Category Archives: Uncategorized

Q2/15 Reading List

Kazuo Ishiguro: The Buried Giant. Very disappointing.
Michael Barry: Shadows on the Road. Interesting enough.
Lacey Noonan: A Gronking to Remember. Beyond belief.
Kazuo Ishiguro: Nocturnes. Excellent. 
Modiano: Gräser der Nacht.  Schwierig schwierig.
Bryson: Small Island.Perfect, never gets old.
Zia Haider Rahman: In the Light of What We Know. Outstanding. 
Ned Boulting: 101 Damnations. Good not great
Ed Catmull: Creativity Inc. Pretty good.
Klaus Modick: Konzert ohne Dichter. Sehr solide. 
Gaimon: Pro Cycling on $10 a Day. Fun read, good writer.

The Changing Nature of Tech Companies

Much talk about Google restructuring into holding company Alphabet and its various subsidiaries. Which is of course a brilliant move when it comes to solving their succession problem. So well done.

Many commentators have compared the new structure to Berkshire Hathaway, but that really doesn’t seem right. Berkshire buys mature companies, whereas I would assume that Alphabet will very much want to grow new businesses inside.

It might make more sense to compare Alphabet to the organizational model of a major film studio or entertainment company.

The parallels are obvious: A talent-driven business, with huge upsides and high downsides, a limited ability to predict success for any given project (so you better have a portfolio of them), and a reasonably short half-life for products with only a small handful of franchises enjoying mid- or long-term success. 

Q1/15 Reading List

NoViolet Bulawayo: We Need New Names. A bit uneven but worth it.
Felix Lowe: Climbs and Punishment. Kinda funny. 
Maja Haderlap: Engel des Vergessens. Eindrucksvoll.
Olga Grjasnowa: Der Russe ist einer, der Birken liebt. Sehr stark.
Andreas Maier: Das Haus. Schon überzeugend. Aber elf Bände?
Edward St Aubyn: Lost for Words. Good not great. 
Gabriel Weinberg and Justin Mares: Traction. Good stuff. 
Ben Lerner: Leaving the Atocha Station. Impressive Bildungsroman.
Alan Rusbridger: Play It Again. What a wonderful surprise. 
Ben Lerner: 10:04. Again, impressive.
McHutchinson & Blundell: Mid-life Cyclists. A pleasant surprise. 
Thomas Hettche: Woraus wir gemacht sind. Au weh. Wo ist der Lektor?
Gerhard Polt: und auch sonst. Nicht wirklich inspiriert.
Patrick Modiano: Abendgesellschaft. Faszinierend.
George Saunders: tenth of december. Strong stuff. 
Robert Seethaler: Der Trafikant. Sehr stark.
Colum McCann: Dancer. Outstanding. 
Roger Ebert: Life Itself. Mixed bag, bit long.
Alexandra Fuller: Don’t Let’s Go To The Dogs. Very strong.
Robert Seethaler: Die weiteren Aussichten. Nicht ganz so stark.
John Hooper: The Italians. Good not great.
Ron Rash: Serena. Strong stuff.
Arno Geiger: Selbstporträt mit Flusspferd. Eher schwach. 

Facebook and PGP. A Pleasant Surprise.

This  is a welcome surprise. 
Facebook announced the ability for users to upload their public key so that they can receive their messages from Facebook in encrypted form. 
Bildschirmfoto 2015 06 01 um 16 36 04
This is remarkable in several ways:
1. It clearly demonstrates that PGP is the right way to go about encrypting email. Email is so prevalent precisely because it is the one message format where I don’t have to worry about what client or server you use. As long as I have your address I can communicate with you. The same goes for encryption. I want to be able to send encrypted messages to you without having to worry about which client or crypto tools you use. 
2. Notfications from FB are now encrypted. That may or may not be important in real life. Many people would argue that sensitive information doesn’t belong on FB in the first place. But we can hopefully agree that putting more encrypted content onto the wire is a good thing in itself, more security, less surveillance.
3. More importantly, password reset emails are now encrypted. This is huge. A hacker who hijacks your email account ny cracking your password is easily able to reset all your passwords and destroy your online identity. With encrypted password reset messages that isn’t possible anymore. Well done!
4. The most important implication to the more widespread adoption of encryption is the potential to use FB as a database for acquiring people’s public keys. If I know your FB name I can look for it at
So secure email products such as Whiteout Mail could add FB as another keyserver to query when acquiring keys (more on that here).

