42: My Oura Died, Crowdstrike's 10x Opportunity, Visa's Long Game, Yet Another Nvidia ML Benchmark Record, Danaher, Photoshop's New AI, Align Q3, and Knives Out

"Is that a lot?"

There is a line from Futurama that perfectly applies to a lot of debugging:

Farnsworth: My God, is it really possible?

Fry: It must be possible, it's happening.

Fry: By the way, what's happening?

As I wrote in the intro of #38, I like to highlight and give feedback when things go well, not just when they go pear-shaped, so I want to talk about the death of my Oura ring sleep-tracker.

It always sucks when you realize a piece of electronics is dead for no apparent reason, but the experience of getting it replaced was so fast and painless that I'm almost glad it happened, as it increased my confidence that the company’s got my back.

I mean this literally: within one hour of emailing them, I had gotten multiple replies and confirmation that a replacement would be sent to me, and I got the new ring within 4 days.

I bought my first ring from them ˜1.5 years ago, so I expected some warranty issues, but none of that. They just checked their cloud diagnostics to make sure it was dead, and fixed my problem.

They must understand that the LTV of a happy customer is multiple rings over many years, while an unhappy one is not only zero more rings, but maybe talking others out of buying and bad reviews... So the price of a new ring is probably worth it (and it has to cost them less and less as they scale up and go up the manufacturing learning curve).

In any case, I feel like they did the right thing, and if you're considering getting one of their wearables, this anecdote is probably good to know.

As for the product itself, it has helped me improve my sleep quality, which in turn has improved everything else in my life (you should always try to improve these foundational things on which everything else rests first, that’s where you get the most leverage for your efforts).

Better sleep is one of these eternally under-priced and under-valued investments, especially if you have young kids and a lot is out of your control (meaning: you should focus even more on the part that is in your control).

→ If you’re a US citizen, please vote. ←

Investing & Business

Crowdstrike on Cloud Workloads Being a 10x Opportunity

The company is trying to change the way customers and investors think about it from an “endpoint security” company to a “workload security” company, and sees a big opportunity there.

Here’s some of what they had to say about it recently:

CrowdStrike is focused on protecting more than just endpoints. It's also about protecting workloads. We've done a lot of work in this area over the last couple of years, made tremendous strides in our capabilities and a lot of customers that are using our technology. And we believe this represents a 10x opportunity over the current TAM estimates [...]

for every endpoint we see in the enterprise, we think there's 10 cloud workloads in the future

Obviously pricing will be different than for endpoints, as a lot of these are spun up and spun down all the time as demand ebbs and flows. Some kind of usage pricing makes sense, and they won’t get near the same amount of revenue per average workload as per average endpoint, but if the number is as massive as they say, it should still be very substantial.

So what's a workload? A workload is network, compute and storage. It could be something in the data center, it could be a public cloud, a private cloud, ephemeral virtual instance, container or mobile and IoT

So just to put it in perspective, over 1 billion PCs shipped worldwide in the last 4 years. CrowdStrike protects a fraction of those. We've been very successful in this area, but it's still a fraction. And just to juxtapose that, we see days where we protect over 1 billion containers on a daily basis, which is incredible.

on a weekly basis, we handle 4 trillion high-fidelity signals per week. We've got 14 petabytes of data, protect over 1 billion containers. These are ephemeral containers that go up and down on a daily basis. We've seen a 14x growth in protection for containers since March of 2020.

Probably not from a huge base, but still, 14x growth in less than a year is legit.

we believe cloud workloads are massively underprotected. When we show up to an organization, it's almost like many, many years ago, showing up to a company and AV wasn't installed, 25, 30 years ago [...]

current cloud IT spend for IaaS and PaaS vendors, according to IDC, is $106 billion going to $217 billion in 2023. The cloud security spend is $1.2 billion going to $2 billion. And that just seems really low to us.

If you just do the quick math, you've got 1.1% of the overall cloud IT spend on security, going to 0.9%. In the current environment, given all the sophisticated attacks, given all the regulation, to me, that makes no sense. It's insufficient security, it's insufficient in terms of investment

If you took those same numbers, $106 billion going to $217 billion, and you said most organizations should spend between 5% to 10%, according to IDC, Gartner as well, they're in that 5-7% range, if you just applied that to the overall cloud IT spend, you would get a cloud security opportunity of $6.1 billion going to $12.4 billion. We think that's more representative. I think most people in the audience would believe 1.1% going to 0.9% for cloud security is just not realistic. [...]

current spend, $1.2 billion, we believe the real opportunity in 2023 is $12.4 billion. 10x opportunity

They may be wrong and the opportunity may not be as big as they think, but it certainly seems like cloud workloads will need to be better protected than they are now, especially as more and more tasks move there.

They recently released a new module called Falcon Horizon to help protect workloads across multi-cloud environments, which are gaining in popularity as cloud customers want to avoid lock-in at a single cloud. It also matters because DevOps tends to want to go multi-cloud, and if SecOps can’t follow because their tools aren’t designed for it, it can slow down the whole business..

