Category: UNCATEGORIZED

Extra Crunch is excited to announce the launch of “Dear Sophie,” an advice column with answers for all your questions on attracting, hiring and retaining immigrant employees — and more.

Dear Sophie is a collaborative forum hosted by ExtraCrunch and curated by Sophie Alcorn, certified as a Specialist Attorney in Immigration and Nationality Law by the State Bar of California Board of Legal Specialization. Sophie is the founder of Alcorn Immigration Law, the fastest-growing immigration law firm in Silicon Valley and 2019 Global Law Experts Awards’ “Law Firm of the Year in California for Entrepreneur Immigration Services.”

Dear Reader,

As I pack my bags to speak at TechCrunch Disrupt in Berlin this week, I’m happy to announce the first edition of my new column, Dear Sophie. I’m excited to answer your questions about U.S. immigration!

And, If you’re in the area, I invite you to join me at Disrupt Berlin 2019. You can use promo code ALCORN for discounted admission and meet me in person for a free consultation with CrunchMatch, or attend one of my two sessions: 

• The Top 3 Immigration Mistakes Startups Make Wednesday, Dec. 11 – 11:25 – 11:35 
• How to Scale Your Startup Globally Wednesday, Dec. 11 — 2:25 – 3:05

Hope to see you there,

Sophie

Dear Sophie: I’m scared: I feel like I should really be in Silicon Valley to grow my company, but everything I read about immigration makes it sound so hard. Is my dream possible?

— Dreaming in Dresden

Dear Dreaming: Yes, coming to the U.S. to build a startup is absolutely possible. In fact, I see founders like you do it all the time. Your dream is valid and definitely worth pursuing.

The first piece of advice I’d give you is to be careful about which news sources you trust! You might not be getting the whole story. While dramatic changes are taking place in the United States, we still have a functioning immigration system that allows people to come live and work here — people just like you. 

The second piece of advice I have is to research the many visa and green card options that can allow you to come to the United States and grow your company (you can read about them on my blog). You’ll find that some visas grant you the ability to work for the short-term or the long-term (potentially), and some allow you to visit and see what things are like here. 

With these visas, you can find a co-founder and build the early stage of your company, establish a U.S. branch of your existing business, seek venture capital and so much more. 

The third piece of advice I have is to really clarify why you want to come to America — that way, you can be strategic about achieving your goals. You might require a little guidance here, which is one example of where immigration lawyers like myself can be helpful. 

When I meet people in your situation, I reassure them that, not only are they safe to dream with me, but I’ve also helped hundreds of people just like them realize their dreams, even when they didn’t believe it was possible. Almost everybody who comes here once asked the same questions you’re asking.

My last piece of advice is simply to follow your heart. The world needs your ideas and contributions. There are lots of resources and ways to get informed and educated, which is the first step on this journey. Once you have a clear vision, you can work to make your dream a reality — It’s not always easy, but where there’s a will, there’s a way.

You’ve already asked for help, which is a great way to get started. I wish you the best!

Dear Sophie: I have a startup that has been quite successful in Germany. What’s the best way for me to spend some time in the United States exploring product-market fit, gauging business development, and talking to venture capitalists?

— Founder in Frankfurt

Dear Founder: Congratulations on your startup! And bravo for considering taking steps toward strengthening the U.S. marketplace. 

The first thing I suggest you decide is how long it will likely take for you to accomplish your goals. 

If you think you can get the answers you need in less than 90 days, the answer is pretty simple: apply for ESTA (Electronic System for Travel Authorization), which is available to citizens of about 40 countries (including Germany). You’re allowed to visit for business or pleasure with ESTA, but you’re not allowed to work — and you must definitely depart the United States before the end of the authorized period. 

ESTA could be great for a short business trip or a brief accelerator program in Silicon Valley. Be careful with programs that run longer than 90 days. I’ve seen founders in these longer programs leave on day 88 to go back home for a week and then return to the U.S. to complete the program, hoping that this is a safe workaround of the time limit. Remember that ESTA is a non-immigrant status, and if Customs and Border Protection suspects that you are trying to live here or work here, they have the authority to deny your entry to the United States. 

