Every once in a while I encounter an online service or Web site that is so irritating that it seems like the people behind the service are just in it to frustrate Web users. And I don’t mean the obvious candidates like email spammers and purveyors of popup ads since they’ve been around for so long I’ve either learned how to ignore and avoid them.

There is a new generation of irritants and many of them are part of the new lunacy we call “Web 2.0”

1. Flash Widgets with Embedded PDF Documents: Somewhere along the line a bunch of startups decided that they needed to put a “Web 2.0” spin on the simple concept of hosting people’s office documents online. You see, lots of people would like to share documents in PDF or Microsoft Office® formats that aren’t particularly Web friendly. So how have sites like Scribd and Docstoc fixed this problem? By creating a Flash widgets containing the embedded PDF/Office documents like the one shown here. So not only are the documents still in a Web unfriendly format but now I can’t even download them and use the tools on my desktop to read them. It’s like let’s combine the FAIL of putting non-Web documents on the Web with the fail of a Web-unfriendly format like Flash. FAIL++. By the way, it’s pretty ironic that a Microsoft enterprise product gets this right where so many “Web 2.0” startups get it wrong.

2. Hovering Over Links Produces Flash Widgets as Pop Over Windows: The company that takes the cake for spreading this major irritant across the blogosphere is Snap Technologies and their Snap Shots™ product. There’s nothing quite as irritating as hovering over a link on your way to click another link and leaving a wake of pop over windows with previews of the Web pages at the end of said links. I seriously wonder if anyone finds this useful?

3. Facebook Advertisers: One of the promises of Facebook is that its users will see more relevant advertising because there is all this rich demographic data about the site’s users in their profiles. Somewhere along the line this information is either getting lost or being ignored by Facebook’s advertisers. Even though my profile says I’m married and out of my twenties I keep getting borderline sleazy ads whenever I login to play Scrabulous asking if I want to meet college girls. Then there are the ads which aren’t for dating sites but still use sleazy imagery anyway. It’s mad embarrassing whenever my wife looks over to see what I’m doing on my laptop to have dating site ads blaring in her face. Obviously she knows I’m not on a dating site but still…

4. Forums that Require Registration Showing Up in Search Results : Every once in a while I do a Web search for a programming problem and a couple of links to Experts Exchange end up in the results. What is truly annoying about this site is that the excerpt on the search result page makes  it seem as though the answer to your question is one click away but when you click through you are greeted with “All comments and solutions are available to Premium Service Members only”. I thought search engines had rules about banning sites with that sort of obnoxious behavior?

5. Newspaper Websites with Interstitial Ads and Registration Requirements: Newspapers such as the New York Times often act as if they don’t really want me reading the content on their Web site. If I click on a link to a story on the New York Times site such as this one, one of two things will happen; I’m either taken to a full page animated advertisement with an option to skip the ad in relatively small font or I get a one sentence summary of the story with a notice that I need to register on their Web site before I can read the story. Either way it’s a bunch of bull crap that prevents me from getting to the news.

There are two things that strike me about this list as notable. The first is that there are an increasing number of “Web 2.0” startups out there who are actively using Flash to cause more problems than they claim to be solving. The second is that requiring registration to view content is an amazingly stupid trend that is beyond dumb. It’s not like people need to register on your site to see ads so why reduce the size of your potential audience by including this road block? That’s just stupid.

Now Playing: Pleasure P - Rock Bottom (feat. Lil Wayne)

Late last week, the folks on the Google Data APIs blog announced that Google will now be supporting OAuth as the delegated authentication mechanism for all Google Data APIs. This move is meant to encourage the various online services that provide APIs that access a user’s data in the “cloud” to stop reinventing the wheel when it comes to delegated authentication and standardize on a single approach.

Every well-designed Web API that provides access to a customer’s data in the cloud utilizes a delegated authentication mechanism which allows users to grant 3rd party applications access to their data without having to give the application their username and password. There is a good analogy for this practice in the OAuth: Introduction page which is excerpted below

What is it For?

Many luxury cars today come with a valet key. It is a special key you give the parking attendant and unlike your regular key, will not allow the car to drive more than a mile or two. Some valet keys will not open the trunk, while others will block access to your onboard cell phone address book. Regardless of what restrictions the valet key imposes, the idea is very clever. You give someone limited access to your car with a special key, while using your regular key to unlock everything.

