Microsoft warns Windows 7 users of looming end to security updates

Microsoft has rolled out a patch that will warn Windows 7 users that security updates will soon come to an end.

The patch rolled out Wednesday warning users of the impending deadline, January 14, 2020, when the software giant will no longer roll out fixes for security flaws and vulnerabilities. The deadline comes some ten years after Windows 7 first debuted in 2009, more than half a decade before Microsoft’s most recent operating system Windows 10 was introduced.

Microsoft’s move to stop issuing security updates is part of the company’s ongoing effort to push users to its latest software, which stands on a greater security foundation and improvements to mitigate attacks.

Starting April 18, users on Windows 7 will begin receiving warnings about the approaching cut-off.

Windows 7 still commands some 40 percent of the desktop market, according to Net Applications. With exactly 300 days before the deadline, the clock is ticking on consumer security support.

Enterprise customers have the option to pay for extended security updates until 2023.

For years, Microsoft allowed Windows 7 users to upgrade to Windows 10 for free to try to encourage growth and upgrades. With those incentives gone, many only have the lack of security updates to look ahead to, which will put business data and systems at risk of cyberattack.

It’s almost unheard of for Microsoft to patch end-of-life software. In 2017, Microsoft released rare security patches Windows XP — retired three years earlier — to prevent the spread of WannaCry, a ransomware strain that piggybacked off leaked hacking tools, developed by the National Security Agency.

The ransomware outbreak knocked schools, businesses and hospitals offline.

Windows 7’s successor, Windows 8, will continue to receive updates until January 10, 2023.

Xiaomi Q4 sees strong growth in overseas shipment and internet services

Xiaomi, the Chinese company known for its cheap handsets and a vision to drive revenues by selling internet services, has come in ahead of analysts’ estimates in its fourth-quarter profit although revenues missed expectations.

The Hong Kong-listed company more than tripled its net profit to 1.85 billion yuan ($276 million), exceeding the 1.7 billion yuan average estimate, Reuters reported citing Refinitiv data. However, revenue from the quarter missed the 47.4 billion yuan expectation, rising 26.5 percent to 44.4 billion yuan ($6.62 billion).

Xiaomi singled out overseas markets in its latest earnings report as the segment grew 118.1 percent to make up 40 percent of its total revenue in the fourth quarter, compared with just 28 percent for the year-earlier period. Xiaomi has been particularly well-received in India, where it holds a leading position in smartphone shipments according to market researcher Canalys, and it’s seeing rapid growth in western Europe.

Unlike conventional smartphone makers that are fixated on selling hardware, Xiaomi runs what it calls a “triathlon” business model comprising of hardware, software and retail. To put it in layman’s terms, the company is selling hardware through its network of online and offline stores, upon which users will consume the app services and in-app ads that come with its smartphones, smartwatches, smart air purifiers and hundreds of other connected devices.

Xiaomi has repeatedly billed itself as an “internet” firm, though so far smartphones are still its main economic driver, accounting for 65.1 percent of overall revenue in Q4. Despite a sluggish year for smartphone brands around the world, Xiaomi handsets grew nearly 30 percent to 118.7 million units in sales last year. The company predicted back in October that it was on course to hit the 100 million sales mark that month.

25.1 percent of Xiaomi’s Q4 revenue went to smart devices (excluding phones) and lifestyle items, representing an 87 percent year-over-year growth. The latter category, which ranges from umbrellas and suitcases to clothes and shoes, is pivotal to Xiaomi’s goal to attract more female users, an effort that has seen the company team up with selfie app maker Meitu. 

Internet services remain as Xiaomi’s smallest segment, bringing in only 9.1 percent of total revenue and growing at 61 percent year-over-year. But the highly lucrative business is bound to carry more load in the future as Xiaomi has promised to keep profit margins for smartphones and hardware under 5 percent.

Gross profit margin from Xiaomi’s internet services increased to 64.4 percent in 2018, up from 60.2 percent in 2017 driven by a higher-margin advertising business. The number is well above the 6.2 percent profit margin for Xiaomi smartphones, and the firm can potentially generate more internet-based income if it’s able to step up monetization of the 242.1 million monthly users on its ecosystems apps.

The headline has been corrected.

Toyota doubles down on Nvidia tech for self-driving cars

Toyota is deepening its relationship with Nvidia as the automaker, and its research arms in Japan and the U.S., ramps up its autonomous vehicle development program.

Nvidia CEO Jensen Huang announced Monday during his keynote at the 2019 GPU Technology Conference that Toyota Research Institute-Advanced Development — the automaker’s Japan-based research arm — is using the chipmaker’s full end-to-end development and production to develop, train and validate its autonomous vehicle technology. The partnership builds on an ongoing collaboration with Toyota and is based on development between engineering teams from Nvidia, TRI-AD in Japan and Toyota Research Institute in the United States.

This new agreement means Toyota will use Nvidia’s platform for training deep neural networks, testing, validation and eventual deployment for its cars. Toyota is also using Nvidia’s newly released AV simulator Drive Constellation, which is now available to customers. Toyota is the first customer to use Constellation, a cloud based platform that enables autonomous vehicle developers to test their technology in the virtual world. 

In short, Toyota is going to use Nvidia’s technology for the entire workflow or process to develop autonomous vehicles.