On the other hand, if you know you’ll need to spend 4-6 months in the U.S. without interruption, I suggest you talk to an attorney about the possibility of applying for a B-1/B-2 visitor visa (even if you have ESTA). A visitor visa allows you to stay in the U.S. for up to six months on a single visit. 

People often ask me how long they can stay in the U.S. during a calendar year or how long they need to be outside of the United States after a six-month visit. While there is no fixed answer to these questions, I remind them that ESTA, B-1, and B-2 are non-immigrant statuses, Customs and Border Protection has the authority to deny you entry if you appear to be living or working in the U.S. In my experience, reentry seems OK when people are spending less than 50% of the time in the country as visitors. Still, it’s always best to talk with an attorney about your particular situation. For example, sometimes our clients request that we provide them with letters of support explaining why their trip is temporary, which they can show to the officers at the airport if they get questioned.

I encourage people in your situation to at least come for 90 days. It’s a great opportunity to network, have some great conversations, and clarify your long-term goals in the U.S. Take some time to think about it, reach out online, so you have things set up before you arrive, and plan out your finances so you can make the most of your trip. I’m wishing you every success!

Dear Sophie: I am a venture capitalist, and my fund recently had great success. We’re now raising a second round and building out the infrastructure of our organization. I have a brilliant contractor working for me who scouts new startups. She was born in India, just got her Bachelor’s degree in Computer Science from an Ivy League university, and was also recently accepted back into a Master’s program there. I want to help her plan for her future. Can she keep working for me after OPT, or should she go back to school? How do these choices affect her prospects for short-term and long-term chances for immigration?

— Venture in Venice Beach

Electric vehicle startup Nio is laying off 141 people at its North American headquarters. According to a filing from Employment Development Department of California, the employees at its San Jose office received notice on December 6.

Nio, whose global headquarters are in Shanghai, announced last month that it is partnering with Intel’s Mobileye to develop autonomous vehicles for consumers. Under the agreement, Nio will engineer and produce a self-driving system designed by Mobileye.

The Intel partnership was a spot of bright news after a difficult year for Nio. Nio’s third quarter saw an uptick in sales, thanks in part to competitive pricing, but its share prices have fallen about 78% since the end of February.

The company reported losses in the first and second quarters of the year and in June, voluntarily recalled 5,000 of its ES8 electric SUVs after battery fires in China, impacting its production and delivery. CEO William Li said during the company’s earnings report in September that it would implement cost-cutting measures, including reducing its workforce from 9,900 people down to 7,800 by the end of the third quarter. Nio has offices in 11 cities, including Beijing, London and Munich.

Carsome, a Malaysia-based marketplace for trading users cars, has closed a new $50 million financing round to fend off its rivals and grow its business in Southeast Asian markets.

The new financing round, dubbed Series C, was funded by MUFG Innovation Partners (MUIP), corporate venture capital arm and a wholly-owned subsidiary of Mitsubishi UFJ Financial Group (MUFG), Daiwa PI Partners, the private equity arm of Japan’s securities group Daiwa Securities, Endeavor Catalyst, and Ondine Capital.

Existing investors including Gobi Partners and Convergence Ventures also participated in the round, which pushes four-year-old startups’s total raise to date to $85 million.

Carsome operates one of the largest car trading platforms in Southeast Asia, connecting individuals who wish to sell cars to dealers. The startup, which is operational in Malaysia, Indonesia, and Thailand, claims its platform sees more than 40,000 cars worth more than $300 million trade on the platform.

Carsome, which employs about 700 people uses an online auction model to conduct sales, with prospective cars typically listed the day after they are submitted by consumers following a check-up conducted by the startup’s staff.

That approach allows dealers to check in at a set time each day to look over the cars on offer, while the focus on vetting autos quickly — Carsome can dispatch vehicle checkers directly to a prospective seller’s home– means that consumers can quickly get a sale.

The auction model adds competition and the potential for a seller to make more money than they originally anticipated. That’s a dynamic that is tricky to replicate in other static sale models.

