olivergajek

Here goes.

Good post by Ciaran O’Leary of Earlybird on how to manage liquidation preferences. Also worth following the links.

I remember how long it took me and my colleagues to get to grips with this issue when we did our first VC round. For the first-time entrepreneur it felt unfair and lopsided.

But then you realize that this is in fact needed to prevent lopsided outcomes of another sort: Where the founders and angels sell the company quickly after the investment and possibly for cheap and they make money and the VC investor doesn’t.

So the liquidation preference helps reset the stage and make everybody want to grow the valuation from here on forward.

Of course there are alternatives, specifically granting veto rights to the new investor on exit price etc., but those are likely going to be set at the wrong thresholds and then lead to awkward and hurried behind-the-scenes haggling in case of an impending exit. Which you don’t want.

When we first heard of Edward Snowden in June 2013, we heard of the collection of metadata at Verizon. It took us a while to figure out if that was troubling.
Now we know that it is. Who calls whom at what time and how often reveals many things that we may want to keep private. How often I call my doctor, priest, psychiatrist, or astrological hotline is my business and none of yours.

The same goes for Email where people now are asking for privacy solutions, as they have understood how personal and private this information is and that they can’t trust the promises of technology and service providers. People naturally have turned to PGP for email encryption as the widely accepted standard for protecting their private messages.

But, guess what, PGP only encrypts the body of your message. Subject line, sender, recipient, time, IP address, and a host of other technical details are transmitted in the clear.

Trouble is that they have to be in order to make their way to the intended recipient across public networks. Much like a letter that you post will have a recipient address and a return address and a post office stamp that your postman and your neighbor can inspect. So while the content of your letter will be private while sender and recipient will not be anonymous.

So the big question becomes if this is a problem or not. Three things to consider:

It’s a problem depending on what you’re afraid of. Me, I’m afraid of somebody breaking into my Gmail account and posting 10-year old messages on the web for everybody to see. Every now and then I stumble across some old message and am embarrassed by what I wrote. Nothing more, nothing less. Thankfully not in the league of Colin Powell and Corina Cretu, but still. Wouldn’t want to see the old stuff in public. And this is just embarrassment in retrospect. I don’t even know what might be embarrassing or problematic in the future. Think of being denied entry into some country where you criticized an emerging party in an email ten years ago. And now that party is in power and they have read that email. That’s the kind of stuff that worries me. Turns out that PGP encryption of my message text takes care of this very nicely. So I’ll have some of that PGP encryption and pronto.

Of course I’m interested in exposing even less for embarrassment or misuse. So an email provider that is very specific on metadata retention is certainly interesting. They really have no need to keep a complete record of who I communicated with and about what once the messages have been delivered. So transparency about data retention, ideally audited by independent and trustworthy experts, and completely open communication on attempted breakins and governmental requests for data access would absolutely win my business. Full disclosure: We’re working on that…

Since this is such a big issue we can reasonably expect for the technology industry to address the issue of encrypting metadata for email. The so-called Darkmail alliance has gotten quite a bit of press last year and may come up with an exciting technology change. We haven’t heard much from them recently so it’s a bit hard to say more. And of course it will be useful only if it turns out to be a genuine standard adopted by multiple technology and service providers.

In the meantime it’s probably best to apply the old 80/20 rule. If I can encrypt 80 percent of my email content with 20 percent of the effort then that’s good enough for me. That is why PGP wins for the foreseeable future.

A lot of talk these days about “Digital Sovereignty”. Whereby well-meaning people like to think that they can keep control of their data by ensuring that the data are kept in a certain legal or geographical area and somehow never leave.

But that is probably fundamentally flawed. Among other things one should consider:

• Internet pipes do not stop at geographical boundaries. Stuff flows everywhere and you cannot stop it. Which is what makes the Internet so useful and so cheap. Recent discussions in Switzerland for constructing a multi-billion dollar “special” Internet for the military (and banks no less) seem highly problematic.
• The stuff that runs the Internet probably does not come from your country. For years we have been told to avoid Chinese telecoms equipment. And now we find Cisco and others complaining that their equipment is tampered with systematically. 

For any threat I might want to avoid by domiciling data in my geography, I can imagine a straightforward attack that keeps that threat very much alive even if we close the pipes at the borders. The bribed or disgruntled data center or telco employee always has been and always will be attack vector #1. 

Much better to think about proper, meaning end-to-end, encryption applied within my personal jurisdiction. If only I have the keys then I can use public servers and services across the globe and I get all the benefits and none of the risks.

If you’re still skeptical take a look at this recent announcement about Visa and Mastercard moving their servers into Russia. Digital sovereignty indeed!

In a nutshell: Too much James Bond thanks to the reissued box sets with all the wonderful actors reading the sometimes less than wonderful works of Ian Fleming. And a major discovery, Karl-Ove Knausgard. Who you may or may not like, no guarantees.

I’m reliving the Netscape heydays by listening to Brian McCullough’s excellent podcast series at the Internet History Podcast. Highly recommended.

It’s amazing how many things Netscape pioneered at the time.

Things that are now taken for granted but back then would have been inconceivable to most people.

Among them:

• Public beta: Delivering an unfinished product to the market early in order to: 
• test market response
• get feedback on your roadmap
• get tens of thousands of volunteer testers
• block the market for other entrants
• Early IPO for a young company that was not making a profit. These days this is standard practice. We may be discussing the numbers in particularly extreme cases (the upcoming Box IPO comes to mind) but back then IPOs required multi-year histories of growth and profit.
• Blended free/paid business model. Offering the beta for free and asking people to pay for the finished product (but not turning it off if they don’t) was also a first.
• Bypassing the corporate buying center. By offering the software as a self-service download corporations found hundreds and thousands of copies of Netscape Navigator running on their machines. So they paid for it.
• Viral marketing. Remember the “Netscape Now!” button? (http://archive.is/Zp5py)

Not the greatest throughput. Too much NFL I’m afraid. The Gamepass app is just too good…

Thomas Pynchon: Bleeding Edge. Very clever.