Year: 2018

HashiCorp, the company that has made hay developing open source tools for managing cloud infrastructure, obviously has a pretty hefty commercial business going too. Today the company announced an enormous $100 million round on a Unicorn valuation of $1.9 billion.

The round was led by IVP, whose investments include AppDynamics, Slack and Snap. New comer Bessemer Venture Partners joined existing investors GGV Capital, Mayfield, Redpoint Ventures, and True Ventures in the round. Today’s investment brings the total raised to $179 million.

The company’s open source tools have been downloaded 45 million times, according to data provided by the company. It has used that open source base to fuel the business (as many have done before).

“Because practitioners choose technologies in the cloud era, we’ve taken an open source-first approach and partnered with the cloud providers to enable a common workflow for cloud adoption. Commercially, we view our responsibility as a strategic partner to the Global 2000 as they adopt hybrid and multi-cloud. This round of funding will help us accelerate our efforts,” company CEO Dave McJannet said in a statement.

To keep growing, it needs to build out its worldwide operations and that requires big bucks. In addition, as the company scales that means adding staff to beef up customer success, support and training teams. The company plans on making investments in these areas with the new funding.

HashiCorp launched in 2012. It was the brainchild of two college students, Mitchell Hashimoto and Armon Dadgar, who came up with the idea of what would become HashiCorp while they were still at the University of Washington. As I wrote in 2014 on the occasion of their $10 million Series A round:

“After graduating and getting jobs, Hashimoto and Dadgar reunited in 2012 and launched HashiCorp . They decided to break their big problem down into smaller, more manageable pieces and eventually built the five open source tools currently on offer. In fact, they found as they developed each one, the community let them know about adjacent problems and they layered on each new tool to address a different need.”

HashiCorp has continued to build on that early vision, layering on new tools over the years. It is not alone in building a business on top of open source and getting rewarded for their efforts. Just this morning, Neo4j, a company that built a business on top of its open source graph database project announced an $80 million Series E investment.

Google employees are fed up with the search giant’s lack of transparency when it comes to handling sexual harassment and misconduct allegations.

This morning, thousands of Googlers from San Francisco to Dublin are walking out in hopes of bringing real change to the company. The protest follows a New York Times report last week that revealed Google had provided Android co-creator Andy Rubin a $90 million payout package despite credible allegations of sexual misconduct made against him.

The protestors have five key asks:

1. An end to forced arbitration in cases of harassment and discrimination.
2. A commitment to end pay and opportunity inequity.
3. A publicly disclosed sexual harassment transparency report.
4. A clear, uniform, globally inclusive process for reporting sexual misconduct safely and anonymously.
5. Elevate the chief diversity officer to answer directly to the chief executive officer and make recommendations directly to the board of directors. And appoint an employee representative to the board.

Plans of the walkout emerged earlier this week, just days after the bombshell NYT report was released. According to BuzzFeed, some 200 Googlers began staging the protest; the group quickly grew to thousands, including non-U.S. Googlers. Google CEO Sundar Pichai had reportedly condoned the protest in an internal e-mail to employees Tuesday.

Pichai also responded to the NYT report with a letter co-signed by vice president of people operations Eileen Naughton, admitting that 48 people had been terminated at the company for sexual harassment in the past two years alone, including 13 senior employees.

We’ll be at the San Francisco protest, which begins at 11:10 a.m. PST. Here’s a look at protestors around the globe this morning.

Netflix is finally changing its long-held policy around the theatrical release of its original films.

In the past, the streaming service hasn’t blocked its films from being released in theaters, but it has refused to grant those theaters an exclusive release window, which meant that few of them were interested in carrying the films. That, in turn, may have hurt filmmakers’ chances when it came to getting nominated for major awards. (It also prompted the Cannes Film Festival to create a new rule that effectively blocks Netflix films from competing.)

