About S. C. Schroder

We focus on the true high growth opportunities and the truth of the mission-critical challenges across the technology, energy, and life science sectors.

Obscure Data Seeps & Malevolent Intrusions: Twitter

On October 3, 2016, one of my little used, long inactive Twitter accounts was hacked by someone using an iPhone somewhere in the wilds of Virginia.  In addition to filing a police report, I wondered why.  I had not posted to that account since October of 2013.  I had also not really looked at Twitter in years although I use it to post links to newsworthy scientific, technological, and, occasionally, legal developments.  In fact, Twitter is now rife with data seepage, from saved credit card order information to personally identifying information that someone could use to triangulate identity theft or distort the account owner’s reality.

Twitter users leave a written record of their interests and activities; some build a fuller, more personal record, tweeting publicly or privately. Direct Messages can leave online but hidden conversations between Twitter accounts. Twitter integrates with other apps behind the stream of tweets, enabling third parties to harvest pii and other data on an independent, ongoing basis. And now Twitter, as it has tried to find a workable model, has become more conventionally commercial so that an account owner may use Twitter to order and ship products using credit cards, saving credit card, order, and shipment data.  Nightmarishly, a hacker could not just quickly compromise the true account owner by “planting” Tweets, “following” unsavory Twitter accounts, and sending false direct messages, malevolently impersonating the account owner through a real and “verified” account.

Triangulating identity theft from pii is an incremental thing, accomplished by thieves scraping data here, social engineering missing data there, and not just by stealing one resource or the proverbial haul of trash. A hacker could scrape what data might be archived there, from a network of personal contacts and order data to a private dialogue of tweets and direct messages. Potentially more damaging, the hacker could reset privacy and security settings, enable other third party apps that would scrape personal and locational data on an ongoing basis, and identify additional channels through which to acquire the account owner’s pii and financial data. The hacker could quickly build a multi-dimensional, detailed picture of an active Twitter user.  Identity theft compromises your bank accounts, your credit, your health insurance, your Social Security number, your driver’s license, and your life, threatening not just  fraudulent charges to your credit  card or diversion of your tax refund but fraudulent credit cards, loans, healthcare costs, and even mortgages, and arrest records in your name.

Which might all add up to why Twitter can’t find a buyer.


Getting To Yes? Or Getting To What You Need To Know, Leading Daily?

Leaders face multiple fronts on which they need to understand what they need to know; they need to be able to get to the truth. They need to sort through true options in order to make decisions based on reality. They need to question astutely. They need nuanced interview skills for critical functions:

1. Leaders’ employees don’t always, and perhaps rarely, tell the unvarnished and entire truth upwards: shading reports, as Shakespeare noted, has long been conscious career strategy. Except in the rare environment, employees are notoriously not only afraid to “tell truth to power,” they don’t want to be the “bearer of ill tidings.” Yet leaders do need to get behind the formal presentations and the day to day blandishments of the people who report to them. They really do need the truth: they need to understand what the presentations made really mean and what their own direct reports really think. They may not need to know all that these people know, but they do need to understand what is known and not known, what the facts and factors really mean, and what the critical facts and potent looming threats actually are. They do need to be “in the loop” in order to lead effectively short term and long term.

2. Transactions are negotiated face to face by business leaders long before the work ever gets to the lawyers and accountants. How many acquisitions worked out on the golf course or in weeks and months of ‘conversations’ haven’t had major time bombs hidden inside them, from toxic material (Halliburton/Dresser) to massive fraud (as alleged by HP regarding its acquisition of Autonomy, over founder Lynch’s denials). Look at what Citigroup might have avoided had it asked the right questions and not lent $126MM to Stern in a tangle of schemes that extended to the N.Y. statehouse and New York City Council. Look at what Grant Thornton auditors might have stopped or even prevented but, in the event, left for Blackstone to dig through in its Parmalat discussions with the Tanzis. The fallout from bad acts and bad decisions lives for years.

