Year: 2020

Twitter has said that there is “no evidence” that attackers obtained user account passwords after its security breach on Wednesday, which forced the company to lock down user accounts to prevent verified users from tweeting.

In a series of tweets on Thursday — almost exactly a day after the mass account hijacking started — the social media giant said: “We have no evidence that attackers accessed passwords. Currently, we don’t believe resetting your password is necessary.”

“Out of an abundance of caution, and as part of our incident response yesterday to protect people’s security, we took the step to lock any accounts that had attempted to change the account’s password during the past 30 days,” it said. “As part of the additional security measures we’ve taken, you may not have been able to reset your password. Other than the accounts that are still locked, people should be able to reset their password now.”

Twitter said that it’s “working to help people regain access to their accounts” following the security incident. Many high-profile accounts, including news organizations, were still locked out from their accounts by Thursday morning. Some are still locked and unable to tweet.

News of the incident broke in real-time — on the social network, no less — after cryptocurrency sites were hijacked to send tweets promoting a common cryptocurrency scam. Several high-profile accounts, including @apple and @binance, as well as celebrities @billgates, @jeffbezos, and @elonmusk — which collectively have 90 million followers — were hacked as part of the mass account hijackings.

A public record of the cryptocurrency wallet showed hundreds of transactions, amounting to over $100,000, in just a few hours.

Twitter later confirmed that hackers launched a “coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”

A hacker with direct knowledge of the Twitter incident told TechCrunch that another hacker, who goes by the handle “Kirk,” gained access to an internal Twitter “admin” tool, which they then used to hijack high-profile Twitter accounts and spread the cryptocurrency scam.

It’s not known if other hackers also had access to the admin tool. The FBI is now investigating the incident, a spokesperson said Thursday.

But questions remain over exactly how much access the hackers gained, or if the hackers were able to read users’ private direct messages.

Ron Wyden, a Democratic senator, said in a statement that in a private meeting in 2018, Twitter’s chief executive Jack Dorsey said the company “was working on end-to-end encrypted direct messages,” a kind of encryption that would prevent even Twitter from reading users’ messages.

“It has been nearly two years since our meeting, and Twitter DMs are still not encrypted, leaving them vulnerable to employees who abuse their internal access to the company’s systems, and hackers who gain unauthorized access,” said Wyden. “While it still isn’t clear if the hackers behind yesterday’s incident gained access to Twitter direct messages, this is a vulnerability that has lasted for far too long, and one that is not present in other, competing platforms.”

“If hackers gained access to users’ DMs, this breach could have a breathtaking impact, for years to come,” the lawmaker said.

We asked Twitter several questions about direct messages, including whether the company has any evidence that the hackers gained access to users’ DMs; what protections it puts in place to prevent unauthorized access — including from Twitter employees; and if there are any plans to implement DM end-to-end encryption.

When reached, a Twitter spokesperson declined to comment.

The Trump campaign’s unlikely digital marketing whiz is on the outs.

Brad Parscale made headlines for his social media savvy in 2016, a strategy still credited for giving the then-candidate a major boost by flooding social platforms, most notably Facebook, with targeted advertising. Parscale was named the Trump campaign’s digital director in 2016 and in 2018 ascended to the role of campaign manager, leading Trump’s bid for reelection.

In 2016, the Trump campaign outspent Hillary Clinton by $16 million on the platform, pushing out 5.9 million variations on ads and aggressively optimizing to replicate successes and avoid failed tactics in the process. During the same time period, the Clinton campaign only ran 66,000 different ads, roughly as many as the Trump campaign tested in a single day.

“Twitter is how [Trump] talked to the people, Facebook was going to be how he won,” the brash digital director told 60 Minutes in an election post-mortem the next year. In the same interview, Parscale explained how the campaign brought in “embeds” — employees from Facebook that taught Parscale and his staff how to hone their skills on the platform.

Under Parscale, the Trump campaign also reverse-engineered ad audiences from its current support base rather than targeting ads broadly or looking at traditional demographics.

