="2">
</div>
</div></p><p>That means that even if a device is already on the network, security measures are put in place to constantly make sure it's still supposed to be there and only doing what is ized. Implementing zero trust compels network administrators to design stringent, trustless security measures.</p><p>For example, if 99% of edge devices connecting to a network are compliant with NIST's zero-trust standards, it will be easy to spot those that aren't. Having this information means agency cyber teams can focus more resources on those noncompliant devices preemptively, limiting their access and closely monitoring their behavior.</p><h3>Automate in real time</h3><p>Beyond its synergy with zero-trust operating principles, the IoT Act signals that AI-driven security will play a big role in protecting critical devices at the edge. Deploying AI in security operations has gone beyond just automating repetitive and mundane tasks. By integrating AI deep into the security fabric, agencies can significantly enhance their ability to detect anomalies, respond to threats and adapt security policies and protocols to changing network and connectivity conditions. </p><p>AI enables cyber analysts to correlate and process threat intelligence in real time. That kind of immediate action is crucial for the government, especially when the devices living at the edge access mission-critical information and functions. Securing the IoT edge requires a flexible and integrated security fabric that can bring together security elements that span networks into a single, interconnected and responsive system. This enables effective monitoring and the quick detection and response to unized behavior.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="3">
</div>
</div></p><p>This approach not only falls in line with the IoT Act provisions, it also increases resilience, which is often recognized as a key component in a more effective <a href="https://www.solarium.gov/report" rel="noopener noreferrer" target="_blank">U.S. national cyber strategy</a>.</p>
Keep Reading
Show less
Protocol | Policy
Tech spent years fighting foreign terrorists. Then came the Capitol riot.
"Nobody's going to have a hearing if a platform takes down 1,000 ISIS accounts. But they might have a hearing if you take down 1,000 QAnon accounts."
Photo: Roberto Schmidt/Getty Images
March 12, 2021
Issie Lapowsky (@issielapowsky) is a senior reporter at Protocol, covering the intersection of technology, politics, and national affairs. Previously, she was a senior writer at Wired, where she covered the 2016 election and the Facebook beat in its aftermath. Prior to that, Issie worked as a staff writer for Inc. magazine, writing about small business and entrepreneurship. She has also worked as an on-air contributor for CBS News and taught a graduate-level course at New York University’s Center for Publishing on how tech giants have affected publishing. Email Issie.
March 8, 2021
On a Friday in August 2017 — years before a mob of armed and very-online extremists took over the U.S. Capitol — a young Black woman who worked at Facebook walked up to the microphone to ask Mark Zuckerberg a question during a weekly companywide question-and-answer session.
Zuckerberg had just finished speaking to the staff about the white supremacist violence in Charlottesville, Virginia, the weekend before — and what a difficult week it had been for the world. He was answering questions on a range of topics, but the employee wanted to know: Why had he waited so long to say something?
<p>The so-called Unite the Right rally in Charlottesville had been planned in plain sight for the better part of a month on Facebook. Facebook took the event down only a <a href="https://www.businessinsider.com/facebook-removed-unite-the-right-charlottesville-rally-event-page-one-day-before-2017-8" target="_blank">day before</a> it began, citing its ties to hate groups and the threat of physical harm. That turned out to be more than a threat. The extremist violence in Charlottesville left three people dead and dozens more injured. Then-Attorney General Jeff Sessions later <a href="https://www.usnews.com/news/national-news/articles/2017-08-14/jeff-sessions-calls-charlottesville-attack-domestic-terrorism" target="_blank">called</a> it an act of "domestic terrorism." </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="1">
</div>
</div></p><p>Zuckerberg had already posted a contrite, cautious <a href="https://www.facebook.com/zuck/posts/10103969849282011?pnref=story" target="_blank">message</a> about the rally on Facebook earlier that week, saying the company would monitor for any further threats of violence. But his in-person response to the employee's question that day struck some on the staff as dismissive. "He said in front of the entire company, both in person and watching virtually, that things happen all over the world: Is he supposed to comment on everything?" one former employee recalled.</p><p>"It was something like: He can't be giving an opinion on everything that happens in the world every Friday," another former employee remembered.</p><p>Facebook's chief operating officer and resident tactician, Sheryl Sandberg, quickly swooped in, thanking the employee for her question and rerouting the conversation to talk about Facebook's charitable donations and how Sandberg herself thinks about what to comment on publicly. A Facebook spokesperson confirmed the details of this account, but said it lacked context, including that Zuckerberg did admit he should have said something sooner. </p><p>Still, to the people who spoke with Protocol, Zuckerberg's unscripted remarks that day underscored something some employees already feared: that the company had yet to take the threat posed by domestic extremists in the U.S. as seriously as it was taking the threat from foreign extremists linked to ISIS and al-Qaeda. "There wasn't a patent condemnation such that we would have expected had this been a foreign extremist group," a third former employee said.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="2">
</div>
</div></p><p>At the time, tech giants were already hard at work figuring out how to crack down on the global terrorist networks that filled their sites with beheading videos and used social media to openly recruit new adherents. Just a few months before Charlottesville, Facebook, YouTube, Twitter and Microsoft had <a href="https://gifct.org/about/story/#june-26--2017---formation-of-gifct" target="_blank">announced</a> a novel plan to share intel on known terrorist content so they could automatically remove posts that had appeared elsewhere on the web. </p><p>Despite the heavy-handed approach to international jihadism, tech giants have applied a notably lighter touch to the same sort of xenophobic, racist, conspiratorial ideologies that are 凯发k8官网下载手机版homegrown in the U.S. and held largely by white Westerners. Instead, they've drawn drifting lines in the sand, banning explicit calls for violence, but often waiting to address the deranged beliefs underlying that violence until something has gone terribly wrong. </p><p>But the Capitol riot on Jan. 6 and the spiraling conspiracies that led to it have forced a reckoning many years in the making on how both Big Tech and the U.S. government approach domestic extremists and their growing power. In the weeks since the riot, the Department of 凯发k8官网下载手机版homeland Security has issued a <a href="https://www.dhs.gov/ntas/advisory/national-terrorism-advisory-system-bulletin-january-27-2021" target="_blank">terrorism advisory</a> bulletin, warning of the increased threat of "domestic violent extremists" who "may be emboldened" by the riot. The head of the intelligence community has <a href="https://www.nytimes.com/2021/01/19/us/politics/avril-haines-domestic-terror-qanon.html" target="_blank">promised</a> to track domestic extremist groups like QAnon. And attorney general nominee Merrick Garland, who prosecuted the 1995 Oklahoma City bombing case, <a href="https://time.com/5941907/merrick-garland-domestic-terrorism/" target="_blank">said</a> during his recent confirmation hearing that investigating domestic terrorism will be his "first priority."</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="3">
</div>
</div></p><p>Tech companies have followed suit, cracking down in ways they never have before on the people and organizations that worked to motivate and glorify that extremist behavior, including former President Donald Trump himself. </p><p>But the question now is the same as it was when that employee confronted Zuckerberg three years ago: What took so long? </p><p>Interviews with more than a dozen people who have worked on these issues at Facebook, Twitter and Google or inside the government shed light on how tech giants' defenses against violent extremism have evolved over the last decade and why their work on domestic threats lagged behind their work on foreign ones. </p><p>Some of it has to do with the War on Terror sociopolitical dynamics that have prioritized violent Islamism above all else. </p><p>Some of it has to do with the technical advancements that have been made in just the last four years. </p><p>And yes, some of it has to do with Trump.</p><h2>The room full of lawyers
</h2><p>Nearly a decade before Q was a glimmer in some 4channer's eye, the tech industry was facing a different scourge – the proliferation of child sexual abuse material. In 2008, Microsoft called a Dartmouth computer science professor named Hany Farid to help the company figure out a way to do something about it. Farid, now a professor at University of California, Berkeley, traveled to Washington to meet with representatives from the tech industry to discuss a possible solution.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="4">
</div>
