Year: 2021

Last call, y’all. Today’s the final day to keep more money in your pocket and still enjoy three opportunity-packed days at TechCrunch Disrupt 2021 on September 21-23. Our super early-bird price — $99 — disappears tonight, May 14 at 11:59 pm (PT).

Get your click on, avoid the price hike and buy your pass right here, right now. Unless, of course, you enjoy paying more than necessary. Hey, we don’t judge.

Let’s talk about just some of the reasons why TC Disrupt ranks as the must-attend event for anyone within the early-stage startup ecosystem. Connection is key to growth, and you’ll connect with thousands of attendees from around the world.

An all-virtual Disrupt means you can build relationships and collaborate with Silicon Valley movers and shakers no matter where Google Map pins you. And you never know where in the world you might find the perfect partner or eager investor.

Networking at Disrupt is practically an Olympic sport, and now you have two ways to make those vital connections. First up, here’s what Ada Lau, the manager of market development at Hong Kong Science and Technology Parks Corporation, had to say about networking on the fly.

“The virtual platform’s chat feature made it easy to connect with participants. People got creative using it to promote their business, like posting a LinkedIn profile or offering 15-minute time slots to review business pitches. I even saw a product-naming competition. You could find lots of opportunity rolling through the chat area.”

If you want to target people based on shared business goals, you’ll love CrunchMatch, our AI-powered platform. Answer a few quick questions during registration, and you can schedule one-on-one meetings with the people who can help you move forward — pitch investors, demo products, interview tech talent, build important relationships.

Jessica McLean, the director of marketing and communications at Infinite-Compute, shared this about her networking experience.

“CrunchMatch made networking easy. We sent quick introductions, scheduled meetings with investors and other smart people who could add value to our company. A person we connected with at Disrupt is currently helping us with marketing, which is fantastic.”

Beyond networking, you’ll find plenty of possibilities in our expo area. Hundreds of early-stage startups in the Startup Alley ready to showcase their tech products, services and platforms.

You won’t want to miss any of the incredible speakers, interviews, presentations and panel discussions — and thanks to the combination of live-streaming and video-on-demand with your complementary 3-month Extra Crunch membership, you can catch them all at your convenience.

TechCrunch Disrupt 2021 takes place on September 21-23, but today is the last day you can attend all three days for less than $100. Don’t miss out on serious savings. Stop what you’re doing right now and buy your pass your TC Disrupt 2021. The deadline expires tonight, May 14 at 11:59 pm (PT).

Is your company interested in sponsoring or exhibiting at Disrupt 2021? Contact our sponsorship sales team by filling out this form.

After years in the backwaters of venture capital, edtech had a booming 2020. Not only did its products become must-haves after schools around the globe went remote, but investors also poured capital into leading projects. There was even some exit activity, with well-known edtech players like Coursera going public earlier this year.

But despite a rush of private capital — which has continued into this year, as we’ll demonstrate — edtech stocks have taken a hammering in recent weeks. So while venture capitalists and other startup investors are pumping more capital into the space in hopes of future outsize returns, the stock market is signaling that things might be heading in the other direction.

Who’s right? One investor that The Exchange spoke to noted that market turbulence is just that, and that he’s tuning into activity but not yet changing his investment strategy. At the same time, the recent volatility is worth tracking in case it’s a preview of edtech’s slowdown.

---

The Exchange explores startups, markets and money. 

Read it every morning on Extra Crunch or get The Exchange newsletter every Saturday.

---

Let’s look at the changing value of edtech stocks in recent months, parse some preliminary data via PitchBook that provides a good feel for the directional momentum of edtech venture capital, and try to see if there’s irrational exuberance among private investors.

You could argue that it’s public investors who are suffering from irrational pessimism and that private-market investors have the right to it. But since public markets price private markets, we tend to listen to them. Let’s go!

Falling shares

We’re sure that you want to get into the private-market data, so we’ll be brief in describing the public-market carnage. What follows is a digest of edtech stocks and their declines from recent highs:

• Compared to its 52-week high, Chegg stock has lost over a third of its value.
• After reaching $62.53 per share in April, Coursera has shed about half of its value and is trading close to its $33 IPO price.
• 2U closed at $33.92 per share yesterday, its shares also losing half of their value compared to their 52-week high.
• Staying on that theme, Stride (K12) closed at $26.77 per share yesterday, which is about half of its 52-week high.
  
  

Cisco has been busy on the acquisition front this week, and today the company announced it was buying threat assessment platform Kenna Security, the third company it has purchased this week. The two companies did not disclose the purchase price.

