It’s often said that the dramatic fall of crypto prices last year ushered in a new era for technology-focused startups in the blockchain space, and the same argument can be made for the venture capitalists who fund them. Proof of Capital is the latest fund to emerge after it officially announced a maiden $50 million fund today.

The fund is led by trio Phil Chen, who created HTC’s Vive VR headset and is currently developing its Exodus blockchain phone (he spent time as a VC with Horizons Ventures in between), Edith Yeung, who previously headed up mobile for 500 Startups, and Chris McCann, a Thiel Fellow whose last role was head of community for U.S. VC firm Greylock Partners.

The firm — and you have to give them credit for the name — has an LP base that is anchored by HTC — no big surprise there given the connections — alongside YouTube co-founder Steve Chen, Taiwan-based Formosa Plastics, Ripple’s former chief risk officer Greg Kidd (who is also a prolific crypto investor) and a number of undisclosed family offices.

“For HTC, it’s obvious, they already have a product to go with it,” Yeung told TechCrunch in an interview, referencing the fact that HTC is keen to invest in blockchain services and startups to build an ecosystem for its play.

The fund also includes a partnership with HTC which, slightly hazy on paper, will essentially open the possibility for Proof of Capital portfolio companies to work with HTC directly to develop services or products for Exodus and potentially other HTC blockchain ventures. But other LPs are also keen to dip their toes in the water in different ways.

“Some of these backers are curious at the possibilities of blockchain,” continued Yeung. “For example, they’re giving us some ideas on how tokenization and gamification could be applied on different platforms.”

The fund itself is broadly targeted at early stage blockchain companies in fintech, infrastructure, hardware and the “consumer layers of the blockchain ecosystem.” Its remit is worldwide. Although Chen and Yeung have strong networks in Asia, the fund’s first deal is an investment in Latin America-based blockchain fintech startup Ubanx.

Yeung clarified that the fund is held in fiat currency and that it is focused on regular VC deals, as opposed to token-based investments.

“It’s a VC fund so the setup is traditional,” she explained. “There’s been a lot of interesting movements in the last two years, [but] we come from a more traditional VC background and are excited about the technology.”

“It’s still really early [for blockchain] and a lot of the hype — the boom and bust — is down to the crypto market and ICOs, but the reality is that a lot of these technologies are really nascent. Now, projects are raising equity, even if they have a token,” Yeung added.

Indeed, last year we wrote about the rise of private sales and that even the biggest blockchain companies took on VC funding — crypto didn’t kill VCs despite the hype — and Yeung said that blockchain startup founders in 2019 are “taking a more concerted approach” to raising money beyond simply issuing tokens.

“Many projects that raised ICO really smelt like equity,” said Yeung. “We are seeing companies today delaying token issuance as much as possible; the whole thing has gone a little more back to earth.”

A few months ago, researchers at Cisco’s Talos cybersecurity unit sounded the alarm after discovering a previously undiscovered hacker group targeting a core part of the internet’s infrastructure.

Their alarm was heard: FireEye quickly came out with new intelligence warning of a “global” domain name hijacking campaign targeting websites of predominantly Arab governments. The campaign, dubbed “DNSpionage,” would reroute users from a legitimate web address to a malicious server to steal passwords. Homeland Security warned the federal government had been targeted, and ICANN, the non-profit charged with keeping the internet’s address book, said the domain name system (DNS) was under an “ongoing and significant” attack and urged domain owners to take action.

Now, Talos researchers say they have found another highly advanced hacker group, likely backed by a nation-state, which they say has targeted 40 government and intelligence agencies, telecoms and internet giants in 13 countries for over two years.

“We assess with high confidence that these operations are distinctly different and independent from the operations performed by DNSpionage,” said the Talos report out Wednesday, seen by TechCrunch.

The group, which Talos calls “Sea Turtle” — an internal codename that ended up sticking — also targets companies by hijacking their DNS. That allows the hackers to point a target’s domain name to a malicious server of their choosing. This clever site-spoofing technique exploits long-known flaws in DNS that can be used to trick unsuspecting corporate victims into turning over their credentials on fake login pages, which the hackers can use for further compromise.

“This is a new group that is operating in a relatively unique way that we have not seen before, using new tactics, techniques, and procedures,” Craig Williams, director, outreach at Cisco Talos, told TechCrunch.