</div></p><p>"I go down to D.C. to talk to them, and it's exactly what you think it is: a room full of lawyers, not engineers, from the tech industry, talking about how they can't solve the problem," Farid recalled. </p><p>To Farid, the fact that he was one of the only computer scientists at the meeting sent a message about how the industry thought about the problem, and still thinks about other content moderation problems — not as a technical challenge that rewarded speed and innovation, but as a legal liability that had to be handled cautiously.</p><p>At the time, tech companies were already attaching unique fingerprints to copyrighted material so they could remove anything that risked violating the Digital Millennium Copyright Act. Farid didn't see any reason why companies couldn't apply the same technology to automatically remove child abuse material that had been previously reported to the National Center for Missing & Exploited Children's tipline. That might not catch every piece of child abuse imagery on the internet, but it would make a dent. In partnership with Microsoft, he spent the next year developing a tool called PhotoDNA that Microsoft <a href="https://news.microsoft.com/2009/12/15/new-technology-fights-child-porn-by-tracking-its-photodna/" target="_blank">deployed</a> across its products in 2009.<br></p><p>But social networks dragged their feet. Facebook became the first company outside of Microsoft to announce it had adopted PhotoDNA in <a href="https://blogs.microsoft.com/on-the-issues/2011/05/19/facebook-to-use-microsofts-photodna-technology-to-combat-child-exploitation/" rel="noopener noreferrer" target="_blank">2011</a>. Twitter took it up in <a href="https://www.theguardian.com/technology/2013/jul/22/twitter-photodna-child-abuse" rel="noopener noreferrer" target="_blank">2013</a>. (Google had begun using its own <a href="https://www.blog.google/outreach-initiatives/google-org/our-continued-commitment-to-combating/" rel="noopener noreferrer" target="_blank">hashing system</a> in 2008.) "Everybody came to this reluctantly," Farid said. "They knew if you came for [child sexual abuse material], you're now going to come for the other stuff."</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="5">
</div>
</div></p><p>That turned out to be the right assumption. By 2014, that "other stuff" included a string of ghastly beheading videos, slickly filmed and distributed by ISIS's loud and proud propaganda arm. One of those videos in particular, which documented the beheading of journalist James Foley, horrified Americans as it filled their Twitter feeds and multiplied on YouTube. "It was the first instance of an execution video going really viral," said Nu Wexler, who was working on Twitter's policy communications team at the time. "It was one of the early turning points where the platforms realized they needed to work together."</p><p>As the Foley video made the rounds, Twitter and YouTube scrambled to form an informal alliance, where each platform swapped links on the videos it was finding and taking down. But at the time, that work was happening through user reports and manual searches. "A running theme for a number of services was that we had a very manual, very reactive response to the threat that ISIS posed to our services, coupled with the speed of ISIS' territorial organizational expansion and at the same time the response from industry and from government being relatively siloed," said Nick Pickles, Twitter's senior director of public policy strategy.</p><p>The Foley video and several other videos that appeared on the platform in quick succession only underscored how insufficient that approach was. "The way that content was distributed by ISIS online represented a manifestation of their online and physical threat in a way which led to a far more focused policy conversation and urgency to address their exploitation of digital services," Pickles said.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="6">
</div>
</div></p><p>But there was also trepidation among some in the industry. "I heard a tech executive say to me, and I wanted to punch him in the face: 'One person's terrorist is another person's freedom fighter,'" Farid remembered. "I'm like, there's a fucking video of a guy getting his head cut off and then run over. Do you want to talk about that being a 'freedom fighter'?"</p><p>To Farid, the choice for tech companies was simple: automatically filter out the mass quantities of obviously abhorrent content using hashing technology like PhotoDNA and worry about the gray areas later.</p><p class="pull-quote">There's a fucking video of a guy getting his head cut off and then run over. Do you want to talk about that being a 'freedom fighter'?</p><p>Inside YouTube, one former employee who has worked on policy issues for a number of tech giants said people were beginning to discuss doing just that. But questions about the slippery slope slowed them down. "You start doing it for this, then everybody's going to ask you to do it for everything else. Where do you draw the line there? What is OK and what's not?" the former employee said, recalling those discussions. "A lot of these conversations were happening very robustly internally."</p><p>Those conversations were also happening with the U.S. government at a time when tech giants were very much trying to <a href="https://www.wired.com/2014/03/facebook-security/" rel="noopener noreferrer" target="_blank">distance</a> themselves from the feds in the wake of the Edward Snowden disclosures. "At first when we were meeting with social media companies to address the ISIS threat, there was some reluctance to feel like tech companies were part of the solution," said Ryan Greer, who worked on violent extremism issues in both the State Department and the Department of 凯发k8官网下载手机版homeland Security under President Obama. "It had to be a little bit shamed out of them."</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="7">
</div>
</div></p><h2>The Madison Valleywood Project
</h2><p>Then, in 2015, ISIS-inspired attackers shot up a theater in Paris and an office in San Bernardino. The next year, they carried out a series of bombings in Brussels and drove cargo trucks through crowds in Berlin and Nice. The rash of terrorist attacks in the U.S. and Europe changed the stakes for the tech industry. Suddenly, governments in those countries began forcefully pushing tech companies to prevent their platforms from becoming instruments of radicalization. </p><p>"You had multiple Western governments speaking with one voice and linking arms on this to put pressure to bear on these companies," said the former YouTube employee.</p><p>In the U.S., the Obama administration gave this pressure campaign a codename: <a href="https://www.nytimes.com/2016/02/25/technology/tech-and-media-firms-called-to-white-house-for-terrorism-meeting.html" rel="noopener noreferrer" target="_blank">The Madison Valleywood Project</a>, which was designed to get Madison Avenue advertisers, Silicon Valley technologists and Hollywood filmmakers to work with the government in the fight against ISIS. In February 2016, Obama invited representatives from all of those industries – Google, Facebook and Twitter among them – to a day-long summit at the White House that was laser-focused on ISIS. The day's opening speaker, former Assistant Attorney General John Carlin, applauded Facebook, Twitter and YouTube's nascent counterterrorism efforts but urged them to do more. "We anticipate — and indeed hope — that after today you will continue to meet without the government, to continue to develop on your own efforts, building on the connections you make today," Carlin said, according to a copy of the <a href="https://epic.org/foia/MadisonValleywood_2.pdf" rel="noopener noreferrer" target="_blank">speech</a> obtained by the Electronic Privacy Information Center.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="8">
</div>
</div></p><p>"The ISIS threat really captivated both U.S. and international media at the time," said Greer, who now works as national security director for the Anti-Defamation League. "There was a constant drumbeat of questions: What are you doing about ISIS? What are you doing about ISIS?"</p><p>The mounting pressure seemed to have an impact. Just weeks before the White House summit, Twitter became the first tech company to <a href="https://blog.twitter.com/en_us/a/2016/combating-violent-extremism.html" rel="noopener noreferrer" target="_blank">publicly</a> enumerate the terrorist accounts it had removed in 2016. The communications team opted to publish the blog post laying out the stats without attaching the 's name, Wexler said, because they were fearful of directing more death threats to executives who were already being bombarded with them.</p><p>Over the course of the next year and a half, tech executives continued to hold meetings with the U.K.'s 凯发k8官网下载手机版home secretary, the United Nations Counter-Terrorism Executive Directorate and the EU Internet Forum.</p><p><br></p><p class="shortcode-media shortcode-media-rebelmouse-image">
<a href="https://media.gettyimages.com/photos/from-left-to-right-uk-凯发k8官网下载手机版home-secretary-amber-rudd-head-of-public-policy-picture-id865330526?b=1&k=6&m=865330526&s=170x170&h=_H9lHNEtUrY1xP4Xr75Pj4F0BvKbUzR9M64Rp2dRaQo=" target="_blank"><img type="lazy-image" data-runner-src="/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNTc0NzQyNS9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTY0NDQ5OTE1OH0.HluxS3UkzhEHVK7AjUGUmSMIjhcYdArHYvQbEdGG1GM/image.jpg?width=980" id="99b98" class="rm-shortcode" data-rm-shortcode-id="b78df8d5dcf6965b6363ea9429b987bd" data-rm-shortcode-name="rebelmouse-image"></a>
<small class="image-media media-caption" placeholder="Add Photo Caption...">Twitter's Nick Pickles (second from left) and Facebook's Brian Fishman (third from left) attend the G7 Interior Ministerial Meeting in Ischia, Italy in October of 2017. </small>
<small class="image-media media-photo-credit" placeholder="Add Photo Credit...">Photo: Vincenzo Rando/Getty Images</small>
</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="9">
</div>
