Connect with us


‘Selling a promise’: what Silicon Valley learned from the fall of Theranos | Theranos

Voice Of EU



A charismatic young leader, billions of dollars in valuations and a technology that promised to change the world but failed to deliver: the meteoric rise and fantastic fall of the medical tech startup Theranos has been seen by many as an indictment of the hype-train attitude of Silicon Valley.

Nearly 20 years after Theranos’s launch, its CEO, Elizabeth Holmes, is headed to trial, charged with defrauding clients and investors. Silicon Valley is facing a public that’s wary of its methods and intentions – but the verdict is still out on whether startup culture has fundamentally changed.

“People are more sensitive to scams now – in some ways, there is a pre-Theranos Silicon Valley era and post-Theranos era,” said John Carreyrou, a journalist who has been covering Theranos for six years and now hosts a podcast on the trial. “But in many ways the boom has continued unabated. I’m not convinced there has been a true reckoning, yet.”

‘A particular moment in Silicon Valley history’

Theranos was founded in 2003 by a then 19-year-old Stanford University student, Elizabeth Holmes.

Holmes promised to upend the vast medical testing industry with a technology that could perform a range of health tests on just a small drop of blood. The company reached its pinnacle about 10 years later, valued at a staggering $10bn, before it all collapsed.

“The rise and fall of Theranos reflected a very particular moment in Silicon Valley history,” said Margaret O’Mara, a historian of the region who holds a professorship at the University of Washington.

At the time, the Silicon Valley tech bubble was obsessed with young founders, celebrating the success of startups with “humble beginnings” that managed to take over the world – Mark Zuckerberg from his dorm room, Jeff Bezos from his garage.

At the same time, some investors were increasingly frustrated that the valley’s output was concentrated on social platforms, seen by some as frivolous. As the investor Peter Thiel memorably said in 2013: “We wanted flying cars. Instead we got 140 characters.”

“Then we have Theranos, which was not making an app but selling a promise to transform healthcare,” O’Mara said. “Holmes was targeting an experience – blood testing – that is very familiar and not very pleasant. That was appealing to a lot of people.”

There was another draw to Holmes. As big names like Bezos, Zuckerberg and Bill Gates dominated the scene, women were largely left out of the narrative.

In other words, the time was ripe for a young, female tech leader to take center stage. “Here was a photogenic, telegenic young woman posing as the female Steve Jobs,” O’Mara said. “It was an incredibly alluring narrative that everyone wanted to believe.”

Changing times

When Holmes was rising to power, tech companies were still seen as innovators that were largely benefiting society, said O’Mara. Bolstered by organizers’ use of technology platforms in events like the Arab spring and Occupy Wall Street, there was an overarching narrative that Silicon Valley was connecting the world and promoting democracy.

“This was a time when companies could say they were making the world a better place and most people believed them,” O’Mara said.

Startups from an array of industries were able to hop on Silicon Valley’s hype train, adopting its ethos of “move fast and break things”. Theranos was primarily a medical device company, while WeWork – another industry darling – was at its core real estate firm selling office space.

A decade later, the startup environment has decidedly changed. Revelations like the Cambridge Analytica scandal have eroded trust in big tech. Legislators and the public are increasingly questioning the monopoly power some major tech companies hold. Social platforms were largely blamed for the rise of Donald Trump and his stunning victory in the 2016 election.

“That’s when the whole conversation around social media and more broadly the tech sector started turning sideways,” O’Mara said. “There started to be more skepticism about what exactly these companies were promising.”

‘Life and death’

But opinions differ on how tech firms, and medical startups in particular, have adapted to the changing climate.

“Theranos has raised awareness that people should take a stronger look at fantastical claims when they are made,” said David Grenache, former president of the American Association for Clinical Chemistry and current chief scientific officer at TriCore Reference Laboratories. “It helped raise some level of caution – it reminded people to look before you jump feet-first into believing in a technology that doesn’t really exist.”

Elizabeth Holmes leaves court in San Jose in 2019.
Elizabeth Holmes leaves court in San Jose, California, in 2019. Photograph: Justin Sullivan/Getty Images

Although scrutiny is healthy, and necessary, for any startup in the field, the intensity of it has backfired on many medical tech companies, Grenache continued, noting there are “legitimate companies” working towards diagnostic technology that are more quickly shut down by investors.

“Healthy skepticism has evolved into complete mistrust,” he said.

John Ioannidis, a Stanford professor of medicine who was one of the first to challenge Theranos, argued that even amid growing scrutiny, medical testing companies in the Valley have continued some of the mistakes the blood testing startup made.

