Month: June 2019

Security researchers say they have uncovered a massive espionage campaign involving the theft of call records from hacked cell network providers to conduct targeted surveillance on individuals of interest.

The hackers have systematically broken in to more than 10 cell networks around the world to date over the past seven years to obtain massive amounts of call records — including times and dates of calls, and their cell-based locations — on at least 20 individuals.

Researchers at Boston-based Cybereason, who discovered the operation and shared their findings with TechCrunch, said the hackers could track the physical location of any customer of the hacked telcos — including spies and politicians — using the call records.

Lior Div, Cybereason’s co-founder and chief executive, told TechCrunch it’s “massive-scale” espionage.

Call detail records — or CDRs — are the crown jewels of any intelligence agency’s collection efforts. These call records are highly detailed metadata logs generated by a phone provider to connect calls and messages from one person to another. Although they don’t include the recordings of calls or the contents of messages, they can offer detailed insight into a person’s life. The National Security Agency has for years controversially collected the call records of Americans from cell providers like AT&T and Verizon (which owns TechCrunch), despite the questionable legality.

Cybereason researchers said they first detected the attacks about a year ago. Before and since then, the hackers broke into one cell provider after the other to gain continued and persistent access to the networks. Their goal, the researchers believe, is to obtain and download rolling records on the target from the cell provider’s database without having to deploy malware on each target’s device.

Div said the hackers acted invisibly to their targets. “They know everything about them without ever hacking their phone,” he said.

The researchers found the hackers got into one of the cell networks by exploiting a vulnerability on an internet-connected web server to gain a foothold onto the provider’s internal network. From there, the hackers continued to exploit each machine they found by stealing credentials to gain deeper access.

“You could see straight away that they know what they’re after,” said Amit Serper, head of security research at Cybereason. “They would exploit one machine that was publicly accessible through the internet, dump the credentials from that machine, use the credentials stolen from the first machine and repeat the whole process several times.”

Once the hackers gained access to the domain controller, the hackers had control of the entire network. “Everything is completely owned,” said Serper.

The National Security Agency collected 434.2 million phone records on Americans in 2018 as part of the call detail records program, despite controversies of the collection of domestic data. The cell provider hacks discovered by security researchers at Boston-based Cybereason appear to be another nation state collecting data on a handful of targeted individuals. (Image: file photo/Getty Images)

With access to the cell provider’s bank of call detail records, the hackers compressed and exfiltrated a target’s data — some hundreds of gigabytes — amounting to a vast number of records — potentially weeks or months at a time.

“Every single bit of raw data that your phone sends and receives to and from the network is there,” said Serper.

Each time the hackers broke in they would conduct more reconnaissance and network mapping “to get a better understanding of the network,” said Mor Levi, one of the Cybereason researchers who discovered and analyzed the hacking operation. The hackers at one point created a virtual private network connection on one of the cell provider’s compromised servers so they could tunnel into the network and pick up where they left off with ease without having to “reinventing the wheel every time,” she said.

The researchers said the hackers were faster and more efficient in attacking other networks because they already had knowledge of similar cell providers’ networks.

Div said because the attacks were ongoing, the company wouldn’t name the cell networks — only that some are large providers, and the smaller companies are in “unique and interesting” locations, likely each a strategic target for the hackers. Cybereason said it has not yet seen the hackers target North American providers, but said the situation remains “fluid” and ongoing. The company published its findings to sound the alarm over the continued intrusions.

The company also didn’t name the targeted individuals. “We started and then we stopped,” said Div, when the company realized the sensitivity and gravity of the hackers’ operation.

Cybereason did say it was with “very high probability” that the hackers were backed by a nation state but the researchers were reluctant to definitively pin the blame.

The tools and the techniques — such as the malware used by the hackers — appeared to be “textbook APT 10,” referring to a hacker group believed to be backed by China, but Div said it was either APT 10, “or someone that wants us to go public and say it’s [APT 10].”

Relations between the U.S. and China remain fraught amid an ongoing trade dispute involving Huawei, the Chinese telecoms giant accused by U.S. authorities as a proxy for China’s cyberspies.

Tensions have escalated in cyberspace in recent years after the Trump administration accused China of violating an Obama-era bilateral anti-hacking deal, signed in 2015, in which the two superpowers promised not to target each others’ private sector. Last year, the Justice Department indicted two alleged Chinese hackers accused of breaking into dozens of major U.S. tech and industry giants.