</div></p><p><br></p><p>By June 2017, Microsoft, Facebook, Google and Twitter <a href="https://gifct.org/about/story/" rel="noopener noreferrer" target="_blank">emerged with</a> a plan to share hashed terrorist images and videos through a new group called the Global Internet Forum to Counter Terrorism, or GIFCT. That group has since grown to include smaller companies, including Snap, Pinterest, Mailchimp and Discord, and is led by Obama's former director of the National Counterterrorism Center, Nick Rasmussen.</p><p>Meanwhile, Google's internal idea lab, Jigsaw, which had been studying radicalization online for years, began running a novel <a href="https://www.wired.com/2016/09/googles-clever-plan-stop-aspiring-isis-recruits/" rel="noopener noreferrer" target="_blank">pilot</a> designed to stop people from getting pulled in by ISIS through search. Working with outside groups, Jigsaw began sponsoring Google search ads in 2016 that would run whenever users searched for terms that risked sending them down an ISIS rabbit hole. Those search ads, inspired by Jigsaw's interviews with actual ISIS defectors, would link to Arabic and English-language YouTube videos that aimed to counter ISIS propaganda. In 2017, even as Google and YouTube worked on ways to remove ISIS content algorithmically, YouTube <a href="https://blog.youtube/news-and-events/bringing-new-redirect-method-features" rel="noopener noreferrer" target="_blank">deployed</a> the Redirect Method to searches inside its own platform to help counter propaganda its automated filters had not yet found. </p><p>Facebook, meanwhile, hired an expert on jihadi terrorism, Brian Fishman, to head up Facebook's work on counterterrorism and dangerous organizations in April 2016. At the time, the list of dangerous organizations consisted mainly of foreign terrorist organizations, as well as well-known hate groups like the Ku Klux Klan and the neo-Nazi group Blood & Honour. These organizations were banned from the platform, as was any praise of those groups. But Fishman's hiring was a clear signal that cracking down on ISIS and al-Qaeda had become a priority for Facebook.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="10">
</div>
</div></p><p class="pull-quote">There was a constant drumbeat of questions: What are you doing about ISIS? What are you doing about ISIS?</p><p>After Fishman began, Facebook started using an approach similar to what the intelligence community would use to go after ISIS, relying not just on user reports and automated takedowns of known terrorist content, but using artificial intelligence as well as off-platform information to chase down whole networks of accounts.</p><p>ISIS's overt and corporate branding gave tech platforms a clear focal point to start with. "Some groups like the ISISes of the world and the al-Qaedas of the world are very focused on protecting their brand," Fishman said. "They retain tight control over the release of information." ISIS had media outlets, television stations, slogans and soundtracks. That meant platforms could begin sniffing out accounts that used that common branding without having to look exclusively at the content itself. </p><p>"I look back on that threat, and I recognize now in hindsight there were attributes of it that made it easier to go after than the types of domestic terrorism and extremism we're grappling with today," said Yasmin Green, director of research and development at Google's Jigsaw. "There was one organization, basically, and you had to make public your allegiance to it. Obviously, all of those things made it possible for law enforcement and the platforms to model and pursue it."</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="11">
</div>
</div></p><p><br></p><p class="shortcode-media shortcode-media-rebelmouse-image">
<a href="https://media.gettyimages.com/photos/yasmin-green-director-of-research-and-development-jigsaw-speaks-the-picture-id1210644850?b=1&k=6&m=1210644850&s=170x170&h=5xo3EZLexgMsab0xvC7TRT-pyfxqqtWDSityLtoUvx8=" target="_blank"><img type="lazy-image" data-runner-src="/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNTc0ODU4Ny9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTY2NjkxOTA0NH0.YNluKT1h_v-6kpS9FJexwgvFs1Q77ikBXzV4MndqhNo/image.jpg?width=980" id="99442" class="rm-shortcode" data-rm-shortcode-id="9448e621190bd34309d2730d21d23cdf" data-rm-shortcode-name="rebelmouse-image"></a>
<small class="image-media media-caption" placeholder="Add Photo Caption...">Jigsaw's Yasmin Green has recently focused her violent extremism research on white supremacists and conspiracy theorists.</small>
<small class="image-media media-photo-credit" placeholder="Add Photo Credit...">Photo: Craig Barritt/Getty Images</small>
</p><p><br></p><p>Around that time, Twitter also began investing in monitoring what Pickles calls "behavioral signals," not just tweets. "If you focus on behavioral signals, you can take action before they distribute content," Pickles said. "The switch to behavior meant that we could take action much faster at a much greater scale, rather than waiting."</p><p>The development of automated filters across the industry was almost stunningly successful. Within a year, Facebook, Twitter and YouTube went from manually removing foreign terrorist content that had been reported by users to automatically taking down the vast majority of foreign terrorists' posts before anyone flags them. Today, according to Facebook's transparency reports, 99.8% of terrorist content is <a href="https://transparency.facebook.com/community-standards-enforcement#dangerous-organizations" rel="noopener noreferrer" target="_blank">removed</a> before a single person has even reported it.</p><p>"If you actually look a bit farther back, you understand just how much has moved in this arena," Green said. "That always makes me feel a little bit optimistic." </p><h2>The domestic dilemma
</h2><p>It didn't hurt that both the United States and the United Nations keep lists of designated international terrorist organizations. To the "rooms full of lawyers" that help make these decisions, that kept things clean; use those lists as a guide and level a hammer on any organizations on them, and tech executives could be fairly confident they wouldn't face much second-guessing from the powers that be. "If a terrorist group is put on a watch list or terrorist list or viewed by the international community, by the UN, as a terrorist group, then that gives Facebook everything they need to have a very strong policy," said Yael Eisenstat, a former CIA officer who led election integrity efforts for Facebook's political ads in 2018. </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="11">
</div>
</div></p><p>The same can't be said for domestic extremists. In the United States, there's not an analogous list of domestic terrorist organizations for companies to work from. That doesn't mean acts of domestic terrorism go unpunished. It just means that people are prosecuted for the underlying crimes they commit, not for being part of a domestic terrorist organization. That also means that individual extremists who commit the crimes are the ones who face the punishment, not the groups they represent. "You have to have a violent crime committed in pursuit of an ideology," former FBI Acting Director Andrew McCabe said in a recent <a href="https://podcasts.apple.com/gb/podcast/dhs-warning-domestic-violent-extremists/id498897343?i=1000507279942" rel="noopener noreferrer" target="_blank">podcast</a>. "We hesitate to call domestic terrorists 'terrorists' until after something has happened." </p><p class="pull-quote">Nobody's going to have a hearing if a platform takes down 1,000 ISIS accounts. But they might have a hearing if you take down 1,000 QAnon accounts.</p><p>This gap in the legal system means tech companies write their own rules around what sorts of objectionable ideologies and groups ought to be forbidden on their platforms and often only take action once the risk of violence is imminent. "If something was illegal it was going to be handled. If something was not, then it became a political conversation," Eisenstat said of her time at Facebook.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="11">
</div>
</div></p><p>Even in the best of times, it's an uncomfortable balancing act for companies that purport to prioritize free speech above all else. But it's particularly fraught when the person condoning or even espousing extremist views is the president of the United States. "Nobody's going to have a hearing if a platform takes down 1,000 ISIS accounts. But they might have a hearing if you take down 1,000 QAnon accounts," said Wexler, who worked in policy communications for Facebook, Google and Twitter during the Trump administration.</p><p>There never was a Madison Valleywood moment in the U.S. related to the <a href="https://www.newsweek.com/hate-crimes-under-trump-surged-nearly-20-percent-says-fbi-report-1547870" rel="noopener noreferrer" target="_blank">rising hate crimes</a> and domestic extremist events that marked the Trump presidency. Not after Charlottesville. Not after Pittsburgh. Not after El Paso. The former president <em>did</em> have what might be construed as the opposite of a Madison Valleywood moment when he held an event at the White House in 2019 where <a href="https://www.washingtonpost.com/technology/2019/07/11/who-was-who-trumps-social-media-summit/" rel="noopener noreferrer" target="_blank">far-right conspiracy theorists and provocateurs</a> discussed social media censorship. But this time, Facebook, Google and Twitter weren't invited.</p><p><br></p><p class="shortcode-media shortcode-media-rebelmouse-image">
<a href="https://media.gettyimages.com/photos/poster-with-a-tweet-is-seen-as-president-donald-j-trump-participates-picture-id1155382518?b=1&k=6&m=1155382518&s=170x170&h=rssm82D_89TYJJFr8l77T0pLrAOoN70cMvhW2p3Eqoo=" target="_blank"><img type="lazy-image" data-runner-src="/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNTc0NzQ0MC9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTYzMzkyMzA5OX0.WyLHy4C-a0IV0S0HwMaQ75yknPytWxqbU1wG7ZR9Ygs/image.jpg?width=980" id="b9709" class="rm-shortcode" data-rm-shortcode-id="aea6abb03061310945c5554c829dada0" data-rm-shortcode-name="rebelmouse-image"></a>
<small class="image-media media-caption" placeholder="Add Photo Caption...">President Trump's Social Media Summit in 2019 focused on alleged social media censorship of conservatives. </small>
<small class="image-media media-photo-credit" placeholder="Add Photo Credit...">Photo: Jabin Botsford/Getty Images</small>
</p><p><br></p><p>"Platforms write their own rules, but governments signal which types of content they find objectionable, creating a permission structure for the companies to step up enforcement," Wexler said. "President Trump's comments after Charlottesville and his tacit support of the Proud Boys sent a deliberate message to tech companies: If you crack down on white nationalists' accounts, we'll accuse you of political bias and make your CEOs testify before Congress."</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="11">
</div>