“Close collaboration is really our business model,” Danny Shapiro, Nvidia’s senior director of automotive said Monday. “It’s our way of developing jointly and building the Nvidia drivers platform.”

Nvidia and Toyota have been collaborating for several years now. Toyota announced in 2017 it would use Nvidia’s Drive PX supercomputer, a platform with a processor called Xavier, to power the autonomous driving systems inside its future cars.

Toyota, and its research arms TRI and Japan-based TRI-AD, are taking a dual approach to autonomy.

Toyota intends to eventually deploy fully autonomous cars that would serve elderly and disabled people under its so-called Chauffeur system. The automaker is also working on “Guardian,” a system for production vehicles that will operate in the background and step in when needed. The driver is always driving, but Guardian is watching, sensing and anticipating problems. 

It’s unclear if Toyota will use Nvidia’s platform for the development of the Guardian system or fully autonomous vehicles.

“Our vision is to enable self-driving vehicles with the ultimate goal of reducing fatalities to zero, enabling smoother transportation, and providing mobility for all,” TRI-AD CEO James Kuffner said in a statement. “Our technology collaboration with Nvidia is important to realizing this vision. We believe large-scale simulation tools for software validation and testing are critical for automated driving systems.”

Toyota is just one of several automotive partnerships Nvidia has locked in since 2015 when it introduced its original architecture for autonomous vehicles, a supercomputer platform called Drive PX. The original platform was designed to process all of the data coming from the vehicle’s cameras and sensors and then use an AI algorithm-based operating system and a cloud-based, high-definition 3D map to help the car understand its environment, know its location, and anticipate potential hazards while driving. 

Transportation Weekly: Waymo unleashes laser bear, Bird spreads its wings, Lyft tightens its belt

Welcome back to Transportation Weekly; I’m your host Kirsten Korosec, senior transportation reporter at TechCrunch . This is the fifth edition of our newsletter and we love the reader feedback. Keep it coming.

Never heard of TechCrunch’s Transportation Weekly? Catch up here, here and here. As I’ve written before, consider this a soft launch. Follow me on Twitter @kirstenkorosec to ensure you see it each week. (An email subscription is coming). 

This week, we explore the world of light detection and ranging sensors known as LiDAR, young drivers, trouble in Barcelona, autonomous trucks in California, and China among other things.


ONM …

There are OEMs in the automotive world. And here, (wait for it) there are ONMs — original news manufacturers. (Cymbal clash!) This is where investigative reporting, enterprise pieces and analysis on transportation lives.

This week, we’re going to put our on analysis hats as we explore the world of LiDAR, a sensor that measures distance using laser light to generate highly accurate 3D maps of the world around the car. LiDAR is considered by most in the self-driving car industry (Tesla CEO Elon Musk being one exception) a key piece of technology required to safely deploy robotaxis and other autonomous vehicles.

There are A LOT of companies working on LiDAR. Some counts track upwards of 70. For years now, Velodyne has been the primary supplier of LiDAR sensors to companies developing autonomous vehicles. Waymo, back when it was just the Google self-driving project, even used Velodyne LiDAR sensors until 2012.

Dozens of startups have sprung up with Velodyne in its sights. But now Waymo has changed the storyline.

To catch you up: Waymo announced this week that it will start selling its custom LiDAR sensors — the technology that was at the heart of a trade secrets lawsuit last year against Uber.

Waymo’s entry into the market doesn’t necessarily upend other companies’ plans. Waymo is going to sell its short range LiDAR, called Laser Bear Honeycomb, to companies outside of self-driving cars. It will initially target robotics, security and agricultural technology.

It does put pressure on startups, particularly those with less capital or those targeting the same customer base. Pitchbook ran the numbers for us to determine where the LiDAR industry sits at the moment. There are two stories here: there are a handful of well capitalized startups and we may have reached “peak” LiDAR. Last year, there were 28 VC deals in LiDAR technology valued at $650 million. The number of deals was slightly lower than in 2017, but the values jumped by nearly 34 percent.

The top global VC-backed LiDAR technology companies (by post valuation) are Quanergy, Velodyne (although mostly corporate backed), Aurora (not self-driving company Aurora Innovation), Ouster, and DroneDeploy. The graphic below, also courtesy of Pitchbook, shows the latest figures as of January 31, 2019.

Dig In

Researchers discovered that two popular car alarm systems were vulnerable to a manipulated server-side API that could be abused to take control of an alarm system’s user account and their vehicle.

The companies — Russian alarm maker Pandora and California-based Viper (or Clifford in the U.K.) — have fixed the  security vulnerabilities that allowed researchers to remotely track, hijack and take control of vehicles with the alarms installed. What does this all mean?

Our in-house security expert and reporter Zack Whittaker digs in and gives us a reality check. Follow him @zackwhittaker.

Since the first widely publicized car hack in 2015 proved hijacking and controlling a car was possible, it’s opened the door to understanding the wider threat to modern vehicles.

Most modern cars have internet connectivity, making their baseline surface area of attack far greater than a car that doesn’t. But the effort that goes into remotely controlling a vehicle is difficult and convoluted, and the attack — often done by chaining together a set of different vulnerabilities — can take weeks or even longer to develop.

