The Science of Growth is an essential startup guidebook

Oh no, not another startup business strategy book! But Sean Ammirati’s debut, The Science of Growth, is a meaty and useful manual for any entrepreneur that is looking to grow their business and learn from the mistakes and triumphs of the past. Ammirati and I worked together several years ago at, and now he is a Pittsburgh-based VC and business professor at Carnegie Mellon University. He offers plenty of wisdom here.

Many business books don’t have much to say after you have read their first chapter. The Science of Growth has a lot of useful takeaways, including exploding the myths of the first mover and always having a big launch event. He also explains why the best technology or getting the most VC funding doesn’t always make a company successful.

The book takes pairs of companies and looks at why Facebook, Google and McDonalds succeeded while Friendster, Yahoo and White Castle didn’t. Ammirati delves into four key prerequisites for growing your business: the founders should share a core vision, the basic idea should be scalable, it should solve a real problem and provide a solid first interaction. He then compares a set of ten paired companies to show how they differ.

For example, Facebook was later to the market and took longer to grow its first million customers than Friendster but had a more focused approach and created a better initial experience for its customers. McDonald borrowed money to finance its growth while White Castle didn’t. Google had a clean home page while Yahoo’s was cluttered with categories. WordPress was easier to install than Movable Type to get started with blogging. And so forth.

The book catalogs some major movements that were critical to companies’ growth. Twitter is largely credited with launching at the 2007 SXSW show, but it used clever marketing to bring attention to its then seven-month old product by paying for video monitors that it placed in the hallways to attract conference goers. Airbnb got a boost when Denver residents listed their spare rooms for Democrats who wanted to come there to hear Obama’s 2008 convention speech. WordPress took advantage of the moment in 2004 when Movable Type started charging for its blogging software.

For those who want to learn from the mistakes of the past so their businesses can find future growth, this is essential reading.

Veracode blog: What kind of tools do you need to secure mobile apps?

The days when everyone is chained to a fixed desktop computer are long over. But it isn’t just about being more mobile, or using more mobile devices, or letting your users bring their own devices and use them at work. It isn’t that the workday is no longer 9-to-5 and users expect to get their jobs done whenever and wherever they might be in the world. No, it is about moving to a completely new way of delivering IT services, which presents both challenges and opportunities for IT, specifically around security.

You can read my post here about the ways to secure mobile apps in this brave new world.

The implications of automated license plate readers

One of the more interesting aspects of our surveillance society is the use of automated license plate reader (ALPR) technology by law enforcement to track the movements of vehicles. Our legal system is far behind in treating this technology, and activists are just beginning to challenge our government in terms of proper use, managing citizen expectations, and shedding daylight on the technology and the resulting data collections.

I got interested in this technology after several trips to Israel: the main north/south freeway uses both the ALPR system and an RFID system to send tolls to those who use the roads. If you have a transponder, you are recognized by the RFID system. If you don’t the ALPR system will send you a bill from the rental company for the tolls a few weks after your rental. Theses sorts of systems are also used in several cities around the world for congestion pricing (London has been doing this for years) when a driver enters the central business district.

Then I read this article in Motherboard about how the Philadelphia police department was using ALPR equipment that was mounted to a vehicle with Google markings. While police departments often use decoy vehicles with fake business logos to hide in plain sight, I think this is the first time anyone was attempting to pass off a Google Street Maps vehicle in this fashion. Naturally, Google was not amused nor apparently consulted in this move. And while the Philly police is allowed to collect license plate data, they can’t just appropriate some legitimate business.

These automated readers are pretty powerful tools: some can collect thousands of plates an hour and can even recognize mud-splattered plates through infrared imaging. When I did my ride-along with a St. Louis city cop, he had me running plates the old fashioned way: by entering them one at a time into a car-mounted computer terminal to query a central database. It wasn’t a cumbersome process, but it did take a moment, if I typed in the plate correctly. (There is a great plot point in the Amazon series “Bosch” that hinges on a mistyped plate number, for fans of that fictional detective.)

But you might start asking questions, which is what I did, about what happens to this data once it is collected. Obviously, the chances of abuse are huge. Several years ago, the ACLU issued a report that looked in the potentials for abuse and said that ALPR technology can be “deployed with too few rules and could become a tool for mass routine location tracking and surveillance.”

On top of this there is an open data movement that allows anyone with a webcam to upload the plates they have collected to a central website. While I am normally a fan of open data, this also has great abuse potential too. What if one of my neighbors starts tracking my movements inadvertently?

There are no federal statutes that limit this collection of data, and of course each state has their own regulations about how long data can be retained and who has access to this data. Minnesota, for example, limits the data collected to only active investigations, and requires the rest to be destroyed. Some states don’t have any requirements about destruction of their data, and others allow agencies to keep the data for years. And there are two private companies that collect plate data and share the information with insurers and car repo vendors, among others.