One thing to keep in mind as they keep adding new modules to their single agent:

CEO: So when we add a new module, most modules are pure margin because we're just pulling the data right out of Threat Graph, and we created a workflow route.

Visa Sees a World Where Every Mobile Device Can Accept Payments

I still think “POS” is an unfortunate acronym in the retail-payment space, but it’s what we’ve got to work with.

So Visa is doing a step-by-step international roll out of a really cool tech:

a simple mobile app can help millions of sellers worldwide quickly and securely accept contactless payments, while improving the checkout experience for customers. After piloting Visa Tap to Phone over the past year, Visa today announced product availability in more than 15 markets with plans to expand to the United States [...]

Tap to Phone transforms current generation Android smartphones or tablets into contactless, or tap to pay, software-based point of sale (softPOS) terminals without additional hardware. (Source)

They’ve clearly been working on this for a while. As @BlueToothDDS pointed out to me, they were hinting at it in a 2017 investor presentation, talking about how how they could “enable billions of connected devices to pay and be paid”.

  • Two billion Android devices globally could transform to payment acceptance machines.

  • Tap to Phone holds particular promise for the 180 million micro and small merchants (MSM) around the world, where fewer than 10% of MSMs in many emerging markets currently accept digital payments.

  • In a survey conducted by Visa, 63% of MSMs said they would likely implement Tap to Phone in their own businesses and more than 50% of consumers said they would likely use Tap to Phone if offered to them.

This is pretty big, and is moving more in the direct of what Square and others do.

Clearly the end state is for Visa (and its red-headed twin Mastercard) to also get Apple devices in on the program, and to basically give everyone on Earth the ability to both pay and receive payment through these rails.

The Stars Align

(Oh no! Am I starting to do company name puns like analysts and journalists?)

After kind of a rough time in the market in recent months, Align stock is back to all-time high after analysts missed Q3 results (see what I did there?).

  • Aligner volume up 28.7% year-over-year to 496.1 thousand cases

  • Q3 total revenues up 20.9% year-over-year to a record $734.1 million

  • Aligner gross margin of 74.7%, up 10.2 points sequentially and up 1.2 points year-over-year

  • Q3 operating margin of 24.1%, up 44.8 points sequentially and up 3.2 points year-over-year

I’m guessing the 44.8% sequential op. margin improvement didn’t hurt, the stock jumped over 30% yesterday to around $440. At the bottom of March, it traded all the way down to $127, so it’s up about 260% since.

From 16x EBITDA to 72x EBITDA… That’s quite the sentiment whiplash (of course it’s all more complicated than the numbers show, as it usually is, and the valuation seems more expensive than it is if you normalize a bit for what post-COVID should be like, etc).


This company’s stock has been flat for almost 6 months. Among obvious COVID19 beneficiaries that I can think of (Zoom, Amazon, Costco, Shopify, etc), it’s the one that has gotten the least lift from the pandemic. 🤔

Interview: Chamath

When a name becomes a brand and you only need it to know who I’m talking about…

Anyway, I enjoyed Shane Parrish’s interview. I don’t necessarily agree with everything he’s saying (climate change’s impact on architecture will be big, but I don’t think in quite the way he’s talking about), but it’s thought-provoking, and I respect his self-improvement journey and his ambition to have an impact and try new things, as well as his candor about his past and current failings (link below has the video and audio links):


I gotta say, 5 years ago, I didn't think Danaher would do as well as it did in the next 5 years. I didn't expect them to do badly per se, but not as well as they did (and that chart doesn’t add back the Fortive spin that took place in July 2016…).

But as Modern Major Generalist said on Twitter said: “Its always a good idea to spend $4B to acquire a global diagnostic testing firm (Cepheid) about ~3 years before the biggest pandemic in a century.”


When do we get the capex wave from speed test websites beefing up their hardware?

(ok, that sub-title dad joke was baaad…)

Random Thought on Sounding Like Your Job

In the same way that most airplane pilots copy certain speech patterns passed down from the iconic pilots, conference call operators tend to copy speech patterns too, which is why it's so weird when you get one that just doesn't and sounds like anyone else.

And in case you want to know more about the “pilot voice”, here’s an article about it:

Science & Technology

Photoshop Update Adds Big AI/ML Features

Not sure if this should go in Tech or Arts, but anyway… Cool update to Photoshop for desktop and iPad, check this out (the video):

Smart Portrait is one of these first beta filters and helps you transform age, expression, pose, colors, and more. Artificial intelligence analyzes the content of your portrait and gives you the ability to change aspects like the facial features in your image. You can use the gaze and head sliders to change the direction of the eyes or head, or light direction to change the angle of the light source. Change hair thickness, the intensity of a smile, or add surprise, anger, or make someone older or younger. The current filter works best on subtle changes, but you can crank it up to let your imagination run wild.

Some of the big ones are: Neural Filters (a bunch of them), Sky Replacement, Intelligent Refine Edge, Pattern Preview (they have a cool example with a t-shirt), etc.

You can read all about the features here, with example images and videos.

