Month: August 2018

A “legacy system” was to blame for exposing the contact information of attendees of this year’s Black Hat security conference.

Colorado-based pen tester and security researcher who goes by the handle NinjaStyle said it would have taken about six hours to collect all the registered attendees’ names, email and home addresses, company names, and phone numbers from anyone who registered for the 2018 conference.

In a blog post, he explained that he used a reader to access the data on his NFC-enabled conference badge, which stored his name in plaintext and other scrambled data. The badge also contained a web address to download BCard, a business card reader app. After decompiling the BCard app, the researcher found an API endpoint in its code, which he used to pull his own data from the server without any security checks.

By enumerating and cycling through unique badge ID numbers, he was able to download few hundred Black Hat attendee records from the server. The API was not rate limited either at all or enough to prevent the mass downloading of attendee records, the blog post said.

Security staff at BCard disabled the legacy system’s API within a day of his disclosure, which the researcher later confirmed as fixed.

INT International, which owns BCard, did not immediately respond to a request for comment. Black Hat also did not respond when contacted prior to publication.

Although the data exposure was limited to non-sensitive personal information, the fallout is embarrassing for the world’s most popular security meetup where maintaining strong “opsec” is paramount. Not only do security researchers, hackers, and vendors attend the conference, law enforcement and federal agents also attend.

It’s not the first time a security conference was hit with a security snafu. Earlier this year, the official app for the RSA Conference leaked over a hundred attendee records.

Amazon announced this morning a further investment in voice technology with an expansion of its Alexa Fund Fellowship to 14 new universities, up from only 4 in 2017, the Fellowship’s first year. The program, which is designed to support conversational A.I. and speech science research, is now coming to 18 total universities, including new additions, MIT, Dartmouth and Cambridge.

Under the banner of the Alexa Fund Fellowship are two programs: The Alexa Graduate Fellowship, focused on fostering education by PhD and post-doctoral students on topics like machine learning, speech science, and conversational A.I.; as well as the Alexa Innovation Fellowship, which is aimed at helping entrepreneurship center faculty serve as voice experts on campus, Amazon says.

Only 10 of the universities are receiving the 2018-19 Graduate Fellowship – a decision that’s made based on their research interests, planned coursework, and conversational A.I. curriculum, says Amazon.

This list now includes: Carnegie Mellon; the International Institute of Information Technology in Hyperabad, India; John Hopkins; MIT; Cambridge; University of Sheffield (UK); University of Southern California (LA); University of Texas at Austin; University of Washington (Seattle); and University of Waterloo (Ontario, Canada).

Meanwhile, the Innovation Fellowship will help to support on-campus entrepreneurship programs, by offering funding, Alexa devices, hardware kits, and regular training. The goal is to encourage student entrepreneurs to integrate voice technology into their startups, using Alexa’s developer services like ASK and AVS.

There are also 10 universities receiving this funding, as there’s some overlap with the prior list. These include: Arizona State University (Tucson); California State University (Northridge); Carnegie Mellon; Dartmouth; Emerson College; Texas A&M University; University of California (Berkeley); University of Illinois; University of Michigan (Ann Arbor); and University of Southern California.

As a part of this year’s Fellowship, there are already a number of projects underway.

For example, Alexa Graduate Fellow Jessica van Brummelen is exploring ways to make conversational A.I. interfaces easier to create and learn at MIT;  Alexa Innovation Fellow Andrew Singer, the Associate Dean of Innovation and Entrepreneurship at the College of Engineering at the University of Illinois at Urbana-Champaign is teaching a course on audio and signal processing that uses the Alexa Voice Services development kits; and Alexa Graduate Fellow James Thorne is studying new methods to use A.I. to verify information accuracy by way of follow-up questions at Cambridge.

