More than 95 percent of the smartphones that ship in India run Android operating system, according to industry estimates. Now the Indian antitrust watchdog is convinced that the nation should investigate if Google is abusing the dominant position of its mobile operating system to hurt local rivals.

The Competition Commission of India (CCI), the local antimonopoly regulator, began looking at Google’s Android business in India last year after it received a complaint from unspecified people. In mid-April, the regulator decided that there was merit in the accusations and ordered its investigation unit to conduct a full-investigation, according to a report by Reuters, which cites unnamed sources.

The investigation, not the first of its kind, will take about a year to conclude and could see Google executives be asked to be summoned before the regulator, the news agency reported. We’ve reached out to Google for comment. The CCI has not publicly commented on the probe.

If found guilty, Google may be fined up to 10 percent of its local revenue or 300 percent of its net profits. Even as India has emerged as one of Google’s largest markets, the company makes relatively a tiny amount in the nation. It clocked $1.4 billion in revenue in India in the year that ended in March 2018, according to regulatory filings, compared to over $100 billion it generated globally in a comparable time period.

The specific accusations, as well as identity of those who filed the complaint, remains unclear for now. In a statement to Reuters, Google said that it was looking forward to working with the CCI to “to demonstrate how Android has led to more competition and innovation, not less.”

With the launch of this investigation, India is joining the EU, which continues to look at several businesses of Google — including Android — to ensure that the company is not abusing its dominant position in the market. Earlier this year, the EU regulators concluded that Google had forced its OEM partners to prebundle Google Search, Chrome browser, and Google Play Store on their Android handsets.

Following the verdict, which Google has appealed, the Android maker announced it will give users more choices for browsers and search engines.

India’s regulator has previously investigated Google’s search business and Apple’s partnerships with local carriers for sale of iPhones. Apple’s iOS has tiny market share in India, where most people have annual income of less than $2,000.

For the past few years, Apple has been inviting student developers to attend its WWDC conference, which centers on development topics and software. A few students from this year’s batch are getting some more personal attention from Apple as it tries to raise awareness of the program and coding literacy via its Swift Playgrounds and other resources for students and teachers.

Most of those students, though, won’t get a surprise personal visit from CEO Tim Cook, which is what happened this week when Lyman High School student Liam Rosenfeld got to the Millenia Mall Apple Store in Orlando, Florida. Liam was there to participate, he thought, in an interview with myself and a local journalist from the Orlando Sentinel about his admission to the program.

As a surprise, and fresh off an appearance at the SAP Sapphire conference to announce an expanded partnership, Cook came to visit the store to greet employees, and to spend some time with Liam and his teacher, Mary Acken.

I was on hand to spend some time of my own with Liam, to talk to him about his experiences coding in high school and shipping on a global App Store. I also spoke to Cook about coding literacy, the SAP partnership and some other interesting topics.

The confab was set for Wednesday afternoon, with the store making an ideal meeting place given its rough proximity to the conference and airport. Liam arrived earlier than expected and some interference had to be ran so that Cook’s appearance and the surprise, could be kept secret.

Hello and welcome back to Equity, TechCrunch’s venture capital-focused podcast, where we unpack the numbers behind the headlines.

This week we had the full Equity staff on hand to dig through the week’s news, helmed by Kate Clark and Connie Loizos with Alex Wilhelm in the studio too. Plus, Om Malik, a former scribbler and current venture capitalist, joined us to riff on the latest.

Before we dig into what we covered, a small note from the team: As this episode is going out before Uber will trade, we’ll have another episode coming to you tomorrow after the madness. Stay tuned.

Uber priced its IPO at $45 per share right before we hit record, so we first touched on the final pricing of what should be the year’s largest tech IPO. Pricing towards the lower-end of its range, Uber could be setting itself up for a strong first day. Or, demand was lower than expected following Lyft’s slide. Either way, Uber will trade tomorrow as a public company at last. Om predicts Uber and Lyft rides will get a whole lot more expensive in the next eighteen months, so hold onto your hats, the future for riders and drivers alike is… unclear.

Next, we debated Harry’s exit to Edgewell Personal Care. The direct-to-consumer razor supplier sold this week for more than $1 billion in a deal reminiscent of the Dollar Shave Club’s sale to Unilever. From there, we spoke about the latest from the Luckin Coffee IPO. The news, in brief, is that its IPO is moving forward. Next up is pricing, we’ll be sure to discuss any updates on the podcast.

