[HN Gopher] Don't Talk to Corp Dev (2015)
___________________________________________________________________
Don't Talk to Corp Dev (2015)
Author : tracyhenry
Score : 109 points
Date : 2021-05-14 18:38 UTC (4 hours ago)
(HTM) web link (www.paulgraham.com)
(TXT) w3m dump (www.paulgraham.com)
| sabj wrote:
| Points not covered in this piece, but worth noting: (1) If a
| counterparty is interested in you, it can help accelerate
| valuable partnerships you care about (2) You may want someone to
| invest in you, not to buy you; or you may want them to invest in
| you in the future
|
| Now, for CorpDev, a conversation about investment is always a
| sliding scale... n% (invest) <--> 100% (buy you). But whether
| it's from the corporate balance sheet or as a referral to the
| corporate VC arm, there can be value there, and value in the
| relationship building, depending on circumstances.
|
| As with so much, the risk is not knowing what you want and
| getting carried along by the process -- lettings things "happen"
| to you. If you have a conversation with corpdev, you're trading
| some information and receiving some information. Is that ride
| worth the price of admission? You have to decide based on the
| circumstances. This piece has an edge that helps to provoke and
| draw attention to the themes (don't let others shape the
| narrative of your business engagement) and that's fine.
|
| There are places and indicators that a CorpDev conversation is
| 200% M&A, and there are times when it has more BizDev dimensions.
| Many companies want to develop partnerships first to determine if
| a potential acquisition is accretive. And, those partnerships can
| actually be valuable to small companies, even if there have
| tricky strings that can trip you up. -\\_(tsu)_/-
| rstephenson2 wrote:
| I wonder how analogous this is to "don't talk to VC associates"
| advice. Corp dev is interested in buying a company, any company,
| at a low price but even once corp dev is sold they'll have to
| sell the deal to someone who matters. People confuse "this corp
| dev person is interested" with "this company is interested".
|
| If you're not actively looking to sell, _definitely_ don't bother
| taking the meeting unless there's a champion high up who is
| personally interested.
|
| Come to think of it, recruiters aren't all that far off this
| either...
| dalbasal wrote:
| This is from 2015? Wow. My memory had it much earlier than that.
| Feels like the world has changed a lot since then.
|
| I wonder if pg would revise the advice today, given how big M&A
| has become. I suspect it's all still relevant, except that actual
| deals are more common and prices are higher. That might change
| the balance, but the general description of what you're dealing
| with is still valid.
|
| Companies constantly flirting with acquisition though... I feel
| like this sort of thing is _way_ more prevalent now.
| Huiokko wrote:
| Never heard of this and I'm not sure how common this is at all.
|
| Anyone else has experience with this?
| capableweb wrote:
| You mean you haven't heard of "corporate development" in
| general or are you referring to something specific here?
| tester756 wrote:
| >Don't Talk to Corp Dev
|
| it sounds kinda edgy, especially that "corp dev"
|
| bonus points that "dev" seems to refer more often to "developer"
| than "development"
| davesque wrote:
| I think I've really gotten into the habit of disagreeing with
| Paul Graham's blogs lately but this one felt different. Felt like
| a lot of practical, common sense advice that is just barely
| beyond the horizon that most people consider. Of course, it won't
| apply in every situation but it felt hard to disagree with the
| overall sentiment.
|
| _Note:_ I say I 've been disagreeing with him lately and, of
| course, this blog wasn't written "lately." So maybe that says
| something.
| kordlessagain wrote:
| I'll disagree then because Corp Dev, like most tags, can mean
| something else like a group at a corporation responsible for
| strategic decisions to grow and restructure its business,
| establish strategic partnerships, and/or achieve organizational
| excellence.
| diego wrote:
| No, he's right on this one. Corporate Development means "the
| group in charge of acquiring companies." I have never seen a
| Corp Dev team that did anything else (and I have dealt with
| quite a few including my company's acquisition).
| jedberg wrote:
| The only reason Corp Dev is establishing a partnership is
| because they want to buy you but they aren't sure yet, so
| it's like a trial. It's also a good way to convince you to
| sell to them while also locking out competitors.
|
| If you have a partnership with Google, it makes a lot harder
| for Amazon to buy you because first they have to unwind the
| partnership.