Like Theranos once did, many medical tech companies still operate in “stealth mode”, launching and raising funding for their products without offering legitimate proof the products work, a study Ioannidis published in 2019 found. Of the 18 “unicorns”, or tech companies valued over $1bn, in the field, more than half had “no highly cited papers” on their work, according to the study.

When the secretive nature of Silicon Valley collides with healthcare, very little information gets out regarding the actual research behind products, he cautioned. “Operating in stealth mode, making extravagant claims, and eventually driving people to make uninformed decisions about their health is very scary,” Ioannidis said. “This is not a laptop or a mobile phone, this is life and death.”

Another problem, Ioannidis pointed out, is that many of these companies operate in a regulatory “gray area” because the technology they sell is not directly categorized as medical. While a vaccine or medication would require a more stringent approval process from the Food and Drug Administration (FDA), technologies like those offered by Theranos are able to get products into the hands of the public with little regulatory oversight.

The FDA started reckoning with the problem following Theranos’s collapse, but a long road lies ahead. “This has been a wake-up call for a lot of people, including the FDA,” said John Wikswo, a professor of biomedical engineering at Vanderbilt University. “The experience has exposed a number of weaknesses in regulatory discretion.”

Congress in 2015 held a hearing in Washington to discuss “lab-developed tests”, or LDTs. Like those used by Theranos, such diagnostic tests do not require companies to submit tests to the FDA before using them on patients. Dozens of startups have taken advantage of the loophole in recent years, according to the FDA.

But not much regulatory progress has been made since. The efforts stalled under the previous administration and the fate of LDT regulation appears to be “in limbo” under the Biden administration.

Meanwhile, medical tech companies are continuing to grow. Private biotechs in the US raised $27.2bn in 2020, according to data from Pitchbook, which tracks such deals. That’s an increase from $10.6bn in 2015, when Theranos began to fall apart.

How these companies move forward in the coming years may partly depend on Elizabeth Holmes.

The outcome of the case will be huge for startup culture, Carreyrou, the journalist, said. “There has long been a culture of faking it until you make it in Silicon Valley, and Holmes is a product of that culture,” he said. “To reform that – to change Silicon Valley – it is going to take a conviction.”

Source link


Ubiquiti dev charged with data-breaching own employer • The Register

Voice Of EU



A Ubiquiti developer has been charged with stealing data from the company and extortion attempts totalling $2m in what prosecutors claim was a vicious campaign to harm the firm’s share price – including allegedly planting fake press stories about the breaches.

US federal prosecutors claimed that 36-year-old Nickolas Sharp had used his “access as a trusted insider” to steal data from his employer’s AWS and GitHub instances before “posing as an anonymous hacker” to send a ransom demand of 50 Bitcoins.

The DoJ statement does not mention Sharp’s employer by name, but a Linkedin account in Sharp’s name says he worked for Ubiquiti as a cloud lead between August 2018 and March 2021, having previously worked for Amazon as a software development engineer.

In an eyebrow-raising indictment [PDF, 19 pages, non-searchable] prosecutors claim Sharp not only pwned his employer’s business from the inside but joined internal damage control efforts, and allegedly posed as a concerned whistleblower to make false claims about the company wrongly downplaying the attack’s severity, wiping $4bn off its market capitalisation.

Criminal charges were filed overnight in an American federal court against Sharp, of Portland, Oregon. The indictment valued the 50 Bitcoins at $1.9m “based on the prevailing exchange rate at the time.”

US attorney Damian Williams said in a US Justice Department statement: “As further alleged, after the FBI searched his home in connection with the theft, Sharp, now posing as an anonymous company whistle-blower, planted damaging news stories falsely claiming the theft had been by a hacker enabled by a vulnerability in the company’s computer systems.”

Sharp is alleged to have downloaded an admin key which gave him “access to other credentials within Company-1’s infrastructure” from Ubiquiti’s AWS servers at 03:16 local time on 10 December 2020, using his home internet connection. Two minutes later, that same key was used to make the AWS API call GetCallerIdentity from an IP address linked to VPN provider Surfshark – to which Sharp was a subscriber, prosecutors claimed.

Later that month, according to the prosecution, he is alleged to have set AWS logs to a one-day retention policy, effectively masking his presence.

Eleven days after the AWS naughtiness, the indictment claims, he used his own connection to log into Ubiquiti’s GitHub infrastructure. “Approximately one minute later,” alleged the indictment, Sharp used Surfshark to ssh into GitHub and clone around 155 Ubiquiti repos to his home computer.

“In one fleeting instance during the exfiltration of data,” said the indictment, “the Sharp IP address was logged making an SSH connection to use GitHub Account-1 to clone a repository.”

