The whining is reaching a crescendo

Posted on by
Reply

Exec summary: There is a “burnout” meme that is gaining momentum in the valley. Scroll down for a not-insignificant collection of HN burnout posts. Startup employees choose startups for less job security and harder work because there’s the promise of a future reward. If the risk/reward/security/life balance doesn’t work for you then the Valley is filled with a rainbow of other options. Working very hard is not fun, but sometimes it’s necessary. These days we have the luxury of choosing whether or not we want to work hard.

Preamble: Before you unleash on me what was unleashed on Arrington, know that I don’t invest in startups and I have no vested interest in Silicon Valley employees working harder.

Full post:

One of the early Netscapers wrote a scathing post responding to Michael Arrington’s claim that Silicon Valley startups are whining too much. While I disagree with much that Mike Arrington does and says, I do think he has a point.

The debate raging on hacker news claims that “VC’s” are making “employees” work crazy hours to enrich themselves. It leaves founders and early employees who own large chunks of stock completely out of the picture. In most early stage startups, the people working 80 hour weeks actually own the company. So suggesting that they are being exploited is absurd. In fact, even after a Series A round of investment, the founders often still own more than 50% of the company’s stock.

If you’re an employee in a startup, you have chosen a job with very little security, presumably because you are hoping for a large payday. If you don’t want to work long hours with high risk for the chance of a large reward, then you should choose a job that provides you with the work/life/risk/compensation balance that you want. If you’re in a startup and you didn’t make the conscious decision to work very hard for a company that could go bankrupt at any moment, then you weren’t thinking when you took the job. If you did make the conscious decision, then it’s because you wanted the chance of a large reward. In other words, you have a high appetite for risk and hard work and you’re greedy, and that’s OK.

In case you feel you’re alone working long hours, medical residents work extremely long hours that were capped only recently to 80 hours a week after a class action lawsuit. And they don’t get stock. They’re simply hoping to earn a doctors salary.

Arrington does not have the monopoly on imploring his countrymen to work harder and whine less. Christine Lagarde, the current head of the IMF implored her countrymen in 2007 when she was French finance minister to “think less and work harder”. She caught hell from a culture that works 9 to 5 with a 2 hour lunch break when almost the entire country shuts down.  Of course she was asking them to increase working hours from 35 to 40 hours a week.

My advice to you is this: Working very hard is not fun, it doesn’t make you feel good and it is bad for your health. But sometimes in life it’s necessary. In our lifetimes with no world war raging, surrounded by prosperity, good health and free access to education and information, a little extra work won’t kill you. If you still feel like a victim and you’re in the Bay area, go take a tour of the USS Pampanito – a World War 2 submarine – and find out what “hard work” really means. [Make sure you check out the awesome KitchenAid mixer in the galley. I'm hatching a mission impossible plan to steal it.]

The burnout meme has been gaining momentum in the last 4 months. These are a handful of burnout related HN posts that made it to the front page with their date and their front-page rank. One absurd post caught my eye that tries to parlay a passing comment by Linus Torvalds into proof that he too has had a burnout.

2011-10-04 09:40:01 Am I burnt out? Or just not suited for this job? – 4
2011-11-21 11:30:01 Ask HN: How do you know if you’re burnt out or just being lazy? – 3
2011-09-24 03:20:01 Burnout Prevention and Recovery (the MIT stance) – 8
2011-11-29 05:50:01 Burnouts, VC Cons And Slave Labor: A Marxian Drama – 5
2011-07-11 23:00:01 Hire me: a story of developer burnout and how I want to turn it around – 2
2011-09-01 15:20:02 How I got a burnout – 1
2011-09-01 08:50:01 Linus Torvalds and Others on Community Burnout – 3
2011-09-02 08:50:01 Part 2: How I dealt with a burnout – 2
2011-09-01 16:50:01 Startups: Live longer, don’t burnout – 16

And here’s some stuff that did not make it to the home page:

