The many twists and turns of hardware

Note: This is the final article in a three-part series on valuation thoughts for common sectors of venture-capital investment. The first article, which attempts to make sense of the SaaS revenue multiple, can be found here; the second, on public marketplaces can be found here.

Over the past year, the VC-backed hardware category got a big boost — Roku was the best-performing tech IPO of 2017 and Ring was acquired by Amazon for a price rumored to exceed $1 billion. In addition to selling into large, strategic markets, both companies have excellent business models. Ring sells a high-margin subscription across a high percentage of its customer base and Roku successfully monetizes its 19 million users through ads and licensing fees.

In the context of these splashy exits, it is interesting to consider the key factors that have made for valuable hardware companies against a backdrop of an investment sector that has often been maligned through the years, as I’m sure we’ve all heard the trope that “hardware is hard.” Despite this perception, hardware investment has grown much faster than the overall VC market since 2010, as shown below.

Source: TechCrunch

A large part of this investment growth has to do with the fact that we’ve seen larger exits in hardware over the past few years than ever before. Starting with Dropcam’s* $555 million acquisition in 2014, we’ve seen a number of impressive outcomes in the category, from large acquisitions like Oculus ($2 billion), Beats ($3 billion) and Nest ($3.2 billion) to IPOs like GoPro ($1.2 billion), Fitbit ($3 billion) and Roku* ($1.3 billion)**. Unfortunately for the sector, a few of these companies have underperformed since exit; notably, GoPro and Fitbit have both cratered in the public markets. 

As of April 3, 2018, both stocks traded at less than 1x trailing revenue, a far cry from the multiples of forward revenue given to other tech companies. Roku, on the other hand, continues to perform as a stock market darling, trading at approximately 6x trailing revenue and a market cap of $3.1 billion. What sets them so far apart?

The simple answer is their business model — Roku generates a significant amount of high gross margin platform revenue, while GoPro and Fitbit are reliant on continued hardware sales to drive future business, a revenue stream that has been stagnant to declining. However, Roku’s platform is one successful hardware business model; in this article I’ll explore four others — Attach, Replacement, Razor and Blades and Chunk.

Attach

“Attaching” a high gross margin annuity stream from a subscription to a hardware sale is a goal for many hardware startups. However, this is often easier said than done — as it’s critical to nail the alignment of the subscription service to the core value proposition of the hardware.

For example, Fitbit rolled out coaching, but people buy Fitbit to track activity and sleep — and this mismatch resulted in a low attach rate. On the other hand, Ring’s subscription allows users to view past doorbell activity, which aligns perfectly with customers looking to improve home security. Similarly, Dropcam sold a subscription for video storage, and at an approximate 40 percent attach rate created a strong economic model. Generally, we’ve found that the attach rate necessary to create a viable business should be at least in the 15-20 percent range.

Platform

Unlike the “Attach” business model that sells services directly related to improving the core functionality of the hardware device, “Platform” business models create ancillary revenue streams that materialize when users regularly engage with their hardware. I consider Roku or Apple to be in this category; by having us glued to our smartphones or TV screens, these companies earn the privilege of monetizing an app store or serving us targeted advertisements. Here, the revenue stream is not tied directly to the initial sale, and can conceivably scale well beyond the hardware margin that is generated.

In fact, AWS is one of the more successful recent examples of a hardware platform — by originally farming out the capacity from existing servers in use by the company, Amazon has generated an enormously profitable business, with more than $5 billion in quarterly revenue.

Replacement

Despite the amazing economics of Apple’s App Store, as of the company’s latest quarterly earnings report, less than 10 percent of their nearly $80 billion in quarterly revenue came from the “Services” category, which includes their digital content and services such as the App Store.

What really drives value to Apple is the replacement rate of their core money-maker — the iPhone. With the average consumer upgrading their iPhone every two to three years, Apple creates a massive recurring revenue stream that continues to compound with growth in the install base. Contrast this with GoPro, where part of the reason for its poor market performance has been its inability to get customers to buy a new camera — once you have a camera that works “well enough” there is little incentive to come back for more.

Razor and Blades

The best example of this is Dollar Shave Club, which quite literally sold razors and blades on its way to a $1 billion acquisition by Unilever. This business model usually involves a low or zero gross margin sale on the initial “Razor” followed by a long-term recurring subscription of “Blades,” without which the original hardware product wouldn’t work. Recent venture examples include categories like 3D printers, but this model isn’t anything new — think of your coffee machine!

Chunk

Is it still possible to build a large hardware business if you don’t have any of the recurring revenue models mentioned above? Yes — just try to make thousands of dollars in gross profit every time you sell something — like Tesla does. At 23 percent gross margin and an average selling price in the $100,000 range, you’d need more than a lifetime of iPhones to even approach one car’s worth of margin!

So, while I don’t think anyone would disagree that building a successful hardware business has quite literally many more moving parts than software, it’s interesting to consider the nuances of different hardware business models.

While it’s clear that in most cases, recurring revenue is king, it’s difficult to say that any of these models are intrinsically more superior, as large businesses have been built in each of the five categories covered above. However, if forced to choose, a “Platform” model seems to offer the most unbounded upside as it’s indicative of a higher engagement product and isn’t indexed to the original value of the product (some people certainly spend more on the App Store than on the iPhone purchase).

While it’s easy to take a narrow view of VC-hardware investing based on the outcome of a few splashy tech gadgets, broadening our aperture just a bit shows us that large hardware businesses have been built across a variety of industries and business models, and many more successes are yet to come.

*Indicates a Menlo Ventures investment

**Initial value at IPO

Tech devices that make for great last-minute gifts for anyone

Makula Dunbar
Contributor

Makula Dunbar is a writer with Wirecutter.

Editor’s note: This post was done in partnership with Wirecutter. When readers choose to buy Wirecutter’s independently chosen editorial picks, it may earn affiliate commissions that support its work.

It should be easy to give a gift. But it can be hard trying to choose what gift to give. That’s especially true with technology, where products tend to be more functional than emotional. Here’s what matters most: finding a present that connects to the recipient, creates a sense of enjoyment, and that they’re actually going to use. Here are five tech gifts that will appeal to almost anyone.