The Chinese government has long denied allegations of hacking against the West. When contacted prior to publication, a spokesperson for the Chinese consulate in New York did not comment.

Microsoft drew a line in the sand with Windows 10, presenting an operating system designed for both PCs and tablets alike. The move fostered hardware designers to go all in on convertibles — devices that performed double duty as laptops or slates, with adjustable keyboards to match.

For most of its history, the iPad has taken the opposite approach. Even as Apple has blurred the line between iOS and macOS with offerings like Project Catalyst, the tablet that redefined the category has been mobile first, running a scaled up version of the iPhone operating system. It’s largely suited the company and the product well, offering a dead simple approach for consumers.

But as the iPad has matured, so too have customer expectations. In recent years, Apple’s happily positioned the product as a kind of laptop alternative for business and education. The push has been accelerated with the arrival of the iPad Pro and Apple Pencil, which has made it a more compelling offering for creative pros, along with additional features to help facilitate multitasking.

The arrival of iPadOS marks the next key step in the tablet’s evolution. The device has already received a number of features designed specifically for its larger form factor and computing power, but the rebranding is the company’s way of asserting that the forked operating system is coming into its own, with a slew of features designed specifically to cater to its growing position as a productivity device.

In future iterations, iPadOS will be getting most or all of iOS’s updates at the same time as the iPhone OS. This time out, that includes iOS 13’s Dark Mode, the maps update and redesigned Photos for starters. But as the first iteration of the new rebrand, iPadOS is getting a number of new or updated pieces specific to the tablet.

The update starts with Home Screen. Like many of the features on board, the refreshed home screen is all about fitting more into the extended real estate, rather than just making a larger version of the existing layout, as iOS has done in the past. That includes fitting more icons on the screen — 30 in all (plus whatever you’ve got in the dock), segmented into six by five.

Swiping right will bring up a river widget on the left side, just under the newly pinned date and time in the upper left corner. The widget features quick glance features like calendar appointments, weather and photos. Swipe all the way down for settings and you can permanently pin it to the home screen, if you so desire.

Multitasking, on the other hand, is the real centerpiece of the update. Slide Over, which offers a a second floating app window gets some key improvements, including the ability to have several different apps open in the mode at once by dragging them from the dock. Swiping up to the middle of the screen will display all of the apps open in slide over like a deck of cards. Swipe all the way up and the app will go full screen.

Also of note is the ability to open multiple windows for a single app. It’s something, like much of this multitasking stuff, that we tend to take for granted on the desktop. It’s partially useful, however, for certain applications like Pages, where you tend to utilize notes from one document for writing in another.

There is, perhaps, no clear sign that the company is attempting to offer a more desktop like experience here than the updates to files. The changes are about giving users more control over the file systems on their device — it’s something the company has tended to hide away from the end user, ostensibly to give a simpler experience. Doing that, however, obfuscates interactions, something that ought to be a lot clearer if the iPad is designed to be a more professional machine.

The list includes the ability to plug in external hard drives via the USB C port, which will save a lot of additional dragging and dropping. Those mounted drives will populate the Locations column in the files app. Files can also be imported straight from SD cards and cameras into apps like Lightroom. Also worth noting are the ability to zip and unzip folders inside of the Files app and the addition of a download folder, offering more direct access to content downloaded via Mail, Safari and the like.

The iPadOS public beta is available today, along with iOS 13 and macOS Catalina. The final version is set to arrive in the fall.

Monzo, the fast-growing U.K.-based challenger bank with more than two million account holders, has raised £113 million (~$144m) in additional funding.

Confirming TechCrunch’s scoop in April, the Series F round is led by Y Combinator’s “Continuity” growth fund, and gives the company a new £2 billion (~$2.5b) post-money valuation. That’s double the £1 billion valuation it garnered in October last year.

A number of other new and existing investors have also participated in the Series F. They include Latitude, General Catalyst, Stripe, Passion Capital, Thrive, Goodwater, Accel, and Orange Digital Ventures.

