VMware announces intent to buy Avi Networks, startup that raised $115M

VMware has been trying to reinvent itself from a company that helps you build and manage virtual machines in your data center to one that helps you manage your virtual machines wherever they live, whether that’s on prem or the public cloud. Today, the company announced it was buying Avi Networks, a 6-year old startup that helps companies balance application delivery in the cloud or on prem in an acquisition that sounds like a pretty good match. The companies did not reveal the purchase price.

Avi claims to be the modern alternative to load balancing appliances designed for another age when applications didn’t change much and lived on prem in the company data center. As companies move more workloads to public clouds like AWS, Azure and Google Cloud Platform, Avi is providing a more modern load balancing tool, that not only balances software resource requirements based on location or need, but also tracks the data behind these requirements.

Diagram: Avi Networks

VMware has been trying to find ways to help companies manage their infrastructure, whether it is in the cloud or on prem, in a consistent way, and Avi is another step in helping them do that on the monitoring and load balancing side of things, at least.

Tom Gillis, senior vice president and general manager for the networking and security business unit at VMware sees this acquisition as fitting nicely into that vision. “This acquisition will further advance our Virtual Cloud Network vision, where a software-defined distributed network architecture spans all infrastructure and ties all pieces together with the automation and programmability found in the public cloud. Combining Avi Networks with VMware NSX will further enable organizations to respond to new opportunities and threats, create new business models, and deliver services to all applications and data, wherever they are located,” Gillis explained in a statement.

In a blog post,  Avi’s co-founders expressed a similar sentiment, seeing a company where it would fit well moving forward. “The decision to join forces with VMware represents a perfect alignment of vision, products, technology, go-to-market, and culture. We will continue to deliver on our mission to help our customers modernize application services by accelerating multi-cloud deployments with automation and self-service,” they wrote. Whether that’s the case, time will tell.

Among Avi’s customers, which will now become part of VMware are Deutsche Bank, Telegraph Media Group, Hulu and Cisco. The company was founded in 2012 and raised $115 million, according to Crunchbase data. Investors included Greylock, Lightspeed Venture Partners and Menlo Ventures, among others.


By Ron Miller

IBM, KPMG, Merck, Walmart team up for drug supply chain blockchain pilot

IBM announced its latest blockchain initiative today. This one is in partnership with KPMG, Merk and Walmart to build a drug supply chain blockchain pilot.

These four companies are coming to together to help come up with a solution to track certain drugs as they move through a supply chain. IBM is acting as the technology partner, KPMG brings a deep understanding of the compliance issues, Merk is of course a drug company and Walmart would be a drug distributor through its pharmacies and care clinics.

The idea is to give each drug package a unique identifier that you can track through the supply chain from manufacturer to pharmacy to consumer. Seems simple enough, but the fact is that companies are loathe to share any data with one another. The blockchain would provide an irrefutable record of each transaction as the drug moved along the supply chain, giving authorities and participants an easy audit trail.

The pilot is part of set of programs being conducted by various stakeholders at the request of the FDA. The end goal is to find solutions to help comply with the U.S. Drug Supply Chain Security Act. According to the FDA Pilot Program website, “FDA’s DSCSA Pilot Project Program is intended to assist drug supply chain stakeholders, including FDA, in developing the electronic, interoperable system that will identify and trace certain prescription drugs as they are distributed within the United States.”

IBM hopes that this blockchain pilot will show it can build a blockchain platform or network on top of which other companies can build applications. “The network in this case, would have the ability to exchange information about these pharmaceutical shipments in a way that ensures privacy, but that is validated,” Mark Treshock, global blockchain solutions leader for healthcare and life sciences at IBM told TechCrunch.

He believes that this would help bring companies on board that might be concerned about the privacy of their information in a public system like this, something that drug companies in particular worry about. Trying to build an interoperable system is a challenge, but Treshock sees the blockchain as a tidy solution for this issue.

Some people have said that blockchain is a solution looking for a problem, but IBM has been looking at it more practically with several real-world projects in production including one to track leafy greens from field to store with Walmart and a shipping supply chain with Maersk to track shipping containers as they move through the world

Treshock believes the Walmart food blockchain is particularly applicable here and could be used as a template of sorts to build the drug supply blockchain. “It’s very similar, tracking food to tracking drugs, and we are leveraging or adopting the assets that we built for food trust to this problem. We’re taking that platform and adapting it to track pharmaceuticals,” he explained.


