spokesperson
Auto Added by WPeMatico
Auto Added by WPeMatico
Salesforce, the 20-year-old leader in customer relationship management (CRM) tools, is making a foray into Asia by working with one of the country’s largest tech firms, Alibaba.
Alibaba will be the exclusive provider of Salesforce to enterprise customers in mainland China, Hong Kong, Macau and Taiwan, and Salesforce will become the exclusive enterprise CRM software suite sold by Alibaba, the companies announced on Thursday.
The Chinese internet has for years been dominated by consumer-facing services such as Tencent’s WeChat messenger and Alibaba’s Taobao marketplace, but enterprise software is starting to garner strong interest from businesses and investors. Workflow automation startup Laiye, for example, recently closed a $35 million funding round led by Cathay Innovation, a growth-stage fund that believes “enterprise software is about to grow rapidly” in China.
The partners have something to gain from each other. Alibaba does not have a Salesforce equivalent serving the raft of small-and-medium businesses selling through its e-commerce marketplaces or using its cloud computing services, so the alliance with the American cloud behemoth will fill that gap.
On the other hand, Salesforce will gain sales avenues in China through Alibaba, whose cloud infrastructure and data platform will help the American firm “offer localized solutions and better serve its multinational customers,” said Ken Shen, vice president of Alibaba Cloud Intelligence, in a statement.
“More and more of our multinational customers are asking us to support them wherever they do business around the world. That’s why today Salesforce announced a strategic partnership with Alibaba,” said Salesforce in a statement.
Overall, only about 10% of Salesforce revenues in the three months ended April 30 originated from Asia, compared to 20% from Europe and 70% from the Americas.
Besides gaining client acquisition channels, the tie-up also enables Salesforce to store its China-based data at Alibaba Cloud. China requires all overseas companies to work with a domestic firm in processing and storing data sourced from Chinese users.
“The partnership ensures that customers of Salesforce that have operations in the Greater China area will have exclusive access to a locally-hosted version of Salesforce from Alibaba Cloud, who understands local business, culture and regulations,” an Alibaba spokesperson told TechCrunch.
Cloud has been an important growth vertical at Alibaba and nabbing a heavyweight ally will only strengthen its foothold as China’s biggest cloud service provider. Salesforce made some headway in Asia last December when it set up a $100 million fund to invest in Japanese enterprise startups and the latest partnership with Alibaba will see the San Francisco-based firm actually go after customers in Asia.
Powered by WPeMatico
Google says a small number of its enterprise customers mistakenly had their passwords stored on its systems in plaintext.
The search giant disclosed the exposure Tuesday but declined to say exactly how many enterprise customers were affected. “We recently notified a subset of our enterprise G Suite customers that some passwords were stored in our encrypted internal systems unhashed,” said Google vice president of engineering Suzanne Frey.
Passwords are typically scrambled using a hashing algorithm to prevent them from being read by humans. G Suite administrators are able to manually upload, set and recover new user passwords for company users, which helps in situations where new employees are on-boarded. But Google said it discovered in April that the way it implemented password setting and recovery for its enterprise offering in 2005 was faulty and improperly stored a copy of the password in plaintext.
Google has since removed the feature.
No consumer Gmail accounts were affected by the security lapse, said Frey.
“To be clear, these passwords remained in our secure encrypted infrastructure,” said Frey. “This issue has been fixed and we have seen no evidence of improper access to or misuse of the affected passwords.”
Google has more than 5 million enterprise customers using G Suite.
Google said it also discovered a second security lapse earlier this month as it was troubleshooting new G Suite customer sign-ups. The company said since January it was improperly storing “a subset” of unhashed G Suite passwords on its internal systems for up to two weeks. Those systems, Google said, were only accessible to a limited number of authorized Google staff, the company said.
“This issue has been fixed and, again, we have seen no evidence of improper access to or misuse of the affected passwords,” said Frey.
Google said it’s notified G Suite administrators to warn of the password security lapse, and will reset account passwords for those who have yet to change.
A spokesperson confirmed Google has informed data protection regulators of the exposure.
Google becomes the latest company to have admitted storing sensitive data in plaintext in the past year. Facebook said in March that “hundreds of millions” of Facebook and Instagram passwords were stored in plaintext. Twitter and GitHub also admitted similar security lapses last year.
