A security researcher commandeered a country’s expired top-level domain to save it from hackers

In mid-October, a little-known but critically important domain name for one country’s internet space began to expire.

The domain — scpt-network.com — was one of two nameservers for the .cd country code top-level domain, assigned to the Democratic Republic of Congo. If it fell into the wrong hands, an attacker could redirect millions of unknowing internet users to rogue websites of their choosing.

Clearly, a domain of such importance wasn’t supposed to expire; someone in the Congolese government probably forgot to pay for its renewal. Luckily, expired domains don’t disappear immediately. Instead, the clock started on a grace period for its government owners to buy back the domain before it was sold to someone else.

By chance, Fredrik Almroth, a security researcher and co-founder of cybersecurity startup Detectify, was already looking at nameservers of country code top-level domains (or ccTLDs), the two-letter suffixes at the end of regional web addresses, like .fr for France or .uk for the United Kingdom. When he found this critical domain name was about to expire, Almroth began to monitor it, assuming someone in the Congolese government would pay to reclaim the domain.

But nobody ever did.

By the end of December, the clock was almost up and the domain was about to fall off the internet. Within minutes of the domain becoming available, Almroth quickly snapped it up to prevent anyone else from taking it over — because, as he told TechCrunch, “the implications are kind of huge.”

It’s rare but not unheard of for a top-level domain to expire.

In 2017, security researcher Matthew Bryant took over the nameservers of the .io top-level domain, assigned to the British Indian Ocean Territory. But malicious hackers have also shown interest in targeting top-level domains hack into companies and governments that use the same country-based domain suffix.

Read more on TechCrunch

Taking over a nameserver is not supposed to be an easy task because they are a vital part of how the internet works.

Every time you visit a website your device relies on a nameserver to convert a web address in your browser to the machine-readable address that tells your device where on the internet to find the site you’re looking for. Some liken nameservers to the phone directory of the internet. Sometimes your browser looks no further than its own cache for the answer, and sometimes it has to ask the nearest nameserver for the answer. But the nameservers that control top-level domains are considered authoritative and know where to look without having to ask another nameserver.

With control of an authoritative nameserver, malicious hackers could run man-in-the-middle attacks to silently intercept and redirect internet users going to legitimate sites to malicious webpages.

These kinds of attacks have been used in sophisticated espionage campaigns aimed at cloning websites to trick victims into handing over their passwords, which hackers use to get access to company networks to steal information.

Worse, Almroth said with control of the nameserver it was possible to obtain valid SSL (HTTPS) certificates, allowing for an attacker to intercept encrypted web traffic or any email mailbox for any .cd domain, he said. To the untrained eye, a successful attacker could redirect victims to a spoofed website and they would be none the wiser.

“If you can abuse the validation schemes used to issue certificates, you can undermine the SSL of any domain under .cd as well,” Almroth said. “The capabilities of being in such a privileged position is scary.”

Almroth ended up sitting on the domain for about a week as he tried to figure out a way to hand it back. By this point the domain had been inactive for two months already and nothing had catastrophically broken. At most, websites with a .cd domain might have taken slightly longer to load.

Since the remaining nameserver was running normally, Almroth kept the domain offline so that whenever an internet user tried to access a domain that relied on the nameserver under his control, it would automatically timeout and pass the request to the remaining nameserver.

In the end, the Congolese government didn’t bother asking for the domain back. It spun up an entirely new but similarly named domain — scpt-network.net — to replace the one now in Almroth’s possession.

We reached out to the Congolese authorities for comment but did not hear back.

ICANN, the international non-profit organization responsible for internet address allocation, said country code top-level domains are operated by their respective countries and its role is “very limited,” a spokesperson said.

For its part, ICANN encouraged countries to follow best practices and to use DNSSEC, a cryptographically more secure technology that makes it nearly impossible to serve up spoofed websites. One network security engineer who asked not to be named as they were not authorized to speak to the media questioned whether DNSSEC would be effective at all against a top-level domain hijack.

At least in this case, it’s nothing a calendar reminder can’t solve.

