User blogs

Clubhouse, the social audio app that first took Silicon Valley by storm and is now gaining much wider appeal, is an interesting user experience case study.

Hockey-stick growth — 8 million global downloads as of last month, despite still being in a prelaunch, invite-only mode, according to App Annie — is something most startups would kill for. However, it also means that UX problems can only be addressed while in “full flight” — and that changes to the user experience will be felt at scale rather under the cover of a small, loyal and (usually) forgiving user base.

In our latest UX teardown, Built for Mars founder and UX expert Peter Ramsey and TechCrunch reporter Steve O’Hear discuss some of Clubhouse’s UX challenges as it continues to onboard new users at pace while striving to create enough stickiness to keep them active.

Homepage curation

Peter Ramsey: Content feeds are notoriously difficult to get right. Which posts should you see? How should you order them? How do you filter out the noise?

On Clubhouse, once you’ve scrolled past all the available rooms in your feed, you’re prompted to follow more people to see more rooms. In other words, Clubhouse is inadvertently describing how it decides what content you see, i.e., your homepage is a curated list of rooms based on people you follow.

Except there’s a problem: I don’t follow half the people who already appear in my feed.

Image Credits: Clubhouse

Steve O’Hear: I get it. This could be confusing, but why does it actually matter? Won’t people just continue to use the homepage regardless?

Peter: In the short term, yes. People will use the homepage in the same way they’d use Instagram’s search page (which is to just browse occasionally). But in the long term, this content needs to be consistently relevant or people will lose interest.

Steve: But Twitter has a search page that shows random content that I don’t control…

Peter: Yeah, but they also have a home feed that you do control. It’s fine to also have the more random “slot machine style” content feed — but you need the base layer.

The truth about aha moments

Peter: In the early days of Twitter, the team noticed something in their data: When people follow at least 30 others, they’re far more likely to stick around. This is often described as an “aha moment” — the moment that the utility of a product really clicks for the user.

This story has become startup folklore, and I’ve worked with many companies who take this message too literally, forgetting the nuance of what they really found: It’s not enough to just follow 30 random people — you need to follow 30 people who you genuinely care about.

Clubhouse has clearly adopted a similar methodology, by pre-selecting 50 people for you to follow while signing up.

Have you noticed that some people have accumulated millions of followers really quickly? It’s because the same people are almost always recommended—I tried creating accounts with polar opposite interests, and the same people were pre-selected almost every time.

And at no point does it explain that following those 50 people will directly impact the content that is available to you, or that if your homepage gets uninteresting, you’ll need to unfollow these people individually.

But they should, and it could look more like this:

Steve: Why do you think Clubhouse does this? Laziness?

Peter: I think in the early days of Clubhouse they just wanted to maximize connections, and by always recommending the same people (Clubhouse’s founders and investors), they could somewhat control the content that is shown to new users.

Social media executives will be answering to Congress directly for their role in January’s deadly attacks on the U.S. Capitol this week. Facebook’s Mark Zuckerberg, Twitter’s Jack Dorsey and Google’s Sundar Pichai will all appear virtually before a joint House committee Thursday at 12 p.m. Eastern Time.

The hearing, held by the House’s Subcommittee on Communications and Technology and the Subcommittee on Consumer Protection and Commerce, will focus on social media’s role in spreading disinformation, extremism and misinformation. The Energy and Commerce Committee previously held a parallel hearing reckoning with traditional media’s role in promoting those same social ills.

Earlier this month, Energy and Commerce Chairman Frank Pallone Jr., joined by more than 20 other Democrats, sent a letter to Zuckerberg pressing the Facebook CEO for answers about why tactical gear ads showed up next to posts promoting the Capitol riot. “Targeting ads in this way is dangerous and has the potential to encourage acts of violence,” the letter’s authors wrote. In late January, Facebook said that it would pause ads showing weapon accessories and related equipment.

While the subcommittee has signaled its interest in Facebook’s ad practices, organic content on the site has historically presented a much bigger problem. In the uncertain period following the election last year, the pro-Trump “Stop the Steal” movement swelled to massive proportions on social media, particularly in Facebook groups. The company took incremental measures at the time, but that same movement, born of political misinformation, is what propelled the Capitol rioters to disrupt vote counting and enact deadly violence on January 6.

The hearing is likely to go deep on extremists organizing through Facebook groups too. Chairs from both subcommittees that will question the tech CEOs this week previously questioned Facebook about reports that the company was well aware that its algorithmic group recommendations were funneling users toward extremism. In spite of warnings from experts, Facebook continued to allow armed anti-government militias to openly organize on the platform until late 2020. And in spite of bans, some continued to do so.

The Justice Department is reportedly considering charging members of the Oath Keepers, one prominent armed U.S. militia group involved in the Capitol attack, with sedition.

Facebook plays a huge role in distributing extremist content and ferrying it to the mainstream, but it isn’t alone. Misinformation that undermines the integrity of the U.S. election results is generally just as easy to find on YouTube and Twitter, though those social networks aren’t designed to connect and mobilize people in the same way that Facebook groups do.

