Content Theft Is Legal

I don’t care much about search engine traffic anymore. These days my business relies on other traffic sources. We run a fairly busy WordPress security blog and our readers are mostly folks on our large mailing list.

But we do get some search traffic and so now and then I’ll check in on how that’s doing. Today I wanted to see how one of our newest posts was ranking. It’s titled “Is WordPress Secure?“. The post is a question we get frequently from our customers and that a friend recently asked about – so I wanted to give our customer service team something to point to.

Seven days after posting I noticed the post was not ranking at all. It appeared to have been removed from the search results. For some reason I picked a random phrase in the post and Googled it and the problem became obvious.

Six websites had scraped our content verbatim, most of them including our images, and republished it without modification. They are all now ranking above us. In fact if you do a Google search for a phrase in the post –  “Think of your website as a giant dartboard and a hacker is trying to throw darts that simply have to hit the board.” you’ll notice that we appear below the ‘omitted results’ threshold and right at the bottom of the results.

I’m fairly confident this is a straight up ‘duplicate content’ penalty we’ve been hit with because we still rank #1 for our usual search phrases in our category.

It turns out this problem is not fixable in any practical sense. Google used to have something called Authorship which may have helped identify who owns content, but they cancelled this program back in 2014.

Now your only option appears to be to issue DMCA takedown notices to websites and hope they comply. This effectively makes content theft legal unless the author chooses to take action and has the resources to do so.

The result of this is what has happened in the adult film industry. MindGeek has become a monopoly through content piracy and leveraging the DMCA. They created or bought up sites that were pirating adult films. Content owners had to jump through DMCA hoops to get copyrighted content taken down. This was not feasible so they couldn’t keep up. The freeporntube sites became massively popular and profitable. Adult studios profits plummeted and MindGeek, the owner of the free sites ended up buying a ton of studios dirt cheap and became a porn monopoly. It didn’t help that the FTC isn’t exactly rushing to provide the adult film industry with anti-monopoly protections.

When you look at, one of the sites that stole our content, they make it clear they are more than happy to comply with DMCA requests with a “DMCA compliance” link in their footer:

Of course they are. The law favors them. We have to jump through their hoops and every other pirate site’s hoops to get our content taken down.

Google isn’t motivated to solve the issue because content pirates are likely to use AdSense, which gives Google a share of the profits. It makes no difference whether that revenue comes from the content owner or a pirate.

I’m curious how other publishers deal with content theft. If you’re struggling with this or have found a solution, please comment below.

Transitioning from Developer to CEO

I used to find it really easy to write. I didn’t know very much about business and wrote about startups constantly – so I probably suffered from Dunning Kruger effect. Don’t laugh, my blog posts back then consistently ended up on Hacker News’s front page.

These days I find blogging about business very hard. I work with a team of people who are smart and have experience and areas of expertise far outside my own. So my first thought as I try to dispense advice to other company founders is “Oh shit, so-and-so is going to read this and know what an idiot I am.”

I think most of my team may already  know how ignorant I am so I probably shouldn’t worry as much.

Anyway, to the point. I used to be a developer  – part of a two person founder team that for over a decade tried to create a business out of thin air, ambition and whatever capital we could scrounge up. At some point the engine actually sprang to life and started running and then quite quickly sped up.

These days we have a going concern with a growing team and whatdyaknow! An actual business on our hands.

Around early 2015 I made a hard transition into beginning to be a CEO as we hired our first team members. The team grew rapidly and today it ranges between 25 to 30 people. The business is busy, we have more than one business ‘division’, three execs, tons of financial throughput and lots going on.


The transition from developer to executive or CEO can be quite challenging I think. To be a developer you need to disappear into your head for around 40+ hours a week and do that for years if you want to be a good developer.

When I’ve been coding for several days, I have found that my ability to communicate verbally suffers. I stutter more – I don’t actually have a stutter, but I have more verbal hesitation. When I’m “on my game” and have had plenty of phone calls and in-person conversations, I find communication easy and I have the ability to make it flow if it gets a bit stuck. I think this is one of the challenges devs face when becoming execs – they need to learn how to communicate and how to make it flow.

As a chief executive, you need to talk to teams or groups of people frequently. The conversation tends to be one sided because you are describing a vision, a goal, a challenge. Even when it is collaborative, you tend to be the one doing most of the talking in a room. You’re the facilitator. Being in many meetings a week where you have to play that role is an acquired skill, but I’ve gotten better at it over time and I’ve also gotten more comfortable with it.

When I started out and our team was just 5 to 10 people, I found our Monday team meetings and Wednesday product meetings quite tiring. We would have them at 10:30am and an hour or two later once the call wrapped, I was just finished. I didn’t have much energy left for a couple of hours until I recovered. As I did more and more of them, I found that they became easier, and then much easier. Now they energize me. It took about 2 years to get there.


