Nine questions to ask a startup company

Well, I thought I would get a chance to post last week, but apparently that didn't happen. I seem to be veering inexorably to one post every two weeks rather than once a week as I had hoped.

Anyway, I saw an interesting article from Guy Kawasaki about "nine questions to ask a startup." I worked for a startup in the past, and might do so in the future, so I thought this was interesting.

His questions about stock options are right on the money. "What percent of stock are you getting?" really is the relevant question-- number of shares means little. Also, liquidation preferences are very important-- as some people I know learned the hard way. Venture capitalists can and will take all of the money your company makes in an IPO or buyout, if the term sheet specifies, and if the size of the deal is small.

Questions about burn rate, cash flow, and when the product will ship are also important. After all, if you don't think the place is going to be a success... it would be a good idea to get somewhere else. You can tell that Guy is a venture capitalist because of how specific he phrases these questions.

I was a little bit more bemused about Guy's directives to "talk to several beta sites" and "talk to outside investors on the board of directors." I'm still pretty young, and I can't really call myself a "senior engineer" yet. Maybe if I was considered a key employee, I could get away with doing stuff like this. But it might be a little pretentious for someone only two years out of school.

I would add another question to the list: if this venture fails, will you still have learned or accomplished something? In other words, will it have been fun, and will it leave you a career path? Realistically, most startups don't make it big. I believe it was Steve Jobs, Guy's old boss, who popularized the old Chinese proverb, "the journey is the reward." Will the startup journey be rewarding, even if you don't become a millionaire? This is a question you have to ask yourself, not the company, so perhaps it does not really belong on this list. But it's still important to think about.


DRM under Vista

I'm not sure I can really do justice to this manifesto in a blog post. But I'm going to try anyway.

It begins:
Windows Vista includes an extensive reworking of core OS elements in order to provide content protection for so-called “premium content”, typically HD data from Blu-Ray and HD-DVD sources. Providing this protection incurs considerable costs in terms of system performance, system stability, technical support overhead, and hardware and software cost. These issues affect not only users of Vista but the entire PC industry, since the effects of the protection measures extend to cover all hardware and software that will ever come into contact with Vista, even if it's not used directly with Vista (for example hardware in a Macintosh computer or on a Linux server). This document analyses the cost involved in Vista's content protection, and the collateral damage that this incurs throughout the computer industry.

I have to stop here and note that even though Vista has already been released, I haven't used it yet. I sort of fell off of the PC gamer wagon a few years ago, and stopped upgrading my hardware every 6 months. I use Linux on the desktop now. Maybe someday I'll put together a Windows gaming machine. More likely, though, I'll buy a game console.

I would normally dismiss a document as negative and vitrolic as this as a crackpot manifesto. However, the author, Peter Gutmann, seems to know what he is talking about, and he raises some good questions.

The point is that all of these new features are being added to Vista to protect "premium content," currently defined as only HD-DVD and Blu-Ray content, but possibly encompassing much more in the future. When this content is being accessed, Vista will disable output devices that it can't control, such as S/PDIF. It will also try its hardest to keep non-trusted pieces of software from accessing the content. As Gutmann notes, this presents problems for technologies like noise-cancelling that require access to the audio or video output.

Microsoft is also going to strong-arm hardware companies into including special features on their hardware to discourage tinkering, like the so-called "tilt bits" which must be monitored on graphics cards. If a weakness is found in a piece of hardware or in a device driver, Microsoft can "revoke" the driver. This means that it will no longer be fed any premium content. The revocation will happen via Windows Update, which basically all Windows PCs are required to run if they want to keep up with security updates. (Apparently someone has hacked up a method of getting around the driver signing requirement called "vbootkit") Microsoft is also actually encouraging hardware manufacturers to use commercial code obfuscators on their drviers! If you thought Windows XP didn't have much visibility or debuggability, you ain't seen nothing yet...

It's kind of sad when Microsoft spends more effort securing your own PC against you, than securing their operating system against hackers and malware. I hate to say this, but it's about the money. When content protection gets broken, that threatens Microsoft's business strategies with Hollywood. It is a cost. When users' computers get hacked, that is an opportunity to sell them something like Windows OneCare, or the next version of Windows. It is an opportunity. Costs are to be minimized and opportunities are to be maximized. That's why, when the DRM for Windows Media Player was cracked, a patch was issued in record time-- far faster than any security patch was ever issued.

So what does this mean for everybody? Well, developing device drivers just got a lot harder. Users' computers just got a lot slower, although hopefully hardware companies will pick up the slack. Windows Update just became a lot more risky, due to the threat of driver revocation. Writing open-source graphics card drivers may become even harder.

Users will just have to take all this in stride, just like they took the stability problems with Windows 95, and the malware problems with 2k and XP. I still don't believe "digital rights management" will be successful. There are just too many parties who would like to see it fail. Companies in China and India hardly care about what Hollywood thinks. Legally, they're not subject to the DMCA. Practically, they're not subject to copyright at all. Most academics and computer hackers who have ever given a thought to DRM have hated it, and they will try to find every flaw in it.

I wish I could say that this will make people move away from Windows, but we all know that that's not the case. We'll just have to wait and see how people work around these problems.