It’s hard to know for certain whether (say) “Beasts of No Nation” or “Okja” or “The Meyerowitz Stories” would have won more awards of they’d made it into more theaters, but it’s worth noting that Amazon does release its films with an exclusive theatrical window, and that’s paid off in some major Oscar wins and a couple of genuine indie hits.

This year, Netflix might have its strongest Oscar contenders yet, particularly with “Roma,” the new film from Alfonso Cuarón, who won an Oscar for directing “Gravity.” The early reviews for “Roma” suggest that a) it may be the best movie of the year, and b) it really should be seen on the big screen.

So the service announced yesterday that “Roma,” along with “The Ballad of Buster Scruggs” (directed by the Coen Brothers) and “Bird Box” (directed by Susanne Bier and starring Sandra Bullock), will get exclusive theatrical runs.

For those wanting to see ROMA on the biggest screen possible, select markets will be able to watch in theaters AND on Netflix. Watch for special theatrical presentations of Alfonso Cuarón’s ROMA, The Ballad of Buster Scruggs from the Coen Brothers, and Bird Box from Susanne Bier.

— Netflix Film (@NetflixFilm) October 31, 2018

Deadline has more details: Basically, each film will roll out in select theaters in major markets a few weeks before their release on Netflix. “Roma,” for example, will open in New York, Los Angeles and Mexico on November 21, with additional engagements starting on November 29, ahead of a Netflix release on December 14.

So we’re not talking about a Marvel- or Star Wars-scale release here, and the theatrical windows are still much shorter than those offered by Amazon or a traditional studio film. Still, it’s a big change for a service whose executives were dismissing the theatrical model just a few months ago as one that “feels more and more disconnected with the population.”

Flickr is making some big changes, following its acquisition by SmugMug earlier this year. The company announced this week it’s addressing a series of issues on the site, including spam, customer support, and use of the Yahoo login, for example. But more notably, it’s also revamping its account structure to impose increased limits for free users, while rolling out unlimited storage for Pro subscribers.

Back in 2013, Flickr introduced a full terabyte of free storage for members – a move it hoped would bring more users to its service. But in the years since, consumers have shifted to services like Apple’s iCloud and Google Photos, which are integrated with iPhones and Android smartphones, as a way to backup their photos.

The free storage attracted the wrong kind of user to Flickr, says Andrew Stadlen, VP of Product at Flickr, in an announcement explaining the move.

“In 2013, Yahoo lost sight of what makes Flickr truly special and responded to a changing landscape in online photo sharing by giving every Flickr user a staggering terabyte of free storage. This, and numerous related changes to the Flickr product during that time, had strongly negative consequences,” Stadlen writes.

“First, and most crucially, the free terabyte largely attracted members who were drawn by the free storage, not by engagement with other lovers of photography. This caused a significant tonal shift in our platform, away from the community interaction and exploration of shared interests that makes Flickr the best shared home for photographers in the world,” he adds.

In other words, the company doesn’t want to be an online shoebox any more – it wants to return to being a real photo community.

The other issue Flickr’s new team has with the “free storage” giveaway is that it meant the Yahoo-owned Flickr was beholden to advertisers. Shifting to a subscription model allows Flickr’s new owners, SmugMug, to focus on building features for members, not advertisers.

Stadlen also says that giving away storage devalued Flickr in users’ eyes – they no longer saw it as product worth paying for.

Flickr now aims to change that by revamping who Flickr is for. It’s reducing free storage to 1,000 photos – a limit it came up with based on observations of how free and Pro members were already using the site. The vast majority of free users have fewer than 1,000 photos uploaded, so won’t be impacted, the company claims.

Pro members can now choose to upgrade to a paid plan for $5.99 per month, or they can save 30% and pay $50 per year, when they opt for annual billing. The Pro membership includes unlimited photo storage, an ad-free experience, advanced statistics, automatic backup through Auto-Uploader, and discounts from Adobe, Blurb, SmugMug, and Priime.

