Archive for April, 2020

Scumbag Patent Troll Tries To Shake Down Wikimedia Via A Bogus Predictive Text Patent And Gets An Unexpected Response

Posted in Commentary with tags on April 30, 2020 by itnerd

Patent trolls are the lowest form of life on Earth and in my opinion should be eradicated from the planet. Here is example of why I feel that way. TechDirt is reporting on a patent troll named WordLogic who claims to own the rights to a patent related to predictive text writing, and their attempt to go after the Wikimedia Foundation. That’s the group responsible for Wikipedia. Here’s what happened next:

Its latest target… was not wise. WordLogic sent a shakedown threat letter over the same patent to Wikimedia Foundation. The letter itself is fascinating as a perfect example of how patent troll shakedown normally works. It starts out with grand claims about WordLogic’s patents, and insists that Wikipedia infringes on one specific claim (#19 in the ‘124 patent), but then says “likely other claims in the WordLogic patents.” That sort of vagueness is pretty typical of trollish thuggery. The threat letter blusters about how the company is a “global leader” in the field — which is laughable given that the company appears to have made literally zero revenue for the last two years that it disclosed its income statements publicly.

And:

In the end, the letter demands… $30,000. This kind of fee is typical of patent trolls, because they know damn well that litigating this (even to an easy victory) will cost Wikipedia significantly more than $30,000. Thus, the economical choice is to just pay up and move on. 

Wikimedia Foundation shot back, and rightly so:

Wikipedia, correctly, is not one to give in to such trollish bullying. It turned around and went to court asking for declaratory judgment that it does not infringe on the patents that WordLogic was waving around. Wikimedia notes that (1) WordLogic’s patents are invalid due to prior art, (2) that they are invalid for not covering patentable subject matter, and (3) that anyway, it doesn’t even infringe on the patents if they were valid.

So, let’s recap. The patent troll “invites” someone to take a license, pricing it as a business decision. Or put another way, the troll will license the patent for $30k, knowing it will cost the target at least 10x that to start a patent defense, and way more than that to actually roll the dice and take it to trial. That could take years. So typically the target will pay up.

Except that didn’t happen here.

Wikimedia responded by showing that not only are they not interested in spending $30K for a license, they are willing to spend 10X, 20X, or more to invalidate the patents. Which is as close to giving these scumbags the middle finger without walking into their offices to do that. This puts the Wikimedia Foundation in the driver’s seat, and Wordlogic in the position of being the target. An interesting role reversal.

This is going to be an interesting one to watch.

Martello Co-Chairmen Execute Letter of Intent to Provide $5 Million Subordinated Debt Instrument

Posted in Commentary on April 29, 2020 by itnerd

 Martello Technologies Group Inc. today announced that Co-Chairmen of the Martello Board of Directors Sir Terry Matthews, through Wesley Clover International, and Bruce Linton through a wholly owned company have executed an letter of intent (LOI) to provide an unsecured subordinated debt instrument to Martello in the amount of CDN $5 million, (the “Subordinated Debt Instrument“) to meet the capital requirements for the acquisition of GSX Participations SA (“GSX“). This facility is subject to intercreditor agreements and the finalization of definitive loan agreements between Martello Technologies Corporation (“MTC”), Bruce Linton and Wesley Clover International.

Today’s announcement follows a Martello press release announcing that the Company will acquire GSX, a provider of end-user experience monitoring for Microsoft Office 365 headquartered in Geneva, Switzerland with more than 400 enterprise customers globally. This acquisition will add monthly recurring revenue as Martello enters the Microsoft Office 365 market. As usage of Office 365 continues to grow, this acquisition will provide an additional opportunity to scale the existing GSX addressable market by moving it to a true cloud SaaS platform.  

The Subordinated Debt Instrument constitutes a “related party transaction” within the meaning of TSX Venture Exchange Policy 5.9 and Multilateral Instrument 61‑101 ‑Protection of Minority Security Holders in Special Transactions (“MI 61101“). The Company has relied on exemptions from the formal valuation and minority shareholder approval requirements of MI 61‑101 contained in sections 5.5(a) and 5.7(1)(a) of MI 61‑101 in respect of the Subordinated Debt Instrument as neither the fair market value (as determined under MI 61-101) of the subject matter of, nor the fair market value of the consideration for, the loan, insofar as it involved the related parties, exceeds 25% of the Company’s market capitalization (as determined under MI 61-101).

Martello to Acquire GSX Participations SA

Posted in Commentary with tags on April 29, 2020 by itnerd

 Martello Technologies Group Inc., today announced two initiatives as part of a strategic investment to strengthen its DEM capabilities.

