Major cryptography blunder in Java enables “psychic paper” forgeries

Major cryptography blunder in Java enables “psychic paper” forgeries

Enlarge (credit: Getty Images)

Organizations using newer versions of Oracle’s Java framework woke up on Wednesday to a disquieting advisory: A critical vulnerability can make it easy for adversaries to forge TLS certificates and signatures, two-factor authentication messages, and authorization credentials generated by a range of widely used open standards.

The vulnerability, which Oracle patched on Tuesday, affects the company’s implementation of the Elliptic Curve Digital Signature Algorithm in Java versions 15 and above. ECDSA is an algorithm that uses the principles of elliptic curve cryptography to authenticate messages digitally. A key advantage of ECDSA is the smaller size of the keys it generates, compared to RSA or other crypto algorithms, making it ideal for use in standards including FIDO-based 2FA, the Security Assertion Markup Language, OpenID, and JSON.

Doctor Who and the psychic paper

Neil Madden, the researcher at security firm ForgeRock who discovered the vulnerability, likened it to the blank identity cards that make regular appearances in the sci-fi show Doctor Who. The psychic paper the cards are made of causes the person looking at it to see whatever the protagonist wants them to see.

Read 12 remaining paragraphs | Comments

#biz-it, #crypto, #ecdsa, #java, #oracle

The TikTok-Oracle deal would set two dangerous precedents

The TikTok-Oracle deal would set two dangerous precedents

Enlarge (credit: Sam Whitney | Getty Images)

In August 2020, President Donald Trump dropped a bombshell executive order banning TikTok in the United States. Since then, as TikTok has competed against other Big Tech companies—growing among teen users while Facebook and others have struggled—its ability to survive in the United States has remained under a cloud of uncertainty. Would regulators step in and kill off a product that had become a staple form of communication for some 100 million Americans?

That cloud seemed to lift last week in the wake of reports that TikTok will enter into a data storage deal with Oracle. In the short term, the agreement would be good for US users, enabling TikTok to invest more of its resources and energy into improving its product, rather than wrestling with the government.

Read 10 remaining paragraphs | Comments

#china, #data-security, #nationalism, #oracle, #policy, #tik-tok, #trump

Spain’s Factorial raises $80M at a $530M valuation on the back of strong traction for its ‘Workday for SMBs’

Factorial, a startup out of Barcelona that has built a platform that lets SMBs run human resources functions with the same kind of tools that typically are used by much bigger companies, is today announcing some funding to bulk up its own position: the company has raised $80 million, funding that it will be using to expand its operations geographically — specifically deeper into Latin American markets — and to continue to augment its product with more features.

CEO Jordi Romero, who co-founded the startup with Pau Ramon and Bernat Farrero — said in an interview that Factorial has seen a huge boom of growth in the last 18 months and counts more than anything 75,000 customers across 65 countries, with the average size of each customer in the range of 100 employees, although they can be significantly (single-digit) smaller or potentially up to 1,000 (the “M” of SMB, or SME as it’s often called in Europe).

“We have a generous definition of SME,” Romero said of how the company first started with a target of 10-15 employees but is now working in the size bracket that it is. “But that is the limit. This is the segment that needs the most help. We see other competitors of ours are trying to move into SME and they are screwing up their product by making it too complex. SMEs want solutions that have as much data as possible in one single place. That is unique to the SME.” Customers can include smaller franchises of much larger organizations, too: KFC, Booking.com, and Whisbi are among those that fall into this category for Factorial.

Factorial offers a one-stop shop to manage hiring, onboarding, payroll management, time off, performance management, internal communications and more. Other services such as the actual process of payroll or sourcing candidates, it partners and integrates closely with more localized third parties.

The Series B is being led by Tiger Global, and past investors CRV, Creandum, Point Nine and K Fund also participating, at a valuation we understand from sources close to the deal to be around $530 million post-money. Factorial has raised $100 million to date, including a $16 million Series A round in early 2020, just ahead of the Covid-19 pandemic really taking hold of the world.

That timing turned out to be significant: Factorial, as you might expect of an HR startup, was shaped by Covid-19 in a pretty powerful way.

The pandemic, as we have seen, massively changed how — and where — many of us work. In the world of desk jobs, offices largely disappeared overnight, with people shifting to working at home in compliance with shelter-in-place orders to curb the spread of the virus, and then in many cases staying there even after those were lifted as companies grappled both with balancing the best (and least infectious) way forward and their own employees’ demands for safety and productivity. Front-line workers, meanwhile, faced a completely new set of challenges in doing their jobs, whether it was to minimize exposure to the coronavirus, or dealing with giant volumes of demand for their services. Across both, organizations were facing economics-based contractions, furloughs, and in other cases, hiring pushes, despite being office-less to carry all that out.

All of this had an impact on HR. People who needed to manage others, and those working for organizations, suddenly needed — and were willing to pay for — new kinds of tools to carry out their roles.

But it wasn’t always like this. In the early days, Romero said the company had to quickly adjust to what the market was doing.

“We target HR leaders and they are currently very distracted with furloughs and layoffs right now, so we turned around and focused on how we could provide the best value to them,” Romero said to me during the Series A back in early 2020. Then, Factorial made its product free to use and found new interest from businesses that had never used cloud-based services before but needed to get something quickly up and running to use while working from home (and that cloud migration turned out to be a much bigger trend played out across a number of sectors). Those turning to Factorial had previously kept all their records in local files or at best a “Dropbox folder, but nothing else,” Romero said.

It also provided tools specifically to address the most pressing needs HR people had at the time, such as guidance on how to implement furloughs and layoffs, best practices for communication policies and more. “We had to get creative,” Romero said.

But it wasn’t all simple. “We did suffer at the beginning,” Romero now says. “People were doing furloughs and [frankly] less attention was being paid to software purchasing. People were just surviving. Then gradually, people realized they needed to improve their systems in the cloud, to manage remote people better, and so on.” So after a couple of very slow months, things started to take off, he said.

Factorial’s rise is part of a much, longer-term bigger trend in which the enterprise technology world has at long last started to turn its attention to how to take the tools that originally were built for larger organizations, and right size them for smaller customers.

The metrics are completely different: large enterprises are harder to win as customers, but represent a giant payoff when they do sign up; smaller enterprises represent genuine scale since there are so many of them globally — 400 million, accounting for 95% of all firms worldwide. But so are the product demands, as Romero pointed out previously: SMBs also want powerful tools, but they need to work in a more efficient, and out-of-the-box way.

Factorial is not the only HR startup that has been honing in on this, of course. Among the wider field are PeopleHR, Workday, Infor, ADP, Zenefits, Gusto, IBM, Oracle, SAP and Rippling; and a very close competitor out of Europe, Germany’s Personio, raised $125 million on a $1.7 billion valuation earlier this year, speaking not just to the opportunity but the success it is seeing in it.

But the major fragmentation in the market, the fact that there are so many potential customers, and Factorial’s own rapid traction are three reasons why investors approached the startup, which was not proactively seeking funding when it decided to go ahead with this Series B.

“The HR software market opportunity is very large in Europe, and Factorial is incredibly well positioned to capitalize on it,” said John Curtius, Partner at Tiger Global, in a statement. “Our diligence found a product that delighted customers and a world-class team well-positioned to achieve Factorial’s potential.”

“It is now clear that labor markets around the world have shifted over the past 18 months,” added Reid Christian, general partner at CRV, which led its previous round, which had been CRV’s first investment in Spain. “This has strained employers who need to manage their HR processes and properly serve their employees. Factorial was always architected to support employers across geographies with their HR and payroll needs, and this has only accelerated the demand for their platform. We are excited to continue to support the company through this funding round and the next phase of growth for the business.”

Notably, Romero told me that the fundraising process really evolved between the two rounds, with the first needing him flying around the world to meet people, and the second happening over video links, while he was recovering himself from Covid-19. Given that it was not too long ago that the most ambitious startups in Europe were encouraged to relocate to the U.S. if they wanted to succeed, it seems that it’s not just the world of HR that is rapidly shifting in line with new global conditions.

#barcelona, #booking-com, #brazil, #ceo, #crv, #enterprise, #europe, #factorial, #general-partner, #germany, #hiring, #human-resource-management, #human-resources, #ibm, #k, #k-fund, #labor, #mathematics, #onboarding, #oracle, #payroll, #people-management, #performance-management, #personnel, #sap, #software, #spain, #tiger-global-management, #united-states, #zenefits

Salesforce’s Kathy Baxter is coming to TC Sessions: SaaS to talk AI

As the use of AI has grown and developed over the last several years, companies like Salesforce have tried to tap into it to improve their software and help customers operate faster and more efficiently. Kathy Baxter, principal architect for the ethical AI practice at Salesforce will be joining us at TechCrunch Sessions: SaaS on October 27th to talk about the impact of AI on SaaS.