By Ron Miller

Helium launches $51M-funded “LongFi” IoT alternative to cellular

With 200X the range of WiFi at 1/1000th of the cost of a cellular modem, Helium’s “LongFi” wireless network debuts today. Its transmitters can help track stolen scooters, find missing dogs via IoT collars, and collect data from infrastructure sensors. The catch is that Helium’s tiny, extremely low-power, low-data transmission chips rely on connecting to P2P Helium Hotspots people can now buy for $495. Operating those hotspots earns owners a cryptocurrency token Helium promises will be valuable in the future…

The potential of a new wireless standard has allowed Helium to raise $51 million over the past few years from GV, Khosla Ventures, and Marc Benioff including a new $15 million round co-led by Union Square Ventures and Multicoin Capital. That’s in part because one of Helium’s co-founders is Napster inventer Shawn Fanning. Investors are betting that he can change the tech world again, this time with a wireless protocol that like WiFi and Bluetooth before it could unlock unique business opportunities.

Helium already has some big partners lined up including Lime, which will test it for tracking its lost and stolen scooters and bikes when they’re brought indoors obscuring other connectivity or their battery is pulled out deactivating GPS. “It’s an ultra low-cost version of a LoJack” Helium CEO Amir Haleem says.

InvisiLeash will partner with it to build more trackable pet collars. Agulus will pull data from irrigation valves and pumps for its agriculture tech business, Nestle will track when its time to refill water in its ReadyRefresh coolers at offices, and Stay Alfred will use it to track occupancy status and air quality in buildings. Haleem also imagines the tech being useful for tracking wildfires or radiation.

Haleem met Fanning playing video games in the 2000s. They teamed up with Fanning and Sproutling baby monitor (sold to Mattel) founder Chris Bruce in 2013 to start work on Helium. They foresaw a version of Tile’s trackers that could function anywhere while replacing expensive cell connections for devices that don’t need high-bandwith. Helium will compete with SigFox, another lower-power IoT protocol, though Haleem claims its more centralized infrastructure costs are prohibitive. Lucky for Helium, on-demand rental bikes and scooters that are perfect for its network have reached mainstream popularity just as Helium launches six years after its start.

Helium says its already pre-sold 80% of its Helium Hotspots for its first market in Austin, Texas. People connect them to their Wifi and put in their window so thee devices can pull in data from Helium’s IoT sensors over its open-source LongFi protocol. The hotspots then encrypt and send the data to the company’s cloud that clients can plug into to track and collect info from their devices. The Helium Hotspots only require as much energy as a 12-watt LED lightbulb to run, but that $495 price tag is steep. The lack of a concrete return on investment could deter later adopters from buying the expensive device.

Only 150-200 hotspots are necessary to blanket a city in connectivity, Haleem tells me. But since they need to be distributed across the landscape so a client can’t just fill their warehouse with the hotspots and the upfront price is expensive for individuals, Helium might need to sign up some retail chains as partners for deployment. Haleem admits “The hard part is the education”. Making hotspot buyers understand the potential (and risks) while demonstrating the opportunities for clients will require a ton of outreach and slick marketing.

Without enough Helium Hotspots, the Helium network won’t function. That means this startup will have to simultaneously win at telecom technology, enterprise sales, and cryptocurrency for the network to pan out. As if one of those wasn’t hard enough.


By Josh Constine

Apollo raises $22M for its GraphQL platform

Apollo, a San Francisco-based startup that provides a number of developer and operator tools and services around the GraphQL query language, today announced that it has raised a $22 million growth funding round co-led by Andreessen Horowitz and Matrix Partners. Existing investors Trinity Ventures and Webb Investment Network also participated in this round.

Today, Apollo is probably the biggest player in the GraphQL ecosystem. At its core, the company’s services allow businesses to use the Facebook-incubated GraphQL technology to shield their developers from the patchwork of legacy APIs and databases as they look to modernize their technology stacks. The team argues that while REST APIs that talked directly to other services and databases still made sense a few years ago, it doesn’t anymore now that the number of API endpoints keeps increasing rapidly.

Apollo replaces this with what it calls the Data Graph. “There is basically a missing piece where we think about how people build apps today, which is the piece that connects the billions of devices out there,” Apollo co-founder and CEO Geoff Schmidt told me. “You probably don’t just have one app anymore, you probably have three, for the web, iOS and Android . Or maybe six. And if you’re a two-sided marketplace you’ve got one for buyers, one for sellers and another for your ops team.” Managing the interfaces between all of these apps quickly becomes complicated and means you have to write a lot of custom code for every new feature. The promise of the Data Graph is that developers can use GraphQL to query the data in the graph and move on, all without having to write the boilerplate code that typically slows them down. At the same time, the ops teams can use the Graph to enforce access policies and implement other security features.

