InVision, valued at $1.9 billion, picks up $115 million Series F

“The screen is becoming the most important place in the world,” says InVision CEO and founder Clark Valberg . In fact, it’s hard to get through a conversation with him without hearing it. And, considering that his company has grown to $100 million in annual recurring revenue, he has reason to believe his own affirmation.

InVision, the startup looking to be the Salesforce of design, has officially achieved unicorn status with the close of a $115 million Series F round, bringing the company’s total funding to $350 million. This deal values InVision at $1.9 billion, which is nearly double its valuation as of mid-2017 on the heels of its $100 million Series E financing.

Spark Capital led the round, with participation from Goldman Sachs, as well as existing investors Battery Ventures, ICONIQ Capital, Tiger Global Management, FirstMark and Geodesic Capital. Atlassian also participated in the round. Earlier this year, Atlassian and InVision built out much deeper integrations, allowing Jira, Confluence and Trello users to instantly collaborate via InVision.

As part of the deal, Spark Capital’s Megan Quinn will be joining the board alongside existing board members and observers Amish Jani, Lee Fixel, Matthew Jacobson, Mike Kourey, Neeraj Agrawal, Vas Natarajan and Daniel Wolfson.

InVision started in 2011 as a simple prototyping tool. It let designers build out their experience without asking the engineering/dev team to actually build it, to then send to the engineering and product and marketing and executive teams for collaboration and/or approval.

Over the years, the company has stretched its efforts both up and downstream in the process, building out a full collaboration suite called InVision Cloud, so that every member of the organization can be involved in the design process; Studio, a design platform meant to take on the likes of Adobe and Sketch; and InVision Design System Manager, where design teams can manage their assets and best practices from one place.

But perhaps more impressive than InVision’s ability to build design products for designers is its ability to attract users that aren’t designers.

“Originally, I don’t think we appreciated how much the freemium model acted as a flywheel internally within an organization,” said Quinn. “Those designers weren’t just inviting designers from their own team or other teams, but PMs and Marketing and Customer Service and executives to collaborate and approve the designs. From the outside, InVision looks like a design company. But really, they start with the designer as a core customer and spread virally within an organization to serve a multitude.”

InVision has simply dominated prototyping and collaboration, today announcing it has surpassed 5 million users. What’s more, InVision has a wide variety of customers. The startup has a long and impressive list of digital-first customers — including Netflix, Uber, Airbnb and Twitter — but also serves 97 percent of the Fortune 100, with customers like Adidas, General Electric, NASA, IKEA, Starbucks and Toyota.

Part of that can be attributed to the quality of the products, but the fundamental shift to digital (as predicted by Valberg) is most certainly under way. Whether brands like it or not, customers are interacting with them more and more from behind a screen, and digital customer experience is becoming more and more important to all companies.

In fact, a McKinsey study showed that companies that are in the top quartile scores of the McKinsey Design Index outperformed their counterparts in both revenues and total returns to shareholders by as much as a factor of two.

But as with any transition, some folks are averse to change. Valberg identifies industry education and evangelism as two big challenges for InVision.

“Organizations are not quick to change on things like design, which is why we’ve built out a Design Transformation Team,” said Valberg. “The team goes in and gets hands on with brands to help them with new practices and to achieve design maturity within the organization.”

With a fresh $115 million and 5 million users, InVision has just about everything it needs to step into a new tier of competition. Even amongst behemoths like Adobe, which pulled in $2.29 billion in revenue in Q3 alone, InVision has provided products that can both complement and compete.

But Quinn believes the future of InVision rests on execution.

“As with most companies, the biggest challenge will be continued excellence in execution,” said Quinn. “InVision has all the right tail winds with the right team, a great product and excellent customers. It’s all about building and executing ahead of where the pack is going.”

Dell votes to buy back VMware tracking stock and go public again

Dell announced it has agreed to buy back the VMware tracking stock from the EMC acquisition. The company confirmed the buy-back price of $120 per share for a total of $23.9 billion. With today’s move, Dell will return to being publicly traded starting on December 28th.

Sixty-one percent of shareholders voted in favor of the deal. It’s unclear how Wall Street will deal with the $50 billion debt load the company is carrying as a result of that $67 billion EMC acquisition from two years ago, but chairman and CEO Michael Dell got the results he wanted.

