Monthly Archives: July 2011

Thoughts on Spotify

I was lucky enough to get an early invite to Spotify last week thanks to my high Klout score (I honestly think anyone with a pulse got an invite) and I’ve been playing around with it for a few days. Here’s my thoughts on the service thus far.

One thing I’ve noticed is that I’m using Spotify for listening to stuff that I don’t already have in my library. This is sort of weird because I recently switched to an SSD and none of my music is actually in my library. Yet I use Spotify for listening to stuff that’s not on my external hard drive (which I almost never have plugged in). I think this behavior might be due to the fact that Spotify is making me a fat kid in a candy store (but for music). I want to keep searching to test Spotify’s limits and see how much music it really has. So far it’s been doing really well.

Specifically, I have been using Spotify mostly to listen to music that was popular when I was in middle school (this was like, 14 years ago). This music is stuff that I’m either too embarrassed to have on my hard drive, or I simply never had. Yet it’s totally great for nostalgia’s sake. I’ve been listening to No Doubt, Toni Braxton, Weezer, Mariah Carey, etc. Stuff that brings me back to that era. It’s pretty cool.

One workflow that Spotify has replaced for me is the awkward one of going to YouTube and looking for a video of a song I want to hear. I don’t know how many times I’ve had to go to YouTube and searched for something like “Head Over Heels” by Tears For Fears just to listen to a song (it’s just a static image of the album cover). It’s much, much quicker just to search in Spotify and get super instant gratification.

Comparisons to the new hot startup, Turntable, are pretty much impossible to avoid. Turntable is really fun for interacting with people (and music discovery), but sometimes you just want to listen to what you want to listen to (and not wait for other DJs before your song comes on). I think the two services have very different use cases, and each works well for its intended use.

One thing Spotify could work on is music discovery. It’s kind of ridiculous the only music it pushes are the top albums, artists and songs. All the stuff on this list are top 20 bullshit that I really have no interest in listening to (just ignore the top 20 “bullshit” from the 90’s that I just admitted to listening to). In this day and age, it’s ridiculous for a music service to not include some kind of recommendation engine or radio feature. Browsing music on the service by genre, year or anything besides search is impossible. In terms of features, Spotify is actually kind of disappointing.

Despite the obvious shortcomings, I have a lot of high hopes for Spotify. It’s a really nice example of how consumers can enjoy getting stuff from “the cloud” without making it too complicated. I hope that it continues to improve, especially in the music discovery and browsing categories.

Banana Republic (and Gap, etc.) Stores Passwords in Plain Text

I was sitting on the subway when I got a random email from Banana Republic that contained my password in plain text. Besides the fact that I hadn’t requested it (lots of Hung Truongs think that they’re me @ gmail), I was surprised because any company that even slightly values security does not store passwords in plain text. It is quite jarring to see a password show up on my iPhone’s home screen. Here’s the email in case anyone needs proof:

The fact that BR stores passwords in plain text means that they’re probably a very nice target for a quick hack (and if they’ve got bad practices in password storage, they probably have holes elsewhere as well). Unlike the Gawker password leak, which had hashed passwords (though they could still be eventually brute-forced), the BR passwords aren’t even obfuscated (or if they are, it’s in an easily reversible way).

If you have a Banana Republic, Gap, Old Navy, Piperlime or Athela account, I highly suggest you change your password to something unique that you don’t use for any other sites (um, just like all your passwords… I totally have different passwords and two-factor security for everything).

I’d also suggest you contact Banana Republic and tell them that their security policies suck. Maybe they’ll fix it if enough people complain. That’d be sad if it took a huge hack and user info disclosure to change their ways.

Startup Incubation Week 5 Update!

I’ve been in New York working on our startup for about 5 weeks now. So far the experience has been really enlightening. Between reading the Startup Genome Report, a handbook on Customer Development, listening to awesome lecturers talk about bizdev, pitching, pivoting, etc, I think I have a much better handle on what entrepreneurship really is.

So far, we’ve probably pivoted about 2 times, and we’re not even at the halfway point yet! The support from mentorships has been really helpful in understanding what startups really need to focus on to be successful. Without a market, there’s no company. Without the proper product to market fit, there’s no company. And if everything fits perfectly, you still need to be able to scale your service or product to meet demand!

Approaching a startup in a semi-scientific way is also very cool. Instead of looking at a startup as an ultra risky venture, you’re really looking for ways to prove hypotheses and make the thing as un-risky as possible while maximizing the potential upsides.

Bebarang is chugging along and I hope to provide an actual launch post some time soon (in private beta, of course).