Tesla CEO Elon Musk promised a more powerful powertrain option in future Model S, Model X and the next-generation Roadster sports car that will push acceleration and speed beyond the current high bar known as Ludicrous mode.
Musk tweeted Wednesday evening “the only thing beyond Ludicrous is Plaid,” a teaser to a higher performing vehicle and a nod to the movie Spaceballs.
These new higher performing versions of the Model S, Model X, and Roadster will contain what Musk describes as a Plaid powertrain and is still about a year away from production. This new powertrain will have three motors, one more than the dual motor system found in today’s Model S and X.
Yes. To be clear, Plaid powertrain is about a year away from production & applies to S,X & Roadster, but not 3 or Y. Will cost more than our current offerings, but less than competitors.
— Elon Musk (@elonmusk) September 12, 2019
This Plaid powertrain has already seen some action. Tesla revealed Wednesday that a Model S equipped with a Plaid powertrain and chassis prototype had lapped Laguna Seca racetrack in 1:36:555, a second faster than the record for a four-door sedan.
*~ Some personal news ~*
We lapped Laguna Seca @WeatherTechRcwy in 1:36.555 during advanced R&D testing of our Model S Plaid powertrain and chassis prototype
(That’s a second faster than the record for a four-door sedan) pic.twitter.com/OriccK4KCZ
— Tesla (@Tesla) September 12, 2019
The “Plaid” powertrain will not be offered in the lower cost Model 3 or Model Y, which isn’t expected to go into production until late 2020. Musk also promised that this plaid powertrain will cost more than “current offerings, but will be less than competitors” without explaining what that means.
Cclose followers of the automaker might recall hints of a three motor powertrain in the past.
When Tesla unveiled a new Roadster prototype in November 2017, Musk said it would have three motors and be able to travel a whopping 0 to 60 miles per hour in 1.9 seconds and a top speed of 250 mph or even more. The Roadster isn’t expected to go into production until 2020.
What is new are Tesla’s plans to make this more powerful three-motor powertrain available in the Model S and Model X. And it stands to be an important option, if it does in fact materialize. The Model S has been around since 2012 and since the introduction the cheaper Model 3, sales have dipped.
And yet, Musk has said the X and S won’t be getting a major refresh. If Tesla hopes to maintain demand for either of its higher margin luxury vehicles, new trims like this plaid powertrain will be essential.
Tesla first announced Ludicrous mode in its Model S vehicles way back in July 2015. As shareholders and customers awaited the Model X to arrive, Musk unveiled several options for the company’s Model S sedan, including a lower priced version, longer battery range and “Ludicrous mode” for even faster acceleration.
Ludicrous mode, which improved acceleration by 10% to let drivers go from 0 to 60 mph in 2.8 seconds, came about as a result of an improved battery fuse. This new fuse, Musk explained in a blog post at the time, has its own electronics and a tiny lithium-ion battery that monitors current and protects against excessive current.
Tesla also upgraded the main pack contactor with a high-temperature space-grade superalloy instead of steel. This enabled the battery pack to remain “springy” under the heat of heavy current. In the end, the max pack output increased from 1300 to 1500 Amps.
Ludicrous was a $10,000 add on for new buyers. Tesla did reduce the price for existing Model S P85 owners for the first six months following the announcement and sold them the pack electronics upgrade needed for Ludicrous Mode for $5,000.
Musk joked in this 2015 blog post that there is “one speed faster than ludicrous, but that is reserved for the next generation Roadster in 4 years: maximum plaid.”
Web feature developers are being warned to step up attention to privacy and security as they design contributions.
Writing in a blog post about “evolving threats” to Internet users’ privacy and security, the W3C standards body’s technical architecture group (TAG) and Privacy Interest Group (PING) set out a series of revisions to the W3C’s Security and Privacy Questionnaire for web feature developers.
The questionnaire itself is not new. But the latest updates place greater emphasis on the need for contributors to assess and mitigate privacy impacts, with developers warned that “features may not be implemented if risks are found impossible or unsatisfactorily mitigated”.
In the blog post, independent researcher Lukasz Olejnik, currently serving as an invited expert at the W3C TAG; and Apple’s Jason Novak, representing the PING, write that the intent with the update is to make it “clear that feature developers should consider security and privacy early in the feature’s lifecycle” [emphasis theirs].
“The TAG will be carefully considering the security and privacy of a feature in their design reviews,” they further warn, adding: “A security and privacy considerations section of a specification is more than answers to the questionnaire.”
Security & privacy to be considered early in the web/browser feature’s lifecycle. New high level type of threat "legitimate misuse": just because something is technically possible does not mean it was designed for abuse and it is OK to do so
— Lukasz Olejnik (@lukOlejnik) September 11, 2019
The revisions to the questionnaire include updates to the threat model and specific threats a specification author should consider — including a new high level type of threat dubbed “legitimate misuse“, where the document stipulates that: “When designing a specification with security and privacy in mind, all both use and misuse cases should be in scope.”
“Including this threat into the Security and Privacy Questionnaire is meant to highlight that just because a feature is possible does not mean that the feature should necessarily be developed, particularly if the benefitting audience is outnumbered by the adversely impacted audience, especially in the long term,” they write. “As a result, one mitigation for the privacy impact of a feature is for a user agent to drop the feature (or not implement it).”
“Features should be secure and private by default and issues mitigated in their design,” they further emphasize. “User agents should not be afraid of undermining their users’ privacy by implementing new web standards or need to resort to breaking specifications in implementation to preserve user privacy.”
The pair also urge specification authors to avoid blanket treatment of first and third parties, suggesting: “Specification authors may want to consider first and third parties separately in their feature to protect user security and privacy.”
The revisions to the questionnaire come at a time when browser makers are dialling up their response to privacy threats — encouraged by rising public awareness of the risks posed by data leaks, as well as increased regulatory action on data protection.
Last month the open source WebKit browser engine (which underpins Apple’s Safari browser) announced a new tracking prevention policy that takes the strictest line yet on background and cross-site tracking, saying it would treat attempts to circumvent the policy as akin to hacking — essentially putting privacy protection on a par with security.
Earlier this month Mozilla also pushed out an update to its Firefox browser that enables an anti-tracking cookie feature across the board, for existing users too — demoting third party cookies to default junk.
Even Google’s Chrome browser has made some tentative steps towards enhancing privacy — announcing changes to how it handles cookies earlier this year. Though the adtech giant has studiously avoided flipping on privacy by default in Chrome where third party tracking cookies are concerned, leading to accusations that the move is mostly privacy-washing.
More recently Google announced a long term plan to involve its Chromium browser engine in developing a new open standard for privacy — sparking concerns it’s trying to both kick the can on privacy protection and muddy the waters by shaping and pushing self-interested definitions which align with its core data-mining business interests.