With this expanded Fellowship, Amazon is seeding the system with entrepreneurs, researchers and academics who are working with voice technology, and specifically, Amazon’s Alexa voice platform. This could also help to serve as a hiring pipeline for Amazon in the future, while bringing Alexa developer tools directly to schools and classrooms.

Amazon, however is not the only company working to promote its technology at the university level. Google created its own PhD Fellowship program in 2009 which supports future faculty, industry researchers, innovators and entrepreneurs across disciplines, including voice.

The Alexa Fund Fellowship is one of several ways Amazon has been investing in Alexa technology and research. It also launched developer tools like the Alexa Skills Kit (ASK) and Alexa Voice Services (AVS) and allocated $200 million to voice-related startups via the Alexa Fund.

In January, Walmart partnered with Japanese e-commerce giant Rakuten on online grocery in Japan, as well as the sale of audiobooks, e-books, and e-readers in the U.S. Today, Walmart is capitalizing on that relationship with the launch of a full e-book and audiobook catalog on Walmart.com, alongside its assortment of physical books.

The new site, called Walmart eBooks, includes a library of over 6 million titles ranging from NYT best-sellers to indie titles and children’s books.

And similar to Amazon’s Audible, Walmart will also now offer a monthly audiobook subscription service.

However, Walmart is undercutting Amazon on pricing. While Audible subscriptions start at $14.95 per month for one audiobook, Walmart’s subscription is only $9.99 per month for the same.

In addition, Walmart aims to capitalize on its brick-and-mortar stores to help boost Walmart eBooks.

The company says it will sell nearly 40 titles in stores by way of digital books cards. These cards will be for popular books, like The Power of Now by Eckhart Tolle, Astrophysics for People in a Hurry by Neil deGrasse-Tyson and Capital Gaines by Chip Gaines. The cards will roll out to 3,500 Walmart stores starting this week.

Walmart will also sell Rakuten-owned Kobo e-readers both online and in stores. Today, customers will see a variety of Kobo e-readers for sale on Walmart’s e-commerce site, and later this week, Kobo Aura e-readers will hit 1,000 stores.

But customers won’t need to own a Kobo device to read these titles. Instead, the e-books can be accessed through co-branded iOS and Android apps, which also launched today.

Rakuten says its relationship with Walmart is part of the company’s larger vision to serve a worldwide audience. The company, founded in 2009, was built with the goal of operating in multiple markets worldwide, including in different languages and currencies. Today, its content reaches 190 countries, and has localized stores in 24.

“Although we are a company that focuses on selling a digital product, retailers and store experiences have always been an important part of the mix in every country we operate in,” said Michael Tamblyn, Rakuten Kobo President and CEO, in a statement. “That’s why we’re excited to partner with Walmart as we grow in the U.S. market. Together, we can provide even more people with a great reading experience, whether that’s print, digital or both.”

Obviously, Walmart’s partnership with Rakuten is a way for the retailer to better compete with Amazon, when it doesn’t build its own e-readers and tablet devices, or offer its own e-books and audiobooks catalog. But customers – especially the value-minded customers who tend to shop Walmart – may not care where the e-books come from, if they cost less.

Meanwhile, Kobo Aura devices are decent products. For example, some are waterproofed, perfect for poolside or bathtime reading. The devices also come in different screen sizes and price points, starting at $99.

Access to a selection of e-books could also help Walmart later on flesh out its own Amazon Prime competitor – something that seems even more likely, given reports that Walmart is now working on its own streaming video service (outside of Vudu) that could become a part of some such program.

To kick off Walmart eBooks’ launch, the retailer is offering new customers $10 off their first a la carte e-book or audiobook. Plus, audiobook subscription customers can try the service free for 30 days.

Nylas, a startup that helps developers integrate email content into applications via an API, announced a $16 million Series B today led by Spark Capital.

Other investors joining in included Slack Fund, Industry Ventures, and ScaleUp along with existing investors 8VC, Great Oaks Capital, Rubicon Capital and John Chambers’ personal fund. Today’s investment brings the total raised to $30 million.

