Trump calls for 6G cellular technology, because why the heck not

We’ve been covering the battle for 5G between the U.S. and China for some time. The White House has made 5G technology a national security priority, and industry leaders have followed up that charge with additional investment in the fledgling technology.

What 5G exactly is though remains mostly a mystery. Is it new bandwidth? Edge computing? Decentralized cloud processing technology? Autonomous vehicles? Something else? I get pitched a dozen stories a day about the “5G revolution” and no one can tell me exactly what’s in it for me other than long presentations in hotel ballrooms about bandwidth (ironically, often without any cell reception).

So imagine my surprise this morning when Trump tweeted that U.S. companies need to work harder and faster on building out the tech behind 5G, but also in the process called for …. 6G technology.

I want to just say that no, 6G isn’t a thing. I have only received one PR pitch for 6G in the last few months, which said: “Waveguide over copper runs at millimeter frequencies(about30 GHz to 1 THz) and is synergistic with 5G/6G wireless. A type of vectoring is applied to effective separate the many modes that can propagate within a telephone cable.” No, not a thing.

But it could be a thing. Maybe the government is secretly pioneering the next generation of the next generation of telecom technology. Or maybe, just maybe, our president, branding expert that he is, realized that if you are going to sell 5G, you might as well inflate the number to 6G and really get people’s taste buds salivating.

No comment from cleaning supplies company Seventh Generation, but if I were them, I’d be getting worried.

Security token offerings aren’t looking much better in 2019

Pressed to explain who is using them, and why, 99 percent of cryptocurrencies let out all their air, go flying around the room making a raspberry sound, hit the wall and fall behind the couch forever.

The party is over. A few, however, can present a credible use case. “Tokenized securities” could be one of them: a more open and efficient way to transact shares and notes as well as distribute cash flows.

Proponents of “security token offerings” (STOs) have been telling that story now for a little more than a year. This data report canvases the market, finds few are buying it, interviews market participants for perspective and reveals gaps in the use case at the ground level that explain its failure to thrive.

In October 2017, the market for “initial coin offerings,” or ICOs, reached a peak, with more than 100 capital raises closing through the sale of crypto tokens, according to market data provider Token Data. Proponents thought these tokens were an innovation on par with the joint stock corporation: not a claim on cash flows, but a vessel to participate in and directly capture the value latent in network effects. “Tokenized” networks raising money that month ranged from the prosaic, like a no-fee crypto exchange called Cobinhood ($13.2 million), to the ludicrous, like Dentacoin, “the blockchain solution for the global dental industry” ($1.1 million).

At the time, it was nearly unheard-of for such a project to acknowledge its token might be a security like the mundane stock certificate. In the following months, the US Securities and Exchange Commission (SEC) sent dozens of subpoenas to token issuers, indicating that they disagreed. By the following March, the number of SEC registrations for new token offerings equaled more than half the total ICO deal activity for the month.

As SEC moved in and ICOs cooled, a new enthusiasm for paperwork


The sudden popularity in 2018 of the so-called “security token” was undoubtedly a scramble to paper over cash grabs. However, there is a use case for “tokenized securities” that is worth considering. Bitcoin showed how ownership could be digitally secured and transferred without intermediaries. A tokenized security could do the same for investment contracts. “Smart contracts” are a value proposition that has been discussed in cryptocurrency since long before Bitcoin.

There is reason to be optimistic that this form of programmable ownership can bring efficiency, transparency, liquidity and access to the $1.7 trillion annual US private placement market. The value proposition is that smart contracts will reduce the cost of compliance in primary issuance and secondary trading. Issuers benefit by reduced liquidity premiums and more buyers to compete for their offering. Investors benefit by gaining more access to opportunities for growth-stage investment. This is a compelling story in US capital markets that have, for nearly two decades, starved retail investors of exposure to growth-stage investments.

Decline of the small-cap IPO reduced retail opportunities for risk & return

This value proposition, and a narrative of regulatory chill in the markets, have led some to believe that tokenized securities would bring back a bull market in crypto. The Wall Street hype machine has moved on from crypto; security tokens are one of the few areas in which the avid listener can detect faint echoes of its passing.

Media hype

  • “If it works you’re going to see tremors across Wall Street.” -CNBC commentator
  • “Apple and Tesla shares on the blockchain could be the next big thing” -CNBC headline
  • “2019: The Year Digital Securities Offerings Become the New ICOs” -CoinDesk
  • “Why security token offerings are replacing initial coin offerings” -Silicon Valley Business Journal

From 30,000 feet up, the use case for tokenized securities looks compelling. As with many blockchain-based projects, zoom down to the user level and misaligned incentives appear for key market participants.

  • Investors: Digital tokens carry technological risk, regulatory risk and market risk. Without a liquid market ready and waiting, private placement investors have little incentive to layer risk on top of the risk-return they already understand.
  • Brokers: Effective bankers and broker-dealers charge a premium for primary issuance; the more effective they are, the less incentive they have to adopt, especially given their investors are not clamoring for this product.
  • Issuers: With markets awash in private capital, there are very few quality issuers that cannot raise funds. The better the investment opportunity, the likelier its access to funds and investment banks in the top quartile, where investment decisions have kingmaker effects in the market. Interest in innovation that disrupts these relationships is therefore inversely related to suitability for capital, a repeat of the pattern in US issuers accessing new equity crowdfunding options under the JOBS Act of 2012.

If you build it, will they come?

To determine whether new tokenized security issuance is finding a fit in the market, Canary Data, an open crypto research initiative, undertook an exhaustive search of news wires and the SEC’s EDGAR database, beginning in 2017 and ending mid-January, looking for public statements and filings related to security token offerings. It’s an imperfect method; our database of offerings is constantly evolving as new information becomes available. But in an emerging segment of the financial markets it reflects the level of credible, mainstream activity.

We filtered out tokens that are in the mold of the ICO “utility token,” offering a financial instrument as a form of access to a valuable network effect. Many of these have registered as securities, but it is the value proposition of a tokenized tradtional security — a claim on cash flow, represented as a token — that we are interested in.

How to read fiction to build a startup

“The book itself is a curious artefact, not showy in its technology but complex and extremely efficient: a really neat little device, compact, often very pleasant to look at and handle, that can last decades, even centuries. It doesn’t have to be plugged in, activated, or performed by a machine; all it needs is light, a human eye, and a human mind. It is not one of a kind, and it is not ephemeral. It lasts. It is reliable. If a book told you something when you were 15, it will tell it to you again when you’re 50, though you may understand it so differently that it seems you’re reading a whole new book.”—Ursula K. Le Guin

Every year, Bill Gates goes off-grid, leaves friends and family behind, and spends two weeks holed up in a cabin reading books. His annual reading list rivals Oprah’s Book Club as a publishing kingmaker. Not to be outdone, Mark Zuckerberg shared a reading recommendation every two weeks for a year, dubbing 2015 his “Year of Books.” Susan Wojcicki, CEO of YouTube, joined the board of Room to Read when she realized how books like The Evolution of Calpurnia Tate were inspiring girls to pursue careers in science and technology. Many a biotech entrepreneur treasures a dog-eared copy of Daniel Suarez’s Change Agent, which extrapolates the future of CRISPR. Noah Yuval Harari’s sweeping account of world history, Sapiens, is de rigueur for Silicon Valley nightstands.