Facebook began to course-correct its own rules around extremism, slowly through 2020 and then quickly this January when the company removed former President Trump from the platform. Facebook’s external policy oversight board continues to review that decision and could reverse it in the coming weeks.

Over the course of the last year, Twitter made an effort to demystify some of its own policy decisions, transparently communicating changes and introducing ideas it was considering. Under Dorsey’s guidance the company treated its platform rules like a living document — one it’s begun to tinker around with in an effort to shape user behavior for the better.

If Twitter’s recent policy decision making is akin to thinking out loud, YouTube took the opposite approach. The company wasn’t as proactive in shoring up its defenses ahead of the 2020 elections and rarely responded in real-time to events. YouTube waited a full month after Biden’s victory to articulate rules that would rid the platform of disinformation declaring that the election was stolen from Trump.

Hopefully the joint hearing can dig a bit more into why that was, but we’re not counting on it. The subcommittees’ decision to bring Google CEO Sundar Pichai to testify is a bit strange considering that YouTube’s CEO Susan Wojcicki — who has yet to be called to Congress for one of these high profile tech hearings — would make the better witness. Pichai is ultimately accountable for what YouTube does too, but in past hearings he’s proven a very polished witness who’s deft at neutralizing big picture criticism with technical detail.

Ultimately Wojcicki would have more insight into YouTube’s misinformation and extremism policies and the reason the platform has dragged its feet on matters of hate and misinformation, enforcing its own policies unevenly when it chooses to do so at all.

All successful companies start off as a great idea, scribbled on the back of a cocktail napkin during a late-night meeting of the minds or gleaned from a fleeting inspiration that leaves you with a feeling of “I could do that better.”

For most, that’s as far as entrepreneurship ever goes, because, unfortunately, a great idea can’t raise money, develop a product or disrupt an industry.

It’s only an idea.

New data from the DocSend Startup Index show that for early-stage fundraising, particularly in the pre-seed round, founders need to approach VCs with much more than a great idea to secure funding. Our newest report on the state of pre-seed fundraising shows that investors became laser-focused on sections of the pitch deck that address monetization and business viability — signs that founders need to come to the table with better-defined businesses in order to succeed.

Do not pass go — VCs insist pitch decks meet 3 key criteria

According to the data, overall founder and VC activity took a nosedive in early 2020 once the serious nature of the pandemic became apparent. But as the year progressed and investors adjusted to the new market conditions and remote dealmaking, overall activity quickly surpassed pre-pandemic levels.

Despite this flurry of activity and an unprecedented appetite for new startup pitches, investors made it very clear that strong positioning in three sections of the pitch deck was nonnegotiable.

Image Credits: DocSend(opens in a new window)

1. Competitive landscape — When we published our 2019 pre-seed report, the competitive landscape section of pitch decks was firmly in the middle of the pack in terms of time spent reviewing by investors: They averaged around 35 seconds to clearly articulate their own uniqueness and product-market fit. In 2020, the VC time spent on the same section increased by 51% to an average of 53 seconds across both successful and unsuccessful decks (those that did or did not lead to a funding offer).

In Africa, Y Combinator is known to be a major backer of most of the continent’s well-known startups.

Two of the most talked-about in the last two quarters — Flutterwave and Paystack — are YC-backed. Their successes (Flutterwave’s billion-dollar valuation and Paystack’s rare exit to Stripe) have greatly increased YC’s appeal in the eyes of founders on the continent with local investors clamoring to get their portfolio into the accelerator.

Unlike last year where Y Combinator held its Demo Day, both winter and summer in two days, it’s a single day for this Winter 2021 batch.

This is the accelerator’s third online demo day, its second all-virtual class and remote pitch session following its decision to go fully remote from the previous batch (Summer 2020).

A total of 319 companies pitched today from 41 countries drawing attention from more than 2,400 investors.  However, only ten African startups pitched and similar to other batches; most of them are fintechs.

Other startups offer e-commerce fulfillment, edtech and B2B food marketplace services. Five startups represent Nigeria; three are from Egypt, and one from the Ivory Coast and Kenya. Here they are building.

Dayra (Egypt)

Most of the gig workers in Egypt are unbanked, and it’s difficult for digital platforms to pay them for their services. The traditional method would be to use cash or third-party institutions.

Founded by Omar Ekram, Dayra is trying to solve this via an API. With its platform, Egyptian businesses can offer financial services including loans to unbanked workers and customers in the country.

Djamo (Ivory Coast)

While there has been a huge profusion of financial services that have emerged in recent years in Africa, there’s still a huge underserved gap in Francophone Africa. In fact, less than 25% of the population is banked.

Djamo acts as a challenger bank and offers banking solutions to break into this huge untapped market and help with financial inclusion in the region. Hassan Bourgi and Regis Bamba founded the Ivorian startup. 

Kidato (Kenya)

In African public schools, the student-teacher ratio can be as high as 50:1. This doesn’t aid effective learning. Other options like private schools can be costly.

Kidato, an edtech startup founded by Sam Gichuru, have classes with student-teacher ratios at 5:1. They also offer the same international curriculum as private schools in the country but collect much lower fees.