Jaybird X3 Wireless Sport Earbuds

The Jaybird X3 earbuds are designed for working out, but their design and great audio makes them perfect for anyone on the go. The X3’s interchangeable tips and fins offer a highly customizable, comfortable fit. Overall sound is high quality out of the box, but we like that the companion Jaybird app allows a tailored listening experience. Eight hours of playback time means you’ll be set throughout multiple workouts or a full work day.

Amazon Echo (2nd generation) Voice-Controlled Speaker

While there’s more than enough buzz surrounding voice-controlled speakers, they’re not yet considered a standard home item. But we think they’re helpful, and we know that a lot of folks find them incredibly useful for ordering food, listening to audiobooks, streaming music, or controlling their appliances and lighting. Our favorite is the Amazon Echo (2nd generation), which does more (and does it better) than any other current model. It supports a huge list of smart-home devices—including thermostats, light bulbs, and vacuums, and it has a set of skills, including offering custom weather, news and calendar alerts. (Note: If you’re giving one of these devices as a gift, make sure the recipient’s preferred music service is supported; Amazon’s devices, for example, work with its own Prime Music service, as well as Spotify, but not with Apple Music.)

Jackery Bolt USB Battery

A convenient device (which at times doubles as a lifesaver) is a gift that anyone would consider a necessity. We researched more than 300 USB power banks and battery packs and tested 40, naming the Jackery Bolt as our top pick. The Jackery Bolt is made out of aluminum and is the perfect size for carrying around in your bag or pocket every day. It has two connector cables (one Lightning and one MicroUSB), and its 6000 mAh battery has enough power to charge a medium-sized smartphone twice.

Nixplay Seed Digital Photo Frame

The Nixplay Seed digital photo frame is perfect way to keep faraway friends and family members in sight. Since it’s Wi-Fi-enabled, you can be anywhere and use social media platforms, cloud storage, or your smartphone to upload pictures. It’s a great gift because new and old moments can be shared anytime, giving viewers more reasons to touch base with you. It has a high-resolution IPS display that can show images in landscape or portrait orientation. The photo frame’s remote and sensor—which turns the device off when no one’s in the room — lets you choose what you want to see at your convenience. Multiple people can create photo playlists through the Nixplay website, or add pictures to be shown by sending them through email. With 8GB of storage it has the capacity to hold roughly 25,000 smartphone photos.

GoPro Hero5 Black Action Camera

The GoPro Hero5 Black is our top pick for action cameras because it can be used for everyday filming, capturing memories during travel adventures, and is great in environments that aren’t suitable for larger, pricier camera equipment. It doesn’t have a clunky case, but it’s still waterproof. For those who usually place tech integration at the top of their gear list, the GoPro Hero5 Black also has a touchscreen interface and voice-control capabilities. During testing we found its footage to be crisp and clear with accurate color in addition to sound quality that’s worth keeping in professional edits.

Garmin Vivosport Fitness Tracker

If you’re looking for a way to jumpstart your exercise routine and you haven’t picked up a fitness tracker, now’s the time.  We’ve tested 23 fitness trackers over the past three years and think the Garmin Vivosport is the best option. Its built-in GPS, long-lasting battery life and color display set it apart from others. In addition to monitoring your workouts (including strength-training reps), it helps keep tabs on your sleep and stress levels, and is Bluetooth-enabled for IOS and Android integration with streaming music and notifications.

This guide may have been updated by Wirecutter.

Note from Wirecutter: When readers choose to buy our independently chosen editorial picks, we may earn affiliate commissions that support our work.

Brazil’s tech startups begin to expand globally

Startups in Brazil, Latin America’s largest entrepreneurial ecosystem, are no longer solely focused on Brazil as their only frontier to conquer. Based on conversations with founders and in tracking the news, dozens of startups born in Brazil have realized they can compete on a global scale and expand their companies quickly by exporting their business models to other regional markets around the world, including Canada, Colombia, Europe, Japan, Mexico, the U.K. and the U.S.

Traditionally, many Brazilian startups have been content to focus on growing their revenues and market share on the “Ilha de Santa Cruz” (Island of the True Cross, as Brazil was named by a Portuguese sea-captain in 1500). There is plenty to feast on here with a growing middle class, the citizens’ voracious appetite for social and digital media consumption and a population of nearly 211,000,000. More so than other major entrepreneurial centers, Brazil’s founders are known for bootstrapping early-stage companies and avoiding global expansion, as the capital can be costly and lead to a dilution in shares in their startups.

Yet, as the country that is home to the world’s eighth largest economy slowly pulls out of a long recession with its first annual uptick in GDP last year, increasingly the “Brazilians are coming” to compete in more international markets — and more rapidly than ever before. Entrepreneurial expansion outside the country is on the rise as the startup ecosystem becomes more mature, and against a backdrop of unprecedented levels of global investment coming into Brazil from China, Japan, Europe, Silicon Valley and beyond. Indeed, international investment in LatAm startups has “more than doubled since 2013.”

Another trend that’s providing more Brazilian companies with the capital needed to fuel their global expansion is the “flurry of equity deals” during the first part of 2018, “ahead of the presidential elections in October that are expected to prompt volatility in the markets,” according to Bloomberg Markets. For example, NYSE’s biggest IPO since Snap earlier this year raised nearly $2.3 billion for Brazilian fintech PagSeguro (NYSE:PAGS), a payment processing company similar in business model to Jack Dorsey’s Square. It was the largest IPO of a Brazilian company since 2011.

Brazil’s export of fast-growth startups is on the rise

There has been a growing stream of Brazilian startups that have begun to shift focus to the U.S. during the last two years. Mosyle, founded in 2012 by Alcyr Araujo, is now based in the U.S. and used in more than 4,000 schools to help ensure that kids’ mobile device experiences are fun, safe and educational with more parental and teacher involvement.

Pipefy, which announced $16 million in Series A funding last month and was originally based in Curitiba, Brazil, has recently relocated its global HQ to San Francisco. More than 8,000 companies in 146 countries around the world use its operations-excellence platform today.

Similarly, PSafe, a mobile security, privacy and performance platform company, moved its global headquarters to San Francisco last August and now has more than half of its revenues from the U.S.

A fast-growth Brazilian startup called Gympass, which offers a corporate benefit plan to keep employees fit and healthy, has quietly grown into a global business in less than six years. Born in the country that places second in overall number of gyms, Gympass lets a company’s employees make unlimited visits to a growing network of multiple gyms and pay less than half the normal monthly fee. Last month, the company announced its launch in 12 key markets in the U.S., adding 3,000 new workout facilities to its global network of 30,000. Its corporate partners include Accenture, Deloitte, Metlife, PayPal and P&G.

