Author: azeeadmin

To get a roundup of TechCrunch’s biggest and most important stories delivered to your inbox every day at 3 p.m. PDT, subscribe here.

Hello and welcome to Daily Crunch for August 3, 2021. Today we have a delightful mix of news for you, from Twitter product changes to VCs in trouble to megadeals and even some super-early-stage rounds. Let’s have some fun! — Alex

The TechCrunch Top 3

• Even VCs get hit by ransomware: Sure, less technically savvy folks get hit by malware and ransomware all the time. You don’t really expect better from legacy telcos or underfunded utilities. But when the victim is Advanced Technology Ventures, which has around $1.8 billion in assets under management, the scourge of aggressive cybercrime starts to take on a more sinister flavor. Who is safe? No one?
• Unfavored Fleets Flee: Twitter’s plan to kill off its Fleets product hit the ground today. It’s gone from our iOS apps. Fleets were fleeting, as everyone has noted, with the lifecycle of the product coming and going in rapid succession. Bad news for Twitter? Not really. Its Stories-like feature wasn’t too popular, and the company has a million other things in the wings, like its subscription service, its live audio product and its newsletter effort.
• Substack buys Letter: TechCrunch covered this deal today, causing your humble scribe to sit back and think. Why would Substack buy Letter, a platform for written debate? Well, the newsletter-focused startup is big on the written word, and the value thereof. And many well-known Substack authors are controversial in one way or another. You know, the sort of folks you might want to see have a, say, debate? The two products should line up well.

Startups/VC

We’re breaking our startup and venture capital news today into three sections. The first deals with VCs themselves. Then we’ll talk through some mega-rounds and close with some small venture deals worth our time.

• Moderne Ventures raises $200M: Every first-time venture capital fund wants to get to its second fund. And if they do, to raise a larger fund. From that perspective, things seem to be going well at Moderne, a firm whose second fund is a multiple of the size of its first. And it was oversubscribed. What does the group invest in? Per our own reporting, startups working in the “real estate, finance, insurance and home services industries.”
• VCs going public is a thing? Yes, it turns out, it is a thing. Several European venture capital funds have gone public in recent quarters, including Draper Esprit moving from the smaller AIM to the main board in London. It turns out that being a public VC can remove certain time constraints that more traditional venture capital firms have to deal with. And regular folks can invest.

Now, some huge rounds:

• India’s BharatPe raises $370M: Confirming TechCrunch’s previous scoop, fintech unicorn BharatPe is now worth $2.85 billion after Tiger led its most recent round. The company, TechCrunch reports, “operates an eponymous service to help offline merchants accept digital payments and secure working capital.” Given the number of SMBs in India, BharatPe’s TAM is huge. And now it has nigh-infinite capital to use to power its own growth.
• Rapyd raises $300M for fintech APIs: The fintech world saw not just one huge round today, but two. Rapyd’s $300 million infusion led by Target Global values the firm at around $8.75 billion, per TechCrunch sources. What does Rapyd do? It offers APIs that power wallets, money transfers and card issuing, among other services, helping other companies offer fintech services around the world.
• Sure, why not, here’s another huge Tiger round from India: More evidence that Tiger is building an index fund of growth-focused private companies the world ’round, and that the Indian startup market is red-hot, Infra.Market announced its third round in nine months today. The $125 million Series D values the Mumbai-based company at $2.5 billion, post-money. Infra.Market builds software to help construction companies get the raw materials they need and handle project logistics.

And then there’s startup news from the earlier side of the market:

• bina raises $1.4M for kid-focused edtech: bina — the small b is part of its branding — wants to build an online school with small class sizes aimed at 4- through 12-year-olds. Given the huge changes to the global education market in light of COVID-19, it’s a big task.
• $1.3M for African-focused agtech startup Khula: Providing farmers large and small with software and a marketplace, Khula wants to meet chronic issues in the African farming market with technology.
• Finally, Aira’s wireless charging tech just raised $12 million: Sure, Apple gave up on AirPower, but Aira is still hard at work on the wireless charging problem set. Which gives us hope, because our phones are always out of batteries, along with our headphones, keyboards and pretty much everything else. It’s not just us, right?
• Citizen launches its $20/month Protect service: Controversial consumer security startup Citizen’s Protect service is now something that you can buy. Reach that line of communication and the company’s staff will help you handle your emergency. That doesn’t sound too spicy, but as TechCrunch reports “the app made news earlier this year for launching a private ‘personal rapid response service’ fleet of vehicles and a reward for a person wrongly accused of starting a Los Angeles wildfire.”

