How can Copy give 10x the space of Dropbox and still make money?

How can Copy give 10x the space of Dropbox and still make money?



Dropbox is a fantastic product. It lets people keep their stuff synchronized among all their devices, and allows easy sharing and collaboration. In addition, it significantly reduces the pain of losing a laptop (e.g., through theft or disk crash), and through a solid API, it makes a myriad of smartphone applications easier to use. Dropbox is also run by very talented individuals who had to overcome the fact that they have a product that people don’t know they need, until they see it in action, and that it was a late-comer in the very crowded market of cloud storage/ backups.


Enter Copy, a competitor that appears extremely refined, with Dropbox-fast sync speeds (I’m looking at you Google Drive, Skydrive, Sugarsync, et al.), similar “just works” philosophy, solid support by parent company Barracuda Networks, and very well designed iOS and Android apps.


Copy has raised eyebrows by offering 15Gb free space vs. Dropbox’s 2Gb. If people sign up though a referral link, they get 20Gb when they install the desktop app. This raises the question: how can Copy possibly make money, when they offer x10 the amount of space that Dropbox does?

Moore’s law (again)

Dropbox has had a positive gross margin already since 2010, with its free 2Gb option. With a conversion rate of about 2.5% [1], in mid 2010 Dropbox would spend about 11 cents per month per free user (who used on average only one fifth of her 2Gb), and about $3.18 per month per paying user [2]. Dropbox only needed to charge the paying user $7.5 per month, or about $90 per year to make sure it breaks even with its storage costs. Instead Dropbox managed to charge an average of about $120 per year, across its different plans, for a comfortable gross profit.

Dropbox today is very expensive. It can afford to be expensive because of all the first mover advantages that it enjoys.

What does this mean for a Dropbox competitor today? Well, storage costs have been declining rapidly. Enterprise-grade storage declines at about 26% per year since 2005 [3]. Consumer grade storage costs have been declining even faster (thanks again Amazon for Glacier!), as have bandwidth costs.
This means that a Dropbox competitor, like Copy, can probably break even in 2014 by offering 10Gb for free. With its free 20Gb offer, Copy is instead probably looking to break-even in about 2016. Not being a cash-starved start-up certainly helps…

These calculations also mean something else: Dropbox today is very expensive. It can afford to be expensive because of all the first mover advantages that it enjoys (brand recognition, network effects through shared folders, ubiquitous presence in mobile apps, etc.), but it cannot continue with its tiny 2Gb free plan for much longer…

  1. “Dropbox: Files Without Borders” Forbes, June 28 2010 (V. Barret)  ↩
  2. “Dropbox: ‘It just works’” Harvard Business School case study (Eisenmann, Pao, Barley)  ↩
  3. Carbonite S–1 Statement 2011  ↩

A beautiful infographic on cyber-crime

I am increasingly concerned with the possibility that the SHA1 algorithm, that is at the heart of e-commerce, may be on the verge of succumbing to the relentless march of Moore’s Law.

A very convincing calculation by Jesse Walker (shown in Bruce Schneier’s blog), estimates the cost of a single collision attack to fall bellow $200,000 by 2018, and below $50,000 by 2021. This simply means that a determined hacker with a strong financial motive will soon be able to launch a successful attack on 99% of all organizations that engage in online commerce.

Continue reading

Best way to monetize Instagram: “Don’t”

I just read Wharton Professor Pinar Yildirim’s article on how Facebook can potentially monetize Instagram without alienating its user base (too much).


Prof. Yildririm makes sense. He basically says that major options for Facebook include:

  • a subscription-line service (think Dropbox or Flickr) where photo album space is only free up to a point
  • advertising, including location-based or contextual ads
  • selling users’ content, but with explicit user consent and by sharing the revenue with them

I think there is a fourth option that makes more sense for Facebook: don’t monetize Instagram.

I think Facebook is already walking on thin ice with many of its users. Adverting on the website and on its mobile apps is becoming increasingly noticeable and intrusive. The company is approaching what much of its user base is willing to take. Not monetizing Instagram would move that line a bit further away.

Facebook should consider Instagram as a billion dollar product feature that makes its core product that much more attractive to users, and restores some of the users’ goodwill that the company has squandered. Not monetizing Instagram is actually the best way to monetize it.

Favorite monospaced fonts with Greek support

I’ve been using Sublime Text as my main text editor for a couple of months now and I’m thoroughly impressed with it. For those of you who are curious about its power (which does not come cheap…), I found this set of tutorials very helpful.

TeX Gyre Cursor

For a beautiful writing experience, whether you use markdown or not, I strongly recommend the Markdownediting package, which is designed to look like the beautiful and minimalistic iA-writer application for Mac.

I spent some time choosing a good looking (and free) mono-space font that also includes support for Greek (if the font does not include Greek glyphs, the substitute font’s letters will not line up; this of course defeats the purpose of using mono-space in the first place).