Read more:
Powered by WPeMatico
TechCrunch’s Connie Loizos published some interesting stats on seed and Series A financings this week, courtesy of data collected by Wing Venture Capital. In short, seed is the new Series A and Series A is the new Series B. Sure, we’ve been saying that for a while, but Wing has some clean data to back up those claims.
Years ago, a Series A round was roughly $5 million and a startup at that stage wasn’t expected to be generating revenue just yet, something typically expected upon raising a Series B. Now, those rounds have swelled to $15 million, according to deal data from the top 21 VC firms. And VCs are expecting the startups to be making money off their customers.
“Again, for the old gangsters of the industry, that’s a big shift from 2010, when just 15 percent of seed-stage companies that raised Series A rounds were already making some money,” Connie writes.
As for seed, in 2018, the average startup raised a total of $5.6 million prior to raising a Series A, up from $1.3 million in 2010.
Now on to IPO updates, then a closer look at all the companies raising big rounds. Want more TechCrunch newsletters? Sign up here. Contact me at kate.clark@techcrunch.com or @KateClarkTweets.
![]()
Slack: The workplace communication software provider dropped its S-1 on Friday ahead of a direct listing. That’s when companies sell existing shares directly to the market, allowing them to skip the roadshow and minimize the astronomical fees typically associated with an initial public offering. Here’s the TLDR on financials: Slack reported revenues of $400.6 million in the fiscal year ending January 31, 2019, on losses of $138.9 million. That’s compared to a loss of $140.1 million on revenue of $220.5 million for the year before. Slack’s losses are shrinking (slowly), while its revenues expand (quickly). It’s not profitable yet, but is that surprising?
Zoom was the Slack we thought Slack was all along.
— alex (PVD) (@alex) April 26, 2019
Uber: The ride-hail giant is fast approaching its IPO, expected as soon as next week. On Friday, the company established an IPO price range of $44 to $50 per share to raise between $7.9 billion and $9 billion at a valuation of approximately $84 billion, significantly lower than the $100 billion previously reported estimations. The most likely outcome is Uber will price above range and all the latest estimates will be way off course. Best to sit back and see how Uber plays it. Oh, and PayPal said it would make a $500 million investment in the company in a private placement, as part of an extension of the partnership between the two.
There are a lot of fascinating companies raising colossal rounds, so I thought I’d dive a bit deeper than I normally do. Bear with me.
Carbon: The poster child for 3D printing has authorized the sale of $300 million in Series E shares, according to a Delaware stock filing uncovered by PitchBook. If Carbon raises the full amount, it could reach a valuation of $2.5 billion. Using its proprietary Digital Light Synthesis technology, the business has brought 3D-printing technology to manufacturing, building high-tech sports equipment, a line of custom sneakers for Adidas and more. It was valued at $1.7 billion by venture capitalists with a $200 million Series D in 2018.
Canoo: The electric vehicle startup formerly known as Evelozcity is on the hunt for $200 million in new capital. Backed by a clutch of private individuals and family offices from China, Germany and Taiwan, the company is hoping to line up the new capital from some more recognizable names as it finalizes supply deals with vendors, according to reporting from TechCrunch’s Jonathan Shieber. The company intends to make its vehicles available through a subscription-based model and currently has 400 employees. Canoo was founded in 2017 after Stefan Krause, a former executive at BMW and Deutsche Bank, and another former BMW executive, Ulrich Kranz, exited Faraday Future amid that company’s struggles.
Starry: The Boston-based wireless broadband internet startup has authorized the sale of Series D shares worth up to $125 million, according to a Delaware stock filing. If Starry closes the full authorized raise it will hold a post-money valuation of $870 million. A spokesperson for the company confirmed it had already raised new capital, but disputed the numbers. The company has already raised more than $160 million from investors, including FirstMark Capital and IAC. The company most recently closed a $100 million Series C this past July.