Alongside the news of the account changes, the company announced product changes to the site itself, which is rolling out support for photo resolutions up the 5K (5120 x 5120) – that’s 26 Megapixels, or up to 6X larger than Flickr’s current 4 Megapixel maximum, notes Don MacAskill, Co-Founder and CEO at SmugMug.

He says Flickr will also offer full support for embedded color profiles across all modern browsers, devices, and displays; and improvements to the photo ingestion process for faster uploads with fewer errors.

Customer support is getting a revamp, as well, with a dozen experts who will respond to members’ issues, an expanded self-help section, and a new Trust & Safety department.

The company says it’s now partnered with Sift to help fight spam, and with cybersecurity firm HackerOne to continually test its defense systems. The latter is particular helpful given the stain Flickr has on its name by being associated with Yahoo, whose data breaches impacted billions.

The new Flickr will also dump the Yahoo Login, with a new login rolled out to the site in early 2019 that will allow users to sign up with any email address, not just a Yahoo account.

The changes go to address a number of complaints users, and especially pro photographers, had with Flickr during its Yahoo years. The challenge, however, is to win back the disgruntled customers, and get them to pay for storage and features.

MacAskill believes SmugMug will be able to do so, by listening and working with Flickr’s community.

“We bought Flickr because it’s the largest photographer-focused community in the world. I’ve been a fan for 14 years. There’s nothing else like it. It’s the best place to explore, discover, and connect with amazing photographers and their beautiful photography,” he says. “Flickr is a priceless Internet treasure for everyone and we’re so excited to be investing in its future. Together, hand-in-hand with the the most amazing community on the planet, we can shape the future of photography.”

(Disclosure: Yahoo merged with AOL to become Oath, which also owns TechCrunch. Flickr is no longer owned by Yahoo or Oath as SmugMug bought it in April, 2018.) 

Rockset, a startup that came out of stealth today, announced $21.5M in previous funding and the launch of its new data platform that is designed to simplify much of the processing to get to querying and application building faster.

As for the funding, it includes $3 million in seed money they got when they started the company, and a more recent $18.5 million Series A, which was led by Sequoia with participation from Greylock.

Jerry Chen, who is a partner at Greylock sees a team that understands the needs of modern developers and data scientists, one that was born in the cloud and can handle a lot of the activities that data scientists have traditionally had to handle manually. “Rockset can ingest any data from anywhere and let developers and data scientists query it using standard SQL. No pipelines. No glue. Just real time operational apps,” he said.

Company co-founder and CEO Venkat Venkataramani is a former Facebook engineer where he learned a bit about processing data at scale. He wanted to start a company that would help data scientists get to insights more quickly.

Data typically requires a lot of massaging before data scientists and developers can make use of it and Rockset has been designed to bypass much of that hard work that can take days, weeks or even months to complete.

“We’re building out our service with innovative architecture and unique capabilities that allows full-featured fast SQL directly on raw data. And we’re offering this as a service. So developers and data scientists can go from useful data in any shape, any form to useful applications in a matter of minutes. And it would take months today,” Venkataramani explained.

To do this you simply connect your data set wherever it lives to your AWS account and Rockset deals with the data ingestion, building the schema, cleaning the data, everything. It also makes sure you have the right amount of infrastructure to manage the level of data you are working with. In other words, it can potentially simplify highly complex data processing tasks to start working with the raw data almost immediately using SQL queries.

To achieve the speed, Venkataramani says they use a number of indexing techniques. “Our indexing technology essentially tries to bring the best of search engines and columnar databases into one. When we index the data, we build more than one type of index behind the scenes so that a wide spectrum of pre-processing can be automatically fast out of the box,” he said. That takes the burden of processing and building data pipelines off of the user.

The company was founded in 2016. Chen and Sequoia partners Mike Vernal joined the Rockset board under the terms of the Series A funding, which closed last August.

As car and tech companies continue to make inroads on vehicles and services to build autonomous driving systems, a startup that is creating high-definition maps to help these vehicles move around has quietly picked up a significant round of funding.