This obsession with literature isn’t limited to founders. Investors are just as avid bookworms. “Reading was my first love,” says AngelList’s Naval Ravikant. “There is always a book to capture the imagination.” Ravikant reads dozens of books at a time, dipping in and out of each one nonlinearly. When asked about his preternatural instincts, Lux Capital’s Josh Wolfe advised investors to “read voraciously and connect dots.” Foundry Group’s Brad Feld has reviewed 1,197 books on Goodreads and especially loves science fiction novels that “make the step function leaps in imagination that represent the coming dislocation from our current reality.”

This begs a fascinating question: Why do the people building the future spend so much of their scarcest resource — time — reading books?

Image by NiseriN via Getty Images. Reading time approximately 14 minutes.

Don’t Predict, Reframe

Do innovators read in order to mine literature for ideas? The Kindle was built to the specs of a science fictional children’s storybook featured in Neal Stephenson’s novel The Diamond Age, in fact, the Kindle project team was originally codenamed “Fiona” after the novel’s protagonist. Jeff Bezos later hired Stephenson as the first employee at his space startup Blue Origin. But this literary prototyping is the exception that proves the rule. To understand the extent of the feedback loop between books and technology, it’s necessary to attack the subject from a less direct angle.

David Mitchell’s Cloud Atlas is full of indirect angles that all manage to reveal deeper truths. It’s a mind-bending novel that follows six different characters through an intricate web of interconnected stories spanning three centuries. The book is a feat of pure M.C. Escher-esque imagination, featuring a structure as creative and compelling as its content. Mitchell takes the reader on a journey ranging from the 19th century South Pacific to a far-future Korean corpocracy and challenges the reader to rethink the very idea of civilization along the way. “Power, time, gravity, love,” writes Mitchell. “The forces that really kick ass are all invisible.”

The technological incarnations of these invisible forces are precisely what Kevin Kelly seeks to catalog in The Inevitable. Kelly is an enthusiastic observer of the impact of technology on the human condition. He was a co-founder of Wired, and the insights explored in his book are deep, provocative, and wide-ranging. In his own words, “When answers become cheap, good questions become more difficult and therefore more valuable.” The Inevitable raises many important questions that will shape the next few decades, not least of which concern the impacts of AI:

“Over the past 60 years, as mechanical processes have replicated behaviors and talents we thought were unique to humans, we’ve had to change our minds about what sets us apart. As we invent more species of AI, we will be forced to surrender more of what is supposedly unique about humans. Each step of surrender—we are not the only mind that can play chess, fly a plane, make music, or invent a mathematical law—will be painful and sad. We’ll spend the next three decades—indeed, perhaps the next century—in a permanent identity crisis, continually asking ourselves what humans are good for. If we aren’t unique toolmakers, or artists, or moral ethicists, then what, if anything, makes us special? In the grandest irony of all, the greatest benefit of an everyday, utilitarian AI will not be increased productivity or an economics of abundance or a new way of doing science—although all those will happen. The greatest benefit of the arrival of artificial intelligence is that AIs will help define humanity. We need AIs to tell us who we are.”

It is precisely this kind of an AI-influenced world that Richard Powers describes so powerfully in his extraordinary novel The Overstory:

“Signals swarm through Mimi’s phone. Suppressed updates and smart alerts chime at her. Notifications to flick away. Viral memes and clickable comment wars, millions of unread posts demanding to be ranked. Everyone around her in the park is likewise busy, tapping and swiping, each with a universe in his palm. A massive, crowd-sourced urgency unfolds in Like-Land, and the learners, watching over these humans’ shoulders, noting each time a person clicks, begin to see what it might be: people, vanishing en masse into a replicated paradise.”

Taking this a step further, Virginia Heffernan points out in Magic and Loss that living in a digitally mediated reality impacts our inner lives at least as much as the world we inhabit:

“The Internet suggests immortality—comes just shy of promising it—with its magic. With its readability and persistence of data. With its suggestion of universal connectedness. With its disembodied imagines and sounds. And then, just as suddenly, it stirs grief: the deep feeling that digitization has cost us something very profound. That connectedness is illusory; that we’re all more alone than ever.”

And it is the questionable assumptions underlying such a future that Nick Harkaway enumerates in his existential speculative thriller Gnomon:

“Imagine how safe it would feel to know that no one could ever commit a crime of violence and go unnoticed, ever again. Imagine what it would mean to us to know—know for certain—that the plane or the bus we’re travelling on is properly maintained, that the teacher who looks after our children doesn’t have ugly secrets. All it would cost is our privacy, and to be honest who really cares about that? What secrets would you need to keep from a mathematical construct without a heart? From a card index? Why would it matter? And there couldn’t be any abuse of the system, because the system would be built not to allow it. It’s the pathway we’re taking now, that we’ve been on for a while.” 

Machine learning pioneer, former President of Google China, and leading Chinese venture capitalist Kai-Fu Lee loves reading science fiction in this vein — books that extrapolate AI futures — like Hao Jingfang’s Hugo Award-winning Folding Beijing. Lee’s own book, AI Superpowers, provides a thought-provoking overview of the burgeoning feedback loop between machine learning and geopolitics. As AI becomes more and more powerful, it becomes an instrument of power, and this book outlines what that means for the 21st century world stage:

“Many techno-optimists and historians would argue that productivity gains from new technology almost always produce benefits throughout the economy, creating more jobs and prosperity than before. But not all inventions are created equal. Some changes replace one kind of labor (the calculator), and some disrupt a whole industry (the cotton gin). Then there are technological changes on a grander scale. These don’t merely affect one task or one industry but drive changes across hundreds of them. In the past three centuries, we’ve only really seen three such inventions: the steam engine, electrification, and information technology.”

So what’s different this time? Lee points out that “AI is inherently monopolistic: A company with more data and better algorithms will gain ever more users and data. This self-reinforcing cycle will lead to winner-take-all markets, with one company making massive profits while its rivals languish.” This tendency toward centralization has profound implications for the restructuring of world order:

“The AI revolution will be of the magnitude of the Industrial Revolution—but probably larger and definitely faster. Where the steam engine only took over physical labor, AI can perform both intellectual and physical labor. And where the Industrial Revolution took centuries to spread beyond Europe and the U.S., AI applications are already being adopted simultaneously all across the world.”

Cloud Atlas, The Inevitable, The Overstory, Gnomon, Folding Beijing, and AI Superpowers might appear to predict the future, but in fact they do something far more interesting and useful: reframe the present. They invite us to look at the world from new angles and through fresh eyes. And cultivating “beginner’s mind” is the problem for anyone hoping to build or bet on the future.