Selina & Sonder: The Airbnb competitor Sonder is in the process of closing a financing worth roughly $200 million at a $1 billion valuation, reports The Wall Street Journal. Investors including Greylock Partners, Spark Capital and Structure Capital are likely to participate. Sonder is four years old but didn’t emerge from stealth until 2018. The startup, which turns homes into hotels, quickly attracted more than $100 million in venture funding. Meanwhile, another hospitality business called Selina has raised $100 million at an $850 million valuation. The company, backed by Access Industries, Grupo Wiese and Colony Latam Partners, builds living/co-working/activity spaces across the world for digital nomads.

Fresh funds: Mary Meeker has made history with the close of her new fund, Bond Capital, the largest VC fund founded and led by a female investor to date. Bond has $1.25 billion in committed capital. If you remember, Meeker ditched Kleiner Perkins last fall and brought the firm’s entire growth team with her. Kleiner said it was a peaceful split that would allow the firm to focus more on its early-stage efforts, leaving the growth investing to Bond. Fortune, however, reported this week that a power struggle of sorts between Meeker and Mamoon Hamid, who joined recently to reenergize the early-stage side of things, was a larger cause of her exit.
Plus, SOSV, a multi-stage venture firm that was founded as the personal investment vehicle of entrepreneur Sean O’Sullivan after his company went public in 1994, has raised $218 million for its third fund. The vehicle has a $250 million target that SOSV expects to meet. Already, the fund is substantially larger than the firm’s previous vehicle, which closed with $150 million.
A grocery delivery startup crumbles: Honestbee, the online grocery delivery service in Asia, is nearly out of money and trying to offload its business. Despite looking impressive from the outside, the company is currently in crisis mode due to a cash crunch — there’s a lot happening right now. TechCrunch’s Jon Russell dives in deep here.
Extra Crunch: “When it comes to working with journalists, so many people are, frankly, idiots. I have seen reporters yank stories because founders are assholes, play unfairly, or have PR firms that use ridiculous pressure tactics when they have already committed to a story.” Sign up for Extra Crunch for a full list of PR don’ts. Here are some other EC pieces to hit the wire this week:
Equity: If you enjoy this newsletter, be sure to check out TechCrunch’s venture-focused podcast, Equity. In this week’s episode, available here, Crunchbase News editor-in-chief Alex Wilhelm and I chat about Kleiner Perkins, Chinese IPOs and Slack & Uber’s upcoming exits.
Powered by WPeMatico
With one click, any semi-skilled hacker could have silently taken over a Fortnite account, according to a cybersecurity firm that says the bug is now fixed.
Researchers at Check Point say the three vulnerabilities chained together could have affected any of its 200 million players. The flaws, if exploited, would have stolen the account access token set on the gamer’s device once they entered their password.
Once stolen, that token could be used to impersonate the gamer and log in as if they were the account holder, without needing their password.
The researchers say that the flaw lies in how Epic Games, the maker of Fortnite, handles login requests. Researchers said they could send any user a crafted link that appears to come from Epic Games’ own domain and steal an access token needed to break into an account.
Check Point’s Oded Vanunu explains how the bug works. (Image: supplied)
“It’s important to remember that the URL is coming from an Epic Games domain, so it’s transparent to the user and any security filter will not suspect anything,” said Oded Vanunu, Check Point’s head of products vulnerability research, in an email to TechCrunch.
Here’s how it works: The user clicks on a link, which points to an epicgames.com subdomain, which the hacker embeds a link to malicious code on their own server by exploiting a cross-site weakness in the subdomain. Once the malicious script loads, unbeknownst to the Fortnite player, it steals their account token and sends it back to the hacker.
“If the victim user is not logged into the game, he or she would have to log in first,” said Vanunu. “Once that person is logged in, the account can be stolen.”
Epic Games has since fixed the vulnerability.
“We were made aware of the vulnerabilities and they were soon addressed,” said Nick Chester, a spokesperson for Epic Games. “We thank Check Point for bringing this to our attention.”
“As always, we encourage players to protect their accounts by not re-using passwords and using strong passwords, and not sharing account information with others,” he said.
When asked, Epic Games would not say if user data or accounts were compromised as a result of this vulnerability.
Powered by WPeMatico
Cory Doctorow doesn’t like censorship. He especially doesn’t like his own work being censored.
