Year: 2018

IAC is changing the way its business is organized, the company reported during its Q3 2018 earnings on Wednesday. The company’s video platform Vimeo and DotDash (previously About.com) will become their own separate segments at IAC starting in Q4. That means they’ve reached the point their revenues can stand on their own.

The company beat on third quarter revenue expectations in the quarter with a revenue increase to $1.1 billion from $828.4 million a year ago, ahead of FactSet analyst expectations of $1.07 billion. However, net income was $145.8 million, or $1.49 a share, down from $179.6 million, or $1.79 a share, a year earlier. The drop was attributed to a tax benefit that it received in the year-ago period.

Vimeo’s revenue growth in the quarter increased 29 percent, and it grew its subscriber base by 10 percent to 932,000, IAC said.

“The business has the scale and potential to now stand on its own, and we want to begin to put a spotlight on it,” said IAC CEO Joey Levin, in a note to shareholders.

“Vimeo always has and always will obsessively, relentlessly cater to the needs of creators – not advertisers, not eyeballs, not our own platform, nor anything else. We’ve focused entirely on the creators and they have rewarded Vimeo with their loyalty. The numbers bear this out – Vimeo enjoys incredible retention, an average customer lifetime of nearly 5 years, customers that upgrade over time, and new subscribers that are attracted to fresh, premium offerings at increasingly higher price points,” he wrote.

Meanwhile, DotDash increased revenue by 35 percent to reach $30.1 million, with expanding profit margins in Q3.

The company will also begin splitting out mobile revenue from its legacy desktop business in Q4. IAC said its mobile business saw 158 percent revenue growth in the quarter to over $35 million, comprising 23 percent of its total revenue. The mobile business now counts over 2.5 million subscribers, IAC said.

After the changes to business segments in Q4, the remaining businesses in Publishing and Video will aggregate into a catch-all segment, named “Emerging & Other” which will include both early stage and mature businesses like BlueCrew, Ask Media Group, The Daily Beast, DROPOUT (College Humor’s subscription service), IAC Films and new incubation projects.

The group may “intermittently generate cash or consume cash,” but is more focused on the “next decade than the next quarter,” warned IAC. It noted it wouldn’t communicate much about the segment’s businesses going forward.

In addition, the company announced a new acquisition: East coast-based TelTech, the makers of an app called Robokiller, which blocks spam calls and telemarketers. This will join IAC’s Applications group.

Combined with Publishing (where DotDash, Ask.com, Investopedia, The Daily Beast, and others live) the two segments delivered over $50 million of Adjusted EBITDA in the quarter, nearly all of it cash flow.

Match Group, the parent company to Tinder, grew its average subscribers 23 percent to 8.1 million, driven by 61 percent growth in Tinder average subscribers to 4.1 million. Match had reported its own earnings ahead of IAC this week, where it also announced plans to focus Tinder on casual dating and invest more heavily in the relationship-focused app Hinge.

Match also announced a special $2 per share dividend, of which IAC said it has “no one thing or single use” in mind.

IAC said it’s now stockpiling cash and should have over $1.7 billion by year-end, excluding ANGI Homeservices (Angie’s List, HomeAdvisor, Handy – whose acquisition now completed – and others) and Match Group cash.

 

First, a couple of quick follow-ups to our coverage of Form Ds yesterday, and then a deeper dive into the challenges SoftBank is facing with regards to its revenue in Japan. Finally, some notes on recent articles we have read.

We are experimenting with new content forms at TechCrunch. This is a rough draft of something new – provide your feedback directly to the authors: Danny at danny@techcrunch.com or Arman at Arman.Tabatabai@techcrunch.com if you like or hate something here.

Form D(isappearing)

Form Ds are (usually) filed by startups to the SEC when they take on venture capital. However, there appears to be an increasing pattern of startups foregoing the filing, which has implications for both reporters (we have less info about what’s happening in the venture world) as well as with aggregate VC stats, which often rely at least partially on filings to determine the state of venture capital.

A number of readers emailed us with their views on the matter. One lawyer and multi-time startup founder wrote to say that:

Some additional considerations are cost: the Form D can be expensive with all of the associated state blue sky filings, especially if you have participation from a number of angels or smaller funds.

When you file a Form D, that generally pre-empts any equivalent state filing. HOWEVER, we were wrong yesterday when we said that “the form pre-empts most state securities laws so that startups don’t have to file in state jurisdictions.” Startups DO have to file in state jurisdictions, but usually just to point out that they have filed with the SEC.

Beyond cost, one issue with filing is when the round is smaller than the ultimate intended size. One reader reported in:

I was CFO at a startup and after consulting legal counsel, we didn’t file Form D for a Series C capital raising. Why? Because we didn’t want some investors to see how much is left in the round and defer funding

You might have convinced an investor to put in say $30 million into a round, and then they are shocked to find out that the round is really intended to be $50 million when the Form D hits the presses. Obviously, this is something that should be transparent to all parties, but I actually could see this happening more commonly at the seed stage, where some rounds almost certainly fundraise continuously and investors are more skittish.