“If you think about it, there’s a lot of analogies to what happened with relational databases in the 80s,” Schmidt said. “There is a need for a new layer in the stack. Previously, your query planner was a human being, not a piece of software, and a relational databased is a piece of software that would just give you a database. And you needed a way to query that database and that syntax was called SQL.”

Geoff Schmidt, Apollo CEO, and Matt DeBergalis, CTO.

GraphQL itself, of course, is open source. Apollo is now building a lot of the proprietary tools around this idea of the Data Graph that make it useful for businesses. There’s a cloud-hosted graph manager, for example, that lets you track your schema, as well as a dashboard to track performance, as well as integrations with continuous integration services. “It’s basically a set of services that keep track of the metadata about your graph and help you manage the configuration of your graph and all the workflows and processes around it,” Schmidt said.

The development of Apollo didn’t come out of nowhere. The founders previously launched Meteor, a framework and set of hosted services that allowed developers to write their apps in JavaScript, both on the front-end and back-end. Meteor was tightly coupled to MongoDB, though, which worked well for some use cases but also held the platform back in the long run. With Apollo, the team decided to go in the opposite direction and instead build a platform that makes being database agnostic the core of its value proposition.

The company also recently launched Apollo Federation, which makes it easier for businesses to work with a distributed graph. Sometimes, after all, your data lives in lots of different places. Federation allows for a distributed architecture that combines all of the different data sources into a single schema that developers can then query.

Schmidt tells me that the company started to get some serious traction last year and by December, it was getting calls from VCs that heard from their portfolio companies that they were using Apollo.

The company plans to use the new funding to build out its technology to scale its field team to support the enterprises that bet on its technology, including the open source technologies that power both the service.

“I see the Data Graph as a core new layer of the stack, just like we as an industry invested in the relational databased for decades, making it better and better,” Schmidt said. “We’re still finding new uses for SQL and that relational database model. I think the Data Graph is going to be the same way.”


By Frederic Lardinois

RealityEngines.AI raises $5.25M seed round to make ML easier for enterprises

RealityEngines.AI, a research startup that wants to help enterprises make better use of AI, even when they only have incomplete data, today announced that it has raised a $5.25 million seed funding round. The round was led by former Google CEO and Chairman Eric Schmidt and Google founding board member Ram Shriram. Khosla Ventures, Paul Buchheit, Deepchand Nishar, Elad Gil, Keval Desai, Don Burnette and others also participated in this round.

The fact that the service was able to raise from this rather prominent group of investors clearly shows that its overall thesis resonates. The company, which doesn’t have a product yet, tells me that it specifically wants to help enterprises make better use of the smaller and noisier datasets they have and provide them with state-of-the-art machine learning and AI systems that they can quickly take into production. It also aims to provide its customers with systems that can explain their predictions and are free of various forms of bias, something that’s hard to do when the system is essentially a black box.

As RealityEngines CEO Bindu Reddy, who was previously the head of products for Google Apps, told me the company plans to use the funding to build out its research and development team. The company, after all, is tackling some of the most fundamental and hardest problems in machine learning right now — and that costs money. Some, like working with smaller datasets, already have some available solutions like generative adversarial networks that can augment existing datasets and that RealityEngines expects to innovate on.

Reddy is also betting on reinforcement learning as one of the core machine learning techniques for the platform.

Once it has its product in place, the plan is to make it available as a pay-as-you-go managed service that will make machine learning more accessible to large enterprise, but also to small and medium businesses, which also increasingly need access to these tools to remain competitive.


By Frederic Lardinois

WhatsApp is finally going after outside firms that are abusing its platform

WhatsApp has so far relied on past dealings with bad players within its platform to ramp up its efforts to curtail spam and other automated behavior. The Facebook -owned giant has now announced an additional step it plans to take beginning later this year to improve the health of its messaging service: going after those whose mischievous activities can’t be traced within its platform.

The messaging platform, used by more than 1.5 billion users, confirmed on Tuesday that starting December 7 it will start considering signals off its platform to pursue legal actions against those who are abusing its system. The company will also go after individuals who — or firms that — falsely claim to have found ways to cause havoc on the service.

The move comes as WhatsApp grapples with challenges such as spam behavior to push agendas or spread of false information on its messaging service in some markets. “This serves as notice that we will take legal action against companies for which we only have off-platform evidence of abuse if that abuse continues beyond December 7, 2019, or if those companies are linked to on-platform evidence of abuse before that date,” it said in an FAQ post on its site.