</div></p><p>During the Trump years, tech companies repeatedly courted favor with the president and his party. In 2019, Google CEO Sundar Pichai met <a href="https://www.cnbc.com/2019/03/27/trump-met-with-google-ceo-sundar-pichai-on-political-fairness-china.html" rel="noopener noreferrer" target="_blank">directly</a> with Trump to discuss what Trump later characterized as "political fairness." Internally, Google employees <a href="https://www.nbcnews.com/news/us-news/current-ex-employees-allege-google-drastically-rolled-back-diversity-inclusion-n1206181" rel="noopener noreferrer" target="_blank">told</a> NBC News that the company had rolled back diversity training programs because the company "doesn't want to be seen as anti-conservative." (Google denied the accusation to NBC.) On Election Day in 2020, YouTube allowed the Trump campaign to book an ad on its <a href="https://www.businessinsider.com/trump-2020-campaign-spends-big-on-youtube-biden-facebook-2020-11?amp" rel="noopener noreferrer" target="_blank">凯发k8官网下载手机版homepage</a> for the entire day, and it was the only <a href="https://stacks.stanford.edu/file/druid:tr171zs0069/EIP-Final-Report-v2.pdf" rel="noopener noreferrer" target="_blank">one of the top three social platforms</a> that had no explicit policy regarding attempts to delegitimize the election results. After the election, <a href="https://www.theverge.com/2020/11/4/21550180/youtube-oann-video-election-trump-misinformation-voting-final-results-facebook-twitter" rel="noopener noreferrer" target="_blank">videos</a> claiming Trump won went viral, but YouTube only began <a href="https://blog.youtube/news-and-events/supporting-the-2020-us-election/" rel="noopener noreferrer" target="_blank">removing</a> widespread allegations of fraud and errors on Dec. 9.</p><p>Google and YouTube declined to make any executives available for comment. In a statement, YouTube spokesperson Farshad Shadloo said: "Our Community Guidelines prohibit hate speech, gratuitous violence, incitement to violence, and other forms of intimidation. Content that promotes terrorism or violent extremism does not have a 凯发k8官网下载手机版home on YouTube." Shadloo said YouTube's policies focus on content violations and not speakers or groups, unless those speakers or groups are included on a government foreign terrorist organization list.</p><p>At times, tech giants bent their own policies or adopted entirely new ones to accommodate President Trump and his most conspiratorial supporters on the far right. In January 2018, Twitter, for one, published its "world leaders <a href="https://blog.twitter.com/en_us/topics/company/2018/world-leaders-and-twitter.html" rel="noopener noreferrer" target="_blank">policy</a>" for the first time, seemingly seeking to explain why President Trump wasn't punished for threatening violence when he tweeted that his nuclear button was "much bigger & more powerful" than Kim Jong Un's. Later that year, after Facebook, Apple and YouTube all <a href="https://www.vox.com/2018/8/6/17655658/alex-jones-facebook-youtube-conspiracy-theories" rel="noopener noreferrer" target="_blank">shut down</a> accounts and pages linked to Infowars' Alex Jones, Twitter CEO Jack Dorsey booked an interview with conservative kingmaker Sean Hannity, where he <a href="https://time.com/5361874/twitter-jack-dorsey-alex-jones-sean-hannity/" rel="noopener noreferrer" target="_blank">defended</a> Twitter's decision not to do the same. Just a few weeks later, the company would <a href="https://www.wired.com/story/twitter-bans-alex-jones-infowars/" rel="noopener noreferrer" target="_blank">reverse course</a> after Jones livestreamed a tirade against a CNN reporter on Twitter — while standing outside of Dorsey's own congressional hearing. </p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="11">
</div>
</div></p><p><br></p><p class="shortcode-media shortcode-media-rebelmouse-image">
<a href="https://media.gettyimages.com/photos/alex-jones-of-infowars-background-attends-a-senate-intelligence-in-picture-id1027224386?b=1&k=6&m=1027224386&s=170x170&h=1IyYVN-U74jheta0t0kJbu0S6ik1HK0i2o6F2l_FBW8=" target="_blank"><img type="lazy-image" data-runner-src="/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNTc0NzQ2MS9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTY1MDE2MzI2M30.Fn3bmuFCgNa8RHs9FbhpYRL79TFy0csfebnUMhCdv4E/image.jpg?width=980" id="03c68" class="rm-shortcode" data-rm-shortcode-id="2713b8f837f7dd9f37a2f330f1cb7184" data-rm-shortcode-name="rebelmouse-image"></a>
<small class="image-media media-caption" placeholder="Add Photo Caption...">Twitter defended its decision not to remove accounts tied to InfoWars Alex Jones. Weeks later, Twitter reversed that decision, following CEO Jack Dorsey's testimony before Congress in September of 2018.</small>
<small class="image-media media-photo-credit" placeholder="Add Photo Credit...">Photo: Tom Williams/CQ Roll Call</small>
</p><p><br></p><p>Jones was a lightning rod for Facebook, too. As BuzzFeed recently <a href="https://www.buzzfeednews.com/article/ryanmac/mark-zuckerberg-joel-kaplan-facebook-alex-jones?ref=bfnsplash&utm_term=4ldqpho" rel="noopener noreferrer" target="_blank">reported</a>, Facebook decided in 2019 to do more than just ban Jones' pages. The company wanted to designate him as a dangerous individual, a label that also ordinarily forbids other Facebook users from praising or expressing support for those individuals. But according to BuzzFeed, Facebook altered its own rules at Zuckerberg's behest, creating a third lane for Jones that would allow his supporters' accounts to go untouched. And when President Trump threatened to shoot looters in the aftermath of George Floyd's killing, Facebook staffers <a href="https://www.washingtonpost.com/technology/2020/06/28/facebook-zuckerberg-trump-hate/" rel="noopener noreferrer" target="_blank">reportedly</a> called the White House themselves, urging the president to delete or tweak his post. When he didn't, Zuckerberg <a href="https://www.vox.com/recode/2020/6/3/21279434/mark-zuckerberg-meeting-facebook-employees-transcript-trump-looting-shooting-post" rel="noopener noreferrer" target="_blank">told</a> his staff the post didn't violate Facebook's policies against incitement to violence anyway.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="12">
</div>
</div></p><p>"I would argue the looter-shooter post was more violating than [the post] on Jan. 6," Eisenstat said, referring to the Facebook video that ended up getting the former president kicked off of Facebook indefinitely in his last weeks in office. In the video, Trump told the Capitol rioters he loved them and that they were very special, while repeating baseless claims of election fraud. </p><p>For Facebook at least, this instinct to accommodate the party in power wasn't unique to the U.S., said tech entrepreneur Shahed Amanullah, who worked with Facebook on a series of global hackathons through his company, Affinis Labs. The goal of the hackathons, Amanullah said, was to fight all forms of hate and extremism online, and the events had been successful in countries like Indonesia and the Philippines. But when he brought the program to India, Amanullah said he received pressure from Facebook India's policy team to focus the event specifically on terrorism coming out of the majority-Muslim region of Kashmir. </p><p>The woman leading Facebook India's policy team at the time, Ankhi Das, was a vocal supporter of Indian Prime Minister Narendra Modi, and, <a href="https://www.wsj.com/articles/facebook-hate-speech-india-politics-muslim-hindu-modi-zuckerberg-11597423346" rel="noopener noreferrer" target="_blank">according</a> to The Wall Street Journal, had a pattern of allowing anti-Muslim hate speech to go unchecked on the platform. "I said there's no way I'm ever going to accept a directive like that," Amanullah recalled. </p><p>Though he was supposed to run seven more hackathons in the country, Amanullah cut ties. "That was the last time we ever worked with Facebook," he said. </p><p>A Facebook spokesperson told Protocol, "We've found nothing to suggest this is true. We've looked into it on our end, spoken to people who were present at the hackathon and have no reason to believe that anyone was pressured to shift the focus of the hack." Das did not respond to Protocol's request for comment.</p><p>To Amanullah, the experience working with Facebook in India signaled that the company was giving in to the Indian government and giving Islamist extremism an inordinate amount of attention compared to other threats. "If you want to talk about hate," he said, "you have to talk about all kinds of hate."</p><h2>The reckoning
</h2><p>Looking back in the wake of the Capitol riot, it's easy to view Charlottesville as a warning shot that went unheard, or at least insufficiently answered, by tech giants. And in many ways it was. But inside, things were also changing, albeit far more slowly than almost anyone believes they should have.</p><p>For Fishman, who had focused almost entirely on jihadism on Facebook until that point, the Unite the Right rally was a turning point. "Charlottesville was a moment when extremist groups on the American far right clearly were trying to overcome the historical fractioning of that movement and express themselves in more powerful ways," he said. "It absolutely was something we tracked and realized we needed to invest more resources into."</p><p><br></p><p class="shortcode-media shortcode-media-rebelmouse-image">
<a href="https://media.gettyimages.com/photos/neo-nazis-altright-and-white-supremacists-take-part-a-the-night-the-picture-id830696202?b=1&k=6&m=830696202&s=170x170&h=kiBAUb9a6_lE_STxphpsjj0HB7qMFyB3Iay26r5ShpA=" target="_blank"><img type="lazy-image" data-runner-src="/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNTc0ODM3MC9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTY3Mjg2OTAwMH0.uoccdzJpkOcTc1C4mEWPtfwkCRre2qhqmxF5q-2w01o/image.jpg?width=980" id="cc7be" class="rm-shortcode" data-rm-shortcode-id="b6f571c0d913a60ee8ccb11d9b0eb1f3" data-rm-shortcode-name="rebelmouse-image"></a>
<small class="image-media media-caption" placeholder="Add Photo Caption...">The Unite the Right rally in Charlottesville, which had been planned on Facebook, left three dead and dozens injured.</small>
<small class="image-media media-photo-credit" placeholder="Add Photo Credit...">Photo: Zach D Roberts/Getty Images</small>