DeepMap — a Palo Alto startup co-founded by James Wu and Mark Wheeler, who previously helped build maps and more at Google, Apple and Baidu — has raised a significant round of growth funding at a valuation of at least $475 million to expand its technology stack and its reach into more markets beyond its current footprint of the US and China.

Founded in 2016, DeepMap has been relatively quiet since raising $25 million in 2017, but news about this round has been trickling out for the last few months. In July, the company filed papers for a $60 million Series B round. In August, it noted that Nvidia had joined the round, which by that point was “oversubscribed” but still not closed.

And today, Generation Investment Management — the VC firm that counts former Vice President Al Gore and others among its co-founders — also confirmed that it is part of that Series B, along with previous investors Andreessen Horowitz, Accel Partners, and GSR Ventures, and new investor Robert Bosch Venture Capital. PitchBook notes that the round puts the valuation of DeepMap at $450 million post-money. However, with Generation added to the mix, both the size of the Series B and the valuation might both be higher.

We’ve asked and Generation and DeepMap are not disclosing those details, but they have said that the investment is being made because the interests of the startup are in line with that of the VC.

“DeepMap and Generation share the deeply-held belief that autonomous vehicles will lead to environmental and social benefits,” said Wu, who is the CEO of DeepMap (Wheeler is the CTO), in a statement. “We are delighted to work with the talented team at Generation. We consider Generation to be a value-added investor, whose insights and mission-aligned network will be of great advantage as we scale, especially in Europe.”

DeepMap is not exactly in stealth mode, but it also doesn’t disclose much about what it is working on specifically, nor how the funding will be used. (But it is hiring, mostly in engineering roles, in Palo Alto and Beijing.)

Companies like Waymo are expanding their autonomous driving tests, Lyft is buying companies to help ingest more driving data more easily, and just this week Baidu announced new car plans with Volvo and Ford, but there are still some crucial pieces that need to be put in place for self-driving to become a wide-scale reality, and one of them is building systems that have an accurate reading of the roads that they are driving on.

HD mapping will play a key role in that regard, helping make systems more accurate with real-time localization features that respond to road types and driving conditions. DeepMap says that it provides centimeter-specific accuracy using “real-world data, not models” and the ability to incorporate 3D landmark features and full 3D environments using “true LiDAR intensity and RGB values data” for simulation tools.

While DeepMap does not detail its products on its site, one report describes its offering as including hardware tools, software solutions, field data collection services, and a service that is able to translate the self-driving fleet data that companies are now in the process of collecting “into their own personalized HD maps.” The same report claimed that DeepMap charges about $5,000 per kilometer for mapping services in the US.

DeepMap is also not the only company working on addressing this need for better and more accurate mapping: mapping startup Camera is also raising money to build its service; DeepMap’s investor NVIDIA is also working on this problem; and lvl5 is another name we’ve also seen mentioned in this context.

The funding, and these partnerships, will likely help DeepMap cement its position on the map, so to speak as all of these continue to grow.

Uber Eats is expanding to enterprise customers with the launch of Uber Eats for Business. The new service allows companies to manage their employees’ food orders and positions Uber Eats to compete more directly against rivals that already offer corporate accounts, including Deliveroo, GrubHub, and Foodpanda (in some markets).

Uber Eats for Business is integrated into Uber for Business, which lets companies pay for and manage rides taken by their employees and clients. Its functions include setting meal programs that let employees order food at certain time and locations (for example, by geofencing a specific office’s address); automatic spending allowances that bill any overages to employees’ own credit cards; the ability for employees to order meals while traveling for work; and one monthly bill that sorts spending by teams, instead of multiple expense reports and receipts.