Anyone who knows Doctorow knows his popular tech and culture blog, Boing Boing, and anyone who reads Boing Boing knows Doctorow and his cohort of bloggers. The part-blogger, part special advisor at the online rights group Electronic Frontier Foundation has written for years on topics of technology, hacking, security research, online digital rights and censorship and its intersection with free speech and expression.
Yet, this week it looked like his own free speech and expression could have been under threat.
Doctorow revealed in a blog post on Friday that scooter startup Bird sent him a legal threat, accusing him of copyright infringement and that his blog post encourages “illegal conduct.”
In its letter to Doctorow, Bird demanded that he “immediately take[s] down this offensive blog.”
Doctorow declined, published the legal threat and fired back with a rebuttal letter from the EFF accusing the scooter startup of making “baseless legal threats” in an attempt to “suppress coverage that it dislikes.”
The whole debacle started after Doctorow wrote about how Bird’s many abandoned scooters can be easily converted into a “personal scooter” by swapping out its innards with a plug-and-play converter kit. Citing an initial write-up by Hackaday, these scooters can have “all recovery and payment components permanently disabled” using the converter kit, available for purchase from China on eBay for about $30.
In fact, Doctorow’s blog post was only two paragraphs long and, though didn’t link to the eBay listing directly, did cite the hacker who wrote about it in the first place — bringing interesting things to the masses in bite-size form in true Boing Boing fashion.
Bird didn’t like this much, and senior counsel Linda Kwak sent the letter — which the EFF published today — claiming that Doctorow’s blog post was “promoting the sale/use of an illegal product that is solely designed to circumvent the copyright protections of Bird’s proprietary technology, as described in greater detail below, as well as promoting illegal activity in general by encouraging the vandalism and misappropriation of Bird property.” The letter also falsely stated that Doctorow’s blog post “provides links to a website where such Infringing Product may be purchased,” given that the post at no point links to the purchasable eBay converter kit.
EFF senior attorney Kit Walsh fired back. “Our client has no obligation to, and will not, comply with your request to remove the article,” she wrote. “Bird may not be pleased that the technology exists to modify the scooters that it deploys, but it should not make baseless legal threats to silence reporting on that technology.”
The three-page rebuttal says Bird used incorrectly cited legal statutes to substantiate its demands for Boing Boing to pull down the blog post. The letter added that unplugging and discarding a motherboard containing unwanted code within the scooter isn’t an act of circumventing as it doesn’t bypass or modify Bird’s code — which copyright law says is illegal.
As Doctorow himself put it in his blog post Friday: “If motherboard swaps were circumvention, then selling someone a screwdriver could be an offense punishable by a five year prison sentence and a $500,000 fine.”
In an email to TechCrunch, Doctorow said that legal threats “are no fun.”
AUSTIN, TX – MARCH 10: Journalist Cory Doctorow speaks onstage at “Snowden 2.0: A Field Report from the NSA Archives” during the 2014 SXSW Music, Film + Interactive Festival at Austin Convention Center on March 10, 2014 in Austin, Texas. (Photo by Travis P Ball/Getty Images for SXSW)
“We’re a small, shoestring operation, and even though this particular threat is one that we have very deep expertise on, it’s still chilling when a company with millions in the bank sends a threat — even a bogus one like this — to you,” he said.
The EFF’s response also said that Doctorow’s freedom of speech “does not in fact impinge on any of Bird’s rights,” adding that Bird should not send takedown notices to journalists using “meritless legal claims,” the letter said.
“So, in a sense, it doesn’t matter whether Bird is right or wrong when it claims that it’s illegal to convert a Bird scooter to a personal scooter,” said Walsh in a separate blog post. “Either way, Boing Boing was free to report on it,” she added.
What’s bizarre is why Bird targeted Doctorow and, apparently, nobody else — so far.
TechCrunch reached out to several people who wrote about and were involved with blog posts and write-ups about the Bird converter kit. Of those who responded, all said they had not received a legal demand from Bird.
We asked Bird why it sent the letter, and if this was a one-off letter or if Bird had sent similar legal demands to others. When reached, a Bird spokesperson did not comment on the record.