The investment by London-based Latitude, the growth fund from prolific seed investor LocalGlobe, is particularly noteworthy given that LocalGlobe itself didn’t previously back Monzo. The same might be said of YC’s Continuity, considering that Monzo isn’t a YC alumni (although GoCardless, Monzo co-founder Tom Blomfield’s previous startup, did take part in the Silicon Valley accelerator).

The take-away: a growth fund attached to an early-stage fund can be a great antidote to the anti-portfolio (the list of successful companies a VC firm either missed, were unable or chose not to invest in).

Meanwhile, Monzo’s new funding round and YC’s backing should be viewed within the context of not only fast growth and increasingly convincing product-market fit in the U.K. — the challenger bank is currently adding 200,000 new sign-ups for its current account each month — but also recently unveiled plans to tentatively launch across the pond.

We first reported that Monzo was busy assembling a U.S.-based team over five months ago, and the U.K. company made its U.S. plans official last week. This will see a U.S. Monzo app and connected Mastercard debit card available via in-person signups at events to be held soon. The rollout will initially consist of a few thousand cards, supported by a waitlist in preparation for a wider launch.

The U.S. launch is being done in partnership with a local bank, but in the longer term Monzo plans to apply for its own U.S. bank license, similar to the strategy it employed in the U.K. so as to own and operate as much of its technical, product and regulatory infrastructure as possible.

In the U.K., this has helped Monzo achieve an NPS score of 80, which Blomfield previously told me is unusually high for a bank. This is seeing 60% of U.K. signups remain long-term active, transacting at once per week. As a counterpoint, however, the percentage of Monzo users that pay a salary into their Monzo account sits at between about 27% and 30% of active users, suggesting that a significant number of Monzo customers aren’t yet using it as their main account (Monzo’s definition of salaried is anyone who deposits at least £1,000 per month by bank transfer).

Success in the U.S., therefore, isn’t a given, conceded Blomfield when I had a call with him earlier this month. Instead, he argued that the key to cracking North America will be creating a fully localised version of Monzo based on carefully listening to U.S. users and once again finding product-market fit. He says there are obvious and less obvious cultural and technical differences in the way Brits and Americans save, spend and manage their finances, and this will require significant product divergence from the U.K. version of Monzo. Today’s new £113 million injection of capital is clearly designed to provide some of the breathing space required to achieve that.

As a side note, there are encouraging signs from other London-based fintechs that have ventured across the pond. One recent example is the financial “digital assistant” chatbot Cleo, which entered the U.S. around a year ago and has been more successful than the company anticipated, seeing Cleo add 650,000 active U.S. users to date. In fact, the U.S. currently makes up more than 90% of new Cleo users, prompting one source to describe the U.K. startup as effectively a U.S. company now.

As a misanthrope living in a vibrant city, I’m never short of things to complain about. And in particular the problem of people crowding into my photos, whatever I happen to shoot, is a persistent one. That won’t be an issue any more with Bye Bye Camera, an app that simply removes any humans from photos you take. Finally!

It’s an art project, though a practical one (art can be practical!), by Do Something Good. The collective, in particular the artist damjanski, has worked on a variety of playful takes on the digital era, such as a CAPTCHA that excludes humans, and setting up a dialogue between two Google conversational agents.

The new app, damjanski told Artnome, is “an app for the post-human era… The app takes out the vanity of any selfie and also the person.” Fortunately, it leaves dogs intact.

Of course it’s all done in a self-conscious, arty way — are humans necessary? What defines one? What will the world be like without us? You can ponder those questions or not; fortunately, the app doesn’t require it of you.

Bye Bye Camera works using some of the AI tools that are already out there for the taking in the world of research. It uses YOLO (You Only Look Once), a very efficient object classifier that can quickly denote the outline of a person, and then a separate tool that performs what Adobe has called “context-aware fill.” Between the two of them a person is reliably — if a bit crudely — deleted from any picture you take and credibly filled in by background.

It’s a fun project (though the results are a mixed bag) and it speaks not only to the issues it supposedly raises about the nature of humanity, but also the accessibility of tools under the broad category of “AI” and what they can and should be used for.

You can download Bye Bye Camera for $3 on the iOS App Store.

The enterprise drone space has been heating up over the past couple years, but a startup in the entertainment drone space is raising the big cash now.

The Drone Racing League is in the process of raising up to $50 million from investors in a Series C round according to SEC docs published today. The startup has already raised over $26 million of that figure and is looking to secure additional investors to close out the rest. Investors in the new round appear to already include Lux Capital and RSE Ventures.

