Author: azeeadmin

Getaround is getting around the courthouse. One of the car-sharing startup’s early investors, Geoffrey Shmigelsky, is suing the company, alleging fraud and unfair conduct.

“Our client supported Getaround and Mr. Zaid from the very start, only to be swindled out of $1.785 million that went straight into the pockets of Mr. Zaid’s family and friends, as we allege,” Gaw | Poe LLP Partner Samuel Song said in a statement. “Our client deserved better than this from a person he had supported and trusted for years, and we’ll do what it takes to get what rightfully belongs to him.”

Getaround, however, says “these claims are totally unfounded and we’re looking to get the case dismissed,” Getaround Director of Marketing Communications Jacqueline Tanzella told TechCrunch over the phone.

Specifically, the lawsuit alleges Getaround executives tricked Shmigelsky into selling his shares to their friends and family for $1.79 million less “than what they knew they were worth.” Early last year, investors became interested in purchasing Shmigelsky’s shares, the lawsuit states. But because Getaround is still a private company with scarce public financial information, “they struggled to value Plaintiff’s shares.” That’s when Shmigelsky said he asked Getaround CEO Sam Zaid for the information.

The lawsuit alleges:

Mr. Zaid saw an opportunity and agreed to help. Getaround had a contractual right of refusal to purchase any shares Plaintiff tried to sell, under the same terms and conditions of any sales agreement that Plaintiff entered into with a prospective buyer. Thus, Mr. Zaid was in a position to provide information designed to drive down the value of Plaintiff’s shares, and if Plaintiff agreed to a transaction at a lower price, Mr. Zaid could cause Getaround to exercise its right of first refusal to buy Plaintiff’s shares at a large discount off its true value. Moreover, since Getaround also had the right to assign its right of first refusal to whoever it wanted, Mr. Zaid could cause Getaround to exercise its right to purchase Plaintiff’s shares (at a discounted price) and then gift that opportunity to Mr. Zaid’s friends and family.

Based on the information Zaid and Getaround CFO Adam Kosmicki provided him, Shmigelsky alleges he sold 300,000 shares at $1.80 per share. He also alleges Zaid and Kosmicki concealed the information that Getaround was on the verge of closing an $18 million funding round priced at $7.75 per share. After allegedly invoking its right of refusal, Getaround bought back Shmigelsky’s shares at $1.80 per share.

But since those deals were not yet finalized and still in discussions, Tanzella said, “we were legally bound not to disclose anything that wasn’t complete and to fruition.”

Getaround then allegedly allowed Zaid and Getaround CTO Elliot Kroo’s family and friends to buy those shares for $540,000. Had that stake been valued at $7.75 per share, Shmigelsky would’ve made $2.33 million.

“It’s a really unfortunate situation,” Tanzella said. “I know the team did the best they could.”

Getaround also pointed out that the company helped facilitate the sale of Shmigelsky’s shares on the secondary market five times.

“This complaint seems to be driven by seller’s remorse,” Tanzella said.

Shmigelsky seeks no less than $1.79 million for compensatory and special damages. Getaround, however, does “plan on having this fully dismissed in court,” Tanzella said.

You can read the full complaint below.

AWS has been on a mini shopping spree since the first of the year. First it picked off Israeli disaster recovery startup CloudEndure last week. This week, it was TSO Logic, a Vancouver startup that helps companies make the most efficient use of cloud resources.

The companies did not share the purchase price.

Amazon confirmed the purchase by email and referred to the statement on the TSO Logic website from CEO Aaron Rallo. “We are very pleased to share the news that TSO Logic will be joining the AWS family,” Rallo wrote in the statement.

The company takes data about workloads and applications and helps customers find the most efficient place to run them by measuring requirements like resource needs against cost to find the right balance at any given time.

They can even balance workloads between public and private clouds, which could come in handy with Amazon’s new Outposts product, announced in November at AWS re:Invent, that enables companies to run AWS workloads on-prem, as well as in the cloud.

TSO Logic is part of a growing body of startups who use data to find ways to optimize cloud workloads, sometimes even using spot instances to move workloads to cheaper cloud options to save customers money.

