I’m just trying to help here, people.
Very useful if you’re ever considering buying a domain
The domain name market is a mercurial one; it’s relatively secretive, however not by choice. When most people approach me about a domain they’re trying to buy I usually hear the same thing, “it looks like a squatter has it, what should I do?”
So I thought it was time to take my experience in buying, selling, and brokering millions of dollars in domain names and share the same advice and step-by-step process that I share with my friends and startup founders around the world. Here it goes.
(h/t Larry Smith)
Economics is about incentive. You get what you reward.
And our system of immigration has perverse incentives which are causing economic damage to our country.
The Immigration Paradox
Why are American technology companies off-shoring to other countries?
The obvious answer is cost. And that is true, cost is a benefit, but I would argue it’s of far lesser importance these days. (The cost of having an off-shored development team is far higher than people imagine, due to inefficiencies in teamwork, cultural differences, time zones, etc.)
There is another, hidden, problem, which I call the Immigration Paradox.
1. When a country makes immigration difficult, educated talent that is needed can’t come into the country.
2. This, in turn, forces business in that country to go offshore in order to get that talent, hurting the country’s economy.
And it’s exactly what’s happening in the United States.
Why are Apple’s computers and phones made in China? The immediate, snap answer is cost. Well, actually, that isn’t the complete answer. A more correct answeer is that Apple was unable to get the amount of engineers it needed in the United States, which forced them to go overseas (Apple, for many years, had their manufacturing in the United States).
Running a manufacturing operation in the US is productive. Simple things like stable electrical power, infrastructure, ease of transportation — all these things are taken for granted, but are really meaningful in manufacturing. But it means nothing if you don’t have the engineers available in high tech.
The argument that there are “perfectly qualified people in the US willing to take the jobs” is disingenuous. Believe me, I’ve been there. At my last company, we would spend months trying to hire software development talent, and couldn’t get enough of them. I found plenty of great talent outside of the country, but getting those people in was nearly impossible.
So I ended up setting up off-shore development centers.
I really wanted these people in the United States. But I couldn’t get them in. It can cost upwards of a $100k to bring a software developer into the country; the hassles are legendary. And your chances of being successful are low.
It’s always been fairly difficult to bring in educated immigrants. Post 9/11, it’s extremely difficult.
This is why Mark Zuckerberg and others are trying to bring more overseas talent into the country.
And so, American businesses go to Romania, or Ukraine, or India, or wherever, to get the access to the talent. And our economy suffers.
We don’t have to make them citizens. But we should make it much easier to get a work visa.
But what about those horrible illegals? They are criminals! They are rapists and murderers!
Now that discussion is different. I am talking above about getting work visas for smart people to boost our own economy.
But…while I’m on the general subject, I’ll go there.
The argument starts with “legal immigrants are fine (I myself am a child of immigrants!), but it’s the illegals who are terrible. They rape and pillage and steal and murder and all kinds of other awful stuff!”
Let’s start by pointing out that undocumented immigration is not spiraling out of control, it’s actually down from 12 million in 2007 to about 8 million now (you’d never know it if you listened to the news, though).
Furthermore, immigrants are actually less likely to commit crimes than natives (I know that doesn’t sit well with a lot of people who listen to talk radio, but it’s the truth).
Then, let’s get some perspective: Given the choice between starvation and food, would you choose to (a) starve, or (b) eat? I would hope your answer would be (b). Undocumented workers come into the country because they need the work to survive.
And calling them “criminals” is a bit misleading. You see, they can’t really get in legally themselves.
Farmers need cheap labor. If you want to go out and pick lettuce in 110º heat for 12 hours a day, be my guest. I think you’ll find almost zero interest in Americans in doing this kind of labor. Restaurants need cheap labor. If you want to wash dishes all day, be my guest. But again, you won’t find many Americans willing to slave away washing dishes at minimum wage.
The immigrants do the jobs we’re not willing to do.
The political answer is simple: Make it a straightforward process to bring workers into the country, under effective guest worker programs. Document them. Tax them. Track them. But erecting massive walls to keep them out is really not a solution.
