403 comments

[ 7.0 ms ] story [ 234 ms ] thread
"My YC app: Dropbox - Throw away your USB"

Apr 4, 2007

https://news.ycombinator.com/item?id=8863

Those comments are a lot of fun to read through. It seems like, at least on HN, people were generally positive about Dropbox. A lot of comments about solving a problem (more so for windows users) and having a good demo.
There's always that one guy asking why a product exists when it's "trivial" to spin up and manage yourself.
That comment is my personal favorite HN naysayer comment of all time:

> you can already build such a system yourself quite trivially by getting an FTP account, mounting it locally with curlftpfs, and then using SVN or CVS on the mounted filesystem

Yes, absolutely trivial. Even a child could do it. /s

Just smelt some silicon, yadda, yadda, yadda. Trivial.
Do companies typically announce an IPO on a Friday, right before market close?
an S1 isn't an IPO it's a preliminary to an IPO.
Doesn't seem like. Facebook 2012: Wednesday, Twilio 2016: Thursday, Snap 2017: Thursday
Looking at data from the last couple of years, it appears that filling on Friday is pretty common. (see ipomonitor.com for data).

  pbpaste |sort|uniq -c|sort -k1nr
    614 Friday
    436 Monday
    339 Thursday
    326 Tuesday
    283 Wednesday
      2 Sunday
I love this site. Thanks
Those two on Sunday are interesting. I wonder if they are data errors and were really Monday but in another time zone.
Congratulations to them.

I don't really understand why anyone would use dropbox given the multitude of different offerings out there. I'm curious if anyone who uses them can give me a take on why I should use them. I currently use Google Drive + Google Docs and am very satisfied. I pay for 1 TB of storage for personal work / storage.

They are used by lots of businesses. It’s just for personal use.
Wait I think you're missing a word there...
I guess it still works, and it's just what we've always been using. It's probably the first thing that most people used like this, and it still gets the job done for most people, I'd guess.
My two reasons:

1) More people use Dropbox, which makes sharing easier.

2) First-class support for Linux

Dropbox never worked on Linux for me. It was buggy and maxed out my CPU. They didn't even provide proper changelogs at the time.. not sure if they do now? Is their application open source? Rclone works with Google Drive just fine, and it is unlimited storage.
I had a major data-loss (recommended third-party element for KDE may have been responsible; was using free version), haven't used it since.

It's very similar to IMAP in the way a major data loss can be sync-ed. Would love to have "only mark remote deletions" (in both! with option to perform deletion locally on request), perhaps it's in there now, or part of the paid version.

I've been using the free tier of Dropbox on Linux (Arch Linux, Debian, Ubuntu) for years and I've never had an issue.
For me its because I can directly link to images and text files as opposed to One drive or Google drive.
For me the reason is that Google Drive doesn't work on Linux.
rclone works really well, and even supports Team Drives.
I know this isn't a very good answer for most people, but for me at least, I trust Dropbox way more than Google. I really dislike the direction and influence Google has on the Web right now, and I'm more or less ideologically opposed to them as a company (and in general, any giant monopolistic company).

I hate the fact that I have to "vote with my dollar," but in the end I just feel better giving my money to an "independent" company like Dropbox or Snapchat than to Google or Facebook.

I don't. Google provides way more for a lot less money. You can encrypt your own content on either providers. For GSuite you get literally almost every service you can imagine, include a phone number that you can make unlimited calls to/from landlines with using your computer.
It's not just about cost-effectiveness, it's about which company is making the Web a better place — and I see a lot of Google's activities actively moving in the wrong direction.

For me, it's more about the companies than the product (which, like I said, is probably an unsatisfactory criteria for most people).

Glad you're enjoying Google's services though :)

In a lot of ways making the world a better place is about cost-effectiveness, and honestly what is Dropbox doing? Are they the main contributor to Nextcloud? Yeah, Google isn't much better in that regard, but I can buy a descent $199 unlocked Android phone now at Costco, and have all of Google services integrated. They also provide a lot of descent open source tools. Have you tried Kubernetes? :)
> In a lot of ways making the world a better place is about cost-effectiveness

I think we just have different worldviews. Certainly economics are important, but I try not to boil everything down to dollars and cents.

And for sure, Google has done a ton of useful and interesting things that I'm grateful for. But they also contribute to undermining online privacy, and use their size to wield disproportionate power in politics, etc. etc.

The CEO of Dropbox is listed as a founder of FWD.us:

https://en.wikipedia.org/wiki/FWD.us#Keystone_XL_oil_pipelin...

I agree that Google contributes to undermining online privacy, but I still don't see Dropbox doing more in that regard. I'm sorry, but I really am not a fan of Dropbox after my experience with them, so I am inclined to be a vocal critic of their service (or lack thereof).

The last thing I want is to get all my services from the same provider.
I got tired of keeping track of changes at Google, plus their programs are very heavy in power consumption. Dropbox is quick, has always worked for me, and you don't even notice it in the background.

I try not to touch Microsoft stuff because of their constant changes too, and I was annoyed at their advertisements in Windows 10. I'd rather just not deal with any of their stuff.

I would probably stop using Dropbox if Apple started offering the ability to share folders with other iCloud users.

(comment deleted)
I do. I used to use Google Drive but then Google renamed the PC app and discontinued it and rather trying to figure out what I have to use instead I just said screw it and grabbed Dropbox. Plus many apps I want to use are integrated into Dropbox far better than anything else so it makes using it as a storage area for multiple apps and devices super easy.

I just wish it had a good encryption option like SpiderOak.

If keybase can do half of what it looks like they're going to do they will scratch that itch for you. I use kbfs as my dropbox now and have for a while.
Agreed, Keybase is kicking it up a notch and gotta love me some GnuPG!
Agreed. Thought they would be great at first, but their client uses way too much memory, especially in Linux. Their support was lacking. They don't (or didn't) provide changelogs. I finally switched to rclone and am using Google Drive due to price. Thinking that I'd need automatic syncing, I'm actually happy with manual syncing, so that I can track my changes as well. Crashplan does the automated syncing portion, and then daily or weekly, I will sync to/from Google Drive. I have my Photos sync from Google Photos as well using rclone.
1TB of storage:

- Google Drive: $9.99 (https://www.google.com/drive/pricing/

- Dropbox: $8.25 (https://www.dropbox.com/individual/plans-comparison)

There's one answer for you.

Look into GSuite and see what else you get, in addition to archiving support for Google Drive... and actually, GSuite is unlimited storage... sorry Dropbox, but you lose in terms of price and features.
Depends on what features you need. I don’t need unlimited storage. Dropbox’ sync is far more reliable (see my other comment). Dropbox has Paper, which supports LaTeX equations and can be exported as Markdown. Dropbox has great integration with Microsoft Office and Office Online. Dropbox supports file requests.

The only relevant feature for me that Google Apps offers over Dropbox is email. But I highly prefer FastMail, which respects standards (IMAP, CaldDAV, CardDAV) and not Googles broken implementations.