For the rest of that night, prosecutors said, logs showed Sharp’s personal IP alternating with a Surfshark exit node while making clone calls. Although it was not spelled out in the court filing, prosecutors appeared to be suggesting that Surfshark VPN was dropping out and revealing “the attacker’s” true IP.

Ubiquiti discovered what was happening on 28 December. Prosecutors claimed Sharp then joined the company’s internal response to the breaches.

In January 2021 Ubiquiti received a ransom note sent from a Surfshark VPN IP address demanding 25 Bitcoins. If it paid an extra 25 Bitcoins on top of that, said the note, its anonymous author would reveal a backdoor in the company’s infrastructure. This appears to be what prompted Ubiquiti to write to its customers that month alerting them to a data breach. Ubiquiti did not pay the ransom, said the indictment.

Shortly after Federal Bureau of Investigation workers raided Sharp’s home, prosecutors claim he “caused false or misleading news stories to be published about the Incident and Company-1’s disclosures and response to the Incident. Sharp identified himself as an anonymous source within Company-1 who had worked on remediating the Incident. In particular, Sharp pretended that Company-1 had been hacked by an unidentified perpetrator who maliciously acquired root administrator access [to] Company-1’s AWS accounts.”

This appears to be referencing an article by infosec blogger Brian Krebs that was published that day, on 30 March 2021. He spoke “on condition of anonymity for fear of retribution by Ubiquiti”, and El Reg (among many other outlets) followed up Krebs’ reporting in good faith. In that article, the “whistleblower” said he had reported Ubiquiti in to the EU Data Protection Supervisor, the political bloc’s in-house data protection body.

We have asked Krebs for comment.

Sharp is innocent unless proven guilty. He is formally charged with breaches of the Computer Fraud and Abuse Act, transmitting interstate threats, wire fraud and making false statements to the FBI. If found guilty on all counts and handed maximum, consecutive sentences on each, he faces 37 years in prison. ®

Source link

Continue Reading


Limerick’s Serosep crowned Irish Medtech Company of the Year 2021

Voice Of EU



Other winners at the Irish Medtech Association awards included Alcon Ireland, West, Vertigenius, Luminate Medical, BioMEC, Jabil Healthcare, Cook Medical and Aerogen.

Limerick-headquartered business Serosep has been named Irish Medtech Company of the Year at a virtual conference hosted today (2 December) by The Irish Medtech Association with Enterprise Ireland and IDA Ireland.

The Irish Medtech Association which represents the medtech sector in Ireland made the announcement at its annual Medtech Rising conference. This year’s awards ceremony was the first to feature new categories. Alcon Ireland won the Sustainable Medtech company of the Year, while West scooped the Best Medtech Talent Strategy Award.

According to the association’s director Sinéad Keogh, the annual awards ceremony offers the medtech community a chance to “recognise and celebrate the strength and importance of the industry in improving life.”

“The sector has remained resilient despite the challenges of the Covid pandemic, with over 42,000 people now working in the industry, across 450 companies,” she added.

The overall winner, Serosep, is a self-funded, family run business, which manufactures clinical diagnostic products at its base in Annacotty, Co Limerick. It serves more than 35 different countries spread over 5 continents. The company is 25 years in business and employs 114 people. Earlier this year, it announced a five-year contract to supply its gastroenteritis diagnostic system to Liverpool University Hospital. The company already supplies the NHS.

Serosep CEO and founder Dermot Scanlon, said he was “humbled” to receive the award, adding that the company’s innovative diagnostic test tools have “changed the way gastroenteritis is tested in clinical laboratories.”

“We are currently manufacturing in excess of one million tests in our state-of-the-art facility,” he said, explaining that the award would motivate the whole company to “continue forging ahead, achieving bigger and better things.”

Other award winners included:

Trinity College Dublin spin-out Vertigenius, winner of the eHealth Innovation of the Year Award. Vertigenius is a platform which aims to enhance clinical and patient engagement in the treatment of balance problems.

Luminate Medical, winners of the Emerging Medtech Company of the Year Award. The NUI Galway spin-out has developed a technology to prevent chemotherapy induced hair loss.

NUI Galway’s Biomechanics Research Centre (BioMEC) won the Academic Contribution to Medtech Award. The company’s technology integrates the latest in silico computational models to simulate the mechanical performance of implanted coronary stents.

Bray-based Jabil Healthcare scooped the Medtech Partner/Supplier of the Year Award for its new Covid-19 PCR testing device.

Cook Medical received the Women in Leadership Company initiative Award for its commitment to gender balance in the workplace.