3. Internal investigations have a new focus in a day of U.S. FCPA, AML, SEC, and other enforcement, and yet most leaders tasked with the internal role probably have never been trained in how to interview people effectively, nor have their outside counsel. In internal investigation, should there be room for muddling through by middling interview? Employees and suppliers’ employees out there in the value chain may be innocent, confused, clumsy, or simply not too bright. However, out there on the gray front, a culture of wrongs, illegalities, and downright high penalty felonies may also be forming. Lately we have seen a new ‘roll call’ of entrenched circles of corruption: FIFA, HSBC, GSK, Avon, MF Global, Libor, Forex…. (Read Prof. Mike Koehler on FCPA alone!)In most organizations, these cultures rarely operate out in the open; they wheel and deal, threaten and steal in a gray fog of lies, tricks, distractions, diversions, and intimidation to evade detection. The deeper criminality can be hard to ferret out amid the “busyness” and even social outrages. However, bad people are bad all the time; even when they are pretending to be good, they are acting from a perspective of bad and still do bad things. They don’t necessarily see the bad they reveal. But the good interviewer will.

Leaders need to understand what it is they need to know and how to get to that knowledge, not just directly, but across personalities, technical fields, organizational cultures, and, increasingly, national cultures. They need to be able to question and probe without triggering defenses and deceiving themselves.

Yet who of leaders up and down the organization has ever actually been trained in interview technique? (Hint-having watched “Lie to Me” and reading about “micro-expressions” doesn’t really count.) How do you get to what you need to know?

Copyright © 2015 Sulgrave Strategies LLC. All rights reserved.

When Management Doesn’t Want to Lead: Big Shoes For Everyone Else To Fill.

What C-team wouldn’t sometimes just like to stop leading?  Renounce management, titles and all, without actually retiring, leaving the company, or taking a voluntary demotion.  All that accountability, liability, and that muddled vision thing could just go out the window:  “O frabjous day! Callooh! Callay!”  The ideas that hit the wall would all be someone else’s fault….In any world other than Lewis Carroll’s dreams could this end well?

Recently I ordered a pair of Ferragamo shoes, and not from Ferragamo.  As happens in the shoe world, I realized that I had ordered the wrong color and contacted the seller to cancel the transaction.  I almost missed the first response thinking that the email from the seller’s self-described  ‘fairy glitter princess’ and her ‘sparkle wand’ was spam.  On closer reading, she seemed to be able to get the job done, but a second company response was almost lost in the “Disneyland” dreaming of a customer service “Mousketeer.”  It took two more responses from a “Shea Butter” and evidently the company’s sleigh driver to confirm that the order had been indeed cancelled.  Whew.  Now that’s “personal flair.”  Granted this is different, and different from “normal stagnant business communication,” but what if the customer isn’t channeling Disney or whimsy at the moment and just wants to get business transacted?  In a self-actualized non-management world, is the dominant tone playtime?

Playtime doesn’t last forever.  Bad actors step into the void, some already in the door, some spotting their chance, some let in at the back.  In the real world out there, crime happens every day; there’s money to be laundered, success to be “redefined.”  In a world where cyberthugs work invisibly to unleash damage, insiders play leading roles in leaving doors open and laying the cyberpaths. How does non-management lead in a troubled world, where bad things do happen and predators step into the vacuum with misfeasance, malfeasance, and their weapons, intimidation and abuse?

Fail to lead, step back and let the business, or the practice, self-run, and bad things are going to happen, from within and without.  Leaders take on the responsibility for thinking things through, choosing a concrete vision, and maintaining a respectful, self-aware, ethical tone.  When leaders abrogate their responsibilities, bad stuff fills the void. And when it does, managers cannot hide with the needle in the haystack, denying accountability and liability for the state of entropy that became their only vision thing.

Copyright © 2015 Sulgrave Strategies LLC.  All rights reserved.

Here You Come Again, With A Pitch Book Looking Better Than It Has A Right To…

Another day, another pitch.  What are your red flags to pitch out the pitch book?   Old technology?   Unlikely team?  Funky numbers?  Five Google pages of competition?  What about that promising little company we all have seen x times and to the nth degree:  the one with encouraging numbers and a niche–and no IP?   My favorite.  The pitch always waffles on IP.   A little arm waving in the direction of a patent, a nod to copyright, and the founders will refer breathlessly to trade secrets.  Right.  Look around for an expired patent, direct competitors first to market, off the shelf equipment, and outsourced development.  Unless the company has paid attention and put effort into tying up the IP in a neat package, pass, move on.

Most inventive software developers want to patent their work, whether it is worth patenting or not. They do not want the exposure of copyright registration. Where the company whispers “trade secrets”, I have found on further questioning that the company has borrowed freely and widely or is knowingly re-purposing someone else’s work—or has hired others to do the work without proper agreements in place and there is a dispute as to who owns the code. Examine who owns the code by agreement, whether the company has infringing code or open source code embedded in its products, and, indeed whether the developer has “freedom to operate”, that is, does not infringe someone else’s patent. Question carefully whether the developer has any IP to protect.