A WhatsApp spokesperson confirmed the change to TechCrunch, adding, “WhatsApp was designed for private messaging, so we’ve taken action globally to prevent bulk messaging and enforce limits on how WhatsApp accounts that misuse WhatsApp can be used. We’ve also stepped up our ability to identify abuse, which helps us ban 2 million accounts globally per month.”

Earlier this year, WhatsApp said (PDF) it had built a machine learning system to detect and weed out users who engage in inappropriate behavior such as sending bulk messages or creating multiple accounts with intention to harm the service. The platform said it was able to assess the past dealings with problematics behaviors to ban 20% of bad accounts at the time of registration itself.

But the platform is still grappling to contain abusive behavior, a Reuters report claimed last month. The news agency reported about tools that were readily being sold in India for under $15 that claimed to bypass some of the restrictions that WhatsApp introduced in recent months.

TechCrunch understands that with today’s changes, WhatsApp is going after those same set of bad players. It has already started to send cease and desist letters to marketing companies that claim to abuse WhatsApp in recent months, a person familiar with the matter said.


By Manish Singh

Uber envisions Uber Air will one day be cheaper than owning a car

Uber has big dreams for Uber Air, the flying taxi service it’s wanting to launch in 2023. At the third annual Uber Elevate, head of Elevate Eric Allison said the company expects Uber Air to be cheaper than driving a car. It surely won’t be that way on day one, but once Uber deploys fully electric, autonomous shared vehicles, Allison said it will be more economical than driving a car.

“Our vision is that on a daily basis it’ll be more economically rational for you to fly than for you to drive,” he said.

At launch, Uber Air will be cheaper than a helicopter ride. This is a worthy comparison, given Uber unveiled its costly Uber Copter service last week as phase one of Uber Air. In the near term, Uber predicts Air will be comparable to the cost of Uber X and Uber Pool. Long term, which is probably at least more than five years from now, Uber Air will be more economical than owning a car, Allison said.

This, of course, is Uber’s best-case scenario for Air. In order for Uber Air to become a reality, it needs approval from the Federal Aviation Administration, the cities where it wants to land its electric vertical take-off and landing vehicles, help from real estate developers, customer trust and so much more. If all goes according to Uber’s plan, it will start testing this service next year and deploy it to the public in 2023.


By Megan Rose Dickey

Colombian point-of-sale lender ADDI nabs $12.5 million from Andreessen Horowitz

Andreessen Horowitz <3 Latin American startups.

Latin America is the only region outside of the U.S. where the venture firm is routinely investing capital, and it just made another commitment, doubling down on its early-stage support for the point-of-sale lending startup ADDI.

ADDI picked up $12.5 million in new financing in April of this year as the company looks to expand its lending services online.

For an American audience, the closest corollary to what ADDI is up to is likely Affirm, the point-of-sale lender that’s raised a ton of cash and come in for some (valid) criticism for its basic business model.

Like Affirm, ADDI lets its borrowers apply for credit at the moment of purchase. The company likens its service to the layaway and credit plans that already exist in Colombia — but involve pretty onerous requirements to use. Company co-founder Santiago Suarez and Andreessen Horowitz general partner Angela Strange both commented on how, in some cases, Colombian shoppers have to have three people vouch for a borrower before a store will issue credit or agree to a layaway plan.

The difference between an ADDI loan — or any loan — and layaway is that an installment payment plan doesn’t charge interest (and even with the fees that installment plans do charge, they are often still cheaper than taking out a loan).

But financial products are coming for consumers in Latin America whether those buyers like it or not — and for the most part, it seems they do like it.

Historically, only the wealthiest clientele in Latin America received anything resembling the kinds of financial products that are more widely available in the United States, according to Strange. And the investment in ADDI is just part of her firm’s thesis in trying to make more services more broadly available in a region where a technological transformation is creating unprecedented opportunities for challengers.

That assessment is what drew Santiago Suarez back to Latin America only two years ago. A former executive at Lending Club who previously had worked as the head of New Product Development and Emerging Services at J.P. Morgan, Suarez saw the tremendous growth happening in Latin America and returned to Colombia to see if he could bring some much needed services to his home country.

Suarez partnered with his childhood friend, Elmer Ortega, who was working as the chief technology officer of the local hedge fund where he had previously been employed as a derivatives trader before learning how to code.

Together, the two men, who had known each other since they were five years old, set out to transform how credit was offered in retail shops. It’s an industry that Suarez had known well since his parents had owned stores.

“In the U.S. there are all of these gaps that fintech companies are filling,” says Suarez. “But the gaps in Latin America are bigger.”

Suarez and Ortega incorporated the company in September 2018, around the same time they raised $2.3 million from the regional investment firm, Monashees, Andreessen and Village Global. They then raised another $1.5 million in an internal round of financing before closing the most recent funding.

