Category: UNCATEGORIZED

Instagram apparently handled searches for popular hashtags related to the two presidential candidates differently, pointing Joe Biden search queries toward often negative related hashtags while making no such suggestions in corresponding searches pertaining to President Trump.

A new report by the Tech Transparency Project details the strange platform behavior. In the report, the tech watchdog compared searches for 20 popular hashtags related to the Trump and Biden campaigns and found that related hashtag suggestions were disabled for the Trump-related searches, including #donaldtrump, #trump, #draintheswamp and #trump2020.

For searches of corresponding Biden hashtags like #Biden, #biden2020, #joementum and #teambiden, Instagram suggested a number of related hashtags in a list that was obviously algorithmically generated. While those related suggestions were a mixed bag, they included many hashtags critical of the Biden campaign like #sleepyjoe, #neverbiden and even adjacent conspiratorial hashtags like #covid19isahoax and #georgesorosisevil.

Image Credit: Tech Transparency Project

Alerted to the discrepancy by Buzzfeed, which first reported the new Tech Transparency Project finding, Instagram called the issue a “bug.”

“This isn’t about politics,” Instagram’s comms team wrote in a combative reply to Buzzfeed’s Ryan Mac on Twitter. Instagram also accused the reporter of cherry-picking examples to fit a “sensational narrative.”

Instagram’s team downplayed the uneven handling of candidate’s searches, arguing that the same issue affected a number of other far less consequential hashtags, including #menshair and #gumdisease. Instagram has now disabled the related hashtag suggestions feature across the board.

Trump’s status as the current president could begin to explain the difference in treatment, but the related hashtags were even turned off for the Trump campaign slogan #draintheswamp as well as #fucktrump. The feature was also toggled off for a handful of other political figure hashtags including #obama, #tedcruz and #jaredkushner.

While it’s not evident that the discrepancy was intentional on behalf of Instagram, this particular Trump-friendly search quirk cuts against the narrative that major social media sites are biased against Republicans — an unfounded refrain regularly undermined by the lopsided success of right-leaning content on social platforms. And as we’ve seen time and time again, a company’s intentions have little to do with the unintended consequences of the algorithmic suggestions that make their products so sticky to begin with.

On-demand delivery startup DoorDash has launched a digital storefront to sell household items, as well as the types of things you’d find at a convenience store. So, chips, ice cream, spices, and packaged foods from local restaurants. Called DashMart, the convenience store is available in eight cities throughout the U.S. and plans to launch in additional cities over the next few months.

These are essentially micro-fulfillment centers that carry around 2,000 items where DashMart warehouse associates pick and pack the orders, and then delivery workers, known as Dashers, come to collect the order and deliver to the customer.

The move into the virtual storefront comes a few months after DoorDash partnered with more than 1,800 convenience stores throughout the country to better respond to the needs of customers during the COVID-19 pandemic.

Meanwhile, DoorDash has been under scrutiny for its labor practices, especially amid this global health crisis. Last month, San Francisco District Attorney Chesa Boudin sued DoorDash for “illegally misclassifying employees as independent contractors.” In the complaint, Boudin argues DoorDash misclassified its workers and in doing so, engages in unfair labor practices.

In a statement to TechCrunch at the time, DoorDash said it’s been supportive of its workers throughout the pandemic by offering them safety equipment, telemedicine and more. DoorDash has also long been a proponent of keeping its workers classified as independent contractors.

Up for vote this November is Prop 22, a measure backed by DoorDash, Uber, Lyft and Instacart, which aims to make drivers and delivery workers for said companies exempt from a new state law that classifies them as W-2 employees.

However, a report conducted by the Partnership for Working Familiesargues voting yes on Prop 22 would “create a permanent underclass of workers in a growing sector of the economy.”

Krisp’s smart noise suppression tech, which silences ambient sounds and isolates your voice for calls, arrived just in time. The company got out in front of the global shift to virtual presence, turning early niche traction has into real customers and attracting a shiny new $5 million series A funding round to expand and diversify its timely offering.