Finally, it’s not just the finance and legal folks pushing for less filings, but also PR firms. One notable PR firm head told me that:

We’ve pushed a bunch of our clients to pursue [a 4(a)(2) exemption], but they were raising / had raised money from Tier One VCs.

That exemption allows startups to avoid a Form D filing, which “protects our launches from getting scooped.” The same PR head told me that this has been a policy for the past 18 months or so.

The data is still early, but the norms for filing do seem to be changing, and we are still doing more work on this. Reach out directly with your thoughts.

Japan is going after carrier revenue

Now for the big story. We have been obsessed this week with SoftBank, first covering the telco group’s penchant for debt, and then covering the unusual financing situation between the IPO of its Japanese mobile division and its bankers, in which SoftBank is demanding its underwriters provide a massive bond to the Vision Fund in order to lever it up and juice returns.

It feels like the more we dig into all of SoftBank’s moving pieces, the stranger the story gets.

Over the past few weeks, the Japanese telco market has been absolutely crushed by traders. Market leader NTT DoCoMo announced about a week ago that it would cut customer rates by 40% on mobile services, and warned investors that it may take five years for the company to return to this fiscal year’s profitability. Concerned over industry-wide rate reductions, a possible pricing war and potential upticks in churn, investors rapidly sold the country’s three major wireless companies — including SoftBank — causing their collective market caps to plunge $34 billion the following day.

Japan’s telcos are extraordinarily profitable and exist in a mature market, so why the sudden rate change?

The two-dimensional answer is that the Japanese government has become more strident in its criticisms of the telcos, which charge some of the highest fees of any carriers in the world.

That’s partly because Japan’s mobile market has functioned essentially as an oligopoly, dominated by NTT DoCoMo, au-KDDI, and SoftBank, which currently account for around 45%, 31% and 24% market share, respectively. The lack of competition has led to unreasonably high bills for customers, but hefty and growing profits for the telcos.

The Japanese government, led by prime minister Shinzo Abe, has been trying to force prices lower. As Bloomberg’s Maiko Takahashi and Dave McCombs pointed out in a recent article, the government has been trying to reverse this trend for a while now:

In 2015 Prime Minister Shinzo Abe called for lower prices and the companies eventually responded by offering reduced-cost service plans that didn’t undermine revenue growth, as they were offset by rising average revenue per user for data. Comments by government officials about lowering prices in 2016 brought a similar response. Still, carriers said they are concerned the pressure could increase this time.

This time around, the Japanese government has gotten more serious. It’s now also pushing for structural changes that will not only create pricing competition, but that will also make it easier for others to enter the market. As Takahashi and McCombs continued:

The government has also been pushing to boost competition by making it harder for the big three to lure new users by offering the latest phones at little or no upfront cost. Officials have also pushed to end SIM locking, a practice by which carriers lock their handsets to be used only on their network.

They are not only looking at bills, but also other competitive barriers,” said [Tachibana Securities GM Shigetoshi] Kamada. “They want bills to drop naturally by making the environment more competitive.

To make matters tougher for the incumbents, Rakuten, Japan’s “Amazon-esque” e-commerce giant, has decided to test the waters in the telco market, having received an operating license to start service in 2019.

All this is backdrop to the main stage, which is that SoftBank intends to IPO its Japanese mobile carrier division, in what could be the world’s largest IPO float in history. That IPO is critical for cleaning up SoftBank Group’s balance sheet, which is heavily loaded with debt.

That leads us to a three-dimensional analysis: could NTT DoCoMo and KDDI be preemptively cutting rates at exactly the time that SoftBank needs to show good financial results and projections to investors in its IPO roadshow? It’s a brilliant play, since some pain today to the bottom line could potentially knock out or at least diminish one competitor in the market, turning this oligopoly into a duopoly, Rakuten’s telco initiative not withstanding.

SoftBank is acutely aware of the changing landscape, yet remains full steam ahead on the IPO front. In fact, SoftBank didn’t even seem slightly worried about the rate cuts, with Group CEO Masayoshi Son stating “I can make a commitment right here that profit and revenue in the mobile business will continue to grow.” SoftBank noted that its telco profits will be fine, with the company planning to cut costs in the business by reducing its workforce by around 40%.

We’re not saying this is blatant marketing for the IPO, but what makes SoftBank’s claim seem a bit dubious is the fact that when NTT announced its rate cuts last week, even NTT stated it expected to see its operating profit and revenues drop, not to mention that the company wasn’t even targeting a full recovery from the impact until 2023. And in an already saturated market with well-resourced new entrants, generating enough new users (let alone keeping existing ones) to offset a rate cut and maintain even a steady Average Revenue Per User (ARPU) seems like a pretty tall task.