In big deal news, Carta closed a $300 million round. Connie has learned a lot about the business in recent weeks and it turns out, Om wishes he was an investor!

Finally, Cruise’s latest new round, and the capital needs of autonomous driving. As we all quickly agree, it’s an expensive business and not one that will get cheaper. But, given that so many companies are working on the tech, we hope it works out. Especially Om, who doesn’t have a driver’s license, it turns out.

All that and we had fun! Chat tomorrow!

A popular GPS tracker — used as a panic alarm for elderly patients, to monitor kids, and track vehicles — contains security flaws, which security researchers say are so severe the device should be recalled.

The Chinese manufactured white-label location tracker, rebranded and sold by over a dozen companies — including Pebbell by HoIP Telecom, OwnFone Footprint, and SureSafeGo — uses a SIM card to connect to the 2G/GPRS cell network. Although none of the devices have internet connectivity and won’t on exposed device database sites like Shodan, they can still be remotely accessed and controlled by SMS.

Researchers at U.K. cybersecurity firm Fidus Information Security say the device can be tricked into turning over its real-time location simply by anyone sending it a text message with a  keyword. Through another command, anyone can call the device and remotely listen in to its in-built microphone without alerting anyone.

Another command can remotely kill the cell signal altogether, rendering the device effectively useless.

Although the device can be protected with a PIN, it’s not enabled by default. Worse, the researchers found the device can be remotely reset without needing a PIN — opening up the device to further commands.

“This device is marketed at keeping the most vulnerable safe and yet anybody can locate and listen into thousands of people’s lives without their knowledge,” said Fidus’ Andrew Mabbitt, who wrote up the team’s findings. “This day and age, everything is connected one way or another and we seem to be leaving security behind; this isn’t going to end well.”

An attacker only requires the phone number of the device, Mabbitt told TechCrunch. His team showed it was easy to extrapolate hundreds of working phone numbers connected to vulnerable devices based off a single known device. “We made the assumption that these numbers were purchased in a batch,” said the team’s write-up.

The team bought a device and allowed TechCrunch to verify their findings. With a single command, we got a text message back in seconds with the precise co-ordinates of its location. We could also pull other information from the device, including its IMEI number and battery level.

The phone call trick, which Mabbitt called a “glorified wiretap,” also worked.

There are an estimated 10,000 devices are in the U.K. — and thousands more around the world. But Mabbitt said there’s no way to fix the vulnerabilities without recalling every device.

“Fixing this broken security would be trivial,” said the team. “All they needed to do was print a unique code on each pendant and require that to be used to change configurations. The location and call functions could be locked down to calls and texts only from those numbers previously programmed in as emergency contacts.”

The U.K. just last week announced a proposed new cybersecurity law that would require connected devices to be sold with a unique password, and not a default.

None of the device sellers we contacted responded to a request for comment.

Read more:

• An unsecured SMS spam operation doxxed its owners
• Samsung spilled SmartThings app source code and secret keys
• Security lapse exposed a Chinese smart city surveillance system
• A leaky database of SMS text messages exposed password resets and two-factor codes
• Chipotle customers are saying their accounts have been hacked
• We found a massive spam operation — and sunk its server
• Dow Jones’ watchlist of 2.4 million high-risk individuals has leaked
• Robocaller firm Stratics Networks exposed millions of call recordings
• Massive mortgage and loan data leak gets worse as original documents also exposed

Binance has vowed to raise the quality of its security in the aftermath of a hack that saw thieves make off with over $40 million in Bitcoin from the exchange.

The company — which is widely believed to operate the world’s largest crypto exchange based on trading volumes — said today that it will “significantly revamp” its security measures, procedures and practices in response. In particular, CEO Changpeng Zhao wrote in a blog post that Binance will make “significant changes to the API, 2FA, and withdrawal validation areas, which was an area exploited by hackers during this incident.”

Speaking on a livestream following the disclosure of the hack earlier this week, Zhao said the hackers had been “very patient” and, in addition to targeting high-net-worth Binance users, he suggested that attack had used both internal and external vectors. That might well mean phishing, and that’s an area where Zhao has pledged to work on “more innovative ways” to combat threats, alongside improved KYC and better user and threat analysis.

“We are working with a dozen or so industry-leading security expert teams to help improve our security as well as track down the hackers,” Zhao wrote. He added that other exchanges are helping as best they can to track and freeze the stolen assets.

The real focus must be to look forward, and in that spirit, Binance said it will soon add support for hardware-based two-factor-authentication keys as a method to log in to its site.