Embodied AI, superintelligence and the master algorithm

Over the next 18 months, one technologist says the increased adoption of embodied artificial intelligence will open a path to superintelligence — incredibly powerful software that dwarfs anything the human mind could produce.

“All the crazy Boston Dynamics videos of robots jumping, dancing, balancing and running are examples of embodied AI,” says Chris Nicholson, founder and CEO of Pathmind, which uses deep reinforcement learning to optimize industrial operations and supply chains.

“The field is moving fast and, in this revolution, you can dance.”

(Extra Crunch is our membership program, which helps founders and startup teams get ahead. You can sign up here.)

Big Tech Inc.

• YouTube’s big short push goes live: Alphabet’s Google division has a video product called YouTube that you may have heard of. And the subsidiary’s subsidiary has a $100 million fund that it hopes will drive interest in creating short-form videos for its viewers. TikTok changed the video game, and YouTube’s huge financial response is now live.
• Google updates its Maps product on iOS: If you use Maps on iOS, which we reckon is around half of you reading this note, good news. Now you can share location more easily in iMessages, use dark mode and get traffic data on your home screen. You are welcome.
• Nikola warns on EV deliveries: The chip shortage has a new victim. This time it’s Nikola, the troubled EV company that saw its CEO under fire for fraud in recent days. The company was an early SPAC success and now stands as a cautionary tale for the financial mechanism.
• Marvell buys Innovium for $1.1B: Here’s a neat acquisition story that is also something of a letdown. Innovium, a maker of “networking ethernet switches optimized for the cloud,” per our own reporting, was worth a bit more in its final private round. Still, it’s a big deal and a billion-dollar-plus exit, making it worth our time.

TechCrunch Experts: Growth Marketing

Image Credits: SEAN GLADWELL (opens in a new window) / Getty Images

TechCrunch wants to help startups find the right expert for their needs. To do this, we’re building a shortlist of the top growth marketers. We’ve received great recommendations for growth marketers in the startup industry since we launched our survey.

We’re excited to read more responses as they come in! Fill out the survey here.

Our editorial coverage about growth marketing includes articles from the TechCrunch team, guest columns and posts like “Demand Curve: Questions you need to answer in your paid search ads” by Stewart Hillhouse on Extra Crunch.

For mobile users, Discord is adding one new feature that you’d find on a more traditional social app. The company rolled out an option for users to customize their profiles across its iOS and Android apps Tuesday, following the feature’s release on the desktop version of Discord in late June.

The new option lives in Discord’s user settings menu under “user profile.” There, you can describe what you’re all about in 190 characters or less, including links and emojis. You can also select a custom profile color if the new default profile color that Discord assigned you isn’t vibing with your whole thing. If you don’t see the option yet, check back as the feature rolls out widely.

With the addition of custom profiles, the company also offered premium Nitro subscribers the option to choose an image or an animated GIF as a profile banner. The options have been out in the wild for desktop for a bit now, but the additional customization features will now give anyone who mostly uses Discord on iOS or Android a way to spice things up a bit.

The feature addition is a small, but it’s a step toward the chat app becoming a touch more like more profile-centric social networks. Discord’s chat rooms, known as servers, have long been the platform’s sole focus, but the company has introduced a flurry of quality of life features in recent months.

Discord rolled out threaded, auto-archiving conversations and Clubhouse-like audio event spaces earlier this year, and also picked up a company called Sentropy that makes AI-powered platform moderation software. The app is already a killer service for community-driven voice and text chat, and the recent additions should help the app attract more users well beyond its humble gaming roots.

Today after the bell, U.S. ride-hailing company Lyft reported its second quarter financial performance. In aggregate the company’s performance was a rebound from the year-ago second quarter, which was heavily impacted by the onset of the COVID-19 pandemic and resulting lockdowns in the United States.

Lyft also managed to produce positive adjusted EBITDA in the quarter, a profit metric favored by technology upstarts that have yet to generate net income, a stricter method of calculating profitability. Adjusted EBITDA for the second quarter was $23.8 million.