When you combine the losses other Japanese telcos expect with the fact that SoftBank has been pretty transparent about the IPO proceeds going towards future Vision Fund investments rather than back into the telco unit, it’s a little perplexing on how there can be such a rosy outlook for the business. And that ultimately may fuel disinterest with this particular public float, and therefore broader challenges to both SoftBank and its Vision Fund, with all the implications for growth-stage startups that entails.

Thoughts on Articles

‘Gun-Shy’: How Federal Prosecutors Forgot Silicon Valley: Great overview and analysis from Matt Drange at The Information about the decline of white-collar prosecutions out of the U.S. Attorney’s office in San Francisco, which was once managed by Robert Mueller before he became director of the FBI. “The number of white-collar cases prosecuted by the U.S. attorney for the Northern District of California has plunged from a peak of 354 in 1995 to 72 in fiscal 2018.” Major challenges include a decline of interest in white-collar prosecutions nationwide, bad office culture and botched executions of several high-profile cases. Definitely worth a full read. (~2,300 words)

LA Is Trying to Fix its Prostitution Problem by Banning Right Turns at Night—and it Might be Working: Too long article about a unique tactic of the LAPD: in order to generate sufficient probable cause to stop a car trolling for sex, the city installed “no right turn” signs at intersections in areas with high prostitution in order to have more reasons to stop cars. What a hack of the system. (~1900 words, but probably should be like 800)

‘The Bus Is Still Best’: Helpful analysis by notable transit pundit Jarrett Walker, discussing the role of microtransit options like Via or Chariot in city transportation networks. Walker doesn’t believe that ride-sharing will be the future of mass transit, and instead posits that a properly-managed and well-resourced bus system is much more efficient from a cost, coverage, space, and equality perspective. While some of the conclusions are a bit binary, he offers an effective and revealing comparison of transportation unit economics, while also providing a useful primer on the actual functions an effective public transport system has to service. Worth reading, even if only to serve as a clear overview of the various aspects city transit agencies have to consider in transportation and infrastructure decisions. (~2,050 words)

What’s next

Definitely drop us a line if you have thoughts about Form Ds or SoftBank – we are continuing to investigate. We are thinking of focusing on Rakuten’s new telco a bit as well, so ping us if you have thoughts or data to share. We’re at danny@techcrunch.com and arman.tabatabai@techcrunch.com.

Reading docket

What we are reading (or at least, trying to read)

Articles

• The CIA’s communications suffered a catastrophic compromise. It started in Iran.
• Bloomberg’s piece called “ The $6 Trillion Barrier Holding Electric Cars Back ”
• The New Yorker piece called “ Why Doctors Hate Their Computers ”
• A new report about China’s military and its deep connections into American academic research

Books

• Eliot Peper’s new science fiction novel Borderless
• Daniel J Hopkins’ The Increasingly United States (about how U.S. elections are more national and less local than ever before).

There’s a new Sony PS4 Pro and it’s much quieter than the original. Right now, it’s only available in a Red Dead Redemption bundle but eventually, it will likely be available as a standalone product, too.

The new CUH-7200 version reportedly dropped the console’s noise from 50 decibles to 44 decibels though as EuroGamer notes, it can still top out at 48 decibels. The noise reduction is reportedly thanks to improved cooling, which in turn, reduces the strain on the cooling system within the PS4 Pro. The original Playstation Pro came out two years ago, and at times, it can roar like a jet engine.

The revised model looks the same as the original so check the model number on the box to ensure you’re getting the quieter option.

I’ll admit that I’ve been caught up in the Bose hype. I’ve worn qBoseSony WH-1000XM3, a pair of wireless/wired cans that truly give everything else I’ve tried a bad name.

These $349 headphones come with a USB cable, audio cable, international audio adapter, and a compact case that holds the whole thing in a tight package. The headphones also support Bluetooth and will automatically swap to wired mode when you insert the headphone cable. The WH-1000XM3s support full noise cancellation that turns even the noisiest situation into a blissful escape. An ambient audio feature lets you listen to external sounds at the touch of a button and there is even a “Quick Attention” feature that turns the headphones down instantly when you need to speak to someone. Sony touts 30 hours battery life on one charge, a claim that I won’t refute as I haven’t recharged these things after multiple flights and they’re still going strong.

In short, these things are great.

Sony likes to brand all of its features and these headphones are no exception. The cans contain a “HD Noise-Canceling Processor QN1″ that run two 1.57 ” drivers that can handle up to 40 kHz. Something called a SENSE ENGINE notices what you are doing – walking, sitting, talking – and automatically changes the audio and noise reduction. Finally, the headphones offer multiple styles including stages, clubs, and outdoor stages. I doubt many will use or notice these features but they’re nice to have.

How do they sound? First, understand that these are not audiophile headphones. You get nice separation, great sound stage, and high quality audio out of these things but mostly you’ll be listening wirelessly to music on your phone or listening to awful audio being blasted out of your seatback entertainment system. Put garbage in, as they say, and you get garbage out. That said, I found these headphones superior to nearly every other model I’ve tested recently, including my Bose QuietComfort 35 IIs. The Sony models were bright and crisp and sounded great with noise canceling on or off. I also tested the headphones in loud environments including cafes and at home with lots of ambient audio playing. The ambient audio immediately disappeared when I turned on noise canceling, leaving only great sound.