“Brad Parscale, who has been with me for a very long time and has led our tremendous data and digital strategies, will remain in that role, while being a Senior Advisor to the campaign,” Trump wrote in the announcement.

As the Daily Beast reports, the title change formalizes the reality on the ground. Parscale had reportedly already taken a back seat on broad strategy to his 2016 communications director Jason Miller and deputy campaign manager Bill Stepien, who will step up as campaign manager.

The eleventh hour campaign change is certainly also a product of the president’s very real reelection concerns. The Trump administration’s national failure to rise to meet the coronavirus crisis, Trump’s ongoing racist appeals in the midst of a civil rights movement and his total lack of messaging discipline combines for a rocky path to reelection — a reality that lopsided polls reflect.

Parscale was reportedly already on the outs. CNN reported earlier this year that Trump berated and threatened to sue Parscale over plummeting poll numbers during the president’s early pandemic failures. That moment came after Trump appeared to recommend ingesting potentially deadly disinfectants as a treatment for the virus.

Recent events likely heightened that tension further. When President Trump traveled to a less than half-empty arena in Tulsa, Oklahoma in the midst of the coronavirus crisis, Parscale faced the blame for falling for a prank by TikTok users, led by anti-Trump K-pop fans, who drove up huge registration numbers. While the Trump campaign downplayed the role the fake registrations had in amping the event, the open seats made for a very visible embarrassment for the optics-fixated Trump.

Parscale, a political outsider, famously built the Trump campaign’s first website for $1,500. In spite of his lack of political expertise, he went on to helm Trump’s digital advertising operations as digital director, later becoming synonymous with the campaign itself and its crude, aggressive approach to social media marketing and digital branding.

A Buzzfeed profile from 2017 likened Parscale to a modest, loyal soldier for Trump, one who became “indispensable” for his intuitive ability to communicate the Trump brand. Parscale “believed in the message [and] knew how to promote it on social media.”

That ability to translate Trumpism to the online world developed the roughshod but relentless messaging that still characterizes the Trump campaign. It also had a hand in shaping — and in turn being shaped by — the active online world of Trump loyalists, who likely aren’t going anywhere no matter what happens come November.

Another small rocket launcher is readying to demonstrate their ability to launch a vehicle to space, after a few setbacks exacerbated by the ongoing COVID-19 situation. Astra has just completed a second static test fire of its Rocket 3.1 orbital launch vehicle, and that means it’s now ready for a trip to Alaska where it’ll hopefully make its first trip to orbit from a spaceport in Kodiak.

Astra originally started out as a company with the specific goal of answering the DARPA launch challenge, which asked companies to create a launch vehicle that could tech orbit within a few weeks of each other (originally from separate launch sites, but then later only from separate pads at the same spaceport). The challenge expired without Astra claiming the price, after the 3.0 version of their Rocket failed to reach orbit.

The company has developed, tested and flown three successive generations of Rocket, mostly without much in the way of public fanfare or information sharing. The startup builds its small rockets, which measure roughly 40-feet tall, in Alameda, California at their own factory. In an interview with TechCrunch ahead of their DARPA challenge attempt, Astra CEO and founder Chris Kemp explained that their approach is focused on rapid, at-scale manufacturing and potential failure margins that might be higher than the existing launch companies tolerate.

A kind of mass-market delivery system approach definitely has advantages, and Astra has focused on a launch system that’s much more portable than others for deployment almost anywhere in the world. The company is also focused on small payloads, which it can deliver responsively, so a loss of such a spacecraft wouldn’t be nearly as expensive as, say, a rocket failing and losing a large geosynchronous GPS satellite.

Rocket 3.1 sounds like a relatively minor iteration on Rocket 3.0, vs the large full point updates of prior generations. Astra says it’s currently headed to Kodiak, and that the company is now working to finalize a launch window, with a date to be confirmed for that next big test early next week.

Why are certain VCs loved by founders and others loathed?

It’s a question that is key not just to founders seeking capital, but also VCs who are looking to burnish their reputations and build the track record that will get them into the next hot deal.