Sure, but if you literally just want somewhere to store files, then Dropbox is cheaper. That's one reason why someone might prefer it.
You are comparing a monthly plan against an annual plan. Google's annual plan costs $100. Only very slightly more expensive. In addition they have a 200gb plan which is enough for people like me
Fair point, though I'm surprised Google doesn't promote that more, on the pricing page I can't see yearly pricing mentioned anywhere.
I find Dropbox’s sync client to be way more stable and has better operating system integration. Also better API documentation =)
I use Dropbox. There are various reasons. First, Dropbox does block-level sync. If you change a large file, only changed blocks are synced. Secondly, LAN sync, which does peer to peer sync over a local network. Another nice feature is that you can set up file requests, where people can upload files without sharing a folder (which I often use for classes).

Besides lacking these features, Google Drive had some serious deficiencies the last time I tried it. E.g., it was not possible to get a list of shared folders (besides running a Google apps script, which takes a long time to run). The Google Drive client would regularly bail out when syncing a large number of files. And they were permitted to mine user files for ads when you don’t have Google Apps for Work (and it is not clear if your files are indexed for ads if you share a folder with a non-Apps for Work user).

At this point for me, it's lock-in. Even if Box, Google Drive, and OneDrive offered me all the main functionality I use with Dropbox, I still couldn't muster the time/energy it takes to investigate even though I'm a paying ($99 for 100GB or whatever) user. It's not just apathy, though, in the ~10 years I've used Dropbox, I have yet to ever have an issue, while at the same time, it's been such an integral part of my computer usage and workflow.
I use GDrive too, primarily because Dropbox does not have a "middle" storage tier. I do not want 1 TB of storage right now. Google offers 100 GB for $2/month which works much better for me.
Thanks for the responses! I'm always confused by which products people prefer to purchase à la carte and which they prefer to buy in bundles.
When a market is big enough, many people can win!
The major reason for me is their Linux support. I don't think any mainstream provider offers linux support. I also feel their sync is better than both One drive and GDrive. They probably sync the deltas most affectively. Given that this is their only important product, it s bound to have the attention of their best engineers. You can't say the same about Google or MSFT.
I'd rather buy my storage from a storage company than an ad company.
I use Google Drive, but I'd switch to Dropbox in a flash if they offered 100GB pricing package. Mainly because I find the Dropbox app more reliable and syncs quicker than GD. I've had Google Drive or "Backup and Sync" or whatever they call it now crash a few times as well.

But I'm sticking with Google Drive for the time being, I really cannot justify paying £6.59 a month for 1TB of storage, when I'm prettty certain I'd use less than 10% of that.

I tried Google drive for about a year several years ago. It never actually backed up all my files, it would always crash before it finished syncing. I tried for quite a while (many dozens of times over months) and finally gave up and bought Dropbox. Dropbox just worked a heck of a lot better. Maybe this has changed, but why change back if it just works and it isn't expensive?
Dropbox is the most efficient one. They only upload what's been changed. Skydrive/Google Drive upload the entire file. (At least they did 4 years ago when I tried them out.)
For me, there's three reasons:

1) they seem much more accessible to people with @outlook.com, @comcast.net, @yahoo.com, etc. email addresses

2) On a Mac, I've found their syncing to be quicker, more reliable and more efficient than Google Drive. Google Drive does not like network glitches at all, often having to be killed and restarted. I've tried changing ownership of things in Google Drive. Sometimes I can, sometimes I can't. This is a problem when working with things I want to hand over to someone else (for me that's the soccer club, PTA, etc.)

3) I had separate apps for Google Drive and Google Photo backup. Which I liked. Now I have Backup and Sync or whatever they're calling it. Dropbox has been easy to set up and forget.

I have more stored in Google Drive because I buy Chromebooks for me or the kids every couple of years.

Dropbox has better quality software, and I would use them if they had individual plans that just scaled linearly like google drive and amazon drive do.

Because they don't I use amazon drive, which is 2TB @ $10/month. I mostly use it for client side encrypted backups and use about 1.3TB currently.

Also I've noticed many apps if they do integrate with a drive provider, they integrate with dropbox almost all the time, and the others not so much.

Companies like Facebook would prefer Dropbox to store their data over a competitor like Microsoft or Google.
Personally, I have never had an issue with Dropbox on any device that I am running. The very first app I'll install on any new device is Dropbox without even thinking about it. At this point, cloud storage has become an independent category so I don't mind using an additional service that is not part of Google, Microsoft, Amazon, or Apple. Normally I try to consolidate the number of apps/services I use, but Dropbox performs exceptionally well and I trust them.

Congrats to Dropbox on achieving this milestone!

Mega.nz
Descent client yes, but honestly pretty terrible once you compare features. Versioning counts against storage, speed can be slow, questionable company...
Seems like the move away from AWS to it's own infrastrucutre is starting to pay dividends. 33% GM to 67% in two years is certainly impressive!
Friendly heads up: "its" is possessive (like his or hers) whereas "it's" is a contraction of "it" and "is".
You should reassess how you see the world
(comment deleted)
I really want to file this as a bug report in the English language.

   ENG-21238: Contraction for "it is" easily confused with possessive form of "it"
English is my second language and I barely notice most mistakes but this and the death of proper use of "whose" really, really bother me for some reason.
Another great find.

Yeah wasn't Dropbox one of the first big things that was built on top of S3?

Amazing to re-engineer that.

I believe this is the first ever YC company to go public? If so congrats to YC as well as the team at Dropbox.
Curious why going public deserves an applause. Is being private a bad thing?
It's more of a "congrats on the money" applause.
It signifies a milestone. Being single isn't bad but there's no problem celebrating a wedding
Well. For Y-Combinator is a win. It's an opportunity to convert their equity to cash and get a return on their investment.
Private companies that operate at a positive cash-flow are free to distribute profits to shareholders. Sure, going public makes it easier for investors to liquidate their stock, but that doesn't mean you can't get returns from investments in private companies.
As a practical matter, Dropbox is operating at a loss, yet has value as a company because of the expectation that it will hopefully someday turn a profit. IPOing allows Y Combinator, which specializes in early stage investment, to realize a return on their investment and invest in more companies without having to wait even longer.
It's simply a major milestone and (theoretically) a sign that the company has reached a point of stability and market size that it can weather public markets.

It's also an important liquidation event for employees and investors.

(comment deleted)
(comment deleted)
You don’t have to clap.
One could probably make the argument it deserves the opposite of applause.
When you take investment money, it comes with the expectation that there will be a liquidity event. (going public, selling to another corporation) Being private is not a bad thing at all, in fact I would expect most entrepreneurs would prefer that their companies remain private. However you've accepted a faustian bargain once you take money from someone else. Going public is seen as the most desirable liquidity event, since the company still controls its own agency and you maximize choice if/when you want to sell your stake in ownership.
The bot has spoken.

The most important thing out of all, really, is funding through public market.

If you believe the profits of our industry should be captured by more than just a few uber-wealthy, well-connected individuals, you applaud.

Buying a stock on the NYSE is doable with a bit of extra cash and the touch of a button in a trading app these days. Some would argue that even this is too high a barrier for the poor and marginalized, but it makes it possible for at least a portion of the professional class to participate.