| pbhjpbhj wrote:
| Re that last para. Amazon and Google could choose to share
| the pie: it's want to, not have to, surely?
| jedberg wrote:
| It was just a contrived example. Imagine instead you have
| a partnership with Amazon and then Walmart wants to buy
| you. Both companies have made it clear they will never
| work with each other.
|
| Either way, every deal, every partnership, every
| contract, complicates an acquisition. The fewer you have
| the more likely a deal is. By establishing a
| relationship, one company can discourage others from
| wanting to put in the effort of acquiring you.
| sombremesa wrote:
| Yep, this one is on the shortlist of YC advice that's useful to
| founders.
|
| The list: - Launch now - Build something
| people want - Do things that don't scale - Find the
| 90 / 10 solution - Find 10-100 customers who love your
| product - All startups are badly broken at some point
| - Write code - talk to users - "It's not your money"
| - Growth is the result of a great product not the precursor
| - Don't scale your team/product until you have built something
| people want - Valuation is not equal to success or even
| probability of success - Avoid long negotiated deals with
| big customers if you can - Avoid big company corporate
| development queries - they will only waste time - Avoid
| conferences unless they are the best way to get customers
| - Pre-product market fit - do things that don't scale: remain
| small/nimble - Startups can only solve one problem well
| at any given time - Founder relationships matter more
| than you think - Sometimes you need to fire your
| customers (they might be killing you) - Ignore your
| competitors, you will more likely die of suicide than murder
| - Most companies don't die because they run out of money
| - Be nice! Or at least don't be a jerk - Get sleep and
| exercise - take care of yourself
| scubbo wrote:
| This was _precisely_ my reaction. "Life Is Short"[0] remains a
| great piece that I return to time-and-again, but most of his
| other stuff that I've read recently seems to miss the mark -
| unlike this one.
|
| [0] http://www.paulgraham.com/vb.html
| markus_zhang wrote:
| This is a good one. I can immediately identify many
| "bullshits" in work and life. But I then realize that the key
| is that I need to have something to be passionate in so that
| those time saved from bullshits can be used on them.
| hemloc_io wrote:
| Ha this reminds me of a video of Justin Kan talking about selling
| Twitch to Amazon.[0]
|
| Most of the tactics in this blogpost by Paul G. show up in that
| negotiation, include the 11th hour 20% off move.
|
| [0]https://www.youtube.com/watch?v=RwUA5i-QolY
| breck wrote:
| I think there are good perspectives in here that are accurate,
| and worth the read for the perspectives, but I don't spot any
| great advice. In other words, no pithy strategy that is testable.
| Difference between the 2 explained here:
| https://breckyunits.com/wisdom-a-tiny-language-for-great-adv....
| KryptoKlown wrote:
| That is definitely a good article but I especially like the part
| about haters
| SquibblesRedux wrote:
| I was courted by corp dev from a big public company. It was quite
| an experience -- events, dinners, wine, private meetings, large
| groups of the corp folks hanging on every word. They got pretty
| pushy, demanding to know trade secrets to keep going with a
| negotiation. At the end of it I pulled the plug because it was
| clear they were not working in our interest. (The word "pillage"
| comes to mind.)
|
| The experience was nice to have, but as the essay claims, it
| ultimately was a poor use of time.
| dalbasal wrote:
| Time is cheap, relatively to focus, IMO. I think it takes a
| pretty seasoned businessman to pursue or negotiate (even half-
| seriously) an acquisition... and paying the "price" in time
| only.
| [deleted]
| jchonphoenix wrote:
| This is out of date. At this point, many larger corp dev teams
| act like a recruiting team for acquisitions. They find leads and
| pass them to VPs
| jboydyhacker wrote:
| No the advice is still spot on- acquihires are considered the
| firesafe scenario he is referring to.
| irrational wrote:
| >"What happened to Don't be Evil?" I asked. "I don't think corp
| dev got the memo," he replied.
|
| Why is it that every company that starts with good intentions
| eventually succumbs and becomes that which they claimed to not
| like?
| duxup wrote:
| When your metric is dollars... what else could happen?
| arduinomancer wrote:
| As my economics teacher repeated probably 20 times in one
| semester: the purpose of a corporation is to increase
| shareholder's wealth
| pbhjpbhj wrote:
| Your economics teacher was wrong.
