https://techcrunch.com/wp-content/themes/techcrunch-2017/features/shortcodes/vidible-callback-js.php?id=0

According to the startups at Factory Berlin, it’s not just another coworking space. After all, the company took its name from Andy Warhol’s famous factory in New York City, and it describes itself as “Europe’s largest club for startups.”

Late last year, we toured Factory Berlin’s five-story, 14,000 square meter location in Görlitzer Park. Yes, it’s a building where startups can rent workspace, but as part of the tour, we had a chance to talk to several entrepreneurs, and everyone described it as a real community.

“Being part of the community, to us, means not isolating ourselves from the outer world,” said Code University founder Tom Bachem. “Or especially in Berlin, from the great startup ecosystem that we have — but instead, really deeply integrating into it.”

Similarly, Neel Popat of Donut pointed to the Factory’s blockchain events and showcases as a major benefit, while Kip Carter of New School said his team has used Factory messaging app to find experts who can work with New School’s kids.

And |Pipe| founder and CEO Simon Hossell said it’s been a great base for entrepreneurs who aren’t from Berlin: “It’s the fact that you know although you may be a stranger or a foreigner in a new city, there’s always a group of people — likeminded, smart, intelligent individuals around you that are always there to help and encourage.”

After weeks of sporting “Coming Soon” screens, the New York City MTA’s OMNY pilot finally launched today. The system augments the city’s MetroCard swipes with new contactless screens that work with contactless prepaid credit and debit cards and a variety of different smart devices.

We’ve highlighted the latter already. For starters, the system will work with Apple, Google, Samsung and Fitbit Pay, which means it will be open to a large range of smartphones and wearables.

Contactless cards are those with NFC chips sporting a four-bar wave symbol that are already available from a number of big banks and credit card companies. Per the MTA’s site, the list of partners includes Chase, Visa, Mastercard and American Express, which should cover a majority of card holders, one way or another.

That’s a big no for Diners Club, Japan Credit Bureau and China UnionPay. Also, PIN-protected cards don’t currently work, nor do gift cards and non-reloadable cards. Another important restriction in all of this is the fact that the system is currently limited to single-ride. That means the large number of New Yorkers who currently use daily, weekly and monthly passes to save on the ever-increasing ride prices are SOL for now.

Ride plans will be coming before 2021. The MTA says it also plans to have the system implemented in all subway stations and buses before then. For now it’s currently limited to the 4, 5, 6 line between Grand Central Station in Manhattan and Brooklyn’s Atlantic Avenue-Barclays Center, as well as Staten Island buses.

Having demoed the system recently, I attest that it works well on both the iPhone and Apple Watch. It remains to be seen, however, how much of a logjam this technology will create in its first weeks and months. Ultimately, however, it should go a ways toward speeding things up as riders no longer have to fumble for their MetroCard and deal with aging swipe readers.

For a cybersecurity company, Bugcrowd relies much more on people than it does on technology.

For as long as humans are writing software, developers and programmers are going to make mistakes, said Casey Ellis, the company’s founder and chief technology officer in an interview TechCrunch from his San Francisco headquarters.

“Cybersecurity is fundamentally a people problem,” he said. “Humans are actually the root of the problem,” he said. And when humans made coding mistakes that turn into bugs or vulnerabilities that be exploited, that’s where Bugcrowd comes in — by trying to mitigate the fallout before they can be maliciously exploited.

Founded in 2011, Bugcrowd is one of the largest bug bounty and vulnerability disclosure companies on the internet today. The company relies on bug finders, hackers, and security researchers to find and privately report security flaws that could damage systems or putting user data at risk.

Bugcrowd acts as an intermediary by passing the bug to the companies to get fixed — potentially helping them to dodge a future security headache like a leak or a breach — in return for payout to the finder.

The greater the vulnerability, the higher the payout.

“The space we’re in is brokering conversations between different groups of people that don’t necessarily have a good history of getting along but desperately need to talk to each other,” said Ellis.

Computex, which wrapped up today, is divided into two venues in Taipei. One, Nangang Exhibition Center, is where the big companies, including Asus and Microsoft, have their booths. The other, in Taipei World Trade Center, houses Innovex, the show’s exhibit for startups.

While walking around them, I realized that there are no “booth babes” at the Innovex location. The difference was striking. The show feels much more welcoming when you don’t have to elbow past crowds of men taking photos with models who have literally been branded with logos in the form of stickers, temporary tattoos or letters across the tops of their minidresses. There were less models at this year’s Computex compared to previous years, but during a walkthrough, I still counted 21 booths* in Nangang that had models standing in front of them.

Booth babes are a marketing gimmick that is particularly toxic and outdated in the post-#MeToo era, especially since several trade shows, including E3, Pax, Eurogamer, ChinaJoy and CES have either banned them outright, or at least instated guidelines to prevent things like the time Virgin Gaming had its models wear hot pants with QR codes on the buttocks.