Assuming the IPO goes well they should get applause because YC and employees will get liquidity. That said, if the IPO is priced low, employees and some investors may not get a large windfall and may not celebrating too much (kind of like how you do not always celebrate a large down round).
I think that's true. I always thought AirBnb was going to be the first one to go public.
A few years back (2015?) pg was on a panel and asked if YC made any mistakes on the application process. He acknowledged they did — Robert Morris gave a low score and wrote “spam” in the comments section of the application of a particular company that started looking successful, so they refined their process. It seemed clear he was talking about SendGrid which went through TechStars and went public in late 2017.

I don’t know why you still can’t search video transcripts, otherwise that video would be easy to find. Any ideas?

Wasn't Square a YC company? They went public in 2016 I think.
Nope. You're thinking about Stripe
Rough numbers here because BOX hasn't reported full 2017 yet but:

    Dropbox 2017: $1107M Revenue
    Dropbox 2017 Paying Users: 11M
    ARPU: $100 [1]

    Box.com (Q4-16 to Q3-17): $479M Revenue
    Box.com (Q3-17) Paying Users: 9.7M - 10.2M [2]
    ARPU: $47 - $49 [3]

    [1] $1107/11
    [2] "over 17% of our registered users [57M] were paying users"
    [3] 479/10.2 to 479/9.7
Wow, I assumed that Box would've had a higher ARPU given it's focus on enterprise.
Me too. I'm trying to find better ARPU metrics to ensure I'm not misunderstanding that vague "over 17%" statement. As a company they tend to report "Number of Paying Customers" which are businesses and only occasionally reference individual user accounts.

Though simply looking at per user per month pricing:

    Dropbox for Business has $15, $25, and Enterprise
    Dropbox Individual has Free, $10, and $20
    Box.com has $5, $15, $25, and Enterprise
The math doesn't even really make sense though. Dropbox's ARPU is $8/user/mo whereas Box is $4/user/mo. Either the my math is wrong or Box offers some pretty steep Enterprise discounts that work out to <$5/user/mo.
I wouldn't be surprised if the enterprise discount is in fact <$5/u/mo. Seems like a simple conversation, "Why am I paying more per person even though I'm a large client?"

Digging deeper into Dropbox's finances is astounding too. They've added about $150m in additional revenue each year, while cutting their net losses by $100m each year.

Just curious - how's a raw SEC filing preferable to a reliable article summarizing it in non-legalese, providing context with the competition, etc.

Other than lawyers and economists, does anyone ACTUALLY prefer this raw filing?

EDIT: Adding my preferred link: https://www.cnbc.com/2018/02/23/dropbox-ipo-form-s-1-prospec...

The risk factors section is pretty close to a good summary.
well, there's less chance of advertisements, and it gets to the point rather quickly

i am not an economist or lawyer and prefer it

i don't have to worry about a writer/editor injecting personal opinions that i could care less about

> and it gets to the point rather quickly

In a mere 160 pages. Unless you know what to look for it most certainly does not get to the point rather quickly.

then i guess i know what to look for to satisfy myself, I'm not speaking for everyone here, just responding to OP's question
Learning curves can have solid payoff.
I always find juicy information in the S1 that doesn't get reported on right away. Off the top of my head:

* Reliance and risks of Zynga in the Facebook S-1

* Customer acquisition costs in the Blue Apron S-1

* Growth specifics and positioning of algorithms in the StitchFix S-1

* Infrastructure costs in the Snapchat S-1

Besides, an S-1 filing is not written in legalease, it's written in plain language. One of the target audiences is street investors so it's meant to be accessible. I'm looking forward to digging into this one.

Give us the dirt on this one!
There's nothing shocking and I think that bodes very very well for Dropbox. It looks like a solid foundation with great growth.

The standouts to me were -

* They cut costs on an absolute and relative basis for the last two years. This is fantastic and I hope the trend continues.

* I don't understand how the $112 ARPU number foots with their pricing. They are telling a story that "teams" is driving growth but on the surface that's not reflected in the ARPU number. There's some sort of promotional discounting that's happening that isn't exposed here. I hope that they are aggressively managing their promo strategy internally because unchecked it can tank a whole company (see GAP).

* No idea where they expect new users to come from given they have 500M accounts. Presumably people have 2+ dropbox accounts (personal + work). I'm interested to know how many unique active users dropbox has.

What keeps them from making money (asking, not being facetious)?
If they maintain the current trend of lowering costs, keeping headcount growth in line with revenue, and continuing to achieve economies of scale in sales and marketing then they will show a profit in the next couple of years. They don't promise any of this in the S-1 because they need to be extremely conservative in their statements to the public.

To be honest I'm not super familiar with the comps to know how good or bad their numbers are relative to others. But just from their own reporting they look like they are on track. That's not by accident. It's very likely that constructing this trend has been a major focus for the company in the last few years.

> Presumably people have 2+ dropbox accounts (personal + work).

I'd imagine there's quite a few with dozens, as they offer more space (up to a bit over 30 referrals) if you refer new users. I remember "referring" myself with a new email address whenever I'd need an extra 250 MB.

>> No idea where they expect new users to come from given they have 500M accounts.

500M accounts, but only 11M paying users.

Why infrastructure costs in Snapchat ? Doesn't look special ?
Their infrastructure commitments are ridiculously high.

"In its disclosure, Snap has said that it is contractually obligated to “spend $2 billion with Google Cloud over the next five years and have built our software and computer systems to use computing, storage capabilities, bandwidth, and other services provided by Google.” Of the current losses at Snap, more than 80 percent of those funds go straight into Google’s pockets."

https://www.recode.net/2017/2/7/14526832/snap-ipo-snapchat-s...

https://www.forbes.com/sites/quora/2017/02/22/could-snapchat...

https://www.cnbc.com/2017/02/09/snap-cloud-bill-aws-google-c...

EDIT: @dfee How that revenue is recognized is usually based on when the services are delivered, but I am not an accountant.

Imagine the sales commission on that one. “Here’s a $10B - Closed Won”.

When talking about deals that are the enterprise valuations of Fortune 500 companies, do you value the sale as if it were an acquisition? Or, some other way?

$2 billion, not 10.
Still a good reason to become a AWS or GCP sales engineer.
Yeah except imagine instead when you should be due that commission but then they find a creative way to bake it into a new cushy position that they carve out just for you (with no more comms on other deals) and they pay that comm out to you over 5-10 years. And in the process, putting you in a position you dislike in an effort to hope you'll leave some of it at the table.
SNAP's infrastructure story in the S-1 filing was a mess. They had 2016 revenue of $404M with a cost of revenue of $451M. A 5 year, $2 billion dollar vendor lock-in to Google. They basically admitted that Google has them completely by the balls and it costs them $3 per user per year to keep the servers on. Both of these independently are very very bad, together it's a disaster.

Facebook was at $1/user/year in their S-1, Twitter was < $1.

From the SNAP S-1:

"We rely on Google Cloud for the vast majority of our computing, storage, bandwidth, and other services. Any disruption of or interference with our use of the Google Cloud operation would negatively affect our operations and seriously harm our business."

"We have committed to spend $2 billion with Google Cloud over the next five years and have built our software and computer systems to use computing, storage capabilities, bandwidth, and other services provided by Google, some of which do not have an alternative in the market."

For a B2B SAAS company...what's the ideal user cost of infrastructure? (I understand that it depends on the service..but a ratio of profit per user vs cost per user should be close no?)
It surely depends on how much users pay for the service, and how high the non-software costs are.