That’s probably long overdue and, perhaps to make up for the delay, Zhao said the company plans to give away 1,000 YubiKeys when the feature goes live. That’s a worthy gesture but, unless Binance is giving out a discount code to redeem on the website directly, security purists would likely recommend users to buy their own key to ensure it has not been tampered with.

The final notable update is when Binance will resume withdrawals and deposits, which it froze in the wake of the attack. There’s no definitive word on that yet, with Zhao suggesting that the timeframe is “early next week.”

Oh, and on that proposed Bitcoin blockchain “reorg” — which attracted a mocking reaction from many in the blockchain space — Zhao, who is also known as CZ, said he is sorry.

“It is my strong view that our constant and transparent communication is what sets us apart from the “old way of doing things”, even and especially in tough times,” he wrote defiantly, adding that he doesn’t intend to reduce his activity on Twitter — where is approaching 350,000 followers.

Daye, a “femcare” startup developing a new type of tampon that uses CBD to help tackle dysmenorrhea, has quietly raised $5.5 million in funding from high-profile investors in the U.S. and Europe, TechCrunch has learned.

Backing the round is Silicon Valley’s Khosla Ventures, along with London’s Index Ventures and Kindred Capital. The investment sees Khosla’s chief of staff Kristina Simmons, Khosla venture partner Tim Westergren (who also founded Pandora), and Hannah Seal, principle at Index, join Daye’s board.

Other investors in the London-based company include Sophia Bendz (former global director of Marketing at Spotify and now a partner at VC firm Atomico), Irina Havas (a principle of Atomico), David Schiff (founding partner at United Talent Agency) and Kristin Cardwell (VP of International Business Development at Refinery29).

Founded by 24-year-old Valentina Milanova and launching later this year, Daye has set out to build a new brand for female health products “designed with women in mind.” The startup’s first product is a newly developed tampon that uses CBD to help tackle period cramps (or dysmenorrhea) as an alternative to traditional painkillers (CBD is the extract derived from the flower of the industrial hemp plant, a legal relative to marijuana). Daye also claims its product will be more hygienic and sustainable than legacy tampons, and if successful could be a wake-up call to the incumbent and stagnant tampon industry, which has seen little innovation in decades.

“Our goal is to raise the standards of women’s hygiene products by tackling three primary issues: dysmenorrhea, manufacturing standards and sustainability,” Milanova tells TechCrunch. “Women have largely been left out of medical innovation. In fact, until 1993, researchers banned women from participating in [early] clinical trials, as it was believed female hormone fluctuations polluted medical data. To this day, most medications, including those for pain relief, depression and sleeping aids, have not been tested on women. We’re redefining localised cramp-relief, relying on an ingredient that we’ve tested on women first.”

Milanova says she first had the idea for a cramp-fighting tampon in November 2017 and initially used her salary from a day job and credit cards to fund product development. In September 2018, she quit her job to work on the business full-time and build a team, and to finalise clinical trials for the product.

Describing CBD as “having its 15 minutes of fame,” Milanova says the company doesn’t believe cannabidiol should be added to everything, from dry shampoo to cocktails. However, she says CBD is much safer than over-the-counter painkillers, and that the vaginal canal has the highest concentration of cannabinoid receptors and is also the fastest route of absorption into the bloodstream when it comes to pain relief.

“Unlike most CBD products on the market today, our product does not contain any tetrahydrocannabinol (THC),” she explains. “This is why we believe we’re going to be attractive to every consumer who experiences menstrual discomfort.”

Beyond the novel idea of a cramp-fighting CBD tampon, Milanova says Daye wants to raise the bar for tampon production standards and sustainability.

“In Europe, tampons are not classified as medical devices, which means there are no manufacturing guidelines — for context, plasters are more regulated and better sanitised than tampons,” she tells me, to my astonishment. To address this, Daye is introducing pharmaceutical-grade standards and will keep manufacturing in-house.

Period care is also “wreaking havoc” on the environment. “Over the course of her lifetime, the average woman uses enough tampons to fill two double-decker buses. That waste either ends up in our oceans or landfills. We want to relieve the burden period care has on the environment, and offer a product that is equal parts body-safe, effective and as sustainable as possible.”

To begin to answer the question of why something like this hasn’t been done before, Milanova says that menstrual discomfort in general is a massively overlooked problem and that “even the mention of the word tampon makes most people feel uncomfortable.”