Urban unicorn renewal

Three cities, three dead urban unicorn renewal projects.

In just the past few days, we’ve had Foxconn renege on Wisconsin, Amazon renege on NYC and GE renege on Boston. Each followed the Anna Karenina principle that every unhappy economic development deal is unhappy in its own way: for Foxconn, it was trade tariffs and slowing iPhone sales; for Amazon, it was populist protests plus the usual NYC corruption; for GE, it was the reality of looking at a mirror and finding that you’re staring at a dumpster fire.

Yet, there are eerie similarities, other than the fact that I have practically lived next door to every single one of these projects (if you call Wisconsin next door to the better-looking state of Minnesota).

In each case, there was the perfect alchemy of the modern urban unicorn renewal plan. A well-known but sordid tech company paints a picture of revolutionizing a city’s economic base. They splash huge numbers on the board, or at least a coveted status symbol. Seeing their legacies secured, politicians latch on to these projects, negotiating with alacrity and without due process because — wow — the company with suicide nets or the company where employees pee in bottles (undercover!) is coming to town.

I get it. And look, if these projects panned out, they would indeed be great for their home cities. As I wrote about Amazon HQ2 a few weeks ago:

These spillover effects are at the heart of agglomeration economies. With Amazon’s arrival, more software engineers will locate to NYC. They will start companies, join other tech firms and expand the vitality of the community. As Edward Glaeser argues convincingly in his book The Triumph of the City, density of talent matters enormously for the success of the city. Amazon thickens the market for tech talent, and that is a huge win for both NYC and DC.

Yet, these projects rarely work out, and behind this all is the plague of Silicon Everywhere. As I wrote four years ago:

There are many commentators who argue that there is a bubble in Silicon Valley today. They may or may not be right, but there is certainly a bubble in places named after the preeminent global tech ecosystem.

Silicon Border. Silicon Hills. Silicon Steppe. Silicon Prairie. Silicon Roundabout. Silicon Gulf. Silicon Avenue. Silicon Canal. Silicon Alley. Silicon Beach. Silicon Forest. Philadelphia has a groaner of a region with Philicon Valley (whoever invented this should be banished from marketing for five years or forced to market Path).

And so we got “Wisconn Valley,” which actually is a brilliant fusion of Foxconn, Silicon and Wisconsin that now has its very own government homepage. GE was going to restart Boston’s tech scene, except the 800 jobs in its headquarters office were predominantly accountants and lawyers, which of course is where the real innovation of any company takes place.

These silicon dreams need to be crushed, beaten, stamped out and destroyed. So should these mega-project economic development deals, which always seem to go through a cycle from euphoria to lassitude.

In their wake, tech leaders should be encouraging a culture of bottoms-up economic development. Mayors should partner with local startups to encourage the growth of small companies and then coordinate pathways to help them succeed. Economic development money should turn into seed capital, boot camp credits, university research transfer grants and a whole lot more options for small-scale — human-scale — interventions. The unicorn urban renewal project is dead, but it always has been.

Welcome to the Extra Crunch Daily

Image via Flickr by Prayitno used under Creative Commons

Assuming you haven’t unsubscribed yet, welcome to the new Extra Crunch Daily newsletter, which is stochastically delivered to you “daily” depending on the misery index of my morning commute courtesy of NY Governor Andrew Cuomo.

We have been A/B-ing this format a bit over the past few months, and have talked about the future of geoengineering, power politics of GPS, societal resilience startups, the disappearing Form D filing, Softbank’s debt obsession, the internet’s transformation into a nation state and why TechCrunch’s parent company is … well, I shouldn’t say that, lest I kick that damn hornet’s nest again.

This newsletter is about context, big ideas and arguments. It’s also about touching on any of the 35-odd spaces that I seem to cover in a given day, so it’s basically professional ADHD in written format. I write when I am in that liminal space between curiosity and anger, that “Why??” which follows “What!!!”

I’m joined on this project by Arman Tabatabai, our intrepid research consultant from New York. He’s always willing to learn a completely new subject because I had a dream last night (Monday morning at 8am: “so what do you know about geoengineering?”), and for that he’s amazing and this newsletter couldn’t go on without him.

Patreon EC-1 and the challenge of private companies

We debuted Extra Crunch this week with the launch of Patreon’s EC-1. I was inspired by the S-1 that companies file with the SEC when going public and thought: “why don’t we do that, but for private companies.”

A couple of hundred hours later, and that’s basically what we got with this first edition. With Patreon, TechCrunch’s media columnist Eric Peckham wrote a bonanza of analysis on the company’s founding story, product, business, thesis and competition, and he even threw in a reading guide so you can read everyone else’s coverage of the company. There are pretty generous pours of these articles in front of the paywall too, so do share them with colleagues.

The hope is that these projects can spark the imagination, give ideas around strategies and tactics that might work in a startup context and, of course, help evaluate the future of the company we are holding under the microscope.

We have three other companies in the hopper right now coming up in this series. Have ones you want to see covered? Think there could be an interesting deep dive we are missing? Hit reply and tell me — right now — or send me an email at [email protected].

Obsessions

This is an open agenda that I use to track what the hell I am writing about on a regular basis.

  • We are going to be talking India here, focused around the book “Billionaire Raj” by James Crabtree.
  • We have a lot to catch up on in the China world when the EC launch craziness dies down. Plus, we are covering The Next Factory of the World by Irene Yuan Sun.
  • Societal resilience and geoengineering are still top-of-mind.
  • Some more on metrics design and quantification.

Thanks

To every member of Extra Crunch: thank you. You allow us to get off the ad-laden media churn conveyor belt and spend quality time on amazing ideas, people and companies. If I can ever be of assistance, hit reply, or send an email to [email protected].

This newsletter is written with the assistance of Arman Tabatabai from New York.

The infosec reckoning has arrived

2018 represented a record year for venture capital investment into information security, but this isn’t a positive trend – and it definitely doesn’t mean we’re more secure.

An unwarranted percentage of solutions being funded are not solving the problems defenders face the most. And with high numbers of lackluster information security startups failing to meet the needs of their customers, you might expect downward pressure on valuations. 

Instead, 2018 also saw record valuations, both because venture capital firms benefit from them, as will be explained in this article, and because so many investors are unfamiliar with the information security space and simply don’t know better. Defenders are beginning to be fed up, and there has to be a reckoning if we want progress in securing our digital systems.

In March 2019, tens of thousands of security professionals will descend upon San Francisco, making their way through a labyrinth of security solutions on display at the RSA Conference in a quest to find a solution that fits their specific needs. In their way stand 650 exhibitors, a cacophony of booth distractions ranging from delightful to distasteful, buzzwords assaulting their eyes in hundred-point font offering a cure for the latest and most vicious threats – threats that are more likely fantasy than reality for most attendees. 

In classical Greek mythology, the heart of the labyrinth contains a Minotaur who devours all who come pass. In our modern information security reality, startups devour the dollars of security professionals and investors alike, with unproven promises luring the less informed into their grasp.