Q4/14 Reading List

Karen Joy Fowler: We Are All Completely Beside Ourselves. Wow. Did not see that coming.
Cormac McCarthy: Child of God. Not for the faint of heart.
Ian McEwan: The Children Act. In fine form.
Martin Amis: The Zone of Interest. Don’t know what to say. Michael Hofmann does:
Thomas Harding: Hanns and Rudolf. Fascinating.
Rainald Goetz: Johann Holtrop. Not for me.  DNF. 
Vikram Chandra: Geek Sublime. A bit too clever for me. 
David Mitchell: The Bone Clocks. Incredible. nobody else could pull this off.
Bernhard Schlink.  Die gordische Schleife. Unterhaltsame Räuberpistole. 
Stefan Zweig: Schachnovelle. Gemischt. 
Edward St. Aubyn: Never Mind. Bad News. Some Hope. Mother’s Milk. At Last. All five books very good, and surprisingly different from each other.
Chris Hadfield: You Are Here. Pretty great. If only the pictures were sharper. 
Richard Ford: Let Me Be Frank With You. Incredibly good. 
Patrick Modiano: Place Etoile. Very impressive. Incredible for a 21 year old.
Richard Flanagan: The Narrow Road to the Deep North. Very impressive. 
Phil Klay: Redeployment. Strong stuff. 
Tim Moore: Gironimo. Fun. Maybe a bit long.

Banning Encryption? At Best Naive.

We all stand in shock at the horrific attacks in Paris. Our thoughts go out to the families and everybody affected. And once again we are confronted with the fact that the open society has enemies and is vulnerable.
So people are worried and are looking to their elected leaders for answers. These leaders would do well to provide the thoughtful and carefully reasoned answers that we should expect from them. And to not exploit the situation for populistic campaigning. 
A blatant example of the latter is the UK PM now calling for a ban on encryption
This line of argument is at best misleading. The underlying fallacies are:
It cannot be done: You don’t need an advanced degree in information technology to understand that this simply cannot be done. Cory Doctorow explains it well here. In a nutshell, the tools and technologies are out in the open and cannot be controlled by legislative means.
It also wouldn’t work: Imagine for a second a world without encryption and the corresponding mass surveillance of everything that floats around the net. It is inconceivable how governments would now separate the signal from the noise and generate actionable insights. Also, when we look at the catastrophes of the recent past, among them New York, London, Madrid, and now Paris, most experts agree that the obvious breakdowns in intelligence and anti-terrorism that allowed these events to take place were not at all due to a lack of data. But to inter-agency process breakdown and a lack of feet on the street to do real-world, hands-on intelligence work. 
It would actually increase our risk: If we did give up protection and allowed the government to monitor every communication, how would we prevent anybody else from exploiting the same backdoors and loopholes? Naturally spies, attackers, saboteurs would use precisely the same access. The risk would be higher than the reward. 
So the discussion started by David Cameron is at best naive.
Or, if you’re more cynically inclined, precisely the kind of topic politicians will jump on: Complex to understand, ultimately destined for failure, but immensely productive when you want to own a topic that will not go away and you can keep coming up with deeply concerned soundbites. 
In any case it is a dangerous distraction. Protecting the open society from its enemies will require a different leadership. One where you strengthen the moral compass and respect the  intelligence of your citizens rather than dumbing things down.
Even if that means telling them things they may not want to hear. That we might need to pay for more police for more hands-on old-fashioned intelligence and protection footwork. 
Update: Now it turns out that we find the US intelligence agencies themselves urging more encryption to protect private data for citizens and businesses. And, just this week, the German government’s cyber security czar urged businesses to adopt more encryption to protect against espionage. Pointing specifically to PGP as the technology of choice. I agree. 

Q3/14 Reading List

Gillian Flynn: Gone Girl. Unputdownable.
Stuart O’Grady: Battle Scars. Why not. 
George Hincapie: The Loyal Lieutenant. Actually pretty interesting.
Simon Sebag Montefiore: Stalin. Unbelievable. 
Graeme Simsion: The Rosie Project. Very funny.
Nicolas Roche: Inside the Peloton. Very detailed. Pretty interesting.
Daniel Hope: Familienstücke. Sehr interessant.
Daniel Hope: Toi toi toi. Total überflüssig. 
Elena Ferrante: Abbandono. Strong. 
Josef Bierbichler: Mittelreich. Lesenswert.
Tim Parks: Italian Ways. Pretty weak.
Philipp Meyer: American Rust. Very strong. 
Ned Boulting: How I Won the Yellow Jumper. Middling. 
Ned Boulting: On the Road Bike.  Much better. 
Geoff Dyer. Another Day at Sea. Pretty good. But not his best by far.
Boris Fishman: A Replacement Life. Expected more. 
David Foster Wallace: Infinite Jest. Read the first 200 pages. Surprisingly funny. Must resume some day. 
Donna Tartt: The Goldfinch. Very very good. Not long enough. 
Eleanor Catton: The Luminaries. Impressive. Maybe a bit too long. 
Bernhard Schlink. Die Frau auf der Treppe. Good but not great.
Eric Schmidt & Jonathan Rosenberg: How Google Works. Not bad at all. 
Julie Schumacher: Dear Committee Members. Cute, but a bit monotonous.  