The company offers loans at annual percentage rates ranging from 19.99% to 28.90%. The company started with a digital solution for brick and mortar retailers because 90% of retail in Colombia still happens offline. 

Although it’s in its early days, the company has already originated 10,000 borrowers and typically loans out roughly $500 since it launched on February 22, according to Suarez. He declined to comment on the company’s default rate on loans.

Now with 40 employees on staff, the company is looking to bring its lending tool to more e-commerce and physical retailers, according to Suarez. And despite the threat of cyclical political turmoil, Suarez says there’s no better time to be investing in Colombia. 

“It’s the most stable country outside of Chile… Way more stable than Brazil, way more stable than Argentina and way more stable than Mexico,” Suarez says. “What we’re looking at is more than cyclical instability… those things go beyond that. Nubank was able to build a multibillion business in the worst political and economic crisis in Brazil’s history. I think Colombia is an incredibly attractive space with a deep talent pool.”


By Jonathan Shieber

Amazon Restaurants in US is shutting down

Following November’s closure of Amazon’s restaurant delivery business in London, the company is now shutting down operations in the U.S. The service, which was launched back in fall 2015, was designed to give Prime members another perk — a way to order meals, not just products and groceries — through the e-commerce giant.

But the service has faced much competition, including from local rivals like Grubhub, Uber Eats, DoorDash and Deliveroo (which Amazon invested in) in London, among others. In some cases, they would even discount their services in order to win market share. Amazon, meanwhile, has largely failed to establish itself as a significant player in restaurant delivery in both market share and consumer mindshare. It’s not the first name people think of when they’re looking to order food for lunch or dinner, and the logistics of delivering hot meals in a timely fashion introduces a different set of concerns that go beyond Amazon’s core focus areas.

Related to the closure, Amazon will also shutter workplace lunch delivery service Daily Dish, according to GeekWire, which broke the news.

Amazon made the decision to exit restaurant deliveries to focus more on its growing grocery delivery business, we understand.

TechCrunch (among others, we’re guessing) was tipped off to the closure through a source at Amazon familiar with the business’s closing. Amazon confirmed the closure of Amazon Restaurants in the U.S., which ceases to operate June 24. It also hinted that layoffs were involved, as some people were finding new roles at Amazon while others were being assisted in finding new jobs outside the company.

“As of June 24th, we will be discontinuing the Amazon Restaurants business in the U.S.,” an Amazon spokesperson said. “A small fraction of Amazon employees are affected by this decision, and many of those affected have already found new roles at Amazon. Employees will be offered personalized support to find a new role within, or outside of, the company,” they added.

Amazon’s decision to exit restaurant meal delivery has had a positive impact on rivals’ stocks this morning, with a jump by Grubhub, which was up more than 5% on the news.


By Sarah Perez

Misfits Market raises $16.5 million for their ‘ugly’ produce subscription box

As grocery shopping moves online, one piece of the puzzle hasn’t been directly addressed: fresh fruits and vegetables. That also happens to be a category in which there is a ton of food waste, with a good deal of fruits and veggies never making it out of the grocery store to begin with.

Misfits Market has raised $16.5 million in Series A to handle just that.

Greenoaks Capital led the round, but Misfits isn’t disclosing other participants in the financing. Other Greenoaks Capital investments include Deliveroo, OYO, Clover Health, Brex and Discord.

Misfits Market offers a subscription box of “ugly” fruits and veggies, the ones with blemishes or odd shapes that make a grocery shopper think twice before checking out, each week.

Misfits sources these fruits and veggies straight from farms. This means that the extra time spent shipping them to a grocery store, and then sitting on shelves, is eliminated from the equation with Misfits.

The company currently operates in all zip codes in Pennsylvania, New York, New Jersey, Connecticut, Delaware, Massachusetts, Vermont, New Hampshire, Rhode Island, Maine and Ohio, with plans to expand into Washington, D.C., Maryland, Virginia, West Virginia, North Carolina, South Carolina, Georgia and Florida.

Currently, Misfits Market offers two different box options. The smaller box, called The Mischief, includes 10 to 12 pounds of fruits and veggies each week for $23.75 à la carte, or less than $20 as a weekly subscription. The Madness, Misfits’ bigger box, includes 18 to 20 pounds of fresh fruits and veggies for $42.50 as a one-time purchase, or for $34 as a subscription.

Users can pause their weekly subscription or cancel at any time.

CEO and founder Abhi Ramesh said the idea for Misfits Market started when he visited a farm a few years ago. The farmer was collecting apples that he said weren’t of the grade he could sell to grocery stores or farmers’ markets, and that they’d either be given away to neighbors or thrown away.