Writing is one of the most valuable skills I think any exec needs. The ability to clearly articulate your ideas in individual or group emails, blog posts and documents is absolutely critical. I happen to enjoy writing. I don’t do much personal writing anymore – obviously trying to get back into it with this post. But blogging is, I think, what really helped me become a better writer.

Writing is also an acquired skill and a muscle that you have to keep fit. When I have written several blog posts over a period of weeks, I find things flow when I need to write another. When I’m rusty, the page is an abyss and the abyss stares back.

Writing is probably what connected me with the amazing early investors we had in Defiant (called Feedjit back then). It also served as a source of early marketing, gave me the ability to write compelling copy on our first website and today, writing is how I communicate with our team.


I think leadership and power are often confused. Power is something desired by many. It is seductive and TV and film dramas are filled with scenes of people ‘flexing’ in some way. The fantasy of having someone bend to your will is irresistible if the ratings are anything to go by.

I think when it comes to inspirational leadership, power, a desire for power, the exercising of power and the confusion between power and leadership can be incredibly destructive and toxic for an organization. History has shown that accumulating power and using power devices and structures to manipulate people and groups can get things done. But I choose not to live that way and I don’t want to work for or be part of an organization that conducts itself that way.

My leadership style is still evolving. I’m relatively new to leading a team. I’ve only been doing it for about 3 years now. Perhaps that’s why I’m so willing to write about it – I don’t yet know how little I know. But I would describe my style as follows:

  • Know that there is much that you don’t know and many skills you don’t have and will never acquire. Get really comfortable with that. You’re a hilarious ass. Get over yourself!
  • Assemble a team of talented people who you trust and who are equally realistic about their strengths and weaknesses.
  • Trust your team. In other words, collaborate, and then give them the space they need to exercise their talents and to an amazing job.
  • Collaborate with the team to gather data and then come up with a shared vision for the organization. I find that having many conversations with no whiteboard helps because you are forced to clearly visualize in your minds eye the vision and path forward. That helps you and the team remember it.
  • Once the vision is clear, as CEO you are the custodian and keeper of that vision. It is your job to repeat it to the team when the opportunity arises. The way I do that is to describe where we are headed, why we are going there, how we will get there and what it will look like on Monday morning once we have arrived. [Kudos to my father who was a brilliant CEO and is a great strategic planner for some of that. Dankie Pa!]
  • I generally treat others the way I would like to be treated and the way I want my team to treat each other. I think that requires empathy because everyone has a bad day.
  • I try to create space in conversations so that others can fill that space with their intellectual contribution. I think this may have resulted in others in the organization taking the same approach to running meetings and collaborating.

I no longer code

These days I no longer write code. As with speaking and writing, code is a muscle and if you don’t exercise it, you lose it. If I look at code – usually when I’m evaluating a job applicant or understanding a new vulnerability or exploit – it takes me a few minutes to switch modes and get into the right head-space.

If you are a developer and become an executive or chief exec, I think that it comes with that sacrifice. You may not be the incredibly productive and talented developer that you used to be as you start using different intellectual muscles.


I started my career in operations and did that for about a decade. Then switched to being a full-time developer. So I’m an ops and dev guy. I think that one of the things that is very challenging for technical founders who transition into being a CEO is that you have to step back and trust someone to do a job that is equal to or better than the job that you did.

Stepping back takes a leap of faith. It takes trust. To be completely honest, when Matt B  joined our organization as our first dev hire and I completely stepped back from being the only dev on the product, I actually could not believe the incredibly job he did from day one. I thought “Holy crap, the guy can code and I think he may code better than I do. And he works for us? What is a guy this good doing working for us?”

I think I had a touch of imposter syndrome. I felt like we weren’t a real company even though we were making quite a lot of money and that cash flow was rapidly growing. On a side-note, I suspect this may be why many founders go and raise money – they too suffer from imposter syndrome and by raising money from an investor it makes you a ‘real’ business.

Once Matt and Tim, our first two team members joined, I found that I had to delegate an increasing number of tasks as we hired more people and each time it’s a new leap of faith. You trust that the person you’re hiring is going to do a great job, take your hands off the wheel and every time I was surprised for some inexplicable reason that they did an amazing job.

These days I carefully monitor myself to make sure that I am giving our team the space they need. A day ago I was having a conversation with the team about something technical. It required the developers to discuss whether going a certain technical route was good for the organization, strategically. I initially started leading the meeting and I realized that I was creating an imbalance in the conversation. Because I’m CEO, I was dominating the room and even if someone held a strong opinion they might not voice it if it disagreed with something that I said. Or perhaps they would voice it but my opinion might carry the day by default. So I recused myself from the conversation and asked our lead developer to facilitate the meeting going forward and let me know what the team decides. I also explained why I was recusing myself.


As we scale, leaders are beginning to emerge in the organization. This isn’t the kind of awkward “leadership ability” they teach in high-school where the noisiest or brashest or biggest kid is described as having leadership abilities. Because of the mutual respect we have for each other and the intellectual space we provide for each other in conversations, our leaders are emerging organically and in a very comfortable way. They tend to be the people that simply take on a particular role through passion or necessity or both and the rest of the team acknowledge them as the person to turn to when they have certain kinds of questions or need guidance.

