Connect with us

Latest News

The Daily Crunch: Tech stocks hammered after US Treasury Secretary speculates on hiking interest rates

Published

on

To get a roundup of TechCrunch’s biggest and most important stories delivered to your inbox every day at 3 p.m. PDT, subscribe here.

Are startup valuations about to fall?

Hello, friends! Alex here to talk to you for a hot second about money. Then we’ll get into startups, venture capital, what Big Tech is up to and more. I promise. But hang with me for a moment.

Tech stocks got hammered today: The tech-heavy Nasdaq fell by more than 2%. Cloud stocks endured twice the damage. What happened? The U.S. government said that it might raise interest rates. So what? Well, when rates were low, lots of money that might have been invested elsewhere was instead funneled into tech stocks and VC funds that invest in startups.

Now, with the government saying that it might shake up the current state of affairs, investors are responding by selling tech stocks. Bessemer Venture Partners investor Byron Deeter noted the drop, tweeting that after a “brutal few days in the clouds,” with software stocks off “~5% today and ~10% on the week,” he was curious if valuations are “just taking a breather after a massive 2020” or starting “a broader reset.”

That’s a great question. More on the underlying economics of the situation here and here. Now, into startup-land.

Twitter doubles down on subscriptions

If you were curious about how Twitter was going to pursue its subscription strategy, the answer, to a degree, is buying startups. Today Big Tweet announced that it is buying Scroll, a startup that charges its users a fee, providing them with an ad-free experience on various media sites. Scroll then split its user fee with those sites.

A neat model, yeah? It’s a bit like the startup called Contenture that TechCrunch covered a few times back in 2009. Only Scroll made more progress than Contenture did. And your humble servant was not a co-founder at Scroll.

Regardless, the Scroll-Twitter deal matters because the social media company is busy rolling up startups and products into its ecosystem to better craft a set of services that may help it monetize more effectively over the long haul. Sarah reports:

[Scroll] will become a part of Twitter’s larger plans to invest in subscriptions, the company says, and will later be offered as one of the premium features Twitter will provide to subscribers. Premium subscribers will be able to use Scroll to easily read their articles from news outlets and from Twitter’s own newsletters product, Revue, another recent acquisition that’s already been integrated into Twitter’s service. When subscribers use Scroll through Twitter, a portion of their subscription revenue will go to support the publishers and the writers creating the content, explains Twitter in an announcement.

Twitter vs. Substack? Yep. Twitter vs. Clubhouse? Yep. And if Twitter can help media companies better monetize and thus not die? Well, then it’s Twitter versus the a16z media operation. I didn’t really expect a Jack versus Marc 2021 but am here for it all the same.

A typical day in today’s startup funding market

There was a cornucopia of startup news today on the site, so I’ve narrowed it a bit to get you what you need in a hurry. Also, shoutout to Mary Ann for covering half of it all by herself.

Here’s the rundown:

To round out our startup and venture capital notes, here are two more bits of news: Austin-based Multicoin Capital has raised a $100 million fund to “further capitalize on rampant excitement in the crypto world,” per our own reporting. Oh, and London-based seed investment fund Stride VC has raised a £100 million fund.

Advice and analysis from Extra Crunch

How to break into Silicon Valley as an outsider

There is no magic spell that will induce an investor to meet with you. As with most things in life, it all comes down to who you know and what you have to offer.

“Nothing beats building human networks,” says Domm Holland, CEO and co-founder of Fast. “That’s the way that you’re going to get this done in terms of fundraising.”

Since its founding in 2019, Fast has raised $124 million across three rounds as it lands new users and partners like Stripe for its one-click checkout product. In this interview, Holland, a native Australian, shares actionable advice for other outsiders with startup dreams.

“Raising money isn’t the only thing,” Holland says. “You’ve got to hire people, you’ve got to build a team, you’ve got to build customers and suppliers, and you’ve got to build entire ecosystems.

(Extra Crunch is our membership program, which helps founders and startup teams get ahead. You can sign up here.)

The enterprise strikes back

Before we get into the enterprise news, here’s what you want to read about: Tesla spent $3 (not a typo) to purchase patents relating to battery tech that we think could really matter.

On the enterprise front, Ron has two stories today from tech giants that matter. The first is an interview with SAP CEO Christian Klein. SAP, you will recall, spun out Qualtrics a little bit ago. What’s ahead for the software giant? Ron is on the case!

From the same pen, Box’s time in the barrel continues as some of its largest public shareholders are agitating to “inject [Box’s] board with still more new blood, taking a swipe at the Box leadership team while it was at it.” This is a fight worth watching as it could encourage, or discourage, more unicorns from going public.