We reached out to Drone Racing League for comment.

The company had previously raised $32 million in funding from backers including Sky, CRCM Ventures and Hearst Ventures. Drone Racing League closed a $20 million Series B in 2017.

The startup, as the name implies, is in the business of speedy drone racing. It was founded in 2015 with the goal of capitalizing on some of the excitement around the technology, while aiming to build out a league that captured the thrill of airborne Formula-1 racing.

We did a deep dive on the company’s efforts back in 2016 and the surrounding drone racing enthusiast space. The athletes fly custom-built hardware at 90 miles per hour in tourneys that take place at sites ranging from empty warehouses to professional sports arenas. Races have been broadcast on NBC Sports, Twitter, Sky Sports and FOX Sports Asia according to the startup.

In March, Spotify filed a complaint against Apple with the European Commission over the so-called “Apple tax” and claims of restrictive rules regarding the App Store. In the time since, Apple has responded with the launch of a website that takes aim at the anti-trust, anti-competitive claims against it, and most recently, a deep dive into how the process of app approvals work, by way of a CNBC profile. Now, Apple has responded to the EC complaint with its own filing which says Spotify is only paying this “Apple tax” on less than one percent of its paid subscribers.

This news was first reported by Music Business Worldwide (MBW) and German site Der Spiegel.

Specifically, Apple’s filing says that Spotify only pays a 15% “app tax” (revenue share) on just 0.5% of its 100 million premium subscribers, or around 680,000 customers. This revenue share only impacts those customers Spotify acquired during the 2014-2016 time frame who signed up for the subscription through an in-app purchase. Afterward, Spotify switched off the option to sign up in the app.

This is contrast to the claim made by Spotify CEO Daniel Ek on the company’s blog in March, where he wrote that “Apple requires that Spotify and other digital services pay a 30% tax on purchases made through Apple’s payment system.”

In addition, MBW reports, citing an unnamed source, that Spotify pays even less than the standard 15% for those customers who signed up through in-app purchase due to label discounts. The source told the outlet that Spotify just wants to “pay nothing.”

However, Spotify’s claim goes beyond the Apple tax.

It also said that Apple used its App Store power to penalize the competitor in other ways — like limiting Spotify’s ability to communicate with customers, or even send emails to its iOS users. Spotify said Apple also blocked its iOS upgrades — something it brought to light years ago. Apple, meanwhile, has always maintained it has treated Spotify like any other app developer.

Apple’s responses to these latter points were also sneaked into the recent CNBC piece where a “longtime Apple veteran” who was only identified as “Bill,” made certain to tell the news site that he had “called Spotify when an update was rejected” — e.g., because Spotify had been emailing customers and asking them to pay the music streamer directly, outside the App Store.

In addition to Spotify’s EU complaint, Apple is facing other attacks against its App Store in the U.S. courts.

The U.S. Supreme Court in May ruled against Apple to allow an App Store antitrust case to proceed.

And in June, two app developers proceeded to sue Apple over its App Store practices, making similar claims about Apple’s 30% commission on app sales and its requirement to price apps in tiers ending in 99 cents.

Apple had earlier responded to Spotify’s complaint in length on its own website. The company, in part, said that:

After using the App Store for years to dramatically grow their business, Spotify seeks to keep all the benefits of the App Store ecosystem — including the substantial revenue that they draw from the App Store’s customers — without making any contributions to that marketplace. At the same time, they distribute the music you love while making ever-smaller contributions to the artists, musicians and songwriters who create it — even going so far as to take these creators to court.

…

Apple’s approach has always been to grow the pie. By creating new marketplaces, we can create more opportunities not just for our business, but for artists, creators, entrepreneurs and every “crazy one” with a big idea. That’s in our DNA, it’s the right model to grow the next big app ideas and, ultimately, it’s better for customers.

Wind turbines are a great source of clean power, but their apparent simplicity — just a big thing that spins — belie complex systems that wear down like any other, and can fail with disastrous consequences. Sandia National Labs researchers have created a robot that can inspect the enormous blades of turbines autonomously, helping keep our green power infrastructure in good kit.