Everyday new website offer services which tie together functionality from other sites. A photo lab printing your online photos, a social network using your address book to look for friends, and APIs to build your own desktop application version of a popular site. These are all great services – what is not so great about some of the implementations available today is their request for your username and password to the other site. When you agree to share your secret credentials, not only you expose your password to someone else (yes, that same password you also use for online banking), you also give them full access to do as they wish. They can do anything they wanted – even change your password and lock you out.

This is what OAuth does, it allows the you the User to grant access to your private resources on one site (which is called the Service Provider), to another site (called Consumer, not to be confused with you, the User). While OpenID is all about using a single identity to sign into many sites, OAuth is about giving access to your stuff without sharing your identity at all (or its secret parts).

So every service provider invented their own protocol to do this, all of which are different but have the same basic components. Today we have Google AuthSub, Yahoo! BBAuth, Windows Live DelAuth, AOL OpenAuth, the Flickr Authentication API, the Facebook Authentication API and others. All different, proprietary solutions to the same problem.

This ends up being problematic for developers because if you want to build an application that talks to multiple services you not only have to deal with the different APIs provided by these services but also the different authorization/authentication models they utilize as well. In a world where “social aggregation” is becoming more commonplace with services like Plaxo Pulse & FriendFeed and more applications are trying to bridge the desktop/cloud divide like OutSync and RSS Bandit, it sucks that these applications have to rewrite the same type of code over and over again to deal with the basic task of getting permission to access a user’s data. Standardizing on OAuth is meant to fix that. A number of startups like Digg & Twitter as well as major players like Yahoo and Google have promised to support it, so this should make the lives of developers easier.

Of course, we still have work to do as an industry when it comes to the constant wheel reinvention in the area of Web APIs. Chris Messina points to another place where every major service provider has invented a different proprietary protocol for doing the same task in his post Inventing contact schemas for fun and profit! (Ugh) where he writes

And then there were three
...
Today, Yahoo! announced the public availability of their own Address Book API .

However, I have to lament yet more needless reinvention of contact schema. Why is this a problem? Well, as I pointed out about Facebook’s approach to developing their own platform methods and formats, having to write and debug against yet another contact schema makes the “tax” of adding support for contact syncing and export increasingly onerous for sites and web services that want to better serve their customers by letting them host and maintain their address book elsewhere.

This isn’t just a problem that I have with Yahoo!. It’s something that I encountered last November with the SREG and proposed Attribute Exchange profile definition . And yet again when Google announced their Contacts API . And then again when Microsoft released theirs ! Over and over again we’re seeing better ways of fighting the password anti-pattern flow of inviting friends to new social services, but having to implement support for countless contact schemas. What we need is one common contacts interchange format and I strongly suggest that it inherit from vcard with allowances or extension points for contemporary trends in social networking profile data.

I’ve gone ahead and whipped up a comparison matrix between the primary contact schemas to demonstrate the mess we’re in.

Kudos to the folks at Google for trying to force the issue when it comes to standardizing on a delegated authentication protocol for use on the Web. However there are still lots of places across the industry where we speak different protocols and thus incur a needless burden on developers when a single language might do. It would be nice to see some of this unnecessary redundancy eliminated in the future.

Now Playing: G-Unit - I Like The Way She Do It

When I first met with the team at Splunk, they were working away on building a system that could accurately track a transaction as it traversed the entire enterprise stack. If the transaction broke somewhere along the way, their software could help IT discover the cause of that failure. While it was clearly a pain point for some businesses, there was no clear customer and the value proposition was a relatively hard one to articulate. But the technology they were building created a whole lot of intelligence built on the fumes of the data center (namely the log files). I was interested in what they were doing, but not interested enough to fund them. One day I got a call from Michael Baum, CEO of Splunk. He told me that they had "figured it out" and that we should meet up. I was certainly game to hear what they had figured out and we got together again a short time later.