|
| The purpose of a corporation is to fulfill their chosen
| corporate mission. Corporations are no more bound to choose
| financial accumulation _above all else_ than are any of the
| people that form those corporations.
|
| Cooperatives and public interest companies are corporations,
| for example.
| pbhjpbhj wrote:
| If you're genuinely asking: when companies get controlled by
| greedy people then morals take a back seat compared to
| financial gain (for those people). The greedy people have the
| money, they can structure society using the power they have
| because of it, they can corrupt others (who are also greedy) to
| support them. The people whose ancestors weren't as greedy, or
| lacked the violent capabilities to satisfy their greed, lack
| the resources to oppose the greedy. The greedy people get
| rewarded with more power to continue being greedier; they pass
| on their moral outlook and power to those who are similarly
| greedy.
|
| The pattern seems to be that after a lifetime of wealth
| acquisition one buys a cloak of respectable benevolence by
| donating a fraction of that wealth to good causes (which you'll
| probably carefully choose to provide the best tax benefits and
| as a marketing tool to help the next generation of super-
| wealthy to get a good start).
|
| Any company prepared to be sold off, if profitable, will be
| acquired by greedy people.
|
| People who want a quiet unassuming life living in harmony with
| those around them don't acquire the wealth in the first place,
| they have the morals to run companies for good, they don't have
| the wealth to acquire them.
|
| Capitalism appeals to [immoral] greed, it's a natural successor
| to feudalism.
| uhhhhhhhhhhhhhh wrote:
| Gates' Cloak
| nineplay wrote:
| I'm of the opinion that it's a mistake to think of companies as
| anything other than machines that maximize profit. Positive
| slogans, company values, donations to this cause or public
| support for that cause - it's all there to generate good
| feeling and thus maximize profit.
|
| I don't say that to be cynical, I think using that as a mental
| model really clarifies how we should approach corporate
| regulation. Saying a company "should" do this or that is no
| more useful than saying my laptop "should" do this or that.
| They will try to maximize profit, we ( the public) need to find
| ways to make negative activity unprofitable. Hauling Mark
| Zuckerberg in front of Congress doesn't do anything, we need to
| get into the machine and change the way it works.
| ska wrote:
| > Why is it that every company that starts with good intentions
| eventually succumbs
|
| There isn't much money in good intentions.
| diamond_hands wrote:
| For the same reason many companies software gets lower quality
| over time. They grow and hire people who don't care. Everyone
| who did care leaves to start their next company that cares.
| Analemma_ wrote:
| Evolution and survival of the fittest. On a long enough time
| scale, all the companies which don't behave psychopathically
| are outcompeted and replaced by the ones which do.
| duxup wrote:
| >If they can, corp dev people like to turn the tables on you.
| They like to get you to the point where you're trying to convince
| them to buy instead of them trying to convince you to sell.
|
| I worked for an established company (not a startup) and had a run
| in with Wal-Mart. Wal-Mart managed to buy some stuff at an ultra
| low discount because ... someone thought maybe if we get in there
| we could sell tons to their IT team.
|
| Meanwhile I'm working with their IT guys. They hate the product.
| They tell me in no uncertain terms and in every unprofessional
| way you can imagine (that part was pretty shocking). Of course
| what they're really doing is just buying the minimum and pounding
| the hell out of support with complaints as they pump 20 gallons
| into 10-gallon hat of our product.
|
| What happens? We keep providing them free services, extra
| services. The folks at the top think they're at the tip of a big
| sale, big money despite myself and others telling them "These
| guys don't like our widget, they don't want it... and they're not
| capable of even making good use of it. All while giving it to
| them for free, why would they pay a dime more?"
|
| By the end I hear we've made like our 5th pitch to them that is
| barely profitable for us... just on the face value of the product
| and support. Somehow Wal-Mart convinced these guys to take a 'big
| sale' moment and turn it into a loss if you consider all the time
| put into working with them. And they were happy to do it.
|
| Finally we had a stroke of luck, we were acquired, and the new
| CEO had worked with Wal-Mart before as a customer and cut them
| lose. Finally all that effort and energy that went into this big
| deal that never happened (probably for 18+ months) could be put
| to use with better customers.