In 2018, over $5 billion was invested into information security startups in about 300 funding deals total, according to Crunchbase data. How does this large influx of capital improve security? Where does it get all of us, the people whose data needs protecting? Unfortunately, the answers are unclear. 

It is entirely possible that the raging furnace of the information security startup / VC cycle actually is hurting our ability to defend against attacks. First, we must understand how these solutions are failing to meet the market’s needs. Second, we must look to investors and see how their incentives propel them to increase valuations despite lack of value.

Reading time for this article is about 20 minutes. Featured Infosec Bingo Composition by Kelly Shortridge, Image by Nipitpon Singad / EyeEm via Getty Images.

Solutions in search of a problem 

Information security startups are not addressing their customers’ most pressing challenges. Arguably, the more money flowing in, the less they are carefully researching how they can make the highest positive impact in a security program. It is fruitless to point a finger at one cause. 

One factor is a gravitation towards what is cool from a technical perspective, compounded by a lack of consideration towards sustainable customer value. Another factor is a predilection for incremental improvements on existing solutions. Finally, the potency of flashy marketing can obfuscate deficiencies in the value security startups provide. All are worth exploring.

It is often easy to sniff out when founders wanted to flex their technical muscle and build something they thought was cool, rather than finding a customer problem they wanted to solve and figuring out how best to do so it. This backwards approach then requires these startups to search for – or worse, invent – a customer problem to solve with their ostensibly sexy technology. 

As Esteban Gutierrez, Director of Information Security at a publicly-traded SaaS company, observed, “The VC crowds approach things from the perspective of ‘what problems can we find to make money off of?’ and not the perspective of what are actually the problems people are having with keeping their data safe, having easy control over access to their digital stuff, or how can we actually make things better (so much blockchain).” 

There is a dreadful disconnect between what is important to security practitioners and the problems the majority of startups being funded are supposedly solving. The vast majority of information security teams do not spend their days stopping an unknowable threat, referred to as a “zero-day.” 

Instead, they are focused on the routine and frustrating tasks such as threat modeling, policy definition and enforcement, risk reviews, configuration management – or if they’re lucky, working on automating these mundane tasks through custom scripting. Further, only after basics are met in the security “hierarchy of needs” can defenders even begin to consider addressing unknowable threats in a meaningful way. 

Regulatory compliance – from HIPAA, PCI, and SOX to, most recently, GDPR – drives a substantial portion of budgets in information security, despite being considered the dullest segment of the industry. Compliance violations are what most often lead to fines or customer losses – not ultra-sophisticated attacks by nation-state actors. So, information security teams are instructed to spend their time avoiding these violations as the first priority of what their security program should cover.

Regrettably, the information security industry thrives on the drama of devastating vulnerabilities. In many cases, founders with security backgrounds concentrate on building technology to exclusively detect or stop the most sophisticated possible attacks. This pursuit represents the flipside of finding noteworthy vulnerabilities and developing elite exploits – the currency of respect within the industry with which these founders are familiar. 

In contrast, one of the industry’s most recent massive successes happens to be an example of a good case of user research, despite investors initially disregarding its potential for explosive growth. Duo Security, which was acquired last year for $2.35 billion by Cisco, was founded by people with notable accomplishments in vulnerability research. 

Yet, to their credit, they understood that the foundation of most attacks affecting enterprises is not the stuff of groundbreaking research papers, but attackers with databases of passwords, simply trying them out to see which still worked – hence Duo Security’s innovation of two-factor authentication that was exceptionally easy to use. By understanding the typical enterprise user’s workflows, Duo Security’s team figured out the best way to integrate security into the enterprise’s work, without adding friction. 

Few information security startups are following Duo Security’s lead, however. As Gutierrez noted, “A lot of VC-backed information security startups don’t actually start their conversation with ‘is this problem you’re having?’ There are some startups that do it this way, and those are the interesting ones I talk to.” 

This general lack of customer understanding includes assumptions about the effectiveness of startups’ products within the customer’s environment. Information security startups’ value propositions are often predicated on the assumption of underlying orderliness within their customers’ security programs. This assumption couldn’t be further from reality. 

Anne Marie Zettlemoyer, who sits on the board of SSH Communications Security, pointed out, “The reality is that the functionality of many tools requires the hygiene of an environment to be pretty strong to begin with and substantially maintained as well. Why is there so much ‘consulting’ added onto the product for implementation? Because the tool has no chance of either working or showing the business that it is working if you don’t have basics like identity and access management, inventory of assets, network visibility, data classification, incident response plans, etc., in a decent place.”

There’s too much focus on incremental tools

Another reason why information security startups’ tools fail to provide value in customer environments is because they focus on developing a niche feature, rather than a true product. A product solves a problem in a range of contexts. A feature adds value to a product, but is likely for a specific context. 

In other words, a product is valuable on its own; a feature needs something else to provide its full value. It is far easier for a customer to describe the bit of supplemental value they’d like to extract from an existing product than to articulate how the way they do their work might need a fundamental overhaul. 

For example, when asked, you might wish your vacuum cleaner had a more comfortable grip or more power to reduce cleaning time. You would likely be unimpressed by a company that sold an add-on to your vacuum that provided just one of those improved features, but you might be delighted by the prospect of an autonomous robot vacuum cleaner, which saves both your grip and your time. 

In information security, we often only see the incremental progress upon existing solutions, slight tweaks that create only a sliver of value more than what is currently deployed – not innovative products that reflect a deep understanding of why customers are dissatisfied. This lack of any significant alleviation of customer pain points results from the willingness of investors to fund concepts and the pervasiveness of limited trials – both of which distract from investing in the less-glamorous and more exacting goal of long-term value creation. 

Zettlemoyer explained, “Why are we failing when there are so many ‘solutions’ out there? I think a very strong causation is that many of these tools are good ‘in concept.’ They might have a limited PoC [Proof of Concept] or PoV [Proof of Value], but are they [the vendor, the VC, and the customer] asking the question, ‘What does it take to make sure this tool is adding sustained value?’”

This trend towards incremental improvement is also what leads to the extreme fragmentation of solutions within information security, making it even harder for defenders to figure out what will actually solve their challenges. To those outside of the industry, you may view “information security” as a singular category of products. However, there are dozens of subsectors within security that each have their own cluster of vendors.

As Will Lin, a Founding Investor and Principal at Forgepoint Capital, noted, “It’s possible to invest in 40+ security companies that don’t compete against each other. There are multiple customer categories in security and customers on average have 75 security vendors in their environment.” One investment bank lists a stunning 46 sub-categories within information security in their market map. 

By way of analogy, imagine if you look around your house and notice it’s dirty. The logical approach would be to create a list of things to do to clean each room, identify the tools needed to do each of those things (vacuum, mop, duster, etc.), buy the tools if you don’t have them, and then go room by room, cleaning. 