So what had Splunk figured out? They had figured out that if they could track, manage and correlate log files across the entire data center in near real time, that they could create the killer IT Search Engine that would allow an end user to see into their enterprise stack in a way never before possible. The Splunk guys showed me a very simple example using Voip data and how one could track all systems that touched a particular extension by simply searching for that extension in the Splunk engine. I was an instant believer -- it was clearly a better way to manage the massive amounts of IT data that exist in enterprises today. I invested in the Series A and the Splunk team got to building the software that they had envisioned.

A short time after investing in Splunk, I was meeting with a group of managers from one of August Capital's biggest Limited Partners (the folks who invest in our fund). I was describing for them what Splunk was planning to build and they asked me "so what's the market size for that?" I quickly answered as best I could -- "I have no idea." Needless to say, this was not the most satisfying answer they had ever received and they stared back at me with a look that suggested perhaps I should come up with a better answer. But the reality was that I didn't have a better answer. Not because it was unclear if there was any market for what Splunk was building. But, more importantly, because once Splunk had built their search engine, it was unclear what market they would go after. I explained to my investors that Splunk had a number of multi-billion dollar markets in which they might play (management, compliance, BI, security, capacity planning, development, etc.) and the only question was which ones they would choose to go after first.

That conversation with my Limited Partners was over two and a half years ago. And since that time, the Splunk team has built precisely what they promised -- a large-scale, high-speed search technology for your data center. But despite the fact that Splunk's software has been downloaded by over 100,000 users and despite the fact that there are now more than 350 paying enterprise customers (including 21st Century Insurance, BEA, British Telecom, Catholic Healthcare West, Chicago Mercantile Exchange, Comcast, Dow Jones, FedEx, Fiserv, GE Consumer Finance, LinkedIn, Mantech, Mozilla.org, NASA, Shopzilla, Telstra, U.S. Department of Energy, U.S. Department of Justice, U.S. Department of State, Vodafone and Yahoo!), I would still have a tough time answering the question posed by my Limited Partner.

Splunk has not built an application. Nor is Splunk merely selling software. Splunk has created a software enabled platform that continues to be extremely broadly applicable. Is Splunk mission critical when it comes to maintaining availability of large scale enterprise systems? Yes. Is Splunk invaluable in the fight to maintain the security of your data center? Yes. Does Splunk uniquely simplify the process of data compliance? Yes. Can Splunk help you dig into your data and analyze it like no other solution? Yes. But, frankly, that's just the tip of the iceberg -- once you are able to query individual pieces of data across your entire data center in real time, the applicability of the platform is limited only by the creativity of its end users. And those end users are driving value back into the platform, creating applications we hadn't thought of before.

So what is the market for Splunk? i still couldn't say for certain. But I can tell you one thing -- it is awfully big. And in the venture business, that's big enough.

One of the good things about being home sick is that you have time to blog. So let me catch up on a couple of quick things.

Graphing Social Patterns Conference: The first one is that my friend Dave McClure has organized an interesting conference that is coming up called "Graphing Social Patterns: The Business and Technology of Facebook" The event is all about Facebook as a platform for other businesses and will have some great speakers like Tim O'Reilly and Reid Hoffman. The Facebook phenomenon is sweeping Silicon Valley and this is the first event to try to put it in some perspective. The conference is in San Jose from October 7th through 9th and you can REGISTER HERE to get a 25% discount on the conference (because VentureBlog isn't just about information, it is also all about value). Also, don't miss the VideoEgg conference called App Camp on how to build a real business on Facebook. VideoEgg have become The experts on rich media advertising and monetization of social media. Given that, App Camp will be a very interesting discussion of how to actually make money on Facebook. I have been saying for a long time that I believed social networking (or, the "social graph" in today's parlance) would become a core piece of infrastructure in all sorts of applications and the Facebook platform is the perfect extension of that observation -- now application providers can outsource the entire social networking infrastructure to Facebook and focus on the overlying application. It will be interesting to see how these applications and monetization continue to evolve.

DonorsChoose Blogger Challenge: The second random snippet of this fine sick day is Kara Swisher's quest for lunch with Jerry Yang. According to Kara, the Yahoo PR machine won't give her direct access to Jerry, so she is working on an end run to the problem. In support of the DonorsChoose blogger challenge, Yahoo has offered a lunch with Jerry for the blogger who gets the most donors to give money to schools through DonorChoose.org. Kara is hoping to earn that honor so that she can dine with Jerry and, no doubt, put it on video tape. The DonorsChoose blogger challenge is a fantastic way to help out worthy school projects. But since I'm late to the challenge, I may as well lend my support to Kara, who has chosen some great projects to fund. So if you are interested in contributing to some worthy causes, click HERE to get to Kara's DonorChoose page.