The cost of illegal immigration
There is also a disingenuous argument that undocumented immigration is destroying the country’s economy and causing high taxes. This is not backed by data. The CBO itself has determined that 70-80% of undocumented workers pay Federal, State and Local taxes, and $7 billion per year to Social Security. In Texas alone, over $18 billion per year is added to the state budget by undocumented immigrants. Again, the facts are lost.
Let’s take the position that there is, in fact, a cost. Fine. But then, that’s even a stronger argument for documenting them, isn’t it? Let’s document them, and tax them.
Incidentally, the Great Wall of China didn’t work (and it wasn’t an immigration wall, it was to guard against invasions from the Mongol steppe tribes, as Mr. Trump recently learned for the first time). Walls don’t work.
Undocumented immigrants are easy targets. They are poor, can’t represent themselves, and they’re, well, different. But scapegoating another race or class of individual has never worked well historically. The truth is that a country needs a steady stream of fresh immigrants to survive. We need the educated immigrants to continue to fuel our technology boom; we need the uneducated immigrants to pick our lettuce; we need immigrants to breathe life into an economy; and finally, we need immigrants to create a healthy population pyramid (unlike xenophobic Japan, for example, whose anti-immigration policies are destroying their economy).
For my part, I just want to see a reasonable, sensible discussion based on common sense and facts. Not wild, unjustified opinions.
That would be a good start.
Modern software development is going through a massive change. Cloud computing, big data, new methods of developing products — the convergence of these factors (and others) has put the world of development into one of the most significant evolutions in how software gets designed, developed and managed.
A central part of this change is the DevOps revolution — new methodologies and tools to deal with the massively complex computing environments we live in today. At the same time, we are seeing the emergence of a game-changing technology, Docker, which is sweeping the development community with breathtaking speed.
Just google these terms yourself and you’ll see what I mean.
Back in 1993, I was at the birth of the modern internet and this feels just like that — the tools are often rough, difficult, and buggy. And those companies (including mine) that got in and made it all work did very well indeed.
So, I have assembled some of the finest developers I know to help me create a new company, Meros, focused on tools for DevOps. Our first product will be specifically for Docker and will release later this year.
We are currently in stealth mode, with the company being funded by my founding team and me. (We are starting initial discussions with a small group of select early stage investors and if you’d like to know more, email me directly.)
I have had fun working with and consulting dozens of companies over the past several years, doing several turnarounds and, generally, having a blast. But it’s time for me to go back to doing what I do best — running software companies.
I’ve been meaning to write something along this line for quite some time, but never seem to have the time to do it. As someone who currently sits on four boards, plus more advisory boards than I can count, there’s lots to fix in how board meetings are run.
Fortunately, my friend Mike Rogers did the work for me (thank you, Mike!).
You can read his excellent article here.
Jason Heller hired a company to clear out some poison ivy, and got horrible service. He was pissed.
Unfortunately for the vendor, Best Poison Ivy Removal, Jason is a weapon’s grade expert on web SEO. And he is out to make sure that other consumers don’t get ripped-off. Another SEO expert, Kevin Lee, has piled on (bro code in action). This is just the beginning.
And now, let the games begin.
It doesn’t get much better than this.
From CB Insights.
It’s what drives us to create better products, and stay on top of our game.
But how do you find out the skinny on your competitors? You could hire a private detective to fish around, but most likely, they’ll find the stuff that’s publicly available anyway. Yawn.
You can do it illegally, and that’s a really bad idea.
However, there are plenty of ways to find out about a competitor, using perfectly legal methods.
Let’s start with a few tricks.
Glassdoor is a bit of a cesspool, since it allows anyone to anonymously comment on their employer. And, while the intent is good, that is one of the great dangers of the platform: anyone could gang up on a company and write horrible reviews.
However, it’s still a very useful tool to get an understanding of the internal dynamics of a company. Put on a BS filter and read through the reviews and interview comments. You’ll often be surprised at how much you can learn.