Baxter, who has more than 20 years of experience as a software architect, joined Salesforce in 2017 after more than a decade at Google in a similar role. We’re going to tap into her expertise on a panel discussing AI’s growing role in software.

Salesforce was one of the earlier SaaS adherents to AI, announcing its artificial intelligence tooling, which the company dubbed Einstein, in 2016. While the positioning makes it sound like a product, it’s actually much more than a single entity. It’s a platform component, which the various pieces of the Salesforce platform can tap into to take advantage of various types of AI to help improve the user experience.

That could involve feeding information to customer service reps on Service Cloud to make the call move along more efficiently, helping salespeople find the customers most likely to close a deal soon in the Sales Cloud or helping marketing understand the optimal time to send an email in the Marketing Cloud.

The company began building out its AI tooling early on with the help of 175 data scientists and has been expanding on that initial idea since. Other companies, both startups and established companies like SAP, Oracle and Microsoft have continued to build AI into their platforms as Salesforce has. Today, many SaaS companies have some underlying AI built into their service.

Baxter will join us to discuss the role of AI in software today and how that helps improve the operations of the service itself, and what the implications are of using AI in your software service as it becomes a mainstream part of the SaaS development process.

In addition to our discussion with Baxter, the conference will also include Databricks’ Ali Ghodsi, UiPath’s Daniel Dines, Puppet’s Abby Kearns, and investors Casey Aylward and Sarah Guo, among others. We hope you’ll join us. It’s going to be a stimulating day.

Buy your pass now to save up to $100, and use CrunchMatch to make expanding your empire quick, easy and efficient. We can’t wait to see you in October!

Is your company interested in sponsoring or exhibiting at TC Sessions: SaaS 2021? Contact our sponsorship sales team by filling out this form.

#abby-kearns, #ali-ghodsi, #artificial-intelligence, #casey-aylward, #cloud, #cloud-applications, #computing, #daniel-dines, #databricks, #enterprise, #google, #information-technology, #kathy-baxter, #microsoft, #oracle, #salesforce, #sap, #sarah-guo, #tc, #tc-sessions-saas-2021, #uipath

“Developers, as you know, do not like to pay for things”

In the previous part of this EC-1, we looked at the technical details of CockroachDB and how it provides accurate data instantaneously anywhere on the planet. In this installment, we’re going to take a look at the product side of Cockroach, with a particular focus on developer relations.

As a business, Cockroach Labs has many things going for it. The company’s approach to distributed database technology is novel. And, as more companies operate on a global level, CockroachDB has the potential to gain some significant market share internationally. The company is seven years into a typical 10-year maturity model for databases, has raised $355 million, and holds a $2 billion market value. It’s considered a double unicorn. Few database companies can say this.

The company is now aggressively expanding into the database-as-a-service space, offering its own technology in a fully managed package, expanding the spectrum of clients who can take immediate advantage of its products.

But its growth depends upon securing the love of developers while also making its product easier to use for new customers. To that end, I’m going to analyze the company’s pivot to the cloud as well as its extensive outreach to developers as it works to set itself up for long-term, sustainable success.

Cockroach Labs looks to the cloud

These days, just about any company of consequence provides services via the internet, and a growing number of these services are powered by products and services from native cloud providers. Gartner forecasted in 2019 that cloud services are growing at an annual rate of 17.5%, and there’s no sign that the growth has abated at all.

Its founders’ history with Google back in the mid-2000s has meant that Cockroach Labs has always been aware of the impact of cloud services on the commercial web. Unsurprisingly, CockroachDB could run cloud native right from its first release, given that its architecture presupposes the cloud in its operation — as we saw in part 2 of this EC-1.

#cloud, #cloud-computing, #cloud-infrastructure, #cockroach-labs, #cockroachdb, #cockroachdb-ec-1, #database-management, #databases, #distributed-computing, #ec-cloud-and-enterprise-infrastructure, #ec-enterprise-applications, #ec-1, #enterprise, #mysql, #oracle, #relational-database, #saas, #startups, #tc

Scaling CockroachDB in the red ocean of relational databases

Most database startups avoid building relational databases, since that market is dominated by a few goliaths. Oracle, MySQL and Microsoft SQL Server have embedded themselves into the technical fabric of large- and medium-size companies going back decades. These established companies have a lot of market share and a lot of money to quash the competition.

So rather than trying to compete in the relational database market, over the past decade, many database startups focused on alternative architectures such as document-centric databases (like MongoDB), key-value stores (like Redis) and graph databases (like Neo4J). But Cockroach Labs went against conventional wisdom with CockroachDB: It intentionally competed in the relational database market with its relational database product.

While it did face an uphill battle to penetrate the market, Cockroach Labs saw a surprising benefit: It didn’t have to invent a market. All it needed to do was grab a share of a market that also happened to be growing rapidly.

Cockroach Labs has a bright future, compelling technology, a lot of money in the bank and has an experienced, technically astute executive team.

In previous parts of this EC-1, I looked at the origins of CockroachDB, presented an in-depth technical description of its product as well as an analysis of the company’s developer relations and cloud service, CockroachCloud. In this final installment, we’ll look at the future of the company, the competitive landscape within the relational database market, its ability to retain talent as it looks toward a potential IPO or acquisition, and the risks it faces.

CockroachDB’s success is not guaranteed. It has to overcome significant hurdles to secure a profitable place for itself among a set of well-established database technologies that are owned by companies with very deep pockets.

It’s not impossible, though. We’ll first look at MongoDB as an example of how a company can break through the barriers for database startups competing with incumbents.

When life gives you Mongos, make MongoDB

Dev Ittycheria, MongoDB CEO, rings the Nasdaq Stock Market Opening Bell. Image Credits: Nasdaq, Inc

MongoDB is a good example of the risks that come with trying to invent a new database market. The company started out as a purely document-centric database at a time when that approach was the exception rather than the rule.

Web developers like document-centric databases because they address a number of common use cases in their work. For example, a document-centric database works well for storing comments to a blog post or a customer’s entire order history and profile.

#aws, #baidu, #cloud, #cloud-computing, #cloud-services, #cockroach-labs, #cockroachdb, #cockroachdb-ec-1, #data-management, #database, #database-management, #ec-cloud-and-enterprise-infrastructure, #ec-enterprise-applications, #ec-1, #enterprise, #google, #mongodb, #mysql, #new-york-city, #nosql, #oracle, #relational-database, #saas, #startups

An Oracle EVP took a brass-knuckled approach with a reporter today; now he’s suspended from Twitter

Companies and the reporters who cover them routinely find themselves at odds, particularly when the stories being chased are unflattering or bring unwanted attention to a business’s dealings, or, in the company’s estimation, simply inaccurate.

Many companies fight back, which is why crisis communications is a very big and lucrative business. Still, how a company fights back matters. And according to crisis communications pros who TechCrunch spoke with this afternoon, a new post on Oracle’s corporate blog misses the mark, as did the company’s related follow-up on social media.

In fact, the author of the post, an Oracle executive named Ken Glueck, a 25-year-long veteran of the company, has been temporarily suspended by Twitter, the company told Gizmodo this afternoon, after encouraging his followers to harass a female reporter.

The trouble ties to a series of pieces by the news site The Intercept about how a “network of local resellers helps funnel Oracle technology to the police and military in China,” and Oracle’s response to the pieces.

While it isn’t uncommon for companies to post responses to media stories on their own platforms (as well as to take out ads in mainstream media outlets), the crisis execs with whom we spoke — they asked not to be named as they work with companies like Oracle — had some observations that might be helpful to Oracle in the future.

Rule number one: don’t draw attention unnecessarily to work that you might prefer didn’t exist. Oracle’s newest post doesn’t link back to the new Intercept story that Glueck works to dismantle, but in an earlier post about the first Intercept story that ran in February, Glueck hyperlinks to the story on Oracle’s blog. It’s hard to know what Oracle wants its audience to read more — Glueck’s blog post or that Intercept story, particularly given its intriguing title (“How Oracle Sells Repression in China”).

“How many of Oracle’s customers or employees saw [The Intercept piece] and didn’t give a damn and now he’s drawing attention to it?” noted one exec we’d interviewed today.

Rule number two: Don’t attack reporters; attack (if you must) the outlet. In Glueck’s first diatribe against The Intercept over its February piece, he mentions the outlet 26 times and the author of the piece once. In Glueck’s newest salvo against The Intercept, he refers to its author, reporter Mara Hvistendahl, 22 times — mostly by her first name — and even invites readers of Oracle’s blog to reach out to him, writing in boldface: “If you have any information about Mara or her reporting, write me securely at kglueck AT protonmail.com.”

Though Glueck has since said the call-out was a tongue-in-cheek gesture, it was subsequently removed from the post, possibly owing to its “sinister tone” as observed by one of our experts. “No one likes a bully,” said this comms pro, adding that  “bullying conveys weakness.”

