Avoiding the next Skiff

Dare to provide source of this?

Well if you look at https://skiff.com it literally has the notion.so logo and notion.so did a blog article:

https://www.notion.so/blog/meet-skiff-the-newest-member-of-the-notion-family

@dngray Thanks

I will not be another unique visitor (uu/uv) and will not pump their stats up…

Thank you for this

I don’t think there can be any criteria that can prevent something like this from happening. The future is unpredictable and anything can happen to any company. All we have is assurances & trust.

However, what PG can promote & encourage is easy & well documented migration paths in case the service is discontinued. That is already done to some level (bulk exporting etc.)

In case of email, I’d personally use a service that encourages custom domains instead of their own domain for email addresses. That way I can easily switch between services without having to change my email in every service I use.

The only confusion about this I’m seeing is from you lol

Skiff was funded by Sequoia Capital (and Google for Startups). The reason they sold to Notion was because they were funded by Sequoia Capital. Thus, it is very easy for us to use VC funding as an indicator of future events.

It’s a very simple case of “if VC funded, then exit.” I wasn’t really aware that was a controversial idea because that is just objectively how VC funding works, plain and simple

Venture money is not long-term money. The idea is to invest in a company’s balance sheet and infrastructure until it reaches a sufficient size and credibility so that it can be sold to a corporation or so that the institutional public-equity markets can step in and provide liquidity.

I forgot about Sequoia Capital.

I disagree, while it may in some cases it might not in others. Unfortunately there is no special indicator that a business has unhealthy viability. If it has got issues, usually those are kept pretty secret.

Of course we can determine the chance of that by evaluating the product and seeing how it actually performs. Services come and go, and we need to just accept that.

Except for the fact that sometimes VC funding helps a company get off the ground and turn into something that is profitable but also doesn’t necessarily involve selling user data.

It’s not necessarily wrong for a VC to want a return on their investment or see a company’s viability pushed to actually end up with more capital than the began with. That is literally the story of Proton and their products.

I think we should still evaluate things on a case-by-case basis.

The point, as I said above, is that products cannot be recommended in the long term while they still have financial obligations to VC investors. Unless you think Proton right when they launched with no track record would have been a good recommendation to make immediately?

That was kind of hillarious but it was going to happen today anyway.

The thing is there’s many different types of lending, and VC lending isn’t the only kind. The same thing can effect a company which just runs out of money to pay developers (maybe more so). They just cease operations.

Can always move from a provider which changes hands.

Correct me if I’m wrong: I think you are focusing too much on an incorrect idea that this criteria will help us determine whether a company is good. This criteria is only meant to help us determine whether a company is bad, as a first step filter.

If VC funded → Not recommended, process stops here
If not VC funded → No determination, continues on with process where we also consider other factors

Nobody is arguing that “not being VC funded” is an indicator of health.

I just think that if a product is good, and maybe they have got off the ground with some VC money that it won’t necessarily end up in the dumpster.

It really depends on what the product is, what it offers and how it can be monetized.

I know you all don’t want to hear it but privacy products generally do require a subscription, because someone has to pay for hosting, and developers.

Donations for open source projects generally are not sufficient to live off and unless a corporation decides they need your product and are going to fund you to work, on it, it’s going to end with you only doing it in your spare time.

I suggest, if something like Skiff happens again, add an orange bar or something for at least a few months detailing that they themselves suggested to you that they be added on the forum, and that it was added recently. I think the same should have been done for Skiff, for complete transparency.

Maybe you could extend this to every suggestion, a date in which they were added and maybe a list of recent additions and removals (outside of Github which can be hard to find), but that’s a different thing altogether

We knew about Skiff before they came here. We want to encourage developers to participate in the process of them being added. I actually think for Skiff this resulted in a few good priorities, such as the addition of data liberty features (export etc) and better visibility on what is an encrypted message vs E2EE.

I really do not want to see Privacy Guides turn into crappy old Privacy Tools with labels everywhere that don’t really mean anything. It is not like we added Skiff purely because they asked, they went through a lengthy process and we tested the product quite a bit before making that decision.

I’m not sure I agree. People who frequent the forum and Github like us know about this information about what is recommended. But people who casually look at the site once don’t. But I think it’s information they deserve to know, because it does mean something. You can’t tell me Andrew Milich pushing you about “aNy BlOcKerS” didn’t make you take less time to put them on your site than you would have otherwise. I don’t envy you, it’s a difficult situation to be put in.

But if anything, I think increased transparency would be better for the process. Developers can still push if they want, but with a measure like this they would be slightly deterred from pushing for a recommendation just so they can get more users to sell. It might encourage a better mentality of asking because they want to improve their product and are ready to take the time to mature, not because they want more attention.

The more he pushed the more I looked. I sensed his urgency to get listed and suspected that he would discontinue communicating once he had. Unfortunately there is no real protection against that.

Ultimately everything that gets added to the site is signed off by us, and it says so at the bottom of the page who contributed to it.

What about VC backing later on in the product lifecycle? Like in the case of Bitwarden?

I just don’t really think it is a measure of anything.

We should evaluate products on what they are when they are going to be listed.

Is this something I’d actually recommend to my mom to use? Is it going to be frustrating?

You can have the best privacy product, but if nobody wants to use it because it is clunky, or non-functional (unstable/crashes/buggy/etc) then it’s not really going to matter is it? Likewise if it is actually not any of the bad things, then why wouldn’t you want to use it?

Is this something I’d actually recommend to my mom to use? Is it going to be frustrating?

I think anyone recommending any service to their mom would consider its longevity, what the chances are of it shutting down in the next X years, and how easy it is to migrate off of it in case it does shut down.

There really is just no way to tell if a company will shut down, be sold unless you want to just use Google/Microsoft and call it a day.

Hence the data liberty requirement, we can thank Skiff for that. Every other provider already had that at that point so we didn’t have a specific requirement for it.

You are absolutely right. There is no way to be certain of the future. However, it is still a good idea to evaluate the potential longevity of a service you guys are going to recommend. The only question is, how to evaluate this with some degree of accuracy.

It can just be an indicator on the product listing instead of being a part of the vetting process,

I think we do a pretty good job, but without having access to the financials of a company there really is no way to tell. That simply isn’t possible for non-publicly traded companies.