“That was my sort of romanticized light bulb moment,” said Ramesh.

He was fascinated and started interviewing farmers in the north east and asking them how much of their produce ended up going to waste because it wasn’t pretty enough for grocery stores. The answer was consistently between 20% and 40%.

Ramesh says there is an opportunity down the line to expand beyond fruits and veggies, but that for now the company is laser-focused on that category.

Since launching in 2018, Misfits has sent out 5 million pounds of produce that would have gone to waste otherwise.


By Jordan Crook

Uber and AT&T team up for always-on connectivity for Uber Copter and Uber Air

Uber is partnering with mobile network operator AT&T on the always-on connectivity it’ll require for its aerial transportation service network. The on-demand mobility company announced the team-up at its annual Elevate Summit, which brings together a number of key players working toward making affordable, accessible in-city aerial transit a reality.

Uber said that it’s already working with AT&T on the network it’ll use for Uber Copter, the Manhattan-to-JFK helicopter-based service that it’s launching in New York in July. The service is promising connection with ground transportation at both ends, and it’s also anticipating travel times and working backwards to provide transportation on-demand as needed to get passengers to their destination at the time they request. So, for instance, Uber Copter customers could say they need to be at JFK by 5 PM and the app will figure out when they need to get a car to get to the heliport to make that work.

This is just the first step in a broader-ranging partnership Uber Elevate Head of Product Nikhil Goel described that will eventually scale to cover all of its needs for Uber Air, the service it aims to provide that will provide on-demand short-distance air travel within cities, with a targeted launch time frame of 2023. Goel noted that this will also include leveraging AT&T’s 5G network as it rolls out, which should provide exactly the kind of high-bandwidth, always-on reliability needed for this kind of aerial and ground-based integrated transportation network.


By Darrell Etherington

Over 100 Goodwill stores are bringing their inventory to OfferUp

Goodwill and mobile marketplace app OfferUp have announced a new partnership focused on bringing Goodwill’s secondhand inventory to the millions of OfferUp shoppers, for both local pickup and delivery. The deal sees more than 100 Goodwill stores listing their inventory in OfferUp in New York, New Jersey, San Francisco, San Mateo and Marin Counties, South Florida, Greater Detroit, San Antonio and Central and Southern Indiana.

The move brings Goodwill’s pre-owned inventory to a modern mobile e-commerce platform, allowing staff to track sales and view the real-time flow of products, payments and data in one interface.

However, it’s not the first time Goodwill has gone online. The organization today runs its own e-commerce site, ShopGoodwill.com, and many of its local stores have a presence on eBay.

Via OfferUp, mobile users will now be able to browse their Goodwill’s local inventory in the app alongside other sellers’ content. New items will be uploaded regularly, and listed under the regional Goodwill handles so customers know they’re buying from Goodwill as opposed to an individual seller. These handles will feature a “Verified Business” badge, as well, and the profiles will include helpful information like the store hours, address and an “about us” section.

The partnership is powered by OfferUp’s new API, currently in beta testing, and Upright Labs’ Lister software, which handles the inventory uploads to OfferUp.

Goodwill will be responsible for managing its listings, including the product images, shipping, order management, financial reporting and auditing. It’s largely using OfferUp as another sales channel, instead of relying largely on foot traffic to its brick-and-mortar locations.

Like any other OfferUp user, Goodwill doesn’t have a financial relationship with the mobile marketplace.

If a customer buys a Goodwill item, they can go to their local store and pay with cash with no fee. However, if they choose to have the item shipped, OfferUp charges a 9.9% fee to cover shipping and handling across the 48 contiguous U.S. states. This is the same fee any other seller would pay on OfferUp.

The individual Goodwill stores can choose whether or not to offer shipping, the company also says. Some may opt to ship smaller items, like tech, games or jewelry, but only allow for local pickup if it’s a larger item, like furniture.

The two organizations had already been testing the system ahead of today’s formal announcement about availability. Though early, several Goodwill locations are reporting positive outcomes.

“We started to list furniture and other items from our stores on OfferUp in January, and the early results have been great. The majority of the items we post on OfferUp sell within 72 hours, and some have sold in as quickly as 10 minutes after being listed on the app,” said Jay Lytle, vice president and chief information officer, Goodwill of Central & Southern Indiana. “The exposure of our high-quality donations to so many new customers, coupled with the feedback and engagement we’ve experienced on OfferUp, has been tremendous for us,” he added.