We first met Krisp back in 2018 when it emerged from UC Berkeley’s Skydeck accelerator. The company was an early one in the big surge of AI startups, but with a straightforward use case and obviously effective tech it was hard to be skeptical about.

Krisp applies a machine learning system to audio in real time that has been trained on what is and isn’t the human voice. What isn’t a voice gets carefully removed even during speech, and what remains sounds clearer. That’s pretty much it! There’s very little latency (15 milliseconds is the claim) and a modest computational overhead, meaning it can work on practically any device, especially ones with AI acceleration units like most modern smartphones.

The company began by offering its standalone software for free, with paid tier that removed time limits. It also shipped integrated into popular social chat app Discord. But the real business is, unsurprisingly, in enterprise.

“Early on our revenue was all pro, but in December we started onboarding enterprises. COVID has really accelerated that plan,” explained Davit Baghdasaryan, co-founder and CEO of Krisp. “In March, our biggest customer was a large tech company with 2,000 employees — and they bought 2,000 licenses, because everyone is remote. Gradually enterprise is taking over, because we’re signing up banks, call centers and so on. But we think Krisp will still be consumer-first, because everyone needs that, right?”

Now even more large companies have signed on, including one call center with some 40,000 employees. Baghdasaryan says the company went from 0 to 600 paying enterprises, and $0 to $4M annual recurring revenue in a single year, which probably makes the investment — by Storm Ventures, Sierra Ventures, TechNexus and Hive Ventures — look like a pretty safe one.

It’s a big win for the Krisp team, which is split between the U.S. and Armenia, where the company was founded, and a validation of a global approach to staffing — world-class talent isn’t just to be found in California, New York, Berlin and other tech centers, but in smaller countries that don’t have the benefit of local hype and investment infrastructure.

Funding is another story, of course, but having raised money the company is now working to expand its products and team. Krisp’s next move is essentially to monitor and present the metadata of conversation.

“The next iteration will tell you not just about noise, but give you real time feedback on how you are performing as a speaker,” Baghdasaryan explained. Not in the toastmasters sense, exactly, but haven’t you ever wondered about how much you actually spoke during some call, or whether you interrupted or were interrupted by others, and so on?

“Speaking is a skill that people can improve. Think Grammar.ly for voice and video,” Baghdasaryan ventured. “It’s going to be subtle about how it gives that feedback to you. When someone is speaking they may not necessarily want to see that. But over time we’ll analyze what you say, give you hints about vocabulary, how to improve your speaking abilities.”

Since architecturally Krisp is privy to all audio going in and out, it can fairly easily collect this data. But don’t worry — like the company’s other products, this will be entirely private and on-device. No cloud required.

“We’re very opinionated here: Ours is a company that never sends data to its servers,” said Baghdasaryan. “We’re never exposed to it. We take extra steps to create and optimize our tech so the audio never leaves the device.”

That should be reassuring for privacy wonks who are suspicious of sending all their conversations through a third party to  be analyzed. But after all, the type of advice Krisp is considering can be done without really “understanding” what is said, which also limits its scope. It won’t be coaching you into a modern Cicero, but it might help you speak more consistently or let you know when you’re taking up too much time.

For the immediate future, though, Krisp is still focused on improving its noise-suppression software, which you can download for free here.

When Rent the Runway co-founders Jennifer Fleiss and Jennifer Hyman got their first term sheet, it had an exploding clause in it: If they didn’t sign the offer in 24 hours, they would lose the deal.

The co-founders, then students at Harvard Business School, were ready to commit, but their lawyer advised them to pause and attend the meetings they had previously set up with other investors.

Twelve years later, Rent the Runway has raised $380 million in venture capital equity funding from top investors like Alibaba’s Jack Ma, Temasek, Fidelity, Highland Capital Partners and T. Rowe Capital. Fleiss gave up an operational role in the company to a board seat in 2017, as the company reportedly was eyeing an IPO.