The hackers first compromise an intended target using spearphishing to get a foothold on the network, then use known exploits to target servers and routers to move laterally and obtain and exfiltrate network-specific passwords. Using those credentials, the hackers then target the DNS registrar, updating its records so that the domain name points away from the IP address of the target’s server to an IP address of a server controlled by the hackers.

Once the target’s domain is pointing to the malicious server, the hackers can run a man-in-the-middle operation to impersonate login pages and scrape the usernames and passwords of the staff as a way of getting deeper access into the network. The hackers also used their own HTTPS certificate for the target’s domain from another provider to make the malicious server look like the real thing.

With the credentials for greater network access in hand, the hackers aim to obtain the target’s SSL certificates used across the corporate network, granting greater visibility into the organization’s operations. The attackers also stole the SSL certificates used in security appliances, like virtual private networks (VPN), which were used to steal credentials to gain access to the organization’s network from outside its walls.

Using this same technique, Talos said the hackers compromised Netnod, a DNS provider in Sweden and one of the 13 root servers that powers the global DNS infrastructure, which in February confirmed its infrastructure was hijacked. The successful attack allowed the hackers to steal the passwords of administrators who manage Saudi Arabia’s top-level domain — .sa — suggesting other Saudi-based companies could be in the hacker group’s crosshairs.

Williams said Talos can “conclusively” link the Sea Turtle hackers to the Netnod attack.

In another case, the hackers gained access to the registrar that manages Armenia’s top-level domains, allowing the group to potentially target any .am domain name.

Talos wouldn’t name the targets of the attacks nor name the registrars at risk, citing the risk of further or copycat attacks — and the researchers wouldn’t name the state likely behind the group, instead deferring to the authorities to attribute. But given the eventual targets included internet and telecom infrastructure companies, foreign ministries, and intelligence agencies in the Middle East and Africa, Williams said the group’s primary motivations are to conduct espionage.

Sea Turtle are said to be “highly capable,” the researchers’ findings said, and the hackers are able to maintain long-term access by using the stolen credentials.

The researchers urged companies to begin using DNSSEC, a cryptographically more secure domain name system that’s far tougher to spoof, and employing two-factor on an organization’s DNS records.

“While this incident is limited to targeting primarily national security organizations in the Middle East and North Africa, and we do not want to overstate the consequences of this specific campaign, we are concerned that the success of this operation will lead to actors more broadly attacking the global DNS system,” the researchers said.

We’ve known Microsoft had something new and Surfacey up its sleeve for this week. Turns out the company’s finally ready to unveil the long promised Surface 2S. The successor to 2015’s Windows 10-based interactive whiteboard is all about making things more portable.

It’s a bit of a counterintuitive product category that brings nothing to more to mind than a stationary wall mount, but at the price these things tend to run, versatility is key. In fact, the company brought Steelcase on as a partner, specifically to design a mobile, wheeled stand for the product.

The 2S is 60 percent slimmer and 40 percent lighter than the earlier model. Key to portability is also the option to add a mobile battery from APC to the Hub, which lets team members unplug the system without losing all of their work. That’s seemingly a no brainer for collaborative devices like these. No doubt these were all highly requested features after gen one.

In addition to the new-found portability, the specs have also been bumped up across the board. The 50 inch display is “4K+,” at 3840 x 2560. The speakers, mic and camera have all been improved, powered by an 8th gen Intel Core i5, 8GB of RAM, 128GB of storage and Intel UHD Graphics 620, which the company promises are 50 percent faster than the last time around.

It starts shipping in June, priced at $9,000.

Microsoft also plans to deliver the standard Surface Hub 2 later this year, bringing a pen and touch enabled display. And next year it will start testing an 85 inch version of the 2S, with “select customers.”

Airbase is a startup with a plan to change the way you think about accounting around spending. Instead of multiple workflows, it wants to create a simpler one involving, well, Airbase. It’s a bold move for any startup to take on something as entrenched as financials, but it’s giving it a shot, and today the company launched with a $7 million Series A investment.

First Round Capital was lead investor. Maynard Webb, Village Global, BoxGroup and Quiet Capital also participated. The deal closed at the end of November last year. This is the first external funding for the company, which company founder and CEO, Thejo Kote had bootstrapped previously with $300,000 of his own money.