I’m beginning to notice that as we scale, our team is in some cases having to go through the same kind of “stepping back” process that I went through. When we were just a handful of people, we all had many roles. As we grow, some of us are going to have to acknowledge that someone else needs to do a job that we used to do – and perhaps enjoyed very much. That process will be a challenge and we’re just beginning to see that emerge.

Going forward

I’m confident in my ability to continue to grow as a CEO and to grow with the team. We are not a public company working to goose a stock price and we are not a private company that has a high pressure board with a risk of executives being changed out if targets are not met.

One of the benefits of this is that it has created a culture within the company of knowing that it is safe to fail. Kerry (my wife and co-founder) and I failed many times for more than a decade before we created our current successful business. As executives, we are in an environment where we can do risky experiments using large chunks of our cashflow and we know that no board is going to fire us for failing.

Our team knows the same thing. We just started building a completely new department in the company and one of our team members has stepped up to lead that effort. She knows that she can take a risk, step out of her comfort zone and give it her absolute best shot and it’s OK to get it wrong. We’re all in the experiment together and if it doesn’t work out, we’ll just try a different way.

That’s it

If you are a technical startup founder or aspiring founder, I hope you have found this useful. You are welcome to comment here or shoot me an email at and I will do my best to respond to any questions.

Cash vs Flow

If you have a startup and have never been an executive in a business with significant revenue, I’d like to bring something to your attention. The difference between having cash and having cashflow.

In the world of startups, raising a round of funding is a celebrated event. Cocktails, good vibes, something positive was achieved. And make no mistake, having someone(s) back you, believe in you, give you money and say out loud to the rest of the world “This guy/girl/team rocks and is going to kick ass!” actually helps. The support you may receive from the investor can help too.

Funding as a positive event is not a scarce narrative. There are a ton of investors, many with good and pure intentions, who blog about startups, provide advice, data, inspiration – but the business they’re in and their world-view is based on the assumption that startups should raise money and the good ones should raise money from them.

What may be undervalued – and this is why I’m putting keyboard to screen – is cashflow. If you’re a finance newbie, cashflow is the simple concept of a business bringing in some cash every month, minus expenses with a running total of cash-on-hand.

Cashflow is a funny thing. Firstly, it happens over time and so you can’t measure it as a single pile or event. Cashflow isn’t “we just raised $200,000”. Cashflow is more boring. It is “we’re making $10,000 a month, projected out over 24 months in a spreadsheet, minus our burn rate which gives us net income discounted into todays dollars if-you-really-want-a-number-right-now”.

It’s less spectacular, less champagne, less positive reinforcement from a famous investor, but the one thing that makes cashflow different to a round of funding is that it is the flow that keeps on giving. It’s the spring that never runs dry. Cashflow will be there 2, 3, 5 years from now and unless you screw it up, it’ll have increased.

Create a basic spreadsheet. Make the columns your months. Create rows for cash on hand, revenue, expenses, net income.

An initial investment of 500k with burn rate of 30k and you run out of money in 18 months. That’s with no big capital expenditures, and you will have those.

Add just 15k of revenue and by month 24 you still have $155k cash on hand with runway for about 33 months total.

Consider that with $15k in revenue from month 1 you only have to raise half the amount of cash to have the same runway. That means, assuming you’re a good negotiator and deals scale linearly (which they don’t) you could end up only giving away half the equity and control you otherwise would have to.

But this is all basic arithmetic and not really that impactful until you consider that when your cashflow reaches breakeven – and I mean not just ramen breakeven but where you can pay your team market rate salaries, your runway just got extended to infinity.

You don’t have to find some buyer to hopefully purchase your unprofitable team in a talent acquisition which is really just a signing bonus for everyone.

You don’t have to raise any money, ever again. Unless… you raised a round when you started out and your investor has invested in 20, 30, 100 startups and one of them needs to become the next Google or the investor fails.

If you can achieve cashflow and reach breakeven without raising money, you are a golden business god in charge of your own destiny with infinite runway and total freedom. Breathe deeply, you just won whatever that fancy Quiddich prize was in Harry Potter or some similar metaphor.

If you raised money and your investors need a big exit, well, it doesn’t matter that you’re making some cash and are breakeven because you’re going to have to go big or go home and so go out there and raise another round because without it, you are a breakeven business with infinite runway and very unhappy investors.

So where am I going with this? If you raise money from investors who want HUGE, know that you’re on the wheel: The hamster wheel of growth and funding. You have a finite cash pile, you can extend it with cashflow but even if you reach breakeven, you may still be considered a miserable failure. You have to go huge or go home.