Google dorks and advanced search operators
Get to really know Google’s advanced operators to turn search into a powerful intelligence tool. You can also use a number of Google dorks to find things like price lists and other interesting intelligence. It’s not necessarily that hard: I can’t tell you how many times I’ve just typed in the name of a company with the words “price list” and gotten great intel.
I’ve done this with great success: Survey customers of competitors to get valuable information. Or, here’s a tip: you can simply create an inexpensive Google survey and get a quick NPS score on your competitors, and then track your NPS against theirs. Makes for a heck of a game.
Similarweb and Alexa
Unfortunately, you can’t find out what a competitor’s actual web traffic is without hacking into their system (again, no illegal stuff here!). However, you can get a feel as to how popular their sites are by using services like Similarweb and Alexa. And, if you have the bucks, pony up for ComScore.
Always set up a Google alert on a competitor to stay on top of what they’re doing.
Keep an eye on their keywords
Track your competitors through Yelp, their Facebook pages, Twitter and Citysearch.
Customers and suppliers
Customers and shared suppliers are amazing sources of information. In fact, some of the most valuable intel I’ve learned is from customers. Pricing, product plans, release schedules… the works.
Watch who they’re hiring
You can learn crazy amounts about a competitor by watching who they’re hiring.
Yup, you can actually call your competitors and you’ll be surprised at how much you’ll learn. For example, call their tech support with a question, and then perhaps ask innocently “how many people do you guys have in support, anyway”. You get the picture.
Google Trends is useful to see what’s trending, whether in your industry, or with your competitor.
LinkedIn, of course, is a weapons-grade intel system. Not only can you find who works somewhere, but you can also get a feel for employee counts, etc. Employee count alone can give you a feel for revenue.
Ex-employee interviews and hires
Ex-employees sure seem to like to talk… ANd nothing is a better source of intel than a disgruntled former employee. This is sometimes a gray area; you don’t want to be in a position where you’re compromising the ethics of an employee’s own confidentiality. But a lot of what they will tell you is not confidential and very useful.
It’s lame to even write this, since everyone knows it and does it. But tradeshows and conferences are cesspools of leaked information. If you want it, chances are you can get it by just chatting away with people. Buying drinks helps.
It’s surprising that competitive “booth busting” is not done by more people. And sometimes, your competitors will do astonishingly stupid things. Be on the lookout for these rare opportunities. For example, many years ago, I was a product manager for a disk utility. A competitor was coming out with a new version, and we were dying to know what features were in it. So I went to a trade show, and they were demonstrating the beta version at the booth. That was somewhat useful, but I really needed to (legally) obtain a copy of the product.
And then something amazing happened: Over the PA system, they announced that they were raffling off a beta version of the software. I couldn’t believe my ears. I ran to an ATM machine, took out $200 in cash and then waited. Soon, a winner of the raffle was announced. I walked up to him and bought it off of him for $200 and we had a beta copy of the company’s software. We were able to run it and find out what features were planned. Needless to say, it didn’t end well for them.
However, keep in mind the Golden Rule. Compete fairly and ethically.
But that doesn’t mean that getting out there and doing some basic reasearch won’t drive tremendous results. You might be surprised at what you’ll discover.
Recently, an executive coach was advising a CEO I work with on building teamwork in his company, and encouraged him to do “ra-ra” type activities (group outings, that kind of thing).
That’s meaningless. While it’s always nice to get people together for a bit of fun, the real way to build teams is to get people working together on actual business problems.
Team-based budgeting is the method I have used for many years to perform the budget process and build teamwork, and it makes a lot more sense than what is often done.
In most companies, budgets are done by each manager turning in a budget to the CFO, the CFO puts it together for the CEO, the CEO cuts out expenses and adds additional revenue, and poof! – the budget is presented to the board.
Not really a workable process.
This brings me to the subject of team-based budgeting.
I’ll start with a story: Many years ago, I started as the president of a software company and found several things wrong with the accounting and finance functions:
– No one had responsibility for a budget.
– The VP of Sales was in a heated deadlock on commissions.
– Forecasting was done on a hope and a prayer.