“With this vote, we are simplifying Dell Technologies’ capital structure and aligning the interests of our investors,” Dell said in a statement.

A company spokesperson confirmed that Dell is going public again. “Portions of Dell Technologies have been publicly traded through, for example, VMware and the tracker stock. The NYSE:DELL Class C shares will enable investors to invest in the full breadth of Dell Technologies company.” In plain terms, that means the company will be sold on the New York Stock Exchange under the DELL symbol.

Part of the EMC deal was a payout to shareholders based on VMware tracking stock. VMware was a key part of the deal in that it was one of the more valuable pieces in the EMC federation of companies. It still runs as a separate company with separate stock listing.

There was much drama prior to this vote with activist investor Carl Icahn suing the company last month after Dell announced a price of $21.7 billion for the tracking stock last July. The move did get Dell to move the needle on the price a bit, although not as much as Icahn had hoped.

With today’s vote, Ray Wang, founder and principal analyst at Constellation Research, says the company is looking to move away from activist investors like Icahn and Elliott Management to more traditional institutional investors. “Michael Dell is attempting to rid his short-term activist shareholders for more mid- to long-term institutional types as he goes public again,” Wang explained.

As the company returns to the public markets, it means it is in the fairly unique position of going from public to private to public again. Dell originally went public in 1988 before taking the company private again in 2013 in a $24.4 billion buy-back.

At least one other company, Deltek, took a similar path over a decade ago. It eventually was sold to private equity firm Thoma Bravo for $1.1 billion in 2012 before being sold again in 2016 for $2.8 billion.

The Cloud Native Computing Foundation adds etcd to its open-source stable

The Cloud Native Computing Foundation (CNCF), the open-source home of projects like Kubernetes and Vitess, today announced that its technical committee has voted to bring a new project on board. That project is etcd, the distributed key-value store that was first developed by CoreOS (now owned by Red Hat, which in turn will soon be owned by IBM). Red Hat has now contributed this project to the CNCF.

Etcd, which is written in Go, is already a major component of many Kubernetes deployments, where it functions as a source of truth for coordinating clusters and managing the state of the system. Other open-source projects that use etcd include Cloud Foundry, and companies that use it in production include Alibaba, ING, Pinterest, Uber, The New York Times and Nordstrom.

“Kubernetes and many other projects like Cloud Foundry depend on etcd for reliable data storage. We’re excited to have etcd join CNCF as an incubation project and look forward to cultivating its community by improving its technical documentation, governance and more,” said Chris Aniszczyk, COO of CNCF, in today’s announcement. “Etcd is a fantastic addition to our community of projects.”

Today, etcd has well over 450 contributors and nine maintainers from eight different companies. The fact that it ended up at the CNCF is only logical, given that the foundation is also the host of Kubernetes. With this, the CNCF now plays host to 17 projects that fall under its “incubated technologies” umbrella. In addition to etcd, these include OpenTracing, Fluentd, Linkerd, gRPC, CoreDNS, containerd, rkt, CNI, Jaeger, Notary, TUF, Vitess, NATS Helm, Rook and Harbor. Kubernetes, Prometheus and Envoy have already graduated from this incubation stage.

That’s a lot of projects for one foundation to manage, but the CNCF community is also extraordinarily large. This week alone about 8,000 developers are converging on Seattle for KubeCon/CloudNativeCon, the organization’s biggest event yet, to talk all things containers. It surely helps that the CNCF has managed to bring competitors like AWS, Microsoft, Google, IBM and Oracle under a single roof to collaboratively work on building these new technologies. There is a risk of losing focus here, though, something that happened to the OpenStack project when it went through a similar growth and hype phase. It’ll be interesting to see how the CNCF will manage this as it brings on more projects (with Istio, the increasingly popular service mesh, being a likely candidate for coming over to the CNCF as well).

TechSee nabs $16M for its customer support solution built on computer vision and AR

Chatbots and other AI-based tools have firmly found footing in the world of customer service, used either to augment or completely replace the role of a human responding to questions and complaints, or (sometimes, annoyingly, at the same time as the previous two functions) sell more products to users.