As companies move increasing numbers of workloads to the cloud, it becomes more difficult to understand, manage and control costs. Tools like TSO Logic are designed to help customers  make more efficient use of cloud resources.

Microsoft bought Cloudyn, a startup that provides a similar service, in 2017. As the large cloud infrastructure vendors jockey for position, these types of services offerings should become more commonplace, and it’s far easier for companies like Microsoft and Amazon to simply open up the checkbook than it is to build it themselves.

An Amazon spokesperson indicated that the company will remain in place in Vancouver and all of the TSO Logic employees have been offered positions with Amazon.

Instagram has been earning money from businesses flooding its social network with spam notifications. Instagram hypocritically continues to sell ad space to services that charge clients for fake followers or that automatically follow/unfollow other people to get them to follow the client back. This is despite Instagram reiterating a ban on these businesses in November and threatening the accounts of people who employ them.

A TechCrunch investigation initially found 17 services selling fake followers or automated notification spam for luring in followers that were openly advertising on Instagram despite blatantly violating the network’s policies. This demonstrates Instagram’s failure to adequately police its app and ad platform. That neglect led to users being distracted by notifications for follows and Likes generated by bots or fake accounts. Instagram raked in revenue from these services while they diluted the quality of Instagram notifications and wasted people’s time.

In response to our investigation, Instagram tells me it’s removed all ads as well as disabled all the Facebook Pages and Instagram accounts of the services we reported were violating its policies. Pages and accounts that themselves weren’t in violation but whose ads were have been banned from advertising on Facebook and Instagram. However, a day later TechCrunch still found ads from two of these services on Instagram, and discovered five more companies paying to promote policy-violating follower growth services.

This raises a big question about whether Instagram properly protects its community from spammers. Why would it take a journalist’s investigation to remove these ads and businesses that brazenly broke Instagram’s rules when the company is supposed to have technical and human moderation systems in place? The Facebook-owned app’s quest to “move fast” to grow its user base and business seems to have raced beyond what its watchdogs could safeguard.

Hunting Spammers

I first began this investigation a month ago after being pestered with Instagram Stories ads by a service called GramGorilla. The slicked-back hipster salesmen boasted how many followers he gained with the service and that I could pay to do the same. The ads linked to the website of a division of Krends Marketing where for $46 to $126 per month, it promised to score me 1000 to 2500 Instagram followers.

Some apps like this sell followers directly, though these are typically fake accounts. They might boost your follower count (unless they’re detected and terminated) but won’t actually engage with your content or help your business, and end up dragging down your metrics so Instagram shows your posts to fewer people. But I discovered that GramGorilla/Krends and the majority of apps selling Instagram audience growth do something even worse.

You give these scammy businesses your Instagram username and password, plus some relevant topics or demographics, and they automatically follow and unfollow, like, and comment on strangers’ Instagram profiles. The goal is to generate notifications those strangers will see in hopes that they’ll get curious or want to reciprocate and so therefore follow you back. By triggering enough of this notification spam, they trick enough strangers to follow you to justify the monthly subscription fee.

That pissed me off. Facebook, Instagram, and other social networks send enough real notifications as is, growth hacking their way to more engagement, ad views, and daily user counts. But at least they have to weigh the risk of annoying you so much that you turn off notifications all together. Services that sell followers don’t care if they pollute Instagram and ruin your experience as long as they make money. They’re classic villains in the ‘tragedy of the commons’ of our attention.

This led me to start cataloging these spam company ads, and I was startled by how many different ones I saw. Soon, Instagram’s ad targeting and retargeting algorithms were backfiring, purposefully feeding me ads for similar companies that also violated Instagram’s policies.

The 17 services selling followers or spam that I originally indexed were Krends Marketing / GramGorilla, SocialUpgrade, MagicSocial, EZ-Grow, Xplod Social, Macurex, GoGrowthly, Instashop / IG Shops, TrendBee, JW Social Media Marketing, YR Charisma, Instagrocery, SocialSensational, SocialFuse, WeGrowSocial, IGWildfire, and GramFlare. TrendBee and GramFlare were found to still be running Instagram ads after the platform said they’ve been banned from doing so. Upon further investigation after Instagram’s supposed crackdown, I discovered five more services sell prohibited growth services: FireSocial, InstaMason/IWentMissing, NexStore2019, InstaGrow, and Servantify.