Madrona promotes Anu Sharma and Daniel Li as Partners

Fresh off the announcement of more than $500 million in new capital across two new funds, Seattle-based Madrona Venture Group has announced that they’re adding Anu Sharma and Daniel Li to the team’s list of Partners.

The firm, which in recent years has paid particularly close attention to enterprise software bets, invests heavily in the early-stage Pacific Northwest startup scene.

Both Li and Sharma are stepping into the Partner role after some time at the firm. Li has been with Madrona for five years while Sharma joined the team in 2020. Prior to joining Madrona, Sharma led product management teams at Amazon Web Services, worked as a software developer at Oracle and had a stint in VC as an associate at SoftBank China & India. Li previously worked at the Boston Consulting Group.

I got the chance to catch up with Li who notes that the promotion won’t necessarily mean a big shift in his day-to-day responsibilities — “At Madrona, you’re not promoted until you’re working in the next role anyway,” he says — but that he appreciates “how much trust the firm places in junior investors.”

Asked about leveling up his venture career during a time when public and private markets seem particularly flush with cash, Li acknowledges some looming challenges.

“On one hand, it’s just been an amazing five years to join venture capital because things have just been up and to the right with lots of things that work; it’s just a super exciting time,” Li says. “On the other hand, from a macro perspective, you know that there’s more capital flowing into VC as an asset class than ever before. And just from that pure macro perspective, you know that that means returns are going to be lower in the next 10 years as valuations are higher.”

Nevertheless, Li is plenty bullish on internet companies claiming larger swaths of the global GDP and hopes to invest specifically in “low code platforms, next-gen productivity, and online communities,” Madrona notes in their announcement, while Sharma plans to continue looking at to “distributed systems, data infrastructure, machine learning, and security.”

TechCrunch recently talked to Li and his Madrona colleague Hope Cochran about some of the top trends in social gaming and how investors were approaching new opportunities across the gaming industry.

Germany’s Isar Aerospace raises $91M to get its satellite launch vehicle off the ground

The aerospace industry has seen an explosion of activity from the world of startups, where bright engineers are foregoing jobs at large corporations and opting instead to raise funding from increasingly ambitious venture capitalists to build their own startups to turn moonshots into business realities. In the latest development, a startup out of Munich has raised the largest round to date in European space tech.

Isar Aerospace, which is building a micro-satellite launcher significantly smaller and thus lower in price than bigger launchers on the market today, has picked up €75 million ($91 million) in funding. It plans to use the money to continue its research, development and production en route to its first commercial launches, planned for early 2022.

The launcher is not just significant for its design innovation, but if it proves successful, it would make Isar the first European space company to build a successful satellite launcher to compete in the global satellite market.

The round, a Series B, is being led by Lakestar, with previous backers Earlybird and Vsquared Ventures also contributing significantly, the company said. Earlybird and strategic backer Airbus Ventures led Isar’s previous round of $17 million in December 2019.

The startup is a spinout of TUM — the famous Munich Technical University — where co-founders Daniel Metzler, Josef Fleischmann and Markus Brandl all studied engineering. Fleishmann had a small claim to fame before Isar: he was part of the team from TUM that built the winning vehicle for the famous Hyperloop competition in the U.S. It was an achievement that landed him a very interesting job offer with a high-profile venture in the U.S. that will go unnamed; he opted to come back to Germany to build his own company, which became Isar.

As Metzler described it in an interview, there is a lot of pent-up demand among companies that need or would like to use satellite technology to augment or replace other data sources. This comes from not just the usual suspects of government or communications entities, but also navigation, GPS and mapping specialists, agribusiness interest, media and internet companies, and any organizations that need the kind of high-speed, far-reaching data access that can only be achieved from space.

The issue is that today’s technology makes launching satellites into orbit a costly and time-sucking operation.

Launchers are large and go up infrequently, so reserving space on them takes a lot of lead time and investment, and even then a launch can hit a snag over a technical or weather issue.