2011-07-08 17:50:01 Ask HN: Dealing with Burnout
2011-07-15 20:30:01 The burnt-out generation
2011-07-28 01:20:01 6 Ways to Battle Stress & Burn-Out On the Go
2011-08-02 00:20:01 Burned out on programming?
2011-09-01 23:30:01 Ask HN: Going Through a Crisis/Burnout – Advice
2011-09-02 20:20:01 Burnout, Crunch, and the Games You Play
2011-09-05 09:30:01 How a burnout changed my life
2011-09-07 02:40:01 Fatigue and burnout: drop-outs, deprived, or the vanguard?
2011-09-22 03:50:01 Solyndra’s burnout burdens other solar upstarts
2011-10-21 16:00:02 Ask HN: Finding the perfect job for the burned-out developer
2011-11-14 19:10:01 Why Millennial Women Are Burning Out At Work By 30
2011-11-17 15:20:01 Burnout
2011-11-23 02:40:01 CEOs: Burning bright or burning out?

 

 

 

The Net will not be bound or gagged

Posted on by
Reply

I remember seeing Napster in 2000 when I worked for eToys.com and thinking “This isn’t going away. It has too much momentum and we always move forward.” I was wrong. Today I’m wondering about the free Web and whether it will ever go away. Our intuition tells us we always move forward and things will become better, faster, cheaper and more free. But the brief history of the Net has shown that is not always true.

In 1990 the Internet was completely free. It was an academic network, run by universities with almost no commercial involvement. The Web wasn’t invented yet, Archie, FTP, Gopher, IRC and network news (NNTP) were how we got around. Piracy was of course alive and well in the form of files uuencoded, broken into parts and posted on NNTP servers. If you wanted porn, it was really, really hard work just to reassemble a GIF.

When the Web came along, it was just another app layer protocol, like Archie or Gopher. But hyperlinks and the eventual embedding of images into HTML pages is what made it far better than any other app protocol.

There is nothing that prevents us from creating as many protocols riding on TCP/IP as we would like. Gnutella has spent 10 years showing us that distributed content is feasible. Tor has shown us that online anonymity is there for the taking. The Web is just another app layer protocol. DNS is just a phonebook for IP addresses and the Net survived the first 13 years of its life without it.

If governments ever decide to take control of basic Internet infrastructure like DNS, the Net will simply change form. The way we get content may stop being the Web and it may start being a new democratic protocol that provides client and server anonymity as well as massive redundancy against government or institutional interference.

What we think of as the free and open Web today may become a place like CompuServe used to be. A place you go to access large incumbents like Facebook and Google. Then there will be that other place where only tech geeks and people in academia go to interact freely with the rest of the world. Initially bandwidth may be slow and connections may be few, but soon the new protocol will mature, become easier to use and will gradually become mainstream, sparking a firestorm of innovation in a new environment that allows truly free communication.

DARPA built TCP/IP to survive a nuclear war. It may yet survive a worse attack by its creator.

Footnote: This post was inspired by the South African Government passing the “Protection of State Information” act today. It restricts the press from publishing what the government deems a state secret with penalty of 25 years in jail for violating the law. Many journalists in my birth country will now have to choose between a lengthy jail term and doing what is in the public interest.

Most vendors lie, but not all

Posted on by
Reply

I’ve been running a small software company for a while now and we are fastidious about reducing costs on hardware and software and getting the maximum bang for buck out of what we buy. Lets put it this way, Hell for a Dell server is spending eternity in our data center. We work them at 80% load until they simply drop dead and then we switch out the dead components and keep pushing them.

During my roughly 20 year career in IT, Ops and software engineering there is one thing that has been universal and consistent. IT vendors lie through their teeth about ROI and how their product will save you money or make you more money.