Before

After

 

Rule number three: Know your purpose. By lashing out in what is a plainly derisive tone to The Intercept’s piece, as well as continuing to doubling down on its attack against Hvistendahl on social media afterward, Glueck’s strategy became less and less clear, says one of the crisis specialists we spoke with.

“You can do what Ken did and mock” the reporter, said this person, “but is that going to stop The Intercept from continuing to do stories about Oracle? And what is the reaction of other media? Are they scared off by [what happened today] or are they going to circle the wagons?” (Below: a note from an L.A. Times reporter to Glueck today in response to his call for information about Hvistendahl.)

Rule four: Keep it short. Two of the pros we spoke with today commended Glueck’s writing style, calling it both fluid and funny. Both also observed that his response was far too long. “I just couldn’t get through it,” said one.

Last rule: Find another way if possible. The crisis experts we spoke with said it’s ideal to first work with a reporter, then the reporter’s editor if necessary, and if it comes to it, involve lawyers, of which Oracle surely has plenty. “That’s the chain of appeal if a reporter has gotten a story blatantly wrong,” said one source.

Very possibly, Glueck decided to throw out this rulebook by design. Oracle tends to do things its own way, and Glueck is very much a product of that culture. Indeed, the WSJ wrote a 1,300-word profile about Glueck last year, calling him a “potent weapon” for Oracle.

As for Hvistendahl, she suggests there is another reason Oracle took the route that it did.

In a statement sent to us earlier, she writes that “Ken Glueck has published two lengthy blog posts attacking me and my editor, Ryan Tate. But Oracle has not refuted my central finding, which is that the company marketed its analytics software for use by police in China. Oracle also hasn’t refuted our reporting on Oracle’s sale and marketing of its analytics software to police elsewhere in the world. We found evidence of Oracle selling or marketing analytics software to police in Mexico, Pakistan, Turkey, and the UAE. In Brazil, my colleague Tatiana Dias uncovered police contracts between Oracle and Rio de Janeiro’s notoriously corrupt Civil Police.”

#drama, #oracle, #tc, #twitter

Arm launches its latest chip design for HPC, data centers and the edge

Arm today announced the launch of two new platforms, Arm Neoverse V1 and Neoverse N2, as well as a new mesh interconnect for them. As you can tell from the name, V1 is a completely new product and maybe the best example yet of Arm’s ambitions in the data center, high-performance computing and machine learning space. N2 is Arm’s next-generation general compute platform that is meant to span use cases from hyperscale clouds to SmartNICs and running edge workloads. It’s also the first design based on the company’s new Armv9 architecture.

Not too long ago, high-performance computing was dominated by a small number of players, but the Arm ecosystem has scored its fair share of wins here recently, with supercomputers in South Korea, India and France betting on it. The promise of V1 is that it will vastly outperform the older N1 platform, with a 2x gain in floating-point performance, for example, and a 4x gain in machine learning performance.

Image Credits: Arm

“The V1 is about how much performance can we bring — and that was the goal,” Chris Bergey, SVP and GM of Arm’s Infrastructure Line of Business, told me. He also noted that the V1 is Arm’s widest architecture yet. He noted that while V1 wasn’t specifically built for the HPC market, it was definitely a target market. And while the current Neoverse V1 platform isn’t based on the new Armv9 architecture yet, the next generation will be.

N2, on the other hand, is all about getting the most performance per watt, Bergey stressed. “This is really about staying in that same performance-per-watt-type envelope that we have within N1 but bringing more performance,” he said. In Arm’s testing, NGINX saw a 1.3x performance increase versus the previous generation, for example.

Image Credits: Arm

In many ways, today’s release is also a chance for Arm to highlight its recent customer wins. AWS Graviton2 is obviously doing quite well, but Oracle is also betting on Ampere’s Arm-based Altra CPUs for its cloud infrastructure.

“We believe Arm is going to be everywhere — from edge to the cloud. We are seeing N1-based processors deliver consistent performance, scalability and security that customers want from Cloud infrastructure,” said Bev Crair, senior VP, Oracle Cloud Infrastructure Compute. “Partnering with Ampere Computing and leading ISVs, Oracle is making Arm server-side development a first-class, easy and cost-effective solution.”

Meanwhile, Alibaba Cloud and Tencent are both investing in Arm-based hardware for their cloud services as well, while Marvell will use the Neoverse V2 architecture for its OCTEON networking solutions.

#alibaba, #arm, #aws, #cloud-infrastructure, #cloud-services, #computing, #enterprise, #india, #machine-learning, #nvidia, #oracle, #oracle-cloud, #softbank-group, #south-korea, #svp, #tc, #technology, #tencent

Altman brothers lead B2B payment startup Routable’s $30M Series B

We all know the COVID-19 pandemic has accelerated digital adoption in a number of areas, particularly in the financial services space. Within financial services, there are few spaces hotter than B2B payments.

With a $120 trillion market size, it’s no surprise that an increasing number of fintechs focused on digitizing payments have been attracting investor interest. The latest is Routable, which has nabbed $30 million in a Series B raise that included participation from a slew of high-profile angel investors.

Unlike most raises, Routable didn’t raise the capital from a bunch of VC firms. Sam Altman, CEO of OpenAI and former president of Y Combinator, and Jack Altman, CEO of Lattice, led the round. (The pair are brothers, in case you didn’t know.)

SoftBank-backed unicorn Flexport also participated, along with a number of angel investors, including Instacart co-founder Max Mullen, Airbnb co-founder Joe Gebbia, Box co-founder and CEO Aaron Levie, Salesforce founder and CEO Marc Benioff (who also started TIME Ventures),  DoorDash’s Gokul Rajaram, early Stripe employee turned angel Lachy Groom and Behance founder Scott Belsky.

The Series B comes just over eight months after Routable came out of stealth with a $12 million Series A.

CEO Omri Mor and CTO Tom Harel founded Routable in 2017 after previously working at marketplaces and recognizing the need for better internal tools for scaling business payments. They went through a Y Combinator batch and embarked on a process of interviewing hundreds of CFOs and finance leaders.

The pair found that the majority of the business payment tools that were out there were built for large companies with a low volume of business payments. 

After running enough customer development we identified a huge scramble to solve high-volume business payments, and that’s what we double down on,” Mor told TechCrunch. 

Routable’s mission is simple: to automate bill payment and invoicing processes (also known as accounts payables and accounts receivables), so that businesses can focus on scaling their core product offerings without worrying about payments.

“A business payment is more like moving a bill through Congress, where a consumer payment is more like a tweet,” Mor said. “We automate every step from purchase order to reconciliation and by extending an API, companies don’t have to build their own inner integration. We handle it, while helping them move their money faster.”

Since its August 2020 raise, Routable has seen its revenue grow by 380%, according to Mor. And last month alone, the company tripled its amount of new customers compared to the month prior. Customers include Snackpass, Ticketmaster and Re-Max, among others.

“We’ve been beating every quarter expectation for the past 18 months,” he told TechCrunch.

The company started out focused on the startup and SMB customer, but based on demand and feedback, is expanding into the enterprise space as well.

It has established integrations with QuickBooks, NetSuite and Xero and is looking to invest moving forward in integrating with Oracle, Microsoft Dynamics Workday and SAP. 

“A lot of our investment moving forward is to be able to bring that same level of automation and ease of use that we do for SMB and mid-market customers to the enterprise world,” Mor told TechCrunch.

Lead investor Sam Altman is in favor of that approach, noting that the recent booms in the gig and creator economies are leading to a big spike in the volume of both payments and payees.

“With the addition of enterprise capabilities, we think this can lead to an enormous business,” he said. 

The round brings Routable’s total raised to $46 million. The company has headquarters in San Francisco and Seattle with primarily a remote team. 

Sam Altman also told me that he was drawn to Routable after having experienced the pain of high-volume business payments himself and working with many startup founders who had experienced the same problem.

He was also impressed with the company’s engineering-forward approach.

“They can offer the best service by being embedded in a company’s flow of funds instead of the usual approach of just being an interface for moving money,” Altman said. 

With regard to the other investors, Mor said the decision to partner with founders of a number of prominent tech companies was intentional so that Routable could benefit from their “deep enterprise and high-growth experience.”

As mentioned above, the B2B payments space is white-hot. Earlier this year, Melio, which provides a platform for SMBs to pay other companies electronically using bank transfers, debit cards or credit — along with the option of cutting paper checks for recipients if that is what the recipients request — closed on $110 million in funding at a $1.3 billion valuation.

#aaron-levie, #airbnb, #altman, #b2b, #behance, #doordash, #finance, #financial-services, #flexport, #funding, #fundings-exits, #gokul-rajaram, #instacart, #jack-altman, #joe-gebbia, #lachy-groom, #lattice, #marc-benioff, #netsuite, #open-ai, #oracle, #payments, #president, #recent-funding, #routable, #salesforce, #sam-altman, #san-francisco, #scott-belsky, #seattle, #startups, #venture-capital, #y-combinator

A ‘more honest’ stock market

Hello friends, and welcome back to Week in Review!