If you are somehow able to self-fund by, say, not eating for 2 years and living under a toadstool, and you are able to generate cashflow and reach breakeven…. the world becomes your oyster because you now have a business that you control and all pressure to sell, raise money or do anything you don’t want to do is completely removed. You are in a new world that few actually get to experience. You are in the world of infinite runway, infinite possibility and total freedom to choose your own destiny. It’s… amazing.

There is something about being in this place, this condition, this state of zen and breakeven cashflow, that I think is very good for businesses and may empower them to actually become big businesses. Firstly, you had to get there which is one hell of an education. It’s as real as it gets. You just created breakeven cashflow without a ridiculous initial cash infusion. You and (if you have one) your team did that. They don’t let you do that in business school. In business school they just try to emulate that happening and give you a degree and hope you’ll figure it out on your own.

Secondly, with all that learning, new knowledge and business instinct that has been forged in the fires of Mount Doom (The Mount Doom of negative cashflow), you are now in a state of infinite runway, relaxation, zen and infinite possibilities.

Someone wants to buy you? “No thanks. We’re just chillin, building the next Facebook.”

Got a project that will take a few months? You’re no longer a girl or guy who jumped off a cliff and is trying to assemble a glider before you hit the bottom.

Since you’re actually generating cash, you clearly know a thing or two about making money. Going from zero to breakeven (market rate salary breakeven) is insanely hard. Going from there to 20%, 50%, 100% or more increase in revenue is a lot less hard. Just do more of the same thing with more customers, more efficiently and…. hey look! You’re self funding now! In fact your growth trajectory that took you from zero to breakeven may just naturally continue past breakeven and onward.

I remember how hard it was for Kerry and I. We raised $450K and that seemed like a lot of money back then. We took tiny salaries and then tinier salaries and then salaries you could measure in planck lengths. Then we burnt through all our savings, and that was just the beginning of the negative cashflow free-diving experiment we did. Think you’re good at holding your breath? Try running a money-losing startup for years. We managed to create revenue spikes, but they would go away quickly.

Then eventually we were able to generate growing cashflow and everything changed. We both had post traumatic stress and I think it took a few months to sink in that we had a growing business on our hands and it wasn’t going away. Then we started hiring with our new cashflow and kept growing. The learning trajectory was steep too. Every now and and then we would look back to just 2 years previously and laugh at our ignorant selves back then.

When we raised back in 2008, we had a rather unique conversation with our investors about organically growing the business with it’s own cashflow and we structured a deal that accommodates that. So we’re not in a position where there is tremendous and urgent pressure to become very big very quickly or risk the board firing us. And yet, strangely, the business is growing and is now approaching 30 people with no ceiling in sight. We can breathe, we can see clearly over the horizon and we have plotted a course to become a much larger business using our existing strong cashflow.

Breakeven and beyond is a different world, it is very hard to get to and if you are a founder and are just starting out, I truly hope you will get there too, because once you have a business with breakeven and then positive cashflow, you will begin to truly enjoy being a founder, innovator and entrepreneur.

And Back!

I’m going to start blogging again. I used to blog about startups and business back when I knew very about how to make either succeed. I stopped about 8 years ago except for a few random hobbyist posts.

The reason I stopped is because I realized that, while I had been trying to create a cashflow positive business for a few years, I knew very little about how to do that. I realized my time was better spent actually figuring that out.

Since then I’ve had a hell of a ride. Some of it I’ll share. Some of it I may never share. Honestly, it’s too damn terrifying even for you, gentle and courageous reader.

But I have, as they say, thoughts. And I’d like to share a few of those thoughts with you. So grab a cup of tea, kick back and get ready to bask in the ramblings of someone who finally knows how little they actually know.

Evolution of Bass Frequencies in Rock Mixing and Mastering

Just for fun I’ve been looking at how producers treat bass frequencies since the late 80’s in rock in particular. I ran iTunes through Ableton Live 9 and used a spectrum analyzer to look at frequencies from 0 to 200hz.

Mastering engineers will generally roll off bass frequencies on the EQ so that the very low frequencies don’t mess with a speaker’s ability to reproduce higher frequencies accurately. I was curious how the cutoff has changed and how it changes by genre.

I picked tracks that have some bass and kick in them that span from the 70s until now. I used Voxengo Span with averaging and slow update to monitor EQ at a bassy section in each song. This is completely unscientific and each song has its own instruments that produce totally different frequencies, but its a fun general idea of how things have changed over the years. Here are a few screenshots:

Led Zep, Kashmir (1975)

There’s a gradual increase in bass eq starting around 40hz. The rolloff of bass frequencies if very shallow. The tape used to record probably contributed with its own frequency response.

Guns n Roses, Paradise City (1987)

More even response with GnR.Rolloff starts at around 50hz. They probably also used tape but quality improved as did the frequency response of the desk and other equipment.

Alice in Chains, Would (1992)

Rolloff for AIC also starts at around 50hz and a solid EQ from then up the spectrum.