But the shoe didn’t always fit: Earlier this year, Rent the Runway struggled with supply chain issues that left customers disgruntled. Then, the pandemic threatened the market of luxury wear more broadly: Who needs a ball gown while Zooming from home? In early March, the business went through a restructuring and laid off nearly half of its workforce, including every retail employee at its physical locations.

In 2009, Fleiss and Hyman were successful Harvard Business School students. Hyman’s father knew a prominent lawyer who agreed to advise them on a contingency basis in exchange for connecting them with potential investors.

Still, fundraising “was extremely hard,” Hyman said. “We were in the middle of a recession and we were two young women at business school who had never really done anything before.”

Fleiss said venture capital firms often sent junior associates, receptionists and assistants to take the meeting instead of dispatching a full-time partner. “It was clear they weren’t taking us very seriously,” Fleiss said, recounting that on one occasion, a male investor called his wife and daughter on speaker to vet their thoughts.

In an attempt to test their thesis that women would pay to rent (and return) luxury clothing, Fleiss and Hyman started doing trunk pop-up shows with 100 dresses. On one occasion, they rented out a Harvard undergraduate dorm room common hall and invited sororities, student activity organizations and a handful of investors.

Only one person showed up, said Fleiss: A guy “who was 30 years older than anyone else in the room.”

Old-fashioned meets nontraditional

Software valuations are bonkers, which means it’s a great time to go public. Asana, Monday.com, Wrike and every other gosh darn software company that is putting it off, pay attention. Heck, even service-y Palantir could excel in this market.

Let me explain.

Over the past few weeks, TechCrunch has tracked the filing, first pricing, rejiggered pricing range, and, today, the first day of trading for BigCommerce, a Texas-based e-commerce company. You can think of it as a comp with Shopify to a degree.

Image Credits: IMGFlip (opens in a new window)

In the wake of the Canadian phenom’s blockbuster earnings report, BigCommerce boosted its IPO range. Yesterday the company did itself one better, pricing $1 per share above that raised range, selling 9,019,565 shares at $24 per share, of which 6,850,000 came from BigCommerce itself.

Before some additions, there are now 65,843,546 shares of BigCommerce in the world, giving the company an IPO valuation of around $1.58 billion.

Given that the company’s Q2 expected revenue range is “between $35.5 million and $35.8 million,” the company sported a run-rate multiple of 11.1x to 11x, depending on where its final revenue tally comes in. That felt somewhat reasonable, if perhaps a smidgen light.

Then the company opened at $68 per share today, currently trading for $82 per share. Hello, 1999 and other insane times. BigCommerce is now worth, using some rough math, around $5.4 billion, giving it a run-rate multiple of around 38x, using the midpoint of its Q2 revenue range.

Security researchers say they have developed a new technique to detect modern cell-site simulators.

Cell site simulators, known as “stingrays,” impersonate cell towers and can capture information about any phone in its range — including in some cases calls, messages and data. Police secretly deploy stingrays hundreds of times a year across the United States, often capturing the data on innocent bystanders in the process.

Little is known about stingrays, because they are deliberately shrouded in secrecy. Developed by Harris Corp. and sold exclusively to police and law enforcement, stingrays are covered under strict nondisclosure agreements that prevent police from discussing how the technology works. But what we do know is that stingrays exploit flaws in the way that cell phones connect to 2G cell networks.

Most of those flaws are fixed in the newer, faster and more secure 4G networks, though not all. Newer cell site simulators, called “Hailstorm” devices, take advantage of similar flaws in 4G that let police snoop on newer phones and devices.

Some phone apps claim they can detect stingrays and other cell site simulators, but most produce wrong results.

But now researchers at the Electronic Frontier Foundation have discovered a new technique that can detect Hailstorm devices.