“Potential shoppers were unaware of the great inventory that our local stores have for sale,” said Goodwill South Florida CEO David Landsberg, in a related statement. “OfferUp allows us to showcase large, pickup only inventory and increase foot traffic to stores. This also translates into new donors, and helps us fulfill our mission of training and employing people with disabilities and other barriers to work here in South Florida.”

OfferUp says it forged the deals with the individual stores in the supported regions, not at a national level, because Goodwill stores operate independently and because employee bandwidth and resources vary by store.

“Every store is looking to increase foot traffic, along with sales, and the leaders we’ve worked with manage multiple stores in heavily trafficked markets,” an OfferUp spokesperson explains. “With the OfferUp API and Upright Lab’s Listing Tool, employees can take a picture using a mobile device and instantly upload to OfferUp, so it’s improved the flow of receiving and selling their items,” they added.


By Sarah Perez

Opera launches a ‘gaming browser’ with Twitch integration

“You’re probably asking, ‘what is a gaming browser?,’ ” Opera PM Maciej Kocemba says in the opening of the Opera GX introduction video. Fair enough. My first thought when the Norwegian browser company mentioned the concept to me was something akin to Google Stadia, with remote game streaming.

Turns out a gaming browser — in this instance at least — is more about providing a custom browser for PC gamers, rather than a browser that does the heavy lifting for gaming itself. Instead, the system is more interested in minimizing system requirements as gamers game.

The browser’s central feature is the GX Control panel, which lets users determine how much of the system’s CPU and RAM are allotted to the browser. The idea being that gamers can, say, stream content from Twitch while playing, without slowing their computer to a crawl.

“Running a game might require a lot of effort from your machine. Even more so if you are streaming while you play,” says Kocemba in a release tied to today’s E3 announcement. “Before Opera GX, gamers often shut down their browsers in order to not slow down their gaming experience. We came up with the GX Control feature to make people’s games run more smoothly without requiring them to compromise on what they do on the Web.”

The other big piece here is Twitch integration, letting users log in to the service directly from the browser sidebar. They’ll also get notifications when streamers they follow go live. There are various other touches through out, including “sounds and animation inspired by gaming consoles” and other customizable design features.

You probably think this is all pretty gimmicky, and honestly, you’re not really wrong. Those who are interested can check out early access to the browser at E3 this week.


By Brian Heater

Some sage security advice after Radiohead’s unreleased music hack

Bad news: Radiohead was hacked.

Last week, a hacker stole the band’s lead singer Thom Yorke’s private minidisk archive from the band’s third album and subsequent major worldwide hit, “OK Computer.” The hacker demanded $150,000 or they’d release it to the public.

Stuck between a ransom and a hard place, Radiohead released the tapes themselves.

The recordings were “never intended for public consumption” and “only tangentially interesting,” the band said in a post on Facebook. But “instead of complaining – much – or ignoring it, we’re releasing all 18 hours on Bandcamp” in aid of Extinction Rebellion, a climate change group.

Until the end of the month, the stolen recordings will be available for £18 ($23).

There is, though, a lesson to be learned. Holding files for ransom is more common today than ever thanks to ransomware. The event isn’t too dissimilar from a ransomware event. Pay the ransom or lose your files — or worse, have them spread all over the internet. That’s a business’ worst nightmare. We’ve seen ransomware destroy the computer networks of some of the largest companies around the world, like Arizona Beverages, Norsk Hydro and shipping giant Maersk. Ransomware is now a multibillion-dollar business, and it’s growing.

But in any ransom-type situation, the FBI has long told victims of ransomware to never pay. Security experts agree. Simply put, you run the risk of losing your files even if they pay the demand.

ProPublica recently found that even some of the largest ransomware recovery companies are quietly paying the ransom — and passing on the costs to the victim — with mixed results. In many cases, paying the demand failed to recover the files.

If there’s one takeaway from the Radiohead hack, it’s never pay the ransom. Better yet, plan for the worst and have a backup just in case.

Two years after WannaCry, a million computers remain at risk


By Zack Whittaker

Liberty’s challenge to UK state surveillance powers reveals shocking failures

A legal challenge to the UK’s controversial mass surveillance regime has revealed shocking failures by the main state intelligence agency, which has broad powers to hack computers and phones and intercept digital communications, in handling people’s information.

The challenge, by rights group Liberty, led last month to an initial finding that MI5 had systematically breached safeguards in the UK’s Investigatory Powers Act (IPA) — breaches the Home Secretary, Sajid Javid, euphemistically couched as “compliance risks” in a carefully worded written statement that was quietly released to parliament.

Today Liberty has put more meat on the bones of the finding of serious legal breaches in how MI5 handles personal data, culled from newly released (but redacted) documents that it says describe the “undoubtedly unlawful” conduct of the UK’s main security service which has been retaining innocent people’s data for years.