Today, an Israeli startup called TechSee is announcing $16 million in funding to help build out its own twist on that innovation: an AI-based video service, which uses computer vision, augmented reality and a customer’s own smartphone camera to provide tech support to customers, either alongside assistance from live agents, or as part of a standalone customer service “bot.”

Led by Scale Venture Partners — the storied investor that has been behind some of the bigger enterprise plays of the last several years (including Box, Chef, Cloudhealth, DataStax, Demandbase, DocuSign, ExactTarget, HubSpot, JFrog and fellow Israeli AI assistance startup WalkMe), the Series B also includes participation from Planven Investments, OurCrowd, Comdata Group and Salesforce Ventures. (Salesforce was actually announced as a backer in October.)

The funding will be used both to expand the company’s current business as well as move into new product areas like sales.

Eitan Cohen, the CEO and co-founder, said that the company today provides tools to some 15,000 customer service agents and counts companies like Samsung and Vodafone among its customers across verticals like financial services, tech, telecoms and insurance.

The potential opportunity is big: Cohen estimates there are about 2 million customer service agents in the U.S., and about 14 million globally.

TechSee is not disclosing its valuation. It has raised around $23 million to date.

While TechSee provides support for software and apps, its sweet spot up to now has been providing video-based assistance to customers calling with questions about the long tail of hardware out in the world, used for example in a broadband home Wi-Fi service.

In fact, Cohen said he came up with the idea for the service when his parents phoned him up to help them get their cable service back up, and he found himself challenged to do it without being able to see the set-top box to talk them through what to do.

So he thought about all the how-to videos that are on platforms like YouTube and decided there was an opportunity to harness that in a more organised way for the companies providing an increasing array of kit that may never get the vlogger treatment.

“We are trying to bring that YouTube experience for all hardware,” he said in an interview.

The thinking is that this will become a bigger opportunity over time as more services get digitised, the cost of components continues to come down and everything becomes “hardware.”

“Tech may become more of a commodity, but customer service does not,” he added. “Solutions like ours allow companies to provide low-cost technology without having to hire more people to solve issues [that might arise with it.]”

The product today is sold along two main trajectories: assisting customer reps; and providing unmanned video assistance to replace some of the easier and more common questions that get asked.

In cases where live video support is provided, the customer opts in for the service, similar to how she or he might for a support service that “takes over” the device in question to diagnose and try to fix an issue. Here, the camera for the service becomes a customer’s own phone.

Over time, that live assistance is used in two ways that are directly linked to TechSee’s artificial intelligence play. First, it helps to build up TechSee’s larger back catalogue of videos, where all identifying characteristics are removed with the focus solely on the device or problem in question. Second, the experience in the video is also used to build TechSee’s algorithms for future interactions. Cohen said there are now “millions” of media files — images and videos — in the company’s catalogue.

The effectiveness of its system so far has been pretty impressive. TechSee’s customers — the companies running the customer support — say they have on average seen a 40 percent increase in customer satisfaction (NPS scores), a 17 percent decrease in technician dispatches and between 20 and 30 percent increase in first-call resolutions, depending on the industry.

TechSee is not the only company that has built a video-based customer engagement platform: others include Stryng, CallVU and Vee24. And you could imagine companies like Amazon — which is already dabbling in providing advice to customers based on what its Echo Look can see — might be interested in providing such services to users across the millions of products that it sells, as well as provide that as a service to third parties.

According to Cohen, what TechSee has going for it compared to those startups, and also the potential entry of companies like Microsoft or Amazon into the mix, is a head start on raw data and a vision of how it will be used by the startup’s AI to build the business.

“We believe that anyone who wants to build this would have a challenge making it from scratch,” he said. “This is where we have strong content, millions of images, down to specific model numbers, where we can provide assistance and instructions on the spot.”

Salesforce’s interest in the company, he said, is a natural progression of where that data and customer relationship can take a business beyond responsive support into areas like quick warranty verification (for all those times people have neglected to do a product registration), snapping fender benders for insurance claims and of course upselling to other products and services.

“Salesforce sees the synergies between the sales cloud and the service cloud,” Cohen said.