Now imagine that the only stores from which you can buy vacuums, mops, and dusters tell you things like, “your old vacuum cleaner just won’t do, this one is nuclear-powered and also self-propelled.” They also start identifying rooms in your house that are dubiously rooms, like crawl spaces, and propose solutions to clean those rooms. 

If you spend all day at the department store being pitched on increasingly outlandish cleaning products – perhaps a trained army of rats with dusters, and a cat to catch and eat all the rats after they’re done – not only will you probably buy something very useless, but your house also won’t get cleaned.

You can imagine the frustration and helplessness you might feel at being pushed to buy all these unnecessary solutions. You might even be angry when realizing investors were pouring money into these startups to power marketing meant to overwhelm you, rather than to create tools that actually help you. Information security startups overcome the need to prove usefulness with aggressive marketing. 

Why no one really quits Google or Facebook

Another week, another set of scandals at Facebook and Google . This past week, my colleagues reported that Facebook and Google had abused Apple enterprise developer certificates in order to distribute info-scraping research apps, at times from underage users in the case of Facebook. Apple responded by cutting off both companies from developer accounts, before shortly restoring them.

The media went into overdrive over the scandals, as predictable as the companies’ statements that they truly care about users and their privacy. But will anything change?

I think we know the answer to this question: no. And it is never going to change because the vast majority of users just don’t care one iota about privacy or these scandals.

Privacy advocates will tell you that the lack of a wide boycott against Google and particularly Facebook is symptomatic of a lack of information: if people really understood what was happening with their data, they would galvanize immediately for other platforms. Indeed, this is the very foundation for the GDPR policy in Europe: users should have a choice about how their data is used, and be fully-informed on its uses in order to make the right decision for them.

I don’t believe more information would help, and I reject the mentality behind it. It’s reminiscent of the political policy expert who says that if only voters had more information — if they just understood the issue — they would change their mind about something where they are clearly in the “wrong.” It’s incredibly condescending, and obscures a far more fundamental fact about consumers: people know what they value, they understand it, and they are making an economic choice when they stick with Google or Facebook.

Alternatives exist for every feature and app offered by these companies, and they are not hard to find. You can use Signal for chatting, DuckDuckGo for search, FastMail for email, 500px or Flickr for photos, and on and on. Far from being shameless clones of their competitors, in many cases these products are even superior to their originals, with better designs and novel features.

And yet. When consumers start to think about the costs, they balk. There’s sometimes the costs of the products themselves (FastMail is $30/year minimum, but really $50 a year or more if you want reasonable storage), but more importantly are the switching costs that come with using a new product. I have 2,000 contacts on Facebook Messenger — am I just supposed to text them all to use Signal from now on? Am I supposed to completely relearn a new photos app, when I am habituated to the taps required from years of practice on Instagram?

Surveillance capitalism has been in the news the past few weeks thanks to Shoshana Zuboff’s 704-page tome of a book “The Age of Surveillance Capitalism.” But surveillance capitalism isn’t a totalizing system: consumers do have choices here, at least when it comes to consumer apps (credit scores and the reporting bureaus are a whole other beast). There are companies that have even made privacy their distinguishing feature. And consumers respond pretty consistently: I will take free with surveillance over paid with privacy.

One of the lessons I have learned — perhaps the most important you can learn about consumer products — is just how much people are willing to give up for free things. They are willing to give up privacy for free email. They are willing to allow their stock broker to help others actively trade against them for a free stock brokerage account with free trading. People love free stuff, particularly when the harms are difficult to perceive.

This is not to say that Facebook and Google shouldn’t try to improve their shoddy records on privacy, or rebuild trust with users. Those consumers are always able to leave, and their sentiment should never be taken for granted. But after more than a decade of abuse, we should look deeper at our analysis and perhaps conclude that these issues aren’t abuse at all, but rather a bargain, a negotiation, and one that people are quite willing to live with.

China’s influence pushed MSCI to add shares to index

(Photo by China Photos/Getty Images)

MSCI runs some of the most important financial indexes in the world. Trillions of dollars of capital are pegged to these metrics, which is why changes to them can be so controversial. Few decisions by MSCI have been as significant though as the addition of Chinese “A-shares” to its emerging markets indexes last year, which for the first time added mainland Chinese stocks to these important benchmarks. Billions of dollars of capital was expected to flow to those stocks, as wealth managers matched their allocations to the updated indexes.

Now, we have learned just how much pressure MSCI faced in adding those shares. Mike Bird at the Wall Street Journal reports that China placed enormous pressure on MSCI to change its indexes, threatening to cut off its access to domestic wealth managers and stunt its growth in the number two economy. From the article:

MSCI’s discussions with several Chinese asset managers were abruptly curtailed in 2015 and 2016 after the firm didn’t add Chinese-listed stocks to the emerging-markets index following its midyear reviews, according to people close to or directly involved in the discussions. The Chinese firms communicated that they had been instructed by authorities to cut off negotiations with MSCI, the people said.

China’s two national stock exchanges also threatened to withdraw MSCI’s access to market pricing data, which the company provided to its customers all over the world, the people added. It was akin to “business blackmail,” said a person familiar with MSCI’s negotiations with Chinese regulatory authorities.

Companies the world over attempt to manipulate these indexes, particularly given the increasing amount of money flowing to ETFs and other index-backed funds. But few companies have the clout required to actually get MSCI to make changes that benefit them. China, with its huge market, clearly does.

MSCI is “now considering quadrupling China’s weighting in the emerging-markets index.” Maybe that’s objective and fair — after all, China is crucial for the global economy. With China’s meddling and MSCI’s capitulation though, one has to wonder how much is blackmail, and how much is financial science.

More links

TechCrunch is experimenting with new content forms. This is a rough draft of something new – provide your feedback directly to the author (Danny at [email protected]) if you like or hate something here.

Share your feedback on your startup’s attorney

My colleague Eric Eldon and I are reaching out to startup founders and execs about their experiences with their attorneys. Our goal is to identify the leading lights of the industry and help spark discussions around best practices. If you have an attorney you thought did a fantastic job for your startup, let us know using this short Google Forms survey and also spread the word. We will share the results and more in the coming weeks.

This newsletter is written with the assistance of Arman Tabatabai from New York

China’s social credit system won’t tell you what you can do right

For the past few years, China has been rolling out a Black Mirror Harry Potter-esque social rating policy known as the Social Credit System (SCS). Far from just a credit score in the financial sense, an SCS score can determine whether a person can buy business class tickets on trains (or take the train at all) or have access to flights. Apps are rumored to exist that would tell users whether they are standing near someone with a debt listed in the system, so … they can walk away I guess.

This is a massive undertaking, and researchers are finally starting to collect good data on the system’s operation, such as a MERICS report looking at the implementation of this complex system, which involves companies and all levels of the Chinese government. Westerners have also increasingly explored the generally positive reception of the system by Chinese citizens, which would seem at odds with typical desires for privacy.