They charge via USB and easily pair with any Bluetooth device instantly.

Now for some quibbles. The WH-1000XM3 has no physical power switch, a feature that lets you ensure your headphones are completely off. This single feature could mean the difference between a good flight and a bad flight. Further, the power button is right next to and the same size as the noise cancelation button. This makes it hard to tap this button if you’re wearing the headphones.

Thankfully, the headphones work when turned off, a feature that many lower-end noise canceling models lack. This means you can still listen to headphones if the battery is dead. I also noticed a bit of a bass heaviness in the WH-1000XM3s, but that could be a relic of using the fairly flat Bose headphones for so long.

The headphones also have some fairly cryptic touch features on the right cup including a call and music pause feature that works when you tap the sensitive surface. You can swipe through songs and turn the audio up and down and change the soundstage with a little button next to the power button.

Sony produces excellent audio products and these are no exception. I fly nearly every week these days and find myself reaching for these headphones over anything else I have in my extensive test collection. Time will tell if these cans survive the rigors of travel but given the price and the build quality I wouldn’t be surprised if these headphones are nestled in my backpack for years to come. Now I just have to break up with my Bose and I just know there will be drama.

Bonobo AI, an AI-based platform that helps companies get insights from customer support calls, texts, and other interactions, announced today that it has raised $4.5 million in seed funding led by G20 Ventures and Capri Ventures. Founded in 2016 and led by co-founder and CEO Efrat Rapoport, the Tel Aviv-based startup claims that its technology has been used to analyze more than a billion interactions so far and that it has signed up a “few dozen” clients including DreamCloud and Honeybook.

The idea behind Bonobo is that even though customer service texts and voice calls can provide companies with a trove of valuable information, these data points are difficult to aggregate and analyze at scale. Bonobo’s technology integrates into the platforms that its clients use to communicate with customers, like Gmail, Zendesk, or Twilio) and CRM platforms like Salesforce or Hubspot. Then it analyzes interactions for “events of interest in calls,” Rapoport told TechCrunch, like “when customers ask for a discount, complain, ask for a missing feature, become dissatisfied, etc.”

There are two main types of issues that Bonobo helps its clients with. One is opportunity detection, or identifying things that can either help the closing of a sale, like features that have proven popular among past buyers, or hinder it, such as customer questions that aren’t satisfactorily answered. By doing so, Bonobo is also able to help clients create very targeted marketing campaigns. For example, instead of sending marketing material all customers who need to renew their subscriptions, Rapoport says Bonobo’s clients can create campaigns to help retain customers who need to renew their subscriptions but have complained about the price being too high or missing a feature.

Another example of how Bonobo can increase conversion rates is predicting customer cancellations and other potentially costly issues. For example, one vehicle repair company was losing millions of dollars due to cancelled jobs. Bonobo helped it identify factors associated with a higher likelihood of cancellations during customer interactions with the company’s representatives, which helped it retain thousands of customers.

The second is risk detection. For example, Bonobo detects if a customer starts mentioning a competitor, threatens to post their complaint on social media, or brings up problems that are a legal or compliance risk. Rapoport says that Bonobo’s technology can identify specific segments in conversations, so companies can review it directly from Bonobo’s dashboard without having to perform a time-consuming search.

Rapoport says that she and her co-founders (CTO Idan Tsitiat, COO Barak Goldstein, and VP of research and development Ohad Hen) began working on Bonobo after they realized that while there are many tools from companies like Tableau, Oracle, Microsoft, SAP, and Salesforce for gathering insights from structured data (like customer behavior on websites), very few exist for analyzing unstructured data, including conversational data, at scale. “It’s easy to measure how many people go to their cart but then change their mind and exit, but how do you do the same on thousands of customers calls? How do you know what’s the reason customers change their minds?” says Rapoport. “That’s the gap we are filling.”

Spotify’s artist dashboard already allows musicians and their managers a way to track the success of their tracks and album releases, as well as view other data about their fans. Now, the streaming music service is debuting its first analytics tool aimed at music publishers. The new tool is launching into beta this morning, and will allow publishers to track daily streaming stats, including playlist performance, and view data across all the songwriters on their roster.

“We know that there are usually many more people involved in the creation of your favorite song than just the artist whose face appears on the billboard,” explains the company, in its announcement. “Spotify Publishing Analytics is the first analytics tool from a music streaming service built specifically for publishers, so they can better serve their songwriters.”

The platform was built in collaboration with partners, including BMG and Reservoir, who offered statements of their own about its launch. It’s designed to offer value across publishers’ responsibilities, from A&R to administration, Spotify says.

For the time being, the tool won’t change anything about how publishing royalties are accounted or paid, but instead will only be focused on providing data.