Keyfob or replay attacks are far more likely than say remote attacks over the internet or cell network. A keyfob sends an “unlock” signal, a device captures that signal and replays it. By replaying it you can unlock the car.

This latest car hack, featuring flawed third-party car alarms, was far easier to exploit, because the alarm systems added a weakness to the vehicles that weren’t there to begin with. Car makers, with vast financial and research resources, do a far greater job at securing their vehicle than the small companies that focus on functionality over security. For now, the bigger risk comes from third parties in the automobile space, but the car makers can’t afford to drop their game either.


A little bird …

We hear a lot. But we’re not selfish. Let’s share.

blinky-cat-bird

The California Department Motor Vehicles is the government body that regulates autonomous vehicle testing on public roads. The job of enforcement falls to the California Highway Patrol.

In an effort to gauge the need for more robust testing guidelines, the California Highway Patrol decided to hold an event at its headquarters in Sacramento. Eight companies working on autonomous trucking technology were invited. It was supposed to be a large event with local and state politicians in attendance. And it was supposed to validate autonomous trucking as an emerging industry.

There’s just one problem: only one AV trucking company is willing and able to complete this course. We hear that this AV startup actually already went ahead and completed the test course.

The California Highway Patrol has postponed event, for now, presumably until more companies can join.

Got a tip or overheard something in the world of transportation? Email me or send a direct message to @kirstenkorosec.


Deal of the week

Instead of highlighting one giant deal, let’s step back and take a broader view of mobility this week. The upshot: 2018 saw a decline in total investments in the sector and money moved away from ride-hailing and towards two-wheeled transportation.

According to new research from EY, mobility investments in 2018 reached $39.1 billion, down from $55.2 billion in the previous year. (The figures EY provided was through November 2018).

Ride-hailing companies raised $7.1 billion in 2018, a 73 percent decline from the previous year when $26.7 billion poured into this sector.

Investors, it seems, are shifting their focus to other business models, notably first and last-mile connectivity. EY estimates $7 billion was invested in two-wheeler mobility companies such as bike-sharing and electric scooters in 2018. The U.S. and China together have contributed to more than 80 percent of overall two-wheeler mobility investments this year alone, according to EY research shared with TechCrunch.

Other deals:


Snapshot

Let’s talk about Generation Z, that group of young people born 1996 to the present, and one startup that is focused on turning that demographic into car owners.

There’s lots of talk and hand wringing about young people choosing not to get a driver’s license, or not buying a vehicle. In the UK, for instance, about 42 percent of young drivers aged 17 to 24, hold a driver’s license. That’s about 2.7 million people, according to the National Travel Survey 2018 (NTS) of the UK government’s department of transport. An additional 2.2 million have a provisional or learner license. Combined, that amounts to about 13 percent of the car driving population of the UK.

In the UK, evidence suggests that a rise in motoring costs have discouraged young people from learning. And there lies one opportunity that a new startup called Driver1 is targeting.

Driver 1 is a car subscription service designed exclusively for first car drivers aged 17 to 24. The company has been in stealth mode for about a year and is just now launching.

“The young driver market is being underserved by the car industry, Driver1 founder Tim Hammond told TechCrunch. “And primarily it’s the financing that’s not available for that age group. It’s also something that’s not really affordable for any of the car subscription models like Fair.com and it’s not suitable for the OEM subscription services either financially or from an age perspective for young drivers.”

The company’s own research has found this group wants a newer car for 12 to 15 months.

“The car is the extension of their device,” Hammond said, noting these drivers don’t want the old junkers. “They want their iPhones and they want the car that goes with it.”

The company is working directly with leasing companies — not dealerships — to provide young drivers with 3 to 5-year-old cars that have lost 60 percent or so of their value. Driver1 is targeting under $120 a month for the customer and has a partnership with remarketing company Manheim, which is owned by Cox Automotive.

The startup is focused on the UK for now and has about 600 members who have reserved their cars for purchase. Driver1 is aiming to capture about 10 percent of the 1 million or so young people in the UK who pass their learners permit each year. The company plans it expand to France and other European countries in the fall.


Tiny but mighty micromobility

Bird Rocking Out GIF - Find & Share on GIPHY

Ca-caw, ca-caw! That’s the sound of Bird gearing up to launch Bird Platform in New Zealand, Canada and Latin America in the coming weeks. The platform is part of Bird’s mission to bring its scooters across the world “and empower local entrepreneurs in regions where we weren’t planning to launch to run their own electric-scooter sharing program with Bird’s tech and vehicles,” Bird CEO Travis VanderZanden told TechCrunch.

MRD’s two cents: Bird Platform seems like a way for Bird to make extra cash without having to do any of the work i.e. charging the vehicles, maintaining them and working with city officials to get permits. Smart!

Meanwhile, the dolla dolla bills keep pouring into micromobility. European electric scooter startup Voi Technology raised an additional $30 million in capital. That was on top of a $50 million Series A round just three months ago.

Oh, and because micromobility isn’t just for startups, Volkswagen decided to launch a kind of weird-looking electric scooter in Geneva. Because, why not?

Megan Rose Dickey

One more thing …

Lyft is trimming staff to prepare for its IPO. TechCrunch’s Ingrid Lunden learned that the company has laid off about 50 staff in its bike and scooter division. It appears most of these folks are people who joined the Lyft through its acquisition of  electric bike sharing startup Motivate a deal that closed about three months ago.