</p><p><br></p><p>Immediately after the rally, Facebook <a href="https://twitter.com/Kantrowitz/status/897525520178397185?s=20" rel="noopener noreferrer" target="_blank">banned</a> eight far-right and white nationalist pages associated with it. That's in addition to hate groups like the National Socialist Movement, the KKK, The Daily Stormer and Identity Evropa, which were already designated as dangerous organizations and forbidden from the platform long before the rally. A few months later, in 2018, Fishman's team changed names, from the counterterrorism team to the dangerous organizations team, a signal that the company would double down on enforcement against hate groups, too. The team working primarily on violent extremism of all stripes at Facebook eventually grew to 350 people.</p><p>In late 2017, Twitter broadened its policy on violent extremism to prohibit all violent extremist groups, not just designated foreign terrorist organizations. And in 2019, YouTube <a href="https://blog.youtube/news-and-events/continuing-our-work-to-improve" rel="noopener noreferrer" target="_blank">promised</a> it would limit the spread of misinformation by keeping conspiracy theory videos out of recommendations, a promise it's had some <a href="https://www.nytimes.com/interactive/2020/03/02/technology/youtube-conspiracy-theory.html" rel="noopener noreferrer" target="_blank">success</a> in keeping.</p><p>Even so, these companies repeatedly bungled the definition of what constitutes hate and violent extremism. It was, after all, a year after Charlottesville when Zuckerberg boldly <a href="https://www.vox.com/2018/7/18/17575156/mark-zuckerberg-interview-facebook-recode-kara-swisher" rel="noopener noreferrer" target="_blank">defended</a> Facebook's policy of allowing Holocaust denial in an interview with Recode. It wasn't until 2020 that Zuckerberg changed his mind about that, <a href="https://www.facebook.com/zuck/posts/10112455086578451" rel="noopener noreferrer" target="_blank">citing</a> "data showing an increase in anti-Semitic violence." His post never fully acknowledged the role Facebook's earlier policies might have played in stoking that violence.</p><p>There were also legitimate reasons why identifying and removing domestic hate groups in the U.S. was harder than taking down networks of accounts tied to ISIS and al-Qaeda. For one thing, domestic groups and the people associated with them have traditionally been far more diffuse, making it tougher to draw neat lines around them or use clues in their branding to find and remove whole networks. "Groups that are less organized and less structured and don't put out official propaganda in the same sort of way, you have to use a different tool kit in order to get at those kinds of entities," Fishman said. "Chasing the networks becomes even more important than chasing known pieces of content that you can gather using vendors."</p><p>Then, there's the fact that tech companies defined hate in limited ways. Facebook, Twitter and YouTube have all introduced hate speech policies that generally prohibit direct attacks on the basis of specific categories like race or sexual orientation. But what to do with a new conspiracy theory like QAnon that hinges on some imagined belief in a cabal of Satan-worshipping Democratic pedophiles? Or a group of self-proclaimed "Western chauvinists" like the Proud Boys cloaking themselves in the illusion that white pride doesn't necessarily require racial animus? Or the #StoptheSteal groups, which were based on a lie, propagated by the former president of the United States, that the election had been stolen? These movements were shot through with hate and violence, but initially, they didn't fit neatly into any of the companies' definitions. And those companies, operating in a fraught political environment, were in turn slow to admit, at least publicly, that their definitions needed to change. </p><p>It's also true that it's philosophically trickier for American companies to ban people who are not faraway terrorists, but other Americans, whom the U.S. government couldn't punish for their beliefs even if it wanted to. For all of the bad-faith concerns about censorship, it's also possible to argue with a straight face that platforms shouldn't have even more power to police speech than Congress has. "I find that to be kind of troubling at a time when so many people are talking about tech platforms having too much power, we look to them to do what governments would be unable to do," said Matt Perault, director of Duke University's Center on Science & Technology Policy and Facebook's former director of public policy. </p><p>All of those considerations complicated tech companies' efforts to respond to domestic threats that could be harmful but haven't yet caused harm. "One of the biggest challenges around designing a policy and enforcement framework in these areas is when you have domestic [actors] who are part of this conversation, who are not promoting violence," Pickles said, after recently <a href="https://www.independent.co.uk/life-style/gadgets-and-tech/twitter-conspiracy-theory-donald-trump-b1790200.html" rel="noopener noreferrer" target="_blank">admitting</a> that Twitter was too slow to act on QAnon. It wasn't until after the Capitol attack that Twitter began <a href="https://blog.twitter.com/en_us/topics/company/2021/protecting--the-conversation-following-the-riots-in-washington--.html" rel="noopener noreferrer" target="_blank">permanently banning</a> accounts for primarily sharing QAnon content.</p><p>It's not always easy to predict which extreme beliefs will turn violent either, said Green, who has spent the last few years focusing on both violent <a href="https://jigsaw.google.com/the-current/white-supremacy/countermeasures/" rel="noopener noreferrer" target="_blank">white supremacists</a> and conspiracy theorists at Jigsaw. In late 2019, Green traveled to Tennessee and Alabama to meet with people who believe in a range of conspiracy theories, from flat earthers to Sandy Hook deniers. "I went into the field with a strong hypothesis that I know which conspiracy theories are violent and which aren't," Green said. But the research surprised her, as some conspiracy theorists she believed to be innocuous, like flat earthers, were far more militant followers than the ones she considered violent, like people who believed in white genocide. </p><p>"We spoke to flat earthers who could tell you which NASA scientists are propagating a world view and what they would do to them if they could," Green said.</p><p>Even more challenging: Of the 77 conspiracy theorists Green's team interviewed, there wasn't a single person who believed in only one conspiracy. That makes mapping out the scope of the threat much more complex than fixating on a single group.</p><p>The runup to the 2020 election did accelerate some of this work, in part because the real-world threat was accelerating, too. After extremists associated with the far right, anti-government boogaloo movement <a href="https://www.latimes.com/california/story/2020-06-17/far-right-boogaloo-boys-linked-to-killing-of-california-lawmen-other-violence" rel="noopener noreferrer" target="_blank">carried</a> out a series of killings in 2020, Facebook <a href="https://about.fb.com/news/2020/06/banning-a-violent-network-in-the-us/" rel="noopener noreferrer" target="_blank">designated</a> the boogaloos as a dangerous organization in June. "We saw something that we thought looked like a real network, a real entity, not just a bunch of guys using shared imagery in order to project frustration at the government," Fishman said.</p><p class="pull-quote">The reason we put policies [in place] like those we built over 2020 was because of concern about something like Jan. 6.</p><p>As the blurred lines between militia groups and conspiracy theorists became obvious throughout summer 2020, Facebook also <a href="https://about.fb.com/news/2020/08/addressing-movements-and-organizations-tied-to-violence/" rel="noopener noreferrer" target="_blank">barred</a> hundreds of militarized groups like the Oath Keepers. And, after initially attempting to merely limit the spread of QAnon, it wound up banning all accounts, pages and groups "representing QAnon" in October and launching its own version of the Redirect Method to point people searching QAnon-related terms toward more credible sources. Meanwhile, Facebook's automated filters against hate speech also made significant strides, with the company <a href="/covid-facebook-content-moderation" target="_self">removing</a> more than double the amount of hate speech in the second quarter of 2020 as it did in the first.</p><p>YouTube <a href="https://www.washingtonpost.com/technology/2020/10/15/youtube-qanon-crackdown/" rel="noopener noreferrer" target="_blank">cracked down</a> on QAnon too, prohibiting "content that targets an individual or group with conspiracy theories that have been used to justify real-world violence." And it kicked out white supremacists like <a href="https://techcrunch.com/2020/06/29/youtube-ban-stefan-molyneux-david-duke-white-nationalism/" rel="noopener noreferrer" target="_blank">David Duke and Richard Spencer</a>, who had managed to evade the company's hate speech policies for years. Twitter, in addition to banning the <a href="https://www.thedailybeast.com/twitter-bans-far-right-militia-group-the-oath-keepers" rel="noopener noreferrer" target="_blank">Oath Keepers</a>, began aggressively labeling President Trump's tweets over the summer for glorifying violence and, after the election, for spreading misinformation about voter fraud. Twitter also launched a new policy prohibiting "<a href="https://help.twitter.com/en/rules-and-policies/coordinated-harmful-activity" rel="noopener noreferrer" target="_blank">coordinated harmful activity</a>," in June 2020, a policy that was meant to rope in dangerous mass movements and conspiracy theorists who weren't always explicitly violent. </p><p>Dorsey and Zuckerberg, at least, paid for these decisions in hours spent flagellating themselves before incensed Republicans in Congress. (YouTube CEO Susan Wojcicki has, for the most part, avoided their ire.) But to anyone who was watching closely, it was clear from the frequent announcements and policy changes coming from tech companies that these global behemoths were preparing for an election like they'd seen other countries — countries where there is no such thing as a peaceful transfer of power. "The reason we put policies [in place] like those we built over 2020 was because of concern about something like Jan. 6," Fishman said. </p><h2>What comes next?</h2><p>Then came Jan. 6, and none of those policies were enough. Like the string of ISIS attacks before it, the raid inside the U.S. Capitol showed just how permeable both the country's digital and physical defenses still were against the evolving threat of domestic extremists. "It's not just organizations," Fishman said. "It's not just structured ideologies, even. It includes folks that are haphazard adherents to various conspiracy theories. It extends from people engaged primarily in the political process to folks that are explicitly rejecting political resolution of disputes, and all of that was represented on the mall on Jan. 6."</p><p>Indeed, a recent George Washington University <a href="https://extremism.gwu.edu/sites/g/files/zaxdzs2191/f/This-Is-Our-House.pdf" rel="noopener noreferrer" target="_blank">study</a> found that the majority of rioters who have been charged so far for their involvement had no known ties to domestic violent extremist organizations. They were, instead, what the researchers call "inspired believers."</p><p>"The challenge is now to figure out what you do with all of those different pieces," Fishman said.</p><p class="media-headline"><br></p><p><br></p><p class="shortcode-media shortcode-media-rebelmouse-image">