Enter the EFF’s latest project, dubbed “Crocodile Hunter” — named after Australian nature conservationist Steve Irwin who was killed by a stingray’s barb in 2006 — helps detect cell site simulators and decodes nearby 4G signals to determine if a cell tower is legitimate or not.

Every time your phone connects to the 4G network, it runs through a checklist — known as a handshake — to make sure that the phone is allowed to connect to the network. It does this by exchanging a series of unencrypted messages with the cell tower, including unique details about the user’s phone — such as its IMSI number and its approximate location. These messages, known as the master information block (MIB) and the system information block (SIB), are broadcast by the cell tower to help the phone connect to the network.

“This is where the heart of all of the vulnerabilities lie in 4G,” said Cooper Quintin, a senior staff technologist at the EFF, who headed the research.

Quintin and fellow researcher Yomna Nasser, who authored the EFF’s technical paper on how cell site simulators work, found that collecting and decoding the MIB and SIB messages over the air can identify potentially illegitimate cell towers.

This became the foundation of the Crocodile Hunter project.

A rare public photo of a stingray, manufactured by Harris Corp. Image Credits: U.S. Patent and Trademark Office

Crocodile Hunter is open-source, allowing anyone to run it, but it requires a stack of both hardware and software to work. Once up and running, Crocodile Hunter scans for 4G cellular signals, begins decoding the tower data, and uses trilateration to visualize the towers on a map.

But the system does require some thought and human input to find anomalies that could identify a real cell site simulator. Those anomalies can look like cell towers appearing out of nowhere, towers that appear to move or don’t match known mappings of existing towers, or are broadcasting MIB and SIB messages that don’t seem to make sense.

That’s why verification is important, Quintin said, and stingray-detecting apps don’t do this.

“Just because we find an anomaly, doesn’t mean we found the cell site simulator. We actually need to go verify,” he said.

In one test, Quintin traced a suspicious-looking cell tower to a truck outside a conference center in San Francisco. It turned out to be a legitimate mobile cell tower, contracted to expand the cell capacity for a tech conference inside. “Cells on wheels are pretty common,” said Quintin. “But they have some interesting similarities to cell site simulators, namely in that they are a portable cell that isn’t usually there and suddenly it is, and then leaves.”

In another test carried out earlier this year at the ShmooCon security conference in Washington, D.C. where cell site simulators have been found before, Quintin found two suspicious cell towers using Crocodile Hunter: One tower that was broadcasting a mobile network identifier associated with a Bermuda cell network and another tower that didn’t appear to be associated with a cell network at all. Neither made much sense, given Washington, D.C. is nowhere near Bermuda.

Quintin said that the project was aimed at helping to detect cell site simulators, but conceded that police will continue to use cell site simulators for as long as the cell networks are vulnerable to their use, an effort that could take years to fix.

Instead, Quintin said that the phone makers could do more at the device level to prevent attacks by allowing users to switch off access to legacy 2G networks, effectively allowing users to opt-out of legacy stingray attacks. Meanwhile, cell networks and industry groups should work to fix the vulnerabilities that Hailstorm devices exploit.

“None of these solutions are going to be foolproof,” said Quintin. “But we’re not even doing the bare minimum yet.”

Send tips securely over Signal and WhatsApp to +1 646-755-8849 or send an encrypted email to: zack.whittaker@protonmail.com

While a handful of tech companies like Zoom and Shopify are enjoying massive gains as a result of COVID-19, that’s obviously not the case for most. Weaker demand, slower sales cycles, and customer insistence on pricing concessions and payment deferrals have conspired to cloud the outlook for many tech companies’ growth.

Compounding these challenges, a lot of tech companies are struggling to raise capital just when they need it most. The data so far suggests that investors, particularly those focused on earlier stage financings, are taking a more cautious approach to new deals and valuations while they wait to see how individual companies perform and which way the economy will go. With the outcome of their planned equity financings uncertain, some tech companies are revisiting their funding strategies and exploring alternative sources of capital to fuel their continued growth.