After spending more time on this than I’d like to admit, I narrowed things down to the following set of fonts. All are basically free but do read their copyright notices.

Unfortunately, the best looking font which includes Greek glyphs does not include punctuated Greek vowels: TeX Gyre Cursor

Of course, you can always buy the full version of nitti font used in iA-writer…

In any case, this screenshot shows how the whole thing looks like (with TeX Gyre Cursor font)

Technology trends for startups and ‘startup-minded’ organizations

I posted as a guest blogger at the Hellas Direct blog. I am excited about what this talented team is up to and I’m looking forward to writing about them as a success story.

In the first part of the post I commented on borderless software development. Coming up in the second part, the “outsourcing of prediction algorithms”  and the “platformication of products”.

More at the Hellas Direct blog


Using to build small business websites

While WordPress is a hugely popular blogging platform, it is entirely possible to use it in order to create small business websites. Those who do not know or care to learn HTML, but who still want to go beyond basic text editing, can use in conjunction with Windows Live Writer to create multicolumn tables, galleries, etc.

If you do decide to go this way, I’ve written a brief WordPress guide for my students in PBA333 that you might find useful. The original Greek version can be found as: Οδηγός The English version translated by by Manolis Diakourakis (thanks so much Manolis!) can be found in guide.

Here’s also some free advice: less is more, don’t try to go way beyond the typography and overall format that the theme designer is providing – these people are professionals and their livelihood depends on having a good taste.

Joomla may be more focused towards ecommerce, with it’s product categories and shopping cart infrastructure, and can build some solid landing pages, but WordPress is definitely an option to consider.

linkedin hacked


so you know that linkedin was hacked and millions of passwords exposed. If you use your linkedin username-password combination anywhere else, go and change it everywhere. provides you with the info on whether your password was exposed (you type in your password and it checks – does not require username), BUT, do not trust or anyone who tells you that your password was not obtained by hackers. We only know that these people posted ~6millions of passes but you have to assume that they have all of them.

a good long term solution that is free and highly recommended is Their add-on works great in all browsers and mobiles, is free, and anytime one of your passes is exposed you only change that one pass.

by the way, what kind of tech-savvy firm keeps the password hashes unsalted in the webserver? Seriously?

Cloud computing and the new breed of start-ups

[This is based on a recent presentation I gave. You can grab the presentations slides here.]

Cloud computing offers well documented benefits to firms, governments and, though indirect and induced effects, to the entire economy. However, for start-ups, cloud computing is not just a welcome boost to the bottom line, it is what can make the difference between spectacular success and oblivion.

There has emerged today a new breed of start-ups that employ cloud based collaboration, cloud based delivery of services and cloud based product development. Their founders embrace the cloud to run a nimble, lightning fast, and borderless company.

How do these firms embrace the cloud? A good example is Recruitment Genius, the London-based start-up that allows employers to fill job openings with rock-bottom prices. The front page of their website boasts filling 40 jobs for the retail chain Tesco, for less than £200. Recruitment Genius manages to stay profitable at these prices, only by having a highly automated (frictionless – according to zdnet) process that covers everything from the initial job post by the employer, to the display in selected job boards, to the collection and filtering of promising CVs, and finally to the delivery of the top leads to the employer. How does Recruitment Genius does it?

Continue reading

Risks of outsourcing: poaching

In our discussion on the hidden costs and risks of outsourcing, we discussed «poaching» (a term coined by Eric Clemons of the Wharton School) as a potential problem for firms. Poaching occurs when the outsourcer takes advantaged of privileged information for its own gain, at the detriment of the firm.

The example that I discussed in some length was of my consulting client (major Greek bank) suspecting that 3rd party call centers routinely poach sensitive customer information from financial institutions (banks, insurers, etc.) and sell it to competitors (or worse!). The suspicion is that customer info poaching is done by rogue employees, without knowledge by the outsourcer. My client used to take extreme measures to protect itself from such problems, such as insisting on using its own personnel on the floor and control room of the call center, for outbound calls.

Another good example of poaching accusations concerns the actions of iYogi, a customer support company that was managing live customer support for Avast, the anti-virus maker. According to Brian Krebs’ blog, Avast asserts that iYogi was using the live customer support calls to push for expensive support packages, by convincing Avast users that they had problems that they did not have.

In any case, poaching is a real problem that is expensive to monitor and even more expensive when the threat materializes…

Pic by barracuadz, Flickr (cc license)

My worries about the security of the Greek Railways reservation system.

Those of us who have waited for hours in line in Sina Road in Athens to buy a railroad ticket to Thessaloniki, the introduction by OSE (ΟΣΕ- Hellenic Railways Organization S.A. and its subsidiary Trainose) of an online reservation system last year must have seemed like too good to be true, coming from an organization who is single-handedly responsible for a sizeable portion of Greece’s debt and still owes about 8 billion Euros to the Greek state (link to company’s unofficial blog in Greek).

Continue reading