Notable reads

It’s probably not smart to suggest another newsletter, but if you haven’t checked out Michael Dunne’s  The Chinese Are Coming newsletter, you should. Dunne has a unique perspective on what’s happening in China, particularly as it related to automotive and newer forms of mobility such as ride-hailing. One interesting nugget from his latest edition: there are more than 20 other new electric vehicle makers in China.

“Most will fall away within the next 3 to 4 years as cash runs out,” Dunne predicts.

Other quotable notables:

Here’s a fun read for the week. TechCrunch’s Lucas Matney wrote about a YC Combinator startup Jetpack Aviation.The startup has launched pre-orders this week for the moonshot of moonshots, the Speeder, a personal vertical take-off and landing vehicle with a svelte concept design that looks straight out of Star Wars or Halo.


Testing and deployments

Spanish ride-hailing firm Cabify is back operating in Barcelona, Spain despite issuing dire warnings that new regulations issued by local government would crush its business and force it to fire thousands of drivers and leave forever. Turns out forever is one month.

The Catalan Generalitat issued a decree last month imposing a wait time of at least 15 minutes between a booking being made and a passenger being picked up. The policy was made to ensure taxis and ride-hailing firms are not competing for the same passengers, following a series of taxi strikes, which included scenes of violence. Our boots on the ground reporter Natasha Lomas has the whole story.

Sure, Barcelona is just one city. But what happened in Barcelona isn’t an isolated incident. The early struggles between conventional taxis and ride-hailing operations might be over, but that doesn’t mean the matter has been settled altogether.

And it’s not likely to go away. Once, robotaxis actually hit the road en masse — and yes, that’ll be awhile — these same struggles will pop up again.

Other deployments, or, er, retreats ….

Bike share pioneer Mobike retreats to China

On the autonomous vehicle front:

China Post, the official postal service of China, and delivery and logistics companies Deppon Express, will begin autonomous package delivery services in April. The delivery trucks will operate on autonomous driving technologies developed by FABU Technology, an AI company focused on intelligent driving systems.


On our radar

There is a lot of transportation-related activity this month. Come find me.

SXSW in Austin: TechCrunch will be at SXSW. And there is a lot of mobility action here. Aurora CEO and co-founder Chris Urmson was on stage Saturday morning with Malcolm Gladwell. Mayors from a number of U.S. cities as well as companies like Ford and Mercedes are on the scene. Here’s where I’ll be. 

  • 2 p.m. to 6:30 p.m. (local time) March 9 at the Empire Garage for the Smart Mobility Summit, an annual event put on by Wards Intelligence and C3 Group. The Autonocast, the podcast I co-host with Alex Roy and Ed Niedermeyer, will also be on hand.
  • 9:30 a.m. to 10:30 a.m. (local time) March 12 at the JW Marriott. The Autonocast and founding general partner of Trucks VC, Reilly Brennan will hold a SXSW podcast panel on automated vehicle terminology and other stuff.
  • 3:30 p.m (local time) over at the Hilton Austin Downtown, I’ll be moderating a panel Re-inventing the Wheel: Own, Rent, Share, Subscribe. Sherrill Kaplan with Zipcar, Amber Quist, with Silvercar and Russell Lemmer with Dealerware will join me on stage.
  • TechCrunch is also hosting a SXSW party from 1 pm to 4 pm Sunday, March 10, 615 Red River St., that will feature musical guest Elderbrook. RSVP here

Nvidia GTC

TechCrunch (including yours truly) will also be at Nvidia’s annual GPU Technology Conference from March 18 to 21 in San Jose.

Self Racing Cars

The annual Self Racing Car event will be held March 23 and March 24 at Thunderhill Raceway near Willows, California.

There is still room for participants to test or demo their autonomous vehicles, drive train innovation, simulation, software, teleoperation, and sensors. Hobbyists are welcome. Sign up to participate or drop them a line at [email protected].

Thanks for reading. There might be content you like or something you hate. Feel free to reach out to me at [email protected] to share those thoughts, opinions or tips. 

Nos vemos la próxima vez.

Flawed visitor check-in systems let anyone steal guest logs and sneak into buildings

Security researchers at IBM have found, reported and disclosed 19 vulnerabilities in five popular visitor management systems, which they say can be used to steal data on visitors — or even sneak into sensitive and off-limit areas of office buildings.

You’ve probably seen one of these visitor check-in systems before: they’re often found in lobbies or reception areas of office buildings to check staff and visitors onto the work floor. Visitors check in with their name and who they’re meeting using the touch-screen display or tablet, and a name badge is either printed or issued.

But the IBM researchers say flaws in these systems provided “a false sense of security.”

The researchers examined five of the most popular systems: Lobby Track Desktop, built by Jolly Technologies, had seven vulnerabilities; eVisitorPass, recently rebranded as Threshold Security, had five vulnerabilities; EasyLobby Solo, built by HID Global, had four vulnerabilities; Envoy’s flagship Passport system had two vulnerabilities; and The Receptionist, an iPad app, had one vulnerability.