Increasing awareness of sexual harassment and assault in the tech industry also makes the practice even more jarring than before—especially in Taiwan, which hasn’t had its #MeToo movement yet. The fact that many of the Nangang booths that used models were focused on gaming computers and peripherals was unsettling, because it suggested that those companies are either unaware of or simply do not care about the rampant, well-documented misogyny in the gaming community.

The sexism is also underscored by how little the models are required (or allowed) to do. Many of the women are represented by talent agencies that include performers, musicians and event emcees on their books. They can do more than hand out flyers or serve as walking billboards. But their talents are hidden at Computex. If you try to ask about a product, most direct you to one of the employees working at the booth. Booth babes are hired to serve solely as human decoration.

Most of the big tech companies that present at Computex don’t hire booth babes, but Asus was one exception. The company also scheduled several events, including its main press conference, in the evening, when many parents and other primary caretakers (who are likely to be women) are busy with their families. A lot of attendees are visitors from out of town, but for local employees tasked with working at those events, it likely meant rearranging their personal lives until the show was over. Overall, Computex did not paint a rosy picture of how Asus’ company culture views women and lent a sour note to otherwise interesting product releases. (At least this year Asus didn’t tweet a joke about one of its models’ rear ends, like it did in 2012).

An argument against the use of booth babes is the fact that booths at Innovex managed to draw large crowds of people without them, as long as they had a compelling product and presentation. It made the booths at Nangang that relied on models look backwards in comparison, the old vanguard of tech trying to hold onto relevancy with hired sex appeal.

*These booths were run by ATNG Power, Asus (and subsidiary Asustor), Apacer, Anaconda, V-Color Technology, Genesys Group, Blade-X, Mistel, Segotep, Abkoncore, Avita, Realan, Inno3D, TT Thermalake, Essencore, iGame, Biostar, Infineon, XPG and ASRock.

Want to rock out together even when you’re apart? Spotify has prototyped an unreleased feature called “Social Listening” that lets multiple people add songs to a queue they can all listen to. You just all scan one friend’s QR-style Spotify Social Listening code, and then anyone can add songs to the real-time playlist. Spotify could potentially expand the feature to synchronize playback so you’d actually hear the same notes at the same time, but for now it’s a just a shared queue.

Social Listening could give Spotify a new viral growth channel, as users could urge friends to download the app to sync up. The intimate experience of co-listening might lead to longer sessions with Spotify, boosting ad plays or subscription retention. Plus it could differentiate Spotify from Apple Music, YouTube Music, Tidal, and other competing streaming services.

A Spotify spokesperson tells TechCrunch that “We’re always testing new products and experiences, but have no further news to share at this time.” Spotify already offers Collaborative Playlists friends can add to, but Social Listening is designed for real-time sharing.

The feature is reminiscent of Turntable.fm, a 2011 startup that let people DJ in virtual rooms on their desktop that other people could join where they could chat, vote on the next song, and watch everyone’s avatars dance. But the company struggled to properly monetize through ad-free subscriptions and shut down in 2014. Facebook briefly offered its own version called “Listen With…” in 2012 that let Spotify or Rdio users synchronize music playback.

Spotify Social Listening was first spotted by reverse engineering sorceress and frequent TechCrunch tipster Jane Manchun Wong. She discovered code for the feature buried in Spotify’s Android app, but for now it’s only available to Spotify employees. Social Listening appears in the menu of connected devices you can open while playing a song beside nearby Wi-Fi and Bluetooth devices. “Connect with friends: Your friends can add tracks by scanning this code – You can also scan a friend’s code” the feature explains.

A help screen describes Social Listening as “Listen to music together. 1. On your phone, play a song and select (Connected Devices). You’ll see a code at the bottom of the screen. 2. On your friend’s phone, select the same (Connected Devices) icon, tap SCAN CODE, and point the camera at your code. 3. Now you can control the music together.” You’ll then see friends who are part of your Social Listening session listed in the Connected Devices menu. Users can also copy and share a link to join their Social Listening session that starts with the URL prefix https://open.spotify.com/socialsession/ Note that Spotify never explicitly says that playback will be synchronized.

With streaming apps largely having the same music catalog and similar $9.99 per month premium pricing, they have to compete on discovery and user experience. Spotify has long been in the lead here with its algorithmically personalized Discover Weekly playlists that were promptly copied by Apple and SoundCloud.

Oddly, Spotify has stripped out some of its own social features over the years, eliminating the in-app messing inbox and instead pushing users to share songs over third-party messaging apps. The deemphasis in discovery through friends conveniently puts the focus on Spotify’s owned playlists. That gives it leverage over the record labels during their rate negotations since it’s who influences which songs will become hits, so if labels don’t play nice their artists might not get promoted via playlists.