There’s more activity to consider too. Earlier this year another data-mining adtech giant, Facebook, made its first major API contribution to Google’s Chrome browser — which it also brought to the W3C Performance Working Group.
Facebook does not have its own browser, of course. Which means that authoring contributions to web technologies offers the company an alternative conduit to try to influence Internet architecture in its favor.
The W3C TAG’s latest move to focus minds on privacy and security by default is timely.
It chimes with a wider industry shift towards pro-actively defending user data, and should rule out any rubberstamping of tech giants contributions to Internet architecture which is obviously a good thing. Scrutiny remains the best defence against self-interest.
But that’s not all. iOS 13.1 will be available on September 30. Apple had to remove some features of iOS 13.0 at the last minute as they weren’t stable enough, such as Shortcuts automations and the ability to share your ETA in Apple Maps. That’s why iOS 13.1 will be released shortly after iOS 13.
As always, iOS 13 will be available as a free download. If you have an iPhone 6s or later, an iPhone SE or a 7th-generation iPod touch, your device supports iOS 13.
Here’s a quick rundown of what’s new in iOS 13. This year, in addition to dark mode, it feels like every single app has been improved with some quality-of-life updates. The Photos app features a brand new gallery view with autoplaying live photos and videos, smart curation and a more immersive design.
This version has a big emphasis on privacy as well thanks to a new signup option called “Sign in with Apple” and a bunch of privacy popups for Bluetooth and Wi-Fi consent, background location tracking. Apple Maps now features an impressive Google Street View-like feature called Look Around. It’s only available in a handful of cities, but I recommend… looking around as everything is in 3D.
Many apps have been updated, such as Reminders with a brand new version, Messages with the ability to set a profile picture shared with your contacts, Mail with better text formatting options, Health with menstrual cycle tracking, Files with desktop-like features, Safari with a new website settings menu, etc. Read more on iOS 13 in my separate preview.
On the iPad front, for the first time Apple is calling iOS for the iPad under a new name — iPadOS. Multitasking has been improved, the Apple Pencil should feel snappier, Safari is now as powerful as Safari on macOS and more.
The Volkswagen ID.3 that debuted ahead of the IAA International Motor Show in Frankfurt looks like a compact hatchback. And it is.
But inside customers might feel like they’re sitting in a bigger car, thanks to how engineers and designers took advantage of the electric architecture. Without having to contend with an internal combustion engine, there was more room to play around with. A high-voltage flat battery is in the underbody to save space, as well as auxiliary units, such as air conditioning compressor or steering rack, that have been integrated into the vehicle front end.
The ID.3 is as long as a VW Golf, but because it has shorter overhangs, the wheelbase is larger.
Here’s an up close look at the interior.
As a quick recap, the five-seater ID.3 will go into production this year. The all-electric vehicle, which is not coming to the U.S., will start landing in customers’ hands in spring 2020.
The first vehicle to go into production is a special edition called the ID.3 1ST. The special edition will come with a 58 kWh-battery pack with a range of up to 420 kilometers, or about 260 miles, and be offered in three equipment variants. The ID.3 1ST will start under 40,000 euros ($44,200).
Apple is set to announce new iPhone models today. The company is holding a keynote on its campus at 10 AM PT (1 PM in New York, 6 PM in London, 7 PM in Paris). And you’ll be able to watch the event right here as the company is streaming it live.
Rumor has it that the company plans to unveil three new smartphones. The iPhone 11 should replace the iPhone XR in the lineup, while the iPhone 11 Pro and 11 Pro Max should replace the iPhone XS and XS Max respectively.
Apple could also update the Apple Watch with a new titanium version. You can also expect to get the release date of iOS 13, iPadOS 13, tvOS 13, macOS Catalina and watchOS 6. Let’s see if Apple announces the launch dates of Apple TV+ and Apple Arcade as well.
When it comes to less likely announcements that could still happen, Apple has been working on new MacBooks, a new Apple TV with a more powerful system-on-a-chip and new iPads. All eyes are on the new iPhone, but Apple could use today’s conference to announce those other products.
You can watch the live stream directly on this page. For the first time, Apple is streaming its conference on YouTube.
If you have an Apple TV, you can download the Apple Events app in the App Store. It lets you stream today’s event and rewatch old ones. The app icon was updated a few days ago for the event.
And if you don’t have an Apple TV and don’t want to use YouTube, the company also lets you live-stream the event from the Apple Events section on its website. This video feed now works in all major browsers — Safari, Microsoft Edge, Google Chrome and Mozilla Firefox.
Of course, you also can read TechCrunch’s live blog if you’re stuck at work and really need our entertaining commentary track to help you get through your day. We have a team in the room.
Microsoft several years ago acquired the popular iOS app Wunderlist with the intention of building out its own list-making productivity app that brings the best of Wunderlist’s feature set to a larger group of mobile consumers. This is a similar path as Microsoft took with email app Accompli, which later became Microsoft Outlook for mobile devices. In the case of Wunderlist, Microsoft didn’t just rebrand the app — it built a new one called Microsoft To Do. With Wunderlist up and running for years alongside To Do, its founder wants to know if he can just have it back.
According to the tweets, Reber says he’s serious about reacquiring Wunderlist and wants to make it open-source and free. He even tweeted a list of upgrades he’d like to build, including features like shared folders and cross-team collaboration, among other things.
Still sad @Microsoft wants to shut down @Wunderlist, even though people still love and use it. I’m serious @satyanadella @marcusash, please let me buy it back. Keep the team and focus on @MicrosoftToDo, and no one will be angry for not shutting down @Wunderlist. pic.twitter.com/27mIABncLF
— Christian Reber (@christianreber) September 6, 2019
— Christian Reber (@christianreber) September 8, 2019
The founder doesn’t come across as having sour grapes exactly. He just says he’s sad that his plans for Wunderlist didn’t work out, but he’s grateful for the Microsoft exit.
If anything, it seems to be just remorse over the fact that Wunderlist itself will be shut down.
Want to make one thing clear: I feel nothing but gratitude for @Microsoft and everyone involved in the @Wunderlist acquisition in 2015. It made perfect sense, definitely the best thing that ever happened to us. The team there is amazing, I’m friends with many of them. 1/2
— Christian Reber (@christianreber) September 8, 2019
Microsoft had said years ago this was its intention, but also that it would hold off until it felt it has a competitive product that Wunderlist’s users would love.
On Monday, Microsoft unveiled another upgrade for Microsoft To Do, which hints that the Wunderlist shut down could be nearing.
The upgrade delivers a more polished look-and-feel with a wider range of backgrounds, including the Berlin TV tower theme that was popular in Wunderlist.
The app also includes smart lists and a personalized daily planner that offers smart suggestions of tasks that need to be accomplished, Microsoft reminded its users, and it’s supported across a variety of platforms, including iOS, Android, Windows and Mac.