  • Buy our OS because it’s “enterprise” and “best of breed”. No thanks I’ll use Linux which is free and better.
  • Buy our database “solution” because it’s a new paradigm in “scaleability”. No thanks I’ll use MySQL because it’s better and it’s free and you know this which is why you bought them.
  • Use our translation service. Why translate once for a fixed low price when we can use it as an excuse to move your I18N pages into the cloud and charge you per page served. [Two companies have now pitched this exact service to me]
  • Why pay $12.99 for an SSL certificate when you can pay $1,499 for an EV SSL certificate that will quadruple your conversions.
  • Why buy 20 servers for $50k and lease your own rack for $3k per month when you could be in our “mission critical” cloudified data center spending $20K per month for the same thing.
  • Why use Nginx free for load balancing when you can get this dedicated hardware balancer hardware for $40K that can barely keep up.
It goes on, and on, and on. I am so easy to sell. If you can make me more money or save me money, I’m interested. But few salespeople who pitch me have a product that can do that for real. The only possible explanation is that true innovation, the kind that helps deliver more value or improve efficiency, is rare.
Companies that do deliver commercial products with real value or improved efficiency that I use:
  • Dell servers
  • *my hosting provider who shall remain nameless for security reasons* Email me if you’re interested.
  • Websitepulse for server monitoring. Super reliable and cost efficient.
  • Linode for small virtual servers for dev and little projects.
  • Apple for iMac workstations, iPad2, iPhone and their macbook and macbook pro – we have all of these and besides being pretty, we use every one of them every day.
  • Authorize.net for payment processing
  • Chase Bank. Their business banking is superb and if you’re a disciplined credit card user who has a history of not paying a cent in interest, get the Chase Saphire Preferred card – it’s Visa Signature so it has concierge and it has the best rewards in the biz. But beware if you aren’t highly organized because the interest can ratchet up to 29.99%. We’re considering ditching Amex rewards cards (biz and personal) for these. American Express you can contact me if you want to know why.
  • Intuit products including Quickbooks and Mint. Spectacular for biz and personal financial management.
Post in the comments if you have a favorite vendor that has really come through for you.

 

Does your Representative oppose Job Creation and Support a Warrantless Gag Order? Ask them.

Posted on by
Reply

SOPA is a bill (HR 3261) sponsored by Lamar Smith (R-VA), John Conyers (D-MI), Bob Goodlatte (R-VA), Howard Berman (D-CA) and several co-sponsors. The first hearings on this bill will begin in congress tomorrow, November 16th.

If SOPA is passed, it will give the US Government control of the Domain Name System in order to allow them to “cut off” blacklisted websites. This is tantamount to giving the US government control of major newspapers at the printing press. If an edition is deemed unsuitable, it never leaves the press.

The bill has been branded as a device to protect “our” intellectual property and something that is targeted at software pirates, thieves and criminals.

The reality is that SOPA will give the government control over who has the right to speak.

Print, radio and television are being replaced by Internet delivery systems from streaming music to video on demand, online newspapers and blogs. Every one of these relies on DNS to stay online. If our government has control over our DNS system, it has the ability to issue an instant warrantless gag order to any individual, corporation or organization if it doesn’t approve your message or content.

The World has moved online. If this bill passes and is signed into law, it will go far beyond ending the Free Internet. It will remove the press freedoms we had before the Internet existed.

SOPA’s effects are far reaching and go beyond government control of DNS. The effects will include harming businesses that rely on user generated content and preventing the creation of new businesses like Facebook, WordPress, Twitter, Google’s YouTube and many others. The bill will effectively kill a powerful job creation machine at a time when we need it most.

Use this link to contact your congressman and express your view on SOPA.

You can learn more about SOPA and the destruction it will wreak at:

Can you build a Big Business on Apple’s App Store?

Posted on by
2

A good friend refers to the Apple App Store as the California Lottery. So I thought I’d do some rough numbers on how feasible it is to build a big software business creating apps for iPad and iPhone and selling them in Apple’s App Store.

The Apple App Store will still own three quarters of mobile app revenue by the end of 2011. It’s the place to be if you want to develop paid mobile applications.

According to Apple, they had paid out developers $2.5 billion since the creation of the app store until July this year. I’m including this as a sanity check on my numbers below.

According to this article, the combined revenue of all app stores will be $3.8B in 2011, with Apple owning 75% market share. That’s $2.85B total revenue for the app store in 2011 with 30% going to developers so total payout to devs will be approximately $1.995B for 2011 (which roughly gels with the total all time payout number above).