That issue has somewhat been addressed by the growth of private companies like SpaceX, which are building more rockets to address demand; and a proliferation of more launch centers in a larger range of locations to increase the number of launch events.

Isar, on the other hand, is taking a very different approach, building not just a new kind of launchpad but a new kind of rocket that will be smaller and less expensive. The idea being that by doing so, it will make it cheaper, easier and more flexible for more organizations to book satellite launches. The aim will be to carry a payload of more than 1,000 kilograms.

As Metzler describes it, the innovations that Isar has built into its system includes the propulsion systems with a design that relies on a different, lighter fuel than what is typically used today in launchers. It’s also taking a different, simplified approach to the design to further reduce the cost of production.

Metzler said that typically the price for a satellite launch today can be in the range of between $30,000 and $40,000 per kilogram. “We aim to go more in the direction of $10,000 per kilogram,” he said.

The proposition is interesting enough that Isar says it has already racked up $500 million in “customer inquiries” — essentially a loose commitment for sales as and when it gets its launchers ready to run.

The company sees satellite launches as an obvious bottleneck that needs addressing.

“Going to space once a week is very different from planning launches three years in advance,” he said of how Isar envisions the future to look, versus how it looks now. And just to note, he said that Isar is building with sustainability in mind: If a piece does not return to earth to be re-used, it’s designed to be broken up and burned in the atmosphere, leaving no trace of the launcher.

Longer term, Isar might also consider space exploration and other areas of development, an ambitious road map (or sky map, as the case may be) that investors seem willing to support.

“We are proud to accompany Isar Aerospace as the largest institutional investor on its way to commercially develop space for Europe. Micro-satellites in the low Earth orbit will become a key platform technology with enormous innovation and business potential in the coming decades. That is why we need a competitive space industry in Europe if we do not want to witness the next technological leaps as a spectator,” said Hendrik Brandis, co-founding partner of Earlybird. “I am particularly pleased that we are able to back a financing round of this magnitude entirely with German money. This is a clear sign of how successfully the startup and VC industry has developed in this country in recent years.”

Cloudflare and Apple design a new privacy-friendly internet protocol

Engineers at Cloudflare and Apple say they’ve developed a new internet protocol that will shore up one of the biggest holes in internet privacy that many don’t know even exists. Dubbed Oblivious DNS-over-HTTPS, or ODoH for short, the new protocol makes it far more difficult for internet providers to know which websites you visit.

But first, a little bit about how the internet works.

Every time you go to visit a website, your browser uses a DNS resolver to convert web addresses to machine-readable IP addresses to locate where a web page is located on the internet. But this process is not encrypted, meaning that every time you load a website the DNS query is sent in the clear. That means the DNS resolver — which might be your internet provider unless you’ve changed it — knows which websites you visit. That’s not great for your privacy, especially since your internet provider can also sell your browsing history to advertisers.

Recent developments like DNS-over-HTTPS (or DoH) have added encryption to DNS queries, making it harder for attackers to hijack DNS queries and point victims to malicious websites instead of the real website you wanted to visit. But that still doesn’t stop the DNS resolvers from seeing which website you’re trying to visit.

Enter ODoH, which decouples DNS queries from the internet user, preventing the DNS resolver from knowing which sites you visit.

Here’s how it works: ODoH wraps a layer of encryption around the DNS query and passes it through a proxy server, which acts as a go-between the internet user and the website they want to visit. Because the DNS query is encrypted, the proxy can’t see what’s inside, but acts as a shield to prevent the DNS resolver from seeing who sent the query to begin with.

“What ODoH is meant to do is separate the information about who is making the query and what the query is,” said Nick Sullivan, Cloudflare’s head of research.

In other words, ODoH ensures that only the proxy knows the identity of the internet user and that the DNS resolver only knows the website being requested. Sullivan said that page loading times on ODoH are “practically indistinguishable” from DoH and shouldn’t cause any significant changes to browsing speed.

A key component of ODoH working properly is ensuring that the proxy and the DNS resolver never “collude,” in that the two are never controlled by the same entity, otherwise the “separation of knowledge is broken,” Sullivan said. That means having to rely on companies offering to run proxies.