“At a high level, Airbase is the first all-in-one spend management system. It replaces a number of different systems that companies use to manage how they spend money,” Kote told TechCrunch.

He knows of what he speaks. Prior to starting this company, Kote co-founded Automatic, a startup that he sold to SiriusXM for more than $100 million in 2017. As a founder, he saw just how difficult it was to track the vast variety of spending inside a company from supplies to subscriptions to food and drink.

“Think about the hundreds of things that companies spend money on, and the way in which the management of that happens is a pretty broken process today,” he said. For starters, it usually involves some sort of approval request in a tool like Slack, Jira or Google forms.

Once approved, the person requesting the expense will put that on a company credit card, then have to submit expense reports at the end of each month using a tool like Expensify. If you purchase from vendor, then that involves an invoice and that has to be processed and paid. Finally it would need to be reconciled and accounted for in accounting software. Each step of this process ends up being time-consuming and costly for an organization.

Kote’s idea was to take this process and streamline it by removing the friction, which he saw as being related to the disparate systems in place to get the work done. He believed by creating a single workflow on a unified, single platform he could create a smoother system for everyone involved.

He is putting that single system in between the bank and the accounting system including a virtual Airbase Visa card to take the place of physical cards. Request for spending happens inside Airbase instead of an external tool. When the virtual card gets charged, bookkeeping and reconciliation gets handled in Airbase and pushed to your accounting package of choice.

This could be a difficult proposition for companies with existing systems in place, but could be attractive to startups and small companies whose accounting systems have not yet hardened. Perhaps that’s why most of Airbase’s customers are startups or SMBs with between 500 and 5000 employees, such as Gusto, Netlify and Segment.

Bill Trenchard, General Partner at lead investor First Round Capital says he has seen very little innovation in this space and that’s what drew him to Airbase. “Airbase has taken a bold step forward to create an entirely new paradigm. It delivers a real solution to the biggest problems finance teams face as their companies grow,” Trenchard said in a statement.

The company was founded in 2017 and has 22 employees today. It has a sales office in San Francisco, but other employees are spread across four countries.

Wattpad, the online storytelling community whose authors’ works have been turned into Netflix movies, TV shows for Hulu and projects for other studios both in the U.S. and worldwide, announced today a new partnership with Sony Pictures Television. The deal gives Sony a first-look option for up-and-coming Wattpad stories — in other words, a way to snag the next big teen hit that already has a built-in fan base.

Wattpad says it will work with Sony to help it to identify the popular stories on its platform from the half a billion story uploads it has seen to date. The company uses its “Story DNA” machine learning technology alongside human curation to quickly identify the most promising IP and storytellers on Wattpad.

The technology helps deconstruct stories by analyzing things like sentence structure, word use and grammar, with the goal of helping to uncover the next best seller. It’s used today to help identify stories to turn into films, TV shows, books, and other digital projects.

Key to Wattpad’s ability to make these business deals is its online community, which today includes over 70 million monthly users, who spend over 22 billion minutes engaged with its original stories uploaded to its site.

This sizable community helped make Netflix’s “The Kissing Booth” movie a success, where the original story behind the film had already been read 19 million times by users worldwide.

Wattpad’s “Light as a Feather,” produced for Hulu along with AwesomenessTV and Grammnet, has been Emmy-nominated, and just got renewed for a second season.

Wattpad’s “After,” launched in theaters on April 12. It’s based on Harry Styles fan fiction and is something of a “50 Shades..” for a younger demographic. Before it became five-book series, it first racked up over a billion reads on Wattpad’s site.

Today, Wattpad works with a range of entertainment partners worldwide for similar deals, including iflix, eOne, Huayi Brothers Korea, SYFY, and others, and has turned its stories into projects at Universal Cable Productions (NBCU), Hulu, Netflix, and elsewhere.

Sony Pictures TV already had a relationship with Wattpad, before today’s news.

Last year, it acquired the series “Death is My BFF” from Katerina E. Tonks, which has over 62 million reads on the site. Lindsey Rosin (“Cruel Intentions”) is slated to write the series.

“Our entertainment partners all over the world have seen the power of our data-backed approach to IP discovery and development.” said Aron Levitz, Head of Wattpad Studios, in a statement. “Wattpad stories are some of the most innovative and creative that have ever been written. The stories and diverse voices on Wattpad deserve to be heard all over the world. And our partnership with Sony does just that: bringing Wattpad stories to new and existing fans all over the planet,” he said.