Knowingly Poisoning The Well

I wanted to find out if these companies were aware that they violate Instagram’s policies and how they justify generating spam. Most hide their contact info and merely provide a customer support email, but eventually I was able to get on the phone with some of the founders.

“What we’re doing is obviously against their terms of service” said GoGrowthly’s co-founder who refused to provide their name. “We’re going in and piggybacking off their free platform and not giving them any of the revenue. Instagram doesn’t like us at all. We utilize private proxies depending on clients’ geographic location. That’s sort of our trick to reduce any sort of liability” so clients’ accounts don’t get shut down, they said. “It’s a careful line that we tread with Instagram. Similar to SEO companies and Google, Google wants the best results for customers and customers want the best results for them. There’s a delicate dance” said Macurex founder Gun Hudson.

EZ-Grow’s co-founder Elon refused to give his last name on the record, but told me “[Clients] always need something new. At first it was follows and likes. Now we even watch Stories for them. Every new feature that Instagram has we take advantage of it to make more visibility for our clients.” He says EZ-Grow spends $500 per day on Instagram ads, which are its core strategy for finding new customers. SocialFuse founder Alexander Heit says his company spends a couple hundred dollars per day on Instagram and Facebook ads, and was worried when Instagram reiterated its ban on his kind of service in November, but says “We thought that we were definitely going to get shut down but nothing has changed on our end.”

Several of the founders tried to defend their notification spam services by saying that at least they weren’t selling fake followers. Lacking any self-awareness, Macurex’s Hudson said “If it’s done the wrong way it can ruin the user experience. There are all sorts of marketers who will market in untasteful or spammy ways. Instagram needs to keep a check on that.” GoGrowthly’s founder actually told me “We’re actually doing good for the community by generating those targeted interactions.” WeGrowSocial’s co-founder Brandon also refused to give his last name, but was willing to rat out his competitor SocialSensational for selling followers.

Only EZ-Grow’s Elon seemed to have a moment of clarity. “Because the targeting goes to the right people . . . and it’s something they would like, it’s not spam” he said before his epiphany. “People can also look at it as spam, maybe.”

Instagram Finally Shuts Down The Spammers

In response to our findings, an Instagram spokesperson provided this lengthy statement confirming it’s shut down the ads and accounts of the violators we discovered, claiming that it works hard to fight spam, and admitting it needs to do better:

“Nobody likes receiving spammy follows, likes and comments. It’s really important to us that the interactions people have on Instagram are genuine, and we’re working hard to keep the community free from spammy behavior. Services that offer to boost an account’s popularity via inauthentic likes, comments and followers, as well as ads that promote these services, aren’t allowed on Instagram. We’ve taken action on the services raised in this article, including removing violating ads, disabling Pages and accounts, and stopping Pages from placing further ads. We have various systems in place that help us catch and remove these types of ads before anyone sees them, but given the number of ads uploaded to our platform every day, there are times when some still manage to slip through. We know we have more to do in this area and we’re committed to improving.”

Instagram tells me it uses machine learning tools to identify accounts that pay third-party apps to boost their popularity and claims to remove inauthentic engagement before it reaches the recipient of the notifications. By nullifying the results of these services, Instagram believes users will have less incentive to use them. It uses automated systems to evaluate the images, captions, and landing pages of all its ads before they run, and sends some to human moderators. It claims this lets it catch most policy-violating ads, and that users can report those it misses.

But these ads and their associated accounts were filled with terms like “get followers”, “boost your Instagram followers”, “real followers”, “grow your engagement”, “get verified”, “engagement automation”, and other terms tightly linked to policy-violating services. That casts doubt on just how hard Instagram was working on this problem. It may have simply relied on cheap and scalable technical approaches to catching services with spam bots or fake accounts instead of properly screening ads or employing sufficient numbers of human moderators to police the network.