|
| It's amazing how some folks can over time convince other people
| to actually propose a bad deal... for themselves.
| vb6sp6 wrote:
| Sometimes it isn't about the "big sale" but having the big
| company on your list of customers. It can give your company a
| lot of credibility.
| duxup wrote:
| I don't doubt it for a start up... but I also wonder what
| value that is vs. 18 months of work and turn that into a deal
| that is really a loss, and the customer struggles to use the
| product ... and now you've got a big dominating customer who
| is going to continue to eat up time ...
|
| I wonder how many profitable customers could be had in that
| time.
| bathtub365 wrote:
| They aren't really your customer if they aren't either paying
| you or otherwise hinging part of their own success on your
| product.
| vb6sp6 wrote:
| They used the product (in our case). They just asked for
| things that no one has wanted since.
| quickthrower2 wrote:
| I've worked at a small company constantly chasing large
| customers. Let's say a middling customer deal was $50k. Pretty
| much all profit. A large customer deal would be $500k, and need
| $500k of very specific technical-debt inducing bespoke dev
| work. I didn't know why they didn't grow the number of $50k
| deals!
|
| Actually I know why. It was the "If we can get walmart it'll
| lead to much more" mentality (but not walmart but similarly big
| clients).
|
| Also the $500k deals took a long time to land. When budgeting,
| whether the company made a profit or not would depend on a top
| salesman landing such a deal, or not.
|
| What I notice is with larger deals and tenders the world was
| more cutthroat, the competition was more fierce etc, a lot of
| the "value" was from negotiating contracts and arguing over
| deadlines and shit, not actually delivering a product.
| lnanek2 wrote:
| He actually didn't even cover one of the worst parts about the
| whole process - fake buyers who just want to steal your tech. I
| was working at a startup with a ground breaking product no one
| had released before, we had shipped hundreds of prototypes and
| gotten good reviews and had plenty of orders, but board redesigns
| and setting up a factory assembly line for the production models
| was eating into our cash and runway. A big company in an adjacent
| space made it known they were willing to buy us. We set up a data
| room, gave them tours of the office and technology, intros to all
| the staff, and they liked everything they saw. Offer never came
| through. A year later they announced they would be developing a
| knock off. Entire process just seemed like a way to get internal
| development info for their own clone they were starting
| development on.
|
| Amusingly, I've seen this process go the other direction in the
| finance world. Sometimes an employee will go out and interview
| with another fintech company, pretend they are willing to jump
| ship, and pick up as much information on how their competitor
| works as they can at the fake job interview. Employee then
| happily continues at the fintech startup with the extra
| knowledge.
| yjftsjthsd-h wrote:
| Wouldn't acquisition talks be covered in NDAs to prevent
| precisely this?
| gnicholas wrote:
| Most NDAs do include prohibitions on either disclosure of
| information or use of information (for any purpose other than
| the contemplated transaction).
|
| But some big SV companies refuse to include the second prong,
| which means they won't tell anyone your secrets but are free
| to use them to squash you. Intel's NDA is notorious for this.
| bumbada wrote:
| Who cares about NDAs when the company that breaks the law is
| thousands of times bigger than your company.
|
| They have a football team of very good lawyers working full
| time in order to delay things for years.
|
| You can be right and go broke just dealing in Courts and
| distracting your company from your technical work.
| Retric wrote:
| The trick is not to sue them but to sell the right to sue
| them to someone else.
| ufmace wrote:
| Possibly, but even if it's airtight, good luck with actually
| filing a lawsuit about it, getting it through the courts,
| getting a decision in your favor, and actually enforcing it
| against a corp with a much bigger legal budget than you
| before they eat you for breakfast in the market.
| splistud wrote:
| Sure. Creates a lot of nice evidence for you to present in
| the lawsuit over the next decade (if you can afford it).
| kjs3 wrote:
| Absolutely.
|
| Now...can your more or less thinly financed startup litigate
| against, say, Apple to enforce your rights? Because there's
| no magical moment where you say "But NDA!" and the other side
| says "Aw, you got us...here's your bags of money".
|
| That'd be Nope.
| bsder wrote:
| > A year later they announced they would be developing a knock
| off.