That’s why it’s good to see Spotify remembering that music is an inherently social experience. Music physically touches us through its vibrations, and when people listen to the same songs and are literally moved by it at the same time, it creates a sense of togetherness we’re too often deprived of on the Internet.

Tinder this morning announced a second, more premium version of its most popular a la carte purchase, Boost, with the launch of Super Boost — an upgrade only offered to Tinder Plus and Tinder Gold premium subscribers. The idea with the new product is to extract additional revenues out of those users who have already demonstrated a willingness to pay for the dating app, while also offering others another incentive to upgrade to a paid Tinder subscription.

Similar to Boost, which puts you on top of the stack of profiles shown to potential matches for 30 minutes, Super Boost also lets you cut the line.

Tinder says the option will be shown to select Tinder Plus and Tinder Gold subscribers during peak activity times, and only at night. Once purchased and activated, Super Boost promises the chance to be seen by up to 100 times more potential matches. By comparison, Boost only increases profile views by up to 10 times.

Also like Boost, Super Boost may not have a set price point. Tinder prices its products dynamically, taking into account various factors like age, location, length of subscription, and other factors. (Tinder’s decision to up its pricing for older users led to an age discrimination class action lawsuit, which the company eventually settled. This limits its ability to price based on age, but only in California.)

The company hasn’t yet settled on a price point — or range — for Super Boost, but is now testing various options in the select markets where the feature is going live. Super Boost is not broadly available across all Tinder markets nor to all premium subscribers at this time, as the company considers this a test for the time being.

The addition, if successful, could have a big impact on Tinder’s bottom line.

As Tinder’s subscriber base grows, its a la carte purchases do the same — the company even noted they reached record levels in Q4 2018, when it also disclosed that a la carte accounts for around 30 percent of direct revenue. Boost and Super Like are the most popular, and Tinder has for a long time hinted that it wants to expand its menu of a la carte features as it grows.

During the first quarter of 2019, Tinder’s average subscribers were 4.7 million, up from 384,000 in the previous quarter and 1.3 million year-over-year. Its most recent earnings also topped estimates, thanks to Tinder’s continued growth, bringing parent company Match Group’s net income across its line of dating apps to $123 million, or 42 cents a share, up from $99.7 million, or 33 cents a share, in the year-ago period.

That said, the decision to monetize a user base against a built-in algorithm bias may be a long-term riskier bet for Tinder and other dating apps, who are already the subject of much cultural criticism thanks to articles lamenting their existence, damning documentaries, their connection to everything from racial discrimination to now eating disorders, as well as studies that demonstrate their unfair nature — like this most recent one from Mozilla.

For the near-term, dating app makers reliant on this model are raking in the profits due to a lack of other options. But there’s still room for a new competitor that could disrupt the status quo. Had Facebook not waited until its name had been dragged through the mud by way of its numerous privacy scandals, its Facebook Dating product could have been that disruptor. For now, however, Tinder and its rivals are safe — and its users will likely continue to pay for any feature offering them the ability to improve their chances.

 

Microsoft has issued its second advisory this month urging users to update their systems to prevent a re-run of attacks similar to WannaCry and NotPetya.

The company said Thursday that the “wormable” vulnerability in Remote Desktop Services for Windows can allow attackers to remotely run code on a vulnerable computer — such as malware or ransomware — but worse, the vulnerability allows it to spread to other computers on the same network “in a similar way as the WannaCry malware,” which spread across the globe in 2017 causing billions of dollars in damage.

A patch was released earlier this month on Microsoft’s usual patch release day, so-called Patch Tuesday. And though there’s no signs of an active attack yet, “this does not mean that we’re out of the woods,” the company said.

Microsoft said it’s “confident” that an exploit exists for the vulnerability, putting close to one million computers directly connected to the internet are at risk.

But that figure could be far higher if servers at the enterprise firewall level are hit — with the potential of every other computer connecting to it facing a similar fate.

“Our recommendation remains the same. We strongly advise that all affected systems should be updated as soon as possible,” said Microsoft.

The bug, CVE-2019-0708 — better known as BlueKeep — is a “critical” vulnerability that affects computers running Windows XP and later, including its server operating systems. The vulnerability can be used to run code at the system level, allowing full access to the computer — including tis data. Worse, it is remotely exploitable, allowing anyone to attack a computer connected to the internet.

Microsoft said only Windows 8 and Windows 10 are not vulnerable to the bug. But the bug is so dangerous that Microsoft took the rare step of issuing patches to its long outdated and unsupported operating systems, including Windows XP.

So far, several security firms — including McAfee and Check Point — have claimed to have developed working proof-of-concept code that can at very least create a denial-of-service condition, such as shutting down a computer. But fear remains that hackers are close to creating code that could spark another major ransomware attack.