For businesses with actual customers, it’s common to assess their enthusiasm for the product or service by conducting an NPS survey. The idea of a “Net Promoter Score” is to not just see who is satisfied with their transaction, but also to see to what degree a customer is likely to tell their friends and others about the experience. A high NPS toward 100 indicates that the vast majority of customers loved the experience and are enthusiastic about sharing the word. A score toward -100 would indicate that people hated their experience, and will likely spread their tale of woe with others.

Brolly, the U.K. digital insurance app, has been acquired by incumbent Direct Line Group. The terms of the acquisition aren’t being disclosed, while the transaction is expected to formally close during the third quarter of 2020.

Originally founded by former Aviva underwriter and product manager Phoebe Hugh and former Skype and Microsoft engineering manager Mykhailo Loginov, after the pair met at company builder Entrepreneur First, Brolly launched as a personal insurance concierge. The app let you manage your existing insurance policies and then helped you spot potential gaps or duplication in coverage and search for a better deal.

That only appeared to get the insurtech so far, and in August last year, the startup launched “Brolly Contents” to plug what it saw as a gap in home contents insurance.

Designed to be fit for the digital age, the product promised “flexible” monthly cover for all or a subset of the items you own, delivered in a more convenient way via Brolly’s mobile app. Features of Brolly Contents included the ability to insure up to £40,000 worth of belongings, suitable for renters or property owners, and no fees for updates to your cover.

In addition, there was a promised loyalty discount of up to 25% that increases each month you stay with Brolly and haven’t made a claim. As Brolly’s CEO Phoebe Hugh told TechCrunch at the time, that’s the antithesis to incumbent providers who offer large discounts for new customers, which are then clawed back the following years on the premise that you are too lazy or time poor to bother switching.

According to the joint announcement, post-transaction, the team behind Brolly are expected to join Direct Line Group to build on their work to date with the aim of “helping the Group to accelerate its transformation to becoming a leading digital player in insurance”.

Comments Hugh in a statement: “I started Brolly to reinvent personal insurance, and by listening and adapting to a new generation of consumers, we have made great progress so far. I’m thrilled to be taking the next step in this journey that will allow myself and my team to scale the technology and products to a much bigger audience. We are excited to continue to build beautiful and personalised products to simplify insurance within Direct Line Group, one of the UK’s most innovative large insurers”.

Notably, however, TechCrunch understands that existing Brolly app users have been informed that its “policy management platform” will be shutting down on 30th July, but with the option to export key data about current and expired policies. Brolly Contents is also be discontinued per an individual customer’s cover end date.

Finally, just for posterity, here is Hugh’s original EF pitch to investors:

When Salesforce launched Force.com in 2007, it was the culmination of years of work to bring together a way to customize Salesforce and eventually to build applications on top of the platform. By using a set of Salesforce services, companies could take advantage of work that SFDC had already done, speeding up building time and reducing time to market. Today, the successor of Force.com is called Salesforce Platform.

But going that route didn’t come without some risk, because back in 2007 building atop a Platform as a Service (PaaS) wasn’t a common way of developing software. Even by 2012 when nCino launched its banking software solutions on Force.com, it likely raised some eyebrows by using a cloud platform as the backbone of its fintech offering.

Even though it probably took resolve, the approach worked, as evidenced this week when nCino went public — a debut that was met with a strong investor response. And nCino is notably not the first time that a company built atop Salesforce’s PaaS has gone public; nCino’s own IPO follows Veeva’s 2013 debut.

But astute observers for the Salesforce ecosystem will note that other successful companies have been built on the Salesforce cloud. As you will see, many successful companies have benefited from building on top of Salesforce.

As part of its effort to steel its platform against threats to the 2020 election, Facebook will try surfacing accurate voting info in a new place — on politicians’ own posts.

Starting today, Facebook posts by federal elected officials and candidates — including presidential candidates — will be accompanied by an info label prompting anyone who sees the post to click through for official information on how to vote. The label will link out to usa.gov/voting. For posts that address vote-by-mail specifically, the link will point to a section of the same website with state-by-state instructions about how to register to vote through the mail.