Forecasting growth in a pandemic: a difficult job just got harder

For certain businesses, COVID-19’s impact on revenue was immediate. For others, the effects of slower economic activity and tighter budgets surfaced more gradually with deals in the funnel before the pandemic closing in April and May. Either way, in the second half of 2020, technology CFOs face a common challenge: How do you accurately forecast sales when there’s very little consensus around key issues such as when business activity will return to pre-COVID levels and what the long-term effects of the crisis might be?

Unfortunately, navigating this uncertainty is just as daunting a challenge for investors. These days, equity investors’ assessment of a company’s growth potential, and the value they are willing to pay for that growth, aren’t just impacted by their view of the company itself. Equally important is their assumptions about when the economy will recover and what the new normal might look like. This uncertainty can lead to situations where companies and their potential investors have materially different views on valuation.

Longer funding cycles, more investor-friendly deals

While the full impact of COVID was felt too late to have a material impact on Q1 deal volumes, recently released data from Pitchbook and the NVCA suggest that 2020 will see a significant decrease in the number of companies funded, possibly by as much 30 percent compared to 2019 among early stage companies. And, while it often takes several months to see evidence of broad trends in investment terms, anecdotal evidence indicates investors are seeking to mitigate risk by demanding additional protective provisions.

Twitter says a security bug may have exposed the private direct messages of its Android app users, but said that there was no evidence that the vulnerability was ever exploited.

The bug could have allowed a malicious Android app running on the same device to siphon off a user’s direct messages stored in the Twitter app by bypassing Android’s in-built data permissions. But, Twitter said that the bug only worked on Android 8 (Oreo) and Android 9 (Pie), and has since been fixed.

A Twitter spokesperson told TechCrunch that the bug was reported by a security researcher “a few weeks ago” through HackerOne, which Twitter uses for its bug bounty program.

“Since then, we have been working to keep accounts secure,” said the spokesperson. “Now that the issue has been fixed, we’re letting people know.” Twitter said it waited to let its users know in order to prevent someone from learning about the issue and taking advantage of it before it was fixed.

The notice sent to affected Twitter users. (Image: TechCrunch)

Twitter said the vast majority of users had updated their Twitter for Android app and were no longer vulnerable. But the company said about 4% of users are still running an old and vulnerable version of its app, and users will be notified to update the app as soon as possible.

Many users began noticing in-app pop-ups notifying them of the issue.

News of the security issue comes just weeks after the company was hit by a hacker, who gained access to an internal “admin” tool, which along with two other accomplices hijacked high-profile Twitter accounts to spread a cryptocurrency scam that promised to “double your money.” The hack and subsequent scam netted over $100,000 in scammed funds.

The Justice Department charged three people — including one minor — allegedly responsible for the incident.

Samsung’s first virtual Unpacked ranked somewhere between Microsoft and Apple’s recent events in terms of overall presentation and general awkwardness. The show kicked off seven minutes late, and a number of on-screen presenters certainly tended toward the more…awkward side of things, but overall, it was a decent first virtual event as the company embraces what it’s branded as “The Next Normal.”

Toward the end of the show, mobile head TM Roh noted, “Going forward, 5G and foldable will be the major pillars of Samsung’s future.” 5G is certainly a no-brainer. The event saw the company taking a step toward standardizing the next-gen wireless technology across its flagship mobile devices — as well as making its first appearance on the company’s tablets.

Image Credits: Samsung

As expected, the big news is the latest version of Samsung’s perennial favorite phablet line. The Note 20 gets 5G for both models and now comes in 6.7 and 6.9-inch models. The Ultra version gets a 120Hz refresh rate along with a hybridized 50x super zoom, using the same technology introduced with the Galaxy S20 earlier this year.