Start strategically with the outside developers, as the analysis is cheaper. Who owns the code? What agreements does your software company have in place with its outside developers? This is not a question of NDA’s alone. Often such a company actually knows or suspects that it does not have the proper agreements in place and tries to avoid the real or potential ownership dispute by ignoring it, neither filing a patent application nor registering the copyright, (the less preferred route among software developers).

Use code sniffing to determine whether the software infringes someone else’s patents or copyright. A major problem is that programmers freely participate in open source and other communities on their own time. They go home at night, log in, and chat, seeking solutions to coding problems at work. They exchange code, co-author code solutions, and otherwise identify code that they then take back to work and embed in their employer’s software. The flow goes in the other direction as well. They share out their own code, their employer’s code.

Most expensive but essential is the Freedom to Operate opinion. Use a patent lawyer with extensive software experience who will do a thorough patent search, order any implicated patent, complete with wrapper, and thoroughly examine whether your company’s products infringe one or more of such patents.

Protection of trade secrets is extremely difficult, particularly in the case of software. Code, data, information flow freely. Open collaboration corrupts the process too easily. People move around, company to company, place to place, with thumb drives, personal email accounts, and BYOD. Secrecy is very difficult to maintain when products flow well beyond what Homeland Security advisers call “guns, gates, and guards.”

Copyright 2014  S. Caroline Schroder.  All Rights Reserved.

Acquisition Begins At Home: Know Before You ‘Buy’

Bored with chasing “organic growth”?  Ready for some acquisition action?  

Stop right there.

What have they been telling you?  Have they told you that most acquisitions fail?  Trust this, really, they do.

Why? Ultimately it’s a failure in knowledge:  not knowing what the acquired company really is, not knowing what the consequences really will be, but, ultimately, not knowing what you yourself, the acquirer, is, from assets, to people, to operations.

Don’t be blinded by appetite: do due diligence and assume you know nothing when sitting down to figure out what is actually going on before starting in on valuation numbers….

How to plan a good acquisition?

Know what you need.
What problems, goals, or simply operating challenges could an acquisition solve?

Know what you can accept.
What geographies, agreements, debt, costs, and personalities could you accept?  Use your imagination.  What’s the range of acquisition realities that you and your advisers have seen or fretted elsewhere?  Go on to imagine

Know yourself.
Know where an acquisition could fit even before you go out into the marketplace. Know how your own company works, and where it doesn’t, before going out looking for action. Know your problems as well as your advantages and hopes.

Don’t get hung up on whether you are  “seeing negatives” by examining reality.

Moreover, don’t excuse yourself from these steps if someone around you intones the old bromide, “Have to take risks to make money”.  Yeah, that’s a good way to lose it too, and slide down the slippery slope like so many others.

© 2013. S Caroline Schroder. All Rights Reserved.

UK Tech Tool: Distinguish Counterfeit Textiles From Authentic Goods

A cool new tool could be used to distinguish counterfeit fabrics and confidently bar, confiscate, and destroy fake goods. Long a creative and financial misery for the fashion  industry, counterfeit natural and synthetic textiles may have finally met their ultimate match. But could your textile secrets also be reverse engineered? UK and Russian researchers have developed a means of attributing characteristic spectroscopic signatures to individual textile samples to distinguish between grades and  compositions of fabrics, including silks, synthetics, cottons, and wools.   Blends and inferior textiles artificially treated to seem higher quality than they are would quickly stand out.   By indexing the signatures of known genuine materials and authentic goods, the researchers believe they could screen out fake or counterfeit goods as non-matches. Could this mark a revolution in the fight to stem the tide of counterfeit brand name and designer goods, as well as a competitive advance for the textile and other industries?

Terahertz time-domain spectroscopy for textile identification

Naftaly, M, Molloy J.F., Lanskii G.V., Kokh K.A., and Andreev,Yu.M.,
Applied Optics, Vol. 52, Issue 19, pp. 4433-4437 (2013)

Dotcom.Bust.2.0: Is London’s Tech Boom Due For Bust?