Yet, one of the biggest and most obvious open questions is what exactly will get you rewarded or punished by the SCS? Now, we are finally starting to get answers.

In a new paper that will be presented this week at the ACM FAT* Conference on algorithmic transparency, a group of researchers investigated how positive and negative points were assessed by downloading a large corpus of hundreds of thousands of entries from the Beijing SCS website and analyzing it with content analysis machine learning tools.

They found that Beijing was remarkably clear about what will get you punished, but vague about what will get you positive points. For instance, the vast majority of the blacklist was made up by people who had failed to pay their debts, or who had committed a traffic violation. Meanwhile, the people on the redlist (the positive list) were there because they were, say, great volunteers, but with no criteria on how to get that status or why they were listed at all.

“It’s very difficult to pinpoint the exact degree of transparency,” of SCS said Severin Engelmann, one of the lead researchers based at the Technical University of Munich. Far from being just an experimental startup, SCS is already quite advanced. “Blacklisting and redlisting are already in place, and they clearly indicate what behavior is bad … but not what behavior is actually good,” he said.

Even more interesting, there are more companies on the blacklist and redlist than there are individuals within the Beijing corpus, indicating that while the government is certainly concerned about citizens, it’s bringing its social control mechanism onto companies perhaps more aggressively.

Jens Grossklags, another of the researchers, noted that this level of transparency — while inconsistent — was unusual in the West. “It is really fascinating from a data science perspective to see how much information is being made available not just to individuals but to the general public,” he said. He noted that public shaming has been common with the Chinese system, while Western consumers have a hard time accessing their own scores let alone the scores of others.

The study is one of the first to look at the actual implementation of SCS and reverse engineer its algorithm, and the researchers are potentially following up by investigating regional variations and further changes to the system.

TechCrunch is experimenting with new content forms. This is a rough draft of something new – provide your feedback directly to the author (Danny at [email protected]) if you like or hate something here.

Share your feedback on your startup’s attorney

My colleague Eric Eldon and I are reaching out to startup founders and execs about their experiences with their attorneys. Our goal is to identify the leading lights of the industry and help spark discussions around best practices. If you have an attorney you thought did a fantastic job for your startup, let us know using this short Google Forms survey and also spread the word. We will share the results and more in the coming weeks.

Stray Thoughts (aka, what I am reading)

Short summaries and analysis of important news stories

Hustling to nothing

Erin Griffith has a great piece on the increasing pervasiveness of hustle culture. This is part of a long-running debate in Silicon Valley between the work-your-ass-off crowd and the productivity-peaks-at-35-hours crowd. The answer in my mind is that we should see work in phases — running at 100 MPH all the time is most definitely not sustainable, but neither frankly is working a very stable number of hours per week. The vagaries of life and work mean that we need to surge and recede our efforts as dictated, and always track our own health.

Nvidia’s troubles continue

We’ve talked a lot about Nvidia over the past few months (Part 1, Part 2, Part 3). Well, the bad news train just continues. As my colleague Romain Dillet reports, Nvidia is cutting its revenue outlook, and now the stock is falling again (another 14% as I write this). It cites lowered demand particularly from China, which is experiencing a major slowdown in its economy.

Can Chinese startups subsidize customers forever?

The Financial Times asks an important question about the “China model” of startups: should founders heavily subsidize customers in order to buy market share and fight competitors? They point to bike sharing startup Ofo’s collapse, although I would point to the expensive rise of Luckin Coffee as perhaps the latest example. It’s a lesson that Munchery’s investors also have had to learn: at the end of the day, those unit economics better turn positive if a company is to survive.

What’s next

  • More work on societal resilience

This newsletter is written with the assistance of Arman Tabatabai from New York

The social layer is ironically key to Bitcoin’s security

A funny thing happened in the second half of 2018. At some moment, all the people active in crypto looked around and realized there weren’t very many of us. The friends we’d convinced during the last holiday season were no longer speaking to us. They had stopped checking their Coinbase accounts. The tide had gone out from the beach. Tokens and blockchains were supposed to change the world; how come nobody was using them?

In most cases, still, nobody is using them. In this respect, many crypto projects have succeeded admirably. Cryptocurrency’s appeal is understood by many as freedom from human fallibility. There is no central banker, playing politics with the money supply. There is no lawyer, overseeing the contract. Sometimes it feels like crypto developers adopted the defense mechanism of the skunk. It’s working: they are succeeding at keeping people away.

Some now acknowledge the need for human users, the so-called “social layer,” of Bitcoin and other crypto networks. That human component is still regarded as its weakest link. I’m writing to propose that crypto’s human component is its strongest link. For the builders of crypto networks, how to attract the right users is a question that should come before how to defend against attackers (aka, the wrong users). Contrary to what you might hear on Twitter, when evaluating a crypto network, the demographics and ideologies of its users do matter. They are the ultimate line of defense, and the ultimate decision-maker on direction and narrative.

What Ethereum got right

Since the collapse of The DAO, no one in crypto should be allowed to say “code is law” with a straight face. The DAO was a decentralized venture fund that boldly claimed pure governance through code, then imploded when someone found a loophole. Ethereum, a crypto protocol on which The DAO was built, erased this fiasco with a hard fork, walking back the ledger of transactions to the moment before disaster struck. Dissenters from this social-layer intervention kept going on Ethereum’s original, unforked protocol, calling it Ethereum Classic. To so-called “Bitcoin maximalists,” the DAO fork is emblematic of Ethereum’s trust-dependency, and therefore its weakness.

There’s irony, then, in maximalists’ current enthusiasm for narratives describing Bitcoin’s social-layer resiliency. The story goes: in the event of a security failure, Bitcoin’s community of developers, investors, miners and users are an ultimate layer of defense. We, Bitcoin’s community, have the option to fork the protocol—to port our investment of time, capital and computing power onto a new version of Bitcoin. It’s our collective commitment to a trust-minimized monetary system that makes Bitcoin strong. (Disclosure: I hold bitcoin and ether.)

Even this narrative implies trust—in the people who make up that crowd. Historically, Bitcoin Core developers, who maintain the Bitcoin network’s dominant client software, have also exerted influence, shaping Bitcoin’s road map and the story of its use cases. Ethereum’s flavor of minimal trust is different, having a public-facing leadership group whose word is widely imbibed. In either model, the social layer abides. When they forked away The DAO, Ethereum’s leaders had to convince a community to come along.

You can’t believe in the wisdom of the crowd and discount its ability to see through an illegitimate power grab, orchestrated from the outside. When people criticize Ethereum or Bitcoin, they are really criticizing this crowd, accusing it of a propensity to fall for false narratives.

How do you protect Bitcoin’s codebase?

In September, Bitcoin Core developers patched and disclosed a vulnerability that would have enabled an attacker to crash the Bitcoin network. That vulnerability originated in March, 2017, with Bitcoin Core 0.14. It sat there for 18 months until it was discovered.