The Sony deal will be overseen by Eric Lehrman, Wattpad’s Head of Content Development and Production, the company says.

Wattpad is represented by UTA, who helped broker the deal.

 

French startup Alsid has raised a $14.7 million funding round (€13 million). The company is working on a security solution to protect your Microsoft Active Directory installation and make sure a hacker can’t access your system.

Idinvest Partners is leading today’s round. Existing investors 360 Capital Partners and Axeleo Capital are also participating.

If you have a corporate laptop or if you access files on your corporate network, chances are your company uses Active Directory. Most companies uses this this directory service to manage users and their access rights. Whenever you enter your login and password on your corporate laptop, macOS or Windows check the Active Directory to see if you have the rights to use this laptop and various corporate services.

Big companies have a hard time managing this directory. They acquire other companies, merge directories and don’t realize that some users end up with very generous access rights. Hackers take advantage of that.

There are some solutions to scan your directory and fix vulnerabilities, but they require admin access. They create a risk as much as a solution. Alsid has a completely different approach.

“We operate like an employee working remotely. Our system asks a lot of questions to the directory and detects issues,” co-founder and CEO Emmanuel Gras told me in 2017. The company creates a normal user account, connects to your corporate network with a VPN and uses Microsoft’s API to attack your own Active Directory.

Alsid then generates reports with detailed steps to protect a directory. And of course, the company tries to monitor the directory as often as possible. You can deploy Alsid locally or in the cloud.

The company uses a software-as-a-service approach and currently monitors 3 million Active Directory users. Many big companies already use the service, such as Groupe Accor, Orange, Sanofi and Unibail-Roadmco-Westfield.

I’m excited to announce that The Europas Awards for European Tech Startups is really shaping up! The awards will be held on 27 June 2018, in London, UK on the front lawn of the Geffrye Museum in Hoxton, London — creating a fantastic and fun, garden party atmosphere in the heart of London’s tech startup scene.

TechCrunch is once more the exclusive media sponsor of the awards and conference, alongside new ‘tech, culture & society’ event creator The Pathfounder.

Here’s how to enter and be considered for the awards.

You can nominate a startup, accelerator or venture investor which you think deserves to be recognized for their achievements in the last 12 months.

*** The deadline for nominations is 1 May 2019. ***

For the 2019 awards, we’ve overhauled the categories to a set that we believe better reflects the range of innovation, diversity and ambition we see in the European startups being built and launched today. There are now 20 categories including new additions to cover AgTech / FoodTech, SpaceTech, GovTech and Mobility Tech.

Attendees, nominees and winners will get discounts to TechCrunch Disrupt in Berlin, later this year.

The Europas “Diversity Pass”

We’d like to encourage more diversity in tech! That’s why, for the upcoming invitation-only “Pathfounder” event held on the afternoon before The Europas Awards, we’ve reserved a tranche of free tickets to ensure that we include more women and people of colour who are “pre-seed” or “seed stage” tech startup founders to join us. If you are a woman or a person of colour, apply here for a chance to be considered for one of the limited free diversity passes to the event.

The Pathfounder event will feature premium content and invitees, designed be a ‘fast download’ into the London tech scene for European founders looking to raise money or re-locate to London.

The Europas Awards

The Europas Awards results are based on voting by expert judges and the industry itself.

But key to it is that there are no “off-limits areas” at The Europas, so attendees can mingle easily with VIPs.

The complete list of categories is here:

1. AgTech / FoodTech
2. CleanTech
3. Cyber
4. EdTech
5. FashTech
6. FinTech
7. Public, Civic and GovTech
8. HealthTech
9. MadTech (AdTech / MarTech)
10. Mobility Tech
11. PropTech
12. RetailTech
13. Saas/Enterprise or B2B
14. SpaceTech
15. Tech for Good
16. Hottest Blockchain Project
17. Hottest Blockchain Investor
18. Hottest VC Fund
19. Hottest Seed Fund
20. Grand Prix
    Timeline of The Europas Awards deadlines:

* 6 March 2019 – Submissions open
* 1 May 2019 – Submissions close
* 10 May 2019 – Public voting begins
* 18 June 2019 – Public voting ends
* 27 June 2019 – Awards Bash