The Company has entered into a share purchase agreement (the “Share Purchase Agreement“) dated April 28, 2020 to acquire 100% of the shares of GSX Participations SA (“GSX“), a provider of end-user experience monitoring for Microsoft Office 365 headquartered in Geneva, Switzerland with more than 400 enterprise customers globally. The consideration for the acquisition is 22,000,000 common shares and CDN$13,860,000 cash for an aggregate purchase price of $18,700,000, subject to adjustment (the “Purchase Price“), 

Martello intends to close debt financing concurrently with the closing of the Transaction. Financing provided by Vistara Capital Partners will fund the acquisition of GSX, while a secured revolving credit facility from National Bank of Canadawill be made available to Martello to draw upon from time to time to finance its day to day operations. The transaction is subject to the completion of standard conditions of closing for this type of transaction, including the completion of the financings as well as conditions regarding minimum cash and available cash at closing. Additional information about the transaction and the debt financings above are detailed in this press release. Closing is expected by May 28, 2020.

Martello also announced today that, as part of an enhanced focus on its software as a service (SaaS) -based DEM strategy, the Company has completed a strategic review of all operations and is taking steps to achieve efficiencies across the organization. As a result, Martello has reduced its workforce with a specific focus on the former Elfiq division, and is in discussions with a third-party regarding a divestment of this division. These decisions have been taken in the context of rapidly expanding global remote work requirements and the resulting opportunity created in the SaaS-based DEM market, and by the Company’s priority to achieve positive adjusted EBITDA in the near term. 

GSX Transaction Highlights and Commentary:

  • Based on unaudited financial statements prepared by GSX for the year ended December 31, 2019: 
    • GSX generated €4.4M of revenues in FY2019, which is approximately CDN$6.6M. 
    • Pro forma consolidated Martello revenues on a trailing twelve-month basis are approximately $19.7M. 
    • Approximately 89% of total GSX revenue for its software during FY2019 was recurring, with Monthly Recurring Revenue (MRR) of approximately €0.3M, or CDN$0.45M. 
    • GSX billings from sales of Microsoft Office 365 digital experience monitoring increased by 34% in FY2019. 
    • GSX’s gross margins are approximately 90%. 
    • GSX EBITDA in FY2019 was (€1.1M)
  • Complimentary to the earlier acquisition of Savision, the acquisition of GSX further extends Martello’s digital experience monitoring capabilities into Microsoft Office 365, which is the dominant business application platform used by Martello’s enterprise and SMB markets. 
  • While this acquisition has been in negotiation and diligence for more than six months, recent events show the opportunity with Microsoft Office 365. The service has 200 million monthly active users, typically growing at a pace of 3 million users per month1. With remote work increasing, Microsoft noted on March 19, 20202 an unprecedented spike in Teams usage, with daily users growing by 12 million in just seven days. 
  • Once synergies are realized from integration, Martello believes that GSX should deliver positive adjusted EBITDA contribution, and with MRR and Office 365 monitoring growth trajectories, should help to deliver EBITDA margins typically associated with SaaS vendors. 
  • GSX is a Microsoft Gold Partner in both Messaging and Cloud Productivity. 
  • Near-term growth opportunities as a result of this transaction include: 
    • Integrating the GSX software into Martello’s multi-tenant cloud SaaS environment to provide a simplified deployment model for GSX’s existing target market (large enterprise and MSPs) while also expanding its addressable market to small and medium sized businesses. 
    • Offering Office 365 user experience monitoring to existing Martello customers and partners, many of whom use or sell Office 365.

Transaction and Financing Details

Through its wholly owned subsidiary, Martello Technologies Corporation (“MTC“), Martello will purchase all the issued and outstanding securities of GSX. The Purchase Price is payable as follows: (i) a cash payment of CDN$13,860,000 and (ii) the issuance of 22,000,000 common shares of the Company (the “Common Shares“) to the shareholders of GSX (the “Vendors“). Upon completion of the transaction, it is expected that the Vendors will own 9.5% of the issued and outstanding shares of Martello on an undiluted basis. While no new insiders will be created upon closing, the Martello Shares issued to GSX’s largest Vendor will be subject to a 4-month plus 1 day hold period. Sampford Advisors acted as exclusive M&A adviser to Martello on this transaction. The transaction does not constitute a Fundamental acquisition as per TSXV Policy 5.3.