That misplaced dependence on AI and other tech solutions appears to be a trend in the industry. When I recently reported that child sexual abuse imagery was easy to find on WhatsApp and Microsoft Bing, both seemed to be understaffing the human moderation team that could have hunted down this illegal content with common sense where complex algorithms failed. As with Instagram, these products have highly profitable parent companies who can afford to pour more dollars in policy enforcement.

Kicking these services off Instagram is an important step, but the company must be more proactive. Social networks and self-serve ad networks have been treated as efficient cash cows for too long. The profits from these products should be reinvested in policing them. Otherwise, crooks will happily fleece users for our money and attention.

To learn more about the future of Instagram, check out this article’s author Josh Constine’s SXSW 2019 keynote with Instagram co-founders Kevin Systrom and Mike Krieger — their first talk together since leaving the company.

An unprotected server storing millions of call logs and text messages was left open for months before they were found by a security researcher.

If you thought you’d heard this story before, you’re not wrong. Back in November, another telecoms company, Voxox, exposed a database containing millions of text messages — including password resets and two-factor codes.

This time around, it’s a different company: Voipo, a Lake Forest, Calif. communications provider, exposed tens of gigabytes worth of customer data.

Security researcher Justin Paine found the exposed database last week, and reached out to the company’s chief technology officer. Yet, the database was pulled offline before Paine even told him where to look.

Voipo is a voice-over-internet provider, providing residential and business phone line services that they can control themselves in the cloud. The company’s backend routes calls and processes text messages for its users. But because one of the backend ElasticSearch databases wasn’t protected with a password, anyone could look in and see streams of real-time call logs and text messages sent back and forth.

It’s one of the largest data breaches of the year — so far — totaling close to seven million call logs, six million text messages and other internal documents containing unencrypted passwords that if used could have allowed an attacker to gain deep access to the company’s systems.

TechCrunch reviewed some of the data, and found web addresses in the logs pointed directly to customer login pages. (We didn’t use the credentials, as doing so would be unlawful.)

Paine said, and noted in his write-up, that the database was exposed since June 2018, and contains call and message logs dating back to May 2015. He told TechCrunch that the logs were updated daily and went up to January 8 — the day the database was pulled offline. Many of the files contained highly detailed call records of who called whom, the time and date and more.

Some of the numbers in the call logs were scrubbed, Paine said, but the text message logs contained the numbers of both the sender and the recipient, and the contents of the message itself.

Similar to the Voxox breach last year, Paine said that any intercepted text messages containing two-factor codes or password reset links could have then “allowed the attacker to bypass two-factor on the user’s account,” he said in his write-up. (Another good reason why you should to upgrade to app-based authentication.)

But Paine didn’t extensively search the records, mindful of customers’ privacy.

The logs also contained credentials that permitted access to Voipo’s provider of E911 services, which allows emergency services to know a person’s pre-registered location based on their phone number. Worse, he said, E911 services could have been disabled, rendering those customers unable to use the service in an emergency.

Another file contained a list of network appliance devices with usernames and passwords in plaintext. A cursory review showed that the files and logs contained a meticulously detailed and invasive insight into a person or company’s business, who they’re talking to and often for what reason.

Yet, none of the data was encrypted.

In an email, Voipo chief executive Timothy Dick confirmed the data exposure, adding that this was “a development server and not part of our production network.” Paine disputes this, given the specifics and amount of the data exposed in the database. TechCrunch also has no reason to believe that the data is not real customer data.

Dick said in an email to TechCrunch: “Almost immediately after he reached out to let us know the dev server was exposed, we took it offline and investigated and corrected the issue.” He added: “At this time though, we have not found any evidence in logs or on our network to indicate that a data breach occurred.”

Despite asking several times, Dick did not say how the company concluded that nobody else accessed the data.

Dick also said: “All of our systems are behind firewalls and similar and don’t even allow external connections except from internal servers so even if hostnames were listed, it would not be possible to connect and our logs do not show any connections.” (When we checked, many of the internal systems with IP or web addresses we checked loaded — even though we were outside of the alleged firewall.)

However, in an email to Paine, Dick conceded that some of the data on the server “does appear to be valid.”

Dick didn’t commit to notify the authorities of the exposure under state data breach notification laws.