The spirit of entrepreneurism in Brazil is as infectious as its natural resources are vast.

Belo Horizonte-based Hotmart, a comprehensive platform to sell digital products like e-books, online courses and software that was founded in 2011, has expanded into Europe, including opening new offices in Madrid, Paris and the Netherlands. It’s also expanded into Colombia.

São Paulo-based Movile, a leader in mobile marketplaces with a big dream of making life better for a billion people through mobile apps, has seen tremendous growth since its founding in 1998. It now employs more than 1,500 people and impacts the lives of more than 100 million people around the globe. Its food-delivery market, iFood, is now booming on all continents, and Naspers and the fund Innova Capital invested a new $82 million round last December, with a singular focus on growing iFood’s market share.

Since its foundation, Movile has raised more than $250 million to accomplish more than 20 mergers, acquisitions and investments in startups beyond iFood, including Maplink, PlayKids, Pointer, Rapiddo, SuperPlayer and Sympla, among others.

Smart strategy and networking resources boost success

With the advent and growth of SaaS platforms, a fast-emerging global on-demand economy and some entirely original business models, many Brazilian startups are poised for success as they scale from being regional plays to any number of international markets. Typically, when more than a quarter of a startup’s business is coming in from international markets — as was the case with Pipefy and its cloud-based platform — the timing is ripe to land and expand outside a company’s home country.

In choosing international markets, a smart strategy for tech startup founders is to analyze those regions that possess high broadband and mobile-device adoption, readily available payment infrastructures, political stability, level socioeconomic playing fields, fair tax requirements and an easy-to-navigate regulatory environment. One useful rule of thumb to help obtain a basic understanding is to compare the overall internet population by country versus GDP per capita. This exercise will generate a model to prioritize countries with larger numbers of prospects with high levels of disposable income.

Another critical element for optimizing success is a solid understanding of regional differences and key variances across international markets — from cultural nuances to regulatory impacts to diverse approaches to conducting business. Identifying and tapping local network resources early on can make a world of difference.

The maturing startup ecosystem in Brazil has benefited hugely from access to Cubo, the largest entrepreneurial hub in Latin America, and its constant intermingling and exchange of ideas between startup founders, investors, academics and government officials.

In Silicon Valley, BayBrazil has been hugely impactful in connecting and building a tight-knit community of Brazilian and U.S. professionals, founders and scholars living and working in the San Francisco Bay Area. On a global scale, organizations like Endeavor have sparked high-impact entrepreneurship and success around the planet.

The spirit of entrepreneurism in Brazil is as infectious as its natural resources are vast. A recent rise in startups born and bred in Brazil that are being exported to international markets around the globe to further scale and propagate is a trend to be celebrated.

Saúde! (Cheers)

Toward transitive data privacy and securing the data you don’t share

Anshu Sharma
Contributor

Anshu Sharma is a serial entrepreneur and a former venture partner at Storm Ventures.

We are spending a lot of time discussing what happens to data when you explicitly or implicitly share it. But what about data that you have never ever shared?

Your cousin’s DNA

We all share DNA —  after all, it seems we are all descendants of a few tribes. But the more closely related you are, the closer the DNA match. While we all know we share 50 percent DNA with siblings, and 25 percent with first cousins  —  there is still some meaningful match even between distant relatives (depending on the family tree distance).

In short, if you have never taken a DNA test but one or more of your blood relatives has, and shared that data  —  some of your DNA is effectively now available for a match.

While this may have seemed like theory a few weeks ago, the cops caught the Golden State Killer by using this method.

Cambridge Analytica

A similar thing happened when data was mis-used by Cambridge Analytica . Even if you never used the quiz app on the Facebook platform but your friends did, they essentially revealed private information about you without your consent or knowledge.

The number of users that took the quiz was shockingly small  —  only 300,000 users participated. And yet, upwards of 50 million (as many as 87 million) people eventually had their data collected by Cambridge Analytica.

And all of this was done legally and while complying with the platform requirements at that time.

Transitive data privacy

The word transitive simply means if A is related to B in a certain way, and B to C  — then A is related to C. For example, cousins is a transitive property. If Alice and Bob are cousins, and Bob and Chamath are cousins, then Alice and Chamath are cousins.

As private citizens, and corporations, we now have to think about transitive data privacy loss.

The simplest version of this is if your boyfriend or girlfriend forwards your private photo or conversation screenshot to someone else.

Transitive sharing upside

While we have discussed a couple of clear negative examples, there are many ways transitive data relationships help us.

Every time you ask a friend to connect you to someone on LinkedIn for a job or fundraise, you are leveraging the transitive relationship graph.

The DNA databases being created are primarily for social good  —  to help us connect with our roots and family, detect disease early and help medical research.

In fact, you could argue that a lot of challenges we face today require more data sharing, not less. If your hospital cannot share data with your primary care doctor at the right time, or your clinical trial data cannot be accessed to monitor downstream effects, we cannot take care of our citizens’ health as we should. Organizations like NIH and the VA and CMS (Medicare) are working hard to encourage appropriate easier sharing by healthcare providers.

Further, the good news is that there have been significant advances in security in encryption and hashing that enable companies to protect against the unintended side effects. More research is definitely called for. We can anonymize data, we can perturb data, and apply these techniques for protection while still being able to derive value and help customers.

We love augmented reality, but let’s fix things that could become big problems

Cyan Banister
Contributor

Cyan Banister is a partner at Founders Fund, where she invests across sectors and stages with a particular interest in augmented reality, fertility, heavily regulated industries and businesses that help people with basic skills find meaningful work.
Alex Hertel
Contributor

Alex Hertel is the co-founder of Xperiel.

Augmented Reality (AR) is still in its infancy and has a very promising youth and adulthood ahead. It has already become one of the most exciting, dynamic, and pervasive technologies ever developed. Every day someone is creating a novel way to reshape the real world with a new digital innovation.

Over the past couple of decades, the Internet and smartphone revolutions have transformed our lives, and AR has the potential to be that big. We’re already seeing AR act as a catalyst for major change, driving advances in everything from industrial machines to consumer electronics. It’s also pushing new frontiers in education, entertainment, and health care.