As part of the transaction described above, MTC will complete debt financing with Vistara Capital Partners (“Vistara“). Vistara will provide a subordinated secured term loan of US$8M (the “Term Loan“.  The Vistara credit agreement (the “Vistara Credit Agreement“) is dated April 27, 2020. The Term Loan is repayable within 36 months of closing and carries interest of the greater of (i) 12.50% per annum; and (ii) the U.S. prime rate plus 8.75% per annum calculated monthly in arrears on the outstanding principal amount. Vistara will take subordinated security interest in all the present and after acquired property of MTC, the Company, and the Canadian, US, Swiss, and Dutch subsidiaries of the Borrower (the “Corporate Guarantors“). Repayment of the Term Loan will be guaranteed by the Company and each of the Corporate Guarantors. 

As consideration for providing the Term Loan, Vistara will receive upon closing 12,777,273 bonus warrants to purchase Common Shares (“Bonus Warrants“) subject to the TSXV Policy 5.1 – Loans, Loan Bonuses, Finder’s Fees and Commissions (“TSXV Policy“). Each Bonus Warrant will be exercisable into one Common Share (a “Bonus Share“) at an exercise price of CDN $0.22 per Bonus Share for up to 36 months from closing (the “Expiry Time“), unless the Term Loan is repaid earlier, then the Expiry Time shall be reduced in accordance with TSXV Policy. Subject to TSXV approval, the Bonus Warrants may be exercised on a “cashless basis”. Furthermore, if at any time, after four months and a day after the Issue Date, the volume weighted average price (VWAP) of the Common Shares for any twenty (20) consecutive Trading Days on the TSXV, during which the total volume of common shares traded in such period exceeds 5,000,000, is equal to or exceeds CDN $0.44 being 100% premium on exercise price then all of the Bonus Warrants shall be deemed to be automatically exercised by Vistara on a cashless basis. The Bonus Shares will be subject to an initial four month plus one day hold period from the date of issuance of the Bonus Warrants. Issuance of the Bonus Warrants is subject to approval by the TSXV. Existing term debt to Royal Bank of Canada will be repaid on or prior to closing.

Additional Financing

In addition, National Bank of Canada (“National Bank” or the “Senior Lender“) has offered to provide a senior secured revolving credit facility of up to CDN $7.5M (the “Revolving Facility“) which MTC can draw upon from time to time to finance its day to day operations.  The National Bank credit agreement (the “National Bank Credit Agreement“) is dated April 27, 2020. It is comprised of a demand revolving line of credit and other ancillary facilities. The credit facility carries interest of Canadian Prime Rate plus 2.85% per annum. This facility will be undrawn at the close of the transaction.

The facilities provided by National Bank will be guaranteed by the Company and its subsidiaries in Canada, US, Netherlands, and GSX (the “Corporate Guarantors“) and will be secured against the property of MTC and of certain of the Corporate Guarantors. Repayment of the National Bank revolving facility is expected to also be guaranteed in part by Export Development Canada. 

Strategic Review Results

Martello has taken steps to achieve efficiencies in sales, general and administrative and development operations. As part of this initiative, the former Elfiq network technology division workforce has been reduced by approximately 70% through temporary layoffs, to focus on the SaaS-based components of Martello’s DEM strategy. The Company intends to exit the former Elfiq network technology business, and is in discussions with a possible buyer for the intellectual property and assets of this division. This operational change will allow Martello to allocate more resources to SaaS-based DEM activities, while reducing Martello’s operating cash burn immediately.

Apple To Release Emergency Patch To Fix Messages Bug…. Maybe The Mail Exploit Too

Posted in Commentary with tags on April 29, 2020 by itnerd

Earlier this week I spoke of two major issues that iOS users were being exposed to. One was a Messages bug where a specific combination of characters would cause iOS devices to crash. The other was a zero day exploit in Mail that is likely being exploited as you read this. This likely has created a lot of bad press for Apple as people like yours truly have reported on these issues, and have called on Apple to fix them sooner rather than later.

Well, that appears to be happening. Forbes is reporting that an emergency patch is coming sometime this week to fix the Messages bug. Now it is possible that this patch will also fix the Mail exploit as well. I say that because the beta of iOS 13.4.5 has a fix for that exploit. So it shouldn’t be hard for Apple to bring that fix to another version of iOS.

Stay tuned to this post and to my Twitter account for updates on this.

SAP Labs Canada Appoints New Managing Director

Posted in Commentary on April 28, 2020 by itnerd

SAP Labs Canada, the Canadian development centre for SAP SE, announces the appointment of Cindy Fagen as Managing Director. In this role, Cindy will lead the strategic direction of SAP’s product development and innovation hubs in Vancouver, Montreal and Waterloo, serving nearly 3,000 employees.