It offers insights into streams by song, songwriter and recording; how songs are doing on playlists; a way to see all the different versions of a song; and a way to export metadata to internal systems for further archival and analysis.

“One of our core missions at Spotify is to enable creators the opportunity to live off their art,” said Jules Parker, Head of Publishing Relations & Services, EMEA and APAC, Spotify. “The publishing community is integral in supporting the songwriters that create the music we love. With more information, publishers are empowered to make the most of the opportunities the global reach of Spotify provides, and the more information we can share with each other, the more opportunities we can help create for songwriters.” Parker added.

Patrick Joest, EVP Global Content Partnerships & Synch, BMG, said that the new streaming data will help them gain insights into new opportunities for songwriters, and more efficiently collect royalties on their behalf.

Spotify says the analytics service is the first aimed at publishers, but as Musically.com points out, others like Socan, Kobalt and Songtrust already exist. However, it is the first offered directly by a streaming service like Spotify.

The launch of the new service comes on the heels of a significant change to U.S. copyright law, the Music Modernization Act, which impacts music copyrights – and, particularly streaming services. Designed to update music copyright law for the digital era, the act changes how royalties are paid so more music creators can reliably collect the money they’re due.

Spotify wants to be seen as supportive of artists and the wider music creator community, and has been steadily rolling out tools for this side of the music business, instead of just those aimed at consumers listening to tunes.

It has also recently launched things like a playlist submission tool, Co.Lab event series for teaching musicians about the industry, a way to upload music directly, and plans to offer tools for cross-platform distribution via DistroKid, which it invested in. It also now displays songwriter credits and celebrates songwriters and producers through its Secret Genius program.

The new tool is in a limited beta. Interested publishers can visit publishers.spotify.com to ask to join.

“Who am I going to be worried about? Oh Facebook seeing? No, I’m not worried about Facebook seeing. They’re going to look at my great art collection and say they want to come steal it? No, I never really thought about it.” That’s my 72-year-old mother Sally Constine’s response to whether she’s worried about her privacy now that she has a Facebook Portal video chat device. The gadget goes on sale and starts shipping today at $349 for the 15.6-inch swiveling screen Portal+, $199 for the 10-inch Portal, and $100 off for buying any two.

The sticking point for most technology reporters — that it’s creepy or scary to have a Facebook camera and microphone in your house — didn’t even register as a concern with a normal tech novice like my Mom. “I don’t really think of it any different from a phone call” she says. “It’s not a big deal for me.”

While Facebook has been mired by privacy scandals after a year of Cambridge Analytica and its biggest-ever data breach, the concept that it can’t be trusted hasn’t necessarily trickled down to everyone. And without that coloring her perception, my mom found the Portal to be an easy way to video chat with family, and a powerful reminder to do so.

For a full review of Facebook Portal, check out TechCrunch hardware editor Brian Heater’s report:

As a quick primer, Portal and Portal+ are smart video screens and bluetooth speakers that offer an auto-zooming camera that follows you around the room as you video chat. They include both Facebook’s own voice assistant for controlling Messenger, as well as Amazon Alexa. There’s also a third-party app platform for speech-activated Spotify and Pandora, video clips from The Food Network and Newsy, and it can slideshow through your Facebook photos while it’s idle. For privacy, communications are encrypted, AI voice processing is done locally on the device, there’s an off switch that disconnects the camera and mic, and it comes with a physical lens cover so you know no one’s watching you. It fares well in comparison to the price, specs, and privacy features compared to Amazon’s Echo Show, Google Home Hub, and other smart displays.

When we look at our multi-functional smartphones and computers, connecting with loved ones isn’t always the first thing that comes to mind that way it with an old-school home telephone. But with the Portal in picture frame mode rotating through our Facebook photos of those loved ones, and with it at the beck and call of our voice commands, it felt natural to turn those in-between times we might have scrolled through Instagram instead chatting face to face.

My mother found setting up the Portal to be quite simple, though she wished the little instructional card used a bigger font. She had no issue logging in to her Facebook, Amazon Alexa, and Spotify accounts. “It’s all those things in one. If you had this, you could put Alexa in a different room” the Constine matriarch says.

She found the screen to be remarkably sharp, though some of the on-screen buttons could be better labeled, at least at first. But once she explored the device’s software, she was uncontrollably giggling while trying on augmented reality masks as we talked. She even used the AR Storytime feature to read me a bed time tale like she would 30 years ago. If I was still a child, I think I would have loved this way to play with a parent who was away from home. The intuitive feature instantly had her reading a modernized Three Little Pigs story while illustrations filled our screens. And when she found herself draped in an AR big bad wolf costume during his quotes, she knew to adopt his gruff voice.

One of the few problems she found was that when Facebook’s commercials for Portal came on the TV, they’d end up accidentally activating her Portal. Facebook might need to train the device to ignore its own ads, perhaps by muting them in a certain part of the audio spectrum as one Reddit user suggested Amazon may have done to prevent causing trouble with its Super Bowl commercial.

