Tech News

Overnight, news broke that the National Ignition Facility, a U.S. government research lab, was the first to achieve net-positive nuclear fusion. When lasers hit the tiny fuel pellet, it created an explosion that released more energy than the lasers delivered.

For decades, fusion power has been just around the corner. Is this the moment we’ve all been waiting for?

Maybe.

First, the details: The Financial Times reported yesterday that the NIF had sparked a fusion reaction that generated 2.5 megajoules of energy, about 20% more than the 2.1 megajoules of laser energy that zapped the fuel pellet. If that holds up under scrutiny, it represents the first time that a controlled nuclear fusion experiment of any kind produced more power than it consumed.

The Lawrence Livermore National Laboratory, which houses the facility, has so far refused to confirm the report. But three outlets — the Financial Times, The Washington Postand Bloomberg — all cited sources familiar with the experiments. Energy Secretary Jennifer Granholm and Jill Hruby, the undersecretary for nuclear security, are expected to make an official announcement tomorrow.

“If this report is true, then this is just a huge scientific achievement in the pursuit of fusion,” said Carolyn Kuranz, an associate professor at the University of Michigan who has performed experiments at the NIF.

Investors have grown bullish on fusion in recent years, plowing $2.7 billion into startups in the last year alone. Advances in high-temperature superconductors, computing power and artificial intelligence have coincided to propel the field forward at a remarkably fast pace.

High-profile names like Breakthrough Energy Ventures, Khosla Ventures and Chris Sacca’s Lowercarbon Capital have made some significant investments in fusion power startups in recent years.

“There couldn’t be a more significant step toward fusion than what NIF has accomplished,” Sacca told TechCrunch. “So today we offer the naysayers our thoughts and prayers.”

Breakthrough fusion power announcement expected tomorrow. Here’s what it means by Tim De Chant originally published on TechCrunch

FTX’s fallen CEO, Sam Bankman-Fried, is scheduled to testify tomorrow as a witness before the U.S. House of Representatives Committee on Financial Services.

The committee is investigating the events that led up to FTX’s implosion, which resulted in the crypto exchange filing for bankruptcy last month. Prior to Bankman-Fried testifying, John J. Ray III, the new CEO of FTX, will speak to the House during its first panel.

The hearing, “Investigating the Collapse of FTX, Part I,” sounds like a movie title — and some parts of it probably feel like one, given how crazy this whole situation has become. But questions surrounding what really happened at FTX may remain unanswered; even though Bankman-Fried is scheduled to testify, there are still concerns he may get cold feet.

Last week, in a back-and-forth tweet exchange, California Representative Maxine Waters, the chairwoman of the House of Committee on Financial Services, invited Bankman-Fried to join the hearing on December 13. Bankman-Fried effectively declined.

That didn’t sit well with Waters, who noted that Bankman-Fried has been on a personal media tour, talking publicly to groups ranging from “Good Morning America” to the BBC.

Amid the possibility of a congressional subpoena to compel his attendance, Bankman-Fried tweeted back to Waters on December 9 that he is “willing to testify,” adding, “[T]here is a limit to what I will be able to say, and I won’t be as helpful as I’d like.” He claimed he does not have access to “much” of his data.

Although he skirted many questions from reporters, Bankman-Fried has still been rather chatty in recent weeks. Perhaps when he’s under oath before the U.S. government, it’ll be a different story.

Regardless, Bankman-Fried said in a tweet he will “try to be helpful” (after saying he won’t be as helpful as he’d like) and will talk about FTX US’ alleged solvency, resolutions to return value to users internationally, what he thinks led to the crash, and his “own failings.”

Last month, FTX bankruptcy hearings began in the U.S. Bankruptcy Court for the District of Delaware.

James Bromley, a partner at Sullivan & Cromwell and co-head of the firm’s global restructuring practice, said during the hearing FTX “laundered the world” in locations including Berkeley, California; Hong Kong; Miami; Chicago; and the Bahamas.

