This article leaves out that along with moving the net worth from 1 to 2.3 million for accredited investors, they are also not allowing primary residence to be counted anymore, which for many people is a large part of net worth.
The SEC filing for startups is insane. The last thing we need is further roadblocks and delays for early stage startups.
PG, would this affect y-combinator? YC is the first investment for companies in your portfolio. Would they have a 120 day delay? Four months is a long time in startup land. This would certainly give a head start to bootstrapped companies.
As indicated in my first comment, the article is focusing on the regulatory problems first; as you note, filing with the SEC with a 120 day delay is awful. Letting the regulators of all the states into the game might be worse, in that I'm sure angel investments would be de facto or de jure outlawed in many states (the state residence of the firm and/or of the angel).
Home brewers have a very similar problem. When you make beer from all grain, you need to stop the heating at certain temperatures and stay at that temperature for some amount of time to let certain enzymes activate. Using a cooler to maintain heat is fairly standard in home brewing. Very neat.
This mismatch or risks is also what get's VC's and founders into trouble many times. They can both agree on what the risk is of not selling and come to correct but opposite decisions. What is too risky for the founder is just right for the VC. One of the solutions to this is letting a founder take some money off the table. This would align risk tolerance, but could also take some fire out of the founder's belly.
Selling certainly is a very tough decision and I think DHH may have oversimplified to make a point.
The appliance itself doesn't seem that important. The big thing I take from the article is law enforcement needs to: "persuade one of the Certificate Authorities — using money, blackmail or legal process — to issue a fake certificate for the targeted website." If you can get a forged certificate from a trusted cert provider, then there is a bunch of ways to do this. The box is just a convenience.
That, and it demonstrates how bad the default SSL trust model is. If the gmail.com certificate came from Thawte yesterday and comes from the Department of Defense or CNNIC today, your browser will happily accept it without warning.
If a CA is compelled to issue a false certificate by court order, this destroys their credibility completely. If I ran a CA, I'd rather face the consequences, and let the court ask another listed CA, rather than destroy my entire business model.
CAs must be audited and have a certification to be accepted in the major browsers (something like WebTrust). If anyone did this, they would lose that certification immediately and then they'd be out of business because their root CA would be revoked from Windows/Firefox/Mac OS.
The question is how WebTrust would treat this type of theoretical issue.
Especially with Americans new found willingness to accept overreaching law enforcement measures. So long as one of the right trigger words (terrorism, children) is used, the average purchaser of certificates won't blink at the idea that law enforcement completely subverted the chain of trust that enables their customers to believe they are dealing with who it says on the certificate.
Yes. Courts can also order you to destroy property, breach (most types of) confidences, alienate people from money in their accounts, etc etc, and lie about doing all of the above.
The real bad guys can just use symmetric encryption, with keys distributed by mail or by hashing parts of certain books. It's the typical end-user going to their banking site or reading their email that's most vulnerable to such devices. China might be a top customer.
The SEC filing for startups is insane. The last thing we need is further roadblocks and delays for early stage startups.
PG, would this affect y-combinator? YC is the first investment for companies in your portfolio. Would they have a 120 day delay? Four months is a long time in startup land. This would certainly give a head start to bootstrapped companies.