With Kenna, Cisco gets a startup that uses machine learning to sort through the massive pile of threat data that comes into a security system on a daily basis and prioritizes the threats most likely to do the most damage. That could be a very useful tool these days when threats abound and it’s not always easy to know where to put your limited security resources. Cisco plans to take that technology and integrate into its SecureX platform.

Gee Rittenhouse, senior vice president and general manager of Cisco’s Security Business Group wrote in a blog post announcing the deal with Kenna, that his company is getting a product that brings together Cisco’s existing threat management capabilities with Kenna’s risk-based vulnerability management skills.

“That is why we are pleased to announce our intent to acquire Kenna Security, Inc., a recognized leader in risk-based vulnerability prioritization with over 14 million assets protected and over 12.7 billion managed vulnerabilities. Using data science and real-world threat intelligence, it has a proven ability to bring data in from a multi-vendor environment and provide a comprehensive view of IT vulnerability risk,” Rittenhouse wrote in the blog post.

The security sphere has been complex for a long time, but with employees moving to work from home because of COVID, it became even more pronounced in the last year. In a world where the threat landscape changes quickly, having a tool that prioritizes what to look at first in its arsenal could be very useful.

Kenna Security CEO Karim Toubba gave a typical executive argument for being acquired: it gives him a much bigger market under Cisco than his company could have built alone.

“Now is our opportunity to change the industry: once the acquisition is complete, we will be one step closer to delivering Kenna’s pioneering Risk-Based Vulnerability Management (RBVM) platform to the more than 7,000 customers using Cisco SecureX today. This single action exponentially increases the impact Kenna’s technology will have on the way the world secures networks, endpoints and infrastructures.,” he wrote in the company blog.

The company, which launched in 2010, claims to be the pioneer in the RBVM space. It raised over $98 million on a $320 million post-money valuation, according to Pitchbook data. Customers include HSBC, Royal Bank of Canada, Mattel and Quest Diagnostics.

For those customers, the product will cease to be stand-alone at some point as the companies work together to integrate Kenna technology into the SecureX platform. When that is complete, the stand-alone customers will have to purchase the Cisco solution to continue using the Kenna tech.

Cisco has had a busy week on the acquisition front. It announced its intent to acquire Sedona Systems on Tuesday, Socio Labs on Wednesday and this announcement today. That’s a lot of activity for any company in a single week. The deal is expected to close in Cisco Q4 FY 2021. The company’s 170 employees will be joining the Security Business Group led by Rittenhouse.

Hello and welcome back to Equity, TechCrunch’s venture capital-focused podcast, where we unpack the numbers behind the headlines.

The fully-vaxxed and officially fully-immune took over the podcast this week, with Natasha and Danny co-hosting the show while the inimitable Alex is out from Shot #2. Grace and Chris, as always, were behind the scenes making sure we sound pretty and don’t fall down too many punny board game rabbit holes after vacation.

Here’s the rundown of what we got into:

• • Crypto crashed –  thanks to either Elon or the guy who created Ethereum and then donated some to relief efforts for COVID-19.  We debated how signal gets lost and rediscovered and lost again in this news cycle, and what that means for anyone in tech trying to get a pulse of. what’s actually happening.
  • One symptom of market craze and disconnected booms? A startup named Caplight that wants more people to buy and sell short positions on private startups. 
  • We then pivoted into the last bit of our ‘The World Is Melting’ section to talk about home ownership and the slow stink of real estate stocks right now. Ontop of that, Better.com, a digital mortgage lender, decided to SPAC after reportedly tabling an IPO.
  • A mention of SPACs obviously opened up a can of worms, or should I say, oasis of woods.
  • The world might be melting, but Softbank could be having the last word. The Japanese conglomerate shut us up with its recent profits – proving Danny’s point in an old EC piece (use code EQUITY for a discount).
  • We switched gears and talked about a neat new $20 million fund coming out of the Midwest, Sixty8 Capital, and its plan to invest in underrepresented founders.
  • The show ended as chaotically focused as it began with a round robin of the most interesting funding rounds of the last week, not limited to but including Blind’s $37 million raise, The Last Gameboard’s $4 million check, Just Women’s Sports, and Morressier’s $18 million Series A.   

And that’s where we break! Follow the podcast on Twitter, be kind to your humans, and be the kindest to yourself. Back sooner than you can raise a $25 million pre-seed round for an audio app for Dogecoin lovers.

Equity drops every Monday at 7:00 a.m. PST, Wednesday, and Friday at 6:00 AM PST, so subscribe to us on Apple Podcasts, Overcast, Spotify and all the casts!