The existing market is also monopolised “to the point where innovation suffers.” All tampons on the market today perform and look the same, using the same materials and the same manufacturing processes. Yet, because there’s barely any product differentiation, the Daye founder says most women remain loyal to the first tampon brand they ever tried.

“What we’re bringing to market is a completely novel product, and we’re operating in a very sensitive, intimate area of consumer goods. As a newcomer, we have to gain consumer trust by ensuring we’re in constant contact with our users, taking note of their feedback and iterating on our proposition fast.”

Cambridge University has proposed setting up a research center tasked with coming up with scalable technological fixes for climate change.

The proposed Center for Climate Repair is being co-ordinated by David King, an emeritus professor in physical chemistry at the university and also the UK government’s former chief scientific adviser.

Speaking to the BBC this morning King suggested the scale of the challenge now facing humanity to end  greenhouse gas emissions is so pressing that radical options need to be considered and developed alongside efforts to shift societies carbon neutral and shrink day to day emissions.

“What we do over the next 10 years will determine the future of humanity for the next 10,000 years. There is no major centre in the world that would be focused on this one big issue,” he told BBC News.

In an interview on the BBC Radio 4’s Today program, King said the center would need focus on scalable, low cost technologies that could be deployed to move the needle on the climate challenge.

Suggested ideas it could work to develop include geoengineering initiatives such as spraying sea water into the air at the north and south poles to reflect sunlight away and refreeze them; using fertilizer to regreen portions of the deep ocean to promote plankton growth; and carbon capture and storage methods to suck up and sequester greenhouse gases so they can’t contribute to accelerating global warming.

On the issue of nuclear power King said interesting work is being done to try to develop viable nuclear fusion technology — but also pointed to untapped capacity in renewable energy technologies, arguing there is an “ability to develop renewables far more than we thought before”.

If established, the Center for Climate Repair, would be attached to the university’s new Cambridge Carbon Neutral Futures Initiative, which is a research hub recently set up to link climate-related research work across the university — and “catalyse holistic, collaborative progress towards a sustainable future”, as it puts it.

“If [the Center for Climate Repair] goes forward, it will be part of the Carbon Neutral Futures Initiative, which is led by Dr Emily Shuckburgh,” a spokeswoman for the university confirmed.

“When considering how to tackle a problem as large, complex and urgent as climate change, we need to look at the widest possible range of ideas and to investigate radical innovations such as those proposed by Sir David,” said Shuckburgh, commenting on the proposal in a statement.

“In assessing such ideas we need to explore all aspects, including the technological advances required, the potential unintended consequences and side effects, the costs, the rules and regulations that would be needed, as well as the public acceptability.”

Cloud kitchens are the big thing in food delivery, with ex-Uber CEO Travis Kalanick’s new business one contender in that space, with Asia, and particularly Southeast Asia, a major focus. Despite the newcomers, a more established startup from Singapore has raised a large bowl of cash to go after regional expansion.

Founded in 2014, Grain specializes in clean food while it takes a different approach to Kalanick’s CloudKitchens or food delivery services like Deliveroo, FoodPanda or GrabFood.

It adopted a cloud kitchen model — utilizing unwanted real estate as kitchens, with delivery services for output — but used it for its own operations. So while CloudKitchens and others rent their space to F&B companies as a cheaper way to make food for their on-demand delivery customers, Grain works with its own chefs, menu and delivery team. A so-called ‘full stack’ model if you can stand the cliched tech phrase.

Finally, Grain is also profitable. The new round has it shooting for growth — more on that below — but the startup was profitable last year, CEO and co-founder Yi Sung Yong told TechCrunch.

Now it is reaping the rewards of a model that keeps it in control of its product, unlike others that are complicated by a chain that includes the restaurant and a delivery person.

We previously wrote about Grain when it raised a $1.7 million Series A back in 2016 and today it announced a $10 million Series B which is led by Thailand’s Singha Ventures, the VC arm of the beer brand. A bevy of other investors took part, including Genesis Alternative Ventures, Sass Corp, K2 Global — run by serial investor Ozi Amanat who has backed Impossible Foods, Spotify and Uber among others — FoodXervices and Majuven. Existing investors Openspace Ventures, Raging Bull — from Thai Express founder Ivan Lee — and Cento Ventures participated.

The round includes venture debt, as well as equity, and it is worth noting that the family office of the owners of The Coffee Bean & Tea Leaf — Sassoon Investment Corporation — was involved.