The app is now also integrated with other Microsoft apps like Outlook, Microsoft Planner, Cortana and Microsoft Launcher on Android, among others. And it works with Alexa, if you prefer.
With the release, Microsoft is again pushing users to migrate from Wunderlist to To Do to gain access to these features.
It did not, however, give an end-of-life date for Wunderlist, which is remarkably still a top 100 Productivity app in the U.S. App Store, according to data from App Annie, over four years after its acquisition.
We’ve asked Microsoft if it will share more details around its plans for Wunderlist and if it has any response to Reber’s request.
“Once we have incorporated the best of Wunderlist into Microsoft To Do, we will retire Wunderlist. We look forward to making Microsoft To Do even more useful, intuitive and personal,” a Microsoft spokesperson replied. The company declined to comment on Reber’s tweets.
Microsoft To Do has been installed approximately 5.8 million times worldwide since launch, according to data from Sensor Tower. During that same time frame, Wunderlist was installed about 10 million times.
As for Reber, he says he’s written to Microsoft many times before and now tried to make it more official via Twitter. The offer, he tells TechCrunch, is indeed serious, and the price would be based on the negotiation. “Chances are low, but I’m trying,” he says.
The company — with an Uber-like app that connects truckers and companies to delivery services — will use the funds to upgrade its platform and expand to 10 new countries beyond current operating markets of Nigeria, Togo, Ghana and Kenya.
Since its launch in Lagos, the startup has continued to grow its product offerings, VC backing and customer base. Kobo360 claims a fleet of more than 10,000 drivers and trucks operating on its app. Top clients include Honeywell, Olam, Unilever, Dangote and DHL.
Kobo360’s latest round is also notable for Goldman Sachs’ involvement. Goldman’s participation tracks a growing list of African venture investments made by the U.S. based finance firm.
The company — which has a robust Africa sales network — could raise up to 3 billion yuan (or $426 million).
STAR is the Shanghai Stock Exchange’s new Nasdaq-style board for tech stocks that also went live in July with some 25 companies going public.
Headquartered in Shenzhen — where African e-commerce unicorn Jumia also has a logistics supply-chain facility — Transsion is a top-seller of smartphones in Africa under its Tecno brand.
The company has a manufacturing facility in Ethiopia and recently expanded its presence in India.
Transsion plans to spend the bulk of its STAR Market raise (1.6 billion yuan or $227 million) on building more phone assembly hubs and around 430 million yuan ($62 million) on research and development, including a mobile phone R&D center in Shanghai, a company spokesperson said.
The government of Rwanda will soon issue national policy guidelines to eliminate gas motorcycles in its taxi sector in favor of e-motos, according to a preview of the plan by President Paul Kagame at a public-rally
The director general for the Rwanda Utilities Regulatory Authority, Patrick Nyirishema, confirmed Kagame’s comments were ahead of a national e-mobility plan in the works for the East African nation.
“The president’s announcement is exactly the policy direction we’re in…it’s about converting to electric motos…The policy is prepared, it’s yet to be passed…and is going through the approval process,” Nyirishema told TechCrunch on a call from Kigali.
Motorcycle taxis in Rwanda are a common mode of transit, with estimates of 20 to 30 thousand operating in the capital of Kigali.
Nyirishema explained that converting to e-motorcycles is part of a national strategy to move Rwanda’s entire mobility space to electric. The country will start with public transit operators, such as moto-taxis, and move to buses and automobiles.
Ampersand, a Kigali-based e-moto startup, has already begun to pilot EVs and charging systems in Rwanda and will work with the country’s government on the moto-taxi conversion.
In an ExtraCrunch feature, TechCrunch delved into tech talent accelerator Andela — one of the most recognized and well funded startups operating in Africa.
In a byte, Andela is Series D stage startup ― backed by $180 million in VC ― that trains and connects African software developers to global companies for a fee.
CEO Jeremy Johnson dished on the company’s strategy toward profitability and responded to some of the criticism it receives ― namely a claim the startup is creating a second brain-drain when software developers leave Andela and Africa, to take positions with global companies.
Today Andela has offices in New York and five African countries: Nigeria, Kenya, Rwanda, Uganda, and Egypt ― which largely align with the continent’s top tech VC markets.
Across this network the company recruits software developers, builds software engineers, and deploys teams of software engineers.
Johnson disclosed numbers on Andela’s expected new hires for the year, current developer staff, how many departures the company expects, and how many of those will likely leave their home countries―which actually amounts to a fairly small percentage.
TechCrunch checked in with Nigerian fintech company Interswitch for the latest on its anticipated dual-listing London and Lagos stock exchanges.
A Bloomberg News story (based on background sourcing) revived speculation the IPO could happen this year for the company — which provides much of Nigeria’s digital banking infrastructure and has expanded its operations presence and payments products across Africa and globally.
Reports that Interswitch could be one of the earliest big tech companies out of Africa to go public trace back to 2016, when CEO and founder Mitchell Elegbe told TechCrunch the company was considering a listing before the end of that year.
Last month, an Interswitch spokesperson would neither confirm or deny a pending IPO, per a TechCrunch inquiry. So, it’s still tough to say if or when the company could list. But there are still several reasons why the business (and its possible IPO) are worth keeping an eye on, which we detailed in the update story.
One could be an eventual increase in venture funding to African startups, that could come from Interswitch. Another could be an Interswitch IPO adding another benchmark for global investors to gauge Africa’s tech sector beyond Jumia — the e-commerce company that became the first big tech firm operating in Africa to launch on a major exchange, the NYSE in April.
More Africa-related stories @TechCrunch
African tech around the ‘net
Tesla said Saturday that its Model 3 interiors are now completely free of leather, fulfilling a promise made by CEO Elon Musk at this year’s annual shareholder meeting.
Tesla has been closing in on a leather-free interior for a couple of years now. But a sticking point was the steering wheel, which Musk made mention of at the company’s shareholder meeting in June in response to a request from PETA activist.
“I believe we were close to having a non-heated steering wheel, that’s not leather,” Musk said at the time. “There are some challenges when when heat the non-leather material and also how well it wears over time.”
Musk said Model Y and Model 3 would be vegan by 2020. He wasn’t sure if the company would be able to meet that same goal for the Model S and X.
Model 3 interior is now 100% leather-free pic.twitter.com/2F47zp8A4T
— Tesla (@Tesla) August 31, 2019
Activist shareholders made a proposal in 2015 that Tesla no longer use animal-derived leather in the interiors of its electric vehicles by 2019. While stockholders rejected that proposal, Tesla did begin rolling out more “vegan” interior components in its cars.
The company began by offering leather-free seats as an option. Two years ago, Tesla made the synthetic material standard in its Model 3, Model X and Model S vehicles.