Breaking Benjamin, Diary of Jane (2006)

14 years later Breaking Ben sees the rolloff only really starting around 45hz in earnest.

Five Finger Death Punch, Wash it all Away (2015)

With FFDP 11 years later you’re seeing the rolloff start at about 40hz and it’s very steep with a solid response after 40hz.

And then just for fun, switching from rock to dubstep, Skrillex’s Bangarang (2011)

Rolloff starts at 40hz for Sonny’s Bangarang but is quite shallow. It’s not unusual to see some sub 10hz action in his tracks. If you compare him to Deadmau5 for example, Deadmau5 keeps things fairly tight with very little action below 10hz but Skrillex keeps some of the really low stuff in there but it doesn’t leave the track sounding woofy at all. It’s still fairly tight IMHO.

Wordfence Reviews – Find them on

I’m posting this to help our customers find objective Wordfence reviews. If you are short on time and would like to view objective, reliable reviews for Wordfence that are moderated by volunteer WordPress moderators to remove spam, you can visit the Wordfence plugin review page on

I’m the founder and CEO of Wordfence. We make the most popular firewall and malware scanner for WordPress. We also offer a site cleaning and site security audit service.

If you do a google search for ‘wordfence reviews’ or ‘wordfence review’, it is quite likely that the first page of results may contain a competitor who has posted something that appears to be an ‘objective’ wordfence review on his personal blog. That was posted in 2012 and I think it’s quite unreasonable for us to expect a direct competitor to have anything good to say about us, which he didn’t. 🙂

The hosting landscape is complex and there are many affiliate and business partnerships between security companies, hosting companies etc. It’s like spaghetti. For example, one major security company is owned by the founders of a huge hosting conglomerate. In another case, a major security company was bought by one of the largest hosting companies but still trades under it’s own brand. And then there are affiliate schemes or ‘kickbacks’ that motivate bloggers to write great reviews for one security provider and bad reviews for another.

The bottom line is that it can be challenging to find objective reviews for Wordfence. The good news is that there is a source that you can rely on, it is 100% objective and it is controlled by a group of volunteer moderators who are awesome and who do a great job of removing spam and making sure that all reviews stay objective.

Your most reliable and objective source of Wordfence reviews is the WordPress plugin repository.

The plugin repository is where we distribute Wordfence. It is an open source collection of plugins available for WordPress. Anyone who uses a plugin and has signed up for a account can post a review on this page.

The moderators who filter out spam are volunteers and they do a really great job of making sure vendors don’t ‘stuff’ good reviews into their product. They also make sure that competitors don’t come in and spam reviews to make someone else look bad.

If you have a support issue related to Wordfence, I would also encourage you to search our forums for a solution or post there if you need help. We have dedicated team members who reply to our free customers in the forums. Our awesome support is why we have so many great reviews and a 5 star rating.

Wordfence reviews

Wordfence also has premium support for our paid customers which you can find at

I hope this blog post has cleared up any confusion on where to find objective and reliable Wordfence reviews.


Mark Maunder – Wordfence founder/ceo.

PS: Reviews like this one below from one of our customers really made my day. It also made Phil’s day. Phil is the security analyst who helped Mike recover from a hacked site. This review was posted today. Mike is one of many happy customers who have used Wordfence to help stay secure.

Wordfence review


Why the term “cyber” is cool.

In 1986 William Gibson published Neuromancer, his masterpiece. In it he coined the term ‘cyberspace’. For many of us it described the world of ‘computers’ at the time. It captured the experience of disappearing into code.

Later ‘cyberspace’ was an uncannily accurate metaphor for getting online and disappearing into, for me, the telephone networks through phone phreaking and later the Internet and the text based online communities like IRC, NNTP, telnet based MUDs and so on.

The term ‘cyber’ is now mocked by those in information security as something uncool. I’m not sure why but I think it’s because the term has been coopted by companies trying to sell products in cyber security.

For me and I think many others, ‘cyber’ and ‘cyberspace’ are precious reminders of the beauty of Gibson’s writing and how he accidentally captured the reality that was to follow in a beautiful metaphor.

This is my favorite passage from Neuromancer as Case is cured and once again is able to access cyberspace. What I love about this passage is that it captures the sense of longing many of us have when we exist in the real world and the sense of belonging when we’re online.

And in the bloodlit dark behind his eyes, silver phosphenes
boiling in from the edge of space, hypnagogic images jerking
past like film compiled from random frames.  Symbols, figures,
faces, a blurred, fragmented mandala of visual information.
  Please, he prayed, _now --_
  A gray disk, the color of Chiba sky.
  _Now --_
  Disk beginning to rotate, faster, becoming a sphere of paler
gray.  Expanding --
  And flowed, flowered for him, fluid neon origami trick, the
unfolding of his distanceless home, his country, transparent
3D chessboard extending to infinity.  Inner eye opening to the
stepped scarlet pyramid of the Eastern Seaboard Fission Au-
thority burning beyond the green cubes of Mitsubishi Bank of
America, and high and very far away he saw the spiral arms
of military systems, forever beyond his reach.
  And somewhere he was laughing, in a white-painted loft,
distant fingers caressing the deck, tears of release streaking his

Working On-Site Considered Harmful

It doesn’t make sense for knowledge workers to be on-site anymore.