Last week, I talked about Clubhouse’s slowing user growth. Well, this week news broke that they had been in talks with Twitter for a $4 billion acquisition, so it looks like they’re still pretty desirable. This week, I’m talking about a story I published a couple days ago that highlights pretty much everything that’s wild about the alternative asset world right now.

If you’re reading this on the TechCrunch site, you can get this in your inbox from the newsletter page, and follow my tweets @lucasmtny.


The big thing

If you successfully avoided all mentions of NFTs until now, I congratulate you, because it certainly does seem like the broader NFT market is seeing some major pullback after a very frothy February and March. You’ll still be seeing plenty of late-to-the-game C-list celebrities debuting NFT art in the coming weeks, but a more sober pullback in prices will probably give some of the NFT platforms that are serious about longevity a better chance to focus on the future and find out how they truly matter.

I spent the last couple weeks, chatting with a bunch of people in one particular community — one of the oldest active NFT communities on the web called CryptoPunks. It’s a platform with 10,000 unique 24×24 pixel portraits and they trade at truly wild prices.

This picture sold for a $1.05 million.

I talked to a dozen or so people (including the guy who sold that one ^^) that had spent between tens of thousands and millions of dollars on these pixelated portraits, my goal being to tap into the psyche of what the hell is happening here. The takeaway is that these folks don’t see these assets as any more non-sensical than what’s going on in more traditional “old world” markets like public stock exchanges.

A telling quote from my reporting:

“Obviously this is a very speculative market… but it’s almost more honest than the stock market,” user Max Orgeldinger tells TechCrunch. “Kudos to Elon Musk — and I’m a big Tesla fan — but there are no fundamentals that support that stock price. It’s the same when you look at GameStop. With the whole NFT community, it’s almost more honest because nobody’s getting tricked into thinking there’s some very complicated math that no one can figure out. This is just people making up prices and if you want to pay it, that’s the price and if you don’t want to pay it, that’s not the price.”

Shortly after I published my piece, Christie’s announced that they were auctioning off nine of the CryptoPunks in an auction likely to fetch at least $10 million at current prices. The market surged in the aftermath and many millions worth of volume quickly moved through the marketplace minting more NFT millionaires.

Is this all just absolutely nuts? Sure.

Is it also a poignant picture of where alternative asset investing is at in 2021? You bet.

Read the full thing.


an illustration of a cardboard ballot box with an Amazon smile on the front

Other things

Here are the TechCrunch news stories that especially caught my eye this week:

Amazon workers vote down union organization attempt
Amazon is breathing a sigh of relief after workers at their Bessemer, Alabama warehouse opted out of joining a union, lending a crushing defeat to labor activists who hoped that the high-profile moment would lead more Amazon workers to organize. The vote has been challenged, but the margin of victory seems fairly decisive.

Supreme court sides with Google in Oracle case
If any singular event impacted the web the most this week, it was the Supreme Court siding with Google in a very controversial lawsuit by Oracle that could’ve fundamentally shifted the future of software development.

Coinbase is making waves
The Coinbase direct listing is just around the corner and they’re showing off some of their financials. Turns out crypto has been kind of hot lately and they’re raking in the dough, with revenue of $1.8 billion this past quarter.

Apple share more about the future of user tracking
Apple is about to upend the ad-tracking market and they published some more details on what exactly their App Tracking Transparency feature is going to look like. Hint: more user control.

Consumers are spending lots of time in apps
A new report from mobile analytics firm App Annie suggests that we’re dumping more of our time into smartphone apps, with the average users spending 4.2 hours a day doing so, a 30 percent increase over two years.

Sonos perfects the bluetooth speaker
I’m a bit of an audio lover, which made my colleague Darrell’s review of the new Sonos Roam bluetooth speaker a must-read for me. He’s pretty psyched about it, even though it comes in at the higher-end of pricing for these devices, still I’m looking forward to hearing one with my own ears.


 

Image Credits: Nigel Sussman

Extra things

Some of my favorite reads from our Extra Crunch subscription service this week:
The StockX EC-1
“StockX is a unique company at the nexus of two radical transitions that isn’t just redefining markets, but our culture as well. E-commerce upended markets, diminishing the physical experience by intermediating and aggregating buyers and sellers through digital platforms. At the same time, the internet created rapid new communication channels, allowing euphoria and desire to ricochet across society in a matter of seconds. In a world of plenty, some things are rare, and the hype around that rarity has never been greater. Together, these two trends demanded a stock market of hype, an opportunity that StockX has aggressively pursued.”

Building the right team for a billion-dollar startup
“I would really encourage you to take some time to think about what kind of company you want to make first before you go out and start interviewing people. So that really is going to be about understanding and defining your culture. And then the second thing I’d be thinking about when you’re scaling from, you know, five people up to, you know, 50 and beyond is that managers really are the key to your success as a company. It’s hard to overstate how important managers, great managers, are to the success of your company.

So you want to raise a Series A
“More companies will raise seed rounds than Series A rounds, simply due to the fact that many startups fail, and venture only makes sense for a small fraction of businesses out there. Every check is a new cycle of convincing and proving that you, as a startup, will have venture-scale returns. Moore explained that startups looking to move to their next round need to explain to investors why now is their moment.”

Until next week,
Lucas M.

And again, if you’re reading this on the TechCrunch site, you can get this in your inbox from the newsletter page, and follow my tweets @lucasmtny.

#alabama, #amazon, #app-annie, #apple, #bessemer, #blockchain, #bluetooth, #bluetooth-speaker, #christies, #coinbase, #cryptocurrency, #e-commerce, #extra-crunch, #gamestop, #google, #operating-systems, #oracle, #real-time-web, #smartphone, #software, #software-development, #sonos, #stockx, #supreme-court, #tc, #techcrunch, #text-messaging, #twitter, #week-in-review

Daily Crunch: The Supreme Court sides with Google in Oracle suit

The Supreme Court announces several tech-related rulings, LG will shut down its smartphone business and we take a deep dive into the story of StockX. This is your Daily Crunch for April 5, 2021.

The big story: The Supreme Court sides with Google in Oracle suit

The U.S. Supreme Court announced a couple of tech-related rulings today. In one, it overturned Oracle’s victory in its copyright battle with Google, which would have otherwise required Google to pay Oracle $8 billion for incorporating pieces of Oracle’s Java software language into the Android mobile operating system.

“In reviewing that decision, we assume, for argument’s sake, that the material was copyrightable,” wrote Justice Stephen Breyer. “But we hold that the copying here at issue nonetheless constituted a fair use. Hence, Google’s copying did not violate the copyright law.”

In addition, the court vacated a ruling declaring that then-President Donald Trump had violated the First Amendment by clocking critics on Twitter. In his opinion on the case, Justice Clarence Thomas argued that companies like Facebook and Google are “at bottom communications networks, and they ‘carry’ information from one user to another” and can therefore be regulated in the same way as telecom carriers.

The tech giants

LG is shutting down its smartphone business worldwide — LG said it will focus its resources in “growth areas” such as electric vehicle components.

Labor relations board sides with Amazon employees over firing — Before being fired last year, Emily Cunningham and Maren Costa had been among the company’s most outspoken critics on staff.

Spotify opens a second personalized playlist to sponsors, after Discover Weekly in 2019 — On Repeat is now open to advertising sponsorships.

Startups, funding and venture capital

India’s Swiggy nears $5B valuation in new $800M fundraise — Swiggy is preparing to expand its business after cutting its workforce to navigate the pandemic.

Knotel co-founder leaves company, describes investor Newmark as ‘a stalking horse’ — The startup filed for bankruptcy earlier this year, its assets acquired by investor and commercial real estate brokerage Newmark.

Byju’s acquires Indian tutor Aakash for nearly $1B — Akash is a 33-year-old chain of physical coaching centers.

Advice and analysis from Extra Crunch

The StockX EC-1 — Now valued at $2.8 billion, StockX has facilitated over 10 million transactions.

Chinese startups rush to bring alternative protein to people’s plates — 2020 could well have been the dawn of alternative protein in China.

(Extra Crunch is our membership program, which helps founders and startup teams get ahead. You can sign up here.)

Everything else

What happens to your NFTs and crypto assets after you die? — A new study finds that only one in four consumers have someone in their life who knows all of their passwords and account details.

Fueled by pandemic, contactless mobile payments to surpass half of all smartphone users in US by 2025 — According to a recent report by analyst firm eMarketer, in-store mobile payments usage grew 29% last year in the U.S.

Start your engines, TechCrunch is (virtually) headed to Detroit — Mark April 15 on your calendars!