My mom doesn’t Skype or FaceTime much. She’s just so used to a lifetime of audio calls with her sister  back in England that she rarely remembers that video is an option. Having a dedicated device in the kitchen kept the idea top-of-mind. “I really want to have a conversation seeing her. I think i would really feel close to her if I could see her like I’m seeing you now” she tells me.

Convincing jaded younger adults to buy a Portal might be a steep challenge for Facebook. But perhaps Facebook understands that. Rather than being seemingly ignorant of or calloused about the privacy climate it’s launching Portal into, the company may be purposefully conceding the tech news wonks that includes those who’ll be reviewing Portal but not necessarily the much larger mainstream audience. If it concentrates on seniors and families with young children who might not have the same fears of Facebook, it may have found a way to actually bring us closer together in the way its social network is supposed to.

It took about six months for popular consumer drone maker DJI to fix a security vulnerability across its website and apps, which if exploited could have given an attacker unfettered access to a drone owner’s account.

The vulnerability, revealed Thursday by researchers at security firm Check Point, would have given an attacker complete access to a DJI users’ cloud stored data, including drone logs, maps, any still or video footage — and live feed footage through FlightHub, the company’s fleet management system — without the user’s knowledge.

Taking advantage of the flaw was surprisingly simple — requiring a victim to click on a specially crafted link. But in practice, Check Point spent considerable time figuring out the precise way to launch a potential attack — and none of them were particularly easy.

For that reason, DJI called the vulnerability “high risk” but “low probability,” given the numerous hoops to jump through first to exploit the flaw.

“Given the popularity of DJI drones, it is important that potentially critical vulnerabilities like this are addressed quickly and effectively,” said Oded Vanunu, Check Point’s head of products vulnerability research.

A victim would have had to click on a malicious link from the DJI Forum, where customers and hobbyists talk about their drones and activities. By stealing the user’s account access token, an attacker could have pivoted to access the user’s main account. Clicking the malicious link would exploit a cross-site scripting (XSS) flaw on the forum, essentially taking the user’s account cookie and using it on DJI’s account login page.

The researchers also found flaws in DJI’s apps and its web-based FlightHub site.

Check Point reached out in March, at which time DJI fixed the XSS flaw in its site.

“Since then, we’ve gone product-by-product through all the elements in our hardware and software where the login process could have been compromised, to ensure this is no longer an easily replicable hack,” said DJI spokesperson Adam Lisberg.

But it took the company until September to roll out fixes across its apps and FlightHub.

The good news is that it’s unlikely that anyone independently discovered and exploited any of the vulnerabilities, but both Check Point and DJI concede that it would be difficult to know for sure.

“While no one can ever prove a negative, we have seen no evidence that this vulnerability was ever exploited,” said Lisberg.

DJI heralded fixing the vulnerability as a victory for its bug bounty, which it set up a little over a year ago. Its bug bounty had a rocky start, after the company months later threatened a security researcher, who “walked away from $30,000” after revealing a string of emails from the company purportedly threatened him after finding sensitive access keys for the company’s Amazon Web Services instances.

This time around, there was nothing but praise for the bug finders.

“We applaud the expertise Check Point researchers demonstrated through the responsible disclosure of a potentially critical vulnerability,” DJI’s North America chief Mario Rebello said.

Good to see things have changed.

The Portal is a head scratcher. It’s a chat app that manifested itself into a hardware through sheer force of will. The first commercially available product from Building 8 isn’t as instantly iconic a piece of hardware as Snap’s Spectacles. In fact, at first glance, the device seems like little more than an Echo Show/Google Home Hub competitor.

And then there’s the matter of timing. In a meeting with TechCrunch ahead of launch, Facebook’s hardware team was quick to list the various ways the company is proactively protecting user privacy, from a camera button to a physical lens cap. The social media giant has always been a lighting rod for these issues, but 2018 has been particularly tough, for reasons summed up well in Taylor’s simply titled post, “Facebook, are you kidding?”

What’s most peculiar, however, is in this age of multi-tasking devices, the Facebook Portal and Portal+ are devices that are designed to do one thing really well. Rather than pushing to develop a true Echo competitor, Facebook’s first ground-up piece of hardware is essentially a teleconferencing device for friends and family.

It is, in the product’s defense, one wrapped in solid hardware design with some clever choices throughout. If the Portal ultimately winds up lining the thrift store shelves of history, it won’t be due to choices Facebook made to serve its core competency.

Rather, it will be due to the fact that the product team has neglected some other features in the name of focusing on video chat — a feature that’s got no shortage of delivery devices. Facebook told me that Portal’s other features will be updated based on user feedback — almost as if the company is unsure what, precisely, customers would want from such a device outside of video chat.

The timing of the device is certainly telling. Facebook is clearly banking on selling a lot of Portals for the holidays. You can practically see the ads playing out, as some melancholy voice sings the beginning strains of “I’ll Be Home for Christmas.” The first spot isn’t as on the nose, but similar heart-strings are tugged, as evidenced by the “Feel There” title. That’s Facebook’s pitch in a nutshell: We know it sucks you can’t be with your nieces and nephews or elderly parents right now, but hopefully this screen will do the trick.