DGX A100 performance vs. CPU servers

‘Nvidia’s A100 GPU sets new performance records in MLPerf benchmarks’

The A100 GPU increased its lead on the ResNet-50 image classification test, beating the most advanced central processing units by 30 times, compared with just six times in the last round of tests. In addition, the A100 outperformed CPUs by 237 times in the new recommender test for data center inference. (Source)

Is that a lot?

To put this into perspective, a single NVIDIA DGX A100 system with eight A100 GPUs now provides the same performance as nearly 1,000 dual-socket CPU servers on some AI applications. (Source)

Is that a lot?

Dutch ‘Ethical Hacker’ Logs into Trump’s Twitter Account by Guessing Password on Fifth Try

Can this even be called a hack?

The password was “maga2020!” and there was no two-factor authentication. For the President of the United States of America (and I don’t mean the 90s band).

This is totally…


On Friday morning, almost absentmindedly, Gevers tries a number of passwords and their variations. On the fifth attempt: bingo! He tries ‘maga2020!’ (short for make America great again) and suddenly finds himself in the Twitter account of the American President. He is flabbergasted. Gevers: ‘I expected to be blocked after four failed attempts. Or at least would be asked to provide additional information.’ None of that. [...]

The researcher, Victor Gevers, had access to Trump’s personal messages, could post tweets in his name and change his profile. Gevers took screenshots when he had access to Trump’s account. [...]

The Dutchman alerted Trump and American government services to the security leak. After a few days, he was contacted by the American Secret Service in the Netherlands. This agency is also responsible for the security of the American President and took the report seriously, as evidenced by correspondence seen by de Volkskrant. Meanwhile Trump’s account has been made more secure. [...]

This is not the first time that Dutch hackers succeeded in taking over Donald Trump’s Twitter account. The first time was four years ago, just before the 2016 elections, when three hackers jointly managed to retrieve Trump’s password and access his account. That someone has now succeeded again, is remarkable. (Source)

The level of incompetence on display here is simply stunning.

Update: Of course, this story is disputed, the White House and Twitter deny it, though who knows these days? Considering Twitter’s notoriously bad security, numerous previous hacks in the past, including of the same account, it didn’t sound that improbable. In any case, my recommendation for you to turn on 2FA still stands just as strongly.

If you’re reading this, you need to go turn on two-factor authentication on all your accounts (not just Twitter), and use a 2FA app like Authy. If you can’t figure out how, I’m sure you can find videos on Youtube that show step-by-step how to do it for various apps/accounts.

Do it now, don’t be the person wishing they had done it when it’s too late, after something bad happens (the same applies to signing up for a cloud backup service — I wrote about that in the intro of edition #22).

Japan Going to Zero Emissions by 2050?

The Japanese government will soon pledge to reduce greenhouse-gas emissions to net zero by 2050, Nikkei has learned.

The new target, set to be unveiled in a speech to lawmakers next week by Prime Minister Yoshihide Suga, means Japan will finally catch up to the European Union, which set the same goal last year. Companies in industries like electric power, automobiles, and steel will be expected to take strict measures to meet the international promise.

The government plans to put together concrete measures such as promoting renewable energy [...] To achieve the goal, the U.K., France and Germany have decided to abolish coal-fired power plants, which emit a large amount of greenhouse gases. Japan will revise its basic energy plan in the summer of 2021, but it is likely that a major revision will be required to meet the new target. (Source)

Man, there’s going to be a lot of investment in new infrastructure and technologies in the coming decades as the whole world is coming together around these goals…

iPhone 12 Pro

My iPhone 12 Pro (Pacific blue, 256gb storage) should be delivered today. I’ll probably share my thoughts on it later, but in the meantime, if you’re curious about a detailed hands-on, real-world review of the things that matter (and not just a list of specs, or a clickbait article that focuses on one irrelevant details to gin up fake controversy, as pops up every year around this time), this video by Rene Ritchie is very good and pretty comprehensive.

Like an Oscar Montage, but for Recent Video Games

The Arts & History

I always enjoy a nicely designed library.

I’m not sure where this one is, though. I don’t remember where I found the photo, and reverse lookup on it leads to a thousand Pinterest pages…

Writing is a Lot Harder than It Looks, Because Thinking is a Lot Harder than it Looks

So true. Our brains are really good at skipping steps and hand-waving away details, but on the page/screen, these gaps become obvious.

The more I think about writing, the more amazing it seems to me. We take it totally for granted to even be able to do it. It’s not even a skill that nature has evolved us to do, it’s a human-created technology, yet we can get pretty good at reading & writing.

It's pretty close to telepathy. Some photons hit your retinas and suddenly my words are inside your brain. I can put ideas in your head by moving my fingers around while sitting up here in Canada. I can read a dead author and their words are in my brain through time and death. Magical (well, not literally magical, but very cool).

‘Knives Out’ on Amazon Prime Video

Just noticed that Amazon Prime in Canada has ‘Knives Out’ (2019), and I’ve been told the US version has it too.

If you haven’t seen it, I recommend it. It’s a lot of fun.

I Liked ‘Chernobyl’ (HBO) Enough That I Got This:


If you want to join the club, this is where I got it.

I wrote my thoughts about the show at the bottom of edition #38.