Sullivan said a few partner organizations are already running proxies, allowing for early adopters to begin using the technology through Cloudflare’s existing 1.1.1.1 DNS resolver. But most will have to wait until ODoH is baked into browsers and operating systems before it can be used. That could take months or years, depending on how long it takes for ODoH to be certified as a standard by the Internet Engineering Task Force.

DOJ says it seized over $1 billion in bitcoin from the Silk Road drugs marketplace

Two days ago, about $1 billion worth of bitcoin that had sat dormant since the seizure of the Silk Road marketplace in 2013, one of the biggest underground drug websites on the dark web, suddenly changed hands.

Who took it? Mystery over. It was the U.S. government.

In a statement Thursday, the Justice Department confirmed it had seized the 70,000 bitcoins generated in revenue from drug sales on the Silk Web marketplace. At the time of the seizure, the bitcoin was worth more than $1 billion.

“Silk Road was the most notorious online criminal marketplace of its day. The successful prosecution of Silk Road’s founder in 2015 left open a billion-dollar question. Where did the money go? Today’s forfeiture complaint answers this open question at least in part,” said U.S. Attorney David Anderson in remarks.

“$1 billion of these criminal proceeds are now in the United States’ possession,” he said.

The Justice Department said Thursday that the seized bitcoin would be subject to forfeiture proceedings.

Silk Road was for a time the “most sophisticated and extensive criminal marketplace on the Internet,” per the Justice Department statement. In 2013, its founder and administrator Ross Ulbricht was arrested and the site seized. Ulbricht was convicted in 2015 and sentenced to two life terms and an additional 40 years, for his role in the operation. Prosecutors said the site had close to 13,000 listings for drugs and other illegal services, and generated millions of bitcoin.

More soon…

Free VPNs are bad for your privacy

VPNs are in high demand as Americans scramble to keep access to TikTok and WeChat amid a looming government ban. There are dozens of free VPNs out there that promise to protect your privacy by keeping you anonymous on the internet and hiding your browsing history.

Don’t believe it. Free VPNs are bad for you.

The internet is a hostile place for the privacy-minded. Internet providers can sell your browsing history, governments can spy on you and tech titans collect huge amounts of data to track you across the web. Many have turned to VPNs, or virtual private networks, thinking that they can protect you from snoopers and spies.

But where VPNs try to solve a problem, they can also expose you to far greater privacy risks.

TechCrunch’s Romain Dillet has an explainer on what a VPN is. In short, VPNs were first designed for employees to virtually connect to their office network from home or while on a business trip. These days, VPNs are more widely used for hiding your online internet traffic, and tricking streaming services into thinking you’re another country when you’re not. That same technique also helps activists and dissidents bypass censorship systems in their own countries.

VPNs work by funneling all of your internet traffic through an encrypted pipe to the VPN server, making it more difficult for anyone on the internet to see which sites you are visiting or which apps you are using.

But VPNs don’t inherently protect your privacy or give you anonymity. VPNs simply divert all of your internet traffic from going to your internet provider’s systems into the VPN provider’s systems instead.

That begs the question: Why should you trust a VPN that promises to protect your privacy more than your internet provider? The answer is that you can’t, and you shouldn’t.

By far, some of the worst offenders are the free VPNs.

As the old adage goes, if it’s free then you are the product. What that means is that they make money off you — specifically, your data. Like any service that costs nothing, VPNs are often supported by ads. That means taking your internet traffic and selling it to the highest bidder to serve you targeted ads while you’re connected to the VPN. Other free VPNs have been accused of injecting ads into the websites that you visit.

While there are paid and premium VPNs that are generally more mindful about your privacy, they aren’t anonymous, as they can be linked to your billing address. Paid VPNs also don’t solve the problem of funneling all of your internet traffic to a potentially untrustworthy company.

Some VPN providers also claim to protect your privacy by not storing any logs or track which websites you visit or when. While that may be true in some cases, there’s no way you can be completely sure.