The app store just passed 500,000 approved apps in May 2011. (Edit: fixed a typo. Apps, not developers)

In May of this year:

  • $3.64 was the average price for paid apps.
  • There were 244,720 paid apps.
  • There were 85,569 unique developers.
If those paid apps split Apple’s projected 2011 revenue to developers of $1.995B between them, they each earn $8152.17 per year. There will be more paid apps by the end of 2011 than there were in May, so the same calculation for 2010 revenue to developers gives us: $2.1 total sector revenue X 75% apple’s market share X 70% developer share gives us $1.1025B / 244,720 paid apps = $4505 per app in 2010.
I’ve calculated both 2010 and 2011 revenue per app because the only data I have on total paid apps is from May.
So total revenue per app now is roughly between $4K and $8K per year based on my back of the envelope calculations.
While app store revenue is increasing, so is the number of developers in the app store, exponentially:
Lets say you create a startup producing Apple App Store apps. You manage to completely dominate the app store in 2011 and capture 1% of the total 2011 app store revenue of around $2 billion that Apple will pay out to developers.  That’s $20 million in annual revenue. Remember, you’ve just owned 85,560 other unique developers and a quarter million other paid apps, which is not impossible.
To put this in perspective, here is the 2010 annual revenue from a collection of well known software companies, leaving out the eye watering revenue from companies like Oracle, Microsoft, Apple, Google and the like.
Sources:

Food for thought.

WordPress Security: Have you been hacked?

Posted on by
1

I’m reposting this again because many of the emails I’m getting say “if you’re still interested”. Please contact me at mmaunder at gmail.com if your wordpress installation has been hacked. I need you to send me any files the hacker left on your system. To return the favor I will include you in a free beta program we’ll be launching within weeks that will solve your WP security problems for the forseeable future.

Email any compromised WordPress files, malware, WordPress backdoors or trojans to mmaunder at gmail.com. Thanks.

Your Vision May be Clouded

Posted on by
12

I took a lot of crap when I decided to vertically integrate our business four years ago and I invested around $40,000 with Dell to buy our own server cluster. Right then THE CLOUD was the hot new thing, and still is and I was not getting on board. I leased a rack at a respectable Seattle based hosting facility and my wife added the ability to unbox and rack Dell 2950 servers to her long list of talents. The hosting facility team would have done it for us, but we like to get our hands dirty.

That was the most work we did to set up our own server cluster. Four years later we have a 99.9% uptime record and we run a profitable company with an ad network, real-time analytics product and a free virally distributed service off our cluster of 20 machines. When we mail our customers we send over half a million emails in less than 24 hours off our own email server. We serve between 400 and 800 application requests per second all day long.

During the last four years I’ve watched friends and acquaintances get burned by the cloud either due to down time or cost. We pay $3400 per month to host our 20 dedicated machines in a single rack. We have a gigabit connection to the Net and our average bandwidth throughput is around 125 megabits per second constantly.

I’m tired of the Wired Magazine crowd giving me crap for not “being in the cloud” or “getting with the cloud” or whatever. So I’m throwing this down: During the last 4 years I’ve had 99.9% uptime and I’ve spent a total of $190,000 during those 4 years on hosting, which includes the capital investment in the servers. We’ve had a constant throughput of 80 to 120 megabits per second (increasing over time) and roughly 40% avg CPU usage on 20 dual CPU machines (with dedicated Intel E5410 CPU’s each with 4 cores).  As I mentioned we do 400 to 800 app requests per second and we also have an average of 25,000 concurrent connections on our front-end server. I’ll bet anyone who reads this a beer that you won’t find a cloud provider who can do this for you for less than 3X what I’ve paid. [That works out to $3,958 per month.]

If you think having your own dedicated servers in a colocation facility ties you geographically to one place, it doesn’t. I work wherever I want. For 3 out of the last 4 years I was in Seattle. The last year I’ve been in Colorado. I spent 3 weeks in France this month and while I was there I diagnosed a failing drive in one of our servers, ordered the replacement from Dell which will arrive today and be racked by the support team at our hosting facility. We’ve done hardware replacements or upgrades like this many times, including ordering new servers, upgrading memory, upgrading Ubuntu versions and it’s no big deal. A local support person with an anti-static strap and a basic knowledge of linux shell commands can resolve 99% of issues that come up.

I encourage everyone reading this to challenge the marketing hype around THE CLOUD. Go to Dell’s site, get a feel for price/performance, call your local colo provider and get prices on a full rack with a gigabit connection. You will almost certainly be surprised at the bang you’ll get for your buck and how easy it is to manage your own physical machines.

Understand that THE CLOUD exists as a buzzword to help software companies sell more software as a service. It’s sad when software startups who should be using the buzzword to sell more service get taken in by the marketing and outsource their core infrastructure.