The company’s adjusted EBITDA reached a nadir in Q2 2020, when it totaled -$280 million. Since then Lyft has posted successive gains to adjusted EBITDA in every quarter. The company’s adjusted EBITDA margin came to 3% in its most recent quarter. After promising investors that adjusted profits would come, Lyft delivered.

Shares of Lyft are up nearly 7% in after-hours trading following the company’s financial report.

Lyft reported revenue of $765 million in the second quarter, more than double the $339.3 million million it brought in during the same period last year. While that is remarkable, remember last year at this time the economy and ride-hailing were getting pummeled by the COVID-19 pandemic. In other words, we expected this.

Importantly, Lyft’s Q2 revenue grew 25.6% over last quarter’s of $609 million. That means that despite rising case counts in the United States thanks to the Delta COVID-19 variant, Lyft still managed to grow.

The company said it had 17.1 million active riders in the second quarter, up 97% from the 8.68 million million riders it had on its network in the same period last year. In the first quarter Lyft said it had 13.49 million active riders in the first quarter. The company also saw more revenue per active user in the second quarter ($44.63) than it did in the year-ago Q2 ($39.06). The company’s revenue per active rider metric slipped slightly from its Q1 2021 result of $45.13.

Lyft’s growth bested street expectations, which anticipated revenues of $696.2 million, per Yahoo Finance data. Despite this growth, Lyft is still losing money when all costs are counted. Lyft reported a net loss of $251.9 million in the second quarter, a 42% improvement from the $437.1 million it lost in the same period last year, but still a steeply negative figure.

The company said that net loss for the second quarter includes $207.8 million of stock-based compensation and related payroll tax expenses, and the $20.4 million expense related to the previously disclosed agreement to reinsure certain legacy auto insurance liabilities.

In the second quarter, Lyft’s aggregate spend on cost of revenue related expenses rose, though that was to be expected given how sharply its revenues themselves expanded compared to the year-ago period. The company also managed to curtail G&A costs, and its “operations and support” line item. However, R&D costs and S&M expenses both expanded compared to the year-ago quarter.

Finally on numbers, what about cash? Despite managing to generate positive adjusted EBITDA in the last three months, Lyft operations consumed $37.5 million in cash during the quarter. Lyft’s operations have not generated positive cash flow since Q3 2019. But don’t worry that Lyft is about to run out of funds — it has more than $2 billion in cash to support its growth.

There are signs that Lyft’s business is maturing into something more profitable than it once was. The company’s contribution margin, a non-GAAP figure that is used to indicate profitability of its ride-hailing model sans corporate costs, rose to 59.1% in the second quarter, an all-time record result. In the year-ago period the metric fell to 34.6%, its worst result since Q1 2017.

Lest we all forget, Lyft is now free of its costly autonomous vehicle technology program called Level 5. Lyft sold Level 5 to Toyota’s Woven Planet Holdings.

That doesn’t mean the company isn’t interested in getting into the robotaxi game.

Last month, Lyft announced a partnership with Argo AI and Ford to launch at least 1,000 self-driving vehicles on Lyft’s ride-hailing network in a number of cities over the next five years, starting with Miami and Austin. The first Ford self-driving vehicles, which are equipped with Argo’s autonomous vehicle technology, will become available on Lyft’s app in Miami later this year.

TechCrunch has tuned into the Lyft call and will update this story as needed.

There are very few marketing channels as well rounded as email newsletters. They provide a direct, owned line of communication with your audience; nearly 40x return on investment (~$40 generated per every dollar spent), are infinitely scalable and virtually free.

But to unlock these benefits, you’re going to need to be strategic. In this article, I’m going to share tactics we’ve used at Demand Curve to grow our newsletter list to over 50,000 highly-qualified subscribers and maintain an open rate of over 50%.

Increase popup conversion using the 60% rule

While they’re often thought of as intrusive, pop-ups work. On average, they convert 3% of site visitors, and strategic, high-performing pop-ups can reach conversion of about 10%.

To make higher-converting, less intrusive pop-ups, try the 60% rule.

1. Choose a page you’d like to put a pop-up on. We recommend pages that aren’t conversion-focused (like product pages, checkout and sign-ups). We’ve found content pages work the best and they can act as a signal for visitors who are looking for something specific.
2. Open your website’s analytics and see what the average time spent on that page is.
3. Set your pop-up to appear after 60% of the average time of that page has elapsed.