A few days before the initial bankruptcy hearing, in a November 17 filing with the same court, Ray, who was brought in to clean up the Enron scandal, said there was a “complete absence of trustworthy financial information.”

“Never in my career have I seen such a complete failure of corporate controls and such a complete absence of trustworthy financial information as occurred here,” Ray said at the time.

Tomorrow’s hearing is the first of many with the House that aim to uncover what happened internally that caused one of the largest centralized crypto exchanges in the world to fall so hard and so fast.

SBF scheduled to testify tomorrow at US House hearing on FTX collapse by Jacquelyn Melinek originally published on TechCrunch

The correct amount of money to raise for your startup is “as much as you need to hit the milestones to raise your next round of funding.” It isn’t rocket science, and yet, the vast majority of founders I talk to are very fuzzy about exactly how much money that is, and there are a lot of misconceptions about how you figure out how much you need to raise.

To be a startup on the VC treadmill is a staged de-risking of a business proposition. In other words: Right now, your company is very risky indeed because certain parts of your business are unknown. This is why you need to put together a minimum viable product (which is neither minimum, nor viable, or a product) to test out part of your business model. Once those things are tested and proven, the risk of the business goes down, and you can raise your next round of funding to take on the next part of the journey.

The first mistake a lot of founders make is to try to raise enough money for a certain amount of runway, measured in months or years. That makes some sense, but investors are not interested in keeping your startup afloat for the next 18 or 24 months. They’re interested in keeping you alive for long enough to deliver certain milestones, which in turn are a proxy of risk reduction.

Let’s take a deep dive into how you can best design your startup’s journey through the various stages of funding — and detail just how much you need to raise at each stage.

Milestone-driven fundraising

The best way to think about how much you need to raise for this round is to consider what you need to accomplish to raise your next round. That means considering the specific milestones that you must hit to prove that your company is moving in the right direction. These milestones might include:

How much money should you raise for your startup? by Haje Jan Kamps originally published on TechCrunch

After announcing the relaunch of Twitter Blue over the weekend, Twitter updated its terms to require phone number verification for users who want to purchase the subscription. The company said that if you haven’t verified your phone number, you will be prompted to do so while buying the subscription plan.

What’s more, the company may also prevent users who have changed their handle (username), display name, or profile picture within the last seven days from purchasing the Twitter Blue subscription.

“Twitter accounts that haven’t been active within the last 30 days or that have changed their profile photo, display name, or username (aka @handle) within the previous seven days may also be unable to sign up. Subscribers will also need a verified phone number,” the company’s updated terms stated.

This is in addition to the previous requirement that newly created accounts can’t sign up for Twitter Blue for 90 days. Twitter said that folks who subscribe to the Twitter Blue plan may not see the checkmark immediately as it plans to check if the account doesn’t violate its requirements for verification. Apart from the above-mentioned conditions, these requirements say that the account shouldn’t show “signs of being misleading or deceptive” and shouldn’t engage in “platform manipulation and spam”.

“All Twitter Blue features will be available immediately except the blue checkmark, which may take time to appear to ensure review of subscribed accounts meets all requirements,” Twitter said on the FAQ page for Twitter Blue.

Last month, Musk mentioned that all accounts undergoing verification will be manually verified — which was exactly the process Twitter followed with legacy verification.

All these steps are aimed at preventing impersonation and spam. When Elon Musk’s version of Twitter Blue with a verification mark first launched in November, a ton of accounts began to ape brands, celebrities, and athletes. The mayhem caused by that forced Musk to pause the program until there were steps in place to prevent that from happening again.

Twitter will require phone number verification to purchase a Twitter Blue subscription by Ivan Mehta originally published on TechCrunch

TechCrunch noted a week ago that an investor in Coupa was sounding the alarm that the software company might be sold to private equity for a price below what the money manager felt was fair. The plea went unanswered, with Coupa selling for a discount to what the investor had demanded as a minimum, we reported this morning.

That the deal happened so quickly after the warning is not surprising. The investor in question wouldn’t have tried to make unseemly public noise unless something was imminent. That the deal got done at the price it did, however,is notable. How come? Because private equity has more money than god and tech is cheaper than it has been in ages.