The series of 10 documents and letters from MI5 and the Investigatory Powers Commissioner’s Office (IPCO), the body charged with overseeing the intelligence agencies’ use of surveillance powers, show that the spy agency has failed to meet its legal duties for as long as the IPA has been law, according to Liberty.

The controversial surveillance legislation passed into UK law in November 2016 — enshrining a system of mass surveillance of digital communications which includes a provision that logs of all Internet users’ browsing activity be retained for a full year, accessible to a wide range of government agencies (not just law enforcement and/or spy agencies).

The law also allows the intelligence agencies to maintain large databases of personal information on UK citizens, even if they are not under suspicion of any crime. And sanctions state hacking of devices, networks and services, including bulk hacking on foreign soil. It also gives U.K. authorities the power to require a company to remove encryption, or limit the rollout of end-to-end encryption on a future service.

The IPA has faced a series of legal challenges since making it onto the statute books, and the government has been forced to amend certain aspects of it on court order — including beefing up restrictions on access to web activity data. Other challenges to the controversial surveillance regime, including Liberty’s, remain ongoing.

The newly released court documents include damning comments on MI5’s handling of data by the IPCO — which writes that: “Without seeking to be emotive, I consider that MI5’s use of warranted data… is currently, in effect, in ‘special measures’ and the historical lack of compliance… is of such gravity that IPCO will need to be satisfied to a greater degree than usual that it is ‘fit for purpose’”.”

Liberty also says MI5 knew for three years of failures to maintain key safeguards — such as the timely destruction of material, and the protection of legally privileged material — before informing the IPCO.

Yet a key government sales pitch for passing the legislation was the claim of a ‘world class’ double-lock authorization and oversight regime to ensure the claimed safeguards on intelligence agencies powers to intercept and retain data.

So the latest revelations stemming from Liberty’s legal challenge represent a major embarrassment for the government.

“It is of course paramount that UK intelligence agencies demonstrate full compliance with the law,” the home secretary wrote in the statement last month, before adding his own political spin: “In that context, the interchange between the Commissioner and MI5 on this issue demonstrates that the world leading system of oversight established by the Act is working as it should.”

Liberty comes to the opposite conclusion on that point — emphasizing that warrants for bulk surveillance were issued by senior judges “on the understanding that MI5’s data handling obligations under the IPA were being met — when they were not”.

“The Commissioner has pointed out that warrants would not have been issued if breaches were known,” it goes on. “The Commissioner states that “it is impossible to sensibly reconcile the explanation of the handling of arrangements the Judicial Commissioners [senior judges] were given in briefings…with what MI5 knew over a protracted period of time was happening.”

So, basically, it’s saying that MI5 — having at best misled judges, whose sole job it is to oversee its legal access to data, about its systematic failures to lawfully handle data — has rather made a sham of the entire ‘world class’ oversight regime.

Liberty also flags what it calls “a remarkable admission to the Commissioner” — made by MI5’s deputy director general — who it says acknowledges that personal data collected by MI5 is being stored in “ungoverned spaces”. It adds that the MI5 legal team claims there is “a high likelihood [of material] being discovered when it should have been deleted, in a disclosure exercise leading to substantial legal or oversight failure”.

“Ungoverned spaces” is not a phrase that made it into Javid’s statement last month on MI5’s “compliance risks”.

But the home secretary did acknowledge: “A report of the Investigatory Powers Commissioner’s Office suggests that MI5 may not have had sufficient assurance of compliance with these safeguards within one of its technology environments.”

Javid also said he had set up “an independent review to consider and report back to me on what lessons can be learned for the future”. Though it’s unclear whether that report will be made public. 

We reached out to the Home Office for comment on the latest revelations from Liberty’s litigation. But a spokesman just pointed us to Javid’s prior statement. 

In a statement, Liberty’s lawyer, Megan Goulding, said: “These shocking revelations expose how MI5 has been illegally mishandling our data for years, storing it when they have no legal basis to do so. This could include our most deeply sensitive information – our calls and messages, our location data, our web browsing history.

“It is unacceptable that the public is only learning now about these serious breaches after the Government has been forced into revealing them in the course of Liberty’s legal challenge. In addition to showing a flagrant disregard for our rights, MI5 has attempted to hide its mistakes by providing misinformation to the Investigatory Powers Commissioner, who oversees the Government’s surveillance regime.

“And, despite a light being shone on this deplorable violation of our rights, the Government is still trying to keep us in the dark over further examples of MI5 seriously breaching the law.”


By Natasha Lomas