According to IBM, the vulnerabilities could only be exploited by someone physically at check-in. The bugs ranged from allowing someone to download visitor logs, such as names, driver license and Social Security data, and phone numbers; or in some cases, the buggy software could be exploited to escape “kiosk” mode, allowing access to the underlying operating system, which the researchers say could be used to pivot to other applications and on the network, if connected.

Worse of all, the use of default admin credentials that would give “allow complete control of the application,” such as the ability to edit the visitor database. Some systems “can even issue and provision RFID badges, giving an attacker a key to open doors,” the researchers wrote.

Daniel Crowley, research director at IBM X-Force Red, the company’s pen-testing and vulnerability hunting team, told TechCrunch that all of the companies responded to the team’s findings.

“Some responded much more quickly than others,” said Crowley. “The Lobby Track vulnerabilities were acknowledged by Jolly Technologies, but they stated that the issues can be addressed through configuration options. X-Force Red tested the Lobby Track software in its default configuration,” he added.

We contacted the companies and received — for the most part — dismal responses.

Kate Miller, a spokesperson for Envoy, confirmed it fixed the bugs but “customer and visitor data was never at risk.”

Andy Alsop, chief executive of The Receptionist, did not respond to a request for comment but instead automatically signed us up to a mailing list without our permission, which we swiftly unsubscribed from. When reached, Michael Ashford, director of marketing, did not comment.

David Jordan, a representative for Jolly, declined to comment. And, neither Threshold Security and HID Global responded to our requests for comment.

Zero Motorcycles leads in electric motorcycles as BRP scoops up Alta’s remains

As the mobility world awaits Harley Davidson’s EV debut, there’s plenty of motion in the e-moto startup space.

Zero Motorcycles unveiled its new 110 horsepower SR/F model in New York this week, offering a 200 mile range, one hour charge capability, and top speed of 124 mph.

The California based startup—whose investors include New York VC firm Invus—wired the SR/F with Zero’s new Cypher III operating system and Bosch’s Motorcycle Stability Control.

Both combine to offer remotely synced mobile connectivity to the motorcycle’s charge status and performance controls. The 485 pound SR/F is upgraded from Zero’s existing line-up to include cornering ABS, traction control, and a new app and dash interface.

Zero’s two-wheeler comes in at an entry price of $18,995. On the business side, the EV startup could produce as many as 10,000 SR/Fs and add members to its 200 dealer network, CEO Sam Paschel told TechCrunch in New York.

Zero’s SR/F enters the e-moto market in a year where EV startups will face more competition on specs and pricing, and big motorcycle manufacturers will feel more pressure to go electric.

From a business perspective, as TechCrunch has reported, the U.S. motorcycle industry has been in pretty bad shape since the recession. New sales dropped by roughly 50 percent since 2008, with sharp declines in ownership by everyone under 40. The exception is women, who have become the only growing motorcycle ownership segment.

E-moto upstarts have worked to attract new riders and close gaps with gas motorcycles in performance and cost—but most offerings have come with some compromise.

Italian company Energica’s models hit high marks in tech controls and performance—with 150 horsepower, 30 minute fast-charge times, and 125 mile range—but not without a hefty price of $20K and up.

Lightning Motorcycles, another California based e-moto startup, offers ultra-high end of performance, claiming the world’s fastest production motorcycle in the world with its LS-218. But the $38K, 218 mph, track bred e-moto isn’t exactly average rider accessible.

Zero Motorcycles has found the widest market and model breadth, with prices starting at $8K on its FX model. Still, Zero’s e-motos (including the $16K SR) haven’t matched the performance control options, specs, or charge-times of the higher priced Energica Ego or Eva.

In 2019, Zero’s new machine—and a model being teased by Lightning—could bridge gaps in performance, range, charge-times, and price that have held many back from going e-motorcycle.

With its Bosch MSC system and upgraded operating system, the fully redesigned SR/F matches Energica in digital performance controls and comes close on power and speed at a more competitive price.

As TechCrunch reported, Lightning began taking reservations for a $12,998 Strike e-moto with some almost unbelievable stats at that price: 150 mph top speed, 35 minute charge-time, and 150 mile range. Lighting calls it their “first premium mass-market motorcycle,” with plans to unveil sometime in March.

Both Zero and Lightning’s 2019 models are positioned to compete with Harley Davidson’s EV entry, the $29K LiveWire expected to debut sometime this summer. HD revealed more product specs recently, such as 3 second 0-60 mph acceleration and 110 mile range. Harley Davidson has also indicated it plans a full pivot to electric, with additional e-motorcycles in the pipeline, as well as e-bicycles and scooters.

Harley’s electric moves, as well as Zero and Lightning’s more competitive offerings, could hasten major motorcycle manufacturers’ plans to sell e-motos. None of the big names producers—Honda, Kawasaki, Suzuki, BMW—have offered a production electric street motorcycle in the U.S. HD will be the first.

With momentum in the motorcycle world shifting electric, there are more than a few caveats as to whether there’s a viable U.S. market. In addition to the contracting sales environment, the e-moto startup space has racked up a series of failures. These include Brammo, Mission Motorcycles, and more recently,  Alta Motors—a California based EV venture backed by $45 million in VC that ceased operations in October. Alta had a partnership with Harley Davidson (now defunct) and there’s been little light shed on what forced them to shut off the lights.