All too often, companies send legal threats and demands to try to silence work or findings that they find critical, often using misinterpreted, incorrect or vague legal statutes to get things pulled from the internet. Some companies have been more successful than others, despite an increase in awareness and bug bounties, and a general willingness to fix security issues before they inevitably become public.
Now Bird becomes the latest in a long list of companies that have threatened reporters or security researchers, alongside companies like drone maker DJI, which in 2017 threatened a security researcher trying to report a bug in good faith, and spam operator River City, which sued a security researcher who found the spammer’s exposed servers and a reporter who wrote about it. Most recently, password manager maker Keeper sued a security reporter claiming allegedly defamatory remarks over a security flaw in one of its products. The case was eventually dropped, but not before more than 50 experts, advocates and journalist (including this reporter) signed onto a letter calling for companies to stop using legal threats to stifle and silence security researchers.
That effort resulted in several companies — notably Dropbox and Tesla — to double down on their protection of security researchers by changing their vulnerability disclosure rules to promise that the companies will not seek to prosecute hackers acting in good-faith.
But some companies have bucked that trend and have taken a more hostile, aggressive — and regressive — approach to security researchers and reporters.
“Bird Scooters and other dockless transport are hugely controversial right now, thanks in large part to a ‘move-fast, break-things’ approach to regulation, and it’s not surprising that they would want to control the debate,” said Doctorow.
“But to my mind, this kind of bullying speaks volumes about the overall character of the company,” he said.
Powered by WPeMatico
Nigerian trucking logistics startup Kobo360 has raised $6 million to upgrade its platform and expand operations to Ghana, Togo and Cote D’Ivoire.
The company — with an Uber -like app that connects truckers and companies with freight needs — gained the equity financing in an IFC-led investment. The funding saw participation from others, including TLcom Capital and Y Combinator.
With the investment, Kobo360 aims to become more than a trucking transit app.
“We started off as an app, but our goal is to build a global logistics operating system. We’re no longer an app, we’re a platform,” founder Obi Ozor told TechCrunch.
In addition to connecting truckers, producers and distributors, the company is building that platform to offer supply chain management tools for enterprise customers.
“Large enterprises are asking us for very specific features related to movement, tracking and sales of their goods. We either integrate other services, like SAP, into Kobo or we build those solutions into our platform directly,” said Ozor.
Kobo360 will start by developing its API and opening it up to large enterprise customers.
“We want clients to be able to use our Kobo dashboard for everything; moving goods, tracking, sales and accounting…and tackling their challenges,” said Ozor.

Kobo360 will also build more physical presence throughout Nigeria to service its business. “We’ll open 100 hubs before the end of 2019…to be able to help operations collect proof of delivery, to monitor trucks on the roads and have closer access to truck owners for vehicle inspection and training,” said Ozor.
Kobo360 will add more warehousing capabilities, “to support our reverse logistics business” — one of the ways the company brings prices down by matching trucks with return freight after they drop their loads, rather than returning empty, according to Ozor.
Kobo360 will also use its $6 million investment to expand programs and services for its drivers, something Ozor sees as a strategic priority.
“The day you neglect your drivers you are not going to have a company, only issues. If Uber were more driver-focused it would be a trillion-dollar company today,” he said.
The startup offers drivers training and group programs on insurance, discounted petrol and vehicle financing (KoboWin). Drivers on the Kobo360 app earn on average of approximately $5,000 per month, according to Ozor.
Under KoboCare, Kobo360 has also created an HMO for drivers and an incentive-based program to pay for education. “We give school fee support, a 5,000 Naira bonus per trip for drivers toward educational expenses for their kids,” said Ozor.

Kobo360 will complete limited expansion into new markets Ghana, Togo and Cote D’Ivoire in 2019. “The expansion will be with existing customers, one in the port operations business, one in FMCG and another in agriculture,” said Ozor.
Ozor thinks the startup’s asset-free, digital platform and business model can outpace traditional long-haul 3PL providers in Nigeria by handling more volume at cheaper prices.
“Owning trucks is just too difficult to manage. The best scalable model is to aggregate trucks,” he told TechCrunch in a previous interview.
With the latest investment, IFC’s regional head for Africa Wale Ayeni and TLcom senior partner Omobola Johnson will join Kobo360’s board. “There’s a lot of inefficiencies in long-haul freight in Africa…and they’re building a platform that can help a lot of these issues,” said Ayeni of Kobo360’s appeal as an investment.