In fact, some VPN providers have claimed they don’t store any logs — but were proven completely false.

Take UFO VPN, which at the time had about 20 million users. It claimed to have a zero-logging policy. But security researchers found the company’s logging database exposed to the internet, no password needed. The database was packed with logs of user activity, including which websites users were visiting.

Former NYPD director of cyber intelligence and investigations Nick Selby, now the chief security officer at fintech startup Paxos, said he only uses VPN providers that he knows do not store any logs. During his time as a police officer he would serve search warrants and know which providers were “the best at giving me nothing,” he told TechCrunch.

It’s not to say that all VPNs are unscrupulous or invading your privacy. Much of the problem with VPNs is that you can’t look under the hood and see what’s going on with your data. Standalone VPNs, like Algo and WireGuard, let you create and control your own VPN server through a cloud service, like Amazon Web Services, Microsoft Azure, Google Cloud or Digital Ocean. But remember: your encrypted data is stored on another company’s cloud, making it potentially susceptible to being grabbed by the authorities.

VPNs can be useful, but it’s important to know their limitations. Just don’t rely on them to protect your privacy or your anonymity.

As it delists, Rocket Internet’s ill-fated experiment with public markets is over

It was all supposed to be so different. When Rocket Internet IPO’d in 2014 it was the largest tech company floatation in Europe for seven years. A year later it had lost $46 million and its valuation had dropped by 30%. Since then the German startup factory behind internet companies such as Delivery Hero, Zalando and Jumia has languished, in part because the reason for its existence — to provide growth capital for “rocket-fueled” startups — has ebbed away, as the tech market was flooded with capital in recent years. Today the company said it was delisting its shares from the Frankfurt and Luxembourg Stock Exchanges for just that reason.

Rocket’s market value has fallen from its high of 6.7 billion euros ($8 billion) on the day of its IPO on the Frankfurt Stock Exchange to just 2.6 billion euros and is now offering investors 18.57 euros ($22.23) for each of their shares, lower than Monday’s closing price of 18.95 euros.

The company said it was “better positioned as a company not listed on a stock exchange” as this would allow it to focus on long-term bets.

In a statement, the company said: “The use of public capital markets as a financing source as essential [sic] parameter for maintaining a stock exchange listing is no longer required and adequate access to capital is secured outside the stock exchange. Outside a capital markets environment, the Company will be able to focus on a long-term development irrespective of temporary circumstances capital markets tend to put emphasis on.”

Delisting, it said, will also reduce operational complexity when setting up new companies, “freeing up administrative and management capacity and reducing costs.”

Its investment division, Global Founders Capital, and CEO Oliver Samwer, will retain their stakes of 45.11% and 4.53% respectively, meaning the virtual shareholder meeting on Sept. 24 to ask for shareholder approval to delist will largely be a formality. It has also launched a separate buyback program to secure 8.84% of its shares from the stock market. Although the decision to delist makes sense, smaller shareholders will be burned, especially as Rocket is using its own cash for the buyback.

The bets Rocket took, however, have of course paid off. For some. According to Forbes, Samwer and his brothers and co-founders Alexander and Marc are worth at least $1.2 billion each.

The Berlin -based firm became quickly known as a “clone factory” after Samwer famously conceded during his Ph.D. that Silicon Valley had got innovation wrong by coming up with new ideas, and the “innovation” would simply be to make existing models more efficient. The fact those existing models were usually dreamt up by other people never seemed to phase him.

Almost like clockwork Rocket produced clones of Amazon, Uber, Uber Eats and Airbnb. Its defense for this rapacious strategy was that it was simply adapting proven models for other markets.

Rocket would say it was merely adapting proven models for untapped local markets. Of course, the kicker was usually that the company would either scale faster globally than the original U.S.-based startup, thus forcing some kind of acquisition, or that it would have its clones IPO faster. It did however produce some big, global, companies, even if they were not particularly original, including e-commerce firm Zalando, food delivery service Delivery Hero and meal-kit provider HelloFresh .