3D printing has become commonplace in the hardware industry, but because few materials can be used for it easily, the process rarely results in final products. A Swiss startup called Spectroplast hopes to change that with a technique for printing using silicone, opening up all kinds of applications in medicine, robotics and beyond.
Silicone is not very bioreactive, and of course can be made into just about any shape while retaining strength and flexibility. But the process for doing so is generally injection molding, great for mass-producing lots of identical items but not so great when you need a custom job.
And it’s custom jobs that ETH Zurich’s Manuel Schaffner and Petar Stefanov have in mind. Hearts, for instance, are largely similar but the details differ, and if you were going to get a valve replaced, you’d probably prefer yours made to order rather than straight off the shelf.
“Replacement valves currently used are circular, but do not exactly match the shape of the aorta, which is different for each patient,” said Schaffner in a university news release. Not only that, but they may be a mixture of materials, some of which the body may reject.
But with a precise MRI the researchers can create a digital model of the heart under consideration and, using their proprietary 3D printing technique, produce a valve that’s exactly tailored to it — all in a couple of hours.
A 3D-printed silicone heart valve from Spectroplast.
Although they have created these valves and done some initial testing, it’ll be years before anyone gets one installed — this is the kind of medical technique that takes a decade to test. So in the meantime they are working on “life-improving” rather than life-saving applications.
One such case is adjacent to perhaps the most well-known surgical application of silicone: breast augmentation. In Spectroplast’s case, however, they’d be working with women who have undergone mastectomies and would like to have a breast prosthesis that matches the other perfectly.
Another possibility would be anything that needs to fit perfectly to a person’s biology, like a custom hearing aid, the end of a prosthetic leg or some other form of reconstructive surgery. And of course, robots and industry could use one-off silicone parts as well.
There’s plenty of room to grow, it seems, and although Spectroplast is just starting out, it already has some 200 customers. The main limitation is the speed at which the products can be printed, a process that has to be overseen by the founders, who work in shifts.
Until very recently Schaffner and Stefanov were working on this under a grant from the ETH Pioneer Fellowship and a Swiss national innovation grant. But in deciding to depart from the ETH umbrella they attracted a 1.5 million Swiss franc (about the same as dollars just now) seed round from AM Ventures Holding in Germany. The founders plan to use the money to hire new staff to crew the printers.
Right now Spectroplast is doing all the printing itself, but in the next couple years it may sell the printers or modifications necessary to adapt existing setups.
You can read the team’s paper showing their process for creating artificial heart valves here.
TechCrunch has learned of a safety issue and a number of product reliability questions being raised about a modular computer made by a London edtech startup that’s intended for children to learn coding and electronics.
The product, called the pi-top 3, is a Raspberry Pi-powered laptop with a keyboard that slides out to access a rail for breadboarding electronics.
A student at a US school had to be attended by a nurse after touching a component in the device which had overheated, leaving them with redness to their finger.
A spokesperson for Cornell Tech confirmed the incident to us — which they said had happened in June. We’ve withheld the name of the school at their request.
In an internal pi-top email regarding this incident, which we’ve also reviewed, it describes the student being left with “a very nasty finger burn”.
Cornell Tech’s spokesperson told us it has stopped using the pi-top 3 — partly in response to this incident but also because of wider reliability issues with the device. They said some of their grad students will be working on a project with the K-12 team next semester with the aim of creating an alternative that’s more reliable, affordable and safe.
We have also been told of concerns about wider reliability issues with the pi-top 3 by a number of other sources.
We asked pi-top for comment on the safety incident at Cornell Tech and for details of how it responded. The company provided us with a statement in which it claims: “pi–top incorporates all possible safeguards into our products to ensure they are safe.”
“As soon as we became aware of this incident we immediately investigated what had happened,” it went on. “We discovered that the incident was a one-in-a-million occurrence. The user dropped a piece of metal, with a specific size and shape, under the unit. This fell in such a way that it touched a particular pin and caused a linear regulator to heat up. They received a small minor burn to the tip of one finger when they tried to recover that piece of metal.”
“This is the only reported incident where a user has been hurt whilst using one of our products,” pi-top added.
It is not clear how many pi-top 3 laptops have been sold to schools at this stage because pi-top does not break out sales per product. Instead it provided us with a figure for the total number of devices sold since it was founded in 2014 — saying this amounts to “more than 200,000 devices in 4 years which have been used by more than half a million people”.
pi-top also says it has sold products to schools in 70 countries, saying “thousands” of schools have engaged with its products. (The bright green color of the laptop is easy to spot in promotional photos for school STEM programs and summer camps.)
The London-based DIY hardware startup began life around five years ago offering a ‘3D-print it yourself‘ laptop for makers via the Kickstarter crowdfunding platform before shifting its focus to the educational market — tapping into the momentum around STEM education that’s seen a plethora of ‘learn to code’ toys unboxed in recent years.
pi-top has raised more than $20M in VC funding to date and now sells a number of learning devices and plug-in components intended for schools to teach STEM — all of which build on the Raspberry Pi microprocessor.
pi-top adds its own layer of software to the Pi as well as hardware additions intended to expand the learning utility (such as a speaker for the pi-top 3 and an “inventors kit” with several electronics projects, including one that lets kids build and program a robot).
The pi-top 3 — its third device — was launched in October 2017, priced between $285-$320 per laptop (without or with a Raspberry Pi 3).
The distinctively bright green laptop is intended for use by students as young as eight years old.
In the internal email discussing the “Cornell failure diagnosis” — which is dated July 16 — pi-top’s head of support and customer success, Preya Wylie, conveys the assessment of its VP of technology, Wil Bennett, that the “unusual failure mode was likely caused by an electrical short on the male 34-pin connector on the underside of the protoboard”.
She goes on to specify that the short would have been caused by the metal SD-card removal tool that’s bundled with the product — noting this was “reported to have been somewhere underneath the protoboard at the time”.
“[Bennett] has recreated the same conditions on his bench in China and has seen the pi-top enter similar failure modes, with an electrical short and subsequent overheating,” she writes.
An additional complication discussed in the email is that the component is designed to stay on at all times in order that the pi-top can respond to the power button being pressed when the unit is off. Wylie writes that this means, if shorted, the component remains “very hot” even when the pi-top has been shut down and unplugged — as heat is generated by the pi-top continuing to draw power from the battery.
Only once the battery has fully depleted will the component be able to cool down.
In the email — which was sent to pi-top’s founder and CEO Jesse Lozano and COO Paul Callaghan — she goes on to include a list of four “initial recommendations to ensure this does not happen again”, including that the company should inform teachers to remove the SD-card removal tool from all pi-top 3 laptops and to remove the SD card themselves rather than letting students do it; as well as advising teachers/users to turn the device off if they suspect something has got lost under the protoboard.