Previously SAP Labs Canada’s chief operating officer (COO), Cindy has been managing the business of the organization since 2014. Cindy brings an entrepreneurial spirit, while also offering continuity in this time of unprecedented global disruption. As COO, Cindy was a fierce champion of SAP.iO, SAP’s program to seed intrapreneurship among SAP employees, initiating venture studios in SAP Canada locations from coast to coast. She also spearheaded the implementation of innovation spaces and programs to advance employee learning, innovation and community partnerships.

Cindy also brings a tenure of strong technology experience in companies large and small. Before joining SAP in 2014, Cindy was president and founder of a digital media startup and spent many years in customer-facing leadership roles at organizations like Dassault Systèmes. She is passionate about advancing STEM education and supporting women in entrepreneurship.

Cindy will take the reins from SAP Labs Canada’s longtime managing director, Kirsten Sutton who is leaving SAP to pursue new opportunities.

Under their leadership, SAP Labs Canada has become one of Canada’s most revered employers – winning 20 top employer awards in 2019 alone- and is among the elite four of SAP’s 20 global innovation centres.

#PSA: iPhone SE Does NOT Support Haptic Feedback In Notifications By Design

Posted in Commentary with tags on April 28, 2020 by itnerd

If you’re about to, or perhaps have sprung for the new iPhone SE, you should know that Unlike the iPhone 11 and iPhone 11 Pro, the iPhone SE is unable to expand notifications through Haptic Touch. That sounds like a bit of an edge case on first blush. But if you are coming from an iPhone that supported this functionality via Haptic Touch or the now seemingly dead 3D touch, this is going to tick you off. As it has ticked off many on this sub-Reddit.

Apparently this was done by design by Apple as confirmed by TechCrunch‘s Matthew Panzarino.

But Benjamin Mayo who is a well respected iOS developer sums it up this way:

I really don’t understand why Apple made this decision. It seems like they are creating one of their famous “gates” when they don’t need to. But there is a workaround of sorts. It’s possible to slide to the left on a notification and tap on the “View” option as a workaround for the missing ‌Haptic Touch‌ feature. Still. This seems like a major unforced error by Apple.

39% of Spam Emails Offer Fake Medical Products: Atlas VPN

Posted in Commentary with tags on April 28, 2020 by itnerd

Data acquired by Atlas VPN shows that health-related spam emails was the most common category of spam last year. In 2019, 39% of spam emails were promoting fake pharmaceuticals and health cures.  

Industry practices show that the number of health-related spam emails is expected to grow dramatically this year. Last week, Gmail warned their customers to use the service with caution: of a total 100 million spam emails Gmail reports daily, 18 million of them were coronavirus-themed.

Last year, the number of extortion scams increased from 0% in 2018 to 10% in 2019. Last week, the FBI announced they are receiving more extortion emails than usual.

In 2019, the most common type of malware-infected files sent through email was Microsoft Office Word or Excel files. It is likely that Google Docs or Microsoft Word files are the future of phishing since it lets hackers steal more information than setting up a fake, malware-infected website would.

To read the full report, head over to:  https://atlasvpn.com/blog/39-percent-of-spam-emails-offer-fake-medical-products/ 

And Now Apple Has A Exploit In iOS Messages That Can Crash Your iDevice

Posted in Commentary with tags on April 27, 2020 by itnerd

Apple has a lot of issues right now. On top of this issue with a zero day exploit with iOS mail, Apple now has a bug with with iOS Messages where a combination of characters sent to you via Messages can cause your iOS device to crash. Here’s an example:

If you get hit with this, you need to hard reboot your phone, or in some cases you may have to restore your phone from a backup.

In other words, this is a nasty bug.

It’s been a while since Apple has been hit with a Messages bug that caused your iOS device to crash. This seemed to be a common thing all the way up to iOS 11. And there have been a couple of cases where Apple has pushed out a software update to fix this sort of issue within hours of the issue being discovered. So I fully expect to see a software update as early as Tuesday to fix this and perhaps also fix the Mail bug as well seeing as that is likely being exploited in the wild.

Tune in tomorrow to find out if I am right.

iOS Has A Mail Exploit That Is Unpatched…. Should You Worry?