|
| This normally doesn't worry me.
|
| What I normally see is:
|
| 1) company we're selling to gets snotty that we're charging too
| much.
|
| 2) company sets up internal group to do what we do
|
| 3) company spends 3 years doing it--and then shuts it down
| because it was soaking up money (gee ... ya think?)
|
| 4) company now comes back to us and we increase their prices
| relative to what they had and their competitors
|
| If 3 guys and a dog can clone my work that easily, I'm doing
| something trivial, and I'm about to be out of business anyway.
| bumbada wrote:
| This is a classic.
|
| It usually takes an experienced engineer a 15 minutes tour
| around a building watching the machines to know exactly how you
| have done anything. It takes years an millions of dollars for
| your company to iterate on the specific layout, from the
| infinite possibilities.
|
| I have seen so many derivatives of this system, like
| courting/buying the gatekeeper with expensive gifts (laptops,
| very cheap vacations) or compliments in order to gain access.
|
| It is relevant here to talk about what Apple did with DropBox.
| They invited those guys to a tour around Apple HQ(probably with
| bed sheets over machines), but Steve Jobs got angry when the
| people of DropBox did not reciprocate and invited Apple folks
| to a neutral place instead.
|
| It became clear Apple just wanted to know all the internals in
| order to copy them strait, just with mountains of money.
| sombremesa wrote:
| Sometimes it doesn't even take a 15 minute tour, just some
| office photos innocently tossed up on the about us page of a
| company.
| idbehold wrote:
| Is there a reason he doesn't have HTTPS on his site? Firefox
| throws up a giant warning when I try to visit.
| tcgv wrote:
| I actually sent him a cold e-mail in Nov/2020 on that matter to
| which he promptly replied (in less than 1h) that his site "just
| doesn't have https". So he's aware of that. IMHO it'd be a
| small effort for improving his readers experience (and
| security).
| mistrial9 wrote:
| side note - I have some misc content that is http today in 2021
| - I feel that the original HTML spec is better than modern web
| in some ways, therefore I like sticking to http here and there,
| when I chose, based on first principles
| yjftsjthsd-h wrote:
| Old HTML might be fine, but sending it over an insecure
| connection isn't.
| rsj_hn wrote:
| These words "secure" and "insecure" when used as synonyms
| for "encrypted" and "plaintext" obscure more than they
| illuminate and have done a lot of damage to the world of
| software security. They stop thought. You would not believe
| how many times I've talked to a company with some complex
| webapp and asked for their security policy and they respond
| with some statement about using TLS. It's absurd. Then even
| in books or standards, you are starting to see chapters
| called "security/cryptography". As if encrypting something
| was a type of security pixie dust.
|
| I am not trying to relitigate the battle of SSL's naming
| scheme, that battle was lost, and now people associate
| "security" with encryption. Who knows, maybe in the future
| they will associate "security" with bitcoin. But it's
| certainly not true that every plaintext connection is an
| insecure connection in the sense of actual security. Not
| everything needs to be or should be encrypted, and many
| things obtain no benefit whatsoever from being encrypted.
| rgj wrote:
| In TLS context, "secure" and "insecure" don't just mean
| (un)encrypted, but also whether the connection is
| authenticated, i.e. whether you can be fairly sure you're
| looking at the "real" website. This is a far more
| important property of a site using https.
|
| Especially in a world full of disinformation,
| authenticity and integrity of information are often a
| much greater good than confidentiality.
| rsj_hn wrote:
| I understand what TLS does, but an argument that "we live
| in a world of disinformation" is not a substitute for
| having a well defined threat model and for many websites,
| particularly sites that broadcast information or download
| binaries which might already be signed or have hashes
| distributed via alternate means, there does not need to
| be a threat that requires TLS to address it.
|
| Like it or not, it is up to the information owner to
| determine their threat model and which mitigations are
| suitable for that threat model. If someone is
| broadcasting a message containing information that is
| public, they may not consider someone intercepting a
| response and altering it to be a threat that needs
| addressing, or they may consider alternate mitigations as
| sufficient -- e.g. the fact that many people can
| independently verify the information from different
| sources. For the vast majority of sites, this is a
| reasonable assumption. Just because _you_ may be worried
| about this threat doesn 't mean the information owner
| needs to be. Of course you as an information consumer
| have your own threat model, and if you are really worried
| about someone targeting you and altering http responses
| sent to your browser, then you may not want to visit
| unencrypted sites. That is also legitimate. The
| information owner can't force their threat model on you
| anymore than you can force yours on them. But words like
| "secure" and "insecure" make sense only with respect to a
| given threat model, they are not attributes of an http
| connection.