“We will continue to investigate and if we do find any evidence of a breach or anything in our logs that indicate one, we will of course take appropriate actions to address it [and] make notifications,” he said.

---

Got a tip? You can send tips securely over Signal and WhatsApp to +1 646-755–8849. You can also send PGP email with the fingerprint: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

CM Group, the organization behind email-centric services like Campaign Monitor and Emma, today announced that it has acquired marketing automation firm Sailthru and the email personalization service Liveclicker. The group did not disclose the acquisition price but noted that the acquisition would bring in about $60 million in additional revenue and 540 new customers, including Bloomberg and Samsung. Both of these acquisitions quietly closed in 2018.

Compared to Sailthru, which had raised a total of about $250 million in venture funding before the acquisition, Liveclicker is a relatively small company that was bootstrapped and never raised any outside funding. Still, Liveclicker managed to attract customers like AT&T, Quicken Loans and TJX Companies by offering them the ability to personalize their email messages and tailor them to their customers.

Sailthru’s product portfolio is also quite a bit broader and includes similar email marketing tools, but also services to personalize mobile and web experiences, as well as tools to predict churn and make other retail-focused predictions.

“Sailthru and Liveclicker are extraordinary technologies capable of solving important marketing problems, and we will be making additional investments in the businesses to further accelerate their growth,” writes Wellford Dillard, CEO of CM Group. “Bringing these brands together makes it possible for us to provide marketers with the ideal solution for their needs as they navigate the complex and rapidly changing environments in which they operate.”

With this acquisition, the CM Group now has 500 employees and 300,000 customers.

When the government seized classified-ads site Backpage, forcing it to shut down in April, it became a lot harder to find and locate potential victims of sex trafficking. While it was symbolically good that the site, whose CEO later pled guilty to charges of sex trafficking, shut down, it created a significant technical challenge for law enforcement and the organizations trying to help prevent sex-trafficking, Google Senior Software Engineer Sam Ainsley told TechCrunch.

“Once Backpage was gone, you were looking at an ecosystem in which all of those previously more centralized advertisements [for those being sex trafficked] are being redistributed on much more websites,” Ainsley said.

Ainsley got involved with this work through Google.org’s new fellowship program, which embeds Google engineers inside non-profit organizations on a full-time basis for six months. She did this work at Thorn, a non-profit organization founded by Ashton Kutcher that seeks to protect children from sexual abuse and trafficking. Thorn was the first non-profit to host Google Fellows.

When Backpage was up-and-running, Thorn had been indexing the advertisements and then providing them to law enforcement in order to facilitate the recovery of victims. That task became harder once Backpage shut down. While working at Thorn, Ainsley and four other Google engineers set out to help make this information more easily available to law enforcement.

“The goal of this project was to create actual profiles of victims so that this information could be as accessible as possible,” Ainsley said. “That you could actually understand that victim’s history and where they might be at any given period of time; what are the cities they’ve been in over time; What are the various phone numbers they’ve used over time? How that has their appearance changed? This is all incredibly important because, in this space, that is the strategy. It’s to change things as quickly as possible to evade being found. So it’s really about taking a holistic approach and a personal approach.”

Google machine learning engineers were able to take the massive number of ads and try to understand which advertisements belonged to one individual, and then formulate that one person’s history, Ainsley said. As a data visualization expert, Ainsley’s part was to visualize all of that information in a way that is accessible to law enforcement.

“At this point in time we have built a prototype that we’re really excited about,” Ainsley said. “So we’re really optimistic about where this can go.”

Although her fellowship is over, Ainsley said she’s going to stay on working with the Thorn team one day a week because she wants to see the work taken all the way into the field.

“That’s the dream and I want to be available as much as I possibly can to assist in that effort,” Ainsley said.

Thorn CEO Julie Cordua told TechCrunch it was a successful product, noting it “was an exploration we’ve been wanting to do for quite a while.”

In addition to working with law enforcement around sex trafficking, Thorn tackles child pornography, livestream abuse and grooming. The organization also works to activate companies in the private sector to identify and remove child porn.