Alta Motors resurfaced last week, when Canadian company BRP—the owner of such brands as snowmobile maker Ski-Doo and watercraft producer Sea-Doo—acquired select Assets of Alta. There had been hopes someone would purchase and revive the California e-moto startup, but that looks unlikely. “We don’t have any current plans for resuscitating Alta Motors in it’s old form,” BRP’s Vice President for Communications Leslie Quinton told TechCrunch. “We have no plans yet to announce how we’re going to use the technologies,” she said.

So as Harley Davidson, Zero, and Lightning move to mainstream electric motorcycles in 2019, it appears another e-moto startup has officially faded into history.

Google will bring its Assistant to Android Messages

It’s only been a few weeks since Google brought the Assistant to Google Maps to help you reply to messages, play music and more. This feature first launched in English and will soon start rolling out to all Assistant phone languages. In addition, Google also today announced that the Assistant will come to Android Messages, the standard text messaging app on Google’s mobile operating system, in the coming months.

If you remember Allo, Google’s last failed messaging app, then a lot of this will sound familiar. For Allo, after all, Assistant support was one of the marquee features. The different, though, is that for the time being, Google is mostly using the Assistant as an additional layer of smarts in Messages while in Allo, you could have full conversations with a special Assistant bot.

In Messages, the Assistant will automatically pop up suggestion chips when you are having conversations with somebody about movies, restaurants and the weather. That’s a pretty limited feature set for now, though Google tells us that it plans to expand it over time.

What’s important here is that the suggestions are generated on your phone (and that may be why the machine learning model is limited, too, since it has to run locally). Google is clearly aware that people don’t want the company to get any information about their private text chats. Once you tap on one of the Assistant suggestions, though, Google obviously knows that you were talking about a specific topic, even though the content of the conversation itself is never sent to Google’s servers. The person you are chatting with will only see the additional information when you push it to them.

Melonee Wise and Anca Dragan will be speaking at TC Sessions: Robotics + AI April 18 at UC Berkeley

Hard to believe, but we’re only a few months out from the next TC Sessions: Robotics. As we get ready for our third year, take a trip down robotic memory lane with these highlights from last year’s big event.

We’ll be returning to UC Berkeley’s Zellerbach Hall in April, this time with an added focus on artificial intelligence. Last week we announced that computer science professor Hany Farid and VC/Playground global co-founder Peter Barrett will be joining us at the event, and now we’ve got a couple more big names to share with you.

Melonee Wise is the CEO of collaborative warehouse robotics company Fetch. She previously worked at influential Bay Area robotics startup Willow Garage, where she helped develop the ROS (Robotic Operating System), the PR2 and TurtleBot. Wise has received numerous awards, including MIT Technology Review’s TR35, and was named a 2018 World Economic Forum Technology Pioneer.

Anca Dragan is an assistant professor at UC Berkeley’s EECS (Electric Engineering and Computer Sciences) department, with a focus on human-robotic interaction. Her team explores the fields of autonomous vehicles, manufacturing and assistive robotics. Dragan is a co-founder of the Berkeley AI Research Lab and has received a Sloan Fellowship, MIT TR35, Okawa and NSF CAREER awards.

Grab your Early-Bird tickets today and save more than $100 before prices go up. Students, grab your tickets for just $45 here.

How open source software took over the world

It was just 5 years ago that there was an ample dose of skepticism from investors about the viability of open source as a business model. The common thesis was that Redhat was a snowflake and that no other open source company would be significant in the software universe.

Fast forward to today and we’ve witnessed the growing excitement in the space: Redhat is being acquired by IBM for $32 billion (3x times its market cap from 2014); Mulesoft was acquired after going public for $6.5 billion; MongoDB is now worth north of $4 billion; Elastic’s IPO now values the company at $6 billion; and, through the merger of Cloudera and Hortonworks, a new company with a market cap north of $4 billion will emerge. In addition, there’s a growing cohort of impressive OSS companies working their way through the growth stages of their evolution: Confluent, HashiCorp, DataBricks, Kong, Cockroach Labs and many others. Given the relative multiples that Wall Street and private investors are assigning to these open source companies, it seems pretty clear that something special is happening.

So, why did this movement that once represented the bleeding edge of software become the hot place to be? There are a number of fundamental changes that have advanced open source businesses and their prospects in the market.

David Paul Morris/Bloomberg via Getty Images

From Open Source to Open Core to SaaS

The original open source projects were not really businesses, they were revolutions against the unfair profits that closed-source software companies were reaping. Microsoft, Oracle, SAP and others were extracting monopoly-like “rents” for software, which the top developers of the time didn’t believe was world class. So, beginning with the most broadly used components of software – operating systems and databases – progressive developers collaborated, often asynchronously, to author great pieces of software. Everyone could not only see the software in the open, but through a loosely-knit governance model, they added, improved and enhanced it.

The software was originally created by and for developers, which meant that at first it wasn’t the most user-friendly. But it was performant, robust and flexible. These merits gradually percolated across the software world and, over a decade, Linux became the second most popular OS for servers (next to Windows); MySQL mirrored that feat by eating away at Oracle’s dominance.

The first entrepreneurial ventures attempted to capitalize on this adoption by offering “enterprise-grade” support subscriptions for these software distributions. Redhat emerged the winner in the Linux race and MySQL (thecompany) for databases. These businesses had some obvious limitations – it was harder to monetize software with just support services, but the market size for OS’s and databases was so large that, in spite of more challenged business models, sizeable companies could be built.