Flux (Nigeria)

It takes days and sometimes weeks to send money from the U.S. to Nigeria and most African countries. There’s also the problem with expensive fees.

Flux, a Nigerian remittance startup, is using crypto to tackle this. Via an application and from a wallet, people can convert fiat into crypto and send it to the wallets of people in other countries who convert back to fiat if they choose. The startup was founded by Ben Eluan, Osezele Orukpe, and Israel Akintunde.

NowPay (Egypt)

Financial stress plays a major role as a top distraction for employees. NowPay, a startup founded by Sabry Abuelenien and Mostafa Ashour, bridges that gap and provides several benefits for employers that choose to address this area of employee wellness proactively.

The company enables corporates to offer salary advances to employees. It also improves savings, spending, budgeting, and borrowing for employees by building products that tackle every vertical.

Mono (Nigeria)

Due to the proliferation of financial services in Africa, it has become extremely difficult for banks and fintechs to combine users’ data from multiple points and make sense of it.

By streamlining various data in a single API, Mono helps companies and third-party developers retrieve vital information like account statements, real-time balance, historical transactions, income, expense, and account owner identification. Abdul Hassan and Prakhar Singh founded the company.

Prospa (Nigeria)

In the U.S. or the U.K, you can set up a business account in minutes but it can take hours and days in Nigeria. And most of this is still executed offline and on paper.

Prospa is a neobank for microbusinesses in Nigeria founded by Frederik Obasi and Rodney Jackson-Cole. It helps these businesses make international payments to more than 10 countries including China, Kenya, the U.K., and the U.S.

Flextock (Egypt)

When merchants launch their e-commerce businesses, they can easily manage the end-to-end operations in the early stages. But as they begin to grow, managing their own operations can become difficult.

This is a burden for most businesses in Egypt and Flextock, a startup founded by Mohamed Mossaad and Enas Siam, solves it by providing an end to end fulfilment service. They manage a business inventory, pick, pack and ship orders while providing real-time visibility and insights into their products.

Sendbox (Nigeria)

For some individuals and merchants, shipping can be a painstaking process. To operate efficiently, they partner with one or more service providers or build their delivery operations themselves.

Sendbox describes itself as a “fulfillment by Amazon for African merchants.” The company provides shipping, escrow payments, among other services, to social commerce merchants in Nigeria. Emotu Balogun and Olusegun Afolahan founded the company.

Vendease (Nigeria)

For small and mid-sized restaurants in Nigeria and most of Africa, food procurement can be a complex process to manage.

Founded by Tunde Kara, Olumide Fayankin, Gatumi Aliyu, and Wale Oyepeju, Vendease solves this problem by building a marketplace that allows restaurants to buy directly from farms and food manufacturers.

Researchers say a botnet targeting Windows devices is rapidly growing in size, thanks to a new infection technique that allows the malware to spread from computer to computer.

The Purple Fox malware was first spotted in 2018 spreading through phishing emails and exploit kits, a way for threat groups to infect machines using existing security flaws.

But researchers Amit Serper and Ophir Harpaz at security firm Guardicore, which discovered and revealed the new infection effort in a new blog post, say the malware now targets internet-facing Windows computers with weak passwords, giving the malware a foothold to spread more rapidly.

The malware does this by trying to guess weak Windows user account passwords by targeting the server message block, or SMB — a component that lets Windows talk with other devices, like printers and file servers. Once the malware gains access to a vulnerable computer, it pulls a malicious payload from a network of close to 2,000 older and compromised Windows web servers and quietly installs a rootkit, keeping the malware persistently anchored to the computer while also making it much harder to be detected or removed.

Once infected, the malware then closes the ports in the firewall it used to infect the computer to begin with, likely to prevent reinfection or other threat groups hijacking the already-hacked computer, the researchers said.

The malware then generates a list of internet addresses and scans the internet for vulnerable devices with weak passwords to infect further, creating a growing network of ensnared devices.

Botnets are formed when hundreds or thousands of hacked devices are enlisted into a network run by criminal operators, which are often then used to launch denial-of-network attacks to pummel organizations with junk traffic with the aim of knocking them offline. But with control of these devices, criminal operators can also use botnets to spread malware and spam, or to deploy file-encrypting ransomware on the infected computers.

But this kind of wormable botnet presents a greater risk as it spreads largely on its own.

Serper, Guardicore’s vice president of security research for North America, said the wormable infection technique is “cheaper” to run than its earlier phishing and exploit kit effort.

“The fact that it’s an opportunistic attack that constantly scans the internet and looks for more vulnerable machines means that the attackers can sort of ‘set it and forget it’,” he said.

It appears to be working. Purple Fox infections have rocketed by 600% since May 2020, according to data from Guardicore’s own network of internet sensors. The actual number of infections is likely to be far higher, amounting to more than 90,000 infections in the past year.

Guardicore published indicators of compromise to help networks identify if they have been infected. The researchers do not know what the botnet will be used for but warned that its growing size presents a risk to organizations.

“We assume that this is laying the groundwork for something in the future,” said Serper.