Another recommendation listed in the email is the possibility of creating a “simple plastic cover to go over the hub” to prevent the risk of users’ fingers coming into contact with hot components.
A final suggestion is a small modification to the board to cut off one of the pins to “greatly reduce the chance of this happening again”.
We asked pi-top to confirm what steps it has taken to mitigate the risk of pi–top 3 components overheating and posing a safety risk via the same sort of shorting failure experienced by Cornell Tech — and to confirm whether it has informed existing users of the risk from this failure mode.
An internal pi-top sales document that we’ve also reviewed discusses a ‘back to school’ sales campaign — detailing a plan to use discounts to “dissolve as much pi-top  stock as we can over the next 8 weeks”.
This document says US schools will be targeted from mid August; UK schools/educators from early September; and International Schools Groups from early September. It also includes a strategy to go direct to US Private and Charter Schools — on account of “shorter decision making timelines and less seasonal budgets”.
It’s not clear if the document pre-dates the Cornell incident.
In response to our questions, pi-top told us it is now writing to pi-top 3 customers, suggesting it is acting on some of the initial recommendations set out in Wylie’s July 16 email after we raised concerns.
In a statement the company said: “Whilst it is highly unlikely that this would occur again, we are writing to customers to advise them to take a common-sense approach and switch off the unit if something has got lost inside it. We are also advising customers to remove the SD card tool from the unit. These simple actions will make the remote possibility of a recurrence even less likely.”
In parallel, we have heard additional concerns about the wider reliability of the pi-top 3 product — in addition to the shorting incident experienced by Cornell.
One source, who identified themselves as a former pi-top employee, told us that a number of schools have experienced reliability issues with the device. One of the schools named, East Penn School District in the US, confirmed it had experienced problems with the model — telling us it had to return an entire order of 40 of the pi-top 3 laptops after experiencing “a large volume of issues”.
“We had initially purchased 40 pi-tops for middle level computers classes,” assistant superintendent Laura Witman told us. “I met one of the owners, Jesse, at a STEM conference. Conceptually the devices had promise, but functionally we experienced a large volume of issues. The company tried to remedy the situation and in the end refunded our monies. I would say it was learning experience for both our district and the company, but I appreciate how they handled things in the end.”
Witman did not recall any problems with pi-top 3 components overheating.
A US-based STEM summer camp provider that we also contacted to confirm whether it had experienced issues with the pi-top 3 — a device which features prominently in promotional materials for its program — declined to comment. A spokesman for iD Tech’s program told us he was not allowed to talk about the matter.
A separate source familiar with the pi-top 3 also told us the product has suffered from software reliability issues, including crashes and using a lot of processor power, as well as hardware problems related to its battery losing power quickly and/or not charging. This source, who was speaking on condition of anonymity, said they were not aware of any issues related to overheating.
Asked to respond to wider concerns about the pi-top 3’s reliability, pi-top sent us this statement:
pi–top is a growing and dynamic company developing DIY computing tools which we believe can change the world for the better. In the past four and a half years we have shipped hundreds of thousands of products across our entire product range, and pi–top hardware and software have become trusted assets to teachers and students in classrooms from America to Zimbabwe. pi–top products are hard at work even in challenging environments such as the UN’s Kakuma refugee camp in Northern Kenya.
At the heart of our products is the idea that young makers can get inside our computers, learn how they work and build new and invaluable skills for the future. Part of what makes pi–top special, and why kids who’ve never seen inside a computer before think it’s awesome, is that you have to build it yourself straight out of the box and then design, code and make electronic systems with it. We call this learning.
The nature of DIY computing and electronics means that, very occasionally, things can fail. If they do, pi–top’s modular nature means they can be easily replaced. If customers encounter any issues with any of our products our excellent customer support team are always ready to help.
It is important to say that all electronic systems generate heat and Raspberry Pi is no exception. However, at pi–top we do the very best to mitigate thanks to the cutting-edge design of our hardware. Faults on any of our products fall well below accepted thresholds. Although we are proud of this fact, this doesn’t make us complacent and we continually strive to do things better and provide our customers with world-class products that don’t compromise on safety.
Thousands of schools around the world recognise the fantastic benefits the pi–top , pi–top CEED, and pi–top  brings as a Raspberry Pi-powered device. Our new flagship products, the pi–top  and our learning platform, pi–top Further, take coding education to the next level, as a programmable computing module for makers, creators and innovators everywhere. We are proud of our products and the enormous benefits they bring to schools, students and makers around the world.
We also recently broke the news that pi-top had laid off a number of staff after losing out on a large education contract. Our sources told us the company is restructuring to implement a new strategy. pi-top confirmed 12 job cuts at that stage. Our sources suggest more cuts are pending.
Some notable names departing pi-top’s payroll in recent weeks are its director of learning and research, William Rankin — formerly a director of learning at Apple — who writes on LinkedIn that he joined pi-top in March 2018 to “develop a constructionist learning framework to support pi-top’s maker computing platform”. Rankin left the business this month, per his LinkedIn profile.
pi-top’s chief education and product officer, Graham Brown-Martin — who joined the business in September 2017, with a remit to lead “learning, product design, brand development and communication strategy” to support growth of its “global education business, community and ecosystem” — also exited recently, leaving last month per his LinkedIn.
In another change this summer pi-top appointed a new executive chairman of its board: Stanley Buchesky, the founder of a US edtech seed fund who previously served in the Trump administration as an interim CFO for the US department for education under secretary of state, Betsy DeVos.
Buchesky’s fund, which is called The EdTech Fund, said it had made an investment in pi-top last month. The size of the investment has not been publicly disclosed.
Buchesky took over the chairman role from pi-top board member and investor Eric Wilkinson: A partner at its Series A investor, Hambro Perks. Wilkinson remains on the pi-top board but no longer as exec chairman.
The job cuts and restructuring could be intended to prepare pi-top for a trade sale to another STEM device maker, according to one of our sources.
Meanwhile pi-top’s latest device, the pi-top 4, represents something of a physical restructuring of its core edtech computing proposition which looks intended to expand the suggestive utility it offers teachers via multiple modular use-cases — from building drones and wheeled robots to enabling sensor-based IoT projects which could check science learning criteria, all powered by pi-top’s encased Raspberry Pi 4.
Out of the box, the pi-top 4 is a computer in a box, not a standalone laptop. (Though pi-top does plan to sell a range of accessories enabling it be plugged in to power a touchscreen tablet or a laptop, and more.)
pi-top is in the process of bringing the pi-top 4 to market after raising almost $200,000 on Kickstarter from more than 500 backers. Early backers have been told to expect it to ship in November.