Working on-site comes with a significant cost. Quiet time is a precious commodity if you’re in any kind of cerebral role –  and it’s rare in most office environments. Then there’s the distraction of commuting to work, commuting back, people coming and going, the office socializer who wants to chat and so on.

Working remotely has many advantages. If you’re using Slack, you don’t have a situation where the dominant person in the room gets to drown out other opinions. It makes communication more democratic and a side effect is that communication becomes much more relaxed. Less conflict == more fun and getting more done.

When interaction happens via git and a bug tracker in the form of entering and updating issues and pull requests, it keeps things moving forward without the unstructured chaos that in-person communication can create. SaaS for remote workers makes communication more structured.

It surprises me that so many companies in the software space are still hiring on-site workers and developers in particular. I suspect it’s for two reasons:

Firstly, managers or execs think a major part of their contribution is to “oversee” their team. This comes from a kind of personal insecurity caused by them not being able to contribute in other areas – frequently because they’re non-technical, so they need to “manage” to contribute. This is solved by hiring execs or managers who are competent in their own right – and in a tech company they need to be hands-on technical and current in their skills. I’ve met too many managers who just “manage” and mention their MIT degree and tell coding war stories.

Secondly, I think a reason companies want to hire on-site workers is a lack of trust. They don’t think it’s possible to hire people who can be left alone to create amazing things. They think the team has to be put in a room and monitored at all times. This has evolved into persuading them to stay in the room by bringing chefs and masseuses into the office.

I think over the next 10 years we will see the first Google’s and Amazon’s emerge with 100% remote workers. They will create a new normal for tech companies to go remote. That will cause a massive exodus from urban centers. It’s going to have a huge impact on property prices and rentals and a significant impact on the landscape. Cities like Seattle, which is overcrowded with Amazon workers will see profound changes.

Fifteen years from now we’ll look back and giggle at how we used to crowd smart people into little boxes with bright fluorescent lighting so that we could watch them while they did work they can do from anywhere.

We’re hiring at Wordfence. All our roles are remote. We’re a team of 9 full-timers and we have 7 positions currently open (the forensics role is X3). If you’re the best in the world at what you do, are passionate about information security and you’d like to regain your freedom, we’d love to hear from you!

The Longer Term Effects of the Paris Tragedy

Having recently lived in France for a year, my heart goes out to the French people. I lived in South Western France, but fell in love with Paris as a city of art, philosophy, history and music. That it was targeted with such violence last night is a travesty of epic proportions.

London Bridge

London Bridge lit up with the colors of the French Flag tonight.

At this time there are 129 deaths and 352 injured according to Le Monde.

I’d like to spend a few minutes thinking about the longer term effects of what just happened in Paris. My background if you don’t know me is: I’m a CEO of a cyber security company, I’m a software engineer and I’m interested in public policy.

2,977 victims died in the World Trade Center attacks on September 11th 2001. The attacks had a profound effect on public policy and foreign policy world-wide. The result was a US led war in Afghanistan and a further war with Iraq. The cost and effect of these wars continue to this day, 14 years later.

The WTC attacks also led to the Patriot Act and a huge increase in surveillance by the United States and intelligence partners. The intelligence partners are the “Five Eyes”  which include the USA, United Kingdom, Canada, Australia and New Zealand. The Patriot act was the tip of the iceberg and since the Snowden revelations we have now learned the depth and breadth of the increase in intelligence gathering and surveillance post 9/11.

The Oriental Pearl Tower in Shanghai showing French colors tonight.

The Oriental Pearl Tower in Shanghai showing French colors tonight.

The impact of the WTC attacks can, today, in my opinion, be compared to the impact of the Pearl Harbor attack in the way it changed US foreign policy and public policy. The day after the Pearl Harbor attack, the US declared war on Japan and Roosevelt and later Truman demanded the ‘unconditional surrender’ of Japan as the only acceptable end to the conflict.

More recently, post 9/11 in the United States and world-wide the public appetite for conflict had started to taper off starting in 2008 with the Obama campaign that ran on a platform of exiting Iraq.

Added to this there was a tapering in the public appetite and tolerance of surveillance with the Manning leaks published on Wikileaks in 2010 and the Snowden revelations in 2013.

The number of casualties in Paris yesterday are not as high as Pearl Harbor or 9/11, but we live in a post 9/11 World where we already have an increase in conflict and surveillance. The public also has an increased sensitivity to these kinds of attacks.