“TechSee recognized the great potential for combining computer vision AI with augmented reality in customer engagement,” said Andy Vitus, partner at Scale Venture Partners, who joins the board with this round. “Electronic devices become more complex with every generation, making their adoption a perennial challenge. TechSee is solving a massive problem for brands with a technology solution that simplifies the customer experience via visual and interactive guidance.”

How Internet Savvy are Your Leaders?

Back in April 2015, I tweeted about receiving a letter via snail mail suggesting the search engine rankings for a domain registered in my name would suffer if I didn’t pay a bill for some kind of dubious-looking service I’d never heard of. But it wasn’t until the past week that it become clear how many organizations — including towns, cities and political campaigns — actually have fallen for this brazen scam.

Image: Better Business Bureau.

The letter I tweeted about was from a company called Web Listings Inc., and it said I should pay a $85 charge for an “annual web site search engine” service.

The first clue that this was probably a scam was the letter said halfway down in capital letters “THIS IS NOT A BILL,” although it sure was made to look like one. Also, the domain it referenced was “fuckbriankrebs.com,” which was indeed registered using my street address but certainly not by me.

The sad truth is plenty of organizations *are* paying the people behind this charade, which is probably why Web Listings has been running it continuously for more than a decade. Most likely that’s because some percentage of recipients confuse this notice with a warning about a domain name they own that is about to expire and needs to be renewed.

We know plenty of people are getting snookered thanks to searchable online records filed by a range of political campaigns, towns, cities and municipalities — all of which are required to publicly report how they spend their money (or at least that of their constituents).

According to a statement filed with the Federal Election Commission, one of the earliest public records involving a payment to Web Listings dates back to 2008 and comes from none other than the the 2008 Hillary Clinton for President fund.

The documents unearthed in this story all came compliments of Ron Guilmette, a most dogged and intrepid researcher who usually spends his time tracking down and suing spammers. Guilmette said most of the public references he found regarding payments to Web Services Inc. are from political campaigns and small towns.

“Which naturally raises the question: Should we really be trusting these people with our money?” Guilmette said. “What kind of people or organizations are most likely to pay a bill that is utterly phony baloney, and that actually isn’t due and payable? The answer is people and organizations that are not spending their own money.”

Also paying $85 (PDF) to Web Listings was the 2015 campaign for Democrat Jim Kenney, the current mayor of Philadelphia.

A fund for the New York City Council campaign of Zead Ramadan (D) forked over $85 to Web Listings in 2013.

Also in 2013, the Committee to Elect Judge Victor Heutsche (D) paid $85 to keep his Web site in good standing with Web Listings. Paul T. Davis, a former Democratic state representative from Kansas handed $85 (PDF) to Web Listings in 2012.

Image: Better Business Bureau.

Lest anyone think that somehow Democratic candidates for office are more susceptible to these types of schemes, a review of the publicly-searchable campaign payments to Web Listings Inc. uncovered by Guilmette shows a majority of them were for Web sites supporting Republican candidates.

The Friends of Mike Turzai committee spent $65 in 2010 on the GOP Representative from Pennsylvania.

The fundraising committee for Republican Dick Black‘s 2012 campaign for the Virginia Senate also paid Web Listings Inc. $85. The campaign to elect Ben Chafin as a Republican delegate in Virginia in 2013 also paid out

Robert Montgomery, a former GOP state representative in Kansas, paid $85 (PDF) to Web Listings in 2012.

Those in charge of the purse strings for the “Friends of GOP New York State Senator Tom Croci” fund paid $65 in 2011 to keep his political Web site full of search engine goodness.

Paying $85 each to Web Listings in 2012 were the judicial campaigns for Louisiana GOP Judge John Slattery, and Lynn Donald Stewart, who successfully got re-elected to the Nevada state assembly that year.

Perhaps the most reliable customers of Web Listings’ dubious services have been cities, towns and municipalities across the United States. Somehow, the people in charge of the purse strings for Simpson County, Kentucky paid $85 notices from Web Listings Inc. three years in a row (2016, 2017 and 2018).