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 3pm Pacific, you can subscribe here.

#daily-crunch, #google, #oracle, #policy

The Supreme Court sided with Google in its epic copyright fight against Oracle

The highest court in the land has a lot to say about tech this week. The Supreme Court weighed in on Google’s long legal battle with Oracle on Monday, overturning a prior victory for the latter company that could have resulted in an $8 billion award.

In a 6-2 decision, the court ruled that Google didn’t break copyright laws when it incorporated pieces of Oracle’s Java software language into its own mobile operating system. Google copied Oracle’s code for Java APIs for Android, and the case kicked off a yearslong debate over the reuse of established APIs and copyright.

In 2018, a federal appeals court ruled that Google did in fact violate copyright law by using the APIs and that its implementation didn’t fall under fair use.

“In reviewing that decision, we assume, for argument’s sake, that the material was copyrightable. But we hold that the copying here at issue nonetheless constituted a fair use. Hence, Google’s copying did not violate the copyright law,” Justice Stephen Breyer wrote in the decision, which reverses Oracle’s previous win. Justices Samuel Alito and Clarence Thomas dissented.

“Google’s copying of the Java SE API, which included only those lines of code that were needed to allow programmers to put their accrued talents to work in a new and transformative program, was a fair use of that material as a matter of law,” Breyer wrote.

Google SVP of Global Affairs Kent Walker called the ruling, embedded below, a “big win for innovation, interoperability & computing.”

Click to access 18-956_d18f.pdf

#google, #government, #lawsuit, #oracle, #tc

Will the Texas winter disaster deter further tech migration?

Austin is known for its usually mild winters. But on February 12, a winter storm hit the state — leading to over a week of freezing temperatures. This has resulted in a statewide disaster with millions of Texas residents losing power or water, or both.

It’s too early to tell the exact toll this has all taken in loss of life, property damage and economic activity. But it’s clear that this disaster is, and will continue to be, devastating on many levels. Austin-area hospitals even lost water this week, as an indication of how bad things have been.

Since last Thursday, my own household lost power and got it back multiple times. On February 17, we lost water, with no idea of when it will be restored. I realize there are many worse off than me, so I’ll spare you the pity party, but it’s definitely been a humbling experience. Boiling snow/ice for toilet water and rationing the little bottled water we had left with fear of frozen/bursting pipes. At least we have been warm the past couple of days, as many still don’t have power.

Meanwhile, over the past few months (and years, really), Austin has been making headlines for other news — namely the fact that so many tech companies, founders (ahem, Elon) and investors are either moving their headquarters here (Oracle), building significant factories (Tesla) or offices (Apple, Google, Facebook) here, or are thinking about relocating entirely.

The lack of state income taxes has been a big draw, as well as the housing/land/office prices that are affordable when compared to those in the Bay Area. This is nothing new, but only accelerated as the pandemic has encouraged/forced more remote work.

Ironically, some of the very things that have led to the state being more attractive to companies have also contributed to the crisis: Fewer taxes means less money for infrastructure, for one.

But it goes beyond that. Many other states have had freezing cold temperatures without the loss of power and water that Texas is currently experiencing. As The Washington Post reported earlier this week, the state’s choice to deregulate electricity led to “a financial structure for power generation that offers no incentives to power plant operators to prepare for winter. In the name of deregulation and free markets, critics say, Texas has created an electric grid that puts an emphasis on cheap prices over reliable service.”

Even Elon shared his disappointment on Twitter:

It’s fair to say Texas has attracted widespread criticism of its handling of this new crisis — both in terms of its lack of preparation and mismanagement (Sen. Cruz, we’re looking at you). But are the events of the past week going to take away some of the shine on Austin as a potential relocation destination for tech and investors? Will this deter people from wanting to move here? Isn’t it also ironic that some folks who didn’t want to move here due to the scorching summer temperatures are now also slamming the city/state for the impacts of a major winter storm?

So I did what many other enterprising tech reporters might do in this situation, and took to Twitter. The results were pretty much as expected — varied and passionate on either side.

There were many tweets from Austinites who defended their city and praised how its residents have come together during crises:

Then there were some tweets from people who lived here but are disgusted and disappointed:

There were also some tweets from others who said they were so turned off they’d never contemplate moving to Texas or that they were dismayed by the lack of preparation:

And there were those who don’t live here but scoffed at the notion that this was enough to keep people away, while others pointed out that natural disasters happen all over:

Then there were those who joked that the disaster was engineered as a ploy to “keep California people away,” or at least might have that effect:

I have lived on all three coasts — East, West and Gulf. There are pluses and minuses to each. This likely is enough of a deterrent to keep people away. But I will say that the state could — and should — have been more prepared when it decided to deregulate electricity. I am heartbroken at all the suffering people in the city and state are dealing with and for now, just want to see things get back to “normal” as soon as possible so the only crisis we’re dealing with is the COVID-19 pandemic. Never thought we’d look back fondly on those days.

Here’s to hoping that migration of techies can build solutions that could maybe help prevent similar disasters in the future.

#austin, #california, #climate, #cruz, #electricity, #elon, #facebook, #infrastructure, #oracle, #silicon-valley, #tc, #texas

TikTok parent ByteDance joins patent troll protection group LOT Network

LOT Network, the non-profit that helps businesses of all sizes and across industries defend themselves against patent trolls by creating a shared pool of patents to immunize themselves against them, today announced that TikTik parent ByteDance is joining its group.

ByteDance has acquired its fair share of patents in recent years and is itself embroiled in a patent fight with its rival Triller. That’s not what joining the LOT Network is about, though. ByteDance is joining a group of companies here that includes the likes of IBM, the Coca-Cola Company, Cisco, Lyft, Microsoft, Oracle, Target, Tencent, Tesla, VW, Ford, Waymo, Xiaomi and Zelle. In total, the group now has over 1,300 members.

As LOT CEO Ken Seddon told me, the six-year-old group had a record year in 2020, with 574 companies joining it and bringing its set of immunized patents to over 3 million, including 14% of all patents issued in the U.S.

Among the core features of LOT, which only charges members who make more than $25 million in annual revenue, is that its members aren’t losing control over the patents they add to the pool. They can still buy and trade them as before, but if they decide to sell to what the industry calls a ‘patent assertion entity,’ (PAE) that is, a patent troll, they automatically provide a free licence to that patent to every other member of the group. This essentially turns LOT into what Seddon calls a ‘flu shot ‘ against patent trolls (and one that’s free for startups).

“The conclusion that people are waking up to is, is that we’re basically like a herd, we’re herd immunization, effectively,” Seddon said. “And every time a company joins, people realize that the community of non-members shrinks by one. It’s like those that don’t have the vaccination shrinks — and they are, ‘wait a minute, that makes me a higher risk of getting sued. I’m a bigger target.’ And they’re like, ‘wait a minute, I don’t want to be the target.’”

ByteDance, he argues, is a good example for a company that can profit from membership in LOT. While you may think of patents as purely a sign of a company’s innovativeness, for corporate lawyers, they are also highly effective defense tools (that can be used aggressively as well, if needed). But it can take a small company years to build up a patent portfolio. But a fast-growing, successful company also becomes an obvious target for patent trolls.

“When you are a successful company, you naturally become a target,” Seddon said. “People become jealous and they become threatened by you. And they covet your money and your revenue and your success. One of the ways that companies can defend themselves and protect their innovation is through patents. Some companies grow so fast, they become so successful, that their revenue grows faster than they can grow their patent portfolio organically.” He cited Instacart, which acquired 250 patents from IBM earlier this month, and Airbnb, which was sued by IBM over patent infringement in early 2020 (the companies settled in December), as examples.

ByteDance, thanks to the success of TikTok, now finds itself in a situation where it, too, is likely to become a target of patent trolls. The company has started acquiring patents itself to grow its portfolio faster and now it is joining LOT to strengthen its protection there.

“[ByteDance] is being a visionary and trying to get ahead of the wave,” Seddon noted. “They are a successful global company that needs to develop a global IP strategy. Historically, PAEs were just a US problem, but now ByteDance has to worry about PAEs being an issue in China and Europe as well.  By joining LOT, they protect themselves and their investments from over 3 million patents should they ever fall into the hands of a PAE.”

Lynn Wu, Director and Chief IP Counsel, Global IP and Digital Licensing Strategy at ByteDance, agrees. “Innovation is core to the culture at ByteDance, and we believe it’s important to protect our diverse technical and creative community,” she said in today’s announcement. “As champions for the fair use of IP, we encourage other companies to help us make the industry safer by joining LOT Network. If we work together, we can protect the industry from exploitation and continue advancing innovation, which is key to the growth and success of the entire community.”