From a hardware design perspective standpoint, I’m on board. The smaller Portal looks quite a bit like Lenovo’s Google Assistant-powered Smart Display, albeit with the different speaker placement. I’m into it. Lenovo’s device is probably the best-looking smart screen around, and the Portal is an identical cousin with a slightly different haircut.

The Portal+ — the model that’s been hanging on my office desk for a few days now — is the more innovative of the two products from an industrial design perspective. It is, essentially, an ultra-wide 15.6-inch tablet mounted atop a tall, thin base. The display is connected to the base via a joint that allows it to swivel smoothly between portrait and landscape mode.

The screen is 1080p — plenty good for video chat, and a big step up from the Echo Show and (especially) Google Home Hub. Of course, the large footprint means it’s going to be tough for those in smaller spaces to find an ideal spot (says the guy living in a one-bedroom apartment in New York City). At present, it’s sitting atop my AirPort router.

The all-important camera is positioned an inch above the screen, like an unblinking eye of Sauron. The 12-megapixel camera can do 5x zoom and capture movement within a 140-degree range. The four-mic array flanks the lens on either side, doing double duty of listening to commands and noise canceling during chats.

Along the narrow top ridge are three inductive buttons — two volume, one to turn off the camera and mic. When you hit that last one, a notification will pop up on screen, and a small red light will illuminate just to the right of the camera, for added assurance. As an extra measure, Facebook also tossed in a plastic clip to physically cover the camera.

I found myself making a point to keep the lens cap on the majority of the time when I wasn’t using the device to chat. When I was talking to someone, I slipped it to the side, but kept it clipped on the base. The little piece of plastic is pretty easily lost. If Facebook does end up making another one of these, a mechanical lens cap like the kind you find on a point and shoot camera is probably the way to go.

The button placement is a bit of a shit show. The way I have the Portal+ set up on my desk, the buttons are above eye-level. Makes sense, you want the display right around your face, you know, to look at it. This means when I want to, say, change the volume, I find myself fiddling in the dark for them. Given that they’ve got no tactility, I invariably end up hitting the wrong one, more often than not jacking up the volume in the process.

Similarly, I often end up hitting a button or two when attempting to clip on the lens cap. Next time out, Facebook needs to either go with physical buttons or find a better spot to place them — tough, I know, given the odd shape of the thing.

The screen placement ensures that the display doesn’t obscure the camera in either portrait or landscape — though when swiveling, the corners do eclipse the shot. When in portrait, the bottom of the display does block roughly half of the bottom speaker. This is a bit of a design flaw, though surprisingly, it doesn’t dampen the sound as much as I’d initially expected. That said, when you’re using the device to listen to music, keep it in landscape mode. In fact, I found myself keeping it that way the majority of the time I was using it, regardless.

The sound quality on the thing is decent. I haven’t had a chance to put it up against the standard Portal, but the deluxe version sports a more complex speaker array — 20w (2 tweeters, single 4-inch bass) versus 10w (2 full-range drivers). Like all of these smart displays, I’m not going to recommend this as your default home stereo, but I’ve been using it to listen to Spotify all day, and have been largely enjoying the experience.

The Portal’s interface is an extremely bare-bones experience. The UI flips between two primary cards. The primary is, naturally, a list of your Facebook contacts. Up top are the six you most regularly chat with, and below are your hand-picked favorites. One of the nice bits here is that the people you speak with don’t actually need a Portal to talk. They can chat with you on their phone or computer.

Swipe left and you get a screen full of large icons. From here you can click into Facebook videos or pick from your Portal apps — Food Network, iHeartRadio, Newsy, Pandora and Spotify by default.

Click into the apps icon and you’ll find that that’s really all there is for Portal apps at the moment. Thin soup doesn’t really begin to describe it. It’s a decent enough starting point, but honestly, Facebook doesn’t seem particularly interested in courting more developers or opening up the API to all comers. Again, the company is taking a very wait and see approach to just about everything here.

Still, Portal does bring some interesting innovation to video chat. To trigger the function, say “Hey Portal” and then “call [enter name here].” Simple enough. Though the actual “Hey Portal” features are essentially limited to things like making calls and putting the unit to sleep. Anything beyond that and poor Portal gets confused. Even something like “Hey Portal, turn off camera” is met with an “I can’t do that yet” in Portal’s uneven speech pattern.

For everything else, Portal defaults to Alexa — functionality you can add during the setup process. That the system relies on Amazon’s smart assistant to do much of the heavy lifting here further makes one wonder why Facebook expects users to adopt its product over the Echo.

Portal’s greatest trick is its automatic zooming and panning. Using built-in AI, the system automatically tracks users and follows them around the frame. So you can, say, cook dinner while chatting and Portal will be with you the whole way. The camera will also pan in and out as additional people enter and leave the room, keeping them all in frame. While chatting with Sarah Perez (who was using the standard Portal on the other end), the camera even zoomed in on her dog when she left the room for a moment.