Thorn recently launched Safer, a tool for small to medium-sized businesses to identify child pornography on their platforms. Currently, Imgur, Roblox and Flickr are participating in the beta program.

“Larger companies have good systems in place but when you don’t have the capacity to build out risks teams, then this type of bad content starts to flourish,” Cordua said. “That’s what we’re trying to solve for.”

Thorn was the first partner for the Google.org fellowship, but there are two active fellowships at the Family Independence Initiative and Goodwill, which started in November. Before selecting an organization to work with, Google.org examines the potential for impact and ability of the organization to continue the work once the Google engineer leaves.

“And we want to look for an area where there’s a really complex challenge where technology is the solution, or at least is a solution that can really help move the needle,” Google.org Product Manager and Head of Technical Team Jen Carter told TechCrunch.

And for Google, it’s a good retention strategy. Ainsley, for example, said the opportunity came at the right time because she had actually been considering leaving the company.

“I had been at this crossroads in my career as an engineer, where I was feeling pretty siloed in terms of the impact that my work was having,” Ainsley said. “I loved the work I was doing from a technical aspect — I always have — but I was considering potentially even exploring different career options because it was unclear to me how, through programming, I could have a direct impact on people’s lives. And that was something that I really wanted. And when this program was posted, it was right around that time.”

Cordua agrees, noting that it could be a good retention strategy for companies. It’s also a model that she thinks should be replicated by other tech companies.

“Our goal is to get more companies to think about this for their engineering teams,” Cordua said. “It’s an opportunity to build engineering teams that have empathy and understanding of tech’s social impact on both negative and positive things. Tech can do amazing things. Let’s channel it toward these social issues.”

Everyone has to have a podcast, apparently. Even Facebook . The social network this week launched its second-ever original podcast series, and its first one in the U.S. An arm of Facebook’s business operation, the new show “Three and a Half Degrees” will focus on entrepreneurship – specifically the lessons learned, challenges faced, and other insights from successful business leaders.

The name is a reference to how technology has made it easier to connect – today, people are no longer six degrees apart, but only three and a half degrees, the company says.

“I consider it part of our mission to help the businesses we work with learn from one another,” explains David Fischer, Facebook’s VP of Business and Marketing Partnerships. “One way we’re doing this is with the new podcast ‘Three And A Half Degrees: The Power of Connection.’ Through the podcast, we hope to celebrate the journeys of entrepreneurs and business leaders on our platform, and scale their inspiring life lessons and learnings to other entrepreneurs and leaders,” he says.

Facebook today has over 90 million businesses using its platform, so it makes sense that it wants to further establish itself as a place where established businesses can share their knowledge with newcomers. Those smaller businesses could then grow to become a more active part of Facebook’s larger business network, which keeps the cycle – and the ad dollars – flowing.

Fischer will serve as podcast host, and kicks off the first episode with an interview with the creator of TOMS,  Blake Mycoskie, who is introduced on the show to Bryan and Bradford Manning. The Mannings say they were inspired by TOMS to start their own charitable business, Two Blind Brothers. The overall focus for the episode is on brands that prioritize their social mission over profit and growth.

Future episodes will include Monique & Chevalo from Charleston Burger Co. & Chris Kempcziski from McDonald’s (ep 2); Stephanie McMahon from WWE & Gary Vaynerchuk from Vayner Media (ep 3); ictor Lezama from PC Landing Zone & Jake Wood from Team Rubicon (ep 4); Suzanne Gildert from Sanctuary and Kindred AI & Beth Comstock, formerly with GE (ep 5); Antionette Carroll from Creative Reaction Lab & Jonathan Mildenhall from TwentyFirstCenturyBrand (ep 6); Ben Rattray from Change.org & Advisor Chip Conley (ep 7).

This first season includes just these seven episodes and fourteen guests, with new episodes arriving every two weeks.

It’s not a long season, and Facebook hasn’t yet confirmed plans to do another, we understand. That makes the “podcast” a bit more like a marketing initiative rather than a serious attempt at entering the podcasting market.

The podcast is also not monetized. The company has no plans to sell ad space within the podcast, either.