But in any case, the examples given are B2C free to use products which are generally going to provide... not a ton of revenue per user.

I thought Dropbox's revenue mainly comes from it's business clients - B2B is more $ compared to B2C although B2C might be more profitable as customers might pay the $10/1TB and not really use that much anyways)

Their paying users have increased, but the revenue per user has decreased (based on the S1...which I assume is because of enterprise deals).

This is from the SNAP S1 not the dropbox S1
The ideal cost is as low as possible without sacrificing future scaling needs or development velocity. At some point, you'll start to experience diminishing returns.

It usually goes POC->Cloud provider->Your own gear

apart from the bigger companies (like Fb), have there been any major SaaS companies (esp. B2B but I guess that's trying to be too narrow so B2B & B2C) that have moved from Cloud to their own Data Center? (I know Etsy comes to mind...but apart from them?).
Dropbox: https://techcrunch.com/2017/09/15/why-dropbox-decided-to-dro...

Github: https://githubengineering.com/evolution-of-our-data-centers/

Backblaze: https://www.backblaze.com/blog/our-secret-data-center/

Twitter: https://blog.twitter.com/engineering/en_us/topics/infrastruc...

LinkedIn: http://www.datacenterdynamics.com/content-tracks/design-buil...

FastMail: https://www.fastmail.com/help/ourservice/security.html

Stack Overflow: http://highscalability.com/blog/2014/7/21/stackoverflow-upda...

Wikipedia: https://meta.wikimedia.org/wiki/Wikimedia_servers

OpenStreetMap: https://blog.openstreetmap.org/tag/infrastructure/

The Internet Archive: https://www.theregister.co.uk/2017/11/16/head_like_a_memory_...

Gitlab tried, but didn't have the necessary in-house experience before they made the attempt: https://about.gitlab.com/2017/03/02/why-we-are-not-leaving-t...

Instagram was migrated from AWS onto Facebook's infrastructure: https://www.wired.com/2014/06/facebook-instagram/

WhatsApp was migrated from IBM to Facebook infrastructure: https://www.cnbc.com/2017/06/07/facebook-planning-to-move-wh...

Hacker News and Pinboard (acq. Delicious) run on a single server.

It's not hard, but you do need to know what you're doing and have resources to do it (most orgs rent colo space in someone else's datacenter, they don't build their own). There's a reason AWS margins are so high (which leaves a lot of cost savings to be had when your workload isn't highly variable). Any questions, email is in my profile. I spent ~16 years building data centers, hosting environments, infrastructure, etc.

Many SaaS companies not only lack the ops experience needed to run their own infrastructure (which may be only problem of perception, for me running stuff on dedicated HW in colo center seems like less hassle than dealing with things like AWS) but also the common sense required to not over-engineer the scalability of their solution in the early phases (which falls squarely into the YAGNI teritory, as you can run surprisingly large stuff on two or three physical low-end 1U servers).
I forget which report it was in but the average tech-focused startup spends 10-15% of revenue on infrastructure. Mature businesses spend ~5%.
Note that the modern gospel is any net business dont give a crap about costs, only growth and the ability to raise money.

This has been explicity stated by the saas business ‘gurus’

So even at 3$ per user that goes lower pretty quickly.

Plus they get alliance w/goog. Aws is a force but if i had a choice id have goog as a best friend over amazon.

Preferably id build my own data center and keep those assets.

> modern

If by modern, you mean 2015. Things definitely changed by 2017.

Do you have a 5-second summary of what you mean by "Growth specifics and positioning of algorithms in the StitchFix S-1"? Just the fact that they use algorithms to tailor individual boxes, or do you mean something more specific?
I currently work at an e-commerce company and there has been a ton of debate around how "algorithmically driven" Stitch Fix actually is. The general feel in the space from non-technologists is that computers cannot do this job well now and won't be able to do it well in the near future. Stitch Fix makes it a major brand point that computers are an important part of the process. So the real question is - are they making this point because it's true or because it helps their valuation (tech co. 5-10x multiples instead of ecomm 1-4x multiples).

The way Stitch Fix talks about it in their S-1 makes it seem like the latter is the priority. I'm not yet convinced that the practical value driven by algorithms at Stitch Fix is up to par with how much they talk about it.

I was interested in growth to understand both their growth rate but also to get a feel if it was driven by increasing user acquisition costs like Groupon, Blue Apron, etc or if it was organic.

> Stitch Fix makes it a major brand point that computers are an important part of the process

(which even if you disregard everything else is a really good line to take if you're after recruiting good machine learning engineers!)

You hit the nail on the head. They also reveal this strategy through their data science "thought leadership" posts, which are seemingly meant to appeal to data folks (own your code! add value through modeling! don't worry about collaborating with engineers!) but do not reflect the realities of industrial data science.

(Note: I'm biased and tweetstormed about Stitch Fix's most recent blog post earlier today. https://twitter.com/achompas/status/967085860763193345)

(comment deleted)
I've worked in fashion before and I'm a machine learning pratictoner now.

I never tried myself but it seems quite feasible to build a decent profile of someones taste in fashion from a bit of data.

Fast fashion gave us the logistics (no more 9mo from concept to store). But Zara and friends still supply only the major trends. We're still missing for someone to reliably market the "long tail".

> I never tried myself but it seems quite feasible to build a decent profile of someones taste in fashion from a bit of data.

I've thought about this as well. How would you personally try to build this profile for users, then market to them based on it?

You could initially present a user some images to assess it's preferences and use some recommender system (collaborative filtering), a la Netflix.

That could give you an starting point. But I believe the main issue is that fashion products have, by definition, short shelf life, so you can't run the algos on SKU data. Then you can use deep learning on product images + user categorical data to try to predict preferences, maybe simple binary classification?

I guess using images as input should give better features than textual description.

Seeing what people themselves like doesn't sound a good way to determine what fashion they'd buy. Fashion is about a consensus largely established by a cabal of sellers; users surely want to find out what is fashionable? Fashion is mainly about what other people like.
Oh, that's largely a myth. These seller do have some influence, but it's much less important than what they want you to perceived. Fashion tastes comes from a lot of sources and some is part of your identity.

That's part of what makes this industry hard.

> You could initially present a user some images to assess it's preferences and use some recommender system (collaborative filtering), a la Netflix.

You would have to tag the hell out of these photos, right? Disambiguating preferences is the challenge -- the user may have liked images #3 and #7, but why? Specific items, or the color palette, or the silhouette, or just the model? A post by Chicisimo on the front page addresses these hurdles [1].

I've also seen some of these image recognition apps in action -- they pick up on patterns and color very well, but struggled with silhouette.

[1] https://hackernoon.com/how-we-grew-from-0-to-4-million-women...

Ask them for access to their Facebook photos, get them to tag themselves and then build an embedding of their fashion choices.
Chris Moody knows more about this than anyone in the world, and everything he writes about on the Stitch Fix blog seems so far ahead of what other people are talking about I really do believe that they have a real technology advantage.

It seems similar to talking to people at Google in the early days. The thing that they cared about from an engineering point of view seemed weird and they language was alien. 3 years later the rest of the world hits the same problem and I remember the conversations and think "oh so this is what they were talking about".