So if the average time spent on a page is 50 seconds, set your pop-up to appear 30 seconds (60% of total time) after visitors land on that page.

Why 60%? Readers have shown interest in your content, but are nearing the end of their session. Prompting them to join your newsletter to see more relevant content in exchange for their email will feel fair.

Give samples of your newsletter to prove quality

If a visitor is new to your content, asking them to sign up for your newsletter can be a big step, and most new visitors won’t convert. To narrow the gap between a new reader and subscriber, provide a sample on the sign-up page. Use your most engaging newsletter as a sample to prove that your content is high quality.

To source your most engaging content, filter by open rate and replies. In your email service provider, sort your previous editions by open rate. This will help you identify which subject lines are most popular with existing readers. Modify your most popular subject line to turn it into a header on your newsletter sign-up page.

Next, go into your inbox and sort by replies to your newsletter. Identify which newsletter got the most replies from your readers. This is a positive signal that the content from that edition resonated the most and would be a solid choice for your free sample.

Image Credits: Demand Curve

Emails from real people are opened more often

People reflexively ignore welcome emails after they sign up. But, those who do open your welcome email are more likely to consistently open your newsletters.

To encourage new subscribers to open your welcome email, try breaking the welcome email pattern using delayed gratification and a recognizable sender.

Delay your welcome email by 45 minutes. This will bypass the reflex that new subscribers have to ignore an email that pings them seconds after signing up. We’ve found 45 minutes to be ideal, because the delay is long enough that it breaks the pattern, but not so long that your email gets buried in their inbox.

Send your welcome from a person, not from a business account. We’ve found this tactic to be especially effective when the sender is the founder of the business or someone with an established audience. Use a photo of that person and not your company logo to help the email stand out.

To avoid overflowing the sender’s real inbox, create a subdomain for your website that will be used exclusively for sending emails. Create an account for your sender and begin using it for your newsletter. This avoids overwhelming their inbox and maintains the health of your sending domain.

Image Credits: Demand Curve

Send a superissue to new subscribers

A new subscriber will be keen to receive their first issue. To ensure they’re satisfied, piece together your best content from past issues into a superissue. But be careful not to use the same content you included as samples on your sign-up page.

Send this first superissue with the welcome email so that your new subscribers are immediately receiving value from your newsletter. Starting with your best content first will get your subscribers excited to open future emails.

We’ve found that shorter welcome emails perform better than long-winded ones. Keep your welcome message short and your opening issue tight. Once they’ve received the welcome email and the first superissue, add them to the regular email cadence.

Image Credits: Demand Curve

Consider sending fewer emails

We polled over 24,000 marketers on Twitter asking whether people suffer from “newsletter fatigue,” causing them to unsubscribe.

The results: 80% of respondents unsubscribe when they get too many emails.

To avoid overwhelming your subscribers:

Give your subscribers control over how often they are emailed: Some subscribers want them weekly, while others want monthly. In the footer of your email, create opt-out links that allow subscribers to customize the cadence they’ll receive emails. Giving them the opportunity to opt out of frequent emails while still remaining subscribed keeps them as valid contacts on your email list. You want to avoid losing them completely as a subscriber.

Send fewer emails: Putting a constraint on how many emails you’re allowed to send every quarter will force you to be more thoughtful about the contents of those emails. A high volume of emails just for the sake of being in your subscribers’ inbox can burn you and your readers out. We’ve seen very little correlation between volume of emails and the resulting conversion rate.

Make your emails fun — not just educational

Most emails in your inbox are serious. To stand out, consider injecting some lighthearted memes, jokes or interesting links from around the web.

We’ve found this tactic works extremely well, because it gives your readers a dopamine hit in every email. Not every piece of newsletter content you write will resonate with every subscriber. Humor, on the other hand, can have broad appeal. Including interesting and fun content will ensure that every reader is left feeling satisfied.

It also helps build a habit. If every edition is slightly different, your reader will never be sure what they’re opening when a new edition hits their inbox. We’ve found that including something fun at the bottom of the newsletter gives readers a reward: Read the serious stuff, then get rewarded with the fun stuff.

We add a meme to each issue. People reply to tell us how much they appreciate it.

Image Credits: Demand Curve

Make referrals seamless

Referrals are a free way to grow your newsletter. To increase the chances of subscribers referring you to others, make sure the process takes no longer than 25 seconds.