But as with any new technology, there are inherent risks we should acknowledge, anticipate, and deal with as soon as possible. If we do so, these technologies are likely to continue to thrive. Some industry watchers are forecasting a combined AR/VR market value of $108 billion by 2021, as businesses of all sizes take advantage of AR to change the way their customers interact with the world around them in ways previously only possible in science fiction.

As wonderful as AR is and will continue to be, there are some serious privacy and security pitfalls, including dangers to physical safety, that as an industry we need to collectively avoid. There are also ongoing threats from cyber criminals and nation states bent on political chaos and worse — to say nothing of teenagers who can be easily distracted and fail to exercise judgement — all creating virtual landmines that could slow or even derail the success of AR. We love AR, and that’s why we’re calling out these issues now to raise awareness.

Ready Player One

Without widespread familiarity with the potential pitfalls, as well as robust self-regulation, AR will not only suffer from systemic security issues, it may be subject to stringent government oversight, slowing innovation, or even threaten existing First Amendment rights. In a climate where technology has come under attack from many fronts for unintended consequences and vulnerabilities–including Russian interference with the 2016 election as well as ever-growing incidents of hacking and malware–we should work together to make sure this doesn’t happen.

If anything causes government overreach in this area, it’ll likely be safety and privacy issues. An example of these concerns is shown in this dystopian video, in which a fictional engineer is able to manipulate both his own reality and that of others via retinal AR implants. Because AR by design blurs the divide between the digital and real worlds, threats to physical safety, job security, and digital identity can emerge in ways that were simply inconceivable in a world populated solely by traditional computers.

While far from exhaustive, the lists below present some of the pitfalls, as well as possible remedies for AR. Think of these as a starting point, beginning with pitfalls:

  • AR can cause big identity and property problems: Catching Pokemons on a sidewalk or receiving a Valentine on a coffee cup at Starbucks is really just scratching the surface of AR capabilities. On a fundamental level, we could lose the power to control how people see us. Imagine a virtual, 21st century equivalent of a sticky note with the words “kick me” stuck to some poor victim’s back. What if that note was digital, and the person couldn’t remove it? Even more seriously, AR could be used to create a digital doppelganger of someone doing something compromising or illegal. AR might also be used to add indelible graffiti to a house, business, sign, product, or art exhibit, raising some serious property concerns.
  • AR can threaten our privacy: Remember Google Glass and “Glassholes?” If a woman was physically confronted in a San Francisco dive bar just for wearing Google Glass (reportedly, her ability to capture the happenings at the bar on video was not appreciated by other patrons), imagine what might happen with true AR and privacy. We may soon see the emergence virtual dressing rooms, which would allow customers to try on clothing before purchasing online. A similar technology could be used to overlay virtual nudity onto someone without their permission. With AR wearables, for example, someone could surreptitiously take pictures of another person and publish them in real time, along with geotagged metadata. There are clear points at which the problem moves from the domain of creepiness to harassment and potentially to a safety concern.
  • AR can cause physical harm: Although hacking bank accounts and IoT devices can wreak havoc, these events don’t often lead to physical harm. With AR, however, this changes drastically when it is superimposed on the real world. AR can increase distractions and make travel more hazardous. As it becomes more common, over-reliance on AR navigation will leave consumers vulnerable to buggy or hacked GPS overlays that can manipulate drivers or pilotsmaking our outside world less safe. For example, if a bus driver’s AR headset or heads-up display starts showing illusory deer on the road, that’s a clear physical danger to pedestrians, passengers, and other drivers.
  • AR could launch disturbing career arms races: As AR advances, it can improve everything from individual productivity to worker data access, significantly impacting job performance. Eventually, workers with training and experience with AR technology might be preferred over those who don’t. That could lead to an even wider gap between so-called digital elites and those without such digital familiarity. More disturbingly, we might see something of an arms race in which a worker with eye implants as depicted in the film mentioned above might perform with higher productivity, thereby creating a competitive advantage over those who haven’t had the surgery. The person in the next cubicle could then feel pressure to do the same just to remain competitive in the job market.

How can we address and resolve these challenges? Here are some initial suggestions and guidelines to help get the conversation started:

  • Industry standards: Establish a sort of AR governing body that would evaluate, debate and then publish standards for developers to follow. Along with this, develop a centralized digital service akin to air traffic control for AR that classifies public, private and commercial spaces as well as establishes public areas as either safe or dangerous for AR use.
  • A comprehensive feedback system: Communities should feel empowered to voice their concerns. When it comes to AR, a strong and responsive way for reporting unsecure vendors that don’t comply with AR safety, privacy, and security standards will go a long way in driving consumer trust in next-gen AR products.
  • Responsible AR development and investment: Entrepreneurs and investors need to care about these issues when developing and backing AR products. They should follow a basic moral compass and not simply chase dollars and market share.
  • Guardrails for real-time AR screenshots: Rather than disallowing real-time AR screenshots entirely, instead control them through mechanisms such as geofencing. For example, an establishment such as a nightclub would need to set and publish its own rules which are then enforced by hardware or software.

While ambitious companies focus on innovation, they must also be vigilant about the potential hazards of those breakthroughs. In the case of AR, working to proactively wrestle with the challenges around identity, privacy and security will help mitigate the biggest hurdles to the success of this exciting new technology.

Recognizing risks to consumer safety and privacy is only the first step to resolving long-term vulnerabilities that rapidly emerging new technologies like AR create. Since AR blurs the line between the real world and the digital one, it’s imperative that we consider the repercussions of this technology alongside its compelling possibilities. As innovators, we have a duty to usher in new technologies responsibly and thoughtfully so that they’re improving society in ways that can’t also be abused -we need to anticipate problems and police ourselves. If we don’t safeguard our breakthroughs and the consumers who use them, someone else will.

The formula behind San Francisco’s startup success

Why has San Francisco’s startup scene generated so many hugely valuable companies over the past decade?

That’s the question we asked over the past few weeks while analyzing San Francisco startup funding, exit, and unicorn creation data. After all, it’s not as if founders of Uber, Airbnb, Lyft, Dropbox and Twitter had to get office space within a couple of miles of each other.