While modern machine learning systems act with a semblance of artificial intelligence, the truth is they don’t “understand” any of the data they work with — which in turn means they tend to store even trivial items forever. Facebook researchers have proposed structured forgetfulness as a way for AI to clear the decks a bit, improving their performance and inching that much closer to how a human mind works.

The researchers describe the problem by explaining how humans and AI agents might approach a similar problem.

Say there are ten doors of various colors. You’re asked to go through the yellow one, you do so and then a few minutes later have forgotten the colors of the other doors — because it was never important that two were red, one plaid, two walnut, etc, only that they weren’t yellow and that the one you chose was. Your brain discarded that information almost immediately.

But an AI might very well have kept the colors and locations of the other nine doors in its memory. That’s because it doesn’t understand the problem or the data intuitively — so it keeps all the information it used to make its decision.

This isn’t an issue when you’re talking about relatively small amounts of data, but machine learning algorithms, especially during training, now routinely handle millions of data points and ingest terabytes of imagery or language. And because they’re built to constantly compare new data with their accrued knowledge, failing to forget unimportant things means they’re bogged down by constant references to pointless or outdated data points.

The solution hit upon by Facebook researchers is essentially — and wouldn’t we all like to have this ability — to tell itself how long it needs to remember a piece of data when it evaluates it to begin with.

“Each individual memory is associated with a predicted expiration date, and the scale of the memory depends on the task,” explained Angela Fan, a Facebook AI researcher who worked on the Expire-Span paper. “The amount of time memories are held depends on the needs of the task—it can be for a few steps or until the task is complete.”

So in the case of the doors, the colors of the non-yellow doors are plenty important until you find the yellow one. At that point it’s safe to forget the rest, though of course depending on how many other doors need to be checked, the memory could be held for various amounts of time. (A more realistic example might be forgetting faces that aren’t the one the system is looking for, once it finds it.)

Analyzing a long piece of text, the memory of certain words or phrases might matter until the end of a sentence, a paragraph, or longer — it depends on whether the agent is trying to determine who’s speaking, what chapter the sentence belongs to, or what genre the story is.

This improves performance because at the end, there’s simply less information for the model to sort through. Because the system doesn’t know whether the other doors might be important, that information is kept ready at hand, increasing the size and decreasing the speed of the model.

Fan said the models trained using Expire-Span performed better and were more efficient, taking up less memory and compute time. That’s important during training and testing, which can take up thousands of hours of processing, meaning even a small improvement is considerable, but also at the end user level, where the same task takes less power and happens faster. Suddenly performing an operation on a photo makes sense to do live rather than after the fact.

Though being able to forget does in some ways bring AI processes closer to human cognition, it’s still nowhere near the intuitive and subtle ways our minds operate. Of course, being able to pick what to remember and how long is a major advantage over those of us for whom those parameters are chosen seemingly randomly.

Peloton wasn’t the only at-home workout giant exposing private account data. Rival exercise giant Echelon also had a leaky API that let virtually anyone access riders’ account information.

Fitness technology company Echelon, like Peloton, offers a range of workout hardware — bikes, rowers, and a treadmill — as a cheaper alternative for members to exercise at home. Its app also lets members join virtual classes without the need for workout equipment.

But Jan Masters, a security researcher at Pen Test Partners, found that Echelon’s API allowed him to access the account data — including name, city, age, sex, phone number, weight, birthday, and workout statistics and history — of any other member in a live or pre-recorded class. The API also disclosed some information about members’ workout equipment, such as its serial number.

Masters, if you recall, found a similar bug with Peloton’s API, which let him make unauthenticated requests and pull private user account data directly from Peloton’s servers without the server ever checking to make sure he (or anyone else) was allowed to request it.

Echelon’s API allows its members’ devices and apps to talk with Echelon’s servers over the internet. The API was supposed to check if the member’s device was authorized to pull user data by checking for an authorization token. But Masters said the token wasn’t needed to request data.

Masters also found another bug that allowed members to pull data on any other member because of weak access controls on the API. Masters said this bug made it easy to enumerate user account IDs and scrape account data from Echelon’s servers. Facebook, LinkedIn, Peloton and Clubhouse have all fallen victim to scraping attacks that abuse access to APIs to pull in data about users on their platforms.

Ken Munro, founder of Pen Test Partners, disclosed the vulnerabilities to Echelon on January 20 in a Twitter direct message, since the company doesn’t have a public-facing vulnerability disclosure process (which it says is now “under review”). But the researchers did not hear back during the 90 days after the report was submitted, the standard amount of time security researchers give companies to fix flaws before their details are made public.