Remind readers at the end of each issue that they can refer others. A simple way is to ask them to forward the email to a friend who would find it interesting. Include a short sentence in the intro to your newsletter telling people being referred where they can subscribe. Include a link.

An advanced tactic is to include a subscriber’s unique link to a referral program so they can track how many people they’ve invited. Give them the option to share through email or social media.

You should also have a web version of every issue so that your content can be easily shared outside of email. Most email service providers will automatically generate a web link that you can promote through social media or elsewhere. You can also copy the content and post it to your website as a blog post to generate traffic from search engines.

Consider providing rewards to those who refer your newsletter. Merchandise will likely only work as an incentive if your brand is well known or very unique. We suggest incentivizing referrals using exclusive content. Send a monthly bonus issue to subscribers who have referred five or more friends. This will keep your costs down and give your subscribers more of what they already want.

Note that you will need a critical mass of subscribers before referrals will prove to be effective. We’ve found the threshold is about 10,000 subscribers. But if your audience is extremely engaged or the community you serve is active, implementing a free referral program has virtually no downside.

How to turn followers into subscribers

Your subscribers will likely become aware of your content through a social media channel, but social media audiences are rented from the platform — you do not own a direct channel to communicate with them. Converting followers into newsletter subscribers is one way to control a direct line of communication and deepen your relationship with your audience.

When pitching your followers to subscribe to your newsletter, include a link in your bio. This may sound obvious, but many people don’t do it. When someone comes across your social media profile, make signing up for your newsletter the call to action. Otherwise, they’ll have no idea that you even have a newsletter.

You could also cut a Twitter thread or LinkedIn post short and tell people to subscribe for the rest of the insights. You probably don’t want to overuse this tactic.

Create an offer or unique piece of content that can only be accessed through the newsletter. This will motivate your followers to join your email list to get access to exclusive content or unique offers.

Recap

Getting new subscribers: Use pop-ups that are relevant and only to high-intent readers on your site. Provide proof of why they should subscribe to your newsletter with sample content. Make your welcome email stand out and front-load the first issue with your best content.

Keeping subscribers: To keep your subscribers wanting more, send fewer emails. Sprinkle in humor and interesting links to turn your newsletter into a habit.

Promoting your newsletter: Use exclusivity and offers to hook your social media followers into subscribing to your newsletter. Ask your subscribers to refer your newsletter to others to grow your subscriber base.

Superintelligence, roughly defined as an AI algorithm that can solve all problems better than people, will be a watershed for humanity and tech.

Even the best human experts have trouble making predictions about highly probabilistic, wicked problems. And yet those wicked problems surround us. We are all living through immense change in complex systems that impact the climate, public health, geopolitics and basic needs served by the supply chain.

Just determining the best way to distribute COVID-19 vaccines without the help of an algorithm is practically impossible. We need to get smarter in how we solve these problems — fast.

Superintelligence, if achieved, would help us make better predictions about challenges like natural disasters, building resilient supply chains or geopolitical conflict, and come up with better strategies to solve them. The last decade has shown how much AI can improve the accuracy of our predictions. That’s why there is an international race among corporations and governments around superintelligence.

Highly credible think tanks like Deepmind and OpenAI say that the path to superintelligence is visible. Last month, Deepmind said reinforcement learning (RL) could get us there, and RL is at the heart of embodied AI.

What is embodied AI?

Embodied AI is AI that controls a physical “thing,” like a robot arm or an autonomous vehicle. It is able to move through the world and affect a physical environment with its actions, similar to the way a person does. In contrast, most predictive models live in the cloud doing things such as classifying text or images, steering flows of bits without ever moving a body through three-dimensional space.

For those who work in software, including AI researchers, it is too easy to forget the body. But any superintelligent algorithm needs to control a body because so many of the problems we confront as humans are physical. Firestorms, coronaviruses and supply chain breakdowns need solutions that aren’t just digital.

All the crazy Boston Dynamics videos of robots jumping, dancing, balancing and running are examples of embodied AI. They show how far we’ve come from early breakthroughs in dynamic robot balancing made by Trevor Blackwell and Anybots more than a decade ago. The field is moving fast and, in this revolution, you can dance.

What’s blocked embodied AI up until now?