The Brandenburg Gate in Berlin

The Brandenburg Gate in Berlin

In my view, the Paris attacks will bring us back to the world-wide climate we encountered immediately post 9/11. It will ensure that France enters any war it hopes will reduce the threat of domestic terror and France will go beyond that. France will actively, as the USA did, seek retribution for the attacks yesterday. Manuel Valls (France’s Prime Minister – the equivalent of a Chief Operating Officer) said today that “We must annihilate the enemies of the Republic”, which sets the tone of the response going forward.

If this had happened in the absence of 9/11, the French response would have been severe, but would not necessarily have been backed by a long term global response. Because this is post 9/11 and because it refreshes the global memory of the impact of terrorism, this will have a much wider influence on global governments and their public and foreign policy.

The Sydney Opera House Tonight

The Sydney Opera House Tonight

I expect that there is a show of solidarity with France that goes beyond countries displaying the French flag on public and private buildings last night and tonight.

France will likely be brought closer into the Five Eyes intelligence sharing arrangement which has so far excluded all European countries with the exception of the United Kingdom. [And in fact had an adversarial relationship with countries like Germany]

In response to Charlie Hebdo, France passed a new surveillance law in May that allows the monitoring of phone calls and emails without the authorization of a judge. The law also requires ISP’s to install devices to sniff Internet traffic and make that traffic available to French intelligence services. The law is essentially the USA Patriot Act without the need for a FISA court to authorize surveillance.

San Francisco City Hall

San Francisco City Hall

The tragedy yesterday will likely provide the impetus to pass additional laws that cover anything that legislation earlier this year may have missed. That earlier law doesn’t appear to have missed much.

I hold no strong opinions either way on public surveillance. That we appear to need surveillance, I consider tragic. I’d also prefer to not have secrets, but a thought experiment I came up with a few years ago seems to indicate that the need for secrets is inevitable.

My interest is in understanding what will happen next, and we appear to be headed into a deeper spiral of surveillance, conflict and secrecy. I’d prefer that things were different, but I’m angry too.

3DR Tech Data and Review

I owned an IRIS+ by 3DR from Jan this year until a couple months ago when I lost it in a large desolate area in South Africa. The search is still on. As a former IRIS+ owner that pushed my drone to the limits of what it can do, I thought I’d post my first impressions of the Solo by 3DR. This is targeted at an advanced audience.

For some context, here’s video I shot with my IRIS+ earlier this year using a Hero 4 Black and the Tarot T-2D brushless gimbal.

I got my first Solo this week. The unboxing experience is awesome – well done 3DR, very Applesque.

The first person video via iPad is awesome. The way 3DR has designed the drone is interesting. With the IRIS+ you had a controller that spoke 2.4Ghz to the drone to control it. Then you had a separate radio that spoke 900Mhz also to another transceiver on the drone which is how you received telemetry. I actually loved this setup on the IRIS+ because the 900 Mhz radio had significantly further range than the 2.4ghz radio and it’s easy to buy high gain directional 900 mhz antennas or antenna amplifiers.

The Solo has a single 2.4 Ghz radio onboard which talks to the controller. The controller acts as a Wifi base station. All devices (like your iPad or android phone) connect to the controller as a wifi base station. As soon as you connect what happens is the controller starts sending your device UDP packets to port 14550. If you have software running that’s listening at that port, the software receives the data from the controller and displays it in the user interface.

So you can have an iPad, Android phone and a PC all connected to the controller at the same time receiving data from the drone.

The Solo has two antennas that are in the legs, diagonally opposite each other. There is a third leg that has a tiny circuit board and I suspect this is a GPS antenna, but I’m unsure at this time.

I disassembled my solo. A few tips on disassembly:

  • The shiny black hood does in fact come off. You need to unclip it from the underside. Look closely under it and you’ll see three tabs. If you push those out with a screwdriver you’ll get it off.
  • Unlike the IRIS+ the main board is harder to get out. You need to unclip most of the electronic plugs that are on the board to be able to see the underside. Then you can slide it out partially. I didn’t go further than that because it looked like I’d need to start unsoldering things to get it completely out of the aircraft.

The two antennas in the legs are MIMO antennas and I haven’t verified this but I’m assuming they’re talking 801.22n to the drone. I suspect what 3DR have done is to have the drone connect to the controller as a base station like other devices have, but I haven’t confirmed this and have no data to support this theory. I used a wifi sniffer to give me the data that I have on how the controller speaks UDP to clients, but my wifi sniffer is only 802.11b/g and I’ve ordered a card that supports 802.11n but am waiting or it to arrive. Once I have that, I will be able to tell if the drone is speaking 802.11n to the controller or if it’s speaking a proprietary protocol.

To use Mission Planner with the Solo, you need to connect to the controller’s wifi as a hotspot. Then launch Mission Planner and select ‘UDP’ as your connection type and hit ‘connect’. You should immediately download the config and start receiving telemetry.