There’s no doubt Bitcoin Core attracts some of the best and brightest developers in the world, but they are fallible and, importantly, some of them are pseudonymous. Could a state actor, working pseudonymously, produce code good enough to be accepted into Bitcoin’s protocol? Could he or she slip in another vulnerability, undetected, for later exploitation? The answer is undoubtedly yes, it is possible, and it would be naïve to believe otherwise. (I doubt Bitcoin Core developers themselves are so naïve.)

Why is it that no government has yet attempted to take down Bitcoin by exploiting such a weakness? Could it be that governments and other powerful potential attackers are, if not friendly, at least tolerant towards Bitcoin’s continued growth? There’s a strong narrative in Bitcoin culture of crypto persisting against hostility. Is that narrative even real?

The social layer is key to crypto success

Some argue that sexism and racism don’t matter to Bitcoin. They do. Bitcoin’s hodlers should think carefully about the books we recommend and the words we write and speak. If your social layer is full of assholes, your network is vulnerable. Not all hacks are technical. Societies can be hacked, too, with bad or unsecure ideas. (There are more and more numerous examples of this, outside of crypto.)

Not all white papers are as elegant as Satoshi Nakamoto’s Bitcoin white paper. Many run over 50 pages, dedicating lengthy sections to imagining various potential attacks and how the network’s internal “crypto-economic” system of incentives and penalties would render them bootless. They remind me of the vast digital fortresses my eight-year-old son constructs in Minecraft, bristling with trap doors and turrets.

I love my son (and his Minecraft creations), but the question both he and crypto developers may be forgetting to ask is, why would anyone want to enter this forbidding fortress—let alone attack it? Who will enter, bearing talents, ETH or gold? Focusing on the user isn’t yak shaving, when the user is the ultimate security defense. I’m not suggesting security should be an afterthought, but perhaps a network should be built to bring people in, rather than shut them out.

The author thanks Tadge Dryja and Emin Gün Sirer, who provided feedback that helped hone some of the ideas in this article.

YC-backed Upsolve is automating bankruptcy for everyone

The popular image of a Chapter 7 bankruptcy might be a large company like Enron failing, or maybe some lazy drifter trying to shirk their financial responsibilities. The reality is anything but those sorts of images. Today in America, the most common reason for bankruptcy is to discharge egregious sums of medical debt [1], which might have been incurred in a short stint in a hospital emergency room.

Bankruptcy allows people to get out from under a debilitating and permanent state of financial crisis — assuming one can afford it. Applying for bankruptcy itself costs money, potentially thousands of dollars depending on the attorney used. The cruel irony is that the people who can least afford to apply are those who are most locked out from the help they need.

Upsolve, one of the three non-profit tech startups in Y Combinator’s current winter batch, is building a unified and efficient software product to allow users easy access to the bankruptcy system. Users go through a series of questions to collect the required information about their financial circumstances, and then Upsolve provides automated bankruptcy forms reviewed by an Upsolve attorney — all for free.

“Our mission is to help the victims of our broken financial system,” Upsolve CEO and co-founder Rohan Pavuluri said to me. “If you are poor, you don’t have access to the same rights.” He describes Upsolve as “TurboTax for bankruptcy” (although to be clear, TurboTax is a for-profit business line of Intuit). Much like tax, bankruptcy is convoluted. “There are 23 forms to file for bankruptcy,” he said.

So far, the software platform seems to be finding traction. Since starting in summer of 2016, Upsolve has processed $16 million in bankruptcies on behalf of 400 people, and has diagnosed debt problems for 5,000 users, according to Pavuluri. We’re “automating a $40k check to these folks…. for three hours worth of time.”

Unlike legal processes like estate planning, which are burdened with handling 50 different state processes, bankruptcy is based on federal law, which means that Upsolve’s solution can work across the country. Today, it supports 47 states, and the startup’s first target markets are New York and Illinois.

Where Upsolve gets really interesting is on the financial side, both in how it approaches revenues from users and also how it funds its operations.

On the revenue side, Upsolve is free. Inspired by GoFundMe and other startups, Pavuluri and his team have created a model where users donate “what they think is fair” for the service. That has worked so far, as “on a unit basis we cover our costs from the tipping model,” he said.

Over time, he hopes to break even using just the tipping model, but today the organization relies on legal aid funds to partially fund its operations. The U.S. government and many state governments have funding set aside to finance civil legal aid, and the Legal Services Corporation is the largest funder to date of Upsolve.

I asked about whether incumbent lawyers are threatened by Upsolve. Pavuluri said that most lawyers don’t want to handle these cases in the first place, because they are not profitable and generally need to be handled pro bono. He said that for simple chapter 7 cases, you (almost certainly) don’t need a lawyer, and “we challenge legal exceptionalism in that sense.” He has spent the last two years criss-crossing the country meeting with bankruptcy groups, judges, bar associations and attorneys to undergird support for the startup’s work.

In addition to Y Combinator, Upsolve has been funded by Harvard University, the Robin Hood Foundation, Schmidt Futures (Eric Schmidt), Fast Forward, and Breyer Labs.

[1] There is a large academic debate on how many bankruptcies are triggered by medical debt. The percentage varies hugely between different studies (from say 4% to 62%), and it really depends on how you define someone’s lead cause of bankruptcy. Most filers with medical debt also have other forms of debt, so what specifically triggered a bankruptcy? Due to stigma, filers will often point to medical debt when other forms of debt may be larger.

TechCrunch is experimenting with new content forms. This is a rough draft of something new — provide your feedback directly to the author (Danny at [email protected]) if you like or hate something here.

Share your feedback on your startup’s attorney

My colleague Eric Eldon and I are reaching out to startup founders and execs about their experiences with their attorneys. Our goal is to identify the leading lights of the industry and help spark discussions around best practices. If you have an attorney you thought did a fantastic job for your startup, let us know using this short Google Forms survey and also spread the word. We will share the results and more in the coming weeks.

Stray Thoughts (aka, what I am reading)

Short summaries and analysis of important news stories

Slack’s Financials are quite strong

Zoë Bernard and Alfred Lee at The Information have the scoop on Slack’s financials. Huge revenue growth of about 75% last year to $389 million. The challenge is that Slack’s valuation is still very heady given its revenues, and is currently valued at about an18x multiple according to the writers. That’s expensive, but perhaps still desirable by investors who are otherwise looking at a relatively bleak market of investment opportunities.

What’s next & obsessions

  • I am reading The Color of Law by Richard Rothstein. About half way through – and it’s quite thought-provoking (and depressing).
  • Arman is reading Never Lost Again by Bill Kilday, a history of mapping at Google and beyond.
  • Arman and I are interested in societal resilience startups that are targeting areas like water security, housing, infrastructure, climate change, disaster response, etc. Reach out if you have ideas or companies here.

Geoengineering could solve our climate problems if anyone allowed it

This weekend, I finished reading Oliver Morton’s The Planet Remade (thanks to reader Eliot Peper for recommending it). Morton has a multitude of goals with the book, but there were two I think are deeply valuable. First, geoengineering is a plausible approach to solving our climate problems this century, and second, engineering the climate generates tough policy challenges, but also opportunities to make the planet more equitable.