Independent malware researcher Marcus Hutchins said in a tweet it took him “an hour” to develop code to exploit the vulnerability, but declined to post the code because the bug is “dangerous.”

The universal message seems clear: patch your systems before it’s too late.

Just over a month ago, Emtek announced the end of BlackBerry Messenger for consumers. The once mighty messaging service had a good run, outstripping the popularity of its hardware namesake.

Launched in 2005, licensing rights for the service were acquired by Indonesia-based tech conglomerate Emtek 11 years later. For many years, BBM was considered BlackBerry’s (nee Research in Motion) strongest product, with some loyalists eschewing Android and iOS devices before it was finally ported over to those operating systems in 2013.

But competition ultimately proved too much. Technology and the world moved away from BBM and BlackBerry at large. The rewards, it seems, weren’t worth the resources.

“We poured our hearts into making this a reality, and we are proud of what we have built to date,” Emtek wrote in a blog post last month. “The technology industry however, is very fluid, and in spite of our substantial efforts, users have moved on to other platforms, while new users proved difficult to sign on.”

Loyalists can still download files, photos and videos from the service today, before they vanish forever. Notably, BBM Enterprise will live on for business users, but the death of the consumer version should be regarded as the end of an important era for smartphones nonetheless.

So long, and thanks for all the messages.

Hello and welcome back to Equity, TechCrunch’s venture capital-focused podcast, where we unpack the numbers behind the headlines.

It’s our first week in the new TechCrunch podcast studio, or it was for Kate Clark and Chris Gates. Alex Wilhelm will be back around SF next week. For now, we fired up the mics and dug into what was a veritable barrage of news.

First, Paul Graham’s contentious comments. The co-founder of Y Combinator tweeted some criticism of the tech press on Thursday; naturally, Kate and Alex had a few thoughts. In summary, Graham doesn’t seem to understand what it is we tech journalists do and that’s a problem.

Next up was Uber’s first quarter numbers. Given how strongly the company had signaled this set of results, the earnings report was a bit anticlimactic. Until you dug into the numbers, and things got stickier. Uber’s operating loss more than doubled from the year-ago quarter. Its adjusted EBITDA tripled, from -$280 million to -$869 million. Adjusted revenue growth compared to the year-ago quarter was just 14%.

Naturally, Uber’s shares rose in after-hours trading.

Next, we turned from public decacorn to private unicorn, working our way through the latest mega-round from American fintech shop SoFi . The new $500 million round is either an up round or a down round (we really aren’t sure) and comes at a time when the business was not at all in need the money. Following accounts of the fresh funds, news leaked that SoFi intends to snag naming rights to the Rams impending stadium. What a great use of venture funding, lol. Don’t look over here at this bubble-shaped object.

After that, it was on to Brex, which is in the process of raising even more money (Kate’s piece here, some notes from Alex here), which is a bit of a headscratcher unless, like SoFi and Slack before it, it’s raising the money simply because it can.

And last and actually least, CrowdStrike set a price range for its IPO. If you are into S-1/A dives, head here.

Odds of the U.S. and China cooling off their trade war further diminished on Friday after the world’s most populous nation said it would create a list of “unreliable” foreign firms of its own.

Gao Feng, a spokesman of China’s commerce ministry, said today that the nation will create an “entity list” that will include, in part, foreign companies that have stopped or curtailed their businesses with Chinese firms.

“Foreign enterprises, organisations or individuals that do not comply with market rules, deviate from a contract’s spirit or impose blockades or stop supplies to Chinese enterprises for non-commercial purposes, and seriously damage the legitimate rights and interests of Chinese enterprises, will be included on a list of ‘unreliable entities’,” he was quoted as saying by state-owned local media.

The retaliation comes weeks after the U.S. Commerce Department enlisted Huawei and 68 affiliates in an entity list over national security concerns, thereby requiring American companies to take approval from the government before conducting business with Chinese firms. A 90-day reprieve has been granted to allow companies such as Google to offer critical support to Huawei, however.

In the aftermath of that direction, several American firms including Google, Intel, and Qualcomm have curtailed their business agreements with the Chinese giant. Huawei executives have said in recent weeks that such ban on the company in the U.S. will significantly impact its business and hurt its reputation worldwide.

Even as details remain sparse at the moment, much of Silicon Valley giants appear to fit the bill of the companies that China wants on its blacklist.
Over the weekend, China will increase tariffs on $60 billion in U.S. goods in response to U.S. duties on $200 billion in Chinese products earlier this month. The two nations have shown little signs of reaching a resolution.

Huawei, in the meantime, has filed a legal motion to challenge the U.S. ban on its equipment, calling it “unconstitutional.” The company has also sent its American employees deployed at R&D functions at its Shenzhen headquarters home. It has also asked its Chinese employees to limit conversations with overseas visitors, and cease any technical meetings with their US contacts.