<a href="https://media.gettyimages.com/photos/trump-supporters-clash-with-police-and-security-forces-as-they-push-picture-id1230455457?b=1&k=6&m=1230455457&s=170x170&h=aXZUKUHmyCSOiRdkxTX3TiTj6f1iS5rjCKoaEKYrVgU=" target="_blank"><img type="lazy-image" data-runner-src="/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNTc0ODkzOS9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTYzOTgxMTA5Mn0.8mtmhIl18Qhp6Km4e7Rgx6H4hmSCymxFYW4Rb86Ytcw/image.jpg?width=980" id="94878" class="rm-shortcode" data-rm-shortcode-id="4ce12a6cc893405f9c93e51429408922" data-rm-shortcode-name="rebelmouse-image"></a>
<small class="image-media media-caption" placeholder="Add Photo Caption...">The Jan. 6 right inside the U.S. Capitol forced a reckoning on Big Tech's approach to domestic extremists.</small>
<small class="image-media media-photo-credit" placeholder="Add Photo Credit...">Photo: Roberto Schmidt/Getty Images</small>
</p><p><br></p><p>It's no coincidence that tech companies' increased willingness to crack down on far-right fringe movements comes as Democrats have taken <a href="/facebook-ban-trump-democrats-power" target="_self">control</a> of both the White House and Congress. The same political pragmatism that stalled efforts to address domestic extremism during the Trump years will undoubtedly animate efforts to fight domestic extremism in the Biden years. But having government officials in place who actually recognize domestic extremism as a threat and prioritize it could help Big Tech's efforts, too. "Insight from government about what's happening off of Twitter is a really important part of making sure our policies keep pace with what's happening," Pickles said.<br></p><p>That doesn't mean tech companies will march in lockstep with the Biden administration when it comes to identifying domestic extremists — or that they should. After all, the United States has a long and checkered history of casting civil rights leaders as domestic extremists and using that to justify all manner of surveillance and violence. Just last year, President Trump traveled to Kenosha, Wisconsin, and <a href="https://apnews.com/article/4a58a15c9955bb6312c1fbe42215110d" target="_blank">accused</a> Black Lives Matter protesters of being domestic terrorists, too.</p><p>"I think the government has a really important role in helping educate civil society, including industry. And there are things the government can do and validate that we don't know," Fishman said. "But there are reasons Facebook designates organizations under our dangerous organizations policy ourselves."</p><p>As the Department of 凯发k8官网下载手机版homeland Security and other agencies issue warnings about domestic violent extremism, Fishman said it will be critical for those agencies to share more context about those threats so platforms can make informed decisions. "Show us the footnotes," he said. "This is going to be one of the things that I think the government needs to do more of."</p><p>Of course, there's a lot the industry could do more of too. For one thing, critics like Farid say it needs to acknowledge and take responsibility for the way its algorithms often amplify violent extremism through recommendations. "Why are they so good at targeting you with content that's consistent with your prior engagement, but somehow when it comes to harm, they become bumbling idiots?" asked Farid, who remains dubious of Big Tech's efforts to control violent extremists. "You can't have it both ways."</p><p>Facebook, for one, recently <a href="https://www.wsj.com/articles/facebook-knew-calls-for-violence-plagued-groups-now-plans-overhaul-11612131374" rel="noopener noreferrer" target="_blank">said</a> it would stop recommending political and civic groups to its users, after reportedly <a href="https://www.wsj.com/articles/facebook-knew-calls-for-violence-plagued-groups-now-plans-overhaul-11612131374" rel="noopener noreferrer" target="_blank">finding</a> that the vast majority of them included hate, misinformation or calls to violence leading up to the 2020 election. Facebook is also now experimenting with <a href="https://about.fb.com/news/2021/02/reducing-political-content-in-news-feed/" rel="noopener noreferrer" target="_blank">limiting</a> the amount of political content in some users' news feeds.</p><p>"I do think things are trending up," said Greer, whose work at the Anti-Defamation League involves pushing companies on issues of violent extremism. "There are a lot of people working to solve these challenges. We are making some headway."</p><p>But more cross-industry collaboration on this front is crucial, particularly as violent extremists move from the big three platforms to smaller sites with less formidable defenses. Today, the GIFCT database includes roughly 300,000 unique hashed images and videos that all of its members can tap into. But the majority of those images and videos are tied to organizations on the United Nations' designated entities list, which includes almost entirely Islamist extremists. </p><p>Last month, the organization's executive director, Nick Rasmussen, acknowledged this shortcoming in a letter to the GIFCT community, asking for concrete proposals for expanding the hash database. "While GIFCT member companies are able to tag or 'hash' content associated with U.N.-designated terrorist groups like ISIS and Al-Qaeda, GIFCT does not currently have a framework in place for responding to terrorist and violent extremist content from all parts of the ideological spectrum, representing a critical gap in our collective efforts to prevent terrorists and violent extremists from exploiting digital platforms," Rasmussen wrote. The organization recently brought on Erin Saltman, a leading expert in far-right extremism and Facebook's former head of the dangerous organizations team in Europe, Africa and the Middle East, to be its director of programming.</p><p>Tackling this problem will require tech companies to take a broader view of what constitutes harm, looking not just at violent threats, but other common language that links violent movements. In her research on conspiracy theorists, Green said one commonality she's found that separates passive adherents to violent ones is their sense of urgency. She cited the Pittsburgh synagogue shooter's final post, which <a href="https://abcnews.go.com/US/pittsburgh-synagogue-alleged-mass-shooter-told-swat-officers/story?id=58803485" rel="noopener noreferrer" target="_blank">read</a>, "Screw the optics. I'm going in," as evidence. "He felt that it was so urgent," Green said. "Same with Pizzagate. Same with QAnon. Same with Stop the Steal. That's why that conspiracy theory turned violent. It wasn't just the very large scale threat of an election being stolen, but also that you have to go now and take back your rights."</p><p>On March 25, Zuckerberg, Dorsey and Pichai will testify before Congress for the first time since the Capitol attack. The three men will undoubtedly come armed with talking points about how their policies have evolved and how they're committed to doing better. But that conversation will likely only be the first of many as the threat from violent extremists here in the U.S. continues to grow.</p><p>"This isn't over," Fishman said of the aftermath of Jan. 6. "This is going to be with us for a long time."</p>
Keep Reading
Show less
Issie Lapowsky (@issielapowsky) is a senior reporter at Protocol, covering the intersection of technology, politics, and national affairs. Previously, she was a senior writer at Wired, where she covered the 2016 election and the Facebook beat in its aftermath. Prior to that, Issie worked as a staff writer for Inc. magazine, writing about small business and entrepreneurship. She has also worked as an on-air contributor for CBS News and taught a graduate-level course at New York University’s Center for Publishing on how tech giants have affected publishing. Email Issie.
The New Enterprise
Nine companies that could define the future of enterprise software
From streamlining software development to changing the way companies communicate, here are the software trends headed to your offices in the coming years.
A bunch of enterprise software companies want companies to do things a little differently.
Image: Protocol
December 4, 2020
Hirsh Chitkara (@ChitkaraHirsh) is a researcher at Protocol, based out of New York City. Before joining Protocol, he worked for Business Insider Intelligence, where he wrote about Big Tech, telecoms, workplace privacy, smart cities, and geopolitics. He also worked on the Strategy & Analytics team at the Cleveland Indians.
December 3, 2020
Software may have eaten the world, but the world has changed — and a new wave of enterprise software has an appetite.
Heading into 2021, the enterprise software industry has a wealth of opportunity before it, not least as a result of COVID-19. As companies raced to make better use of cloud computing, their needs shifted: They now need to build, deploy and monitor software in wholly new ways. At the same time, companies are also using digital systems more than ever — whether that's for customer engagement, internal communication, staff training or something else entirely. And on top of all that is the natural march of technological progress as technologies like AI and VR mature and finally become usable in the workplace (or 凯发k8官网下载手机版home office).