Working culture differences between France and the USA

Posted on by
2

I’m startled at the differences between French and USA working culture. I’m not going to wax judgemental on this because I love many aspects of both French and American culture, so I’ll share my experience as an observer:

In the USA I spent much of my time during the last year in a very small semi-rural town called Elizabeth Colorado with a population of 1500 according to Google. Elbert County that contains Elizabeth has probably around 5000 people. Elizabeth recently got a local Walmart which is basically a giant warehouse in the middle of a field surrounded by sparse houses and horses.

The Walmart in Elizabeth is open 24 hours. Being in Colorado and just under 7000 ft, Elizabeth gets some gnarly blizzards, the kind with driving snow and road cracking ice that layers up nice and thick. That Walmart stays open even in the worst weather. I’ve been down there at 3am in a blizzard with fresh laid snow covering the ground, using 4×4 to get in and out of the parking lot.

I’m currently in Bordeaux in France and I’m helping to renovate an old building that was built during the US civil war. Pretty much all buildings in this town, the town of Blaye in the Aquitane region, were built during that time.

We needed a few tools – chainsaw sharpener, wrench, curtain rail etc and headed down to the hardware store today. We spent around 40 minutes shopping, talking to folks and getting help, shopping some more. The next thing the manager pokes his head round an aisle and says they’re closing. So we start walking towards the checkout and the lights go out. All the checkouts are closed. The entire staff is heading out a side door and the front of the building has it’s shutters down. We’re almost the last people in the building. They indicate we need to drop what we’re carrying and leave and come back 2 hours later when they reopen after lunch.

So we beg a little and the manager waves to someone in the parking lot. A rather huffy woman stomps back inside and makes sighing noises as she checks us out because she counts on having her 2 hour lunchbreak to get (I’m assuming) chores done and meet with people etc. Once we’re checked out we’re hurriedly ushered out a side door and into the parking lot with our winnings.

I don’t actually have a problem with this. While we were in the store and they were open our shopping experience was great and the store attendants were very helpful considering how awful my french is. But don’t mess with the lunch break.

What ties in with the lunch break window is lunch at restaurants in France is between 12 and 2pm and I dare you to try and have lunch at any restaurant (outside a big city) before or after 12 to 2pm. I sat down at 11:45 at a sidewalk pizza joint 2 days ago while the place was open and the chef was having a beer with a friend. He came outside and told me I’m defying the laws of physics because “It’s not possible” and I need to come back later. He was very polite and now that I get it, I totally understand.

Be Right Back – with a solution to your problems

Posted on by
1

I’m driving through Europe for the next week so am not very available online. Currently in awesome Andorra. So if I’m not very responsive to your WordPress security needs I apologize. However, I have been working on a permanent fix to help with the recent spate of WP hacks and will be making it available as soon as I’m back at work. So apologies for the delay and thanks for your patience.

Blogspot security hole lets others view unpublished blog entries

Posted on by
Reply

If you use the “new” Blogspot interface, try saving a draft post and then previewing it. You’ll see you’re previewing it using a link that looks something like:

http://example.blogspot.com/b/post-preview?token=<long-encoded-string>&postId=532662776851272&type=POST

One would assume that Blogspot knows you are “you” because you are signed in to Blogspot and it identifies you using a cookie. So it shouldn’t be possible for anyone else on the Net to view your unpublished blog post right? Wrong.

If anyone else sees that link with the token, they simply paste it into their browser and they can view your unpublished blog entry.

I thought that this would present a problem if you’re previewing a blog entry and you click an external link you included in your blog post. This would send your “preview” URL to that external site as a referrer, which means that external site can access your unpublished blog entry. Google seem to have anticipated this and they prevent you from clicking anything on the page by putting a DOM overlay on the preview page.

However, all widgets on the page load. That means if you’re using a Facebook Like button, a stats widget, popular pages widget or any other external javascript widget that logs the current URL (pretty much all of them) then those external sites can access your unpublished blog entry. More importantly anyone who those external sites share the URL with can access your unpublished blog entry.

I thought perhaps if I logged out of Blogspot, that security token would expire and no one would be able to access my unpublished blog entry. Nope. It’s still accessible.

Providing security through the hope that no one will discover a hidden URL in a world where URL sharing has become a deep part of everything we do is not a good design. Blogspot team please fix this. Thanks.