At the time, the company was small — about $15 million in revenue — and so, at that size, it had largely been run on a sort of “financial dictatorship” by the major investor. Well, considering that this shareholder was dealing with a management team that didn’t really understand finance, his point of view was understandable.
However, it’s important to develop a team-oriented approach to forecasting and budgeting. By implementing this approach, I rapidly had the whole senior management team working together smoothly on the finance functions. Better yet, we were able to grow very fast, to nearly $50 million in revenue, without any outside capital. Because we responsibly controlled costs, as a team, we were able to do great things, without a lot of money.
But it really wasn’t that hard. All I did was:
– Rework the financials to make them clear and understandable.
– Make the managers responsible and accountable for their budgets.
– Implement team budgeting
Reworking the financials
Of the three financial statements required to run a business (P&L/income statement, cash flow and the balance sheet), the one that managers must have a good grasp of is the P&L. The other two can be worried over by the CEO and the CFO.
And there we run into a problem: GAAP accounting, which can muddy the scene. Revenue recognition, accruals, depreciation and amortization can make it like a company is bleeding money hand over fist, but when you really look into it, it’s actually doing just fine. Or, a company can look wildly profitable, but is a toxic mess (anyone ever heard of the old Computer Associates?). Reading a modern financial statement, especially for a software company, is a bit of an art in itself.
So first I pivoted the focus onto billings as the topline focus. Billings is what sales guys go for, what they see “on the board”. They closed a deal, and it was for $100k. That’s what they see, and that’s what motivates them, and that’s what you want them to get.
There are fine nuances to get into here, that aren’t worth cluttering up this article with. It’s different in a SaaS environment (where you typically compensate on MRR/ARR and make that your target), and yes, there are cases where you may not compensate on billings. But the bigger point is, get a number that’s real to the sales people, that they can go fight for.
So the first thing I got everyone around was the concept of one topline number. And it was the billings number. This was in direct contradiction to what the CFO had been doing earlier (bizarrely, paying commissions on recognized revenue).
Now to the expenses: there are expenses that managers have control over, and ones they don’t. They go out and buy something for $10,000, it’s $10,000. It’s not some amount amortized over a period of time.
I wanted the managers to know that if they bought something, it didn’t matter how we would book it from an accounting perspective: they bought it. Business live on cash flow, and the impact of cash decisions is vitally important for managers to understand.
So I went a step further, creating a “modified EBITDA”. Basically, I turned the P&L into a cash-based accounting system (we still maintained a separate set of standard GAAP financials for the board, investors and other external parties).
To create my modified EBITDA, I simply added back in certain capital expenditures to my EBITDA figure to get an income statement that reflected actual cash spend, making it easier for everyone to understand.
And then I got them all in room and we budgeted as a team.
Now, depending on your business, you can probably ignore the other pieces of advice here, but this last one is important.
The way you do team based budgeting is to you set the goals in advance of the meeting — a realistic target. Like: “20% operating income, 25% increase in sales.”, and so on.
You then give all the managers enough time to pull their numbers together. Each has a departmental spreadsheet for their own area.
For the sales forecasting side, I would work between the product teams and the sales teams to get our product launch dates figured out, new versions, etc. I would take the teams off-site and we would work through the product planning. (Product planning is a huge driver for revenue, and something to spend quite a bit of time on).
And then I got all of the management team in the same room. We sat with a large-screen projector, and our spreadsheet was built with links where I would have all of their files loaded at the same time. Then, we would go through every manager’s area, and they would have to account for their expenses. As we made changes to each department’s budget, the main P&L forecast was automatically updated, giving a very quick view of the impact of each little change.
Now, peer pressure is a powerful motivator. We’re all on the same team, so when the sales person says “I can’t get sales without more leads”, the marketing person is right there to answer him, and the CEO is right there to work with the team.
When I first loaded that spreadsheet, it was comical, as a first-pass budget always is. Everything was in the red, because sales people sandbag and managers ask for more money than they need. But after a marathon two or three-hour session, we started to get to reality.