This is my biggest concern with the Dropbox platform summed up in the filing:

* Our business could be damaged, and we could be subject to liability if there is any unauthorized access to our data or our users’ content, including through privacy and data security breaches.

They have made progress. They managed to get SoC II compliance for all of their offerings. They now offer HIPAA compliant hosting as well.

Not that long ago though (circa 2013) I remember a series of articles that made it clear that DropBox employees had access to customer data.

That spooked me enough to recommend folks pair it with https://www.sookasa.com/ if they were going to use it.

For a single user with no need to share access, you can also just stick everything in a VeraCrypt vault stored on Dropbox. Dropbox seems pretty good at updating only the parts of the vault that have changed, versus the entire (sometimes huge) vault file. I've heard OneDrive updates the entire vault file every time, although I haven't experimented with it myself.
Dropbox, GDrive, Box, OneDrive, etc. aren't using zero-knowledge encryption, so it must be technically feasible for them to access user data. If a company has a forgotten password reset feature, it's a good sign that it's possible for them to access your data.

You have to trust the company providing the service, right? Of course in practice, accessing user data should be tightly controlled and require good business reasons and levels of approval.

Zero-knowledge alternatives like Spideroak exist, but this approach makes them sacrifice features. (and doesn't appear very popular based on market share)

It's not as black and white as all that. In the early days, it was probably a trivial operation for any employee to examine any customer's dropbox content. Hopefully these days the prod machines and backups.are walled from all but a rotating team of SREs, whose own actions on them are subject to audit.
I wonder how spideroak.com compares.
The point of that section of an S-1 is to try and disclose every possible risk so that investors can't accuse you of hiding risks later on.

So, when quoted out of context it sounds really extreme.

Early at my days at Syncplicity, (a Dropbox competitor,) I specked out what was needed for true client-side encryption with no ability to decrypt on the server. It's very easy to do, from a technical standpoint.

(We solve the problem by letting our large customers run their own servers, with their own authentication via single sign on.)

The problem is that the user experience for client-side encryption is awful! Every shared folder will need its own key, and users would need to manage and share their keys outside of our system. That is not sustainable.

But then the major feature set breaks down. Want to access your files in a browser? Not with client-side encryption. Want to email someone a hyperlink to a file? Not with client side encryption.

The major lesson is that the world operates on trust. We can only stay in business if our customers trust us.

> The problem is that the user experience for client-side encryption is awful! Every shared folder will need its own key, and users would need to manage and share their keys outside of our system. That is not sustainable.

But then the major feature set breaks down. Want to access your files in a browser? Not with client-side encryption. Want to email someone a hyperlink to a file? Not with client side encryption.

I do all of this with Boxcryptor. I might be misunderstanding you - do you mean decrypt it without first downloading it from the browser? Because yes, that’s not strictly possible.

But Boxcryptor implements a small wrapper around directories and generates a public/private key pair tied to email addresses. You can client-side encrypt a file with your - or anyone else’s - public key by moving the file into the directory. You can also change the file’s encryption to add or revoke access by multiple users.

If you wrap Boxcryptor around your local Google Drive, Dropbox, Box, etc. directory, it automatically client-side encrypts, then uploads new files. Then you can share a hyperlink to share encrypted files without exchanging keys with anyone. The usability is so great I’ve been able to use this with non-technical clients. You can even use your own key pairs.

There's also no deduplication with client-side encryption.
Doesn’t homomorphic encryption allow for this?

http://ieeexplore.ieee.org/document/7255226/

No. It doesn't.
Can you explain?
The whole point of encryption is that you cannot meaningfully compare 2 pieces of plaintext.

Homomorphic encryption doesn't change that.

The only way to compare plaintext is to decrypt the whole thing. So either you must trust a centralized org (like dropbox today), or you must trust a single centralized key (that could be done with homomorphic encryption).

(Also the best homomorphic algorithms still make small programs take days to execute)

Consider a scheme in which:

Each user generates a symmetric "user key", kU.

The plaintext of each file (or without loss of generality, block of data, etc.), pFile, is encrypted with a randomly generated symmetric key, kFile, producing the ciphertext cFile. pFile is also hashed with a cryptographically strong hash, producing hpFile. kFile is then encrypted with hFile, producing ckFile. The user encrypts pFile with kU, producing chpFile. Finally, the user takes the first N bits of hpFile (for N on the order of, say, 16 or 32), producing hpFileTrunc. The user then submits hpFileTrunc to the server.

The server is, semantically, just a list of 3-tuples: (cFile, ckFile, hpFileTrunc).

The server sees if it knows of the existence of records with the same hpFileTrunc value as the client's submission. If so, it returns them to the client.

The client then tries, for each record returned by the server, decrypting ckFile2 with the client's hFile value, potentially producing kFile. If this is successful, the client then decrypts cFile with kFile, producing pFile. Finally, it compares this pFile to the original. If it matches, a match has been found, and the client exits the loop. If not, (or if either of the two decryption steps failed), it continues to the next record the server returned. If there are no more records, the client instead submits the tuple (cFile, ckFile, hpFileTrunc) to the server, which stores it.

Finally (whether or not a match was found), the client stores chpFile locally, to be used when retrieving the file.

To retrieve the file, the user decrypts chpFile with kU, producing hpFile. They truncate hpFile, producing hpFileTrunc, and submit it to the server. They perform the same process described earlier to retrieve the matching pFile.

(Note: truncation may also be replaced by, or combined with, a second round of hashing.)

With this scheme, assuming secure primitives (authenticated encryption and hashing), I don't believe it's possible to learn any information about a file unless you already have its contents.

So the server can tell if you're accessing (storing or retrieving) a particular file if and only if the server knows what it's looking for.

TL;DR: you can totally construct a scheme that allows meaningful comparison of plaintexts!

But... this is probably a bad thing. Comparison of plaintexts is a vulnerability: the server being able to see who's storing a particular "bad" file has a real impact on privacy. And likely more subtle impacts, too...

The whole point is to allow for comparison of large plaintext files that are stored by many users. Think of mp3s, or large avi files, or, say, a linux kernel image, or ...

> The server sees if it knows of the existence of records with the same hpFileTrunc value as the client's submission. If so, it returns them to the client.

And by doing this, provides a way for clients to verify if any user on the file storage server has this file. So if I wanted to know if your mozilla thunderbird has a mail I have the source to, I simply try to store this and get these duplicate records.

Most people would consider this extremely unacceptable.

> The client then tries, for each record returned by the server, decrypting ckFile2 with the client's hFile value, potentially producing kFile. If this is successful, the client then decrypts cFile with kFile, producing pFile. Finally, it compares this pFile to the original. If it matches, a match has been found, and the client exits the loop. If not, (or if either of the two decryption steps failed), it continues to the next record the server returned. If there are no more records, the client instead submits the tuple (cFile, ckFile, hpFileTrunc) to the server, which stores it.

Why would the client have the keys to files stored by other users ?

Unless you mean that you can only deduplicate within a single client, in which case that's of much more limited use (and I might add, your encryption scheme is way more complex than it needs to be).

> And by doing this, provides a way for clients to verify if any user on the file storage server has this file. So if I wanted to know if your mozilla thunderbird has a mail I have the source to, I simply try to store this and get these duplicate records.