Finally from Big Tech, some good news. Namely that Instagram is working on improving its caption tech, which could help with accessibility. And our own Twitter-free Devin reports that Microsoft wants to help kids read.

Community

We asked everyone on Twitter about their experience trying to learn a foreign language, and you can weigh in here. Some of you have tried using Duolingo (with success!) and some shockingly got through German class in junior high without learning a single sentence of the language. Regardless of your personal experience, give the Duolingo EC-1 a read and learn about how the company started, how they figured out how to make money and what’s up next for them.

Speaking of starting a company … if you’re building your own, join us for this week’s Extra Crunch LiveRegister here. It’s free! See you there.

Latest News

What The Conflict With Israel Looks Like To 2 Palestinians

Published

on

NPR’s Steve Inskeep talks to Omar Shaban, founder of a Gaza-based think tank, and Palestinian lawyer Diana Buttu, about how this cycle of Palestinian-Israeli violence plays out in their neighborhoods.

Continue Reading

Latest News

Echelon exposed riders’ account data, thanks to a leaky API

Published

on

Image Credits: Echelon (stock image)

Peloton wasn’t the only at-home workout giant exposing private account data. Rival exercise giant Echelon also had a leaky API that let virtually anyone access riders’ account information.

Fitness technology company Echelon, like Peloton, offers a range of workout hardware — bikes, rowers, and a treadmill — as a cheaper alternative for members to exercise at home. Its app also lets members join virtual classes without the need for workout equipment.

But Jan Masters, a security researcher at Pen Test Partners, found that Echelon’s API allowed him to access the account data — including name, city, age, sex, phone number, weight, birthday, and workout statistics and history — of any other member in a live or pre-recorded class. The API also disclosed some information about members’ workout equipment, such as its serial number.

Masters, if you recall, found a similar bug with Peloton’s API, which let him make unauthenticated requests and pull private user account data directly from Peloton’s servers without the server ever checking to make sure he (or anyone else) was allowed to request it.

Echelon’s API allows its members’ devices and apps to talk with Echelon’s servers over the internet. The API was supposed to check if the member’s device was authorized to pull user data by checking for an authorization token. But Masters said the token wasn’t needed to request data.

Masters also found another bug that allowed members to pull data on any other member because of weak access controls on the API. Masters said this bug made it easy to enumerate user account IDs and scrape account data from Echelon’s servers. Facebook, LinkedIn, Peloton and Clubhouse have all fallen victim to scraping attacks that abuse access to APIs to pull in data about users on their platforms.

Ken Munro, founder of Pen Test Partners, disclosed the vulnerabilities to Echelon on January 20 in a Twitter direct message, since the company doesn’t have a public-facing vulnerability disclosure process (which it says is now “under review”). But the researchers did not hear back during the 90 days after the report was submitted, the standard amount of time security researchers give companies to fix flaws before their details are made public.

TechCrunch asked Echelon for comment, and was told that the security flaws identified by Masters — which he wrote up in a blog post — were fixed in January.

“We hired an outside service to perform a penetration test of systems and identify vulnerabilities. We have taken appropriate actions to correct these, most of which were implemented by January 21, 2021. However, Echelon’s position is that the User ID is not PII [personally identifiable information,” said Chris Martin, Echelon’s chief information security officer, in an email.

Echelon did not name the outside security company but said while the company said it keeps detailed logs, it did not say if it had found any evidence of malicious exploitation.

But Munro disputed the company’s claim of when it fixed the vulnerabilities, and provided TechCrunch with evidence that one of the vulnerabilities was not fixed until at least mid-April, and another vulnerability could still be exploited as recently as this week.

When asked for clarity, Echelon did not address the discrepancies. “[The security flaws] have been remediated,” Martin reiterated.

Echelon also confirmed it fixed a bug that allowed users under the age of 13 to sign up. Many companies block access to children under the age of 13 to avoid complying with the Children’s Online Privacy Protection Act, or COPPA, a U.S. law that puts strict rules on what data companies can collect on children. TechCrunch was able to create an Echelon account this week with an age less than 13, despite the page saying: “Minimum age of use is 13 years old.”

Continue Reading

Latest News

Casualties Mount As Violence Intensifies Between Hamas, Israel

Published

on

Israel has called up more troops and launched its heaviest assault yet along the Gaza border. Seven people in Israel have been killed. Losses are much higher on the Palestinian side.

Continue Reading

Trending

Copyright © 2020 Latin America Business News

en_USEnglish