Eric Cheng, co-founder and chief executive of Carsome, told TechCrunch that the startup is attempting to challenge “opaque and inefficient” middle parties that “exploit the misinformation in the market.”

He added, “we want to establish a brand and a standard that advocates trust, transparency, consistency of service and quality assurance across the region that people and businesses can rely on to make their purchasing decisions.”

The startup, which competes with a number of players including Carro in Singapore, plans to use the fresh capital to expand to more markets in Southeast Asia such as the Philippines.

More to follow…

According to Atomico’s recent “State of European Tech, 2019” – widely considered by the European tech industry to be a reliable annual study – at present, 92 in every 100 dollars invested in Europe goes to all-male teams, 83% founders are white, 82% are university educated, in the UK, a quarter of investment committees saw no female founders in 2017 (British Business Bank) and 72% of VC funding is invested in London alone (London & Partners and Pitchbook, 2018).

As you can see, that is a massive problem for the future of diversity in the European tech industry.

At the same time, there are now multiple studies showing that not only is diversity a key component of success for any start-up, but that diverse founders are underrepresented, and yet afford a huge investment opportunity. If confirmation bias among people who all went to the same school and have the same background slowly kills new takes on innovation, where then will the new solutions to the world’s problems come from?

London-based Ada Ventures (named after Ada Lovelace, the first computer programmer) which launched quietly earlier this year, has now announced that it aims to address this problem with a new $34m (£27m) fund, designed as a “first-cheque” seed fund.

The firm says it’s “on a mission to make venture capital truly accessible to the best talent in the UK & Europe, regardless of race, gender or background.”

At TechCrunch Disrupt in Berlin today, founding partners Francesca Warner and Matt Penneycard will be discussing with me live on stage how they raised the fund and how they will put this into practice.

The background to the fund is interesting both in its aims and in the context of Brexit.

Many VC firms in the UK have been previously part-funded by the European Investment Fund.

Effectively, in this context, the UK’s ‘sovereign fund’ – the British Business Bank – will cornerstone the fund through its Enterprise Capital Funds (ECF) program, which supports new and emerging VC fund managers who target the early stage equity gap.

Other investors include global funds such as US-based Blue Sky Capital and Dubai-based Rasmala alongside individuals from across the global tech ecosystem, plus a roster of star-power in terms of European players.

It includes TransferWise co-founder Taavet Henrikus, Supercell’s co-founders, Backstage Capital’s Arlan Hamilton. The fund is also backed by leading figures from industry such as Dame Cilla Snowball,  Silicon Valley law firm Wilson Sonsini and later stage funds Atomico and Inovia Capital.
 
So what’s the deal?

Well, as they put it, it’s the fund’s aim to have the most diverse pipeline, and portfolio, of any fund in Europe.

Ada says that they will look to invest a £500,000 first cheque – which comes post-initial product but pre-larger seed round – and reserve roughly half the fund for follow-on investments.
 
The aim is to make around 30 investments in companies targeting what they call “globally significant problems”, but here’s the rub: particularly for groups that are normally overlooked by VC. That includes ageing populations, women, and young people under 20. Key sectors they are after include healthcare, consumer and the future of work.
 
Another aspect of this launch is that the founding partners, Francesca Warner and Matt Penneycard have in fact worked around each other together for four years, at various places, including Downing Ventures, Seraphim Capital and Techstars.

And there’s a deep hinterland in this subject. Warner is the co-founder of non-profit Diversity VC, which was among one of the first initiatives in Europe to directly address the diversity gap between VC and normally overlooked founding teams.

Commenting on the launch, Warner said: “Having worked in Venture for the last four years, and through co-founding Diversity VC, I’ve seen how structurally narrowly-focused the industry is, investing in the same founders building products and services for the same customers. This is a huge missed opportunity. Ada Ventures is here to change that. We’ve redesigned our funnel of opportunities… Fundamentally, Ada Ventures is about true inclusion, and we will invest in anyone, no matter what they look like and where they come from.” 