The Exchange explores startups, markets and money.

Read it every morning on TechCrunch+ or get The Exchange newsletter every Saturday.

The combination, in light of the Coupa sale, makes us wonder if tech is about to discover itself amid a fire sale — a situation where the balance of power is not in its hands. This could apply to public tech companies and those that have yet to pull the trigger on an IPO for one reason or another. Neither cohort is in great valuations shape, making them similarly vulnerable.

Private equity could be gearing up to shop for vulnerable tech companies by Alex Wilhelm originally published on TechCrunch

Jeff Bezos-headed company Blue Origin is getting its own kid-friendly animated space adventure series called “Blue Origins Space Rangers,” production companies Genius Brands and SMAC Productions announced today. A premiere date hasn’t been set.

The children’s series will feature the voices of Bezos, who founded his space tourism business Blue Origin in 2000, as well as “Good Morning America” co-host Michael Strahan, who was a passenger in December 2021 on Blue Origin NS-19 on a 10-minute spaceflight. Bezos took his supersonic joy ride to space in July 2021.

“Blue Origins Space Rangers” will also include voice talent of other guest stars like junior astronauts, celebrities and “adult leaders,” the announcement wrote.

The upcoming series claims to be a learning opportunity for future astronauts and STEAM students as humans continue investigating this new era of space travel — a.k.a. billionaires visiting outer space for funsies. Of course, the side benefit is that it makes ultra-unrelatable Bezos a tad more human for an impressionable audience.

Blue Origin is also the center of the film “HELIOS,” which is set to premiere in 2023 and features Orbital Reef, the in-progress private space station, and the Amazon documentary “Shatner in Space,” which explores 90-year-old “Star Trek” actor William Shatner’s journey to space last year.

Jeff Bezos and GMA host Michael Strahan star in new Blue Origin kids’ space show by Lauren Forristal originally published on TechCrunch

A little-known phone monitoring app called Xnspy has stolen data from tens of thousands of iPhones and Android devices, the majority whose owners are unaware that their data has been compromised.

Xnspy is one of many so-called stalkerware apps sold under the guise of allowing a parent to monitor their child’s activities, but are explicitly marketed for spying on a spouse or domestic partner’s devices without their permission. Its website boasts, “to catch a cheating spouse, you need Xnspy on your side,” and, “Xnspy makes reporting and data extraction simple for you.”

Stalkerware apps, also known as spouseware, are surreptitiously planted by someone with physical access to a person’s phone, bypassing the on-device security protections, and are designed to stay hidden from home screens, which makes them difficult to detect. Once installed, these apps will silently and continually upload the contents of a person’s phone, including their call records, text messages, photos, browsing history, and precise location data, allowing the person who planted the app near complete access to their victim’s data.

But new findings show many stalkerware apps are riddled with security flaws and are exposing the data stolen from victims’ phones. Xnspy is no different.

Security researchers Vangelis Stykas and Felipe Solferini spent months decompiling several known stalkerware apps and analyzing the edges of the networks that the apps send data to. Their research, presented at BSides London this month, identified common and easy to find security flaws in several stalkerware families, including Xnspy, such as credentials and private keys left behind in the code by the developers and broken or nonexistent encryption. In some cases the flaws are exposing the victims’ stolen data, now sitting on someone else’s insecure servers.

During their research, Stykas and Solferini discovered clues and artifacts that identified the individuals behind each operation, but they declined to share details of the vulnerabilities with the stalkerware operators or publicly disclose details about the flaws for fear that doing so would benefit malicious hackers and further harm victims. Stykas and Solferini said that all of the flaws they found are easy to exploit and have likely existed for years.

Others have waded into murkier legal waters by exploiting those easy-to-find vulnerabilities with the apparent aim of exposing stalkerware operations as a form of vigilantism. A huge cache of internal data taken from the servers of TheTruthSpy stalkerware and its affiliate apps and given to TechCrunch earlier this year allowed us to notify thousands of victims whose devices were compromised.