Hope you all are healthy. I strongly recommend getting flu shots. Trust me. Get the shots.

For the last several years there has been a lot of talk on Sand Hill Road about investing in China. To a certain degree there has been a lot of talk about all the BRIC countries -- Brazil, Russia, India and China. But the most excitement is clearly around China. (Interestingly, while India is a relatively close second, I have yet to hear of a single Bay Area VC exploring investment in either Brazil or Russia). Drawn by huge markets and a rapidly expanding economy, American VC's are heading to China to stake their claims. Go East young VC's. Go East.

Venture Capital investment in China has not, however, been a headlong dive. Bay Area VC's seem to be sending over exploratory parties. By way of example, David Chao from Doll Capital has been in and out of China for some time. Now a number of his partners are getting in on the act as well. Paul Koontz from Foundation Capital spent a year in China exploring the market. And perhaps the best indicator that the Chinese market is hot is Dick Kramlich's pilgrimage to China this year. Kramlich is one of the founding fathers of Sand Hill Road -- a 25 year veteran of the venture capital business. Not one to miss out on a big opportunity, Kramlich has headed over to China for 2008 to catch the wave of entrepreneurship and, perhaps, some of the Beijing olympics. Chow, Koontz and Kramlich are not the only US VC's headed to China by any stretch of the imagination. But these high profile forays into the Chinese market are excellent indicators of the level of interest in the market.

It is hard not to be intrigued by the Chinese market. With 1.3 Billion people, you don't need a huge amount of penetration to hit big numbers. One percent of the Chinese market is 13 million people. As they say, if you are "one in a million" in China, there are thirteen-hundred people just like you. What's more, the Chinese government anticipates that approximately 300 Million people will move from the countryside to urban centers in the next decade -- that's the same number as the entire population of the United States. The combination of massive aggregate numbers, rapid urban migration (and the commensurate increase in wages) and relatively low concentrations of modernized business processes, suggest a market ripe for investment. And that is precisely the conclusion many of my brethren on Sand Hill Road have drawn.

Given all that, I was anxious to check out China for myself. And right before the new year, I had the good fortune to do just that -- I accompanied a group of Stanford Business School students on a ten day study trip to China. We met with senior executives from companies like China Telecom, Alibaba, GM China and Bao Steel, as well as senior government officials and party leaders (yes, it is still a Communist country). But the most interesting discussions, to my mind, were with the leading private investors in China. (Because my meetings with these private investors took place as part of a study trip, there was no expectation that I would blog about the content of our conversations -- thus, I have decided to exclude the names of the specific investors so as not to violate any confidences they may have reasonable expected.) These investors gave a surprisingly candid view of venture capital throughout the country -- the good, the bad and the ugly.

To the mind of the Chinese investing community, the market dynamics described above well outweigh the risks of investing in the current environment. Huge markets with lots of business white space provides for numerous opportunities for economic gain. While American investors are busy debating the degree to which the US startup market is saturated, Chinese investors are having trouble keeping up with the inflow of opportunities. The opportunities in China seem unbounded, making foreign investors starry-eyed. But despite the glories of the Chinese market -- and there is no denying that the demographic trends in China are glorious -- I heard more than enough from Chinese investors to scare me away from the market.

As an initial matter, the biggest challenge that investors find in building Chinese startups is identifying great entrepreneurs. Because there has been all but no startup culture prior to a handful of years ago, there are essentially no seasoned entrepreneurs. A few native Chinese business expats are returning from abroad to take advantage of China's increasingly open economy. But those numbers are de minimis and do nothing to staff the rest of the enterprise. Meanwhile, Chinese executives have been trained to function in a business culture of bureaucracy and Party connections -- not the fast-paced, fluid environment of the startup world. The investors with whom I met lamented the lack of qualified executives and warned about the significant challenges of doing diligence on Chinese entrepreneurs.

