January 10, 2022
Photo: Benjamin Ashton via Unsplash
Hello and welcome to Protocol Enterprise! Today: a new kind of software supply-chain problem, Intel executive shuffles and does anybody really want to build software on Web3?
This is the first edition of the new daily Protocol Enterprise newsletter! We’ll be arriving in your inbox each weekday afternoon with a detailed roundup of everything you need to know about the day that was in enterprise tech. Expect to see new, fun sections as well as daily contributions from our growing staff. And if you like what you see, tell a friend.
When every company is a technology company and technology itself is a competitive differentiator, it’s essential to rethink the way that IT services are delivered and how IT resources are integrated into business units. Lenovo is on this journey together with our customers and our ecosystem of technology partners.
Maybe the chip shortage is a good thing? Canon has been forced to ship printer ink cartridges without the chips that detect whether or not its printers are using Canon-branded cartridges, thanks to the ongoing supply-chain fiasco.
The supply-chain dangers from under-maintained open-source projects were well documented in 2021, a year capped by the Log4j disaster. But the new year has already served up another reminder that software reliant on open-source software libraries and projects can be vulnerable to a different type of problem.
Over the weekend, a developer inserted new code into two popular open-source software libraries stored in the npm package repository, which is owned by Microsoft’s GitHub, that generated a seemingly random string of characters into applications that relied on those libraries. Those libraries are used by thousands of projects and are downloaded millions of times a week, according to Bleeping Computer.
The act appears to have been sabotage: a statement of protest by a developer identified as Marak Squires by Bleeping Computer against corporate control of open source and the decade-old prosecution of Aaron Swartz, who committed suicide after facing serious legal problems for downloading documents from a server owned by MIT.
Open-source software has had an immense impact on enterprise tech; it’s almost impossible to imagine the modern enterprise without open-source software, especially when it comes to cloud computing. But so much of that tech resides on a shaky foundation.
These days, software is never finished; the average code base is a living document that gets updated constantly, and that approach has unlocked a ton of innovation and produced more reliable software since it has come into vogue.
However, the cracks are starting to show. Maintaining the integrity of software supply chains will be an ongoing problem for users and vendors alike for years to come.
— Tom Krazit
Intel shakes it up: Micron CFO David Zinsner will replace Intel’s CFO George Davis, who had previously said he will retire from Intel in May. Zinsner has served as memory-maker Micron’s finance chief since 2018.
But Gregory Bryant, known inside the company as “GB” over a 30-year stint, also plans to leave the company at the end of the month for a “new opportunity.” Intel looked inward to replace Bryant, tapping Michelle Johnston Holthaus to head the PC unit.
CEO Pat Gelsinger has made sweeping changes to his executive team. He brought CTO Greg Lavender along with him from VMware, and big names like Navin Shenoy, head of the data platforms group, have also left.
A rare chip IPO: When Credo Technology filed its prospectus with the SEC, we took note. The company makes chips and cables that hyperscalers use to move data around inside their facilities.
Credo’s technology is complicated, but its business isn’t: It makes money selling chips and components, and also licensing the tech it has developed since 2008. It lost $27.5 million last fiscal year on revenue of $58.7 million, but turned a profit in fiscal 2020.
TSMC December sales. TSMC reported its closely watched monthly revenue figure for December, notching a big jump over the same month last year. TSMC said it recorded net revenue of NT$155.38 billion ($5.62 billion) in December, a 32% jump. Demand for the company’s 5-nanometer manufacturing process — used for the latest Apple chips and for others found in smartphones — helped TSMC amid the wider chip shortage.
TSMC’s capacity remains full, and next year looks like it will be a good one for the business, according to Bernstein chip analyst Mark Li.
— Max A. Cherney
We’ve talked at length about the promise of low-code and no-code software development tools to make companies more efficient and allow a bigger percentage of the population to create software, but how can companies implement those tools inside their organizations most effectively? Join Protocol’s Kevin McAllister on Jan. 19 at 10am PT for a virtual event with Nutanix CIO Wendy M. Pfeiffer and Kerim Akgonul, chief product officer at Pegasystems, in discussion about the best ways to make low-code and no-code tools work for you. Sign up here.
Data startup Labelbox, which annotes training data for AI models, closed a $110 million Series D round led by SoftBank’s Vision Fund II. The funding puts Labelbox near unicorn status and strengthens its ties to strategic investor Databricks.
Speaking of SoftBank, the multinational investment giant gave $146 million to Qraft, which uses deep-learning AI models to build exchange-traded funds. The promise for SoftBank? To figure out how to use AI to do its own investing better than highly paid fund managers.
Assent Compliance, a supply chain data management startup, raised $350 million at a valuation exceeding $1 billion, in a funding round led by Vista Equity Partners.
Stryker is acquiring Vocera Communications, a platform for healthcare workers to collaborate, for $2.97 billion in equity. The acquisition is expected to close in the first quarter of 2022.Justworks, a SaaS company providing benefits, payroll and HR services to small and medium-sized businesses, filed an IPO to raise more than $200 million at a market cap north of $2 billion.
The U.K. plans new scrutiny of the Big Three cloud providers, seeking more information about their security and resiliency plans.
Microsoft entered into a strategic partnership with Johnson & Johnson to serve as the company’s preferred cloud provider for digital surgery solutions.
Security researchers found a new Java vulnerability similar to the Log4j problem, but don’t anticipate this one causing as many issues.
What’s next for Box? Protocol alumnus Joe Williams interviewed CEO Aaron Levie on his post-proxy fight plans.
Kleiner Perkins’ Bucky Moore shared some interesting perspectives on the year ahead for enterprise tech, including the rise of serverless computing and the supply-chain dilemma.In case you missed it over the weekend, don't wait any longer to read outgoing Signal CEO Moxie Marlinspike’s thoughts on Web3 and software development.
Companies need to be flexible enough to scale up and down different tech stacks for a hybrid, global workforce, and adapt to new challenges. What works in one geography might not for another.
Thanks for reading — see you tomorrow!