| enzanki_ars wrote:
| Like others have said, I agree that stating that TLS does
| not garuntee security. But, plain unencrypted HTTP does
| mean insecure.
|
| For a good discussion into why _all_ websites should use
| HTTPS, and the many different ways that not having the
| connection secured is actively harmful and why should not
| be done in the modern era.
|
| https://www.troyhunt.com/heres-why-your-static-website-
| needs...
|
| Not having your site as HTTPS puts all of your website
| visitors at risk. Even US ISPs like that of Comcast use
| these very same practices to inject warnings into
| insecure web traffic[0], some of which look more like
| advertisements than warnings. And like mentioned in the
| article, promises from ISPs not to use it for
| advertisements are just that, promises, and those can be
| broken in an instant. And when you have the power to
| inject anything without notice, you can do anything and
| everything with the website experience. You can attempt
| to force a download, present scam pages that look like
| antivirus warnings or software updates, one of the
| easiest ways to have users fall for malware.
|
| We should _never_ expect regular non-technical users to
| have all of their threat models in mind, nor should they
| be expected to understand all of these differences.
| Website owners should be expected to protect all of their
| visitors as best as possible and one of the easiest ways
| to start is by protecting their website with modern HTTPS
| encryption. Otherwise, it would be like a chef leaving
| the bones in a salmon before serving to a customer. You
| could do leave them in, but a customer might not know
| they are there and you have left a choking hazard.
|
| [0]: https://gizmodo.com/comcast-to-customer-who-noticed-
| it-secre...
| yjftsjthsd-h wrote:
| I'm happy to agree that TLS doesn't guarantee security,
| but plaintext HTTP _does_ guarantee insecurity.
| [deleted]
| orf wrote:
| In the era of instant, free and stupidly easy to
| configure TLS certificates why not just serve it over
| HTTPS?
| yellow_lead wrote:
| Many read only sites don't have HTTPS. Firefox and other
| browsers are at fault for saying it's insecure.
| enzanki_ars wrote:
| For a good discussion into why _all_ websites should use
| HTTPS, I'd highly recommend this article.
|
| https://www.troyhunt.com/heres-why-your-static-website-
| needs...
|
| Not having your site as HTTPS puts all of your readers at
| risk. Even US ISPs like that of Comcast use this very same
| practice to inject warnings into insecure web traffic[0]. And
| like mentioned in the article, promises from ISPs not to use
| it for advertisements are just that, promises, and those can
| be broken in an instant.
|
| [0]: https://gizmodo.com/comcast-to-customer-who-noticed-it-
| secre...
| ilaksh wrote:
| The reasons to use HTTPS on a blog or everywhere regardless of
| whether there is data that needs to be secured are mainly to
| fight against things like censorship or ISP surveillance.
|
| If you really don't think your website is going to be censored,
| that leaves the problem of ISPs injecting content. Maybe he
| doesn't feel that is a big problem, or that there is another
| way to fight it.
|
| The big push for everything to be https is about making it hard
| for governments or ISPs to say that some site or another should
| be an exception.
|
| It's kind of like, wearing masks.. before the policy was that
| everyone should wear a mask, best to keep it simple and not try
| to make exceptions that way we will get the most adoption..
| except for sites like this, it's like you never actually talk,
| and have been vaccinated so you are not worried about catching
| anything and don't wear a mask.
|
| The other part of this is that for people like me who have been
| serving http for so many years, the campaign for https just
| doesn't hit as hard as for young people who really grew up with
| that mindset being preached to them constantly.
|
| But in the end, I think that it is better if everyone does it.
| Just maybe not quite as severe a problem as you think if a few
| people slip through the cracks.
| gumby wrote:
| This is good advice (though it only needed to be a couple of
| paragraphs long)
___________________________________________________________________
(page generated 2021-05-14 23:00 UTC)