TechCrunch is experimenting with new content forms. This is a rough draft of something new — provide your feedback directly to the author (Danny at [email protected]) if you like or hate something here.

First and foremost: the book is mind-expanding in the best way possible. Morton confronts an extremely contentious issue with judicious facts and supreme insight gleaned over many years of studying geoengineering. Whether you are a dedicated acolyte of cloud seeding and veils or a committed opponent to any tampering of earth’s environment, he has developed a book that forces us to think about our actions and ultimately what the consequences of those choices are.

Frankly, those choices offer stark consequences. Morton describes the challenge of climate this century:

The world’s population is expected to grow from seven billion today to more or less ten billion by 2100. By that time the number of people enjoying rich-world energy privileges should also reach ten billion. So the challenge is to achieve for an extra eight billion people in the twenty-first century what was achieved for two billion in the twentieth century. Meeting that challenge implies a lot more energy usage.

Morton is a staunch environmentalist and deeply concerned about environmental justice and the inequities of the planet. But he is also a “climate realist” — he understands that our current solutions to climate change are not really solutions at all, since they either lack the scale required to solve the problem, or will continue to exacerbate existing inequities between different people of this planet.

For example, take emissions-free nuclear power, which is brought up as a panacea to our fossil fuel-driven economy. Morton writes:

If the world had the capacity to deliver one of the largest nuclear power plants ever built once a week, week in and week out, it would take 20 years to replace the current stock of coal-fired plants (at present, the world builds about three or four nuclear power plants a year, and retires old ones almost as quickly).

Sure, nuclear power plants are a literal solution, but most definitely not a pragmatic one since the scale required is just not there.

He also spends significant time deconstructing recent climate negotiations, finding that the focus on carbon has been something of a red herring (many other emissions are far worse than carbon and less directly connected to the modern industrial economy). Instead, they have been driven by the alignment of different environmentally-concerned parties:

Carbon dioxide suited scientists because it seemed like a straightforward measure of the problem. It suited greens because it was a pretty good proxy for the industrial society against which their movement was a reaction. The international negotiations that set up the UNFCCC showed that it suited developing countries because it was primarily a developed-country issue; at the time of Rio, the vast majority of all the industrial emissions since the the eighteenth century had come from Europe and America.

Carbon is of course a problem, but it has become a tagline, a brand, a cri de coeur of the international climate movement. Yet the challenges facing the planet are so much deeper than just carbon.

To avoid that narrow focus, Morton argues for a complete reframing of the climate debate toward solutions that can actually repair the climate, and even improve it for diverse populations around the world.

Now, the term “geoengineering” brings with it a bag of Hollywood-induced imagery of nuclear winters and globe-spanning hurricanes. Morton addresses those risks across his chapters, noting that geoengineering can indeed go wrong.

Even so, he convincingly argues that there are geoengineering techniques designed around key climate processes that can be high leverage, reversible, testable, and that have the scale required to actually solve climate challenges in a sustainable way. These processes aren’t speculation — we (mostly) understand the science today, and have pathways toward the technology required to execute a strategy.

The real challenge — as it always is — are humans and their governments. Morton notes that climate change has a huge deleterious impact on nations such as Maldives, but that it can also benefit certain regions by transitioning them from colder to more temperate climates.

That means that any geoengineering solution is going to face the prospect of creating winners and losers. Any international agreement is going to have to contend with those politics, and design mechanisms to ameliorate their effects.

Much as Morton calls for a planet remade, he sees an opportunity for geoengineering to trigger reflection among governments on their own interests:

Much better, rather than treating geoengineering as a technocratic way of avoiding politics, to use it as a way of reinventing politics. Exploring the potential of geoengineering could spur and shape the development of a new way of making planetary decisions. The aim should not be the development of a thermostat alone; it should be the development of a new hand to use it.

Environmentalists may balk at the idea of allowing humans to have their hands on any part of the earth system. But we are here, all seven billion of us, and we already have our brutal hands on the system. The question is whether we can start to use our hands in a far more productive way that can make the earth sustainable for centuries to come. As Morton notes, “The planet has been remade, is being remade, will be remade.” Geoengineering technologies offer solutions, if we can agree in how to use them.

Share your feedback on your startup’s attorney

My colleague Eric Eldon and I are reaching out to startup founders and execs about their experiences with their attorneys. Our goal is to identify the leading lights of the industry and help spark discussions around best practices. If you have an attorney you thought did a fantastic job for your startup, let us know using this short Google Forms survey and also spread the word. We will share the results and more in the coming weeks.

Stray Thoughts (aka, what I am reading)

Short summaries and analysis of important news stories

Why Gutenberg can still recognize the book

Craig Mod wrote a compelling piece in Wired on the future of the book, and why today’s books essentially look the same as when the printing press was first invented. Despite the prognosticators expecting books to have moving pictures, interactivity, and dynamic narratives, almost nothing in that direction has actually occurred as readers continue to enjoy the traditional format. Instead, where the real innovation has taken place is on the business side, where new models from crowdfunding to email subscriptions have transformed the economics of book publishing.

Automattic’s Newspack to drive revenue for smaller publishers

While content management systems have been around for decades, almost none of these systems are designed to create revenues for their users out of the box. WordPress doesn’t have any subscription features or advertising networks built-in, which means that sites that want to make money have to spend a lot of dollars just to get setup and started.

So the announcement this morning that Automattic, the owner of WordPress.com, is going to offer a new platform combining content management with revenue called Newspack is both interesting and definitely needed. It’s a proper extension of their existing platform, and a reminder for product managers that the sustainability of their customers is critical for long-term success.

Huawei sales executive arrested in Poland

We have been following Huawei’s travails in the West for some time. One major point of contention is whether the company spies on behalf of the Chinese government. Western governments have argued that it does, but as China has repeatedly noted, they have never provided any proof.

On Friday in Poland, a Huawei executive was arrested for alleged espionage, which could provide the first public evidence of collusion between Huawei and Beijing. The company subsequently fired the executive and claimed that his actions were unrelated to the company. Poland has since called on NATO countries to remove Huawei equipment from their telecommunications infrastructure. Huawei equipment is widely installed in Europe and European governments have so far evaded calls by the U.S. to boycott the company. As the largest telecom equipment manufacturer in the world, Huawei’s response could have vast repercussions for the deployment of 5G networks.

PG&E – oh boy

Silicon Valley’s (and much of California’s) gas and electric utility is going bankrupt following massive liability claims against the utility due to its equipment sparking wildfires over the past few years. California may lead the world in innovation, but it seems to always be on the precipice of disaster when it comes to infrastructure.

What’s next & obsessions

  • I am reading The Color of Law by Richard Rothstein
  • Arman and I are interested in societal resilience startups that are targeting areas like water security, housing, infrastructure, climate change, disaster response, etc. Reach out if you have ideas or companies here.