Challenge 1: One of the challenges when controlling machines with AI is the high dimensionality of the world — the sheer range of things that can come at you.

Indian fintech startup BharatPe has raised $370 million in a new round of financing as it looks to aggressively scale its business in the next two years. It’s the nineteenth Indian startup to become a unicorn this year (up from 11 last year) as several high-profile global investors double down in the South Asian market.

The new round — a Series E — was led by Tiger Global and valued the New Delhi-based startup at $2.85 billion (post-money), it said in a statement Tuesday evening. Dragoneer Investor Group and Steadfast Capital also participated in the new round, which brings the startup’s to-date raise to over $580 million against equity.

Tuesday’s news confirms a TechCrunch scoop from June in which we reported that the four-year-old startup was looking to raise about $250 million at a pre-money valuation of $2.5 billion. BharatPe was valued at about $900 million in its Series D round in February this year, and $425 million last year.

BharatPe co-founder Ashneer Grover confirmed that the startup was indeed looking to raise $250 million until inbound requests from investors prompted an oversubscription. The new investment also includes some secondary transactions.

BharatPe, which counts Coatue, Ribbit Capital and Sequoia Capital India among its existing investors, operates an eponymous service to help offline merchants accept digital payments and secure working capital.

Even as India has already emerged as the second-largest internet market, with more than 650 million users, much of the country remains offline.

Among those outside of the reach of the internet are merchants running small businesses, such as roadside tea stalls and neighborhood stores. To make these merchants comfortable with accepting digital payments, BharatPe relies on QR codes and point of sale machines that support government-backed UPI payments infrastructure.

Scores of giants and startups are attempting to serve neighborhood stores in India. Image Credits: Bank of America Research

The startup, which serves more than 7 million merchants in over 130 Indian cities, said it has disbursed close to $300 million to merchant partners. It does not charge merchants for universal QR code access, but is looking to make money by lending.

The startup plans to expand its product offerings as well as work with Centrum Financial Services, with which it was recently granted the license by India’s central bank (Reserve Bank of India) to set up a small finance bank. (Centrum Financial Services has collaborated with BharatPe for the license, and the Indian startup says the two are “equal” partners.)

Tuesday’s development further illustrates the growing interest of Tiger Global in India. The New York-headquartered firm has backed dozens of Indian startups, including social commerce startup DealShare, edtech Classplus, Apna (an app that helps blue-collar workers connect with recruiters) and home services platform Urban Company in recent months.

On Tuesday, Infra.Market, an Indian startup that helps construction and real estate companies procure materials and handle logistics for their projects, said it had raised $125 million in a round led also by Tiger Global.

U.K. cybersecurity company Pen Test Partners has identified several vulnerabilities in the APIs of six home electric vehicle charging brands and a large public EV charging network. While the charger manufacturers resolved most of the issues, the findings are the latest example of the poorly regulated world of Internet of Things devices, which are poised to become all but ubiquitous in our homes and vehicles.

Vulnerabilities were identified in the API of six different EV charging brands — Project EV, Wallbox, EVBox, EO Charging’s EO Hub and EO mini pro 2, Rolec, and Hypervolt — and public charging network Chargepoint. Security researcher Vangelis Stykas identified several security flaws among the various brands that could have allowed a malicious hacker to hijack user accounts, impede charging, and even turn one of the chargers into a “backdoor” into the owner’s home network.

The consequences of a hack to a public charging station network could include theft of electricity at the expense of driver accounts and turning chargers on or off.

A Raspberry Pi in a Wallbox charger. (Image: Pen Test Partners (opens in a new window))

Some EV chargers used a Raspberry Pi compute module, a low-cost computer that’s often used by hobbyists and programmers.

“The Pi is a great hobbyist and educational computing platform, but in our opinion it’s not suitable for commercial applications as it doesn’t have what’s known as a ‘secure bootloader’,” Pen Test Partners founder Ken Munro told TechCrunch. “This means anyone with physical access to the outside of your home (hence to your charger) could open it up and steal your Wi-Fi credentials. Yes, the risk is low, but I don’t think charger vendors should be exposing us to additional risk.”

The hacks are “really fairly simple,” Munro said. “I can teach you to do this in five minutes,” he added.

The company’s report, published this past weekend, touched on vulnerabilities associated with emerging protocols like the Open Charge Point Interface, maintained and managed by the EVRoaming Foundation. The protocol was designed to make charging seamless between different charging networks and operators.