The CEO is driving the process. But the CEO is letting the team work on the heavy lifting of figuring out where to get the money.
I’ve literally been in a situation where I said “not enough money for a Christmas party”. R&D and sales then began to horse-trade expenses back and forth to get the money for the Christmas party. We got our Christmas party. (I really doubt I would have killed the party, but it was the idea that counted — that we had to work out a way to cut more costs so that we could earn the luxuries.)
After one marathon session, managers are given homework, to go back and figure out ways to get the costs worked down more (or get the sales up). Department heads have individual break-out sessions with other department heads to work on the budget. And then we have another team meeting a week later.
After that, the budget is pretty much a wrap.
Getting to the target number becomes a game. And when you have a game where everyone works together, you have a team.
Key is that the managers own their budget. They are given leeway to execute on their plan, although I still had in place basic cost controls to ensure that costs were still being managed.
Pushing responsibility down into the organization is the way that company’s succeed. And team-based budgeting is the first step to correctly delegating and managing authority.
A while back, I had a bad cold and was sitting at home with not much to do. So I decided to write a little ebook on avoiding common mistakes in writing.
I have no intention of making any money off of this, it’s just a fun little primer. It’s up on Amazon, and it’s free for the next several days.
Yesterday, Kaspersky announced that some of its internal systems had been breached. While this may have created a sense of Schadenfreude in some parts of the security community, Kaspersky has handled the situation quite well. Instead of other companies that have suffered a breach, Kaspersky worked straight from the crisis management playbook — full disclosure, plenty of information and a plan. Kudos.
As Graham Clulely says: “In short, it handled what could have been a corporate crisis well – and reassured customers and partners that their data was safe, and the integrity of its security products had not been compromised.”
(Although one can’t help but wonder at the timing. According to the press release, the malware was found in “early spring 2015”, but the announcement is coming on June 10th — just a few weeks away from the official start of summer…)
Kaspersky is being up-front, but they are also spinning this as a research item. And that’s okay, because it is some fascinating research. This is a very interesting new malware variant, and quite sophisticated, quite likely tied to state-sponsored activities.
But they just can’t help being Kasperskyish:
From a threat actor point of view, the decision to target a world-class security company must be quite difficult. On one hand, it almost surely means the attack will be exposed – it’s very unlikely that the attack will go unnoticed. So the targeting of security companies indicates that either they are very confident they won’t get caught, or perhaps they don’t care much if they are discovered and exposed. By targeting Kaspersky Lab, the Duqu attackers probably took a huge bet hoping they’d remain undiscovered; and lost.
(Yeah, that explains the Schadenfreude part.)
Anyway, the bigger story is the state of the antivirus detections on the day following Kaspersky’s announcement.
Considering that most antivirus vendors practice what I call “hash-whoring”, where hash detections from VirusTotal or internal scans are dumped wholesale into their databases (explaining the massive size of today’s antivirus engine), the poor detection state of this variant is surprising. (Incidentally, I’m not condemning this practice — it’s a very useful stop-gap until a detection team can make a good detection — nevertheless, it’s abused way too much, especially by poorer quality, also-ran engines.)
And so on.
So, just for fun, I’ve published the hashes below, hyperlinked to VirusTotal. You can click on them as the week progresses to see the state of detection of your antivirus product.
(And, also remember to blacklist the C&C IPs: 18.104.22.168 and 22.214.171.124.)
Is this blog post another tired rant against antivirus? Absolutely not. AV isn’t dead. It’s part of a valid belt-and-suspenders approach to security.
But, a day later, and we still see poor detection? Yeah, that part sucks.
If you know me, you know I’m a survey dork. Like, serious survey dork. I live and die by them. Testing, surveys, data.
So I was more than pleased to see Mimi An over at HubSpot take on the task of pointing out the obvious flaws in so many surveys.
It’s a good post. She doesn’t have all of the tricks, but some very useful tips. Like:
- Make the darned thing short. Long surveys (invariably designed by committee) are a good way to get poor results.
- Avoiding Yes/No questions.