The Electronic Frontier Foundation has already brought one lawsuit against the Los Angeles police departments. According to the EFF, LAPD and LA county sheriff’s departments have collected millions of plates each week. The EFF has a nice page summarizing what these rulings across the country are at the moment.

So what can you do to defend yourself, especially if you aren’t a suspect? The answer is not much. You might be able to obscure your plate on your car if it is parked in your driveway on your own property, but once you drive it on a public street you have to keep it visible. Also, you should become familiar with the EFF talking points for activists, which are illuminating. In the meantime, keep an eye out for strange vans parked on your street.

Quickbase blog: How to Make Scheduling Meetings Easier and More Productive

xk2One thing that hasn’t changed about today’s office environment is that meetings are still very much in force. Certainly there are ways to make their end product – such as linked spreadsheets poked fun of by this Xkcd comic — more productive. But there are other productivity gains to be had with meeting scheduling and tracking and online calendar technologies that can be had as well. Before you dive into any of these, realize that you will probably need more than one tool to help, depending on your needs. In my post today for the Quickbase blog I talk about various tools that you can use.

Using citizen science to hunt for new planets

When I was growing up, one of my childhood heroes was Clyde Tombaugh, the astronomer who discovered Pluto. Since then, we have demoted Pluto from its planetary status. But it still was a pretty cool thing to be someone who discovered a planet-like object. Today, you have this opportunity to find a new planet, and you don’t even need a telescope nor spend lonely cold nights at some mountaintop observatory. It is all thanks to an aging NASA spacecraft and how the Internet has transformed the role of public and private science research.

Let’s start in the beginning, seven years ago when the Kepler spacecraft was launched. Back then, it was designed to take pictures of a very small patch of space that had the most likely conditions to find planets orbiting far-away stars. (See above.) By closely scrutinizing this star field, the project managers hoped to find variations in the light emitted by stars that had planets passing in front of them. It is a time-tested method that Galileo used to discover Jupiter’s moons back in 1610. When you think about the great distances involved, it is pretty amazing that we have the technology to do this.

Since its launch, key parts of the spacecraft have failed but researchers have figured out how to keep it running using the Sun’s solar winds to keep the cameras properly aligned. As a result, Kepler has been collecting massive amounts of data and downloading the images faithfully over the years, and more than 1,000 Earth-class (or M class, from Star Trek) planets have already been identified. There are probably billions more out there. 

NASA has extended Kepler’s mission as long as it can, and part of that extension was to establish an archive of the Kepler data that anyone can examine. This effort, called, is where the search for planets gets interesting. NASA and various other researchers, notably from Chicago’s Adler Planetarium and Yale University, have enlisted hundreds of thousands of volunteers from around the world to look for more planets. You don’t need a physics degree, you don’t need any sophisticated computer or run any Big Data algorithms. Instead, if you have a keen mind and eyesight to pore over the data and the motivation to try to spot a sequence that would indicate a potential planetary object.

What is fascinating to me is how this crowd-based effort has been complementary to what has already happened with the Kepler database. NASA admits that it needs help from humans. As they state online, “We think there will be planets which can only be found via the innate human ability for pattern recognition. At Planet Hunters we are enlisting the public’s help to inspect the Kepler [data] and find these planets missed by automated detection algorithms.”   

Think about that for a moment. We can harness the seemingly infinite computing power available in the cloud, but it isn’t enough. We still need carbon-based eyeballs to figure this stuff out.

Planet Hunters is just one of several projects that are hosted on, a site devoted to dozens of crowdsourced “citizen science” efforts that span the gamut of research. Think of what Amazon’s Mechanical Turk does by parcelling out pieces of data that humans classify and interpret. But instead of helping some corporation you are working together on a research project. And it isn’t just science research: there is a project to help transcribe notes from Shakespeare’s contemporaries, another one to explore WWI diaries from soldiers, and one to identify animals captured by webcams in Gorongosa National Park in Mozambique. Many of the most interesting discoveries from these projects have come from discussions between volunteers and researchers. That is another notable aspect: in the past, you needed at least a PhD or some kind of academic street cred to get involved with this level of research. Now anyone with a web browser can join in. Thousands have signed up.

Finally, the Zooniverse efforts are paying another unexpected benefit: participants are actually doing more than looking for the proverbial needle in the haystack. They are learning about science by doing the actual science research. It is taking something dry and academic and making it live and exciting. And the appeal isn’t just adults, but kids too: one blog post on the site showed how Czech nine year old kids got involved in one project. That to me is probably the best reason to praise the Zooniverse efforts.

So far, the Planet Hunters are actually finding planets: more than a dozen scientific papers have already been published, thanks to these volunteers around the world on the lookout. I wish I could have had this kind of access back when I was a kid, but I also have no doubt that Tombaugh would be among these searchers, had he lived to see this all happening.