Q2/14 Reading List

Here goes.

Teju Cole: Every Day Is for the Thief. Very impressive.
George Saunders: The Braindead Megaphone. Wow.
Kilian Jornet: Run or Die. Not what I expected.
Arnold Steinhardt: Violin Dreams. Interesting.
Richard Powers: Orfeo. Fantastic.
Michael Lewis: Flash Boys. Good stuff.
Stefan Zweig: Die Welt von Gestern. Pflichtlektüre.
Derek B. Miller: Norwegian by Night. Action hero with dementia, that’s a first.
Larry McMurtry: Lonesome Dove. Strong.
Siegfried Höllrigl: Was weiß der Reiter vom Gehen. Naja.
Max Leonard: Lanterne Rouge. Only for diehards.
Tomas Espedal: Wider die Natur. Stark.
Karl Ove Knausgaard: Leben. Wieder sehr gut.
Irmgard Braun: Nie wieder tot. Flott.

Liquidation Preferences: They do make sense

Good post by Ciaran O’Leary of Earlybird on how to manage liquidation preferences. Also worth following the links.

I remember how long it took me and my colleagues to get to grips with this issue when we did our first VC round. For the first-time entrepreneur it felt unfair and lopsided.

But then you realize that this is in fact needed to prevent lopsided outcomes of another sort: Where the founders and angels sell the company quickly after the investment and possibly for cheap and they make money and the VC investor doesn’t.

So the liquidation preference helps reset the stage and make everybody want to grow the valuation from here on forward.

Of course there are alternatives, specifically granting veto rights to the new investor on exit price etc., but those are likely going to be set at the wrong thresholds and then lead to awkward and hurried behind-the-scenes haggling in case of an impending exit. Which you don’t want.

Email Metadata Privacy – Should You Care or Not

When we first heard of Edward Snowden in June 2013, we heard of the collection of metadata at Verizon. It took us a while to figure out if that was troubling.
Now we know that it is. Who calls whom at what time and how often reveals many things that we may want to keep private. How often I call my doctor, priest, psychiatrist, or astrological hotline is my business and none of yours.

The same goes for Email where people now are asking for privacy solutions, as they have understood how personal and private this information is and that they can’t trust the promises of technology and service providers. People naturally have turned to PGP for email encryption as the widely accepted standard for protecting their private messages.

But, guess what, PGP only encrypts the body of your message. Subject line, sender, recipient, time, IP address, and a host of other technical details are transmitted in the clear.

Trouble is that they have to be in order to make their way to the intended recipient across public networks. Much like a letter that you post will have a recipient address and a return address and a post office stamp that your postman and your neighbor can inspect. So while the content of your letter will be private while sender and recipient will not be anonymous.

So the big question becomes if this is a problem or not. Three things to consider:

It’s a problem depending on what you’re afraid of. Me, I’m afraid of somebody breaking into my Gmail account and posting 10-year old messages on the web for everybody to see. Every now and then I stumble across some old message and am embarrassed by what I wrote. Nothing more, nothing less. Thankfully not in the league of Colin Powell and Corina Cretu, but still. Wouldn’t want to see the old stuff in public. And this is just embarrassment in retrospect. I don’t even know what might be embarrassing or problematic in the future. Think of being denied entry into some country where you criticized an emerging party in an email ten years ago. And now that party is in power and they have read that email. That’s the kind of stuff that worries me. Turns out that PGP encryption of my message text takes care of this very nicely. So I’ll have some of that PGP encryption and pronto.

Of course I’m interested in exposing even less for embarrassment or misuse. So an email provider that is very specific on metadata retention is certainly interesting. They really have no need to keep a complete record of who I communicated with and about what once the messages have been delivered. So transparency about data retention, ideally audited by independent and trustworthy experts, and completely open communication on attempted breakins and governmental requests for data access would absolutely win my business. Full disclosure: We’re working on that…

Since this is such a big issue we can reasonably expect for the technology industry to address the issue of encrypting metadata for email. The so-called Darkmail alliance has gotten quite a bit of press last year and may come up with an exciting technology change. We haven’t heard much from them recently so it’s a bit hard to say more. And of course it will be useful only if it turns out to be a genuine standard adopted by multiple technology and service providers.

In the meantime it’s probably best to apply the old 80/20 rule. If I can encrypt 80 percent of my email content with 20 percent of the effort then that’s good enough for me. That is why PGP wins for the foreseeable future.