There have been successes. Jumia, the African e-commerce company, listed in April last year and when Rocket sold its stake earlier this year, it contributed to Rocket’s net cash position of €1.9 billion at the end of April.

But it has not benefitted from the recent stock market rally for tech companies, as it is overly exposed to e-commerce rather than pandemic-proof companies like Zoom .

For nostalgia’s sake, here’s that interview I did with Oliver Samwer in 2015, just one more time.

LA gets a big SAAS exit as Fastly nabs the Culver City-based Signal Sciences for $775M

Los Angeles was always more than a one industry town, even when it comes to technology startups, but media and entertainment (and social networking) were always the big draws in tinseltown.

Now the city’s enterprise tech scene can claim a really big winner with Signal Sciences, the security monitoring and management company that is getting bought by Fastly, a provider of content delivery networking services, for $775 million.

“Our team couldn’t be more excited about the opportunity to join Fastly to continue to drive forward security protections that empower developers. But we also believe this is a great moment to showcase the diversity of the LA technology scene,” wrote Signal Sciences chief executive, Andrew Peterson, in a direct message. “Being the largest enterprise tech outcome ever here, we’re just one of so many great deep technology companies who are paving the way for the next generation of SoCal based start ups. We’re thrilled to help lead the way for the broader tech community in Los Angeles.”

Content delivery and security go hand-in-hand and some of the biggest companies online use businesses like Fastly and its competitor, Cloudflare, to ensure that their online presence doesn’t go offline — and that browsers can quickly download and deliver websites.

Fastly said that the acquisition of Signal Sciences’ business will boost its ability to provide better security for applications and APIs — the connective fabric between different services that knit different technologies together behind the scenes.

With the acquisition, Fastly is planting a flag as a new competitor in the cybersecurity market, even as companies like Amazon, Microsoft, and Google offer a wider array of services under their Internet as a service business lines.

Application security is a higher value piece of the services stack and it takes advantage of the natural position that a company like Fastly has as a content distribution network.

“Fastly was founded to meet developers’ need for greater visibility and control. Now, as the digital transformation movement continues to accelerate, DevOps teams are struggling with inadequate and inflexible security tools,” said Joshua Bixby, Chief Executive Officer of Fastly, in a statement. “Together with Signal Sciences, we will give developers modern security tools designed for the way they work.”

Under the terms of the agreement Fastly is buying Signal Sciences for $200 million in cash and approximately $575 million worth of stock, subject to customary adjustments for transactions, according to a statement.

Fastly is also setting up a $50 million retention pool of restricted stock units to give out to Signal Sciences employees.

Signal Sciences employees aren’t the only winners in the deal. The company raised $63 million in venture financing from investors including CRV, Harrison Metal, Index Ventures, Oreilly Alphatech Ventures, Lead Edge Capital, and individual investors including former Facebook security officer Alex Stamos, and Etsy chief executive Chad Dickerson.

The company’s last round was a $35 million investment raised about two years ago, and one investor with knowledge of the company’s cap table called it a “pretty efficient exit” for its backers.

Morgan Stanley & Co. and Union Square Advisors are acting as financial advisors to Fastly, and Cooley LLP is acting as its legal advisor with regard to the transaction, according to a statement. Qatalyst Partners is acting as financial advisor to Signal Sciences, while Goodwin Procter was the company’s lawyer.

The coronavirus pandemic is expanding California’s digital divide

If every California student without an adequate internet connection got together and formed a state, it would contain more residents than Idaho or Hawaii.

A total of 1,529,000 K-12 students in California don’t have the connectivity required for adequate distance learning.

Analysis from Common Sense Media also revealed that students lacking adequate connection commonly lack an adequate device as well. The homework gap that separates those with strong connections from those on the wrong side of the digital divide will become a homework chasm without drastic and immediate intervention.

To raise awareness of the enormity and immediacy of the digital divide, I started No One Left Offline (NOLO) in San Francisco. It’s an all-volunteer nonprofit that’s creating a coalition of Bay Area organizations focused on giving students, seniors and individuals with disabilities access to high-speed, affordable Internet.