While pi-top’s predecessor product is stuck with the compute power of the last-gen Raspberry Pi 3 (the pi-top 3 cannot be upgraded to the Raspberry Pi 4), the pi-top 4 will have the more powerful Pi 4 as its engine.
However the latter has encountered some heat management issues of its own.
The Raspberry Pi Foundation recently put out a firmware update that’s intended to reduce the microprocessor’s operating temperature after users had complained it ran hot.
Asked whether the Foundation has any advice on encasing the Raspberry Pi 4, in light of the heat issue, founder Eben Upton told us: “Putting the Pi in a case will tend to cause it to idle at a higher temperature than if it is left in the open. This means there’s less temperature ‘in reserve’, so the Pi will throttle more quickly during a period of sustained high-intensity operation.”
“In general, the advice is to choose a case which is appropriate to your use case, and to update firmware frequently to benefit from improvements to idle power consumption as they come through,” he added.
TechCrunch’s Steve O’Hear contributed to this report
Nearly 200 startups have just graduated from the prestigious San Francisco startup accelerator Y Combinator . The flock of companies are now free to proceed company-building with a fresh $150,000 check and three-months full of tips and tricks from industry experts.
As usual, we sent several reporters to YC’s latest demo day to take notes on each company and pick our favorites. But there were many updates to the YC structure this time around and new trends we spotted from the ground that we’ve yet to share.
Healthtech is apparently in a golden age. Just a few weeks ago, Livongo and Health Catalyst raised a combined $500 million through IPOs with a joint valuation reaching $3.5 billion. Deals such as these are catalyzing a record-breaking 2019, with digital health deal activity expected to surpass the $8.1 billion invested in 2018.
Amidst such abundance, the digital health ecosystem is thriving: as of 2017, greater than 300,000 mobile applications and 340 consumer wearable devices existed—with 200 new mobile applications added daily. No theme has been more important to this fundraising than artificial intelligence and machine learning (AI/ML), a space which captured more than one-quarter of healthtech funding in 2018.
Yet, how many of these technologies will prove valuable in medical, ethical, or financial terms?
Our research group at Stanford addressed this question by taking a deeper dive into the saying that, in AI/ML, “garbage in equals garbage out.” We did this by distinguishing digital health algorithms leveraging AI/ML from their underlying training data, documenting the numerous consequences to the outputs of these technologies should the inputs resemble, well, “garbage.”
For example, the utility of genetic risk scores provided by companies such as 23andMe and AncestryDNA (which have estimated valuations of $1.75 and $2.6 billion, respectively) may be limited due to diagnostic biases stemming from the underrepresentation of diverse populations.
Responding to such observations, we provide a variety of recommendations to the developers, inventors, and founders spearheading the advancement of digital health—as well as the funders supporting this charge forward—to ensure that their innovations are valuable to the stakeholders they target.
The 2019 Audi e-tron has become the first battery-electric vehicle to earn a top safety rating from the Insurance Institute for Highway Safety, an achievement that Tesla and other electric models like the Chevy Bolt have not been able to capture.
Scoring an IIHS top safety award isn’t easy. A vehicle has to earn good ratings in six crashworthiness evaluations, as well as an advanced or superior rating for front crash prevention and a good headlight rating.
IIHS said Wednesday that the e-tron fulfills the criteria to earn a top safety rating with standard equipment. The vehicle performed well in crashworthiness testing, earning good ratings in the driver-side small overlap front, passenger-side small overlap front, moderate overlap front, side, roof strength and head restraint tests, according to IIHS.
The SUV’s standard front crash prevention system rated superior in IIHS track tests. It avoided a collision in the 25 mph test and reduced its impact speed by an average of 11 mph in the 12 mph test. Its forward collision warning component meets National Highway Traffic Safety Administration criteria.
The award provides a much needed boost to the e-tron. There’s a lot riding on the e-tron, the German automaker’s first mass-produced electric vehicle. And while TechCrunch’s Matt Burns found it quick, comfortable and familiar, the vehicle has had a rocky start that included a voluntary recall in the U.S. due to the risk of battery fire.
Tesla has gotten close to the top safety pick designation. A Tesla Model S was tested in 2017 and performed well, but fell short of earning the top score due to poor headlights and an “acceptable” score in the small overlap crash test. The IIHS has never tested the Tesla Model X.
The electric automaker does have another chance. This time, it’s with the Tesla Model 3, which IIHS is currently testing, according to a recent tweet from the organization.
Tests of the 2019 Tesla Model 3 commence next week with the side crash test. pic.twitter.com/yXtbGDC9h9
— IIHS (@IIHS_autosafety) August 7, 2019
The Model 3 has already achieved an all-around five-star safety rating from the National Highway Traffic Safety Administration. Despite the high marks, NHTSA and Tesla have tussled over how the automaker has characterized the rating in an October 7 blog post when it said the Model 3 had achieved the lowest probability of injury of any vehicle the agency ever tested.
Earlier this month, Hyundai’s hydrogen fuel cell SUV, the Nexo, became the first fuel cell vehicle to be tested and to earn IIHS’s top safety award.
Forget the keycard or phone app, one software engineer is trying out a new way to unlock and start her Tesla Model 3.
Amie DD, who has a background in game simulation and programming, recently released a video showing how she “biohacked” her body. The software engineer removed the RFID chip from the Tesla Model 3 valet card using acetone, then placed it into a biopolymer, which was injected through a hollow needle into her left arm. A professional who specializes in body modifications performed the injection.
You can watch the process below, although folks who don’t like blood should consider skipping it. Amie DD also has a page on Hackaday.io that explains the project and the process.
The video is missing one crucial detail. It doesn’t show whether the method works. TechCrunch will update the post once a new video delivering the news is released.
Amie is not new to biohacking. The original idea was to use the existing RFID implant chip that was already in her hand to be able to start the Model 3. That method, which would have involved taking the Java applet and writing it onto her own chip, didn’t work because of Tesla’s security. So, Amie DD opted for another implant.
Amie DD explains why and how she did this in another, longer video posted below. She also talks a bit about her original implant in her left hand, which she says is used for “access control.” She uses it to unlock the door of her home, for instance.
Y Combinator has become one of the key ways that startups from emerging markets get the attention of American investors. And arguably no clutch of companies has benefitted more from Y Combinator’s attention than startups from emerging markets tackling the the logistics market.
On the heels of the success the accelerator had seen with Flexport, which is now valued at over $1 billion — and the investment in the billion-dollar Latin American on-demand delivery company, Rappi, several startups from the Northern and Southern Africa, Latin America, and Southeast Asia have gone through the program to get in front of Silicon Valley’s venture capital firms. These are companies like Kobo360, NowPorts, and, most recently, Trella.
The Egyptian company founded by Omar Hagrass, Mohammed el Garem, and Pierre Saad already has 20 shippers using its service and is monitoring and managing the shipment of 1,500 loads per month.