Amazing networking

We’re also shaking up the awards dinner itself. Instead of a sit-down gala dinner, we’ve taken on your feedback for more opportunities to network. Our awards ceremony this year will be in the setting of a garden lawn party where you’ll be able to meet and mingle more easily with free-flowing drinks and a wide-selection of street food (including vegetarian/vegan). The ceremony itself will last approximately 75 minutes, with the rest of the time dedicated to networking. If you’d like to talk about sponsoring or exhibiting, please contact dianne@thepathfounder.com

Instead of thousands and thousands of people, think of a great summer event with the most interesting and useful people in the industry, including key investors and leading entrepreneurs.

The Europas Awards have been going for the last ten years and we’re the only independent and editorially driven event to recognise the European tech startup scene. The winners have been featured in Reuters, Bloomberg, VentureBeat, Forbes, Tech.eu, The Memo, Smart Company, Cnet, many others and of course, TechCrunch.

• No secret VIP rooms, which means you get to interact with the Speakers

• Key Founders and investors attending

• Journalists from major tech titles, newspapers and business broadcasters

Meet the first set of our 20 judges:

Brent Hoberman
Executive Chairman and Co-Founder
Founders Factory

Videesha Böckle
Founding Partner
signals Venture Capital

Bindi Karia
Innovation Expert + Advisor, Investor
Bindi Ventures

Christian Hernandez
Christian Hernandez Gallardo
Co-Founder and Venture Partner at White Star Capital

Lyric, a platform for folks who struggle to decide between a hotel and an Airbnb, has today announced the close of a $160 million Series B financing led by none other than Airbnb . Other investors who participated in the round include Tishman Speyer, RXR Realty, Obvious Ventures, SineWave, Dick Costolo, Adam Bain, as well as existing investors Barry Sternlicht, NEA, SignalFire, FifthWall and Tusk Ventures.

Lyric is a hospitality platform for business travelers. The company secures its own inventory in multi-family residential buildings through partnerships with landlords. From there, the company brings in its designers to beautify the place and pack it full of amenities, including coffee from a local roaster and a fully functional kitchen.

You can think of Lyric as a premium operator,” said cofounder and CEO Andrew Kitchell. “We do everything from selecting locations to bringing in a brand and design team to managing every single room every single day. We’re a modern hotel operator with a meaningfully different supply.”

The startup uses a proprietary app called Tidy to manage room cleanings. The app not only walks cleaners through the process of getting a rental ready for the next customer or day, but also has them take photographs to verify that the room is up to standard. Cleaners are not employed in house, but rather Lyric partners with local vendors for room cleanings and maintenance. The company also uses tech to help determine what locations work best in a given city for a Lyric rental.

One of the biggest differences between Airbnb and Lyric is that Lyric is more of a premium hotel operator, putting the latter in lockstep with landlords rather than pitted against them. Lyric argues to landlords that it can be an anchor tenant in a new building, which means the landlord can avoid at least some of their inventory just sitting unrented. It can also be seen as an amenity for other tenants, who can put up their visitors at a discount on a different floor in their very building.

Here’s what Airbnb’s President of Homes Greg Greeley had to say:

At Airbnb, we have seen how hospitality entrepreneurs like the team at Lyric can help deliver amazing experiences and help guests feel like they can belong anywhere in the world. Lyric has combined the latest technology, strong partnerships with the real estate community and cutting-edge design, and we are excited to support their work.

This financing comes at an interesting time for the hospitality market. While Airbnb disrupts hotels, the lines are being blurred around what is a hotel and what is a rental. We’ve already seen big acquisitions in the space — see AccorHotel’s $170 million acquisition of OneFineStay — as well as big players enter it. WeWork launched a co-living product called WeLive in 2016.

Lyric is currently available in 13 markets and cofounder and CEO Andrew Kitchell says that the company is operating legally in every one of them. The company provides Studios, 1BR and 2BR units, with a starting price around $200/night, depending on the market.

With the new funding, Lyric hopes to expand its operations and go from its current 500 units across 13 markets to 1000 units by the end of the year. Lyric has raised a total of $185 million.

Evernote has fixed a vulnerability that could have allowed an attacker to run malicious code on a victim’s computer.