During the week of July 27, the NOLO coalition will launch the Bridge the Divide campaign to raise $50,000 in funds that will be used to directly cover broadband bills for families on the edge of the digital divide.

At this point in our response to COVID-19, emergency measures have only stopped the homework gap from growing rather than actually shrinking it. That’s precisely why we need a new form of addressing students’ lack of adequate internet and devices. The digital “haves” should embrace directly covering the broadband bills and upgrades required by the “have nots.” This form of direct giving is both the most effective and efficient means of giving every student high-speed internet and a device to make the most of that connection.

But too few people are aware of just how dire life can be on the wrong side of the digital divide. That’s why I’m hoping you — as a fellow member of the digital “haves” — will join me in taking a day off(line) on July 17. I’m convinced that it will take a day (if not more) in the digital dark for more Americans to recognize just how difficult it is to thrive, let alone survive, without stable internet, a device and a sufficient level of digital literacy.

The increased attention to the digital divide generated by this day off(line) will spur a more collective and significant response to stopping the formation of a homework chasm.

Current efforts to close the homework gap have at once been laudable and limited. For example, internet service providers (ISPs) deserve praise for taking a voluntary pledge to limit fees, forgive fines and remove data caps. But that pledge expired at the end of June, months before school starts and in the middle of an expanding economic calamity.

It’s true that many ISPs are still going to extraordinary lengths to help those in need — look no further than Verizon donating phones to Miracle Messages to help individuals experiencing homelessness connect with loved ones. However, even these extraordinary measures will not fully make up for the fact that hundreds of thousands of Californians are experiencing greater financial insecurity than ever before. They want and require a long-term solution to their digital needs — not just voluntary pledges that end in the middle of a pandemic.

In the same way, many school districts in the Bay Area have rapidly loaned hotspots and devices to students and families in need. In fact, even before COVID-19, the Oakland Unified School District and the 1Million Project were providing hotspots to students in need. These sorts of interventions, though, do not afford students on the wrong side of the homework gap the same opportunity to fully develop their digital literacy as those that have devices to call their own and internet connections sufficient to do more than just homework.

Every student deserves a device to call their own and a connection that allows them to become experts in safely and smoothly navigating the internet.

Direct giving is the solution. Financially secure individuals across the Bay Area can and should “sponsor” internet plans and devices for families in need. By sponsoring a family’s high-speed internet plan for a year or more, donors will provide students and parents alike with the security they need to focus on all of the other challenges associated with life in a pandemic. What’s more, sponsored devices would come without strings attached or “used” labels.

Students would have a fully equipped laptop to call their own as well as one that didn’t lack key functionalities, which is common among donated devices.

Because access to the internet is a human right, the government should be solving the homework gap. So far, it hasn’t been up to the task. So, in the interim, we’ll need a private sector solution. The good news is that we collectively seem up for the task. According to Fidelity, most charitable donors plan to maintain or increase their giving this year.

Consider that even 46% of millennials plan to increase their philanthropy. Unfortunately, one inhibitor to giving is the fact that “many donors don’t feel that they have the information they need to effectively support efforts” to address the ramifications of COVID-19.

That’s where NOLO and other digital inclusion coalitions step in. We’re sounding the bell: The public sector isn’t closing the homework gap; it’s on us to make sure kids have the connections and devices they need to thrive. NOLO is also providing the means to act on this information — during its Bridge the Divide campaign, donors will have a chance to sponsor broadband bills for community members served by organizations across the Bay Area including the SF Tech Council, BMAGIC and the Mission Merchants Association.

Our collective assignment is making the homework gap a priority. Our due date is nearing. The first task is taking a day off(line) on July 17. The next is donating to the Bridge the Divide campaign during the week of the 27th.

Let’s get to work.