Since our investigation into TheTruthSpy, TechCrunch has obtained further caches of stalkerware data, including from Xnspy, exposing their operations and the individuals who profit from the surveillance.

Data seen by TechCrunch shows Xnspy has at least 60,000 victims dating back to 2014, including thousands of newer compromises recorded as recently as 2022. The majority of victims are Android owners, but Xnspy also has data taken from thousands of iPhones.

Many stalkerware apps are built for Android since it is easier to plant a malicious app than on an iPhone, which have tighter restrictions on which apps can be installed and what data can be accessed. Instead of planting a malicious app, stalkerware for iPhones tap into a device’s backup stored in Apple’s cloud storage service iCloud.

With a victim’s iCloud credentials, the stalkerware continually downloads the device’s most recent iCloud backup directly from Apple’s servers without the owner’s knowledge. iCloud backups contain the majority of a person’s device data, allowing the stalkerware to steal their messages, photos, and other information. Enabling two-factor authentication makes it far more difficult for malicious individuals to compromise a person’s online account.

The data we have seen contains over 10,000 unique iCloud email addresses and passwords used for accessing a victim’s cloud-stored data, though many of the iCloud accounts are connected to more than one device. Of that number, the data contains more than 6,600 authentication tokens, which had been actively used to exfiltrate victims’ device data from Apple’s cloud, though many had expired. Given the possibility of ongoing risk to victims, TechCrunch provided the list of compromised iCloud credentials to Apple before publication.

The Xnspy data we obtained was unencrypted. It also included information that further unmasked Xnspy’s developers.

Konext is a small development startup in Lahore, Pakistan, manned by a dozen employees, according to its LinkedIn page. The startup’s website says the startup specializes in “bespoke software for businesses that seek all-in-one solutions,” and claims to have built dozens of mobile apps and games.

What Konext doesn’t advertise is that it develops and maintains the Xnspy stalkerware.

The data seen by TechCrunch included a list of names, email addresses, and scrambled passwords registered exclusively to Konext developers and employees for accessing internal Xnspy systems.

The cache also includes Xnspy credentials for a third-party payments provider that are tied to the email address of Konext’s lead systems architect, according to his LinkedIn, and who is believed to be the principal developer behind the spyware operation. Other Konext developers used credit cards registered to their own home addresses in Lahore for testing the payment systems used for Xnspy and TrackMyFone, an Xnspy clone also developed by Konext.

Some of Konext’s employees are located in Cyprus, the data shows.

Konext, like other stalkerware developers, makes a concerted effort to conceal its activities and the identities of its developers from public view, likely to shield from the legal and reputational risks that come with facilitating covert surveillance on a massive scale. But coding mistakes left behind by Konext’s own developers further link its involvement in developing stalkerware.

TechCrunch found that Konext’s website is hosted on the same dedicated server as the website for TrackMyFone; and Serfolet, a Cyprus-based entity with a conspicuously barebones website, which Xnspy says processes refunds on behalf of its customers. No other websites are hosted on the server.

TechCrunch contacted Konext’s lead systems architect by email for comment, both to his Konext and Xnspy email addresses. Instead, a person named Sal, whose Konext email address was also in the data but declined to provide their full name, responded to our email. Sal did not dispute or deny the company’s links to Xnspy in a series of emails with TechCrunch, but declined to comment. When asked about the number of compromised devices, Sal appeared to confirm his company’s involvement, saying in one email that “the figures you quoted don’t match with what we have.” When asked for clarity, Sal did not elaborate.

Xnspy is the latest in a long list of flawed stalkerware apps: mSpy, Mobistealth, Flexispy, Family Orbit, KidsGuard, and TheTruthSpy have all exposed or compromised their victims’ data in recent years.

If you or someone you know needs help, the National Domestic Violence Hotline (1-800-799-7233) provides 24/7 free, confidential support to victims of domestic abuse and violence. If you are in an emergency situation, call 911. The Coalition Against Stalkerware also has resources if you think your phone has been compromised by spyware. You can contact this reporter on Signal and WhatsApp at +1 646-755-8849 or zack.whittaker@techcrunch.com by email.