<p>Of course, there's no denying the influence of Big Tech on the enterprise software landscape: The tech giants accounted for 58% of global cloud infrastructure services spend as of Q3 2020, <a href="https://www.canalys.com/newsroom/worldwide-cloud-market-q320#:~:text=Cloud%20infrastructure%20services%20spend%20in,2019%20according%20to%20Canalys%20data." rel="noopener noreferrer" target="_blank">according to Canalys</a>, while Microsoft 365 and G Suite together <a href="https://www.ciodive.com/news/Google-Microsoft-Office-collaboration/571740/" rel="noopener noreferrer" target="_blank">account</a> for virtually the entire enterprise productivity suite market.</p><p><div class="ad-tag"><div class="ad-place-holder" data-pos="1">
</div>
</div></p><p>But to better understand the future of enterprise software, it makes more sense to look at the smaller companies that are innovating their way to success with powerful, focused products. These are the kinds of companies that will inspire new ideas inside Big Tech, be acquired by it or — if things go very well — forge whole new sectors for themselves.</p><p>Protocol surveyed the enterprise software landscape to find some of the most interesting companies hoping to define the future of enterprise computing. They're not all obvious choices — one, Discord, has no immediate plans to enter the enterprise market; another company, OpenAI, was founded as a research nonprofit — but they could all go on to have an outsized influence on the future of enterprise software.</p><h2>Snowflake</h2><ul class="ee-ul"><li><strong>What it does: </strong>Snowflake pioneered cloud-based data warehousing, a specialized form of database that acts as a central repository for internal data sources. Compared to data lakes (another popular enterprise database type, also <a href="https://www.snowflake.com/workloads/data-lake/" rel="noopener noreferrer" target="_blank">offered</a> by Snowflake), data warehouses are more <a href="https://aws.amazon.com/big-data/datalakes-and-analytics/what-is-a-data-lake/" rel="noopener noreferrer" target="_blank">structured</a>, allowing for faster, more responsive SQL queries. </li><li><strong>Why it matters: </strong>Making an SQL query is often a first step for business analysis using tools such as Tableau, R and even Excel. So data warehouses could serve as the foundation for enterprises to build out their data analysis capabilities, to better anticipate demand, price products more effectively and analyze customer behavior. In April, Snowflake CEO Frank Slootman <a href="/snowflake-cloud-investment-salesforce" target="_self">told</a> Protocol that the pandemic has catalyzed demand in data services: "When things get dislocated like this, the need for data and analytics becomes much more pronounced." </li><li><strong>How it's doing:</strong> Snowflake managed to <a href="/bulletins/pop-alert-snowflake-starts-trading" target="_self">raise</a> nearly $3.4 billion through its <a href="/bulletins/pop-alert-snowflake-starts-trading" target="_self">IPO</a> in September, adding to the $1.4 billion it had <a href="/snowflake-ipo" target="_self">raised</a> from 2016 onward. For all the investor confidence, though, Snowflake's data warehouse offering <a href="https://www.g2.com/products/snowflake/competitors/alternatives" rel="noopener noreferrer" target="_blank">competes</a> in a crowded sector against Amazon Redshift, Google BigQuery, Cloudera, Databricks and IBM Db2. (Amazon also happens to be Snowflake's primary cloud provider: Snowflake <a href="https://www.cnbc.com/2020/09/16/snowflakes-ties-to-amazon-are-a-risk-as-investors-prepare-for-ipo.html" rel="noopener noreferrer" target="_blank">committed</a> to spending at least $1.2 billion on AWS services over the next 5 years.)</li></ul><div></div><h2>HashiCorp</h2><ul class="ee-ul"><li><strong>What it does:</strong> HashiCorp's managed services help software developers test, provision and deploy software on cloud services. Terraform, one of its most popular tools, <a href="https://www.ibm.com/cloud/learn/infrastructure-as-code?utm_medium=OSocial&utm_source=Youtube&utm_content=000023UA&utm_term=10010608&utm_id=YTDescription-101-Terraform-Explained-LH-Infrastructure-as-Code&cm_mmc=OSocial_Youtube-_-Cloud+and+Data+Platform_Cloud+Platform+Digital-_-WW_WW-_-YTDescription-101-Terraform-Explained-LH-Infrastructure-as-Code&cm_mmca1=000023UA&cm_mmca2=10010608" rel="noopener noreferrer" target="_blank">allows</a> developers to set up public cloud infrastructure, add security features and automatically adjust capacity based on demand.</li><li><strong>Why it matters: </strong>HashiCorp's services can help enterprises adopt a multicloud approach, which reduces reliance on any one public cloud provider. Most of HashiCorp's core services are open source, though it sells them as managed services with additional features. For now, this model appears to be giving HashiCorp's customers the best of both worlds: Managed services tend to be more user-friendly, while open source tools offer more flexibility. (In fact, this hybrid model helped popularize the open-source Kubernetes standard, which didn't gain much traction until Google <a href="/google-gives-up-direct-control-knative-open-source-project" target="_self">launched</a> the cloud infrastructure project as managed services.)</li><li><strong>How it's doing:</strong> The San Francisco-based company <a href="/hashicorp-cloud-managed-services#:~:text=HashiCorp%20has%20raised%20%24350%20million,independent%20player%20in%20cloud%20computing" target="_blank">has raised $350 million in funding</a> since its start in 2012, <a href="https://techcrunch.com/2020/03/16/hashicorp-soars-above-5b-valuation-in-new-175m-venture-round/" rel="noopener noreferrer" target="_blank">garnering</a> a $5.1 billion valuation. Like Snowflake, HashiCorp maintains a fraught symbiotic relationship with big cloud providers: HashiCorp's services spur demand for cloud services, but Amazon, Microsoft and Google <a href="/hashicorp-cloud-managed-services" target="_self">operate</a> their own managed services that, to some degree, also compete against those offered by HashiCorp. </li></ul><h2>Twilio</h2><ul class="ee-ul"><li><strong>What it does: </strong>Twilio's APIs allow developers to integrate text-, voice- and video-based communications into their apps. </li><li><strong>Why it matters: </strong>In the near term, Twilio is helping enterprises adapt to the pandemic by shifting customer engagement to digital channels. For example, Alaska Airlines <a href="https://www.fool.com/earnings/call-transcripts/2020/10/27/twilio-twlo-q3-2020-earnings-call-transcript/" rel="noopener noreferrer" target="_blank">expanded</a> its relationship with Twilio to send boarding passes over SMS, reducing agents' potential exposure to the coronavirus. Longer term, Twilio's success will be predicated on its ability to help companies foster more personalized communications, which it can do by integrating customer data tools into its APIs. </li><li><strong>How it's doing:</strong> Twilio's customers already <a href="https://customers.twilio.com/" rel="noopener noreferrer" target="_blank">include</a> big names such as Uber, Lyft, Airbnb, Yelp, DoorDash and Inuit. (When you get a text message saying an Uber arrived, you're benefiting from Twilio's services.) But it's recently prioritized reducing its reliance on a handful of its biggest clients: The company's top 10 customers <a href="https://s21.q4cdn.com/963721274/files/doc_presentations/2019/Q4'19-Earnings-Presentation_Final.pdf" target="_blank">accounted</a> for 31% of total revenue in 2016, but that figure <a href="https://s21.q4cdn.com/963721274/files/doc_financials/2020/q3/Twilio-10Q-3Q20.pdf" rel="noopener noreferrer" target="_blank">declined</a> to 14% of total revenue by 2020. In October 2020, Twilio <a href="/newsletters/cloud/why-did-twilio-pay-3-billion-for-segment-developers?rebelltitem=1#rebelltitem1" target="_self">agreed</a> to acquire Segment — whose API allows enterprises to integrate consumer data sources — for $3.2 billion in stock.</li></ul><h2>Oculus</h2><ul class="ee-ul"><li><strong>What it does: </strong>Oculus makes VR headsets, enterprise VR applications and an enterprise VR platform for third-party developers.</li><li><strong>Why it matters: </strong>It isn't an obvious candidate, given that Facebook <a href="https://about.fb.com/news/2014/03/facebook-to-acquire-oculus/" rel="noopener noreferrer" target="_blank">purchased</a> Oculus in 2014 for $2 billion based on Mark Zuckerberg's thesis that "Oculus has the chance to create the most social platform ever." But it went on to <a href="https://www.oculus.com/blog/introducing-the-new-oculus-for-business/" rel="noopener noreferrer" target="_blank">launch</a> Oculus for Business in April 2019 (primarily focused on VR for training simulations) and in September 2020 chartered a more ambitious course with the <a href="https://www.youtube.com/watch?v=5_bVkbG1ZCo" rel="noopener noreferrer" target="_blank">introduction</a> of Infinite Office, a fully virtual office environment accessible through VR. Infinite Office is definitely ahead of its time (if that time arrives), but the general concept of VR workplace collaboration is already gaining traction for niche use cases.</li><li><strong>How it's doing:</strong> Oculus is the only entity on our list that is part of a Big Tech company, so cash isn't much of a problem: While Facebook has poured ample <a href="/oculus-quest-games" target="_self">resources</a> into growing VR as an entertainment and social platform, it has sensibly also attempted to position VR as an enterprise tool. Companies including <a href="https://www.cnbc.com/2018/10/29/why-f500-companies-use-virtual-reality-to-train-workers-of-the-future.html" rel="noopener noreferrer" target="_blank">Walmart</a> and <a href="https://business.oculus.com/case-studies/hilton/" rel="noopener noreferrer" target="_blank">Hilton</a> have used Oculus headsets to develop training modules, simulating difficult scenarios employees may face (including Walmart's ostensibly unpleasant Black Friday simulation). But there are only so many companies that spend enough on employee training to justify the cost of custom-made VR programs. To spur the development of more accessible enterprise VR applications, Oculus launched a <a href="https://business.oculus.com/isv-program/directory/" rel="noopener noreferrer" target="_blank">developer</a> partnership program that has attracted more than 120 participants. </li></ul><div></div><h2>JFrog</h2><ul class="ee-ul"><li><strong>What it does: </strong>JFrog's end-to-end DevOps platform helps companies manage code repositories, monitor the software development pipeline and eventually deploy applications across hybrid and multicloud environments.