The Covid-19 Response Recognition Award was awarded to Aerogen which has developed an inhaled vaccine station. The company’s products have been used on more than 3m critically ill people since March 2020, according to Enterprise Ireland’s head of life sciences, Deirdre Glenn. Aerogen won last year’s Medtech Company of the Year award.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Source link

Continue Reading


‘A lemon’: Coalition fights to keep Covidsafe app data under wraps | Australia news

Voice Of EU



The Morrison government insists it is negotiating with the states about “future uses” for its troubled Covidsafe app despite it not being used during the outbreaks that prompted lockdowns in Victoria, New South Wales and the Australian Capital Territory.

The government is also refusing to release how many Australians continue to use the app, with one tech expert accusing the government of trying to avoid disclosing embarrassing data rather than admit it had failed to achieve its purpose.

Since vaccination rates reached more than 90% of the eligible population in most states, contact tracing is slowly being scaled back, with health authorities limiting the number of people contacted and asked to test and isolate.

Even when contact tracing played a critical role in reducing the number of cases, the app was of little assistance.

Almost none of the contacts were identified through the federal government’s CovidSafe contact tracing app despite well over 7 million people in Australia downloading it last year and the prime minister, Scott Morrison, declaring it the ticket out of lockdown.

Since launching in April last year, just 17 “close contacts” in NSW were found directly through the app that were not otherwise identified through manual contact tracing methods.

Guardian Australia has been engaged in a year-long freedom of information battle with the Digital Transformation Agency to reveal how many people continued to use the app after installing it.

This month the agency said releasing the information would hurt negotiations with the states over the app’s future uses.

“The Commonwealth is engaged in ongoing consultations and discussions with the states and territories on a framework around the use of Covidsafe data and data derived from Covidsafe data as a key tool for contact tracing,” DTA’s chief technology officer, Anthony Warnock, told the Office of the Australian Information Commissioner in a letter provided to Guardian Australia.

When asked about these discussions, both NSW and Victoria said the app had not been used at all in 2021.

“To date, it has not been necessary to use the Covidsafe app with any case clusters in 2021,” a NSW Health spokesperson said. “NSW Health’s contact tracing team has access to a variety of information to contain the spread of Covid-19 and keep the community safe.”

The ACT also said the app had never been used in the capital and, as of September, Queensland said it had used the app twice, with one contact identified but no positive cases identified.

It’s also unclear what future uses the federal government is considering.

Electronic Frontiers Australia’s chair, Justin Warren, who has been involved in complex FOI battles with the government, suggested the only reason the the release of the information would be damaging was if it showed far fewer people continued to use the app.

“The DTA appears to be trying to argue that we can’t learn the truth about just how big a lemon the Covidsafe app is because then people might know it’s a lemon and act accordingly,” he said. “It’s clear to me that they wouldn’t try to make this argument if the app was useful.”

The app costs around $75,000 a month to run, and a spokesperson for the federal health department said there were “no plans” to shut it down until the health minister determined it was no longer required.

Experts in the tech community last year called for the app to be modified using the Apple-Google exposure notification framework, which would work similarly to the UK’s NHS app and alert people when they had been in contact with a confirmed Covid-19 case.

A study published in Nature in May about how effective the NHS app in England and Wales had been between September and December last year found that for every positive case who agreed to alert their contacts, one case was averted.

The government has long argued against switching to an NHS-style version of the app, arguing that it left it up to users to contact the health department and get tested and isolate, rather than giving contact tracers a list of those exposed to follow up.

But a ministerial brief prepared by the DTA in May 2020, released this week on the transparency website Right to Know, reveals that the government believed it would require massive changes to the app and privacy laws to accommodate the change.

“The app would need to be significantly redesigned and rebuilt,” the agency said. “The ENF cannot simply be embedded into the current app. The health portal would also need to be redesigned and rebuilt.”

The DTA warned that a new privacy assessment would need to be undertaken, legislation might need to be amended, all current users would need to download and re-register through the app, and contact data could not be transferred.

The briefing also noted that the alerts people received through the app “may cause alarm” if contact tracers were not involved in the process.

Sign up to receive an email with the top stories from Guardian Australia every morning

But the agency said a change to the Apple/Google version would improve connectivity between devices and might encourage people who had hesitated to download the original app.

“Certain users who have avoided the app may perceive that the ENF provides stronger privacy protections through this largely decentralised non-government-controlled model.”

Victoria now automatically alerts people who were at high-risk venues through the Service Victoria app, and advises them to test and isolate, but does not do any further contact tracing except when someone tests positive.

NSW is planning to ditch QR code check-ins from all but high-risk venues from 15 December, or when the state reaches 95% of the eligible population having two doses of the vaccine.

Source link

Continue Reading


Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!