Yes. This is the reason you don't want this property (being able to deduplicate encrypted files)!

But you can provide it, while still providing meaningful security against other attacks.

The client has the keys to files stored by other users because the keys are the hashes of the plaintext, and the client can hash its own plaintext when it has the file.

(Note a trivial modification to this scheme, solely client-side, allows for certain files to be totally secure, with the cost of them being exempt from deduplication)

> The client has the keys to files stored by other users because the keys are the hashes of the plaintext

Personally I find only people explicitly authorized have the key to be the whole point of security. And you're suggesting this as a solution to the problem that organizations providing file storage could see what files you're storing.

Under this scheme, it wouldn't just be that organization, but everybody who is a client, that could see what files you're storing (or at least verify if you're storing a particular file or not)

So I find your assessment:

> But you can provide it, while still providing meaningful security against other attacks.

Very dubious indeed, especially given the context of securing centralized file storage, where the whole point would be to deny others access.

I mean it's a true statement, because you don't specify what "other attacks" are.

I posit that given that this system leaks the plaintext of your files I find it strictly worse than just giving Dropbox or Microsoft access to my files.

> Under this scheme, it wouldn't just be that organization, but everybody who is a client, that could see what files you're storing (or at least verify if you're storing a particular file or not)

You can do this today, with Dropbox or whatever else- anything that does deduplication, if it saves bandwidth by not asking for files it already has.

You can't tell who is storing a particular file- only if anybody is. Does this leak information and impact privacy? Yes! But it still provides other useful properties.

If you have a copy of a file, you can see if anybody else does- a boolean value. (And if the server is malicious, it can tell who does (if it logs).) If you don't have a copy of a file, you can learn absolutely nothing about it.

So, for example, if a user uploads a, uh, personal image to the service- with Dropbox, in theory (they likely have strong organizational and technical controls against this sort of thing, mind you) if the server is malicious they can view that image.

With this scheme, the server can't.

On the other hand, if you, say, save a file containing only your social security number- or a similar low-entropy value- the server can crack the hash and decrypt that file. That's the price you pay for being able to deduplicate.

(Perhaps one could only deduplicate large files- thus handling the case of movies, music, Ubuntu ISOs, large system files, etc. To implement selective deduplication- if you want a file to not be deduped, replace all uses of its hash with, instead, a unique random value to identify the file. Server requires no modification.)

>Other than lawyers and economists,

Investors. The prospectus filing is informative and you don't have to read it all to get good idea of the company.

The summary from CNBC omits all the details and you can't even trust it to have the numbers correctly because if they screw it up, it has no legal consequences for them.

Lots of others have chimed in with examples of interesting tidbits to be found in "raw" securities filings that don't get included in press summaries. My personal favorite is the "efficient factoring" risk factor from an old RSA Security, Inc. 10-K[1]:

The Company’s cryptographic systems depend in part on the application of certain mathematical principles. The security afforded by the Company’s encryption products is based on the assumption that the “factoring” of the composite of large prime numbers is difficult. If an “easy factoring method” were developed, then the security of the Company’s encryption products would be reduced or eliminated. Even if no breakthroughs in factoring are discovered, factoring problems can theoretically be solved by a computer system significantly faster and more powerful than those currently available. If these improved techniques for attacking cryptographic systems are ever developed, the Company’s business or results of operations could be adversely impacted.

[1] https://www.sec.gov/Archives/edgar/data/932064/0000950135000...

As a rule I prefer an original source to an interpretation of a source by someone who gets paid based on the number of clicks generated.
This may not be a very well-received comment due to the securities fraud he has been convicted for, but in Martin Shkreli's YouTube lessons on investing (Really aimed towards future day traders / full time investors, but good points are made) he says the sec.gov site is the best place to take in content and he showed after you get used to the ( ugly ) government site layout, you can actually get to the information you need quickly. But day traders and full time investors probably fit your category of economists.
It's weird though that people who actually cause their investors to lose money go Scott free because of connections and to my understanding shkrelis investors all made huge profits, one going so far as to say it was the best investment of his life.law is law but clearly there is something wrong here.
SEC filings aren't hard to read after you've been through a few and know what to look for.

I was really excited to see they cut their infra costs while supporting more revenue (bottom of page 71), that bodes very well for their future prospects.

@ultrasaurus indeed. Wall street wants us to stay away from sec filings. However they are structured data. I am running a project to make sec filings easily searchable(today) and understandable(in the future) at https://www.instant10-k.com/ We currently have 10-k & 10-Q filings for US companies and 6-K filings for foreign companies.
most everyone in the finance industry does

it contains the "source" facts with limited embellishment. there are all kinds of regulations that essentially result in SEC filings being fairly standardized, limited-BS documents. you dont have to worry about distilling commentary and opinion with fact, generally

for commentary and context, equity research reports are generally helpful as long as you're aware of the inherent bias. articles online can also be helpful, but generally the quality varies, and you have to spend commensurately more time fact checking

once you learn how to ctrl-f the right terms and understand the general skeleton of each type of report, it is actually pretty easy to find the relevant information

Primary sources are generally preferable to breathless editorializations, especially when - as here - they are not in fact written in professional jargon. Any adult of average intelligence and education should be able to get the gist of a prospectus.

Feel free to link to "news" (read: opinion) posts about the filing.

> Other than lawyers and economists, does anyone ACTUALLY prefer this raw filing?

Apparently they do, since it's at the top of HN. If they didn't, it wouldn't be at the top. Alternatively, my guess is that many HN people saw this document, upvoted it, and then went to Google for more context.

Amazed there's still no good permission settings on nested folders in dropbox.

Ran into this on a 4-5 year old project with multiple contributors and even on their paid versions, there's no good way to consolidate folders that have multiple "owners."

Seems like there has to be a better way to handle this - Google Drive takes care of it much better.

Never gonna be a priority unless they release a new enterprise platform. Use Box for this.
Dropbox Business supports nested shared folders now. Source: I evangelized it and worked on it.
But from different sources, etc?

I have a whole bunch of folders over the past 3-4 years that are "owned" by different people that worked for me. I tried to get them all organized under one subfolder and it's not allowed.

Two options depending on what you’re looking to do:

1. If you just want to personally organize shared folders you receive, you can always put them in folders in your account.

2. If you’re trying to create a nested shared structure, that’s what dropbox biz does. You make your employees team members. The ownership issue becomes less tricky since the biz content is all “owned” by the biz.

As a dropbox alum, I’m not up to speed on all the latest nuances. You should chat with sales to see how it could work for you, or just try a trial.

Interesting. Glad to see that a security breach is called out as one of the major risk factors on an sec filing.

  Our business could be damaged, and we could be subject to liability 
  if there is any unauthorized access to our data or our users’ content,
  including through privacy and data security breaches.
Considering their service is the safekeeping of others' data, I'd probably s/interesting/obvious.

Not putting your comment down, mind you. Most would probably find an infosec inclusion as a major risk factor "interesting" in that it just doesn't feel like infosec gets that kind of respect in the C-suite, but I'd like to think it's different in this case considering the offering.