The successful adoption of Linux and MySQL laid the foundation for the second generation of Open Source companies – the poster children of this generation were Cloudera and Hortonworks. These open source projects and businesses were fundamentally different from the first generation on two dimensions. First, the software was principally developed within an existing company and not by a broad, unaffiliated community (in the case of Hadoop, the software took shape within Yahoo!) . Second, these businesses were based on the model that only parts of software in the project were licensed for free, so they could charge customers for use of some of the software under a commercial license. The commercial aspects were specifically built for enterprise production use and thus easier to monetize. These companies, therefore, had the ability to capture more revenue even if the market for their product didn’t have quite as much appeal as operating systems and databases.

However, there were downsides to this second generation model of open source business. The first was that no company singularly held ‘moral authority’ over the software – and therefore the contenders competed for profits by offering increasing parts of their software for free. Second, these companies often balkanized the evolution of the software in an attempt to differentiate themselves. To make matters more difficult, these businesses were not built with a cloud service in mind. Therefore, cloud providers were able to use the open source software to create SaaS businesses of the same software base. Amazon’s EMR is a great example of this.

The latest evolution came when entrepreneurial developers grasped the business model challenges existent in the first two generations – Gen 1 and Gen 2 – of open source companies, and evolved the projects with two important elements. The first is that the open source software is now developed largely within the confines of businesses. Often, more than 90% of the lines of code in these projects are written by the employees of the company that commercialized the software. Second, these businesses offer their own software as a cloud service from very early on. In a sense, these are Open Core / Cloud service hybrid businesses with multiple pathways to monetize their product. By offering the products as SaaS, these businesses can interweave open source software with commercial software so customers no longer have to worry about which license they should be taking. Companies like Elastic, Mongo, and Confluent with services like Elastic Cloud, Confluent Cloud, and MongoDB Atlas are examples of this Gen 3.  The implications of this evolution are that open source software companies now have the opportunity to become the dominant business model for software infrastructure.

The Role of the Community

While the products of these Gen 3 companies are definitely more tightly controlled by the host companies, the open source community still plays a pivotal role in the creation and development of the open source projects. For one, the community still discovers the most innovative and relevant projects. They star the projects on Github, download the software in order to try it, and evangelize what they perceive to be the better project so that others can benefit from great software. Much like how a good blog post or a tweet spreads virally, great open source software leverages network effects. It is the community that is the source of promotion for that virality.

The community also ends up effectively being the “product manager” for these projects. It asks for enhancements and improvements; it points out the shortcomings of the software. The feature requests are not in a product requirements document, but on Github, comments threads and Hacker News. And, if an open source project diligently responds to the community, it will shape itself to the features and capabilities that developers want.

The community also acts as the QA department for open source software. It will identify bugs and shortcomings in the software; test 0.x versions diligently; and give the companies feedback on what is working or what is not.  The community will also reward great software with positive feedback, which will encourage broader use.

What has changed though, is that the community is not as involved as it used to be in the actual coding of the software projects. While that is a drawback relative to Gen 1 and Gen 2 companies, it is also one of the inevitable realities of the evolving business model.

Linus Torvalds was the designer of the open-source operating system Linux.

Rise of the Developer

It is also important to realize the increasing importance of the developer for these open source projects. The traditional go-to-market model of closed source software targeted IT as the purchasing center of software. While IT still plays a role, the real customers of open source are the developers who often discover the software, and then download and integrate it into the prototype versions of the projects that they are working on. Once “infected”by open source software, these projects work their way through the development cycles of organizations from design, to prototyping, to development, to integration and testing, to staging, and finally to production. By the time the open source software gets to production it is rarely, if ever, displaced. Fundamentally, the software is never “sold”; it is adopted by the developers who appreciate the software more because they can see it and use it themselves rather than being subject to it based on executive decisions.

In other words, open source software permeates itself through the true experts, and makes the selection process much more grassroots than it has ever been historically. The developers basically vote with their feet. This is in stark contrast to how software has traditionally been sold.

Virtues of the Open Source Business Model

The resulting business model of an open source company looks quite different than a traditional software business. First of all, the revenue line is different. Side-by-side, a closed source software company will generally be able to charge more per unit than an open source company. Even today, customers do have some level of resistance to paying a high price per unit for software that is theoretically “free.” But, even though open source software is lower cost per unit, it makes up the total market size by leveraging the elasticity in the market. When something is cheaper, more people buy it. That’s why open source companies have such massive and rapid adoption when they achieve product-market fit.

Another great advantage of open source companies is their far more efficient and viral go-to-market motion. The first and most obvious benefit is that a user is already a “customer” before she even pays for it. Because so much of the initial adoption of open source software comes from developers organically downloading and using the software, the companies themselves can often bypass both the marketing pitch and the proof-of-concept stage of the sales cycle. The sales pitch is more along the lines of, “you already use 500 instances of our software in your environment, wouldn’t you like to upgrade to the enterprise edition and get these additional features?”  This translates to much shorter sales cycles, the need for far fewer sales engineers per account executive, and much quicker payback periods of the cost of selling. In fact, in an ideal situation, open source companies can operate with favorable Account Executives to Systems Engineer ratios and can go from sales qualified lead (SQL) to closed sales within one quarter.