Other state and local governments that paid Web Listings for their imaginary services include El Paso County in Texas; the city council of Watertown, S.D.; the City of Cudahy, Wisconsin; the Village of Bedford Park in Cook County, Illinois; the city council in Osawatomie, Kansas; the board of supervisors in Clarke County, Iowa; Lake County, Colorado; the Morenci Areas Schools in Morenci, Michigan. 

Guilmette even found a number of bankruptcy cases where a creditor named “Web Listings, Inc.” was listed, with an amount owed being either the old price of $65.00 or else the new price of $85.00, including a creditor in the University General Health System, Inc. et. al. bankruptcy (PDF); Blue Ridge Wood Products Inc.; and an organization called Advanced Solids Control LLC (PDF). 

A review of the complaints about Web Listings Inc. left over the past few years at the Better Business Bureau suggests that many recipients of this scam are confusing the mailer with a late payment notice from their domain registrar. As such, it’s likely this phony company has scammed a ridiculous number of consumers over the years, Guilmette observed.

“I’m sure they’ve conned a zillion other people who were spending their own money,” he said. “These are only the ones for which public records are available online.”

Stay tuned for Part Two of this story, which will look at some clues about who may be responsible for this long-running racket.

Malicious Media | Why Your Endpoints Need Device Control

The U in USB is more than appropriate: “Universal” pretty much describes both the range of devices that can be plugged in to the port and its prevalence. USB ports are all over your enterprise network, on virtually every workstation and notebook. But how dangerous is the USB port and how important is it that your security solution gives you visibility and control over what’s being sideloaded onto your network? Let’s take a look at the top five threats associated with the USB port.

1. Auto-run and Other Attacks

We’ve all heard of Stuxnet, the now-famous attack on air-gapped computers in an Iranian nuclear fuel enrichment plant that later leaked into the wild. Stuxnet leveraged the fact that peripheral devices will automatically display an icon on the Desktop, and combined that along with a zero-day vulnerability in Windows Shell to achieve remote code execution.

That’s a dramatic example of a whole class of vulnerabilities associated with auto-run, cold boot attacks and preset commands that take advantage of the way operating systems identify, enumerate, and interact with USB protocols and standards. Loading a maliciously-crafted file onto an ordinary flash drive can have devastating effects.

2. Rubber Ducky and Friends

Looks can be deceiving, and in this case not everything that looks like a simple data storage device is what it seems. Thumb drives may seem like passive data storage devices, but they are actually mini-computers. They contain a small onboard microcontroller unit with its own CPU, RAM and ROM. Essentially, these are used to manage the NAND flash storage, and for the thumb drive to identify itself to a host by reporting what kind of device it is. Those functions can be spoofed by other MCUs like Teensy and Rubber Ducky, housed inside a regular flash drive case. While the user thinks they’re inserting a storage device, the malicious peripheral can report itself as a keyboard or mouse and start sending automated keyboard strokes and clicks to control the host, traverse the file system or open applications.

3. Flashed Firmware

More difficult to pull off, but a number of researchers have demonstrated attacks that patch or replace the firmware of a regular USB device to carry out malicious attacks. These vary from injecting keyboard strokes to capturing network traffic via a reprogrammed USB-ethernet adapter. In one demonstration, researchers discussed how modifying a few bytes of firmware code could make a user think that data saved on the device was encrypted, when in fact the data could be accessed by any password.

4. Denial of Service

Disgruntled employees, fierce competitors or hacktivists “in it for the lulz” are just some of the people that could use your unguarded USB ports to destroy a laptop or workstation with USB.Killer. This malicious device sends repeated power surges to any machine it’s plugged in to. In most cases, this leads to fatal damage to the computer’s logic board.

5. Data Exfiltration

Most enterprise attacks are about making money and data theft, and the USB port is an ideal entry point for cyber thieves. From invisible partitions to simple copy and pasting, an unprotected USB port makes it easy for criminals to transfer confidential information without permission. Given the small size but high capacity of thumb drives, this could be anything from client databases and confidential emails to product specifications and just about any IP you possess. Even the NSA lost control of its assets when an employee copied APT hacking tools onto a flash drive and took it home!

Wrap It Up!