We hadn’t thought our data-centric approach would yield a clear recipe for success. San Francisco private and newly public unicorns are a diverse bunch, numbering more than 30, in areas ranging from ridesharing to online lending. Surely the path to billion-plus valuations would be equally varied.

But surprisingly, many of their secrets to success seem formulaic. The most valuable San Francisco companies to arise in the era of the smartphone have a number of shared traits, including a willingness and ability to post massive, sustained losses; high-powered investors; and a preponderance of easy-to-explain business models.

No, it’s not a recipe that’s likely replicable without talent, drive, connections and timing. But if you’ve got those ingredients, following the principles below might provide a good shot at unicorn status.

First you conquer, then you earn

Losing money is not a bug. It’s a feature.

First, lose money until you’ve left your rivals in the dust. This is the most important rule. It is the collective glue that holds the narratives of San Francisco startup success stories together. And while companies in other places have thrived with the same practice, arguably San Franciscans do it best.

It’s no secret that a majority of the most valuable internet and technology companies citywide lose gobs of money or post tiny profits relative to valuations. Uber, called the world’s most valuable startup, reportedly lost $4.5 billion last year. Dropbox lost more than $100 million after losing more than $200 million the year before and more than $300 million the year before that. Even Airbnb, whose model of taking a share of homestay revenues sounds like an easy recipe for returns, took nine years to post its first annual profit.

Not making money can be the ultimate competitive advantage, if you can afford it.

Industry stalwarts lose money, too. Salesforce, with a market cap of $88 billion, has posted losses for the vast majority of its operating history. Square, valued at nearly $20 billion, has never been profitable on a GAAP basis. DocuSign, the 15-year-old newly public company that dominates the e-signature space, lost more than $50 million in its last fiscal year (and more than $100 million in each of the two preceding years). Of course, these companies, like their unicorn brethren, invest heavily in growing revenues, attracting investors who value this approach.

We could go on. But the basic takeaway is this: Losing money is not a bug. It’s a feature. One might even argue that entrepreneurs in metro areas with a more fiscally restrained investment culture are missing out.

What’s also noteworthy is the propensity of so many city startups to wreak havoc on existing, profitable industries without generating big profits themselves. Craigslist, a San Francisco nonprofit, may have started the trend in the 1990s by blowing up the newspaper classified business. Today, Uber and Lyft have decimated the value of taxi medallions.

Not making money can be the ultimate competitive advantage, if you can afford it, as it prevents others from entering the space or catching up as your startup gobbles up greater and greater market share. Then, when rivals are out of the picture, it’s possible to raise prices and start focusing on operating in the black.

Raise money from investors who’ve done this before

You can’t lose money on your own. And you can’t lose any old money, either. To succeed as a San Francisco unicorn, it helps to lose money provided by one of a short list of prestigious investors who have previously backed valuable, unprofitable Northern California startups.

It’s not a mysterious list. Most of the names are well-known venture and seed investors who’ve been actively investing in local startups for many years and commonly feature on rankings like the Midas List. We’ve put together a few names here.

You might wonder why it’s so much better to lose money provided by Sequoia Capital than, say, a lower-profile but still wealthy investor. We could speculate that the following factors are at play: a firm’s reputation for selecting winning startups, a willingness of later investors to follow these VCs at higher valuations and these firms’ skill in shepherding portfolio companies through rapid growth cycles to an eventual exit.

Whatever the exact connection, the data speaks for itself. The vast majority of San Francisco’s most valuable private and recently public internet and technology companies have backing from investors on the short list, commonly beginning with early-stage rounds.

Pick a business model that relatives understand

Generally speaking, you don’t need to know a lot about semiconductor technology or networking infrastructure to explain what a high-valuation San Francisco company does. Instead, it’s more along the lines of: “They have an app for getting rides from strangers,” or “They have an app for renting rooms in your house to strangers.” It may sound strange at first, but pretty soon it’s something everyone seems to be doing.

It’s not a recipe that’s likely replicable without talent, drive, connections and timing.

list of 32 San Francisco-based unicorns and near-unicorns is populated mostly with companies that have widely understood brands, including Pinterest, Instacart and Slack, along with Uber, Lyft and Airbnb. While there are some lesser-known enterprise software names, they’re not among the largest investment recipients.

Part of the consumer-facing, high brand recognition qualities of San Francisco startups may be tied to the decision to locate in an urban center. If you were planning to manufacture semiconductor components, for instance, you would probably set up headquarters in a less space-constrained suburban setting.

Reading between the lines of red ink

While it can be frustrating to watch a company lurch from quarter to quarter without a profit in sight, there is ample evidence the approach can be wildly successful over time.

Seattle’s Amazon is probably the poster child for this strategy. Jeff Bezos, recently declared the world’s richest man, led the company for more than a decade before reporting the first annual profit.

These days, San Francisco seems to be ground central for this company-building technique. While it’s certainly not necessary to locate here, it does seem to be the single urban location most closely associated with massively scalable, money-losing consumer-facing startups.

Perhaps it’s just one of those things that after a while becomes status quo. If you want to be a movie star, you go to Hollywood. And if you want to make it on Wall Street, you go to Wall Street. Likewise, if you want to make it by launching an industry-altering business with a good shot at a multi-billion-dollar valuation, all while losing eye-popping sums of money, then you go to San Francisco.

What do Meltdown, Spectre and RyzenFall mean for the future of cybersecurity?

Andrew Lohn
Contributor

Andrew Lohn is an engineer at the nonprofit, nonpartisan RAND Corporation.

The security community is still reeling from the discoveries of the Meltdown and Spectre computer vulnerabilities, and now it seems that a rash of new hardware vulnerabilities called MasterKey, RyzenFall, Fallout and Chimera have been found in the past few months, too.

Unlike most previous threats, all these vulnerabilities attack a computer’s hardware, rather than its software. This second release of attacks may be early indications that Meltdown and Spectre have opened a new front in the war between hackers and defenders in the realm of computer chips.

While experts are working to make and distribute patches for these bugs, the question remains: What does this mean for cybersecurity as a whole? The answer to that question starts with understanding a bit about how hackers work.

Hackers are a social and trendy bunch. A couple of years ago, hacking onboard computers on cars was common, so a bunch of vulnerabilities were found and patched and now cars have become somewhat harder to commandeer. Then drone hacking was all the rage, and drone manufacturers too have implemented patches and become somewhat more secure.