Dhiraj Mishra, a security researcher based in Dubai, reported the bug to Evernote on March 17.  In a blog post showing his proof-of-concept, Mishra showed TechCrunch that a user only had to click a link masked as a web address, which would open a locally stored app or file unhindered and without warning.

Evernote spokesperson Shelby Busen confirmed the bug had been fixed, and said the company “appreciates” the contributions from security researchers.

MITRE, the vulnerability database keeper, issued an advisory under CVE-2019-10038.

The bug could allow an attacker to remotely run malicious commands on any macOS computer with Evernote installed. Since the fix went into effect, Evernote now warns users when they click a link that opens a file on their Mac.

A similar local file path traversal bug was revealed Tuesday in Electronic Arts’ Origin gaming client.

Evernote was forced to reset close to 50 million passwords after a breach in 2013, and later caused controversy by changing its privacy policy that allowed employees to access user data. The company later walked back the policy change after user complaints.

Stripe, the payments powerhouse that is now valued at $22.5 billion, has made an acquisition to help it gear up for new regulations in Europe that will be rolled out later this year to improve security in online transactions. It has acquired Touchtech Payments, a startup out of Ireland that works with banks to help them build and manage Strong Customer Authentication, a verification process that will typically require customers to provide two different forms of authentication from card holders in order to process transactions. SCA will be required on most transactions in Europe from September 14 of this year.

Alongside this, Stripe itself is updating its APIs, partly in line with these changes. This will include a new default payments API, a new checkout, and upgraded billing.

The financial terms of the acquisition are not being disclosed. Touchtech had raised less than $500,000, according to Pitchbook data, and it will work out of Stripe’s offices in Dublin.

SCA is part of PSD2, a wider payments directive that has been getting implemented across Europe. The basic idea is that, from September, people buying items will be required to provide two forms of verification when making online transactions — for example entering a code from their phones or another connected device like a wearable; a biometric scan; or a separate PIN. But there are also a number of exceptions — for example, purchases under €30 and recurring billing around subscriptions are both exempt, as are transactions with merchants that a customer might add to a white list. That makes putting SCA in place and running it quite complex.

John Collison, Stripe’s co-founder and president, said that a similar directive put in place in India had a chilling effect on the market after it wasn’t handled well.

“There was a 25 percent drop in sales overnight when the changes came into effect in India,” he said in an interview. “So we think SCA is a huge deal. It’s European-wide, and not an option. People are sleepwalking into it, and it’s not getting as much dialogue as it merits.”

Interestingly, the acquisition will mark an interesting change for Stripe, which has been built on connections with merchants and other customers that take digital payments for goods and services: Touchtech interfaces with banks and others that handle card payments — meaning it will be the first time that Stripe is developing a service that is not merchant-facing, but bank-facing. Collison said that this does not mark a bigger change in Stripe’s strategy, but more a consequence of the complexity that will need to be handled something that banks and cardholders, not merchants, will need to address. “Don’t read too much into this!” he said to me.

Touchtech’s current customers include so-called “challenger” banks like N26 and fintech startups like Transferwise, so it will be interesting to see how and if aligning with Stripe will widen that scope to cover more incumbent providers.

“We have broad ambitions for Touchtech,” Collison said.

The updates to Stripe’s APIs, Collison said, are mainly coming to account for SCA and the triggers it will effect for verification, and also how these will impact other parts of the payment sequence, such as how payments will work with Apple Pay and Google Pay. Stripe notes that it is not mandatory for those using Stripe’s current API’s to update immediately, although those doing business in Europe will need to eventually anyway. “When major regulatory changes are introduced in a new market covered by Stripe, the Payment Intents API will allow merchants to upgrade their checkout flows with little-to-no disruption, significantly reducing the burden of migrations for merchants,” Stripe notes. 

The checkout, meanwhile, will also now automatically handle SCA requirements for merchants, Stripe said. It will be customizable to account for repeat versus one-time purchases.

The upgrade to the billing, Stripe said, will now automatically identify which purchases will require SCA and trigger the subsequent scripts. This will mainly impact those businesses that take recurring payments, for example for subscriptions.

Longer term, while this is a European directive, other countries such as Mexico and Australia are also considering similar regulations. With fraud a growing problem, it’s likely that this isn’t the end of the story for how customers, banks, merchants and companies like Stripe that have traded on their simplicity handle adding more tools like this underneath the hood.