The Nylas API works in a similar way to Stripe or Twilio, but instead of helping developers connect to payments or communications with a couple of lines of code, Nylas helps them connect to email, calendar and contact information. The idea behind any API like this is to give developers who lack expertise in a particular area outside the core purpose of their application, easy access to a particular type of functionality.

Company CEO Gleb Polyakov says that prior to Nylas, there really wasn’t an effective way to connect to email systems without a lot of technical wrangling. “Every person who is using the Internet has an email address, and there’s an immense amount of data that lives in the mail box, in the calendar, in your address book. And up until now, companies have been unable to effectively use that data,” he told TechCrunch.

It seems like a must-have kind of ability to connect to this type of information from any application, but most companies have shied away from a comprehensive approach because it’s hard to do, says company co-founder and CTO Andrea Spanger.

“We have essentially built adapters for the native protocols for each email system: Gmail, Microsoft Exchange, open source iMap servers and all the different extensions that are available on the different iMap implementations. And the key part is that with these adapters, we can talk to backend providers like Google, GoDaddy and Yahoo, Spanger explained.

Photo: Nylas

This capability could be useful for developers in lots of scenarios such as pulling data for a CRM tool from an email exchange between a salesperson and a customer, or to coordinate meetings around the calendars of several individuals and an open meeting room that works for all of their schedules.

The company, which has been around for five years, currently has 35 employees with offices in New York and San Francisco. With the new funding, they expect to double that number by the end of the year, as it adds engineering and builds out its sales and marketing team. While much of the marketing up to now has been inbound from developers, they want to expand their customer base by marketing directly to companies.

It currently counts 200 customers and thousands of developers using the product. Customers include Comcast, Hyundai, News Corp, Salesloft and Dialpad.

AT&T-owned digital media company Ellation is moving into the original content business with the launch of Ellation Studios, which will produce series for the company’s anime streaming service Crunchyroll.

The meaning of the “originals” label is a bit fuzzy, with streaming services applying it to everything from shows where they’ve acquired the exclusive rights (sometimes just in one country), to series that they’ve fully produced and own.

When asked where Crunchyroll Originals will fall on that spectrum, Ellation’s new head of studio Margaret Dean said, “It’s an important question. We’re still talking about it. At what point do we put [the Originals label] on all those types of deals?”

Dean (an industry veteran and current president of Women In Animation) noted that Crunchyroll started out with a licensing model before getting more involved in the financing of new shows, and then moving into co-production. Ellation Studios seems like the next step in that direction, with production facilities in Burbank and Tokyo.

Ellation and Crunchyroll aren’t announcing the full slate of originals yet, but first up is High Guardian Spice, a fantasy series telling the story of four girls at High Guardian Academy. It’s created by Raye Rodriguez will be staffed by an all-female writing room and is scheduled to premiere in 2019. (Dean, Rodriguez and others will discuss the show durring a panel at the Crunchyroll Expo next month.)

Dean said everything on the originals slate will be anime-inspired, but will cover a variety of stories for a variety of audiences.

“Animation is a medium, not a genre,” she said. “It doesn’t have to be limited to kids — or to if it’s adults, to comedy. It can be a wide range of different styles and genres.”

She added that one of the reasons she was excited to join Ellation being told that the goal is to be “everything to somebody, not something to everybody.” Dean described a “sense of liberation” on hearing those words: “We could go deep in things. We could make great art.”

Bitcoin has had tremendous success as a cryptocurrency, with millions of people around the world having traded the currency through command lines and wallets like Coinbase. Yet, for all of the excitement in the space, BTC remains largely the province of technically-sophisticated finance and software junkies and their Uber drivers. How can everyone in the world use crypto?