Isn’t this pretty common in SaaS business filings?
(comment deleted)
Commentary on valuation:

1. Box, a public company, is currently valued at $3.17B. It had revenues of ~$480M with a net loss of $150M in 2017 [1]

2. In contrast, Dropbox had revenues of $1.11B with a net loss of $111M in 2017.

The higher revenues, and lower losses bode well for Dropbox. Objectively, that would value Dropbox in the $8B-$9B range, $1B-$2B short of it's previous $10B private valuation

[1]: https://goo.gl/Agf5Xt

Those numbers are even more impressive given that 2 years ago they had $600m in revenues with a net loss of $300m
would like to see more evidence and proof those numbers are credible...
Dropbox's numbers are in their S1 filing and Box's in their financials already linked. Are you questioning the legitimacy of these filings?
Unhappily it's common to find that S1 financial claims are overstated after the fact, it's a part of making ipo prospects as positive as possible.
But it also means transfer of more equity from founders to investors, as investment terms these days typically include equity transfers if an IPO falls short of private valuations
Does this mean that investors in their $10B round lost money? Is this common?
Rumor was they had a weird liquidation preferences in that round, which made it more like debt. Something like a 2x floor and 3x cap. Not sure how that resolves in an IPO though.
They likely have protection clauses.
Not necessarily.

First, the "vs Box" valuation above is simplistic and may not be comparing apples to apples. They are competitors but they are not identical companies, so scaling valuation based on a couple of inputs fails to capture all of their dissimilarities. Also, there is no consideration for a relative spread between the two if you value Dropbox directly off Box (or in other words, which one trades over).

Second, the IPO is not always priced efficiently. Some executives might prefer to price lower just to see positive headlines about sustained gains after IPO. Others may counter that a low IPO price leaves money on the table.

You should wait to see where the stock trades after IPO and any significant lockup expiries before evaluating the success of investors in the $10bb round.

How are they planning ever to make any profits? Their product was innovative some years ago but now they have a lot of competition so I'd expect their margins to get squeezed even more.
Will make a few billionaires.
Really? How many people own more than 10% of the company?
I'm not surprised to see net neutrality mentioned as a risk factor.

Our platform depends on the quality of our users’ access to the internet. Certain features of our platform require significant bandwidth and fidelity to work effectively. Internet access is frequently provided by companies that have significant market power that could take actions that degrade, disrupt or increase the cost of user access to our platform, which would negatively impact our business.

I wonder if you could make an argument that public SAAS companies have a fiduciary duty to their shareholders to support net neutrality policy.

They could also call out the flip side though, right? Dropbox could negotiate deals with the ISPs to "box out" smaller competitors. Maybe it costs them upfront but it also solidifies them in the market.
> Dropbox could negotiate deals with the ISPs to "box out" smaller competitors. Maybe it costs them upfront but it also solidifies them in the market.

Yes, if you're a short sighted MBA that wants to encourage your own extortion

Well, either way, their competitors are icloud/onedrive/googledrive... box'ing-out isnt going to be a successful strategy.
This describes a whole lot of business leaders.
That would be a shrewd business move unless the ISPs want to get into the same business.
+1, I think it’s sad to have to consider this, but business/capitalism is more of a chess game, especially if the shareholders perspective is the driving decision force.
The same move could also be considered defensive, like Netflix, which was essentially forced to do that.
If you don't control the network, though, it remains a risk. Whoever you partner with can renegotiate the terms later or back out of a contract depending on the exit terms (may cost them, but may be worth it for what they can get from Google).

This is the problem of the tenant, the renter. The landlord can change the terms and eat into your profits. At some point it's not worth dealing with them, but it's not always easy to leave.

But renters don't have market share.

If you're Amazon (Dropbox), you have a strong position to negotiate better shipping (network) rates from FedEx and UPS (ISPs).

Depending on how many companies you negotiate with (monopoly vs. monopsony).
And whether they’re competitors with each other. ISPs are largely regional monopolies so you can’t play them off each other as easily. They have the stronger bargaining position. Certainly stronger than Dropbox (people don’t buy internet service for Dropbox alone).
The problem here is that the competitors are companies like Google and Microsoft. If it came down to a bidding war, they could outbid Dropbox just by pulling loose change out of their couch cushions.
Their primary worries for competition though are mostly some of the biggest companies in the world. Not a bright idea for Dropbox at all
Yes, but that's not a "risk factor"... generally in an issuance document, the big pressure is to disclose all the material negatives of your business that you're aware of, partially so that down the road the SEC or your investors can't complain they weren't warned of that risk during the issuance.
No, the fiduciary duty is not that prescriptive. The courts aren’t going to second-guess whether a corporation is taking the profit-maximizing action at all times.
Please don't use blockquote. it is absolutely unreadable on mobile.
.
They're saying they have essentially one revenue source. A lack of diversity in income sources is the risk factor. Compare to Microsoft: Various consumer software options, OEM OS licenses, government contracts, support contracts, physical hardware (Xbox), licensing for game publishers, Azure, etc.

Dropbox has one revenue source, and it's primarily fed by consumers (11 million at that, per this filing). A loss of 1 million users is a loss of 100 million in revenue for them, but doesn't correspond to a drastic reduction in their costs (due to the number of non-paying users).

Tip: Never pay for Dropbox at $99/year. It's repeatedly discounted throughout the year at Dell's website for $60, and often also comes with a $25 Dell gift card. So effectively, its value is $35/year, and you can buy multiple codes, redeem them, so you'd be effectively paying in advance for as long as you want, at 1/3rd of the price.
Normally I would jump on this, but I like dropbox, I like the people there, and I like Drew, so I'm willing to spend an extra $30 a year to increase their revenue and keep them in business longer.
Same here, I have yet to have an issue with the Dropbox UX
Sorry, what???

I mean, you're entitled to do whatever you'd like. But do you see the potential valuations being tossed around? "Drew" is worth tens to hundreds of millions.

I just have no idea why someone would find it not only worth it to take money out of their own pocket to further a corporation that has no need for the empathy we would normally afford to people (or small businesses, which "round down" to individual people or small groups), but would actually see value in sharing this thought process with everyone else. It's not like using a "deal" is unethical or illegal (like, say, piracy), the company in question (or a reseller taking the hit) offered it. Is this some kind of silicon valley flavor of virtue signaling?

If dropbox was a startup with 8 employees, especially one that didn't offer the near-commodity service (yes, I know UX etc matter here) that dropbox does, I would understand this. But that's so far from the case

Predictably irrational people exist! However, how is this different than a $30 donation? I think the real question you want to ask is: Why do people donate money to people who already have lots of money?
As you state, this comment equals to: "I like Drew, so let me make a donation of 30$ to Dropbox"

That's why I like economics so much. A lot of irrational behavior come simply from the fact that humans are usually terrible to understand the underlying economic transactions taking place.

One of my favorite irrational behaviour is the one in which people value object they got more than the equivalent price in which they could buy//sell that object.

For example: You have an old bottle of wine in your cellar, and it is now valued at 500$. A lot of people would simply put, never buy a 500$ bottle.

But if that bottle was your possession, most of the people would keep it and eventually probably drink it, being completely irrational in regards with the 500$ valuation.

You also have to consider the level of effort it takes to sell the bottle to someone who isn't an experienced wine dealer, and the spread that likely exists between the buyer and seller.