Posted in Commentary with tags on April 27, 2020 by itnerd

The news came out last week that a company called ZecOps found a vulnerability in iOS Mail that has no fix and that has likely been exploited in the wild:

The attack’s scope consists of sending a specially crafted email to a victim’s mailbox enabling it to trigger the vulnerability in the context of iOS MobileMail application on iOS 12 or maild on iOS 13. Based on ZecOps Research and Threat Intelligence, we surmise with high confidence that these vulnerabilities – in particular, the remote heap overflow – are widely exploited in the wild in targeted attacks by an advanced threat operator(s).

The suspected targets included:

  • Individuals from a Fortune 500 organization in North America
  • An executive from a carrier in Japan 
  • A VIP from Germany
  • MSSPs from Saudi Arabia and Israel
  • A Journalist in Europe
  • Suspected: An executive from a Swiss enterprise

That’s pretty scary. And Apple served up a response basically saying that there’s nothing to see here:

“We have thoroughly investigated the researcher’s report and, based on the information provided, have concluded these issues do not pose an immediate risk to our users,” the Cupertino, California company said. “The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections, and we have found no evidence they were used against customers.”

However security researchers disagree with Apple’s assessment:

The fact that Apple has been unable to independently verify that the bugs were exploited in the wild is not surprising, says Patrick Wardle, a former National Security Agency analyst and Apple security researcher at the firm Jamf.

“It is unlikely that if this vulnerability was used in highly targeted attacks that Apple would find evidence of such attack,” Wardle says. “Either way, it would be helpful for Apple to articulate how they came to this conclusion.”

Even the crudest zero-click attacks leave little trace, which makes tracking them an issue. Security analysts say that in many cases, the very features that make software more secure often make zero-click attacks harder to detect.

The only good news is that iOS 13.4.5 which is in beta at the moment has a fix for this. But the question is, should you be worried?

Yes. You should be worried.

This is a zero day exploit. Now that it is public, any limited usage of this exploit is about to skyrocket as miscreants try to figure out how to leverage this exploit. Thus Apple would be smart to get a fix for this out ASAP to protect their user base. If they don’t, they are basically leaving their user base insecure. And that’s not acceptable. So Apple, please step up to the plate and do what is right for your users.

IAITAM Outlines 3 Steps Organizations Can Take Now to Avoid Data Leaks

Posted in Commentary with tags on April 23, 2020 by itnerd

Just over the horizon for American businesses and government agencies is the return to the traditional office work environment. But what will companies and agencies do with the new laptops and other devices they put into employee homes in order to keep things going during state-imposed stay-at-home orders? The International Association of IT Asset Managers (IAITAM) today outlined the key steps employers need to take to protect their data and investments.

Many organizations purchased assets, licenses, service contracts, and other necessities to facilitate a work from home environment. Everything from scalable cloud architecture to increased VPN bandwidth and mobile hardware assets were all hastily purchased, with minimal consideration for how they would be integrated into IT environments.

Software vendors and related organizations (with scalability built into their licensing and service contracts) will likely be able to scale down as easily as they scaled up. Hardware, on the other hand, is a much bigger issue in an IT environment. Organizations will have quite a challenge on their hands because each one of those devices has to be handled with care to ensure that the data on them is protected and that the investment in them is not lost.

IAITAM is outlining three steps that organizations can take now: 

  1. Organizations will have to identify all of the new assets now. This can be problematic if procedures were not followed on the best practices for purchasing and accepting assets. Knowing what an organization has in their environment is the first step in any asset management program. If things moved rapidly or even chaotically within the company or agency to transition to work from home, now is an opportunity to double back and ensure that the details are gathered. 
     
  2. Assets need to be tracked and remote users need to understand the transition process. While work-from-home orders implied “home”, not every worker stayed home. Some chose to be with family, while others decided to visit friends or travel. This means the asset is travelling, as remote assets do. However, not every organization would have planned or accounted for that aspect in terms of security, possible use of the devices by third parties, etc. Additionally, organizations need to have an ingress plan for these remote assets. Ensuring that users know how remote assets will be collected and processed will go a long way to streamlining the transition back into the office. 
     
  3. A plan should be in place now to deal with excess hardware. Redundancy in assets was necessary when working from home but after coming back into the office, that end user will no longer need a laptop for home and a computer at work. What will be done with these excess assets and how the organization will recoup costs is critical to the back-to-the-office transition being less financially burdensome. Leasing assets would have been a strong option, but some organizations have already made their purchases. As such, charity donations and resale are all better options financially than simply dumping the excess hardware. Company and agency IT asset managers will need to ensure that all devices that are leaving the organization for good are disposed in a secure fashion to avoid breaches.