Read more:

Inside TheTruthSpy, the stalkerware network spying on thousands
TheTruthSpy exposed: Check if your Android device was compromised
Your Android phone could have stalkerware, here’s how to remove it
KidsGuard stalkerware app leaked phone data from thousands of victims

Xnspy stalkerware spied on thousands of iPhones and Android devices by Zack Whittaker originally published on TechCrunch

Rivian and Mercedes-Benz have paused plans to produce electric commercial vans in Europe just three months after the two automakers announced the partnership.

Rivian shares fell as much as 3.4% before rebounding slightly. Rivian shares are trading at $26.62, down 2.46% since the market opened.

Mathias Geisen, head of Mercedes-Benz Vans, said the collaboration with the Rivian team has been based on a common engineering passion and a strong spirit of partnership. “That’s why I respect and understand the decision of Rivian to prioritize the delivery of their consumer business and existing commercial business in the near-term,” he said in a statement.

Geisen added that the company’s electrification strategy at Mercedes-Benz Vans remains unchanged and the ramp-up plan for its new EV manufacturing site in Jawor, Poland is not affected.

Rivian founder and CEO RJ Scaringe said in a statement that as the company evaluates growth opportunities, it pursues the best risk-adjusted returns on its capital investments.

“At this point in time, we believe focusing on our consumer business, as well as our existing commercial business, represent the most attractive near-term opportunities to maximize value for Rivian,” he said.

For Rivian, that means sticking to North America, where it produces and sells its two consumer vehicles — the R1T truck and R1S SUV — as well as a commercial van for Amazon.

Last month, Rivian said in its third-quarter earnings report that it remained on track to hit its annual production target of 25,000 vehicles despite unpredictable supply chain crunches and component shortages.

Still, the company has had to pull back on other growth plans as macroeconomic headwinds persist and costs rise. Rivian said in its Q3 report it was delaying its next-generation R2 platform until at least 2026. With the Mercedes deal now paused and the R2 platform, all eyes will be on present-day problems and achievements like production and deliveries of its three existing vehicles, operations at its existing facilities and construction progress at its new factory in Georgia.

Rivian and Mercedes ‘pause’ plans to produce electric commercial van by Kirsten Korosec originally published on TechCrunch

Twitter announced over the weekend that Community Notes are now visible around the world. Community Notes, which was previously known as Birdwatch, is the social media giant’s crowdsourced fact-checking system.

The feature allows users to add context to tweets and takes an open-source approach toward debunking misinformation. Moderators who are part of the program can add notes to tweets to add context and users can then vote if they determine the context to be helpful. Prior to this global expansion, Community Notes were only visible to users in the U.S. Twitter plans to add moderators from other regions soon.

“People everywhere can now see and rate notes, helping to ensure notes are helpful to those from a wide range of views,” Twitter said in a tweet about the global launch.

A few weeks ago, Community Notes received an update that the company claims will help to identify more “low quality” fact checks. As a result, more of the contributors who write these unhelpful annotations will lose their writing ability, Twitter said, requiring those users to earn back their “contributor” status. The algorithm change involves scoring notes where contributors explain why a tweet shouldn’t be deemed misleading.

Birdwatch rebranded to “Community Notes” shortly after Elon Musktook ownership of Twitter and is something the new CEO sees as key to the future of Twitter’s moderation, as he believes it “is a gamechanger for improving accuracy on Twitter.”The original idea behind Community Notes was to create a system that would add a layer of fact-checking and context to tweets that don’t necessarily violate Twitter’s rules. But in the Musk era, Community Notes may play an even larger role as Twitter now employs far fewer moderators following its layoffs.

The expanded visibility of Community Notes comes as Twitter officially brought back the Twitter Blue subscription. Web sign-ups will cost $8 per month and iOS sign ups will cost $11 per month for “access to subscriber-only features, including the blue checkmark,” per atweetfrom the company account.