Munro likened it to roaming on a cell phone, allowing drivers to use networks outside of their usual charging network. OCPI isn’t widely used at the moment, so these vulnerabilities could be designed out of the protocol. But if left unaddressed, it could mean “that a vulnerability in one platform potentially creates a vulnerability in another,” Stykas explained.

Hacks to charging stations have become a particularly nefarious threat as a greater share of transportation becomes electrified and more power flows through the electric grid. Electric grids are not designed for large swings in power consumption — but that’s exactly what could happen, should there be a large hack that turned on or off a sufficient number of DC fast chargers.

“It doesn’t take that much to trip the power grid to overload,” Munro said. “We’ve inadvertently made a cyberweapon that others could use against us.”

The “Wild West” of cybersecurity

While the effects on the electric grid are unique to EV chargers, cybersecurity issues aren’t. The routine hacks reveal more endemic issues in IoT devices, where being first to market often takes precedence over sound security — and where regulators are barely able to catch up to the pace of innovation.

“There’s really not a lot of enforcement,” Justin Brookman, the director of consumer privacy and technology policy for Consumer Reports, told TechCrunch in a recent interview. Data security enforcement in the United States falls within the purview of the Federal Trade Commission. But while there is a general-purpose consumer protection statute on the books, “it may well be illegal to build a system that has poor security, it’s just whether you’re going to get enforced against or not,” said Brookman.

A separate federal bill, the Internet of Things Cybersecurity Improvement Act, passed last September but only broadly applies to the federal government.

There’s only slightly more movement on the state level. In 2018, California passed a bill banning default passwords in new consumer electronics starting in 2020 — useful progress to be sure, but which largely puts the burden of data security in the hands of consumers. California, as well as states like Colorado and Virginia, also have passed laws requiring reasonable security measures for IoT devices.

Such laws are a good start. But (for better or worse) the FTC isn’t like the U.S. Food and Drug Administration, which audits consumer products before they hit the market. As of now, there’s no security check on technology devices prior to them reaching consumers. Over in the United Kingdom, “it’s the Wild West over here as well, right now,” Munro said.

Some startups have emerged that are trying to tackle this issue. One is Thistle Technologies, which is trying to help IoT device manufacturers integrate mechanisms into their software to receive security updates. But it’s unlikely this problem will be fully solved on the back of private industry alone.

Because EV chargers could pose a unique threat to the electric grid, there’s a possibility that EV chargers could fall under the scope of a critical infrastructure bill. Last week, President Joe Biden released a memorandum calling for greater cybersecurity for systems related to critical infrastructure. “The degradation, destruction, or malfunction of systems that control this infrastructure could cause significant harm to the national and economic security of the United States,” Biden said. Whether this will trickle down to consumer products is another question.

You don’t know what you’ve got ’til it’s gone.

After a fittingly fleeting time in the wild, Twitter is banishing its ephemeral stories feature known as Fleets, which debuted in November 2020.

Twitter began testing Fleets back in March of last year. The company thought that it might be able to lure people who were hesitant about collecting their stray thoughts into the platform’s semi-permanent format with a “lower-pressure” kind of a tweet. Many major social platforms have some form of disappearing content, so it made sense that Twitter would give things a try too — but after eight months live, Twitter is killing the feature.

Like Instagram Stories, Fleets lived on top of the timeline, highlighted in their own dedicated space. As fleets phase out, Spaces, Twitter’s Clubhouse-like audio rooms, will occupy the same slot in the app.

The company hoped that Fleets would bring new users under its wing, but the only people who really adopted the new feature were apparently already Twitter diehards. Twitter said it would go back to the drawing board to figure out how to get more people participating on Twitter and Fleets were an unfortunate casualty of that realization.

“If we’re not evolving our approach and winding down features every once in a while – we’re not taking big enough chances,” Twitter Consumer Product VP Ilya Brown said in a blog post.

We can only hope that Twitter’s future products continue the gay sex naming scheme that the company accidentally introduced when it named Fleets “fleets.” (Congrats, gay former intern!)

To the company’s chagrin, the feature’s swift demise apparently inspired more enthusiasm for the product than Fleets had enjoyed previously. Twitter’s tweet announcing the death of Fleets also somehow turned into an iconic enough moment that the company made it into a collectible hoodie that reads “We’re sorry or you’re welcome,” ensuring that Fleets will live on in our hearts until we inevitably forget they ever existed — perhaps the most fitting tribute of all.