TechCrunch asked Echelon for comment, and was told that the security flaws identified by Masters — which he wrote up in a blog post — were fixed in January.

“We hired an outside service to perform a penetration test of systems and identify vulnerabilities. We have taken appropriate actions to correct these, most of which were implemented by January 21, 2021. However, Echelon’s position is that the User ID is not PII [personally identifiable information,” said Chris Martin, Echelon’s chief information security officer, in an email.

Echelon did not name the outside security company but said while the company said it keeps detailed logs, it did not say if it had found any evidence of malicious exploitation.

But Munro disputed the company’s claim of when it fixed the vulnerabilities, and provided TechCrunch with evidence that one of the vulnerabilities was not fixed until at least mid-April, and another vulnerability could still be exploited as recently as this week.

When asked for clarity, Echelon did not address the discrepancies. “[The security flaws] have been remediated,” Martin reiterated.

Echelon also confirmed it fixed a bug that allowed users under the age of 13 to sign up. Many companies block access to children under the age of 13 to avoid complying with the Children’s Online Privacy Protection Act, or COPPA, a U.S. law that puts strict rules on what data companies can collect on children. TechCrunch was able to create an Echelon account this week with an age less than 13, despite the page saying: “Minimum age of use is 13 years old.”

 

Electric car startup Fisker signed an agreement with Foxconn, the Taiwanese company that assembles iPhones, to co-develop and manufacture a new electric vehicle. Production on the car, which will be sold under the Fisker brand name in North America, Europe, China and India, will begin in the U.S. by the end of 2023. Numerous details, including the type of car and the location of future manufacturing plants, have not been disclosed by the two companies.

Fisker is calling the joint program Project PEAR, which stands for Personal Electric Automotive Revolution. Fisker chairman and CEO Henrik Fisker has bragged that the PEAR vehicle will be the “next big thing in car design,” a car that’s both “emotionally desirable” and “eco-friendly.” Fisker did not respond to requests for more information on the design of the vehicle.

The two companies had signed a memorandum of understanding agreement in February, setting the expectation that a formal agreement would be reached by this time. Included in the agreement signed on Thursday is a goal to produce 250,000 units annually across multiple sites. In January, Foxconn partnered with Chinese automaker Zhejiang Geely Holding Group to form a joint venture that would provide car manufacturers with production and consulting services, so the deal with Fisker is one of the company’s first forays into the automotive industry.

“In order to deliver on our promise of product breakthroughs from Project PEAR, we needed to rethink every aspect of product development, sourcing and manufacturing,” said Fisker chairman and CEO Henrik Fisker in a statement. “Our partnership with Foxconn enables us to deliver those industry firsts at a price point that truly opens up electric mobility to the mass market.”

To get a roundup of TechCrunch’s biggest and most important stories delivered to your inbox every day at 3 p.m. PDT, subscribe here.

I interrupt your regularly scheduled Daily Crunch to announce that your regularly scheduled writer, one Alex Wilhelm, is out sick today. If the effects of his second shot subside by tomorrow, then he’ll be back with his commas. In the meantime, I have taken the reins and hope to be at least half as spirited. Let’s get on with it, shall we? — Henry

TechCrunch Top 3

Lemonade “DGAF”: Activist short seller Carson Block wrote a letter to the CEO of insurance marketplace Lemonade saying that he “accidentally discovered” a security flaw that exposed customers’ account data. Block told Zack that his firm is shorting the company’s stock “because it is clear Lemonade does not give a fuck about securing its customers’ sensitive personal information.” Strong words!

Google’s gotta pay in Italy: Natasha writes about the most recent European trouble Google finds itself in. Italy’s antitrust watchdog group slapped the company with a €100 million (or about US$123 million) for its Android Auto practices. Specifically, the AGCM says Google has prevented Enel X Italia, the maker of electric car charging app JuicePass, from inclusion in the platform. Google says it didn’t do anything wrong. Shrug.

Space adventures afoot: Japanese entrepreneur and billionaire Yusaku Maezawa will be passing the moon aboard a SpaceX Crew Dragon by 2023. But he can’t wait to leave Earth. So to whet his space-travel whistle, Maezawa will head to the International Space Station as a client of Space Adventures on a Russian Soyuz rocket set to take off from Kazakhstan on December 8. And he’s taking his production assistant, Yozo Hirano, with him. That’s dedication.

Startups and VC

Vietnamese flexible pay startup Nano raises $3M seed round: Nano Technologies, a startup that lets workers in Vietnam access their earned wages immediately through an app called VUI, has raised $3 million in seed funding.