That is how cyber defenses work. Some smart researcher finds a new hole. If they’re nice (most are nice), they tell the manufacturers about it so they can fix the bugs. With Meltdown and Spectre, the researchers were nice and informed the manufacturers months beforehand. The MasterKey, RyzenFall, Fallout and Chimera researchers were not so nice, and only gave them a day. If the researchers are really not nice and decide instead to use their exploit, then some unlucky person or organization is probably going to have a very bad day.

That moment of discovery is the starting gun for an intense race between the defense community and the hacker community. Some hacker genius somewhere already knows how to use the bug and other hacker geniuses start working overtime to write their own code that exploits it.

Once a few of them figure it out, one of them will write a simpler version for people who don’t understand the details so that hackers who aren’t geniuses can use it too. Soon after that, it gets included in the common hacking databases. From that point on, anyone can literally point and click their way into your computer.

Although not much can be done for the folks who already had their bad day, the defense community, as a whole, almost always wins that race. As soon as their fastest programmer finds a fix, it can be quickly distributed throughout the world, making the new hacking toys only useful against the stragglers who fell behind the herd. And these days, it’s gotten pretty hard to fall behind. The patching process has become invisibly smooth, and most regular computer users never even know that there was a race on.

With hardware vulnerabilities, things could be different. You can’t change hardware by sending an invisible string of 1s and 0s through the air. For Meltdown and Spectre, workarounds where changing the software can help block the hardware problem are still being figured out and distributed. These workarounds showed up quickly at first, but the process has been anything but smooth, and proof-of-concept code for exploiting these vulnerabilities has been seen online for more than a month. As for the more recent vulnerabilities, it’s not clear yet what workarounds exist, and there might not always be a workaround that creates software solutions to hardware problems.

Though stark, this situation is not entirely unprecedented. Some operating systems are no longer supported by their vendors, which means that any new hole will go un-patched. The most famous example is Windows XP. Most people know by now that using Windows XP is not safe, but don’t fully understand how unsafe it is.

Today, any computer-savvy high schooler can watch a YouTube video and learn in just a couple hours how to point and click their way to control of someone else’s computer on the internet, so long as it is running Windows XP. Even with Windows XP though, when a truly nasty bug comes out, Microsoft can choose to go back and patch it like they did last year for the WannaCry ransomware. With a nasty hardware vulnerability, that may not even be an option.

So what can be done? Hopefully, the hacking community will not become enthralled with searching for hardware vulnerabilities. They might not. It is hard and requires rare expertise that is not as easy to come by as software hacking. If we are not so lucky, then defending the herd by responding quickly to the first attack may no longer be a viable approach — but herd immunity comes in many forms.

Perhaps it will be from increased diversity of chip designs or perhaps approaches to slow the spread of information from hacker genius to amateur. Perhaps it will be from improved perimeter defenses, although hardware at the perimeter may be just as vulnerable as the rest.

Time and again, the adaptability of the world’s smartest engineers have overcome the most dire threats to computing and the internet. The safe money is on them to win the day again, but with hardware vulnerabilities it may require a whole new approach for defending the herd.

Investing in frontier technology is (and isn’t) cleantech all over again

I entered the world of venture investing a dozen years ago.  Little did I know that I was embarking on a journey to master the art of balancing contradictions: building up experience and pattern recognition to identify outliers, emphasizing what’s possible over what’s actual, generating comfort and consensus around a maverick founder with a non-consensus view, seeking the comfort of proof points in startups that are still very early, and most importantly, knowing that no single lesson learned can ever be applied directly in the future as every future scenario will certainly be different.

I was fortunate to start my venture career at a fund specializing in funding “Frontier” technology companies. Real-estate was white hot, banks were practically giving away money, and VCs were hungry to fund hot startups.

I quickly found myself in the same room as mainstream software investors looking for what’s coming after search, social, ad-tech, and enterprise software. Cleantech was very compelling: an opportunity to make money while saving our planet.  Unfortunately for most, neither happened: they lost their money and did little to save the planet.

Fast forward a decade, after investors scored their wins in online lending, cloud storage, and on-demand, I find myself, again, in the same room with consumer and cloud investors venturing into “Frontier Tech”.  The are dazzled by the founders’ presentations, and proud to have a role in funding turning the seemingly impossible to what’s possible through science. However, what lessons did they take away from the Cleantech cycle? What should Frontier Tech founders and investors be thinking about to avoid the same fate?

Coming from a predominantly academic background, I was excited to be part of the emerging trend of funding founders leveraging technology to make how we generate, move, and consume our natural resources more efficient and sustainable. I was thrilled to be digging into technologies underpinning new batteries, photovoltaics, wind turbines, superconductors, and power electronics.

To prove out their business models, these companies needed to build out factories, supply chains, and distribution channels. It wasn’t long until the core technology development became a small piece of an otherwise complex, expensive operation. The hot energy startup factory started to look and feel mysteriously like a magnetic hard drive factory down the street. Wait a minute, that’s because much of the equipment and staff did come from factories making components for PCs; but this time they were making products for generating, storing, and moving energy more renewably. So what went wrong?

Whether it was solar, wind, or batteries, the metrics were pretty similar: dollars per megawatt, mass per megawatt, or multiplying by time to get dollars and mass per unit energy, whether it was for the factories or the systems. Energy is pretty abundant, so the race was on to to produce and handle a commodity. Getting started as a real competitive business meant going BIG: as many of the metrics above depended on size and scale. Hundreds of millions of dollars of venture money only went so far.

The onus was on banks, private equity, engineering firms, and other entities that do not take technology risk, to take a leap of faith to take a product or factory from 1/10th scale to full-scale. The rest is history: most cleantech startups hit a funding valley of death.  They need to raise big money while sitting at high valuations, without a kernel of a real business to attract investors that write those big checks to scale up businesses.