The investment strategy is reflected in the fact that Ada has invested in what it claims is the world’s first flushable sanitary pads.

Polipop co-founder and CEO Olivia Ahn said: “We approached many investors to support Polipop. As a FemTech company with a strong sustainability mission, we found investors were hesitant in an unfamiliar market. From the first meeting with Ada, it was clear that Check and Matt were different. They were not only fantastic advocates for the FemTech space but also for female and minority founders.”

The British Business Bank’s research into VC and Female Founders found that for every £1 of VC investment in the UK, all-female founder teams get less than 1p, all-male founder teams get 89p, and mixed-gender teams 10p.

Ken Cooper, managing director of Venture Solutions at the BBB said: “Ada Ventures is an important step in the right direction for the UK Venture Capital ecosystem, with a fund focused on democratizing VC investment regardless of gender, race, background, or location.”
 
Commenting on the launch of Ada’s first fund, Niklas Zennström, founder of Atomico, said: “Entrepreneurs are like athletes and artists; they are randomly distributed all over the world. Ada Ventures has an opportunity to be the fund in Europe for outlier talent, and we are delighted to support them.”

The execution of Ada will also call on a widely distributed network of people feeding the fund’s pipeline.

“Ada Scouts” will be a network of ‘scouts’ which has largely already been built, who will be bringing in opportunities in line with the firm’s investment strategy. They will, says Ada, be incentivized by a finder’s fee and, longer-term, aligned incentive to become investors themselves. Ada says it has in fact already agreed terms on two investments through this network.

Ada’s Scout network will not only reward scouts for surfacing deals, with both an immediate and longer-term incentive but will attempt to make its investments into investors, equipping them with capital, support and resources.
 
Ada launches with 45 scouts already in place, which includes the leaders of Hustle Crew, a for-profit working to make the tech industry more inclusive, Muslamic Makers, a community of Muslims in tech, Yena, the Young Entrepreneurs Networking Association, and YSYS a thriving community of entrepreneurs from a diverse range of backgrounds.
 
It’s a bold vision, but if Ada pulls it off, then it could be a game-changer in the European tech scene.

D-Wave Systems announced a partnership with Japanese industrial giant NEC today to build what they call ‘hybrid apps and services’ that work on a combination of NEC high performance computers and D-Wave’s quantum systems.

The two companies also announced that NEC will be investing $10 million in D-Wave, which has raised $204 million prior to this, according to Crunchbase data.

D-Wave’s chief product officer and EVP of R&D, Alan Baratz, whom the company announced this week will be taking over as CEO effective January 1st, says the company has been able to do a lot of business in Japan, and the size of this deal could help push the technology further. “Our collaboration with global pioneer NEC is a major milestone in the pursuit of fully commercial quantum applications,” he said in a statement.

The company says it is one of the earliest deals between a quantum vendor and a multinational IT company with the size and scale of NEC. The deal involves three key elements. First of all, NEC and D-Wave will come together to develop hybrid services that combine NEC’s supercomputers and other classical systems with D-Wave’s quantum technology. The hope is that by combining the classical and quantum systems, they can create better performance for lower cost than you could get if you tried to do similar computing on a strictly classical system.

The two companies will also work together with NEC customers to build applications that will take advantage of this hybrid approach, and finally, NEC will be an authorized reseller of D-Wave cloud services.

For NEC, which claims to have demonstrated the world’s first quantum bit device way back in 1999, it is about finding ways to keep advancing commercial quantum computing. “Quantum computing development is critical for the future of every industry tasked with solving today’s most complex problems. Hybrid applications and greater access to quantum systems is what will allow us to achieve truly commercial-grade quantum solutions,” Motoo Nishihara, Executive Vice President and CTO at NEC Corporation said in a statement.

This deal should help move the companies toward that goal.

Hello and welcome to a lightweight series I’m writing while I recapture my footing at TechCrunch. It’s lovely to be back, and I’m excited to chat about what’s going on with private companies, public markets and the space between the two.

I wonder what the average revenue (trailing, say) of a unicorn is today, and if that figure is higher or lower than it was a year ago, or three years ago.