For Alex Adelman, that challenge proved an enigma. Partnering with Matt Senter, he had previously founded Cosmic Cart, a “universal shopping cart” that would allow companies to sell their goods anywhere online. The company was eventually acquired by POPSUGAR, and acquired a second time by Ebates, a Rakuten-owned affiliate marketing platform. Adelman wanted to get into the blockchain world, but didn’t want to leave behind his network in the retail world.

After reconnecting and exploring, Adelman and Senter realized that scaling consumer demand for Bitcoin is the critical challenge for widespread adoption of the technology, and that retail rewards and loyalty could represent a port of entry for consumers new to cryptocurrencies.

Out of that thinking was born Lolli. Lolli is a rewards platform that offers users BTC when they shop at participating online retailers. Consumers install a browser extension or start from Lolli’s website to discover retailers offering crypto rewards (smartphone and tablet apps are “coming soon”). Each retailer sets their own “cashback” (cryptoback?) rate, and that BTC reward is then moved into a Lolli wallet.

Lolli allows users to receive Bitcoin for their online purchases

The company’s name is inspired by the lollipops that Adelman received as a kid when visiting his bank. The dream is to massively expand the number of consumers who have Bitcoin wallets, while also educating them on what cryptocurrency is and how to use it.

What makes Lolli compelling though isn’t the concept — loyalty in the crypto space isn’t particularly unknown nor are airdrops — but rather the deep bench of online retailers that are included right from the startup’s launch. Adelman told me that users can already shop at more than 500 retailers, including Jet, Forever21, Bloomingdales, and ClassPass, avoiding the chicken and egg problem endemic to many rewards startups.

As with all rewards and loyalty programs, there is a two-sided marketplace component that can make these challenging to scale. One interesting dynamic though is that retailers are increasingly looking for ways to engage with cryptocurrencies. Adelman explained to me that the retailers he has been talking to have been surprised at the wide excitement among consumers around crypto and what it means, and they want to use that excitement to engage with potential new customers.

Lolli’s browser extension allows users to find retailers who offer free Bitcoin for purchases

While many retailers have flitted back and forth about whether to accept Bitcoin and other cryptocurrencies as a valid payment method, there is less concern on the rewards side about the volatility of cryptocurrencies. Plus, connecting with consumers around the technology can give retailers an early look into how consumers think about their wallets, and how they might change their online shopping behaviors in the future.

In many ways, Lolli is symmetrical to another recently launched loyalty app called Bumped. Bumped partners with retailers to drive loyalty, but instead of handing out BTC, it hands out free shares (or microshares) of the stock of the company a consumer just shopped at. The idea there, as with Lolli, is that few consumers own stock these days, and rewards and loyalty can be a mechanism to drive shopping behavior while also providing an initial financial portfolio for consumers.

While gross transaction volume and user engagement are valuable themselves, what really drives the valuations of these companies is the wallet or brokerage accounts behind them. Investors highly value these sorts of gateway financial products, which is one reason why Robinhood is valued at $5.6 billion with just more than 4 million accounts. Lolli’s bet is that it can become the de facto wallet for millions of consumers.

Lolli only supports Bitcoin at launch, and Adelman is certainly a strong proponent of the view that Bitcoin is likely the one cryptocurrency to rule them all. With many more consumers potentially getting their first satoshis though, Lollis’ dream, and the dream of many crypto investors, may well have a chance to come to pass.

After Adyen’s huge debut on the public markets in June that saw the stock go up 92 percent on its first day of trading, the company today published its first earnings as a publicly listed business. The figures underscore to how Adyen — which provides services to merchants and others to power both online and offline transactions — continues to charge ahead in its growth. In the first half of the year, Adyen made revenues of €256.4 million ($298 million), up 67.3 percent compared to a year ago, with net income of €48.2 million, up 74.6 percent.

For some context, in the year that ended December 31, 2017, Adyen generated net revenues of €218 million, up 38 percent compared to 2016. In other words, in the first half of this year, Adyen has already made more than it did in all of the year before.