“The best way we would like to think of ourselves is that we would like to bring more transparency to the industry,” says Hagrass.
Like other logistics management services, Trella is trying to consolidate a fragmented industry around its app that provides price transparency and increases efficiency by giving carriers and shippers better price transparency and a way to see how cargo is moving around the country.
If the model sounds similar to what Kobo360 and Lori Systems are trying to do in Nigeria and Kenya, respectively, it’s because Hagrass knows the founders of both companies.
Technology ecosystems in these emerging markets are increasingly connected. For instance, Hagrass worked with Kobo360 founder Obi Ozor at Uber before launching Trella. And through Trella’s existing investors (the company has raised $600,000 in financing from Algebra Ventures) Hagrass was introduced to Josh Sandler the chief executive of Lori Systems.
The three executives often compare notes on their startups and the logistics industry in Northern and Southern Africa, Hagrass says.
While each company has unique challenges, they’re all trying to solve an incredibly difficult problem and one that has huge implications for the broader economies of the countries in which they operate.
For Hagrass, who participated in the Tahrir Square protests, launching Trella was a way to provide help directly to everyday Egyptians without having to worry about the government.
“It’s three times more expensive to transport goods in Egypt than in the U.S.,” says Hagrass. “Through this platform I can do something good for the country.”
More than 1.5 million users of a group dating service had their personal data exposed — including their real-time location — because of a vulnerability in the app.
The dating site, 3Fun, bills itself as a “private space” where you can meet “local kinky, open-minded people.” But the data wasn’t private at all. Ken Munro, founder of Pen Test Partners, which carried out the research Thursday and shared its findings with TechCrunch, said it was “probably the worst security for any dating app we’ve ever seen.”
Pen Test Partners researchers found the app was leaking the precise location, photos and other personal details of any nearby user.
Worse, because the app wasn’t properly secured, the researchers found they could plug in any coordinates they wanted to spoof their location, revealing sensitive information on anyone within any location of their choosing, including government buildings, military bases and even intelligence agencies.
TechCrunch ran the same tests as Pen Test Partners and confirmed its findings. We were able to modify our current geolocation to any set of coordinates we wanted — including the White House and the headquarters of the CIA.
Using a man-in-the-middle tool like Burp Suite, we could capture our real location, manipulate it in transit on the way to the server and receive a batch of data for that location.
One of the exposed user records (left) and an approximate representation of several users (right)
We found profiles of users at both locations, including their sexual preferences — including sexual orientation and their preferred matches; their age; username and their partner’s username; their bio — many of which included expansive, specific and personal information on the user; and their full-resolution profile picture. In some cases, dates of birth were also exposed.
None of the data was encrypted. The researchers called the app a “privacy train wreck.”
The researchers contacted 3Fun on July 1 to report the bugs. Munro said the app maker took weeks to fix the issues.
We emailed 3Fun with several questions, but spokesperson Jennifer White did not respond to a request for comment.
It’s the latest app to fall foul of proper security standards in recent months. Jewish dating app JCrush left 200,000 user records exposed in June following a security lapse. Last year on its launch day, conservative dating app Donald Daters exposed its entire user base — at the time some 1,600 users — after leaving a set of hard-coded keys in its app, which was quickly found after a security researcher decompiled the app.
Another dating app, Coffee Meets Bagel, was breached on Valentine’s Day, no less.
Well, that’s one way to a person’s heart — hacking their dating profile.
Hyp3r, an apparently trusted marketing partner of Facebook and Instagram, has been secretly collecting and storing location and other data on millions of users, against the policies of the social networks, Business Insider reported today. It’s hard to see how it could do this for years without intervention by the platforms except if the latter were either ignorant or complicit.
After BI informed Instagram, the company confirmed that Hyp3r (styled HYP3R) had violated its policies and has now been removed from the platform. In a statement to TechCrunch, a Facebook spokesperson confirmed the report, saying:
HYP3R’s actions were not sanctioned and violate our policies. As a result, we’ve removed them from our platform. We’ve also made a product change that should help prevent other companies from scraping public location pages in this way.
The company started several years ago as a platform via which advertisers could target users attending a given event, like a baseball game or concert. It used Instagram’s official API to hoover up data originally, the kind of data-gathering that has been happening for years by unsavory firms in tech, most infamously Cambridge Analytica.
The idea of getting an ad because you’re at a ball game isn’t so scary, but if the company maintains a persistent record not just of your exact locations, but objects in your photos and types of places you visit, in order to combine that with other demographics and build a detailed shadow profile… well, that’s a little scary. And so Hyp3r’s business model evolved.
Unfortunately, the API was severely restricted in early 2018, limiting Hyp3r’s access to location and user data. Although we heard reports that this led to layoffs at the company around the time, the company seems to have survived (and raised millions shortly afterwards) not by adapting its business model, but by sneaking around the apparently quite minimal barriers Instagram put in place to prevent location data from being scraped.
Some of this was done by taking advantage of Instagram’s Location pages, which would serve up public accounts visiting them to anyone who asked, logged in or not. (This was one of the features turned off today by Instagram.)
According to BI’s report, Hyp3r built tools to circumvent limitations on both location collection and saving of personal accounts’ stories — content meant to disappear after 24 hours. If a user posted anything at one of thousands of locations and regions monitored by Hyp3r, their data would be sucked up and added to their shadow profile.
To be clear, it only collected information from public stories and accounts. Naturally these people opted out of a certain amount of privacy by choosing a public account, but as the Cambridge Analytica case and others have shown, no one expects or should have to expect that their data is being secretly and systematically assembled into a personal profile by a company they’ve never heard of.
Facebook and Instagram, however, had definitely heard of Hyp3r. In fact, Hyp3r could until today be found in the official Facebook Marketing Partners directory, a curated list of companies it recommends for various tasks and services that advertisers might need.
And Hyp3r has been quite clear about what it is doing, though not about the methods by which it is doing it. It wasn’t a secret that the company was building profiles based around tracking locations and brands — that was presumably what Facebook listed it for. It was only when this report surfaced that Hyp3r had its Facebook Marketing Partner privileges rescinded.
It’s unclear how Hyp3r could exist as a privileged member of Facebook’s stable of recommended companies and simultaneously be in such blatant violation of its policies. If these partners receive even cursory reviews of their products and methods, wouldn’t it have been obvious to any informed auditor that there was no legitimate source for the location and other data that Hyp3r was collecting? Wouldn’t it have been obvious that it was engaging in Automated Data Collection, which is specifically prohibited without Facebook’s permission?
I’ve asked Facebook for more detail on how and when its Marketing Partners are reviewed, and how this seemingly fundamental violation of the prohibition against automated data collection could have gone undetected for so long.