How are Frontier-Tech companies advantaged relative to their Cleantech counterparts? For starters, most aren’t producing a commodity…

Frontier Tech, like Cleantech, can be capital-intense. Whether its satellite communications, driverless cars, AI chips, or quantum computing; like Cleantech, there is relatively larger amounts of capital needed to take the startups the point where they can demonstrate the kernel of a competitive business.  In other words, they typically need at least tens of millions of dollars to show they can sell something and profitably scale that business into a big market. Some money is dedicated to technology development, but, like cleantech a disproportionate amount will go into building up an operation to support the business. Here are a couple examples:

  • Satellite communications: It takes a few million dollars to demonstrate a new radio and spacecraft. It takes tens of millions of dollars to produce the satellites, put them into orbit, build up ground station infrastructure, the software, systems, and operations needed to serve fickle, enterprise customers. All of this while facing competition from incumbent or in-house efforts. At what point will the economics of the business attract a conventional growth investor to fund expansion? If Cleantech taught us anything, it’s that the big money would prefer to watch from the sidelines for longer than you’d think.
  • Quantum compute: Moore’s law is improving new computers at a breakneck pace, but the way they get implemented as pretty incremental. Basic compute architectures date back to the dawn of computing, and new devices can take decades to find their way into servers. For example, NAND Flash technology dates back to the 80s, found its way into devices in the 90s, and has been slowly penetrating datacenters in the past decade. Same goes for GPUs; even with all the hype around AI. Quantum compute companies can offer a service direct to users, i.e., homomorphic computing, advanced encryption/decryption, or molecular simulations. However, that would one of the rare occasions where novel computing machine company has offered computing as opposed to just selling machines. If I had to guess; building the quantum computers will be relatively quick; building the business will be expensive.
  • Operating systems for driverless cars: Tremendous progress has been made since Google first presented its early work in 2011. Dozens of companies are building software that do some combination of perception, prediction, planning, mapping, and simulations.  Every operator of autonomous cars, whether they are vertical like Zoox, or working in partnerships like GM/Cruise, have their own proprietary technology stacks. Unlike building an iPhone app, where the tools are abundant and the platform is well-understood, integrating a complete software module into an autonomous driving system may take up more effort than putting together the original code in the first place.

How are Frontier-Tech companies advantaged relative to their Cleantech counterparts? For starters, most aren’t producing a commodity: it’s easier to build a Frontier-tech company that doesn’t need to raise big dollars before demonstrating the kernel of an interesting business. On rare occasions, if the Frontier tech startup is a pioneer in its field, then it can be acquired for top dollar for the quality of its results and its team.

Recent examples are Salesforce’s acquisition of Metamind, GM’s acquisition of Cruise, and Intel’s acquisition of Nervana (a Lux investment). However, as more competing companies get to work on a new technology, the sense of urgency to acquire rapidly diminishes as the scarce, emerging technology quickly becomes widely available: there are now scores of AI, autonomous car, and AI chip companies out there. Furthermore, as technology becomes more complex, its cost of integration into a product (think about the driverless car example above) also skyrockets.  Knowing this likely liability, acquirers will tend to pay less.

Creative founding teams will find ways to incrementally build interesting businesses as they are building up their technologies. 

I encourage founders, and investors to emphasize the businesses they are building through their inventions.  I encourage founders to rethink plans that require tens of millions of dollars before being able to sell products, while warning founders not to chase revenue for the sake of revenue.

I suggest they look closely at their plans and find creative ways to start penetrating, or building exciting markets, hence interesting businesses, with modest amounts of capital. I advise them to work with investors who, regardless of whether they saw how Cleantech unfolded, are convinced that their $$ can take the company to the point where it can engage customers with an interesting product with a sense for how it can scale into an attractive business.

The alternative to the four-hour workweek mindset

Often when I attend a conference or a networking event I am surprised by how many people operate at the periphery of the tech industry. Social media gurus, SEO “ninjas,” bloggers, etc. It’s a coterie of tech “club promoters.” The hype men of the industry.

“Hack your way to success.” “Meet the right people.” “Become a business superstar.” They’ve found their silver bullet. They boast of building a passive income from a web business, all while traveling the world as the rest of us mortals are slaving away at our 9-5 jobs.

In a world where we are searching for silver bullets, these people seem to have amassed an arsenal of them. Moreover, they’ve found audiences to sell their silver bullets to, en masse.

The most blatant example of this are some of the disciples of the 4-Hour Workweek, by Tim Ferriss. The book itself is not really the issue. Ferriss indeed outlines some interesting tips on managing resources to get the highest ROI on your work. What is objectionable, however, is the hack-your-way-to-success mentality it has spawned in entrepreneurial circles.

It’s a mindset that is antithetical to everything I know about entrepreneurship; a mindset that I see when I hear people talk about having an amazing idea that they want to farm out to a young college student who can code, or outsourcing development of a product to a cheap dev house. It’s a mindset that assumes entrepreneurship is a series of networking events and fundraising meetings, or even some silver-bullet business connection they have, in lieu of a real distribution strategy. It’s taking a passive approach to a very difficult undertaking.

What is missed in all of this is the mindset of craftsmanship; that one’s expertise and deliberate focus on one’s craft is actually the primary driver for success — and not some crapshoot of a series of hacks.

What happens on the periphery  —  whether it be the towel slapping we see on Twitter from tech celebrities or headline gossip out of TechCrunch  —  is not actually meaningful as a foundation of a business or a profession. Neither are the number of coffee meetings you have scheduled or the amount of networking meetings you attend. These things are tertiary at best, and, at worst, just plain-old distractions.

Startup graveyards are full of visionaries without expertise or the proper skills to execute.

To be successful over the course of a career requires the application and accumulation of expertise. This assumes that for any given undertaking you either provide expertise or you are just a bystander. It’s the experts that are the drivers — an expertise that is gained from a curiosity, and a mindset of treating one’s craft very seriously.

A startup is by nature a crash-course in developing expertise. What makes startups unique is the sheer dearth of resources. This dearth of resources forces founders to rapidly adapt their skills to meet the demands of the project.

“I didn’t know how to do x, so I just had to figure it out.” This is what I regularly hear from successful founders, whereas “I couldn’t find someone to do x, so I had to reconsider whether to pursue it at all” is a common refrain from unsuccessful founders.

If you step up to the challenge, you’ll realize that the startup is nothing more than a teacher. It, in fact, is a great teacher for no other reason than it demands the accumulation of knowledge quickly for the startup to survive.

A technical founder, whose experience may relegate her or him to a specialist role in a large company, for example, has to adapt and take on more expertise in adjacent technical areas. There simply aren’t the human resources to delegate these tasks to another specialist.

This is true for taking on tasks in other domains, whether that be sales, finance, marketing, management or design. You have to take an interest in these domains because there is no one else to fill these roles in your early-stage company.