The stock is currently trading at €574 per share, versus a close of €548.10 the day before.

Adyen said it processed €70 billion in transactions in the period, up 43.1 percent compared to the same period a year ago. This puts it on track to grow processed volumes by about 50 percent for the full year. (Last year’s processed volume was €108 billion.)

Ebitda was €70.3 million, up 83.1 percent, with a margin of 44.9 percent. This was down slightly on last year’s margin, which Adyen ascribed to “continued investment in global team and marketing.”

As we’ve described before, Adyen’s business is predicted on the continued growth of e-commerce, and also the the increasing digitisation of in-person payments that link up data between offline and online transactions.

In each of these cases, merchants or others taking payments — Adyen’s customers include the likes of Netflix, Uber, eBay and Dunkin’ Donuts — potentially have to string together a number of different pieces to not only take payments, but to process them and use the data from them to inform wider business decisions. Adeyn’s solution essentially is to handle all of that for its customers, in order to make the process of taking payments from customers more efficient.

“Through our single platform, we provide a holistic view of payments, regardless of sales channel, delivering unique shopper insights while combating fraud and improving payment authorization rates,” the company notes.

The company was built originally on solving the hurdles around digital payments — an area that still has a long way to go, considering that e-commerce is still around 10 percent or less of all transactions across many key markets. But Adyen’s more recent move into physical transactions has been a large boost to business, with point-of-sale processed volumes up 120 percent year-on-year to €6.6 billion. Nevertheless, POS payments accounted for just 9.4 percent of total processed volume, the company noted.

When you’re working in a key business tool like Slack or Salesforce, you don’t want to switch focus by opening up another application to pull additional information. Evernote Business has let you access Evernote content from these applications for some time, and today it announced some refinements to enhance those integrations.

The Slack integration had worked with the old slash commands to display Evernote content directly within Slack, but Slack has changed that to allow you to access applications like Evernote in a more visual way, says Eric Wrobel, chief product officer at Evernote.

“Earlier this year, Slack announced something called Slack Actions. It allows you to surface an application in a more visual way, so discoverability and ease of use is better to reduce friction,” he said.

Evernote embedded inside Slack. Screenshot: Evernote

Evernote has take advantage of this new capability in this release to get away from the command interface style that Slack had previously used and make it easier for their core knowledge workers to access Evernote content inside of Slack.

Users can take an Evernote note in Slack, which will then show up in Evernote automatically in a “Notes from Slack” folder. From there, users can edit the notes and move them to other folders (or tag them) to further organize them in any way they see fit. Similarly you can save a conversation you’re having in Slack to Evernote as a note and move it or edit from Evernote later on.

The Salesforce Connection

While Salesforce deals with structured systems of record, Evernote works with unstructured content and bringing the two together can be useful and powerful for users. Typically, a team member interacting with the customer on the phone or in the field, will take notes in Evernote, and they want to share that information with other members of the team in the Salesforce record, Wrobel explained.

The user who took the note can link one or more notes inside Salesforce, so they essentially become part of the customer record. The newer version improves the technical connections between the two cloud applications including the ability to “pin” a note to a record. What’s more, once a note is linked there is two-way sync, which means regardless of whether you change that note in Salesforce or Evernote, it will update in both places (because the integration is a live version of Evernote).

Evernote notes embedded in Salesforce record. Screenshot: Evernote

Evernote also surfaces related content automatically at the bottom of the customer record to help users find other Evernote subject matter connected to the record. While you can’t link a note to Salesforce directly from Evernote yet, that is a requested feature and Wrobel said they are working on it for a future release.

These updates are available today for Slack and Salesforce customers using Evernote Business.

Chinese smartphone firm Xiaomi has posted a $2.1 billion profit for its first quarter of business as a public company on account of growing smartphone and hardware sales.