There’s another reason companies are so eager to join the group now, though, and that’s because these patent assertion entities, which had faded into the background a bit in the mid- to late-2010s, may be making a comeback. The core assumption here is a bit gloomy: many companies seem to assume we’re in for an economic downturn. If we hit a recession, a lot of patent holders will start looking at their patent portfolios and start selling off some their more valuable patents in order to stay afloat. Since beggars can’t be choosers, that often means they’ll sell to a patent troll if that troll is the highest bidder. Last year, a patent troll sued Uber using a patent sold by IBM, for example (and IBM gets a bit of a bad rap for this, but, hey, it’s business).

That’s what happened after the last recession — though it typically takes a few years for the effect to be felt. Nothing in the patent world moves quickly.

Now, when LOT members sell to a troll, that troll can’t sue other LOT members over it. Take IBM, for example, which joined LOT last year.

“People give IBM a lot of grief and criticism for selling to PAEs, but at least IBM is giving everybody a chance to get a free license,” Seddon told me. “IBM joined LOT last year and what IBM is effectively doing is saying to everybody, ‘look, I joined LOT.’ And they put all of their entire patent portfolio into LOT. And they’re saying to everybody, ‘look, I have the right to sell my patents to anybody I want, and I’m going to sell it to the highest bidder. And if I sell it to a patent troll and you don’t join LOT — and if you get sued by a troll, is that my fault or your fault? Because if you join LOT, you could have gotten a free license.’”

#airbnb, #bytedance, #cisco, #flu, #ford, #ibm, #instacart, #intellectual-property-law, #lawsuit, #lot-network, #lyft, #microsoft, #monopoly, #oracle, #patent, #patent-law, #patent-troll, #software, #tencent, #tesla, #triller, #united-states, #vaccination, #vw, #waymo

Oracle’s TikTok acquisition reportedly “shelved” indefinitely

A casually dressed young woman shrugs while holding the logos of two competing companies.

Enlarge / ¯\_(ツ)_/¯ (credit: Aurich Lawson / Getty Images)

The weird deal Oracle arranged at the behest of the Trump administration to buy TikTok without actually acquiring it has been permanently back-burnered, according to a new report.

The transaction, which has gone effectively nowhere since it was first announced, is now “shelved,” the ever-popular “people familiar with the situation” told The Wall Street Journal. This move effectively puts an end to a saga that played out over many months and many tweets.

Back in August 2020 (roughly a hundred years ago, it now feels like), former President Donald Trump issued an executive order declaring TikTok and another China-based app, WeChat, to be a “national emergency.” A week later, a second order (PDF) gave TikTok’s parent company, Beijing-based ByteDance, 90 days to divest the app to a US owner or cease operations in the States.

Read 9 remaining paragraphs | Comments

#mergers-and-acquisitions, #oracle, #policy, #privacy, #security, #tiktok, #trump

TikTok’s forced sale to Oracle is put on hold

The insane saga of a potential forced sale of TikTok’s US operations is reportedly ending — another victim of the transition to methodical and rational policymaking that appears to be the boring new normal under the Presidency of Joe Biden.

Last fall, the U.S. government under President Donald Trump took a stab at “gangster capitalism” by trying to force the sale of TikTok to a group of buyers including Oracle and Walmart.

While the effort was doomed from the start, with TikTok’s parent company ByteDance winning most of the legal challenges to the government effort, a Rubicon had effectively been crossed where the U.S. government appeared willing to spend political capital to stymie the growth of a successful foreign business on its shores for the flimsiest of security reasons.

Now, The Wall Street Journal is reporting that the efforts by the U.S. government to push the deal forward “have been shelved indefinitely”, citing sources familiar with the process.

However, discussions between TikTok and U.S. national security officials are continuing because there are valid concerns around TikTok’s data collection and the potential for manipulation and censorship of content on the app.

In the meantime, the U.S. is taking a look at all of the potential threats to data privacy and security from intrusions by foreign governments or using tech developed overseas, according to Emily Horne, the spokeswoman for the National Security Council.

“We plan to develop a comprehensive approach to securing U.S. data that addresses the full range of threats we face,” Horne told the WSJ. “This includes the risk posed by Chinese apps and other software that operate in the U.S. In the coming months, we expect to review specific cases in light of a comprehensive understanding of the risks we face.”

Last year, then-President Trump ordered a ban on TikTok intending to force the sale of the Chinese-owned, short form video distribution service to a U.S.-owned investment group.

As part of that process, the Committee on Foreign Investment in the U.S. ordered ByteDance to divest of its U.S. operations.

TikTok appealed that order in court in Washington last November as the U.S. was roiled by the presidential election and its aftermath.

That case is still pending, but separate federal court rulings have blocked the U.S. government from shutting TikTok down.

#bytedance, #donald-trump, #oracle, #oracle-corporation, #president, #tc, #tiktok, #u-s-government, #walmart

Tech and health companies including Microsoft and Salesforce team up on digital COVID-19 vaccination records

A new cross-industry initiative is seeking to establish a standard for digital vaccination records that can be used universally to identify COVID-19 vaccination status for individuals, in a way that can be both secure via encryption and traceable and verifiable for trustworthiness regarding their contents. The so-called ‘Vaccination Credential Initiative’ includes a range of big-name companies from both the healthcare and the tech industry, including Microsoft, Oracle, Salesforce and Epic, as well as the Mayo Clinic, Safe Health, Change Healthcare and the CARIN Alliance to name a few.

The effort is beginning with existing, recognized standards already in use in digital healthcare programs, like the SMART Health Cards specification, which adheres to HL7 FHIR (Fast Healthcare Interoperability Resources) which is a standard created for use in digital health records to make them interoperable between providers. The final product that the initiative aims to establish is an “encrypted digital copy of their immunization credentials to store in a digital wallet of their choice,” with a backup available as a printed QR code that includes W3C-standards verifiable credentials for individuals who don’t own or prefer not to use smartphones.

Vaccination credentials aren’t a new thing – they’ve existed in some form or another since the 1700s. But their use and history is also mired in controversy and accusations of inequity, since this is human beings we’re dealing with. And already with COVID-19, there efforts underway to make access to certain geographies dependent upon negative COVID-19 test results (though such results don’t actually guarantee that an individual doesn’t actually have COVID-19 or won’t transfer it to others).

A recent initiative by LA County specifically also is already providing digital immunization records to individuals via a partnership with Healthvana, facilitated by Apple’s Wallet technology. But Healthvana’s CEO and founder was explicit in telling me that that isn’t about providing a proof of immunity for use in deterring an individual’s social or geographic access. Instead, it’s about informing and supporting patients for optimal care outcomes.

It sounds like this initiative is much more about using a COVID-19 immunization record as a literal passport of sorts. It’s right in the name of the initiative, for once (‘Credential’ is pretty explicit). The companies involved also at least seem cognizant of the potential pitfalls of such a program, as MITRE’s chief digital health physician Dr. Brian Anderson said that “we are working to ensure that underserved populations have access to this verification,” and added that “just as COVID-19 does not discriminate based on socio-economic status, we must ensure that convenient access to records crosses the digital divide.”

Other quotes from Oracle and Salesforce, and additional member leaders confirm that the effort is focused on fostering a reopening of social and ecomicn activity, including “resuming travel,” get[ting] back to public life,” and “get[ting] concerts and sporting events going again.” Safe Health also says that they’ll help facility a “privacy-preserving health status verification” solution that is at least in part “blockchain-enabled.”

Given the urgency of solutions that can lead to a safe re-opening, and a way to keep tabs on the massive, global vaccination program that’s already underway, it makes sense that a modern approach would include a digital version of historic vaccination record systems. But such an approach, while it leverages new conveniences and modes made possible by smartphones and the internet, also opens itself up to new potential pitfalls and risks that will no doubt be highly scrutinized, particularly by public interest groups focused on privacy and equitable treatment.

#articles, #ceo, #encryption, #epic, #health, #healthcare, #healthvana, #mayo-clinic, #microsoft, #oracle, #regulation, #salesforce, #smartphones, #standards, #tc, #vaccination

Accel Partners heads down to Georgia to invest in DecisionLink, leading an $18.5 million round

DecisionLink, an Atlanta-based company that provides software for cost-benefit analyses of business services from a customer’s perspective, has managed to woo one of Silicon Valley’s top venture firms to invest in its latest $18.5 million round of funding.

Accel Partners has a long-standing reputation as one of the Bay Area’s premier investment firms, and it’s leading DecisionLink’s latest round. Their investment comes on the heels of billion dollar valuations for Atlanta companies like Calendly, Greenlight Financial Technologies, OneTrust, and the $800 million acquisition of Kabbage.

Other investors in the round included George Kurtz, the president and chief executive of CrowdStrike, and George Roberts, a partner at OpenView Venture Partners and the former executive vice president of North American sales at Oracle.