This virality allows for open source software businesses to be far more efficient than traditional software businesses from a cash consumption basis. Some of the best open source companies have been able to grow their business at triple-digit growth rates well into their life while  maintaining moderate of burn rates of cash. This is hard to imagine in a traditional software company. Needless to say, less cash consumption equals less dilution for the founders.

Photo courtesy of Getty Images

Open Source to Freemium

One last aspect of the changing open source business that is worth elaborating on is the gradual movement from true open source to community-assisted freemium. As mentioned above, the early open source projects leveraged the community as key contributors to the software base. In addition, even for slight elements of commercially-licensed software, there was significant pushback from the community. These days the community and the customer base are much more knowledgeable about the open source business model, and there is an appreciation for the fact that open source companies deserve to have a “paywall” so that they can continue to build and innovate.

In fact, from a customer perspective the two value propositions of open source software are that you a) read the code; b) treat it as freemium. The notion of freemium is that you can basically use it for free until it’s deployed in production or in some degree of scale. Companies like Elastic and Cockroach Labs have gone as far as actually open sourcing all their software but applying a commercial license to parts of the software base. The rationale being that real enterprise customers would pay whether the software is open or closed, and they are more incentivized to use commercial software if they can actually read the code. Indeed, there is a risk that someone could read the code, modify it slightly, and fork the distribution. But in developed economies – where much of the rents exist anyway, it’s unlikely that enterprise companies will elect the copycat as a supplier.

A key enabler to this movement has been the more modern software licenses that companies have either originally embraced or migrated to over time. Mongo’s new license, as well as those of Elastic and Cockroach are good examples of these. Unlike the Apache incubated license – which was often the starting point for open source projects a decade ago, these licenses are far more business-friendly and most model open source businesses are adopting them.

The Future

When we originally penned this article on open source four years ago, we aspirationally hoped that we would see the birth of iconic open source companies. At a time where there was only one model – Redhat – we believed that there would be many more. Today, we see a healthy cohort of open source businesses, which is quite exciting. I believe we are just scratching the surface of the kind of iconic companies that we will see emerge from the open source gene pool. From one perspective, these companies valued in the billions are a testament to the power of the model. What is clear is that open source is no longer a fringe approach to software. When top companies around the world are polled, few of them intend to have their core software systems be anything but open source. And if the Fortune 5000 migrate their spend on closed source software to open source, we will see the emergence of a whole new landscape of software companies, with the leaders of this new cohort valued in the tens of billions of dollars.

Clearly, that day is not tomorrow. These open source companies will need to grow and mature and develop their products and organization in the coming decade. But the trend is undeniable and here at Index we’re honored to have been here for the early days of this journey.

Xiaomi’s five-year plan is a $1.5 billion bet on smart homes

Xiaomi, the Chinese company best known for budget phones, is betting big on a future of connected homes. It plans to plough at least 100 billion yuan, or $1.48 billion, into the so-called “AIoT” sector over the next five years, founder and chief operating office Lei Jun announced on Friday.

AIoT, short for “AI + IoT,” is an upgrade from devices connected to the internet, known as the Internet of Things. AIoTs are intelligent, run on automated systems and can learn from users’ habits, like lights that automatically turn on when you get home.

“We see a future where all home devices will be connected to the internet and controlled by voice. A wave of home appliances will be replaced by smart devices. There will be an AIoT network that infiltrates every second and scenario of people’s lives, collecting mountains of users, traffic and data,” said Lei in his annual address to employees.

The plan is to get all sorts of gadgets, not just handsets, onto Xiaomi’s operating system so the company can hawk services through these devices. The move comes as Xiaomi, the world’s fourth-largest smartphone vendor, copes a weakening market. Smartphone shipments in China were down more than 15 percent year-over-year in 2018, according to a government-backed research institute.

Phones remain strategically important to Xiaomi as it looks to lower-end phones for growth. On Thursday, the company announced it has split up (not spin out) its budget phone brand, Redmi, in hope of launching “red rice” — what Redmi means in Chinese — to Xiaomi’s “little rice” stardom. The strategy is similar to how Huawei operates sub-brand Honor for its line of cheaper phones.

Xiaomi’s new billion-dollar pledge is a continuation of a plan in 2013 to back 100 startups over the course of five years. These portfolio companies, in turn, helped make Xiaomi products, which now count 132 million total devices among which 20 million are active daily. Meanwhile, Xiaomi’s voice assistant Xiao Ai has hit 100 million installs.

These gadgets, along with an assortment of lifestyle products like suitcases and umbrellas, became the largest revenue driver for Xiaomi in the second quarter of last year, the company’s earnings report shows.

Xiaomi is in a land grab with other Chinese tech giants like Baidu to enter people’s homes. It’s becoming something akin to a department store, but it can’t make everything itself. Recently, the giant made a big push in TVs through a partnership with a veteran Chinese home appliance manufacturer. It’s also teamed up with IKEA on a 100 million yuan ($14.8 million) fund for third-party developers, which will enrich Xiaomi’s inventory as consumers in China may soon be able to buy many Xiaomi-powered furniture from the Swedish retailer.