</li><li><strong>Why it matters: </strong>JFrog's core value proposition is making it cheaper and faster to develop software, particularly in cloud environments — which tend to increase the complexity of the development process. JFrog's breadth of offering is what's really caught the attention of DepOps types; its Xray product, for instance, can continuously monitor software packages at all stages of development for security vulnerabilities.</li><li><strong>How it's doing:</strong> Co-headquartered in California and Israel, JFrog was <a href="https://investors.jfrog.com/static-files/68ef5254-6e40-4fa0-b751-00be6ddfcdff" rel="noopener noreferrer" target="_blank">founded</a> in 2008 by Fred Simon, Shlomi Ben Haim and Yoav Landman. Over a decade later, JFrog <a href="https://www.bloomberg.com/news/articles/2020-09-15/software-firm-jfrog-s-ipo-is-said-to-raise-509-million?sref=18veDlX6" rel="noopener noreferrer" target="_blank">raised</a> $509 million by going <a href="/jfrog-ipo" target="_self">public</a> in September 2020. Its DevOps <a href="https://investors.jfrog.com/static-files/b61ccdab-300f-4ee0-926b-4ebd63d8f3ea" rel="noopener noreferrer" target="_blank">platform</a> is used by more than 75% of Fortune 100 companies. Right now, JFrog doesn't have any one-to-one competitors, though some of its offerings compete against products from Microsoft-owned GitHub, IBM's Red Hat, VMware and Pivotal Software.</li></ul><h2>OpenAI</h2><ul class="ee-ul"><li><strong>What it does:</strong> OpenAI is a research organization dedicated to advancing artificial general intelligence. It created GPT-3, one of the world's most <a href="https://arxiv.org/abs/2005.14165" rel="noopener noreferrer" target="_blank">advanced</a> language models.</li><li><strong>Why it matters: </strong>OpenAI, along with Google's DeepMind, is at the forefront of attempts to develop an AGI, rather than AI for a specific commercial use case. It's difficult to say right now exactly how the company could transform the future of enterprise — for instance, Microsoft <a href="https://blogs.microsoft.com/blog/2020/09/22/microsoft-teams-up-with-openai-to-exclusively-license-gpt-3-language-model/" rel="noopener noreferrer" target="_blank">aims</a> to commercialize OpenAI's GPT-3 model, which could be <a href="https://www.nytimes.com/2020/11/24/science/artificial-intelligence-ai-gpt3.html" rel="noopener noreferrer" target="_blank">used</a> to improve customer service chatbots, aid with legal research or <a href="https://twitter.com/FaraazNishtar/status/1285934622891667457?s=20" rel="noopener noreferrer" target="_blank">automate</a> aspects of coding — but if it does crack the problem of AGI, business everywhere will be transformed.</li><li><strong>How it's doing: </strong>OpenAI was <a href="https://openai.com/blog/introducing-openai/" rel="noopener noreferrer" target="_blank">founded</a> in 2015 as a nonprofit, with $1 billion in funding from donors including Elon Musk, Peter Thiel, Sam Altman and Reid Hoffman. The group set out to open-source research findings to help <a href="https://openai.com/blog/introducing-openai/" rel="noopener noreferrer" target="_blank">ensure</a> that AI "benefit[s] humanity as a whole" but since then OpenAI has embraced a commercial approach. In 2019, the company <a href="https://openai.com/blog/openai-lp/" rel="noopener noreferrer" target="_blank">shifted to a "capped-profit" model</a>; later that year, Microsoft invested $1 billion in it. And in 2020, OpenAI <a href="https://blogs.microsoft.com/blog/2020/09/22/microsoft-teams-up-with-openai-to-exclusively-license-gpt-3-language-model/" rel="noopener noreferrer" target="_blank">announced</a> that its GPT-3 language model — arguably its largest known accomplishment so far — would be licensed exclusively to Microsoft, though it's still available to the broader public through an API. </li></ul><h2>Scale</h2><ul class="ee-ul"><li><strong>What it does: </strong>Scale uses machine learning and human contractors to label data sets that are then used by its clients to train autonomous systems.</li><li><strong>Why it matters:</strong> Data labeling is one of the most labor-intensive stages of AI development: Data scientists report spending up to 80% of their time aggregating, cleaning and labeling data, <a href="https://cset.georgetown.edu/research/messier-than-oil-assessing-data-advantage-in-military-ai/" rel="noopener noreferrer" target="_blank">according to</a> Georgetown University's Center for Security and Emerging Technology. Scale claims to speed up the overall AI development process by making it faster and cheaper to obtain high-quality training datasets.</li><li><strong>How it's doing:</strong> Scale is only four years old, but its <a href="https://scale.com/customers" rel="noopener noreferrer" target="_blank">client list</a> is impressive: General Motors, Toyota, Airbnb, OpenAI, Otto Motors and the <a href="https://www.defense.gov/Newsroom/Contracts/Contract/Article/2365695/#SCALEAI092920" rel="noopener noreferrer" target="_blank">U.S. military</a> have all relied on it to help develop training data for AIs. Earlier this month, Scale <a href="/bulletins/data-labeling-startup-scale-reaches-3-5-billion-valuation-in-series-d-round" target="_self">announced</a> the close of its Series D funding round through which it raised $155 million at a $3.5 billion valuation, more than triple its previous valuation.</li></ul><h2>Discord</h2><ul class="ee-ul"><li><strong>What it does:</strong> Discord is a consumer chat platform that blends Slack-like public channels with private group messaging, with a focus on voice. </li><li><strong>Why it matters:</strong> Discord isn't an enterprise company, nor has it come forward with plans to become one in the future. But we included it on the list because it has become one of the most innovative consumer chat companies, and many of these innovations will likely be co-opted by enterprise platforms. For instance, in October, Slack <a href="https://slack.com/blog/news/exploring-better-ways-to-work" rel="noopener noreferrer" target="_blank">introduced</a> Lightweight, a riff on Discord's signature always-on audio channels, which makes it easier to drop in and out of calls. And there's always the chance that Discord decides to take the enterprise route itself.</li><li><strong>How it's doing:</strong> Discord was <a href="/discord" target="_self">launched</a> in 2015 as a chat service primarily aimed at gamers. It has since <a href="https://blog.discord.com/your-place-to-talk-a7ffa19b901b" rel="noopener noreferrer" target="_blank">surged</a> in popularity among a wider audience, with 100 million active monthly users as of June 2020. Discord reached a $3.5 billion valuation over the summer, but it hasn't fully developed a monetization model — the company has avoided selling user data or ads, though it added an optional premium subscription tier.</li></ul><h2>Okta</h2><ul class="ee-ul"><li><strong>What it does: </strong>Okta helps enterprises manage user authentication and provides IT teams with dashboards that make it easier to control user access and understand how internal applications are being used. It has also layered new services onto its core product, including consumer identity authentication. </li><li><strong>Why it matters:</strong> User authentication services help enterprises manage proliferating software portfolios: Enterprises on Okta's access management service <a href="https://www.okta.com/businesses-at-work/2020/" rel="noopener noreferrer" target="_blank">used</a> an average of 88 applications, while 10% of the customer base used over 200 applications — and that trend shows no signs of slowing. The need for user authentication has also grown as companies shift to remote work: Workers seek the flexibility that comes with being able to securely access enterprise software across multiple devices, including personal phones and tablets. </li><li><strong>How it's doing:</strong> Okta was founded in 2009 and went public in 2017. It has benefited significantly from the pandemic-induced shift to remote work, with usage of its core multi-factor authentication service nearly <a href="https://www.bloomberg.com/news/articles/2020-08-28/okta-s-bodybuilder-ceo-becomes-billionaire-on-remote-work-boom" rel="noopener noreferrer" target="_blank">tripling</a> year-over-year in Q2 2020. Okta has focused on expanding its partnership ecosystem and deepening integrations to remain a step ahead of the competition.</li></ul>
From Your Site Articles
- Move fast, break nothing: Why investors like JFrog's approach to ... ›
- Datadog's CEO: Software will only get more complex - Protocol ›
- How companies track remote workers at 凯发k8官网下载手机版home. And should they ... ›
- Tom Siebel takes a victory lap after C3.ai’s blockbuster debut on Wall Street - Protocol ›
- How Databricks plans to take on Snowflake and Google and score a huge IPO - Protocol ›
- Datadog’s CEO: Software will only get more complex - Protocol ›
- Fault-finding, not firefighting: Why observability is the new monitoring - Protocol ›
- Databricks plans to take on Snowflake and Google and score a huge IPO - Protocol ›
- Twilio CEO Jeff Lawson explains how he decided to face off with Parler - Protocol — The people, power and politics of tech ›
- Biden's plans for federal IT modernization - Protocol — The people, power and politics of tech ›
- Workato helps streamline and automate workflow apps - Protocol — The people, power and politics of tech ›
Keep Reading
Show less
Hirsh Chitkara (@ChitkaraHirsh) is a researcher at Protocol, based out of New York City. Before joining Protocol, he worked for Business Insider Intelligence, where he wrote about Big Tech, telecoms, workplace privacy, smart cities, and geopolitics. He also worked on the Strategy & Analytics team at the Cleveland Indians.
Latest Stories
See more
Most Popular
Bulletins
Get Source Code in your inbox
David Pierce's daily analysis of the tech news that matters.