Facebook plans to expand the voting info label to apply to all posts about voting in the U.S., not just those from federal-level political figures. That plan remains on track to launch later this summer with Facebook’s Voter Information Center, its previously announced info hub for official, verified information related to the 2020 election. The voter info center, like the coronavirus info center Facebook launched in March, will be placed prominently in order to funnel users toward useful resources.

The company did not mention any specific reason for the decision to prioritize elected officials before other users, but in May Facebook faced criticism for its decision to allow false claims by President Trump about vote-by-mail systems and the 2020 election to remain on the platform untouched. At the time, Twitter added its own voting info label to the same posts, which also appeared as tweets from the president’s account.

In a June post, Mark Zuckerberg discussed voter suppression concerns, saying that Facebook would be “tightening” its policies around content that misleads voters “to reflect the realities of the 2020 elections.” Facebook will also focus on removing false statements about polling places in the 72 hour lead-up to the election. Zuckerberg said that posts with misleading information that could intimidate voters would be banned, using the example of a post falsely claiming ICE officials are checking for documentation at a given polling location.

Zuckerberg made no specific mention of President Trump’s own false claims that expanded mail-in voting in light of the coronavirus crisis would “substantially fraudulent” and result in a “rigged election.” Zuckerberg did say that Facebook would begin labeling some “newsworthy” posts from political figures, leaving the content online but adding a label noting that it violates the platform’s rules.

While false claims from political figures are a cause for concern, they don’t account for the bulk of voting misinformation on the platform. A new report from ProPublica found that many of Facebook’s most well-performing posts about voting contained misinformation. “Of the top 50 posts, ranked by total interactions, that mentioned voting by mail since April 1, 22 contained false or substantially misleading claims about voting, particularly about mail-in ballots,” ProPublica writes in the report, noting that many of the posts appear to break Facebook’s own rules about voting misinformation but remain up with no labels or other contextualization.

While its past enforcement decisions remain controversial and often puzzling, Facebook does appear to be rethinking those choices and gearing up its efforts in light of the coming U.S. election. For Facebook, which goes to sometimes self-defeating lengths to project an aura of political neutrality, that’s less about expanded fact-checking and more about making correct, verified voting information at hand and readily available to users.

In early July, Facebook announced a voter drive that aims to register 4 million new U.S. voters. As part of that effort, Facebook pushed a pop-up info box to app users in the U.S. reminding them to register to vote, check their registration status with links to official state voter registration sites. Those notifications will soon appear in Instagram and Messenger as part of the same voter mobilization push.

Facebook is also apparently mulling the idea of banning all political advertising in the lead-up to November, a decision that would likely alleviate at least one of the company’s headaches at the cost of leaving both political parties, which rely on Facebook ads to reach voters, frustrated.

TikTok is a rising star in the social media category. Since its launch three years ago, the company has secured 800 million active users worldwide. That makes TikTok ninth in terms of social network sites, ahead of LinkedIn, Twitter, Pinterest and Snapchat. As more people start using the platform and remain engaged, it goes without saying that TikTok is an increasingly desirable destination for marketers.

But outside the sheer numbers, is there any real sustenance to the platform from a marketing perspective, or is this just a temporary fad brands are flocking to? Here’s a look into what makes TikTok unique through a marketer’s lens, and a few things the platform can improve on to make it a permanent option for brands looking to explore mobile.

Better user experiences lead to more unique advertising

Digital advertising is only as effective as a platform’s user experience — that fact presents a unique differentiator for TikTok. Being in 2020, where content creators continue to blossom, TikTok provides an opportunity for literally anyone to reach millions of people with their content. It is a “platform for the people,” as the algorithm sends user content to groups of 5-10 people, and based on the engagement, it will continue sending it out to the masses. What’s interesting here is that it resembles an early era of Instagram, where all content was user-generated.