Three years is a long gap between the two deals — Openspace and Cento have even rebranded during the intervening period — and the ride has been an eventful one. During those years, Sung said the business had come close to running out of capital before it doubled down on the fundamentals before the precarious runway capital ran out.

In fact, he said, the company — which now has over 100 staff — was fully prepared to self-sustain.

“We didn’t think of raising a Series B,” he explained in an interview. “Instead, we focused on the business and getting profitable… we thought that we can’t depend entirely on investors.”

And, ladies and gentleman, the irony of that is that VCs very much like a business that can self-sustain — it shows a model is proven — and investing in a startup that doesn’t need capital can be attractive.

Ultimately, though, profitability is seen as sexy today — particularly in the meal space where countless U.S. startups has shuttered including Munchery and Sprig — but the focus meant that Grain had to shelve its expansion plans. It then went through soul-searching times in 2017 when a spoilt curry saw 20 customers get food poisoning.

Sung declined to comment directly on that incident, but he said that company today has developed the “infrastructure” to scale its business across the board, and that very much includes quality control.

Grain currently delivers “thousands” of meals per day in Singapore, its sole market, with eight-figures in sales per year, he said. Last year, growth was 200 percent, Sung continued, and now is the time to look overseas. With Singha, the Grain CEO said the company has “everything we need to launch in Bangkok.”

Thailand — which Malaysia-based rival Dahamakan picked for its first expansion — is the only new launch on the table, but Sung said that could change.

“If things move faster, we’ll expand to more cities, maybe one per year,” he said. “But we need to get our brand, our food and our service right first.”

One part of that may be securing better deals for raw ingredients and food from suppliers. Grain is expanding its ‘hub’ kitchens — outposts placed strategically around town to serve customers faster — and growing its fleet of trucks, which are retrofitted with warmers and chillers for deliveries to customers.

Grain’s journey is proof that startups in the region will go through trials and tribulations, but being able to bolt down the fundamentals and reduce burn rate is crucial in the event that things go awry. Just look to grocery startup Honestbee, also based in Singapore, for evidence of what happens when costs are allowed to pile up.

Chelsea Manning walked free today for the first time after spending two months in Virginia’s Alexandria Detention Center for refusing to cooperate with a grand jury probing her relationship with WikiLeaks. Gizmodo first reported news that Manning left the facility today.

Manning was found to be in contempt of court, remaining in custody until the Eastern District of Virginia grand jury expired. Before her release, Manning was issued another subpoena for a second grand jury for Thursday May 16.

“Chelsea will continue to refuse to answer questions, and will use every available legal defense to prove to District Judge Trenga that she has just cause for her refusal to give testimony,” her legal team shared in a blog post.

Manning has consistently signaled her ongoing unwillingness to cooperate with the federal grand jury. That makes it entirely possible that she could be returned to custody at the detention center next week when she appears for her latest subpoena.

“I don’t have anything to contribute to this, or any other grand jury,” Manning said last month. “While I miss home, they can continue to hold me in jail, with all the harmful consequences that brings. I will not give up.”

Cisco announced today that it was open sourcing the MindMeld conversation AI platform, making it available to anyone who wants to use it under the Apache 2.0 license.

MindMeld is the conversational AI company that Cisco bought in 2017. The company put the technology to use in Cisco Spark Assistant later that year to help bring voice commands to meeting hardware, which was just beginning to emerge at the time.

Today, there is a concerted effort to bring voice to enterprise use cases, and Cisco is offering the means for developers to do that with the MindMeld tool set. “Today, Cisco is taking a big step towards empowering developers with more comprehensive and practical tools for building conversational applications by open-sourcing the MindMeld Conversational AI Platform,” Cisco’s head of machine learning Karthik Raghunathanw wrote in a blog post.

The company also wants to make it easier for developers to get going with the platform, so it is releasing the Conversational AI Playbook, a step-by-step guide book to help developers get started with conversation-driven applications. Cisco says this is about empowering developers, and that’s probably a big part of the reason.

But it would also be in Cisco’s best interest to have developers outside of Cisco working with and on this set of tools. By open sourcing them, the hope is that a community of developers, whether Cisco customers or others, will begin using, testing and improving the tools; helping it to develop the platform faster and more broadly than it could, even inside an organization as large as Cisco.

Of course, just because they offer it doesn’t necessarily automatically mean the community of interested developers will emerge, but given the growing popularity of voice-enabled used cases, chances are some will give it a look. It will be up to Cisco to keep them engaged.

Cisco is making all of this available on its own DevNet platform starting today.