To protect against these threats it’s important that your security software implements device control and gives you the capability to manage the use of USB and other peripheral devices across your entire network. Together with SentinelOne Endpoint Firewall Control feature, Device Control provides what some considered the missing pieces to fully replace legacy antivirus (AV) solutions with its next-gen product. Like other features of the platform, these are delivered via SentinelOne’s single agent, single codebase, single console architecture. As SentinelOne’s worldwide deployment grows, we continue to focus on solving the problems our customers care about. Device Control is available starting with Eiffel/2.8 agents.

To see a demo of SentinelOne Device Control, visit our feature spotlight.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Windows Security

 

Trello acquires Butler to add power of automation

Trello, the organizational tool owned by Atlassian, announced an acquisition of its very own this morning when it bought Butler for an undisclosed amount.

What Butler brings to Trello is the power of automation, stringing together a bunch of commands to make something complex happen automatically. As Trello’s Michael Pryor pointed out in a blog post announcing the acquisition, we are used to tools like IFTTT, Zapier and Apple Shortcuts, and this will bring a similar type of functionality directly into Trello.

Screenshot: Trello

“Over the years, teams have discovered that by automating processes on Trello boards with the Butler Power-Up, they could spend more time on important tasks and be more productive. Butler helps teams codify business rules and processes, taking something that might take ten steps to accomplish and automating it into one click,” Pryor wrote.

This means that Trello can be more than a static organizational tool. Instead, it can move into the realm of light-weight business process automation. For example, this could allow you to move an item from your To Do board to your Doing board automatically based on dates, or to share tasks with appropriate teams as a project moves through its life cycle, saving a bunch of manual steps that tend to add up.

The company indicated that it will be incorporating the Alfred’s capabilities directly into Trello in the coming months. It will make it available to all levels of users, including the free tier, but they promise more advanced functionality for Business and Enterprise customers when the integration is complete. Pryor also suggested that more automation could be coming to Trello. “Butler is Trello’s first step down this road, enabling every user to automate pieces of their Trello workflow to save time, stay organized and get more done.”

Atlassian bought Trello in 2017 for $425 million, but this acquisition indicates it is functioning quasi-independently as part of the Atlassian family.

Kong launches its fully managed API platform

API platform Kong, which you may remember under its previous name of Mashape, is launching its new Kong Cloud service today. Kong Cloud is the company’s fully managed platform for securing, connecting and orchestrating APIs. Enterprises can deploy it to virtually any major cloud platform, including AWS, Azure and Google Cloud, and Kong will handle all of the daily drudgery of managing it for them.

At the core of Kong Cloud is Kong, the company’s open source microservices gateway. The company already offers an enterprise version of Kong under the Kong Enterprise brand, but it’s up to enterprises to manage this version by themselves.

“Customers running Kong Enterprise on-prem and self-managed are often running it multi cloud. They are running it from  AWS, to Azure, Google Cloud, Pivotal Cloud Foundry or bare metal. It’s all over the place,” Kong co-founder, president and CEO Augusto Marietti told me. “But not all of them have massive engineering organizations, so Kong multi-cloud is our managed version of Kong as a service that can run on any cloud.”

With Kong Cloud, the company monitors and manages the service, giving enterprises an end-to-end API platform and developer portal. The company handles updates and all the other operational tasks. In terms of the overall functionality (think governance, security features etc.), this is essentially Kong Enterprise. Indeed, Marietti stressed that the two are meant to be one-to-one compatible, in part because he expects that some companies will use both versions, depending on their teams’ needs.

Marietti told me that Kong now has more than 85 employees and more than 100 enterprise customers. These include the likes of Zillow, Soulcycle and Expedia. Year-over-year, the company tells me, its bookings have grown 9x and the Kong open-source tool has now been downloaded more than 54 million times.

The company rebranded as Kong in October 2017, in part to signify that its ongoing focus would be on microservices in the enterprise and the Kong tool, which it open sourced in 2015. Ahead of its rebranding exercise, Mashape/Kong sold off its API marketplace to RapidAPI. The marketplace was the company’s first product — and Kong was in part developed to support it — but in the end, the company decided that its focus was going to be on Kong itself. That move seems to be paying off now, as enterprises are moving to adopt microservices and often need partners to do so.

Why you need a supercomputer to build a house

When the hell did building a house become so complicated?