“Value Management [sic] as a practice is now a C-suite priority and increasingly considered an enterprise-critical function alongside software systems like CRM, marketing automation, and project management,” said Sameer Gandhi, Partner, Accel, in a statement. “In 2019, we invested in a SAFE round in DecisionLink because we believed in the market opportunity for scalable [value management]. Now, we have been so impressed by DecisionLink’s execution and its ability to drive this transformation on behalf of customers, that we are excited to lead its Series A round.”

Businesses are constantly looking for ways to benchmark themselves against their competitors or find new ways to better service them. Most of these strategies don’t take off, or are variations on a theme, but value management seems to have legs — especially given the accessibility of all kinds of benchmarking data points that are publicly available.

Accel-backed portfolio companies like CrowdStrike, PagerDuty, and DocuSign are using the service and so are companies like ServiceNow, Marketo, NCR, and VMWare.

These are big names in enterprise software, and the signal that their adoption of DecisionLink’s software provided must have played a role in Accel’s decision to invest.

#accel, #crowdstrike, #docusign, #kabbage, #marketo, #oracle, #pagerduty, #servicenow, #tc, #vmware

Madrona promotes Anu Sharma and Daniel Li as Partners

Fresh off the announcement of more than $500 million in new capital across two new funds, Seattle-based Madrona Venture Group has announced that they’re adding Anu Sharma and Daniel Li to the team’s list of Partners.

The firm, which in recent years has paid particularly close attention to enterprise software bets, invests heavily in the early-stage Pacific Northwest startup scene.

Both Li and Sharma are stepping into the Partner role after some time at the firm. Li has been with Madrona for five years while Sharma joined the team in 2020. Prior to joining Madrona, Sharma led product management teams at Amazon Web Services, worked as a software developer at Oracle and had a stint in VC as an associate at SoftBank China & India. Li previously worked at the Boston Consulting Group.

I got the chance to catch up with Li who notes that the promotion won’t necessarily mean a big shift in his day-to-day responsibilities — “At Madrona, you’re not promoted until you’re working in the next role anyway,” he says — but that he appreciates “how much trust the firm places in junior investors.”

Asked about leveling up his venture career during a time when public and private markets seem particularly flush with cash, Li acknowledges some looming challenges.

“On one hand, it’s just been an amazing five years to join venture capital because things have just been up and to the right with lots of things that work; it’s just a super exciting time,” Li says. “On the other hand, from a macro perspective, you know that there’s more capital flowing into VC as an asset class than ever before. And just from that pure macro perspective, you know that that means returns are going to be lower in the next 10 years as valuations are higher.”

Nevertheless, Li is plenty bullish on internet companies claiming larger swaths of the global GDP and hopes to invest specifically in “low code platforms, next-gen productivity, and online communities,” Madrona notes in their announcement, while Sharma plans to continue looking at to “distributed systems, data infrastructure, machine learning, and security.”

TechCrunch recently talked to Li and his Madrona colleague Hope Cochran about some of the top trends in social gaming and how investors were approaching new opportunities across the gaming industry.

#amazon-web-services, #finance, #hope-cochran, #india, #internet, #investment, #machine-learning, #madrona-venture-group, #online-communities, #oracle, #seattle, #softbank, #softbank-group, #tc, #venture-capital, #web-services

Oracle joins Silicon Valley’s Texas exodus

Multistory glass buildings ring a retention pond.

Enlarge / Oracle’s previous headquarters in Redwood City, California. (credit: David Paul Morris/Bloomberg via Getty Images)

Oracle is moving its global headquarters from Silicon Valley to Austin, Texas, the company announced in a filing with the Securities and Exchange Commission.

“Oracle is implementing a more flexible employee work location policy and has changed its Corporate Headquarters from Redwood City, California, to Austin, Texas,” Oracle wrote in its quarterly SEC filing. “We believe these moves best position Oracle for growth and provide our personnel with more flexibility about where and how they work.”

The company will continue to maintain an office at its previous headquarters in Redwood City, California, and other offices around the country. Oracle has 135,000 employees.

Read 6 remaining paragraphs | Comments

#apple, #austin, #larry-ellison, #oracle, #policy, #texas

Oracle vulnerability that executes malicious code is under active attack

Screenshot of Oracle interface.

Enlarge (credit: Oracle)

Attackers are targeting a recently patched Oracle WebLogic vulnerability that allows them to execute code of their choice, including malware that makes servers part of a botnet that steals passwords and other sensitive information.

WebLogic is a Java enterprise application that supports a variety of databases. WebLogic servers are a coveted prize for hackers, who often use them to mine cryptocurrency, install ransomware, or as an inroad to access other parts of a corporate network. Shodan, a service that scans the Internet for various hardware or software platforms, found about 3,000 servers running the middleware application.

CVE-2020-14882, as the vulnerability is tracked, is a critical vulnerability that Oracle patched in October. It allows attackers to execute malicious code over the Internet with little effort or skill and no authentication. Working exploit code became publicly available eight days after Oracle issued the patch.

Read 4 remaining paragraphs | Comments

#biz-it, #cve-2020-14750, #cve-2020-14882, #exploits, #oracle, #vulnerabilities, #weblogic

AWS goes after Microsoft’s SQL Server with Babelfish for Aurora PostgreSQL

AWS today announced a new database product that is clearly meant to go after Microsoft’s SQL Server and make it easier — and cheaper — for SQL Server users to migrate to the AWS cloud. The new service is Babelfish for Aurora PostgreSQL. The tagline AWS CEO Andy Jassy used for this service in his re:Invent keynote today is probably telling: “Stop paying for SQL Server licenses you don’t need.” And to show how serious it is about this, the company is even open-sourcing the tool.

What Babelfish does is provide a translation layer for SQL Server’s proprietary SQL dialect (T-SQL) and communications protocol so that businesses can switch to AWS’ Aurora relational database at will (though they’ll still have to migrate their existing data). It provides translations for the dialect, but also SQL commands,  cursors, catalog views, data types, triggers, stored procedures and functions.

The promise here is that companies won’t have to replace their database drivers or rewrite and verify their database requests to make this transition.

“We believe Babelfish stands out because it’s not another migration service, as useful as those can be. Babelfish enables PostgreSQL to understand database requests—both the command and the protocol—from applications written for Microsoft SQL Server without changing libraries, database schema, or SQL statements,” AWS’s Matt Asay writes in today’s announcement. “This means much faster ‘migrations’ with minimal developer effort. It’s also centered on ‘correctness,’ meaning applications designed to use SQL Server functionality will behave the same on PostgreSQL as they would on SQL Server.”

PostgreSQL, AWS rightly points out, is one of the most popular open-source databases in the market today. A lot of companies want to migrate their relational databases to it — or at least use it in conjunction with their existing databases. This new service is going to make that significantly easier.

The open-source Babelfish project will launch in 2021 and will be available on GitHub under the Apache 2.0 license.

“It’s still true that the overwhelming majority of relational databases are on-premise,” AWS CEO Andy Jassy said. “Customers are fed up with and sick of incumbents.” As is tradition at re:Invent, Jassy also got a few swipes at Oracle into his keynote, but the real target of the products the company is launching in the database area today is clearly Microsoft.

#224, #andy-jassy, #artificial-intelligence, #aws, #aws-reinvent-2020, #ceo, #cloud, #cursor, #data-management, #databases, #developer, #github, #microsoft, #oracle, #relational-database, #sql, #tc

Zilliz raises $43 million as investors rush to China’s open source software

For years, founders and investors in China had little interest in open source software because it did not seem like the most viable business model. Zilliz‘s latest financing round shows that attitude is changing. The three-year-old Chinese startup, which builds open source software for processing unstructured data, recently closed a Series B round of $43 million.

The investment, which catapults Zilliz’s to-date raise to over $53 million, is a sizable amount for any open source business around the world. Storied private equity firm Hillhouse Capital led the round joined by Trustbridge Partners, Pavilion Capital, and existing investors 5Y Capital (formerly Morningside) and Yunqi Partners.

Investors are going after Zilliz as they increasingly recognize open source as an effective software development strategy, Charles Xie, founder and CEO of Zilliz, told TechCrunch at an open source meetup in Shenzhen where he spoke as the first Chinese board chairperson for Linux Foundation’s AI umbrella, LF AI.

“Investors are seeing very good exits for open source companies around the world in recent years, from Elastic to MongoDB,” he added.

“When Starlord [Xie’s nickname] first told us his vision for data processing in the future digital age, we thought it was a crazy idea, but we chose to believe,” said 5Y Capital’s partner Liu Kai.

There’s one caveat for investing in the area: don’t expect to make money in the first 3 to 5 years. “But if you’re looking at an 8 to 10-year cycle, these [open source] companies can gain valuation at tens of billions of dollars,” Xie reckoned.