Advanced Technology Ventures, a Silicon Valley venture capital firm with more than $1.8 billion in assets under its management, was hit by a ransomware attack in July that saw cyber-criminals steal personal information on the company’s private investors, or limited partners (LPs).

In a letter to the Maine attorney general’s office, ATV said it became aware of the attack on July 9 after its servers storing financial information had been encrypted by ransomware. By July 26, the ATV learned that data had been stolen from the servers before the files were encrypted, a common “double extortion” tactic used by ransomware groups, which then threaten to publish the files online if the ransom to decrypt the files is not paid.

The letter said ATV believes the names, email addresses, phone numbers, and Social Security numbers of the individual investors in ATV’s funds were stolen in the attack. Some 300 individuals were affected by the incident, including one person in Maine, according to a listing on the Maine attorney general’s data breach notification portal.

Venture capital firms often do not disclose all of their LPs — the investors who have thrown millions into an investment vehicle — to the public. A number of pre-approved names may be included in an announcement, but overall, a company’s private investors try to stay that way: private. The reasons vary, but it comes down to secrecy and a degree of competitive advantage: the firm may not want competitors to know who is backing them, and an investor may not want others to know where their money is going. This particular attack likely stole key information on a hush-hush part of how venture money works.

ATV said notified the FBI about the attack. A spokesperson for the FBI did not immediately comment when reached by TechCrunch. ATV’s managing director Mike Carusi did not respond to questions sent by TechCrunch on Monday.

The venture capital firm, based in Menlo Park, California with offices in Boston, was founded in 1979 and invests largely in technology, communications, software and services, and healthcare technology. The company was an early investor in many of the startups from the last decade, like software library Fandango, Host Analytics (now Planfun) and Apptegic (now Evergage). Its more recent investments include Tripwire, which was later sold to cybersecurity company Belden for $710 million; Cedexis, a network traffic monitoring startup acquired by Cisco in 2018; and Actifo, which was sold to Google in 2020.

Natasha Mascarenhas contributed reporting. Send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send TechCrunch files or documents using our SecureDrop.

Advanced Technology Ventures, a Silicon Valley venture capital firm with more than $1.8 billion in assets under its management, was hit by a ransomware attack in July that saw cyber-criminals steal personal information on the company’s private investors, or limited partners (LPs).

In a letter to the Maine attorney general’s office, ATV said it became aware of the attack on July 9 after its servers storing financial information had been encrypted by ransomware. By July 26, the ATV learned that data had been stolen from the servers before the files were encrypted, a common “double extortion” tactic used by ransomware groups, which then threaten to publish the files online if the ransom to decrypt the files is not paid.

The letter said ATV believes the names, email addresses, phone numbers, and Social Security numbers of the individual investors in ATV’s funds were stolen in the attack. Some 300 individuals were affected by the incident, including one person in Maine, according to a listing on the Maine attorney general’s data breach notification portal.

Venture capital firms often do not disclose all of their LPs — the investors who have thrown millions into an investment vehicle — to the public. A number of pre-approved names may be included in an announcement, but overall, a company’s private investors try to stay that way: private. The reasons vary, but it comes down to secrecy and a degree of competitive advantage: the firm may not want competitors to know who is backing them, and an investor may not want others to know where their money is going. This particular attack likely stole key information on a hush-hush part of how venture money works.

ATV said notified the FBI about the attack. A spokesperson for the FBI did not immediately comment when reached by TechCrunch. ATV’s managing director Mike Carusi did not respond to questions sent by TechCrunch on Monday.

The venture capital firm, based in Menlo Park, California with offices in Boston, was founded in 1979 and invests largely in technology, communications, software and services, and healthcare technology. The company was an early investor in many of the startups from the last decade, like software library Fandango, Host Analytics (now Planfun) and Apptegic (now Evergage). Its more recent investments include Tripwire, which was later sold to cybersecurity company Belden for $710 million; Cedexis, a network traffic monitoring startup acquired by Cisco in 2018; and Actifo, which was sold to Google in 2020.

Natasha Mascarenhas contributed reporting. Send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send TechCrunch files or documents using our SecureDrop.