Quickbase blog: How Much Code Do You Need to Collaborate These Days?

Today we have a seeming ubiquity of the coding generation: rapid application development can be found everywhere, and it has infected every corporate department. But what is lost in this rush to coding everywhere is that you really don’t need to be a programmer anymore. Not because everyone seems to want to become one. But because the best kinds of collaboration happen when you don’t have to write any code whatsoever.

You can read my post about this topic in the Quickbase The Fast Track blog here.

Why the original Soviet Internet failed

I am reminded today about the cold war with next week being the 30th anniversary of the Chernobyl disaster. But leading up to this unfortunate event were a series of activities during the 1950s and 1960s where we were in a race with the Soviets to produce nuclear weapons, launch manned space vehicles, and create other new technologies. We also were in competition to develop the beginnings of the underlying technology for what would become today’s Internet.

One effort succeeded thanks to well-managed state subsidies and collaborative research that worked closely with a centrally planning authority. The other failed largely because of unregulated competition that was stymied by a variety of self-interests. Ironically, we acted like the socialists and the Soviets acted like the capitalists.

While the origins of the American Internet are well documented, until now there has been little published research into those early Soviet efforts. A new book from Benjamin Peters, a professor at the University of Tulsa, called How Not to Network a Nation seeks to rectify this. While a fairly dry read, it nevertheless is fascinating to see how the historical context unfolded and how the Soviets missed out on being at the forefront of Internet developments, despite early leads in rocketry and computer science.

It wasn’t from lack of effort. From the 1950s onward, a small group of Soviet scientists tried to develop a national computer network. They came close on three separate times, but failed each time. Meanwhile, the progenitor of the Internet, ARPANET, was established in late 1959 in the US and that became the basis for the technology we use every day.

Ultimately the Soviet-style “command economy” proved inflexible and eventually imploded. Instead of being a utopian vision of the common man, it gave us quirky cars like the Lada and a space station Mir that looked like something built out of spare parts.

The Soviets had trouble mainly because of a disconnect between their civilian and military economies. The military didn’t understand how to marshall and manage resources for civilian projects. And when it came time to deal with superstar scientists from its army, they faltered when deciding on proposed civilian projects.

Interestingly, those Soviet efforts at constructing the Internet could have become groundbreaking, had they moved forward. One was the precursor to cloud computing, another was an early digital computer. Both of these efforts were ultimately squashed by their bureaucracies, and you know how the story goes from there. What is more remarkable is that this early computer was Europe’s first, built in an old monastery that didn’t even have indoor plumbing.

Almost a year after ARPANET was created, the Soviets had a meeting to approve their own national computing network. Certainly, having the US ahead of them increased their interest. But they tabled the idea from Vicktor Glushkov and it died in committee. It was bad timing: two of the leaders of the Politburo were absent that day they considered the proposal.

Another leading light was Anatoly Kitov, who proposed in 1959 that civilian economists use computers to solve economic problems. For his efforts, he was dismissed from the army and put through a show trial. Yet during the 1950s the Soviet military had long-distance computer networks and in the 1960s they had local area networks. What they didn’t have were standard protocols and interoperable computers. It wasn’t the technology, but the people, that stopped their development of these projects.

What Peters shows is that the lessons from the failed Soviet Internet (he adoringly calls it the ‘InterNyet’) has to do more with the underlying actors and the intended social consequences than any lack of their combined technical skill. Every step along the route he charts in his book shows that some failure of one or more organizations held back the Soviet Internet from flourishing like it did here in the States. Memos got lost in the mail, decisions were deferred, committees fought over jurisdiction, and so forth. These mundane reasons prevented the Soviet Internet from going anywhere.

You can pre-order the book from Amazon here.

iBoss blog: How Stronger Authentication Methods Can Better Secure Cloud Access

There are many myths about cloud computing. One common one is that servers in the cloud are less secure than when they are located on-premises. Like so many other myths, this has some basis in fact, but only under a very limited set of circumstances. In my latest post for iBoss’ blog, I talk about ways to better secure your cloud-based servers using multifactor authentication (MFA) and single sign-on (SSO) methods to better protect these assets. The hiring shortage hits the black hats too

An interesting analysis in Digital Shadows recently spoke about the hiring shortage that has befallen the black-hat hacker community. While most enterprise IT managers are frustrated about getting skilled cybersecurity personnel for their own teams, there are some unexpected benefits, too.

I spoke to Ron Gula, the CEO of Tenable Security, who has witnessed this situation first-hand. Even though security budgets are increasing, “money can’t make smart people appear out of nowhere,” he told me. Finding new black-hat talent can be just as frustrating as your next legit IT hire.

You can read my story posted today on here.