Good news: Even though 3DR have completely hidden away the ability for the Solo to fly a flight plan in full Auto mode, you can still do it. Here’s how:

  • Launch Mission Planner
  • Set up a flight plan with waypoints etc.
  • Upload it to the drone.
  • Arm the Solo.
  • Then go into ‘Flight Data’ and click the ‘Actions’ tab on the bottom left.
  • Select ‘Auto’ from the drop down list and click the ‘Set Mode’ button.
  • The Solo will immediately launch. This is different from the IRIS+ which required you to put the controller into ‘Auto’ and goose the throttle slightly to trigger the Auto program.

It’s funny watching the iPad app show the flight mode switch to “Autonomous” when it doesn’t actually list it as a flight mode, even using the advanced options.

So how about performance. Here’s how you can turn the Solo into a mean machine when flying autonomous programs. If the above didn’t void your warranty, this definitely will.

Go into Config/Tuning in Mission Planner and you can change the following if you dare:

  • Do a search for ‘speed’ and you’ll find many things you’ll enjoy playing with.
  • I changed Waypoint Horizontal Speed Target to 2000 or 20m/s. Verified the Solo can handle this but didn’t try a program that had enough distance to let it fully reach that speed along a track. Note that with the IRIS+ I ran into an issue where using spline waypoints the aircraft would lose altitude if I set the horizontal speed too high because it appeared to give the horizontal speed precedence over maintaining altitude. So careful of setting this high on the Solo. Not sure if the same issue exists.
  • Waypoint Descent Speed. Changed this to 300cm/s or 3m/s. Verified the Solo can handle this and flies fine. However note: Changing your descent speed with any drone is very dangerous because the aircraft is descending into it’s own prop-wash (turbulence created by the propellors). If you make this too high the aircraft can get very unstable and flip or crash. I had my IRIS+ hit snow very hard one night when I set this too high.
  • Waypoint Climb Speed Target. Definitely my favorite if you are doing an auto program and want the aircraft to get to altitude as fast as possible. The max I’ve tried this with the Solo is 1000cm/s or 10 meters per second. It’s awesome – absolutely rockets into the sky.

Once you’ve tweaked a few of these settings you’re probably still wondering why your Solo is a little sluggish. Here’s how you make her zip:

  • Again on the Config/Tuning Standard Params page, do a search for ‘accel’
  • Waypoint Acceleration. I’ve set this to 500 (default for the Solo is 100)  which is the max and tested the Solo doing laps and it handles it fine without crashing.
  • Waypoint Vertical Acceleration. I’ve tested this at 200 (default is 100) and it works great.

So what do I think of the Solo by 3DR? The one issue I’ve found is that GPS signal around my house is a little glitchy. The Solo reacts to this by accelerating hard in a certain direction when I have it in beginner “Fly” mode which is what every newbie will use when they fly for the first time. This is probably going to be a disaster. I had to use every ounce of my skill as a drone pilot to not crash the Solo when it did this. It has so far done this 3 times to me over 2 days of flying. When it happened the aircraft was definitely going to crash into an obstacle and the only way to avoid it was to climb and give full opposite joystick – so unless you do that when this happens to you, you’re going to be wearing a frowny first-time drone pilot face as you send your smashed Solo back to 3DR and wait weeks or more for a replacement. Very worrying. I suspect 3DR will fix this by cross-referencing the data from the gyros with what the GPS is claiming and maybe not accelerate so hard to try to correct any GPS position errors.

I also had a landing where the drone ended up in a rhythmic bounce with the engines racing and I couldn’t shut them down even though I had full negative throttle. I just held it down, thankfully it didn’t flip and eventually go the idea.

I’m unsure how the 2.4 Ghz radio is going to work out. I already have a set of dual high gain antennas I bought from (Thanks Tony for the awesome fast shipping) and haven’t tried them out yet, but they look solid. I think if I can get an antenna tracker working with the Solo with dual high gain antennas, it’s probably feasible to get telemetry, control and video over 3+ miles which is going to be amazing.

The drone itself is a nice improvement. Design is really polished, the battery life is now 20 minutes with a full payload and it seems to fly better than the IRIS+ but I’d like to check how it flies with a Gimbal.

Speaking of Gimbals, they don’t actually exist. 3DR is still figuring out how to get them manufactured and posted this blog entry 3 days ago saying the first Gimbals for the Solo will be coming off the line at the end of July. (!!!) Wow, guys, taking just-in-time shipping to a whole new level of I’m-not-sure-what-ness.

So don’t expect to be playing with the Solo Gimbal any time soon.

Bottom line: I’m a huge fan of 3D Robotics, even though this post was written a little tongue in cheek. I think the Solo rocks but I’d say this is a Beta release based on the GPS glitching that I’ve seen and the landing issue. For guys like me who love voiding warranties, it’s fun to get early access to a platform like this. I can’t wait to play with the Python Dronekit API and I’m enjoying pushing the aircraft to it’s limits and playing with my packet sniffer to see what’s happening under the hood. However I wouldn’t recommend the platform for newbies until say October/November this year when the Gimbal has been out a few months, there have been a few software updates and the platform has had a chance to breathe.