Enterprise accounts may help food delivery companies weather the headaches of operating an on-demand delivery service, including high operating costs, low margins, and competition. Over the past two years, food delivery startups that have shut down include SpoonRocket, Sprig, and Maple—and that’s just in the United States. India, which Uber Eats head Jason Droege recently said is its fastest-growing market, also experienced its own food delivery startup boom and bust, with TinyOwl, Spoonjoy, and Dazo among its best-known casualties (Foodpanda sold its struggling India business to Ola, Uber’s biggest competitor there, in December 2017).

For Uber in particular, Uber Eats also represents a way to reach customers who have never used its ride-hailing services, thanks in part to different regulatory requirements, Uber Eats’ head of U.S. cities Ana Mahony recently told TechCrunch. The company says 40 percent of new Eats users are new to Uber, and one of its goals for this year is to expand food delivery coverage to 70 percent of the U.S. If it succeeds, that would put it ahead of Postmates, which said earlier this month that it now covers 60 percent of households in America.

Security researchers have found two severe vulnerabilities affecting several popular wireless access points, which — if exploited — could allow an attacker to compromise enterprise networks.

The two bugs are found in Bluetooth Low Energy chips built by Texas Instruments, which networking device makers — like Aruba, Cisco and Meraki — use in their line-up of enterprise wireless access points. Although the two bugs are distinctly different and target a range of models, the vulnerabilities can allow an attacker to take over an access point and break into an enterprise network or jump over the virtual walls that separate networks.

Security company Armis calls the vulnerabilities “Bleeding Bit,” because the first bug involves flipping the highest bit in a Bluetooth packet that will cause its memory to overflow — or bleed — which an attacker can then use to run malicious code on an affected Cisco or Meraki hardware.

The second flaw allows an attacker to install a malicious firmware version on one of Aruba’s devices, because the software doesn’t properly check to see if it’s a trusted update or not.

Although the security researchers say the bugs allow remote code execution, the attacks are technically local — in that a would-be attacker can’t exploit the flaws over the internet and would have to be within Bluetooth range. In most cases, that’s about 100 meters or so — longer with a directional antenna — so anyone sitting outside an office building in their car could feasibly target an affected device.

“In the case of an access point, once the attacker gained control he can reach all networks served by it, regardless of any network segmentation,” Armis said in a technical write-up.

Ben Seri, vice president of research at Armis, said that the exploit process is “relatively straight forward.” Although the company isn’t releasing exploit code, Seri said that all an attacker needs is “any laptop or smartphone that has built-in Bluetooth in it.”

But he warned that the Bluetooth-based attack can be just one part of a wider exploit process.

“Once the attacker gains control over an access point through one of these vulnerabilities, he can establish an outbound connection over the internet to a command and control server he controls, and continue the attack from a more remote location,” he said. That would give an attacker persistence on the network, making it easier to conduct surveillance or steal data once the attackers drive away.

“Bleeding Bit” allows an unauthenticated attacker to break into enterprise networks undetected, take over access points, spread malware, and move laterally across network segments. (Image: Asrmis/supplied)

Armis doesn’t know how many devices are affected, but warned that the vulnerabilities are found in range of other devices with Bluetooth Low Energy chips.

“This exposure goes beyond access points, as these chips are used in many other types of devices and equipment,” said Seri. “They are used in a variety of industries such as healthcare, industrial, automotive, retail, and more.”

Seri said that the vulnerabilities aren’t within the Bluetooth protocol, but with the manufacturer — in this case, the Bluetooth chip itself. As an open standard, device makers are largely left to decide for themselves how to implement the protocol. Critics have long argued that the Bluetooth specifications leave too much room for interpretation, and that can lead to security issues.

For its part, Texas Instruments confirmed the bugs and issued several patches, but attacked Armis’ findings, calling its report “factually unsubstantiated and potentially misleading,” said spokesperson Nicole Bernard.

After Armis privately disclosed the bugs in July, the three affected device makers have also released patches.