So even though it may be $500 to buy new, it's probably more like a $100 bottle if they sell it, so it's like getting an 80% off deal? Why not drink it?

> the spread that likely exists between the buyer and seller.

Spread doesn't have to favor a buyer.

No, it typically favors the middleman.
You have to think about it in terms of who demonstrates excess demand for the trade.

If the buyer is more eager to transact, usually he ends up paying higher than fair value. The opposite is usually true if the seller is more eager for the transaction.

If you have an item of unique value, you may aggressively sell it, as in your initial post to which I had replied. But if you just post a price -- take out a classified ad every week, for example -- then you can wait for an eager buyer to come along.

Even the middleman often crosses the spread. A market-maker might have to clear out of excess risk/inventory ASAP, for example, which requires him to initiate transactions.

> One of my favorite irrational behaviour is the one in which people value object they got more than the equivalent price in which they could buy//sell that object.

Art is also a good example. Art is globally unique, so what does it even mean for art to be worth $X? Seems like the only "value" of art is the price the next guy is willing to pay. The price is undefined until it's not.

On the other hand, if I have a fake Van Gogh, I would not be emotional upon liquidating it because it is fungible; some computer and printer somewhere can easily reproduce the piece if I ever need it again. In addition, the price is well-defined because fakes have a well-defined manufacturing cost associated with them. An authentic Van Gogh has an infinite manufacturing cost as the guy is dead.

This is actually a subject dealt with widely in the humanities. The Work of Art in the Age of Mechanical Reproduction is a good start, for instance. It does seem odd for art to be valued by the market, but there are clear ways to construct standard valuation (based on utility, etc) around it.

  some computer and printer somewhere can easily reproduce the piece if I ever need it again [...] well-defined manufacturing cost
This is not as straightforward as some might think! Some people agree with you. Some don't. "Fake" is a spectrum as well. Is it a reproduction of an original work, or an original work falsely attributed to a particular artist? In the second case, if the quality is high and scholarship has emerged around that work, is it "less valuable" to own after it is revealed as fake (for one individual, not at market prices) or is it in a sense more interesting? Is it perpetrated to be real or simply a print? Even if it's an authentic creation of the artist, was the work been authorized outside of their canon in a less official way? What about photographs, and later editions of them (by either the artist themselves, their estate or family, a dealer, etc)? Check out Richard Prince and his "decertifications" of paintings.

Startups offering blockchain solutions to this landscape, of course, are emerging. But they face the same problem everyone does in that market: how can physical assets, and their movements, be indisputably registered to a blockchain?

> "Fake" is a spectrum as well.

I suppose this is true, very interesting. A piece (real or not or unknown) with history, can become (de)valued in its own right.

> how can physical assets, and their movements, be indisputably registered to a blockchain

For example, I think VeChain and Modum use physical ID chips, but I don't see how they solve this problem. It seems like a tall order to create an injection between physical assets and digital ones. I could see how this would be done if the physical assets were fungible and centrally sourced, which is only going to be the case with certain physical assets.

How would people register those assets to the blockchain? No one in the world should be able to register my laptop, because they don't have it. It would need to be derived from physical measurements, but this is a can of worms because the measurements can change; physical matter is not immutable in the way that digital matter is. Coupling the two seems like a tall order, or maybe I am small minded.

(comment deleted)
Pretty sure Drew is going to be worth upwards of $1 billion (25.3% stake at an $8-9 billion valuation minus any equity he has to give up to investors in the latest round) #TresCommas
I think Dropbox is a dying company, I don't know anyone that uses it in my circles except old people now, very similar to Facebook.
I have a lot of respect for Dropbox as they've created an awesome product and user experience that accelerated its niche.

But as with Twitter i'm sceptical of the long-term prospects (and hence the need for an IPO vs a trade sale) of single-feature/protocol companies.

Nice liquidity event for current shareholders but why should the public invest here? The product is becoming more commoditized with time as well as being an ever more tightly integrated feature with hardware/OS.

Box seems to have a lock on the enterprise market which feels like the better long-term strategy than being a consumer/startup brand.

The stated growth strategy in the S-1 is rather meh. Post-IPO they might go further down the Evernote route and expand in all possible areas, diluting the core product/brand.

> Box seems to have a lock on the enterprise market which feels like the better long-term strategy than being a consumer/startup brand.

Yet box only makes about $48 per user per year, whereas Dropbox makes $111 per year. So either Dropbox has more enterprise than we think, or consumer is a lot more valuable than we think.

I know that Facebook moved to Dropbox from Box for internal use.
Let it be known that Mark Zuckerberg and Drew Houston are best friends. I know it might not be the main reason, but it is something to consider.
Maybe Dropbox is serving mostly smaller companies, which have just a few users are therefore not so price sensitive. If you have five guys, then it's still just like $50-100 per month, not really worth the effort to start thinking how to save money on that.

If you are an enterprise with tens or few hundred users, the monthly bill starts to be in a range where it actually makes sense for somebody to spend a few hours to see if you could cut it by xx%.

Does this suggest they are in the 60-day roadshow quiet period before to the listing?

It's a good value buy for me. Dropbox and Spotify whenever they go public. These two apps I've been a paying member since I discovered them.

I've been using Google Drive for years and haven't paid a dime and it works great for me.

Do you really need 1 TB in the cloud? How much of that do you actually use? Or is it like how people hoard stuff in their garage that they never use but think they will so are afraid to throw it away.

I’ve considered buying Spotify but I am unsure of future growth or long term profits. What do you see?
It'd be interesting to see if they had a similar moment of growth evaporating when Apple Music entered like Snapchat did when Facebook finally got a clone to stick.
Is this the first company to go public that (almost) started/took-off as a "Show HN"? In a way, this is a big moment for YC, PG and this community. Is there a list of "Show HNs" that have become "big"? It would be very interesting to see.
Must be nice to be Quintin Clark. Showed up in Sept of 2017 and was awarded $34MM worth of stock according to this S-1.

It looks like a healthy business. Congrats to dropbox.

I’m a fan of Dropbox, it’s an excellent product. It’s the only file sync product I’ve used in anger that I actually trust — I’ve had glitches of one sort or another with iCloud, Google Drive, OneDrive... never with Dropbox. It just works. Apple should have bought them, Jobs got it wrong ;-)

Dropbox Paper is also a delight to use, from a personal perspective. I’ve never used it on a team. I would be interested to hear whether teams of 50+ have successfully used it — it just doesn’t feel ready for the enterprise in the way that Google Drive does/is.

I’ve not read this S-1 (perhaps it clarifies this) but Dropbox seems a little confused about positioning B2C vs B2B. Does it have a packaging problem? Can it have it both ways? It feels like it’s trying to, but when I was a paying Pro user, I couldn’t get away from the upsell on the site for me to move to the business package. Annoying.

Good luck to them though — they have killer design, a killer viral product and a loyal user base.

Dropbox Paper is great but the Android app sucks
Apple did not get it wrong. Steve Jobs offered to buy (for a putative $800M) but Drew Houston said it was not for sale. Thereafter, Steve was reportedly to have said that Apple would crush them since Dropbox is a feature and not a product.
I stand corrected! I thought he didn’t want to buy them for that reason, didn’t realise he had made an offer.