The second challenge with entrepreneurship in China is grounded in the laws of China. The legal structures needed to support a vibrant startup economy are, at best, embryonic. Neither entrepreneurs nor investors are particularly well protected by the Chinese legal system. One investor with who I met on my trip described a recent situation in which he funded an entrepreneur, only to have that entrepreneur turn around and leave for business school months later. The entrepreneur assured the investor that he would be better situated to make the business a success after the two years of school. The investor had no recourse as his money left the country with the entrepreneur. In another instance, an investor backed an entrepreneur in a business that thereafter appeared to be failing. However, a couple years later when the same company started thriving, the entrepreneur informed the investor that it was not the company he had backed. The investor was incredulous. He told the entrepreneur that it was the very same company with the same team and even the same name. The entrepreneur assured the investor that it was, in fact, a different company and that he had not invested in this successful company, his investment was in the previous failed venture. Despite the obvious deception, the investor told me that he again had no legal recourse.

In many ways, venture capital in China is like the wild west. There are big opportunities, but they are not well defined and capturing their full value may well require manipulating the law to your own devices. One investor with whom I met described entrepreneurship in the United States like a zoo and entrepreneurship in China like a jungle. In the United States, he said, while there is always a lion next to you with sharp claws, driven by self-interest, there is a cage between you and the lion to keep you safe. You can count on the cage to protect you from unreasonable or illegal behavior. In China, on the other hand, there is no cage between you and the Lion -- if you don't take great pains to protect yourself from the self-interested behavior of the lion, you are going to get bitten. Case in point, one Chinese executive with whom I met on my trip described how he was able to leverage his dominant market position to force his competitors to sell at a discount. What's more, the entrepreneur described with pride that once he had bought up all of his competition, he was able to raise his prices three-fold.

Yet another significant challenge for United States VC's seeking to invest in China is the government itself. While China appears to be making huge market-driven strides in its economy, there remains a significant wild-card in all business transactions -- the Communist government. On my trip it was repeatedly pointed out to us that government officials don't make laws, Party leaders do. The government officials are tasked with managing the bureaucracies of their localities, but the party leaders are tasked with making the decisions. The Communist Party single-handedly makes all of the rules in China. For example, by mandate of the Party, no Chinese financial institution may be majority-owned by foreign investors. Thus, the fasted growing segment of the Chinese market is off-limits to foreign investment. What is to stop the Chinese government from making similar mandates in other market segments? This lack of predictability of the fundament legal underpinnings of business in China is sufficient in and of itself to make me take pause.

I thoroughly enjoyed my visit to China. The shear scale of Beijing and Shanghai was absolutely stunning, as was the velocity of the growth in both cities. And the extraordinarily candid conversations we had with Chinese business leaders and Party officials was both surprising and invaluable. But rather than leaving China emboldened to invest in their great economy, I returned to the United States surprised that my fellow VC's could accept the risks inherent in investing in China. I could not. And I don't anticipate that changing any time soon.

When I first started writing VentureBlog, I used to talk a lot about entrepreneurship. At the time, not a lot had been written about pitching VCs or the Venture Capital process, so there was lots of virgin territory. Since that time, dozens of VCs have started blogging and much has been said about what it takes to get a VC down the isle. Bits and pieces here and there -- a good Google archeologist can pull it all together. But having spent the week pontificating about PowerPoint and the likes, I've decided to take one more swing through the basics of pitching a VC.

As I thought about the process of pitching a business, it struck me that no matter what the stage, the information was essentially the same. A good elevator pitch contains the same content as a good executive summary contains the same content as a good PowerPoint contains the same content as a good business plan. The distinction among these business descriptions is not the substance, it is the degree to which the essential elements are fleshed out. Each document contains slightly more detail than the preceding.

Elevator Pitch --> Executive Summary --> PowerPoint --> Business Plan

This makes good intuitive sense. There is no reason that the things that are most compelling about your business would change based upon the nature of the business description. Nor would an investor be interested in different things by virtue of the form that description takes.

What, then, are the essential elements that make up a good PowerPoint, a persuasive elevator pitch, a compelling executive summary? I have no doubt that VCs will differ somewhat on the precise list, as well as the order and the emphasis. But at its core, I believe that a successful business description should include the following elements:<