Tesla’s claims about the safety of its Model 3 electric vehicle prompted U.S. regulators to send a cease-and-desist letter and escalate the matter by asking the Federal Trade Commission to investigate, according to documents released by the nonprofit legal transparency website PlainSite.
The documents show correspondence between the lawyers at National Highway Traffic Safety Administration and Tesla that began after the automaker’s October 7 blog post that said the Model 3 had achieved the lowest probability of injury of any vehicle the agency ever tested. PlainSite received the 79 pages of communications since January 2018 between NHTSA and Tesla through a Freedom of Information Act request. There were 450 pages of communication that were withheld due to Tesla’s request for confidentiality on the basis of “trade secrets.”
NHTSA took issue with the blog post, arguing that Tesla’s claims were inconsistent with its advertising guidelines regarding crash ratings. The matter might have ended with that demand. But NHTSA took the issue further and informed Tesla it would ask the Federal Trade Commission to weigh in.
“This is not the first time that Tesla has disregarded the guidelines in a matter that may lead to consumer confusion and give Tesla an unfair market advantage,” the letter dated October 17 reads. “We have therefore also referred this matter to the Federal Trade Commission’s Bureau of Consumer Protection to investigate whether these statements constitute unfair or deceptive acts or practices.”
Tesla did not respond to a request for comment.
The automaker’s lawyers did, however, push back against NHTSA’s request, according to the correspondence released by PlainSite. Tesla lawyers argue in one letter that the company’s statements were neither “untrue nor misleading.”
“To the contrary, Tesla has provided consumers with fair and objective information to compare the relative safety of vehicles having 5-star overall ratings,” the letter from Tesla’s deputy general counsel.
The documents posted by PlainSite also showed NHTSA requested sales data on all Tesla vehicles produced since July 2016 with or without Autopilot, the automaker’s advanced driver assistance system. The agency also issued subpoenas to Tesla ordering it to produce information on several crashes, including a January 25, 2019 crash in San Ramon, Calif. The subpoenas requested information about the vehicle, its owner, history and videos and images related to the crash and were to be sent to NHTSA’s Office of Defects Investigations.
Why is tech still aiming for the healthcare industry? It seems full of endless regulatory hurdles or stories of misguided founders with no knowledge of the space, running headlong into it, only to fall on their faces.
Theranos is a prime example of a founder with zero health background or understanding of the industry — and just look what happened there! The company folded not long after founder Elizabeth Holmes came under criminal investigation and was barred from operating in her own labs for carelessly handling sensitive health data and test results.
And then there’s Oscar Health, which first made a mint on Obamacare and has since ventured into Medicare. Combined with Bright, the two health insurance startups have pulled in a whopping $3 billion so far.
It’s easy to shake our fists at fool-hardy founders hoping to cash in on an industry that cannot rely on the old motto “move fast and break things.” But it doesn’t have to be the code tech lives or dies by.
So which startups have the mojo to keep at it and rise to the top? Venture capitalists often get to see a lot before deciding to invest. So we asked a few of our favorite health VC’s to share their insights.
Cybereason, which uses machine learning to increase the number of endpoints a single analyst can manage across a network of distributed resources, has raised $200 million in new financing from SoftBank Group and its affiliates.
It’s a sign of the belief that SoftBank has in the technology, since the Japanese investment firm is basically doubling down on commitments it made to the Boston-based company four years ago.
The company first came to our attention five years ago when it raised a $25 million financing from investors including CRV, Spark Capital and Lockheed Martin.
Cybereason’s technology processes and analyzes data in real-time across an organization’s daily operations and relationships. It looks for anomalies in behavior across nodes on networks and uses those anomalies to flag suspicious activity.
The company also provides reporting tools to inform customers of the root cause, the timeline, the person involved in the breach or breaches, what tools they use and what information was being disseminated within and outside of the organization.
For founder Lior Div, Cybereason’s work is the continuation of the six years of training and service he spent working with the Israeli army’s 8200 Unit, the military incubator for half of the security startups pitching their wares today. After his time in the military, Div worked for the Israei government as a private contractor reverse engineering hacking operations.
Over the last two years, Cybereason has expanded the scope of its service to a network that spans 6 million endpoints tracked by 500 employees with offices in Boston, Tel Aviv, Tokyo and London.
“Cybereason’s big data analytics approach to mitigating cyber risk has fueled explosive expansion at the leading edge of the EDR domain, disrupting the EPP market. We are leading the wave, becoming the world’s most reliable and effective endpoint prevention and detection solution because of our technology, our people and our partners,” said Div, in a statement. “We help all security teams prevent more attacks, sooner, in ways that enable understanding and taking decisive action faster.”
The company said it will use the new funding to accelerate its sales and marketing efforts across all geographies and push further ahead with research and development to make more of its security operations autonomous.
“Today, there is a shortage of more than three million level 1-3 analysts,” said Yonatan Striem-Amit, chief technology officer and Co-founder, Cybereason, in a statement. “The new autonomous SOC enables SOC teams of the future to harness technology where manual work is being relied on today and it will elevate L1 analysts to spend time on higher value tasks and accelerate the advanced analysis L3 analysts do.”
That attack, which was either conducted by Chinese-backed actors or made to look like it was conducted by Chinese-backed actors, according to Cybereason targeted a select group of users in an effort to acquire cell phone records.
As we wrote at the time:
… hackers have systematically broken in to more than 10 cell networks around the world to date over the past seven years to obtain massive amounts of call records — including times and dates of calls, and their cell-based locations — on at least 20 individuals.
Researchers at Boston-based Cybereason, who discovered the operationand shared their findings with TechCrunch, said the hackers could track the physical location of any customer of the hacked telcos — including spies and politicians — using the call records.
Lior Div, Cybereason’s co-founder and chief executive, told TechCrunch it’s “massive-scale” espionage.
Call detail records — or CDRs — are the crown jewels of any intelligence agency’s collection efforts. These call records are highly detailed metadata logs generated by a phone provider to connect calls and messages from one person to another. Although they don’t include the recordings of calls or the contents of messages, they can offer detailed insight into a person’s life. The National Security Agency has for years controversially collected the call records of Americans from cell providers like AT&T and Verizon (which owns TechCrunch), despite the questionable legality.
It’s not the first time that Cybereason has uncovered major security threats.
Back when it had just raised capital from CRV and Spark, Cybereason’s chief executive was touting its work with a defense contractor who’d been hacked. Again, the suspected culprit was the Chinese government.
As we reported, during one of the early product demos for a private defense contractor, Cybereason identified a full-blown attack by the Chinese — ten thousand usernames and passwords were leaked, and the attackers had access to nearly half of the organization on a daily basis.
The security breach was too sensitive to be shared with the press, but Div says that the FBI was involved and that the company had no indication that they were being hacked until Cybereason detected it.