From tulips to dotcoms: Booms implode. We should have learned by now that when people predict growth forever and believe the boom is really real, the danger of the crash is highest. The perennial problem, since Isaac Newton lost his fortune in the South Sea bubble, has been how to spot the danger of the bust from inside the boom. Perhaps worse, as we have seen repeatedly in much more recent history, has been the ‘dodgy’ flows of funds as healthy growth becomes a speculative boom, and there is a fundamental chaos in accountability and oversight. That there will be business model fraud, from distortion of the services and goods actually on order to infringing uses of other entities’ secure intellectual property and trade secrets, has become a given. This is not healthy growth; this does harm to valid startups; the investment fallout hits not just wealth and institutions but family, friends, pension savers, and municipal and local charities. There is certain to be not just straight out fraud but crime, from ventures’ misuse of investors’ moneys to use of the boom environment as cover for money laundering, particularly as funds detached from clear beneficial ownership flow in from offshore, and back. Growth is good; booms are inevitable as are their correlated busts; but when government puts its finger on the scales to fuel a boom, it fuels the fire with self-interest; watch out below. Nothing lasts forever, but regrowth from cinders is always slow.

Red flags:
1. TGTBT – Booms are always too good to be true. It has long been a given that when ventures, returns, business models, angels, venture capitalists, and other denizens of the boom ecosystem are TGTBT watch for the catch and look for the trap or the back door that will let you out of the deal. Nonetheless, as boom is about to go bust, even the steadiest become swallowed by self-delusion. “For man is a giddy thing,” as was Shakespeare’s conclusion.
2. Engineer shortage – We always hear this in a modern boom, whether oil, dotcom, renewables, or here. For months there has been a widely reported dearth of engineering skills and engineers, such claimed dearth extending even to Cambridge and the Imperial College; educate more engineers in the future, it is asked. The time factors are what? Why would so much money continue to flow in where there is such a gap? Why would ventures continue to form and perform?
3. ‘Rosy’ revenues – Ah yes, until the bloom is off the rose. The wonder of it all, we see in every boom, is the remarkable robustness of the earnings, out-blooming comparable markets, paralleling other times. Watch your wallet when the proportion of companies with positive and growing revenue numbers is unusually high and even higher when one considers the engineer gap.
4. Declared success as opposed to proof – Beware when the pundits begin counting heads. Declaring success is not the same as meeting the demands of success. Raw numbers as in the number of startups housed or funded or even revenue positive prove nothing without proven technology that is new, useful, functional, and making real markets.
5. History – Booms rush in where angels, venturers, and speculators already tread. We have already seen several time in the last decade how tech, financial, and real estate booms walk, or maybe stalk, in parallel. London’s real property market has been powered by speculators, now heavily from overseas, mixing with the moneys flowing in to power ventures, exits, and startup “lifestyle” choices, but leaving all the valuations vulnerable to losses when things turn down overseas. London as a money center has grown its own reputation for loose oversight of numbers and skewing of values, and a certain blindness to mismarked, counterfeit, and dark market goods getting cleaned up with transfers through shell companies, transshipment, and other means. The problem has become global. It is highly doubtful that the local tech boom would not be ensnared in this as elsewhere.
6. The X-market – The British government has called for far reaching efforts to overcome an exploding problem with pornography, child pornography, including live-streaming pornography. The past several years have seen police seizure of tens of millions of children’s images in England and Wales; British and Spanish authorities cooperated in the arrest of some 50 people wanted for made-to-order videos of child rape and abuse, from infants to tweens, moneys deposited in a British bank and moved to Belarus. Days ago, Marques was nabbed in Ireland on a U.S. arrest warrant connecting him with graphic images of small children being raped and otherwise tortured. He has been widely reported responsible for the largest proportion of child pornography, globally. UK women have been assailed for standing up against the Facebook images and groups endorsing criminal violence against women. In the past days, Tweets have threatened individual women and their daughters with rape and death , from a Member of Parliament and a journalist to the woman who simply campaigned to place Jane Austen on British currency. For years, Silicon Valley and other tech venture hubs have been known pornography profiteers. In the UK, as in the US and across the world, the usual suspects, lawyers and other activists defend child and adult pornography as “free speech” although the child pornography, endorsement of violence, and adult pornography are variously crime, incitement to crime, and images of a dark ecosystem that victimizes children and adults with violence, addiction, and degradation. This dark side of tech is a big business, globally. Given the rosy revenues and the tempo of the tech boom despite the engineer shortage, one might well question what else is running on the ventures’ servers.

© 2013. Sulgrave Strategies LLC. All rights reserved.