Don’t let the folks on HGTV fool you. The process of building a home nowadays is incredibly painful. Just applying for the necessary permits can be a soul-crushing undertaking that’ll have you running around the city, filling out useless forms, and waiting in motionless lines under fluorescent lights at City Hall wondering whether you should have just moved back in with your parents.

Consider this an ongoing discussion about Urban Tech, its intersection with regulation, issues of public service, and other complexities that people have full PHDs on. I’m just a bitter, born-and-bred New Yorker trying to figure out why I’ve been stuck in between subway stops for the last 15 minutes, so please reach out with your take on any of these thoughts: @Arman.Tabatabai@techcrunch.com.

And to actually get approval for those permits, your future home will have to satisfy a set of conditions that is a factorial of complex and conflicting federal, state and city building codes, separate sets of fire and energy requirements, and quasi-legal construction standards set by various independent agencies.

It wasn’t always this hard – remember when you’d hear people say “my grandparents built this house with their bare hands?” These proliferating rules have been among the main causes of the rapidly rising cost of housing in America and other developed nations. The good news is that a new generation of startups is identifying and simplifying these thickets of rules, and the future of housing may be determined as much by machine learning as woodworking.

When directions become deterrents

Photo by Bill Oxford via Getty Images

Cities once solely created the building codes that dictate the requirements for almost every aspect of a building’s design, and they structured those guidelines based on local terrain, climates and risks. Over time, townships, states, federally-recognized organizations and independent groups that sprouted from the insurance industry further created their own “model” building codes.

The complexity starts here. The federal codes and independent agency standards are optional for states, who have their own codes which are optional for cities, who have their own codes that are often inconsistent with the state’s and are optional for individual townships. Thus, local building codes are these ever-changing and constantly-swelling mutant books made up of whichever aspects of these different codes local governments choose to mix together. For instance, New York City’s building code is made up of five sections, 76 chapters and 35 appendices, alongside a separate set of 67 updates (The 2014 edition is available as a book for $155, and it makes a great gift for someone you never want to talk to again).

In short: what a shit show.

Because of the hyper-localized and overlapping nature of building codes, a home in one location can be subject to a completely different set of requirements than one elsewhere. So it’s really freaking difficult to even understand what you’re allowed to build, the conditions you need to satisfy, and how to best meet those conditions.

There are certain levels of complexity in housing codes that are hard to avoid. The structural integrity of a home is dependent on everything from walls to erosion and wind-flow. There are countless types of material and technology used in buildings, all of which are constantly evolving.

Thus, each thousand-page codebook from the various federal, state, city, township and independent agencies – all dictating interconnecting, location and structure-dependent needs – lead to an incredibly expansive decision tree that requires an endless set of simulations to fully understand all the options you have to reach compliance, and their respective cost-effectiveness and efficiency.

So homebuilders are often forced to turn to costly consultants or settle on designs that satisfy code but aren’t cost-efficient. And if construction issues cause you to fall short of the outcomes you expected, you could face hefty fines, delays or gigantic cost overruns from redesigns and rebuilds. All these costs flow through the lifecycle of a building, ultimately impacting affordability and access for homeowners and renters.

Startups are helping people crack the code

Photo by Caiaimage/Rafal Rodzoch via Getty Images

Strap on your hard hat – there may be hope for your dream home after all.

The friction, inefficiencies, and pure agony caused by our increasingly convoluted building codes have given rise to a growing set of companies that are helping people make sense of the home-building process by incorporating regulations directly into their software.

Using machine learning, their platforms run advanced scenario-analysis around interweaving building codes and inter-dependent structural variables, allowing users to create compliant designs and regulatory-informed decisions without having to ever encounter the regulations themselves.

For example, the prefab housing startup Cover is helping people figure out what kind of backyard homes they can design and build on their properties based on local zoning and permitting regulations.

Some startups are trying to provide similar services to developers of larger scale buildings as well. Just this past week, I covered the seed round for a startup called Cove.Tool, which analyzes local building energy codes – based on location and project-level characteristics specified by the developer – and spits out the most cost-effective and energy-efficient resource mix that can be built to hit local energy requirements.

