Black Friday, Cyber Monday and likely the end-of-the year holiday shopping season all have a more prosaic tinge to them this year. Those lusting after electronic gadgets -- and even cars -- have learned to settle more for what they can get than what they want. The reason, of course: shortages of electronic components. From a report: Everyone has a story like my dentist, who told me that he'd given up trying to buy a new Audi after his car was totaled in an accident. The car he'd wanted to replace it with wasn't available, and even if it was, the dealers were adding $5,000 to the sticker price of new vehicles, he told me. He settled for a used model. Meanwhile at home, I'm several months into the wait for a docking station for my wife's work laptop. The consensus from the industry executives I speak to as a chip reporter is that at some point, most likely toward the middle of 2022, supply and demand will come into balance. Why has it taken so long? Building chip plants is very hard and very slow. Even if every chipmaker in the world started building a plant this time last year in response to rising demand, that effort would likely not have resulted in the manufacture of a single chip in time for Black Friday. It simply costs too much and takes too long to build manufacturing infrastructure, and then when you do, it takes three months for silicon to be made into the brains of your iPhone, or the sensor for your SUV that stops you from closing the tailgate on your head. Earlier this year Advanced Micro Devices Chief Executive Officer Lisa Su told Bloomberg's Emily Chang that the chip shortage wasn't a catastrophe and that the industry, which has seen boom and bust cycles before, would adjust output soon enough.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Motherboard: Sam Summers was sitting at home with his penis wrapped in an internet-connected chastity cage when he got a weird message on the app that connects to the device. Someone told him they had taken control and they wanted around $1,000 in Bitcoin to give control back to Summers. "Initially, I thought it was my partner doing that," Summers told Motherboard in a phone call. "It sounds silly, but I got a bit excited by it." But when Summers called his partner, she told him it wasn't her, even after he told her their safe word. That's when he realized he had gotten hacked. His penis was locked in the cage, and he had no way out. Summers is one of several people who purchased a chastity cage device called Cellmate and produced by Qiui, a China-based manufacturer. Some of the device's owners got their accounts -- and thus their devices as well -- hacked at the end of last year, after security researchers warned that the manufacturer left an exposed and vulnerable API, which could allow hackers to take control of the devices. Scared and a bit desperate, Summers realized he had some Bitcoin stashed in an old account. So he sent the hacker what they wanted, hoping that would be it. But when the hacker got the money, they asked for more, according to Summers. "That's when I felt fucking stupid and angry," Summers said. At that point, Summers and his partner started brainstorming ways to get his penis out of the cage. At home, they only had a hammer, so they went out and bought a pair of bolt cutters. His partner tried first, but she couldn't break through. So Summers had to do it himself. The way he was holding his penis put it "in a dangerous spot," he said, so it was "very scary." Nonetheless, he was able to break the cage, but the cutters still cut through him, he said. "I don't have a scar or anything but I was bleeding and it fucking hurt," Summers said.

Read more of this story at Slashdot.

SiliconANGLE reports: [C]ode repository management firm GitLab Inc. decided to phish their own employees to see what would happen. The result was not good: One in five employees fell for the fake emails... The GitLab team behind the exercise purchased the domain name gitlab.company, then used G Suite to facilitate the delivery of the phishing email. ["Congratulations. Your IT Department has identified you as a candidate for Apple's System Refresh Program..."] The domain name and G Suite services were set up to look legitimate, complete with SSL certificates to make the emails look less suspicious to automated phishing site detection and human inspection. Fifty GitLab employees were targeted with an email that asked them to click on a link to accept an upgrade. The link took them to the fake gitlab.company website where they were asked to enter their login details. On the positive side, only 17 of the 50 targeted employees clicked on the provided link. However, 10 of those 17 then attempted to log in on the fake site. Six of the 50 employees reported the email to GitLab's security operations team, the article notes. "Those who logged in on the fake site were then redirected to the phishing test section of the GitLab Handbook."

Read more of this story at Slashdot.

If you’re doing SaaS for the first time (or even the second), the whole idea of charging for “Services” may seem an anathema.  It sure did to me.

• If your product is so easy to use that you barely need sales people, why in the world would I need to charge for implementation? For support?  For training and engagement?

• And isn’t it a bit unseemly to charge for services? Doesn’t it sort of say your product is Old School?  SAP-level clunky?

• And isn’t services revenue a friction-full waste of time anyway? I mean, it’s not recurring.  It’s not true ARR.  Does it even count?  I’m a SaaS company.

Maybe.  Maybe for the 15% of the world that is like you and me, charging for services doesn’t make any sense, perhaps even anti-sense.

Turns out though, that in the vast majority of six-figure contracts, virtually every seven-figure contract, and quite a few five-figure contracts … there’s always a services component.

And it almost always seems to average out to 15-20% of the ACV.

I remember the first time I experienced this confusion myself, on one our first high-five figure contracts.  We had a brutal negotiation over price.  And then, at the end, they send us a Schedule for Services.  After getting beat down on pricing on the annual contract price … the Schedule for Services they send us (without me even asking) guaranteed us another $20k a year in services, with $250 an hour as the assumed price for the services.

I didn’t fully understand what was going on here until I became a VP in a Fortune 500 tech company.

But the answer, it turns out, is simple once you get it.

First, in medium and larger customers, there’s always change management to deal with when bringing in a new vendor. And they not only understand there’s a cost associated with that (soft even more than hard) … your buyer wants to do the least amount of change management herself as possible.  If you can do the training for her for a few bucks and saves her a ton of time … that’s an amazing deal.

Second, in medium and larger customers, they often have no one to do the implementation work themselves. So even if you weren’t saving your customer theoretical money by helping with implementation, roll-out, support etc. … they probably have no one to do this internally anyway.  You’re going to be doing some, a lot, or all of this for them.  They are OK paying for this, in the enterprise at least.

And most importantly … it’s how business is done.  And — budgeted. When most larger companies enter a new vendor into their ERP system, they typically add an additional budget item or two along with the core contract price.  One additional line item for service and implementation, in most cases.  And in some cases, an additional budget for other add-ons necessary to make the implementation a success (e.g., an EchoSign on top of Salesforce).  Both of these are often line-item budgeted at 15-20% of the core contract value for the product.

So net net …

• You probably can’t charge another 15-20% for services and implementation and training for a $99 a month product.  Well maybe you could, but it’s probably unprofitable and not worth it.

• But, as soon as the sale gets into the five figures, considering adding 15-20% for Services. You’ll probably get it.

• And plan for charging, and delivering, additional services revenue in mid-five figure and larger deals. The customers are happy to pay, and in fact, will expect it.

And if you don’t charge … you’re just leaving money on the table.  You’ll have to do the work anyway.  You may send negative signaling that you aren’t “enterprise” enough, that you aren’t a serious enough vendor.

And importantly, this extra services revenue still “counts” as recurring revenue if it’s < 25% or so of your revenues. I don’t mean that literally (it doesn’t recur), but what I mean is that Wall Street and VCs and acquirers and everyone will still consider you a 100% SaaS company if <= 25% of your revenues are nonrecurring.  And you’ll get the same SaaS ARR multiple on those extra services revenues.

Same multiple.  No extra work.  10-25% more revenue.

Don’t leave the services revenue on the table.