The zooming is smooth and the effect is impressive, owing in part to the fact that the team worked with a Hollywood cinematographer to help polish its execution. By default it moves a bit too much for my liking, slowly zooming in and out in a way that can may you low-level seasick — though you can adjust the sensitivity in settings.

My second favorite part in video chat is the ability to share songs via Spotify, Pandora and iHeartMusic. When I start playing something on my end, Sarah hears it, too. And we can both adjust our individual volumes. You can also pair the system to Bluetooth speakers or headphones, if that’s more to your liking.

This being Facebook, the system comes equipped with AR-style photo filters — 15 in all (with more coming, no doubt). You can turn yourself into a werewolf, add a disco ball — you know, the usual. They do a good job tracking your movements and add an extra little dimension of fun to the system.

Story time is another fun feature for those Portaling with young children. On your side, you’ll see a teleprompter with a story — on theirs, it’s you embedded inside an AR storybook like the Three Pigs. There are only a few stories at launch, but then most kids enjoy repetition, right?

Like the Home Hub, Portal defaults to a makeshift digital picture frame when not in use. Naturally, it defaults to photos and videos from your Facebook feed. As someone who doesn’t really use Facebook to put my life on display, the Superframe feature wasn’t really by bag, though the ability to display info like the weather and reminders of things like friends’ birthdays was nice.

Above all, Portal is a bit of a one-hit wonder. Admittedly, it does that one thing (video chat) fairly well, and at $200 for the Portal and $349 for the Portal+, it’s certainly priced competitively (and in spite of Facebook’s insistence otherwise, may be a bit of a loss leader). But it’s a hard sell compared to more well-rounded devices like the Echo Show and Google Home Hub.

And, of course, there’s all the privacy baggage that inviting Facebook into your home entails. Between the camera/speaker disabling button, lens cap, localized AI and the promise not to eavesdrop or spy, Facebook has gone out of its way to ensure users that it’s not using the device as a portal into your own privacy. But given the kind of year the company’s been having, for many potential buyers not even all of that is likely to be enough.

There’s a default screen saver on the device that asks “Hey Portal, what can you do?” It’s meant, of course, to prompt you to click through and discover new features. But it’s an important question — and in its current iteration, it’s not one for which Portal is able to offer a particularly compelling answer.

Taiwan’s KKday, a startup in the increasingly competitive travel activities space, has pulled in an undisclosed funding round that adds two strategic investors to its business: Chinese e-commerce firm Alibaba and Japanese chat app company Line.

KKday was founded in 2015 to help people who travel overseas to find and book activities, ranging from tours to tourist attraction, transportation, museums and more. The company said it offers over 20,000 “unique experiences” in over 500 cities across 80 countries. There is much potential to move into, it seems, with analyst firm Phocuswright predicting that the travel tour and activities market will grow by one-third to reach $183 billion by 2020.

Unlike Hong Kong-based regional rival Klook, which is valued at over $1 billion and has ventured into Europe and the U.S, KKday is focused on Asian markets only.

We last wrote about the startup in January when it raised a $10.5 million round led by Japanese travel operator H.I.S, and this new Series B funding round is led by Alibaba’s Taiwan-based entrepreneur fund and Line Ventures, the VC arm connected to Japan’s leading chat app.

KKday CEO Ming Chen told TechCrunch in an interview that the two will help KKday with its efforts in China and Japan. Alibaba initially made an investment in July, this new deal represents a follow-up and it’ll see more emphasis placed on KKday’s branded store on Alibaba’s Fliggy travel store in China. Interestingly, Alibaba’s fund has also invested in another Taiwan-based activities service, FunNow.

Similarly, KKday will double down on Japan, where Chen said the company has seen “huge growth” thanks in a large part to its relationship with H.I.S. — a 38-year-old firm which has offices in 150 cities and $5.5 billion in annual sales. Chen, who thinks KKday may be Japan’s largest travel activities booking platform already, said Line will introduce a dedicated ‘Travel’ account that ties into the KKday service to allow Line users to book activities and share details with friends without leaving the messaging app.

Chen and KKday CMO Yuki Huang explained that the company is always open to strategic investments where it believes it can find business value.

“We’re very focused on looking for strategic investors not just money,” Huang said.

Others in the round announced today include existing investors CDIB Capital from Hong Kong and Monk’s Hill Ventures in Southeast Asia. That, added to Alibaba in China/Taiwan and H.I.S and Line in Japan, gives KKday a balanced investor base to help its business in those regions, Huang added.

KKday’s main rival is Klook and a Taiwanese competitor is FunDay, but a plethora of companies have sprouted to offer similar services in other parts of the world. Those include Peek in the U.S, Culture Trip, GetYourGuide, Headout and WithLocals. Still, KKday is sticking to its Asia focus for now, according to Chen and Huang.