Legionfarm, pairing pro gamers with amateurs, raises $6 million Series A: The gaming platform that lets gamers play with pro players in their favorite games announced a $6 million Series A round.

Chef Robotics raises $7.7M to help automate kitchens: Chef Robotics raised a combined $7.7 million pre-seed and seed round, with the goal of helping automate certain aspects of food preparation. The company says its robotics and vision system is destined to increase production volume and enhance consistency, while removing some food waste from the process. Fast casual restaurants appear to be a key focus for this sort of tech.

Sylvera grabs seed backing from Index to help close the accountability gap around carbon offsetting: The U.K.-based startup is using satellite, radar and lidar data-fueled machine learning to bolster transparency around carbon offsetting projects in a bid to boost accountability and credibility. And it’s just grabbed $5.8 million in seed funding to do it.

SpecTrust raises millions to fight cybercrime with its no-code platform: Risk defense startup SpecTrust is emerging from stealth today with a $4.3 million seed raise to “fix the economics of fighting fraud” with a no-code platform that it says cuts 90% of a business’ risk infrastructure spend that responds to threats in “minutes instead of months.”

BluBracket nabs $12M Series A to expand source code security platform: The early-stage startup focuses on keeping source code repositories secure, even in distributed environments.

Alba Orbital’s mission to image the Earth every 15 minutes brings in $3.4M seed round: Alba Orbital raised the money to get its next satellites into orbit to provide Earth observation at intervals of 15 minutes rather than hours or days.

The hamburger model is a winning go-to-market strategy

Software startups that fail to reach product-market fit simply fade away, memorialized only by an inactive Twitter account and perhaps a stenciled sign in a now-vacant co-working space.

All product-led growth companies will reach the stage where their founders must figure out how to crack the code that allows them to vault to the next level and become a billion-dollar company. That’s where the “hamburger” go-to-market comes in.

The bottom bun is bottom-up GTM, the top bun represents enterprise sales and your product? That’s the meat.

(Extra Crunch is our membership program, which helps founders and startup teams get ahead. You can sign up here.)

Big Tech Inc.

Google Analytics is preparing for life after cookies by using its machine learning systems to model user behavior when cookies are not available. During her first interview as the new head of Google Analytics, Vidhya Srinivasan tells Frederic that this is the only way to go.

Amazon’s back with its Echo Buds, and this time, Brian’s not as unimpressed as he was last time. Progress! Read his review here.

When Discord launched its own Clubhouse-like voice event rooms, Stage Channels, in March, it set the stage for connecting folks to live events beyond their own communities. Today, the company announced all the pieces are in place to start helping people discover live events and the servers that host them. Think open mic nights and book clubs, says Taylor.

Elon Musk, the self-dubbed Technoking, is backpedaling on the company’s stance about bitcoin, writes Kirsten and Rebecca. The Tesla CEO announced yesterday in a tweet that he has suspended purchases of its electric vehicles with the cryptocurrency. The shift comes just weeks after the Tesla CFO said the company believes in the longevity of bitcoin, despite its volatility.

Acquisition corner: Walmart acquires virtual try-on startup Zeekit and PayPal buys returns logistics business Happy Returns.

Community

Polls are fun and we like hearing and learning from you. What have we learned this week? You’re not that excited about going back to an office, and you’re not too keen on Bird’s upcoming SPAC. Next up? Let us know what you think about Tesla’s move to pause accepting bitcoin as payment (then come chat about all of it on our Discord server).

New media poster child Substack announced today that they’ve added a small community-building consultancy team to its ranks, acquiring the Brooklyn-based startup People & Company.

The small firm has been working with clients to build up their community efforts and its team will now be tasked with building up some of the newsletter company’s upstart efforts for writers in its network.

In a blog post, Substack co-founder Hamish McKenzie said that the company had previously used the People & Co. team to consult on their fellowship and mentorship programs and that members of the team would now be working on a variety of new efforts from scaling programs to help writers with legal support and health insurance to community-guided projects like workshops and meetups to help crowdsource insights.

“These people are the best in the world at what they do, and now they’re not only working for Substack, but they’re also working for you,” McKenzie wrote.

Beyond Substack, previous partners with People & Company include Porsche AG, Nike and Surfrider.

Substack has been blazing ahead in recent months, adding new partners and raising cash as it aims to bring on more and more subscribers to its network. The firm shared back in late March that it had raised a $65 million round at a reported valuation around $650 million according earlier reporting by Axios.