The most unsung addition might be UWB (ultra-wideband), which will enable a number of new features, including close proximity file sharing, a future unlock feature (with partner Assa Abloy) and a find my phone-style feature with an AR element. Xbox head Phil Spencer also made a brief remote cameo to announce Game Pass access, bringing more than 100 streaming titles to the device.

The models start at  $1,000 and $1,300, respectively. They’ll start shipping August 21.

New to the 5G game is the Galaxy Tab series. Samsung says the line includes “the first tablets that support 5G available in the United States.” The S7 and S7+ sport an 11 and 12.4-inch display, respectively, and start at $650 and $850, respectively. No word yet on pricing for the 5G versions.

Image Credits: Samsung

The event included a pair of new wearables. The more exciting of the two is probably the Galaxy Buds Live. Samsung has made consistently solid wireless earbuds, and the latest version finally introduce active noise canceling, along with some cool features like the ability to double as a mic for a connected Note device. The bean Buds are available today for $170.

Image Credits: Samsung

I’d be lying if I said the most exciting part of the Galaxy Watch 3 wasn’t the return of the physical bezel — long the best thing about Samsung’s smartwatches. Also notable is the addition of improved sleep and fitness tracking, along with an ECG monitor, which Samsung announced has just received FDA clearance. The Galaxy Watch 3 runs $400 and $430 for the 41mm and 45mm, respectively. There will also be LTE models, priced at $50 more.

Image Credits: Samsung

As for the foldable side of things, the event also found Samsung announcing its latest foldable, the Galaxy Z Fold 2, with help from superstar boy band, BTS. The focus on the new version mostly revolves around fixing the numerous problems surrounding its predecessor. That includes a new glass reinforcement for the screen and a hinge that sweeps away debris that can fall in and break the screen in the process. More information on the foldable will be announced September 1.

Microsoft today announced the launch of a new open-source service mesh based on the Envoy proxy. The Open Service Mesh is meant to be a reference implementation of the Service Mesh Interface (SMI) spec, a standard interface for service meshes on Kubernetes that has the backing of most of the players in this ecosystem.

The company plans to donate Open Service Mesh to the Cloud Native Computing Foundation (CNCF) to ensure that it is community-led and has open governance.

“SMI is really resonating with folks and so we really thought that there was room in the ecosystem for a reference implementation of SMI where the mesh technology was first and foremost implementing those SMI APIs and making it the best possible SMI experience for customers,” Microsoft partner program manager (and CNCF board member) Gabe Monroy told me.

Image Credits: Microsoft

He also added that, because SMI provides the lowest common denominator API design, Open Service Mesh gives users the ability to “bail out” to raw Envoy if they need some more advanced features. This “no cliffs” design, Monroy noted, is core to the philosophy behind Open Service Mesh.

As for its feature set, SMI handles all of the standard service mesh features you’d expect, including securing communications between services using mTLS, managing access control policies, service monitoring and more.

Image Credits: Microsoft

There are plenty of other service mesh technologies in the market today, though. So why would Microsoft launch this?

“What our customers have been telling us is that solutions that are out there today, Istio being a good example, are extremely complex,” he said. “It’s not just me saying this. We see the data in the AKS support queue of customers who are trying to use this stuff — and they’re struggling right here. This is just hard technology to use, hard technology to build at scale. And so the solutions that were out there all had something that wasn’t quite right and we really felt like something lighter weight and something with more of an SMI focus was what was going to hit the sweet spot for the customers that are dabbling in this technology today.”

Monroy also noted that Open Service Mesh can sit alongside other solutions like Linkerd, for example.

A lot of pundits expected Google to also donate its Istio service mesh to the CNCF. That move didn’t materialize. “It’s funny. A lot of people are very focused on the governance aspect of this,” he said. “I think when people over-focus on that, you lose sight of how are customers doing with this technology. And the truth is that customers are not having a great time with Istio in the wild today. I think even folks who are deep in that community will acknowledge that and that’s really the reason why we’re not interested in contributing to that ecosystem at the moment.”