There’s a lot of wiggle room in the question; on one hand, the average age of a unicorn has likely gone up as there are far more born over time than exist in the cohort. At the same time, I’d guess that as unicorn creation accelerates, it leads to companies with less revenue than before making the cut. How does it shake out?

I have an email address now (alex.wilhelm@techcrunch.com), so let me know what you think. Best answer gets a free Diet Coke.

Now, to work. Today we’re chatting about a revenue threshold that’s a pretty good demarcator for what a unicorn should be; rare, valuable, and fundamentally desirable.

$100 Million

Back when the unicorn phrase was coined (here at TechCruch.com, recall) six years ago, it excluded a collection of startups that were special in their own right. Private companies worth $1 billion were rare enough then to deserve their own moniker, an aspirational label that quickly became uncomfortably normal as companies held off on launching IPOs and venture capitalists raised ever-larger funds.

In recent years, as troubled augmented-reality shop Magic Leap showed with its high valuation and vanishingly small revenues, some startups have earned the unicorn tag without having a business at all.

Firms with valuations that their revenues can’t back are in similar straits. In the post WeWork era, some unicorns are starting to look a bit long in the tooth. I suspect that the companies in most danger are those with slim revenues (compared to their valuation), poor revenue quality (compared to software startups), or both.

That said, there is a club of private companies that are really something, namely private companies that have managed to reach the $100 million annual recurring revenue (ARR) threshold. It’s not a large group, as startups that tend to cross the $100 million ARR mark are well on the path to going public.

For example, Bill.com is going public this week (the B2B payments company prices Wednesday and trades Thursday; we’ll cover it as it gets out). According to its own amended S-1 filing, Bill.com (backed by Emergence, MasterCard, TTV Capital, and others) reached the $100 million ARR mark in Q2 2019. In the third quarter of this year, its subscription revenue grew from $25.2 million to $28.5 million. Not bad.

Asana announced that it had crossed the threshold back in February on the back of “a period of eight consecutive quarters of revenue growth acceleration, measured on a percentage basis.” It’s still private, though considering a direct listing next year.

But not every $100 million ARR startup is going public. Yet, at least. WalkMe crossed $100 million ARR in Q2 2019 as well, though its IPO plans are opaque. And just last week, Druva announced that it crossed the $100 million ARR mark.

Reaching nine-figure annual recurring revenue matters; try to stop a modern software company at that scale and you’ll struggle.

100 > 1,000

Given that startups which generate high-margin, recurring revenue — which is to say, software startups — are richly valued, aren’t all $100 million ARR companies already worth $1 billion, defeating our point? After all, if the two categories are synonymous, why bother to tease them apart?

An update to Apple’s iOS operating system, out today, will give parents a new set of tools to fight back against kids’ iPhone addiction. With the release of iOS 13.3, parents will for the first time be able to set limits over who kids can talk to and text with during certain hours of the day. These limits will apply across phone calls, Messages, and FaceTime. Parents can also apply a different set of limitations on calls and messaging during the child’s permitted screen time and their downtime hours.

In a new Communication Limits section of Apple’s Screen Time in Settings, iPhone users can set limits based on their contacts. During allowed screen time, users can be contacted by everyone or only by people in their contacts, for example. And during Downtime, they can opt to either be contacted by everyone or only by designated contacts.

And if this is set up under Screen Time’s Parental Controls, parents get to choose who can contact their children and when and vice versa. During Downtime, parents can also designate which particular contacts the child can message and call — like only mom or dad, for example.

In practice, this means parents could stop the child from texting friends late at night or during the school day, by scheduling Downtime to run. (To clarify, Downtime doesn’t necessarily mean “night time” — it’s just any time you only want designated apps to be available, and only calls to get through.)

The feature also allows parents to manage the child’s iCloud contacts remotely, which makes it easier for parents to share important numbers with their child.

These new Communication Limits are a part of Apple’s larger Screen Time system, which was introduced with iOS 12 last year. The system allows iPhone owners to schedule time away from their screen, set time limits on apps, view usage and activity reports, and more.