The enormous towers that collect energy from wind currents are often only in our view for a few minutes as we drive past. But they must stand for years through inclement weather, temperature extremes, and naturally — being the tallest things around — lightning strikes. Combine that with normal wear and tear and it’s clear these things need to be inspected regularly.

But such inspections can be both difficult and superficial. The blades themselves are among the largest single objects manufactured on the planet, and they’re often installed in distant or inaccessible areas, like the many you see offshore.

“A blade is subject to lightning, hail, rain, humidity and other forces while running through a billion load cycles during its lifetime, but you can’t just land it in a hanger for maintenance,” explained Sandia’s Joshua Paquette in a news release. In other words, not only do crews have to go to the turbines to inspect them, but they often have to do those inspections in place — on structures hundreds of feet tall and potentially in dangerous locations.

Using a crane is one option, but the blade can also be orientated downwards so an inspector can rappel along its length. Even then the inspection may be no more than eyeballing the surface.

“In these visual inspections, you only see surface damage. Often though, by the time you can see a crack on the outside of a blade, the damage is already quite severe,” said Paquette.

Obviously better and deeper inspections are needed, and that’s what the team decided to work on, with partners International Climbing Machines and Dophitech. The result is this crawling robot, which can move along a blade slowly but surely, documenting it both visually and using ultrasonic imaging.

A visual inspection will see cracks or scuffs on the surface, but the ultrasonics penetrate deep into the blades, making them capable of detecting damage to interior layers well before it’s visible outside. And it can do it largely autonomously, moving a bit like a lawnmower: side to side, bottom to top.

Of course at this point it does it quite slowly and requires human oversight, but that’s because it’s fresh out of the lab. In the near future teams could carry around a few of these things, attach one to each blade, and come back a few hours or days later to find problem areas marked for closer inspection or scanning. Perhaps a crawler robot could even live onboard the turbine and scurry out to check each blade on a regular basis.

Another approach the researchers took was drones — a natural enough solution, since the versatile fliers have been pressed into service for inspection of many other structures that are dangerous for humans to get around: bridges, monuments, and so on.

These drones would be equipped with high-resolution cameras and infrared sensors that detect the heat signatures in the blade. The idea is that as warmth from sunlight diffuses through the material of the blade, it will do so irregularly in spots where damage below the surface has changed its thermal properties.

As automation of these systems improves, the opportunities open up: A quick pass by a drone could let crews know whether any particular tower needs closer inspection, then trigger the live-aboard crawler to take a closer look. Meanwhile the humans are on their way, arriving to a better picture of what needs to be done, and no need to risk life and limb just to take a look.

WordPress now accounts for 34 percent of all websites globally, and today one of the key companies that helps handle the creation and management of some of those WP-hosted sites is getting a little bigger through some consolidation in the wider ecosystem. WP Engine, which works with businesses to build and manage their WordPress-hosted sites, has aquired Flywheel, a smaller competitor.

Financial terms of the deal are not being disclosed, WP Engine’s CEO and chairperson Heather Brunner said in an interview, but she confirmed to TechCrunch that it involved her company raising a small round (amount also undisclosed) from its existing investors to help finance the deal. WP Engine’s investors include Silver Lake (which last year put a whopping $250 million into the company) along with WordPress developer Automattic, Silverton, GuidePost Growth Equity (formerly known as North Bridge) and Eric Ries (of “Lean Startup” fame).

Brunner also declined to talk valuation of WP Engine, although she noted that current annual recurring revenue is at $132 million, and that Flywheel’s is $18 million, and with a current growth rate of 50%, together the two are on track to make $200 million in ARR by 2020 and likely pass the $1 billion mark for valuation, en route to a public listing.

“It is our aspiration to build a public-ready company, and this acquisition is part of making that happen,” she said. (Ironically, that could mean that WordPress’s partner, and sometimes competitor, could go public before it does.)

The deal is a sign of some consolidation in the ecosystem that has built up around WordPress. WP Engine is a veritable powerhouse in that ecosystem, having been an early mover in the space — WordPress backed it back in 2011 — and now working on building and managing sites for some 120,000 brands and agencies in 150 countries (likely totalling multiples of that in terms of actual sites).

WP Engine, as Brunner describes it, focuses largely on mid-market and larger businesses, while Flywheel — founded and currently based out of Omaha — has focused on smaller businesses. That makes the two natural complements to each other, but Brunner notes that there will be more gained from the union.