After six years as a software engineer at Oracle, Xie left the U.S. and headed home to start Zilliz in China. Like many Chinese entrepreneurs these days, Xie named his startup in English to mark the firm’s vision to be “global from day one.” While Zilliz set out in Shanghai, the goal is to relocate its headquarters to Silicon Valley when the firm delivers “robust technology and products” in the next 12 months, Xie said. China is an ideal starting point both for the cheaper engineering talents and the explosive growth of unstructured data — anything from molecular structure, people’s shopping behavior, audio information to video content.

“The amount of unstructured data in a region is in proportion to the size of its population and the level of its economic activity, so it’s easy to see why China is the biggest data source,” Xie observed.

On the other hand, China has seen rapid development in mobile internet and AI, especially in terms of real-life applications, which Xie argued makes China a suitable testing ground for data processing software.

So far Zilliz’s open source product Milvus has been “starred” over 4,440 times on GitHub and attracted some 120 contributors and 400 enterprise users around the world, half of whom are outside China. It’s done so without spending a penny on advertising; rather, user acquisition has come from its active participation on GitHub, Reddit, and other online developer communities.

Going forward, Zilliz plans to deploy its fresh capital in overseas recruitment, expanding its open source ecosystem, as well as research and development in its cloud-based products and services, which will eventually become a revenue driver as it starts monetizing in the second half of 2021.

#asia, #china, #data-management, #developer, #hillhouse-capital, #linux, #linux-foundation, #mongodb, #open-source, #open-source-software, #oracle, #pavilion-capital, #recent-funding, #saas, #shanghai, #trustbridge-partners, #yunqi-partners

ByteDance asks federal appeals court to vacate U.S. order forcing it to sell TikTok

In a new filing, TikTok’s parent company ByteDance asked the federal appeals court to vacate the United States government order forcing it to sell the app’s American operations.

President Donald Trump issued an order in August requiring ByteDance to sell TikTok’s U.S. business by November 12, unless it was granted a 30-day extension by the Committee on Foreign Investment in the United States (CFIUS). In today’s filing (embedded below) with the federal appeals court in Washington D.C., ByteDance said it asked the CFIUS for an extension on November 6, but the order hasn’t been granted yet.

It added it remains committed to “reaching a negotiated mitigation solution with CFIUS satisfying its national security concerns” and will only file a motion to stay enforcement of the divestment order “if discussions reach an impasse.”

Security concerns about TikTok’s ownership by a Chinese company were at the center of the executive order Trump signed in August, banning transactions with Beijing-headquartered ByteDance.

The executive order claimed that TikTok posed a threat to national security, though ByteDance maintains that it does not. But in order to prevent the app, which has about 100 million users in the U.S., from being banned, ByteDance reached a deal in September to sell 20% of its stake in TikTok to Oracle and Walmart. With the Biden administration set to take office in January and ByteDance’s ongoing legal challenge against the divestment order, however, the future of the deal is now uncertain.

The new filing is part of a lawsuit TikTok filed against the Trump administration on September 18, seeking to stop the ban from going into effect.

In a statement to Bloomberg, TikTok said it has been working with the CFIUS to address its national security concerns.

“In the nearly two months since the President gave his preliminary approval to our proposal to satisfy those concerns, we have offered detailed solutions to finalize that agreement—but have received no substantive feedback on our extensive data privacy and security framework,” it said.

With the divestment order set to go into effect on Thursday unless the CFIUS grants an extension, TikTok said it made the filing “to defend our rights and those of our more than 1,500 employees in the U.S.”

TechCrunch has contacted ByteDance for comment.

TikTok asks U.S. federal appeals court to vacate U.S. divestment order by TechCrunch on Scribd

#apps, #asia, #bytedance, #china, #oracle, #tc, #tiktok, #u-s-government, #walmart

Hackers are on the hunt for Oracle servers vulnerable to potent exploit

Photograph of computer server.

Enlarge (credit: Victorgrigas)

Hackers are scanning the Internet for machines that have yet to patch a recently disclosed flaw that force Oracle’s WebLogic server to execute malicious code, a researcher warned Wednesday night.

Johannes Ullrich, dean of research at the SANS Technology Institute, said his organization’s honeypots had detected Internetwide scans that probe for vulnerable servers. CVE-2020-14882, as the vulnerability is tracked, has a severity rating of 9.8 out of 10 on the CVSS scale. Oracle’s October advisory accompanying a patch said exploits are low in complexity and require low privileges and no user interaction.

“At this point, we are seeing the scans slow down a bit,” Ullrich wrote in a post. “But they have reached ‘saturation’ meaning that all IPv4 addresses have been scanned for this vulnerability. If you find a vulnerable server in your network: Assume it has been compromised.”

Read 5 remaining paragraphs | Comments

#biz-it, #cve-2020-14882, #exploits, #oracle, #vulnerabilities, #weblogic

Salto raises $27M to let you configure your SaaS platforms with code

Salto, a Tel Aviv-based open-source startup that allows you to configure SaaS platforms like Salesforce, NetSuite and HubSpot with code, is coming out of stealth today and announced that it has raised a $27 million Series A round. This round was led by Bessemer Venture Partners, Lightspeed Venture Partners and Salesforce Ventures.

The general idea here — which is similar to the ‘infrastructure-as-code’ movement — is to allow business operations teams to automate the labor-intensive and error-prone ways they currently use to manage SaaS platforms. While others in this space are betting on no-code solutions for managing these systems, Salto is going the other way and is betting on code instead.

“We realized the challenges BizOps teams face are very similar to the problems encountered by software and DevOps engineers on a daily basis,” writes Salto co-founder and CEO Rami Tamir in today’s announcement. “So we adapted software development fundamentals and best practices to the BizOps field. There’s no need to reinvent the wheel; the same techniques used to make high-quality software can also be applied to keeping control over business applications.”

Image Credits: Salto

Salto makes the core of its service available as open source. This open-source version includes the company’s NaCI language, a declarative configuration language based on the syntax of HashiCorp’s hcl, a command-line interface for deploying configuration changes (and fetching the current configuration state of an application) and a VS Code extension.

In combination with Git, business operations teams can collaborate on writing these configurations and test them in staging environments. The company is essentially taking modern software development practices and applying them to business operations.

Image Credits: Salto

“Defining a company’s business logic as code can make a fundamental change in the way business applications are delivered,” writes Tamir. “We like to think about it as ‘company-as-code,’ much in the same way as ‘infrastructure-as-code’ transformed the way we manage data centers.”

Some of the use cases here are configuring custom Salesforce CPQ fields, and syncing profiles across Salesforce environments and maintaining audio logs for NetSuite. For now, the company only supports connections to Salesforce, HubSpot and NetSuite, with others following soon.

Like other open-source companies, Salto’s business model involved selling a hosted version of its service, which the company is also announcing today.

In terms of raising this new round, it surely helped that the founding team, which includes Benny Schnaider and Gil Hoffer, in addition to Tamir, previously sold the three companies they founded. Pentacom was acquired by Cisco earlier this year; Oracle acquired Ravello Systems in 2016 and Qumranet was acquired by Red Hat in 2008.

“Business agility is more important than ever today, and the alignment of external business services to real business needs is increasing in strategic importance,” said Alex Kayyal, Partner and Head of International at Salesforce Ventures . “BizOps teams are becoming more and more crucial to the success of companies. With Salto they are empowered to meet the tasks they are charged with, equipped with modernized methodologies and a greatly enhanced toolbox.”

#bessemer-venture-partners, #cisco, #cloud-applications, #computing, #devops, #head, #hubspot, #lightspeed-venture-partners, #netsuite, #oracle, #oracle-corporation, #ravello-systems, #red-hat, #salesforce, #salesforce-ventures, #salto, #software, #software-as-a-service, #tc, #tel-aviv

The need for true equity in equity compensation

I began my career at Oracle in the mid-1980s and have since been around the proverbial block, particularly in Silicon Valley working for and with companies ranging from the Fortune 50 to global consulting companies to leading a number of startups, including the SaaS company I presently lead. Throughout my career, I’ve carved out a niche not only working with technology companies, but focused on designing and implementing global compensation programs.

In short, if there’s two things I know like the back of my hand, it’s tech and how people are paid.

The compensation evolution I’ve witnessed over these past 35+ years has been dramatic. Among other things, there has been a fundamentally seismic shift in how women are perceived and paid, principally for the better. Some of it, in truth, has been window dressing. It’s good PR to say you’re a company with a strong culture focused on diversity, as it helps attract top talent. But the rubber meets the road once hires get past the recruiter. When companies don’t do what they say, we see mass exoduses and even lawsuits, as has recently been the case at Pinterest and Carta.

So with the likes of Intel, Salesforce and Apple publicly committed to gender pay equity, there’s nothing left to see here, right? Actually, we’re not even close. Yes, the glass ceiling is cracking. But significant, largely unaddressed gaps remain relative to the broader scope of long-tail compensation for women, especially at startups, where essential measures of economic reward such as stock options in companies are often not even part of the conversation around pay parity.