Many parents have already leveraged these controls to more strictly limit how their children used their devices, including by setting limits on individual apps they wanted to block, like games, as well as by configuring “Downtime” hours.

In addition, parents could set times when the child’s device could not be used at all.

Apple isn’t the only tech company that’s been rethinking how to address consumers’ often dysfunctional relationship with technology. Google also introduced its own set of “digital wellbeing” controls and tools for Android, and even Facebook and Instagram have rewritten parts their software and algorithms with a focus on new metrics like “time well spent,” for example.

While Apple’s Screen Time may have worked well for younger kids, teens quickly found and shared loopholes and workarounds much to parents’ chagrin.

Time will tell if teens come up with a hack to get their iMessages sent under the new parental control system, too.

Zetwerk, an Indian business-to-business marketplace for manufacturing items, has closed a significantly large financing round as it scales its operations in the nation and also helps local businesses find customers overseas.

The 18-month-old startup said on Wednesday it has raised $32 million in a Series B financing round led by Lightspeed and Greenoaks Capital. Zetwerk co-founder and chief executive Amrit Acharya told TechCrunch in an interview that the startup has also raised about $14.2 million in debt from a consortium of banks, and others.

Existing investors Accel, Sequoia India and Kae Capital also participated in the round, which pushes the Bangalore-based startup’s total raise to date to about $41 million. Vaibhav Gupta, co-founder of business-to-business marketplace Udaan, and Maninder Gulati, one of the top executives at budget lodging startup Oyo also participated.

Zetwerk was founded by Acharya, Srinath Ramakkrushnan, Rahul Sharma and Vishal Chaudhary last year. The startup connects OEMs (original equipment manufacturers) and EPC (engineering procurement construction) customers with manufacturing small-businesses and enterprises.

Unlike the more common e-commerce firms we come across every day, Zetwerk sells goods such as parts of a crane, doors, chassis of different machines and ladders. The startup operates to serve customers in fabrication, machining, casting and forging businesses. Currently, Zetwerk works with more than 100 enterprises and 1,500 small and medium-sized businesses. It delivers more than 15,000 parts each month.

“These are all custom-made products,” explained Acharya. “Nobody has a stock of such inventories. You get the order, you find manufacturers and workshops that make them. Our customers are companies that are in the business of building infrastructure.”

“We index these small workshops and understand the kinds of products they have built before. These indexes help bigger companies discover and work with them,” he added.

Once a firm has placed an order, Zetwerk allows them to keep a tab on the progress of manufacturing and then the shipping. This “hand-holding” is crucial, as in this line of business, manufacturing and shipping typically take more than two to three months.

Zetwerk has also enabled manufacturers in India to discover and find clients overseas. Today, manufacturers on the platform export their goods to North America and Southeast Asia, Acharya said. “India has a lot of depth in manufacturing, but much of it has not been tapped well,” he said.

Helping these manufacturing workshops find clients online is still a new phenomenon in the nation. Acharya said Zetwerk largely competes with domain project consultants in the offline work. “They specialize in certain products and geographies. So let’s say someone wanted to buy a machine XYZ in Orissa, they reach out to consultants who help them find workshops and estimate how much time it would take to get the project done.”

According to industry reports, manufacturing today accounts for 14% of India’s GDP. But the nation lacks a supporting ecosystem to execute projects in an efficient manner.

Vaibhav Agarwal, a partner at Lightspeed, said it was unusual to come across a market that is as large as $40 billion to $60 billion in India and global trade-tailwinds that creates opportunity to serve international demand.

The startup plans to infuse portions of the fresh capital into expanding its international operations. Acharya did not share exactly how many clients it has outside of India but said exports currently account for less than 5% of the startup’s GMV, or gross merchandize value.

He said the startup will continue to focus on helping Indian manufacturers find clients outside, as it is better suited to address this, as opposed to helping Indian companies find manufacturers overseas.

The startup will also explore helping its manufacturing workshops access working capital, though Acharya cautioned that it is not something that would happen anytime soon.