- Randomizing answer options to avoid “first-choice” bias
- Correct use of matrices (pretty vital, IMHO)
And more, here.
Today, Microsoft announced its acquisition of BlueStripe Software. As an active board member of the company, I couldn’t be more pleased with the combination (although I will really miss working with the BlueStripe team).
BlueStripe has the mission to help IT operations teams map, monitor, and fix their distributed applications.
BlueStripe’s software, FactFinder, is a type of Application Performance Management (APM) product that is very unique, and very powerful. (The use of the APM label for BlueStripe is admittedly sloppy — it’s technically, per Gartner, Application-Aware Infrastructure Performance Monitoring, or AA-IPM. Nevertheless, the label “APM” sticks and even I can’t stop using it.)
Classic APM solutions help developers and IT managers spot and resolve problems with applications. Typically, this is done in the form of some code that is inserted into an app (kind of like a “barium trace”). This is what a company like New Relic does.
The problem with the code-centric solution is that it’s great for developers to debug their apps, but it doesn’t help IT or DevOps folks. So, the typical solution to an application problem is for enterprises to hold large “bridge” calls, where IT, DevOps, and app developers all get on long and often painful conference calls to determine where the fault lies.
FactFinder doesn’t rely on any code, and is a different type of APM. Instead of code, it relies on lightweight and intelligent agents (called “collectors”) directly installed on servers and desktop systems to monitor a broad set of applications. These agents then feed up into a map of all major applications, allowing an IT executive to immediately spot (and dig down to) where the problems are.
For example, let’s imagine an application in banking. When a person inserts their ATM card, a series of actions occur behind the simple ATM transaction, often involving a series of applications residing on various servers. And, let’s say that ATM transactions typically take under 30 seconds, but suddenly, start taking over 2 minutes. Something is wrong. It could be a failed connection, a configuration issue, bad code, DNS issues, rogue applications, mis-matched bandwidth, memory or storage — whatever. With FactFinder, the IT executive gets an immediate alert, and can visually determine where the problem is, dig down and fix it.
It’s wickedly cool stuff.
FactFinder can monitor pretty much anything. Windows, Linux, Solaris, and AIX servers, and even using containers like Docker. It can even monitor response times from other servers (mainframes, 3rd party services) that are part of an application. And, it monitors both packaged applications (SAP, PeopleSoft, Exchange, etc.) and custom-built applications.
Environments are becoming insanely complex
The problem of managing complex application environments is even more difficult because of two trends: virtualization (massively multiplying the number of servers and the complexity of the environment) and the move to the cloud.
It’s not unusual for a server to have 12, 20, 50 virtual machines — on one server. And the cloud… well, it’s not “the cloud”, it’s almost always hybrid deployments in enterprises. So you have a multiplication of complexity, because you have apps and data residing on the private cloud, and apps and data on the public cloud. You get the picture. Sucks to be an IT ops person.
And this is where FactFinder becomes intensely interesting. Because it can monitor the apps in these complex environments.
Which brings me to…
Where Microsoft fits in.
In my opinion, BlueStripe is a perfect fit for Microsoft. In fact, I can’t think of a fit more perfect.
To explain, Microsoft’s centerpiece in its systems management strategy is Systems Center Operations Manager (SCOM). SCOM provides IT managers with a total view of network operations.
FactFinder provides many advantages to SCOM environments, by discovering, managing and measuring application and platform dependencies.
IT managers can have FactFinder automatically build topology diagrams (not possible now in SCOM), map a dynamic application architecture, monitor dependencies and provide full coverage of dependency failures (you can see a 30 second demo at TechEd by Nick Burling to get a quick idea of how it integrates).
Simply stated, it “turns the light on” for IT, development and DevOps as to what is happening to with applications on their network.
In addition, BlueStripe Performance Center for Windows Azure Pack adds application management – and a single view for managing application service delivery, all tied directly into the Windows Azure Pack service management workflow.
Oh, that’s cool.
Well done, BlueStripe team (and the competent banking group over at Pac Crest).
And to Microsoft: You got a good one here.