It’s in exploring these unknown territories and facing the headwind of startup challenges that it becomes clear that the startup is merely a force of catalytic professional and character growth. With actual success of any given venture subject to the whim of outside forces, this growth is the non-monetary dividend that makes the experience priceless.

That is why the passive, 4-Hour Mindset is so self-defeating. To lounge on a beach or travel the world and not actively engage in building your arsenal of expertise is professional malpractice.

It’s also not practical. No serious company has been created passively — the passive mindset that leads people to say “I’ve got a great idea, I’ll hire a team to build it out” or “I have this great connection who will drive sales” while I play armchair visionary simply doesn’t work. Startup graveyards are full of visionaries without expertise or the proper skills to execute, for no other reason than ideas are not self-executing, but are rather made into being by intense engagement by skilled operators.

Most importantly, to think of a business as a series of hacks and transactional relationships, you’ll never amass the expertise that your future self and future businesses need to succeed. Startups fail withstanding founder expertise, of course. It is certainly not sufficient to be an expert. However, expertise does make it possible to traverse the struggles of creating businesses over the course of a career. You’re not simply working on the idea in front of you, you’re building the knowledge to succeed at your next projects, as well.

It is the expertise and the mindset of craftsmanship that allows someone like Elon Musk to jump from project to project and sector to sector with the knowledge of how to execute on the highest-level problems. It’s not simply his ability to find interesting ideas — it’s his command of the domains of the business that allow him to execute the way he does. He is the epitome of an interdisciplinary student of his businesses.

If you are to optimize for anything, optimize for the long-term. Use the challenges of your business today to build mastery in your craft. There is no guarantee that any one venture will succeed, but that mastery will bend luck in your favor over the long course of your career.

Facebook and the perils of a personalized choice architecture

Yafit Lev-Aretz
Contributor

Yafit Lev-Aretz is a Research Fellow at the Information Law Institute, New York University Law School.

The recent Facebook-Cambridge Analytica chaos has ignited a fire of awareness, bringing the risks of today’s data surveillance culture to the forefront of mainstream conversations.

This episode and the many disturbing prospects it has emphasized have forcefully awakened a sleeping giant: people seeking information about their privacy settings and updating their apps permissions, a “Delete Facebook” movement has taken off and the FTC launched an investigation into Facebook, causing Facebook’s stocks to drop. A perfect storm.

The Facebook-Cambridge Analytica debacle is composed of pretty simple facts: Users allowed Facebook to collect personal information, and Facebook facilitated third-party access to the information. Facebook was authorized to do that pursuant to its terms of service, which users formally agreed to but rarely truly understood. The Cambridge Analytica access was clearly outside the scope of what Facebook, and most of its users, authorized. Still, this story has turned into an iconic illustration of the harms generated by massive data collection.

While it is important to discuss safeguards for minimizing the prospects of unauthorized access, the lack of consent is the wrong target. Consent is essential, but its artificial quality has been long-established. We already know that our consent is, more often than not, meaningless beyond its formal purpose. Are people really raging over Facebook failing to detect the uninvited guest who crashed our personal information feast when we’ve never paid attention to the guest list? Yes, it is annoying. Yes, it is wrong. But it is not why we feel that this time things went too far.

In their 2008 book, “Nudge,” Cass Sunstein and Richard Thaler coined the term “choice architecture.”  The idea is simple and pretty straightforward: the design of the environments in which people make decisions influences their choices. Kids’ happy encounters with candies in the supermarket are not serendipitous: candies are commonly located where children can see and reach them.

Tipping options in restaurants are usually tripled because individuals tend to go with the middle choice, and you must exit through the gift shop because you might be tempted to buy something on your way out. But you probably knew that already because choice architecture has been here since the dawn of humanity and is present in any human interaction, design and structure. The term choice architecture is 10 years old, but choice architecture itself is way older.

The Facebook-Cambridge Analytica mess, together with many preceding indications before it, heralds a new type of choice architecture: personalized, uniquely tailored to your own individual preferences and optimized to influence your decision.

We are no longer in the familiar zone of choice architecture that equally applies to all. It is no longer about general weaknesses in human cognition. It is also not about biases that are endemic to human inferences. It is not about what makes humans human. It is about what makes you yourself.

When the information from various sources coalesces, the different segments of our personality come together to present a comprehensive picture of who we are. Personalized choice architecture is then applied to our datafied curated self to subconsciously nudge us to choose one course of action over another.

The soft spot at which personalized choice architecture hits is that of our most intimate self. It plays on the dwindling line between legitimate persuasion and coercion disguised as voluntary decision. This is where the Facebook-Cambridge Analytica story catches us — in the realization that the right to make autonomous choices, the basic prerogative of any human being, might soon be gone, and we won’t even notice.

Some people are quick to note that Cambridge Analytica did not use the Facebook data in the Trump campaign and many others question the effectiveness of the psychological profiling strategy. However, none of this matters. Personalized choice architecture through microtargeting is on the rise, and Cambridge Analytica is not the first nor the last to make successful use of it.

Jigsaw, for example, a Google -owned think tank, is using similar methods to identify potential ISIS recruits and redirect them to YouTube videos that present a counter-narrative to ISIS propaganda. Facebook itself was accused of targeting at-risk youth in Australia based on their emotional state. The Facebook-Cambridge Analytica story may have been the first high profile-incident to survive numerous news cycles, but many more are sure to come.

We must start thinking about the limits of choice architecture in the age of microtargeting. Like any technology, personalized choice architecture can be used for good and evil: It may identify individuals at risk and lead them to get help. It could motivate us into reading more, exercising more and developing healthy habits. It could increase voter turnout. But when misused or abused, personalized choice architecture can turn into a destructive manipulative force.

Personalized choice architecture can frustrate the entire premise behind democratic elections — that it is we, the people, and not a choice architect, who elect our own representatives. But even outside the democratic process, unconstrained personalized choice architecture can turn our personal autonomy into a myth.

Systematic risks such as those induced by personalized choice architecture would not be solved by people quitting Facebook or dismissing Cambridge-Analytica’s strategies.

Personalized choice architecture calls for systematic solutions that involve a variety of social, economic, technical, legal and ethical considerations. We cannot let individual choice die out in the hands of microtargeting. Personalized choice architecture must not turn into nullification of choice.