Aruba said it was “aware” of the vulnerability and warned customers in an advisory on October 18, but noted that its devices are only affected if a user enables Bluetooth — which Aruba says is disabled by default. Cisco, which also owns the Meraki brand, said some of its devices are vulnerable but they too have Bluetooth disabled by default. Fixes are already available and the company has a list of vulnerable devices noted in its support advisory. A Cisco spokesperson said that the company “isn’t aware” of anyone maliciously exploiting the vulnerability.

Carnegie Mellon University’s public vulnerability database, CERT, also has an advisory out for any other devices that might be affected.

Nope. Nope. Nope. Nope. Alexa isn’t going in my shower. Nope.

With the mid-term elections looming, the pressure across all parties and organizations to get people to the polls is more prevalent than ever before — from nationwide campaigns, like Michelle Obama’s “When We All Vote” to public pleas from social media influencers encouraging their followers to get out and participate in the pivotal election.

Yet, as the number of eligible voters increases, we continue to see some of the lowest voter turnout in our nation’s history, with only half of eligible voters showing up to the polls in the 2014 election. Equally as troubling, the youngest voters, aged 18-29, have the lowest voter turnout, with only 20 percent participating in 2014 according to the 2014 Pew Research Center study.

So what is keeping our voters from the polls?

Voter turnout is directly correlated to annual household income. The 2014 Pew Research Center study found that 51 percent of households making $100,000 or more a year voted, while only 38 percent of those making $50,000 or less showed up to the polls, with the turnout numbers growing even smaller as income decreases. While many states like California mandate giving employees time off to vote, it is not as simple as just taking time off for busy families and non-exempt employees.

(Photo by Justin Sullivan/Getty Images)

Additionally, lack of access to childcare services is another hurdle many American parents face. But what if voting didn’t have to mean lost wages and parting with PTO time?

To help combat this issue, companies are starting to think about how to introduce new progressive benefits that will empower employees to take the time they need to be more civically engaged and active members of their communities. For example, companies of all sizes, from Walmart, Lyft and Patagonia to our own company, Zenefits, all recently created initiatives to increase voter turnout — from offering free rides to the polls to shutting down corporate offices for the entire midterm election day.

These benefits are sometimes labeled as “CTO” or “Civic Time Off,” and ensure that employees are not penalized but are instead encouraged to take time to participate in our democratic system, regardless of political affiliation, in whatever way is authentic to their core values and political beliefs. While voting is hot on the national dialogue with midterm elections right around the corner, CTO policies are not solely focused on getting people to the polls. CTO can be used for any civic endeavors, including voting, volunteering for a candidate, attending a school board meeting, canvassing or any other time devoted to civic participation.  

But companies have not always viewed civic engagement as a benefit in this way. A recent influx of millennials into the workforce has shifted benefits conversations and influenced the way employers think about their responsibility around workforce wellness, creating a new wave of progressive benefit offerings.

These new innovative benefits add to employee perks and are often thought of as a supplement to an employee’s salary. Though it may sound simple, these offerings can absolutely make or break an employee’s experience at a company and often is what attracts them to the role in the first place. These benefits, when thought of in a meaningful way, can be anything from covering commuter costs to furthering educational interests to blanketed physical/wellness stipends.

In this case, employers have begun to realize the necessity of civic-minded benefits. More and more, companies are beginning to see how today’s political environment is affecting their employees and their work. By offering CTO policies, employees are able to participate in the political moments in time that matter most to them, coming back to the office fulfilled and ready to take on the next workplace challenge.

As a company, it is important to build your team’s skill sets, not only as it pertains to their career development but also as it pertains to personal development beyond the walls of the workplace. This will not only lead to a happier, more well-rounded workforce but will also greatly benefit our nation at large as more companies make civic engagement a priority.

Whether your company is focused on incentivizing employee voting or encouraging daily in-office wellness programs for a healthier work-life balance, the important thing is that we recognize as people leaders the positive affect opportunities outside of the workplace have on our employees. A truly healthy workforce is composed of employees who are fulfilled both inside and outside of the workplace.