And startups aren’t just simplifying the regulatory pains of the housing process through building codes. Envelope is helping developers make sense of our equally tortuous zoning codes, while Cover and companies like Camino are helping steer home and business-owners through arduous and analog permitting processes.

Look, I’m not saying codes are bad. In fact, I think building codes are good and necessary – no one wants to live in a home that might cave in on itself the next time it snows. But I still can’t help but ask myself why the hell does it take AI to figure out how to build a house? Why do we have building codes that take a supercomputer to figure out?

Ultimately, it would probably help to have more standardized building codes that we actually clean-up from time-to-time. More regional standardization would greatly reduce the number of conditional branches that exist. And if there was one set of accepted overarching codes that could still set precise requirements for all components of a building, there would still only be one path of regulations to follow, greatly reducing the knowledge and analysis necessary to efficiently build a home.

But housing’s inherent ties to geography make standardization unlikely. Each region has different land conditions, climates, priorities and political motivations that cause governments to want their own set of rules.

Instead, governments seem to be fine with sidestepping the issues caused by hyper-regional building codes and leaving it up to startups to help people wade through the ridiculousness that paves the home-building process, in the same way Concur aids employee with infuriating corporate expensing policies.

For now, we can count on startups that are unlocking value and making housing more accessible, simpler and cheaper just by making the rules easier to understand. And maybe one day my grandkids can tell their friends how their grandpa built his house with his own supercomputer.

And lastly, some reading while in transit:

Bomb Threat Hoaxer, DDos Boss Gets 3 Years

The ringleader of a gang of cyber hooligans that made bomb threats against hundreds of schools and launched distributed denial-of-service (DDoS) attacks against Web sites — including KrebsOnSecurity on multiple occasions — has been sentenced to three years in a U.K. prison, and faces the possibility of additional charges from U.S.-based law enforcement officials.

George Duke-Cohan, 19, caused a massive uproar earlier this year after communicating a series of bomb threats against 1,700 schools, colleges and universities across the United Kingdom. But shortly after being arrested on suspicion of the threats and released, Duke-Cohan was back at it again — this time expanding his threats to include schools in the United States.

One of many tweets from the attention-starved Apophis Squad, which launched multiple DDoS attacks against KrebsOnsecurity over the past few months.

At the same time, authorities in the U.K. and U.S. discovered that Duke-Cohan was responsible for falsely reporting the hijack of a plane bound for the United States. That flight, which had almost 300 passengers on board, was later quarantined in San Francisco pending a full security check.

Duke-Cohan was part of an attention-seeking group of ne’er-do-wells who called themselves the Apophis Squad. Duke-Cohan and his crew modeled themselves after the actions of the Lizard Squad, another group of e-fame seeking online hoodlums who also ran a DDoS-for-hire service, called in bomb threats to airlines, DDoSed this Web site repeatedly and whose members were nearly all subsequently arrested and charged with various cybercrimes.

Indeed, until recently the Apophis Squad’s Web site and DDoS-for-hire service was hosted on the same Internet server used by a handful of other domains that were tied to the Lizard Squad.

Earlier this year, KrebsOnSecurity.com came under sustained attack from the Apophis Squad, who took to Twitter to taunt this author while the attacks were underway. Duke-Cohan and other Apophis Squad members also attacked the free email service Protonmail, even as all of them continued to use their Protonmail accounts to communicate about the attacks.

KrebsOnSecurity assisted Protonmail in its investigation into the attacks, and the company later credited this author with helping to identify Duke-Cohan as the driving force behind the DDoS attacks.

Sources close to the investigation say Duke-Cohan may yet see additional charges from U.S.-based authorities. Also, several other members identified by this author as alleged co-conspirators along with Duke-Cohan have not yet been charged with a crime either in the U.K. or in the United States.

It’s not always fun when your site isn’t responsive because of determined attacks from groups like the Apophis Squad, but I try not to get too bent out of shape when these attacks do occur — mainly for two reasons: Firstly, those responsible typically end up getting busted and going to jail. Also, I usually get at least one good story out of it. In this case, make that two good stories.

Further reading:

Schools Bomb Hoaxes: Teenager Jailed for Nationwide Threats

A video of the the U.K. National Crime Agency (NCA) questioning and detaining Duke-Cohan.