The firm listed in Hong Kong in July in an IPO that raised $4.7 billion, but Xiaomi’s share price has steadily fallen since then. The company announced today that it grew revenue 68 percent in Q2 2018 to reach 45.2 billion RMB, or $6.6 billion. Xiaomi posted a net profit of 14.6 billion RMB ($2.1 billion), but it recorded an operating loss of 7.6 billion RMB ($1.1 billion) for the period due to significant administration costs around the listing. Costs had also weighed it down in the lead up to the IPO.

Those initial results raise the firm’s shares by 1.6 percent at the time of writing. But it remains some way from the HK$21.55 peak reached last month.

The bulk of Xiaomi’s revenue is from smartphone sales and the firm said it shipped 32 million during the quarter, up 44 percent year-on-year, which brought in 30.5 billion RMB ($4.5 billion). That’s 67 percent of all revenue, although it is worth noting that gross profit on hardware sales slipped to 6.7 percent from 8.7 percent last year.

Beyond phones, sales of other smart products, which includes TV and fitness bands, grew by over 100 percent to reach 10.4 million RMB. That’s around $1.5 billion and Xiaomi’s next largest revenue source.

Internet services, a segment that Xiaomi has long forecast as a financial differentiator against other phone brands, saw total sales grow by 64 percent annually to hit 4 million RMB, $585 million. Xiaomi has only recently begun to focus this division on markets outside of China, which accounts for the bulk of its 206.9 million monthly active users. That’s a figure that Xiaomi said it up on 146 million one year ago.

Look more broadly at its globalization strategy, 36 percent of Xiaomi’s revenue for the quarter came from outside of China, which the firm said represents 151 percent year growth year-on-year. That’s predominantly from India, but Xiaomi said it has seen progress in Indonesia, Southeast Asia’s largest economy, while it also recently expanded into Europe.

In India, the firm is shooting for additional growth after it released the first device from its new Pocophone sub-brand. The Poco F1 is designed to offer high-end specs at just a snip of the cost, zooming in on a market segment that fellow Chinese outfit OnePlus has seen much success within in India.

The F1 is priced below $500 and it’ll debut in India before going on sale in Hong Kong, France and Indonesia later this month.

One Medical has confirmed to TechCrunch it has closed on funding from the Carlyle Group for a new cash infusion worth $350 million. This announcement follows an earlier report this week One Medical was seeking to close a $200 million deal, on top of a possible $100 million in stock for the financing firm.

However, we have since learned the deal is a tad higher, including $220 toward the primary equity investment and another $130 million in a secondary investment.

CEO Amir Rubin tells TechCrunch the new funds will go toward a serious expansion for the company, including doubling it’s 72 offices throughout the seven states One Medical is currently serving and expanding into new markets. Rubin was coy about where those new markets might be for now but said we’d know soon enough.

One Medical is a members-only technology platform offering an array of concierge medical services, including same-day scheduling, virtual doctor visits and reminders for important checkups. It started out as a direct-to-consumer model but has expanded in the last few years to offer medical care for employees at companies like Uber and Adobe.

The funding will also help One Medical take on both dinosaur incumbents in the medical field as well as newer startups with a similar technology offering like Forward, an AI-based “medical office of the future.”

To beat both, Rubin would like to use part of the new cash to beef up his company’s tech backend. One Medical’s platform is built on algorithms and machine learning to pull together new information and help patients have a better experience at the doctor’s office. Right now, getting all of your medical history in one place is a hard problem to solve in the U.S. healthcare system — only complicated by the many coded hurdles in dealing with insurance. Rubin would like his platform to quickly surf through the data and find procedures done elsewhere to ensure patients are better served by their medical team.

Lastly, the new funding provides an opportunity for One Medical to scale up its human medical team. One Medical tells TechCrunch it will also invest tremendously in its clinical team, doubling its provider numbers, which are in the “several hundreds” right now.

Prior to this round, One Medical had raised just over $180 million and was last valued around $1 billion. The new funding puts the total raised at $530 million.