The company has served 900 businesses, aggregated a fleet of 8,000 drivers and moved 155 million kilograms, per company stats. Top clients include Honeywell, Olam, Unilever, Dangote and DHL.
MarketLine estimated the value of Nigeria’s transportation sector in 2016 at $6 billion, with 99.4 percent comprising road freight.
Logistics has become an active space in Africa’s tech sector, with startup entrepreneurs connecting digital to delivery models. In Nigeria, Jumia founder Tunde Kehinde departed and founded Africa Courier Express. Startup Max.ng is wrapping an app around motorcycles as an e-delivery platform. Nairobi-based Lori Systems has moved into digital coordination of trucking in East Africa. And U.S.-based Zipline — which launched drone delivery of commercial medical supplies in partnership with the government of Rwanda and support of UPS — is in “process of expanding to several other countries,” according to a spokesperson.
Kobo360 has plans for broader Africa expansion but would not name additional countries yet.
Ozor said the company is profitable, though the startup does not release financial results. Wale Ayeni also wouldn’t divulge revenue figures, but confirmed IFC’s did full “legal and financial due diligence on Kobo’s stats,” as part of the investment.
Ozor named Lori Systems as Kobo360’s closest African startup competitor.
On the biggest challenge to revenue generation, it’s all about service delivery and execution, according to Ozor.
“We already have volume and demand in the market. The biggest threat to revenues is if Kobo360’s platform doesn’t succeed in solving our client’s problems and bringing reliability to their needs,” he said.
Powered by WPeMatico
At Google, the company offers a ‘Grab and Go’ program that allows employees to use self-service stations to quickly borrow and return Chromebooks without having to go through a lengthy IT approval process. Now, it’s bringing this same idea to other businesses.
Chromebooks have found their place in education and a number of larger enterprise companies are also getting on board with the idea of a centrally managed device that mostly focuses on the browser. That’s maybe no surprise, given that both schools and enterprises are pretty much looking for the same thing from these devices.
At Google, the system has seen more than 30,000 users that have completed more than 100,000 loans so far.
While Google wants others to run similar programs (and use more Chromebooks in the process) it’s worth noting that this is a limited preview program and that Google isn’t building and selling racks or other infrastructure for this. As a Google spokesperson told us, Google will give companies that want to try this the open source code to build this system and advise them through the setup and deployment. It will also engage with partners to help them build the hardware or set up a ‘Grab and Go’ as a service system.
Employees who want to use one of these ‘Grab and Go’ stations simply pick up a laptop, sign in and move on with their day. When they are done, they simply return the laptop. That’s it. Easy.
That’s not quite as exciting as Google building and selling racks of Chromebooks, but this project is clearly another move to bring Chromebooks to the enterprise. Specifically, Google says that this program is meant for frontline workers who only need devices for a short period of time, as well as shift workers and remote workers.

Powered by WPeMatico
A report by CSOOnline presented the possibility that Microsoft would be able to ban “offensive language” from Skype, Xbox, and, inexplicably, Office. The post, which cites Microsoft’s new terms of use, said that the company would not allow users to “publicly display or use the Services to share inappropriate content or material (involving, for example, nudity, bestiality, pornography, offensive language, graphic violence, or criminal activity)” and that you could lose your Xbox Live Membership if you curse out a kid Overwatch.
“We are committed to providing our customers with safe and secure experiences while using our services. The recent changes to the Microsoft Service Agreement’s Code of Conduct provide transparency on how we respond to customer reports of inappropriate public content,” said a Microsoft spokesperson. The company notes that “Microsoft Agents” do not watch Skype calls and that they can only respond to complaints with clear evidence of abuse. The changes, which go into effect May 1, allows Microsoft to ban you from it services if you’re found passing “inappropriate content” or using “offensive language.”
These new rules give Microsoft more power over abusive users and it seems like Microsoft is cracking down on bad behavior on its platforms. This is good news for victims of abuse in private communications channels on Microsoft products and may give trolls pause before they yell something about your mother on Xbox. We can only dare to dream.
Powered by WPeMatico