Additionally, unlike other leading social media channels, a user is focused on one piece of content at a time. TikTok videos take up the entire screen, which leads to more engagement and genuine interest from the viewer. That said, creative plays an incredibly important role in every campaign you run on the platform, especially when trying to grab the user amid a mass of alternative entertainment options. The TikTok audience is hyperfocused on viewing organic, visually stimulating content that could be the next big meme or viral sensation.

Creative is the key

We know that the coronavirus has brought unprecedented attention to the edtech market, but now what? What happens when schools are no longer clambering toward an overnight solution? When the surges slow? When our world reopens and there doesn’t need to be a full-suite of at-home solutions for kids and parents?

As the next wave of edtech companies are being built to address these novel use cases, investors are looking for solutions that aren’t simply pandemic-era important. To some, that means skipping the latest videoconferencing platform play and maybe cutting a check to a digital-only university. To others, it means looking for the platform that will educate a diverse range of users, especially the unemployed.

A spree of recent consolidation within the market shows that there is a need for a better plumbing system in the fragmented world of edtech.

We turned to eight investors in the space to understand which subcategories are shaping up to be the future, following up on our first survey last fall when the world was very different, and another in early April when less was understood about the pandemic. Our goal here was to find non-obvious ways innovation is living within the noisier-than-ever sector. The result? Intel on nascent trends, deal makers, and what adaption looks like amid a time of uncertainty.

Today you’ll get a deep dive on the nerdy stuff from the following investors:

• Reach Capital’s Jennifer Carolan, Shauntel Garvey, and Chian Gong
• Ian Chiu, Owl Ventures
• Jan Lynn-Matern, Emerge Education
• David Eichler, TCV
• Rebecca Kaden, USV
• Jomayra Herrera, Cowboy VC

Investors differed on which subcategories benefitted the most, but it’s clear that the pandemic didn’t lift up the entirety of the edtech space. One investor noted that the pandemic made them even less interested in ISAs, while other venture capitalists noted how valuable the financing instrument is now, more than ever before.

We got into some of the big themes that have risen in the past few months: online learning, re-skilling, ISAs, virtual universities, and where each investor draws their line around these categories.

A common theme throughout the commentary now is that the opportunity presented by coronavirus is not being met with complacency, but instead a push to grow better. Investors talked about innovation needs to account for childcare, cost, digital infrastructure, and the addressable population, pandemic or not.

I think that’s enough teasing. Now, onto the answers.

Third-party sellers are the dominant driver of sales on Amazon’s marketplace, accounting for 58% of its total and growing. We know that the pandemic, ironically, has been good for Amazon, which has reported net sales in Q1, up by 26% year-over-year, given that much of the world has reverted to ordering online. However, the payment terms offered are far from convenient. Amazon pays sellers approximately every two weeks and reserves a significant amount for possible refunds. Unfortunately, this hinders the ability of small companies to invest in growth and purchase more inventory. But of course, Amazon holds the keys to this particular car.

Payability is one such startup that provides financing to suppliers in Amazon’s marketplace although its fees are computed on gross sales, not net receivables from Amazon.

InstaPay is a startup that has launched a new product that pays Amazon sellers on a daily basis. The new offering comes at a time when Amazon sellers are experiencing an enormous load due to the pandemic, but the Amazon marketplace terms have not sped up to allow them to meet demand.

The current two-week lag time creates a gap in cash-flow – because sellers usually have to pay their vendors in advance. InstaPay’s new product potentially solves this problem, allowing sellers to be able to earn more, even with the added InstaPay fees.

The service funds 50% to 80% of sales and charges 1% to 2% of sales volume per funding. When Amazon pays the vendor, InstaPay automatically deducts the outstanding balance. This means small companies can invest in growth and purchase more inventory.

Sam Bokher, COO, said in a statement: “Due to the global lockdown, people have ramped up online purchases and more companies have flocked to Amazon and other eCommerce platforms to sell online. We launched this new service to provide businesses with an opportunity to grow simultaneously with the marketplace, rather than with a two-week delay.”

The product was inspired by an unlikely industry. Prior to this, InstaPay had been providing transportation and trucking companies with working capital, with flat-rate accounts receivable financing and same-day payment.