“The team there is very product focused,” she noted. “They’ve built a suite that we feel has been focused around small agencies, but they are also the types of tools that larger agencies will benefit from.” She is referring to the product Local by Flywheel, a local development application used by more than 150,000 developers.

Flywheel, founded in 2012, had only raised around $6 million in funding, including a $4 million round several years ago. The economies of scale of throwing in its lot with WP Engine will give it a much wider exposure and access to new customers.

“We founded Flywheel with the belief that in order to help creatives do their best work, we needed to create an internal culture that encourages our employees to do the same,” said Dusty Davidson, CEO and co-founder of Flywheel, in a statement. “That philosophy has led us to build an incredible company and some of the most well-loved products in WordPress, supported by an impressive group of talented people and the most remarkable open source community in the world.”

WP Engine has made a few other acquisitions prior to this, of other partners in the WordPress ecosystem, marking it out as a consolidator in the field. Brunner noted that while some of the company’s growth efforts might lead it to further acquisitions, it is also pursuing a second track of working with third party partners and acting as the intermediary platform for companies to bring in other services in aid of running their sites. Partners in the WP Engine ecosystem — alongside WordPress itself, of course — include Amazon Web Services, Cloudflare, Google, HubSpot and New Relic, she noted.

And we’re back! TechCrunch is returning to NYC for a Meet and Greet tomorrow at The Yard in Herald Square. It’s been a couple years since we’ve held an event in NYC and we’ve missed it.

Join Managing Editor Jordan Crook, Battlefield Host and Senior Writer Anthony Ha, Head of Startup Battlefield Neesha Tambe, and Hardware Editor Brian Heater on Tuesday, June 25th from 5:00pm – 6:15pm. From ExtraCrunch, our new subscription tier, to Startup Battlefield, TC’s world renowned startup launch competition, learn more about the new things at TechCrunch. You’ll have an opportunity to meet investors, startup founders and other folks in the startup community as well.

TechCrunch is actively searching for the next best startups to feature in Startup Battlefield this fall at Disrupt San Francisco and Hardware Battlefield in Shenzhen, China. If you are an investor or community manager for early stage startups, join us tomorrow evening to refer your companies. Early stage founders are invited to attend and learn more about Startup Battlefield. Founders of later stage startups are encouraged to come and network with TechCrunch Editorial at the event.

TechCrunch New York Meet and Greet

Host: The Yard – Herald Square

Time: 5:00pm – 6:15pm

Location: 106 W 32nd St, New York, NY 10001

RSVP: The event is free, but you will need a ticket to attend

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 9am Pacific, you can subscribe here.

1. The Raspberry Pi Foundation unveils the Raspberry Pi 4

While the Raspberry Pi first started as a simple computer designed to teach kids how to code, it has become a versatile device with many different use cases.

When it comes to physical design, the Raspberry Pi 4 Model B looks like the previous flagship model. It’s a single-board computer with a lot of connectors that is the size of a deck of cards. But everything has been updated.

2. Echo Show 5 review

Brian Heater says that if you’re looking for a smart home hub to double as an alarm clock, the Lenovo Smart Clock is your best bet. But if video playback and chat are important, Amazon’s got you covered.

3. Google’s new media literacy program teaches kids how to spot disinformation and fake news

The company is launching six new media literacy activities for the curriculum that will teach kids things like how to avoid a phishing attack, what bots are, how to verify that information is credible, how to evaluate sources, how to identify disinformation online, spot fake URLs and more.

4. Who’s going to use the big bad Libra?

If you’ve been wondering who’s actually going to use Facebook’s proposed cryptocurrency, Jon Evans has some thoughts.

5. The power of Ravelry’s stance against white supremacy reaches beyond the knitting community

This weekend, Ravelry enacted a policy that explicitly bans support of Donald Trump and his administration in content posted to the site, including project entries, patterns, forum posts and profiles.

6. Transitioning from engineering to product with Adobe’s Anjul Bhambhri

An interview with the vice president of platform engineering at Adobe. (Extra Crunch membership required.)

7. This week’s TechCrunch podcasts

The Equity team discusses the role VCs have played in the development of Facebook’s Libra, Original Content reviews the Netflix series “When They See Us” and most importantly, Mixtape is back with a conversation with Uber’s Meena Harris.