Astranis reaches key milestone with MicroGEO communication satellite, aims for service to begin next summer

Satellite telecommunications startup Astranis has achieved a key technical milestone with its MicroGEO product, a small geosynchronous communications satellite that it will use to launch its first commercial service starting next summer for customers in Alaska. This is a big milestone for Astranis because the MicroGEO satellite test article that passed this round of thermal-vacuum qualification testing will serve as the basis for a whole planned line of first products, designed to affordably provide low-cost broadband to specific geographic markets using individual spacecraft, region-by-region.

Having already successfully met its technical requirements in terms of radiation, which is particularly powerful in the target orbital band where the Astranis MicroGEO will operate in a fixed position above the Earth, this means that the startup’s tech has passed the last major technical milestone on its path to launch and operation. I spoke to Astranis CEO and founder John Gedmark about the achievement, and he said that while the MicroGEO qualification test article will still undergo a range of remaining tests ahead of its launch on a SpaceX rocket next year ahead of its planned Summer 2021 operational date, this is a big achievement that represents years of work from the team.

“It was a huge amount of work for the team, and I’m sure as you can imagine, these things do not do not come easy,” Gedmark said. “People maybe don’t understand just how extreme the temperatures are that a satellite has to operate within: We were doing testing all the way from 150 degrees Fahrenheit to -180 degree Fahrenheit. Just imagine that temperature swing on a big box of electronics.”

That is incredibly impressive, given that while they’ve improved significantly over the years, even modern consumer electronics can have challenges with much less extreme temperature swings. And qualification testing for equipment designed to work in space is actually done to a standard of both 20 degrees Fahrenheit hotter and colder than expected orbital temperatures, just to provide the equipment with a safe operational buffer. Temperatures can vary so wildly because the orbital environment lacks the insulating layer of the atmosphere, meaning it gets very cold when the sun is on the far side of the Earth, and extremely hot when the sun is shining directly on the spacecraft.

The Astranis MicroGEO satellites will operate in geostationary orbit (LEO), which means they’ll sit in a high orbit (higher than what’s known as ‘low Earth orbit’ or LEO, which you may have heard of because that’s where SpaceX’s Starlink satellites work). The GEO band is where existing satellite-based communication infrastructure operates today – but these consist of very large, mostly aging and expensive satellites that provide the backbone of networks including those used for in-flight wifi and on cruise ships.

Astranis is outfitting its GEO satellites with much more modern telecommunications equipment, and making its spacecraft significantly smaller, too. The company is betting that it can deploy smaller GEO satellites much more affordably, in order to serve very specific geographies. Its first satellite will serve Alaska, as mentioned, through a partnership with existing satellite TV and internet provider Pacific Dataport. This is expected to triple the available bandwidth to the state, while keeping costs to customers affordable. After that, the goal is to continue to build and launch similar satellites to serve individual small-to-medim sized countries, states and other regions.

This model differs significantly from what SpaceX and others working on LEO communications constellations are doing. Gedmark outlined the costs and benefits of both, and why he believes what Astranis is doing is likely the better fit in terms of business model and efficiencies for a small, young company to pursue.

“We’re huge fans of what some of these other companies are trying to do with LEO constellations – it’s just very different approach,” he said “We have the ability to put up one satellite at a time and focus bandwidth right where it’s needed, and do that quickly. The smaller constellations, they are very much an all-or-nothing proposition – the entire constellation has to be in place to begin service. And then they have some other challenges ahead of them as well, like ground antennas, unique tracking.”

Gedmark notes that you need to deploy many gateway dishes all around the world in order for LEO constellations to be effective, which caries its own costs and risks. Astranis, however, is compatible with existing infrastructure already used in satellite-based internet and communications, making it much easier to get serving customers. Plus, since it can launch satellites individually to serve specific regions, it can add revenue in stages over time, whereas LEO networks will need an immense up-front capital investment before any money actually starts coming in from commercial customers.

“They certainly can be successful,” he said. “I just think I think it’s gonna take them some time and we’re optimized for speed. Whether it be a U.S. state like Alaska, or a small- or medium-sized country we can offer them some extra bandwidth they can use as soon as possible and, and get it to them at the right price.”