Twitter begins rolling out its Community Notes feature globally by Aisha Malik originally published on TechCrunch

Dan Roy, a former software engineer at Delta, says he witnessed firsthand the challenges companies face when making the shift from an on-premises model to a software-as-a-service business. Accucast, where he served as CTO after leaving Delta, struggled with this as it pitched software and services for email marketing. The solution, he came to believe, was a hybrid approach — one that directly accesses brands’ first-party data instead of relying on cloud data syncs.

Roy founded MessageGears in 2011 with Taylor Jones, a colleague, to productize this solution. The company’s platform uses data where it lives in the format it’s already in to give companies a suite of marketing tools in the cloud.

“This approach was embraced by early adopters such as Expedia and Rakuten but really started to gain traction as more brands started moving first-party data to more modern cloud data warehouses such as BigQuery, Redshift and Snowflake,” CEO Roger Barnette told TechCrunch in an email interview. (In computing, a “data warehouse” is a system used for reporting and data analysis.) “The ‘old way’ of copying and syncing data between systems diluted the benefits of those solutions for big brands.”

MessageGears, which today announced that it raised $62 million in a funding round led by Long Ridge Equity Partners, offers features including customer segmentation and marketing message personalization. The platform can orchestrate the delivery of messages across different channels (think email and text), drawing on data stored in existing data warehouses.

According to Barnette, the goal is to improve overall customer engagement by personalizing brand experiences. It’s easier said than done. A recent report released by London Research and BlueVenn found that, globally, only 29% of client-facing companies felt they’d established a seamless experience across their digital properties. A separate poll by Omdia highlighted issues with data visibility; 55% of respondents said that silos prevent a holistic view of their customer experience data.

“While the primary users of MessageGears are marketing teams, marketing operations and data teams are usually heavy champions throughout the procurement process,” Barnette said. “Technical teams can help marketing deliver world-class campaigns without sacrificing data security. They don’t have to worry about syncing or lag time and can empower marketers with the flexibility to build audiences and campaigns using live data.”

Companies might be wary of having customer data passed through a third-party service like MessageGears, particularly in light of the global rise in data breaches. Barnette insisted that brands don’t have to copy any sensitive data to a separate silo, though, claiming that MessageGears only decrypts customer records for the purpose of fulfilling campaigns and to “suppress sensitive data” from the platform’s visual dashboards.

“All campaign filtering and segmentation executes within the customer’s data environment. Only data required to personalize a message is passed to our cloud environment,” Barnette added. “All personally identifiable information (PII) is encrypted both during transmission and at rest. Additionally, all PII and campaign data is redacted immediately following delivery.”

MessageGears competes with customer engagement software vendors including Batch, which last year raised $23 million to expand its services for customer segmentation and messaging. It has another rival in MoEngage, which landed a $30 million investment this past December for its multi-channel analytics and campaign-organizing tools. That’s not to mention Iterable, Cordial, Oracle Responsys, Adobe Campaign, Emarsys and Zeta Global.

It’s safe to say MessageGears has a foothold in the market, though, with an over-50-company customer base that includes Expedia, T-Mobile, Rakuten and Chick-fil-A. Barnette didn’t answer a question about MessageGears’ revenue and burn rate, and said that the startup doesn’t have plans to grow its 102-person workforce by the end of the year. But he asserted that the startup is positioned for growth.

“With the economic headwinds, tech companies especially are reducing their headcount and battening down the hatches, which will idle innovation,” Barnette said. “The pandemic accelerated growth for MessageGears as retailers and other consumer brands sped up and prioritized digital transformations and looked to become more efficient while standing out to their customers with relevant, personalized offers … MessageGears benefits enterprise brands in three ways: cost savings, efficiency gains, and [d]eeper personalization.”

Argentum Group and Atlanta Ventures also participated in MessageGears’ latest growth round, which brought the startup’s total raised to just over $80 million. As a part of the fundraising, Long Ridge’s Angad Singh joined MessageGears’ board of directors.

MessageGears, a cloud customer engagement platform, raises $62M by Kyle Wiggers originally published on TechCrunch