In a statement, Prayank Swaroop, a partner at Accel, said, “the use of technology in project planning, procurement, audits, and supply chain transparency is the core offering of Zetwerk which is completely original. Accel is very fortunate to be part of Zetwerk journey since the startup’s inception.”

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 9am Pacific, you can subscribe here.

1. Away CEO is stepping down in light of reports of toxic culture

Steph Korey is stepping down from her role as CEO, although she will remain on-board as executive chairman. She’ll be replaced by Lululemon COO Stuart Haselden.

The timing of the announcement comes just a few days after The Verge published an in-depth story about management practices at the luggage startup, which included extensive quotes from Korey’s Slack messages. However, the company says that the executive search has been underway for months.

2. VSCO acquires video editing startup Rylo

The photo-sharing app behind the 2019 meme craze “VSCO girls” has acquired Rylo, a video editing startup founded by the original developer of Instagram’s Hyperlapse. Founded in 2015, Rylo is best known for its 360° camera capable of creating cinematic video in 5.8K resolution.

3. Apple Card’s interest-free iPhone installment plan goes live, now with 6% back on Apple holiday purchases

The company already announced its plans for the program — allowing cardholders to purchase a new iPhone, then pay it back over 24 months with no interest — but now it’s actually opening up to all Apple Card customers. In addition, Apple is sweetening the deal with 6% back on all Apple purchases made from December 10 through December 31.

4. India proposes new rules to access its citizens’ data

India has proposed new rules that would require companies to obtain consent from Indian citizens before collecting and processing their personal data. At the same time, the new rules also state that companies would have to hand over “non-personal” user data to the government, which would also hold the power to collect any data about its citizens without consent.

5. Waze adds unplowed road reporting feature for better awareness of winter driving hazards

Waze says it developed this update after it received a recommendation from the Virginia Department of Transportation, working with the municipal agency through its “Waze for Cities Data” partnership and data-sharing program.

6. Jiji raises $21M for its Africa online classifieds business

Buyers and sellers use Jiji to make purchases ranging from real estate to car sales. The classifieds site says it has 2 million listings on its Africa platforms and hit 8 million unique monthly users in 2018.

7. AWS is sick of waiting for your company to move to the cloud

AWS held its annual re:Invent customer conference last week in Las Vegas, where CEO Andy Jassy made it clear he’s tired of the slow pace of change inside the enterprise. The company also announced some big bets designed to accelerate cloud adoption. (Extra Crunch membership required.)

Apple has fixed a bug in iOS 13.3, out today, which let anyone temporarily lock users out of their iPhones and iPads by forcing their devices into an inescapable loop.

Kishan Bagaria found a bug in AirDrop, which lets users share files from one iOS device to another. He found the bug let him repeatedly sent files to all devices able to accept files within wireless range of an attacker.

When a file is received, iOS blocks the display until the file is accepted or rejected. But because iOS didn’t limit the number of file requests a device can accept, an attacker can simply keep sending files again and again, repeatedly displaying the file accept box, causing the device to get stuck in a loop.

Using an open source tool, Bagaria could repeatedly send files again and again to not only a specific target in range, but every device set to accept files in wireless range. 

A demonstration of an ‘AirDoS’ attack. (Image: Kishan Bagaria/supplied)

Bagaria calls the bug “AirDoS,” the latter part is short for “denial-of-service,” which effectively denies a user access to their device.

Devices that had their AirDrop setting set to receive files from “Everyone” were mostly at risk. Turning off Bluetooth would effectively prevent the attack. But Bararia said that the file accept box is so persistent it’s near-impossible to turn off Bluetooth when an attack is under way.

The only other way to stop an attack? “Simply run away,” he said. Once a user is out of wireless range of the attacker, they can turn off Bluetooth.

“I’m not sure how well this’d work in an airplane,” he joked.

Apple fixed the bug by adding a rate-limit, preventing a barrage of requests over a short period of time. Because the bug wasn’t strictly a security vulnerability, Apple said it would not issue a common vulnerability and exposure (CVE) score, typically associated with security-related issues, but would “publicly acknowledge” his findings in the security advisory.