Though this is the first time Facebook has done a podcast in the U.S., it has experimented in this space previously. Last summer, it tried a similar effort in Australia where leading marketers talked about connecting with consumers, in a podcast called Face 2 Face. That one seems to have even more of a tie to Facebook’s own bottom line. (Connect with consumers? Social ads, of course!).

This one is takes a step back from the nitty-gritty of reaching consumers through spending on marketing and ads, but rather on the business leaders themselves.

The vibe of the podcast is one of a highly-produced effort. It doesn’t begin as a sit-down, informal back-and-forth chat, but one where pre-recorded interviews are intercut with host narration and storytelling. It’s not until nearly halfway through before the introduction between Mycskie and the Mannings is made. At that point, it shifts from being a sort of NPR-Lite style effort, and one where you’re listening to a conversation – albeit one with a polished, media-trained exec like Mycskie.

The new U.S. podcast is available on Apple Podcasts, Google Podcasts, Spotify, Stitcher, and TuneIn.

Airbnb, which is expected to go public this year, announced today a number of milestones. For starters, Airbnb says it was profitable on an EBITDA (earnings before interest, taxes, depreciation and amortization) basis for the second year in a row in 2018.

In Q3 2018, Airbnb said it had its strongest quarter ever, where it saw “substantially more” than $1 billion in revenue. The following quarter, Airbnb found a replacement for former CFO Laurence Tosi, who left amid tension between him and Airbnb CEO Brian Chesky. To lead the home-sharing giant into its next phase, Airbnb brought on Dave Stephenson, a long-time Amazon executive.

“He will use his experience in growing large businesses quickly at scale to ensure we are investing for both growth and long-term profitability,” Airbnb wrote in a press memo today.

Airbnb also announced it expects to hit 500 million arrivals by the end of Q1 2019.

The week following CES is probably as good a time as any to launch a Kickstarter campaign for your strange new smartphone. After all, a company like Doogee’s going to have difficulty rising above the din during a CES or MWC, even with an idea as interesting as the rugged, modular S90.

The Chinese manufacturer has no shortage of interesting concepts, of course. And while the S90 appears to be a bit of a niche, it’s already surpassed its (admittedly modest) goal several times over.

The product modular concept is pretty in line with Motorola’s Moto Z offerings, with a series of plates that snap onto the back of the handset, delivering different hardware features through a multi-pin connector.

Many of the mods should prove familiar, too, including an extra battery (5,000mAh) and a gamepad. Though, in addition to the rugged handset, you’ve also got some add-ons specifically tailored to those looking for a device to use in the field. Among those listed are a night vision camera and a walkie-talkie, which extends the handset’s communication abilities where cellular networks don’t reach.

Doogee is shooting for a February delivery for the new handset.

Meal kit company Blue Apron expects to achieve profitability this quarter, the company said ahead of its Q4 2018 and fiscal year 2018 financial results. Blue Apron will release its earnings January 31, but said today that, “based on its current view of the business, Blue Apron plans to reaffirm confidence in achieving profitability” on an adjusted EBITDA basis in Q1 2019, as well as for the entire fiscal year.

Blue Apron defines EBITDA as its net earnings before interest, taxes, depreciation and amortization. Simply put, it’s a measure of Blue Apron’s operating profitability as a percentage of its total revenue.

This comes a couple of months after Blue Apron laid off four percent of its staff as part of its path to profitability. At the time, Blue Apron said it expected to spend about $1.6 million in employee-related expenses — mostly severance payments. That, however, will lead to an estimated $16 million in savings this year.

Meanwhile, Blue Apron recently formed an exclusive direct-to-consumer partnership with Weight Watchers. As part of the deal, Blue Apron has the rights to sell and deliver Weight Watchers meal kits to its customers.

Blue Apron also teased an update on its partnership with Jet to bring same-day and next-day delivery Blue Apron meals to New York City, as well as its new product designed for online and brick-and-mortar retail stores.

In Q3 3018, Blue Apron reported a loss of $33.9 million compared to $87.2 million last year during this time. Meanwhile, revenue declined to $150.6 million compared to $210.6 million in the year-ago period.

Blue Apron is currently trading up 34 percent at $1.4 per share.