The Market Ticker
Commentary on The Capital Markets- Category [Small Business]
Logging in or registering will improve your experience here
Main Navigation
MUST-READ Selection(s):
There Can Be NO Compromise On Data

Display list of topics

Sarah's Resources You Should See
Sarah's Blog Buy Sarah's Pictures
Full-Text Search & Archives
Legal Disclaimer

The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions.


The author may have a position in any company or security mentioned herein. Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are your sole responsibility.

Market charts, when present, used with permission of TD Ameritrade/ThinkOrSwim Inc. Neither TD Ameritrade or ThinkOrSwim have reviewed, approved or disapproved any content herein.

The Market Ticker content may be sent unmodified to lawmakers via print or electronic means or excerpted online for non-commercial purposes provided full attribution is given and the original article source is linked to. Please contact Karl Denninger for reprint permission in other media, to republish full articles, or for any commercial use (which includes any site where advertising is displayed.)

Submissions or tips on matters of economic or political interest may be sent "over the transom" to The Editor at any time. To be considered for publication your submission must include full and correct contact information and be related to an economic or political matter of the day. All submissions become the property of The Market Ticker.

Considering sending spam? Read this first.

2017-12-13 12:35 by Karl Denninger
in Small Business , 178 references
[Comments enabled]  

Sorry, but no.

Dec 13 11:30:25 HD-MCP HD-MCP[46870]: SSL Handshake failed at protocol level on []
Dec 13 11:30:25 HD-MCP HD-MCP[46870]: SSL ACCEPT Error [http request] on []
Dec 13 11:30:57 HD-MCP last message repeated 40 times

Nice try *******.

No, you can't break into my HomeDaemon-MCP server.

No, you can't break into my home control system.

No, it doesn't have a cloud connection, no, it won't talk to you without signing in, and no, you can't get in without first negotiating HTTPS either.

And no, attempting to hammer it won't******it off.

Psst.... the codebase continues to improve and the opportunity is still there, if someone wants it.

View this entry with comments (opens new window)

Bet against my view on "Make America Great Again".

And have about a million and a half to put on the table in support of your belief.

For what?


So let's say you spent the $1.5m and acquire everything.

Here's a hypothetical way of looking at the opportunity.

There are roughly 80 million single-family, detached homes in the US. (I'll ignore condos, mobile homes and townhouses, although some of the first and last are potential customers as well.)

We'll also assume you can appeal to just 0.1% of those single-family homes.  That's a tiny penetration.

But it would amount to 80,000 installations.

The hardware cost to install is under $100 for a minimal install (that's the power that comes from running on a $35 hardware base!) and under $500 for a typical install including sensors and control points (e.g. switches, etc.)

We'll assume you sell the base hardware and software alone for a one-time price of $350, and 50% of your installs go that way (homeowner does the rest on his or her own.)  That's $10m in gross profit.

The real money is in the annuity stream and installed systems.  We'll assume those have a minimum install of $1,500 billed out, of which $500 is your fixed cost.  That fixed cost includes $100 for the controller and $400 for a mix of motion sensors and controlled points.  Install time is 3 hours @ $60 each for skilled labor, or $180.  That's $820 across 40,000 installs, or $32.8 million.  We're now to $42.8 million in gross profit.

Now assume you use the certificate system built into the software and slightly extend it (yes, I can do that on a contract basis, or you can if you have a competent programmer on staff, since the framework is already in the code) to add an annuity-style revenue stream for maintenance, updates and offer an option to the customer for same.  We'll assume you charge $20/month for this and half your 40,000 install-it-for-me customers go for it.

That's another $4.8 million a year in revenue and the effort to issue the certs is about 1 minute each per year.  You can automate that, of course, but there will be expense in doing so.  Of course the actual time spent servicing said customer is variable (and you'd have to take a guess on that), but over 3 years that gets you to $57.2 million.

We haven't yet included what you can make off the "higher end" installations (the million dollar+ homes and condos) where the owner wants not 10 control points but 30, and is willing to pay for it.  He gets convenience, security (e.g. access to his IP cameras and triggering points from them), no cloud required so Google, Amazon and others do not have access to the inside of his home, everand you get to sell that -- it's private, it's his or hers, and it's accessible and controllable from anywhere in the world via said secure infrastructure that has no access for anyone other than him -- including you!

Let's assume that of the 40,000 "you install" locations 10% of them are truly high-end homes (remember, we started with 0.1% penetration into the market and now we're at 10% of 50% of those) are not $1,500 installations, they're $3,000+ installations and your gross margin on those is 50% -- which is easily achievable.  That's another $6 million in gross profit; we are now at $63.2 million.

Is this a reasonable projection over three years time?  It's in the game.  No, it's not "riskless" by any means, but on an adjusted risk:reward basis it looks pretty damn good.  In fact, it's not all that far off what I accomplished with MCSNet in terms of return-on-invested capital.  The real return is always on sweat equity as that gives you much more control for the risk you take, but you have to have something that affords you enough operating margin to make it worth it.

Of course there's SG&A to be accounted for.  How good of a businessperson are you?  Cost control is a big part of the game in any business but any line of work is a hell of a lot easier to succeed at when you start with a nice fat margin on the goods and services you sell up front.

This is a 40%+ gross margin business, in short, as I analyze it, and in areas where you have existing people I bet you can sell to vastly more than 0.1% of the households.  Certainly in many metro areas far more than 0.1% are in the $300,000+ price category where a system like this is a tiny percentage of the home's price yet the value delivered in convenience, energy saving and security dramatically outweigh the tiny uptick in cost generated by including or adding it.

So if you're "MAGA" or just believe my view on monopolists, the rule of law and such is horribly pessimistic and wrong, and in addition have the cash to put on the table to back your position with a big fat check then come do so.  Show me that my pessimism is unwarranted the best way anyone ever can -- by making a bunch of money that I am intentionally leaving on the table, handing to me just one fortieth of what I could have had.  We'll drink a beer together when you prove my view on the business environment in the US to be unreasonably pessimistic and you'll laugh as you motor away from the pier on your new yacht.

Of course the above is all "back-of-the-envelope" speculation but that's how a decent functional business plan starts being developed.  It's how MCSNet was developed originally, but before it was actually executed on I fleshed it out and actually wrote a full five-year business plan with pro-forma financials.

The difference between doing something like this and the Ponzi scheme nonsense peddled by many on Wall Street such as belief in 30% growth figures into the indefinite future when you already have half the nation on your service (cough-amazon-netflix-facesucker-cough-cough!) this sort of back-of-the-envelope pencil-out assumes 0.1% penetration into potential buyers.

What happens if you can get 2% penetration?  You make well north of a billion, and then you really laugh at me.

So if you're both "accredited" (you almost-certainly are if you have the capital) and this makes you salivate look right, click and email me.  We'll talk.

When I started MCSNet my view on business changed. I don't consider a 10% gross margin to be attractive at all.  IMHO if you can't get into the 30s it's not worth it on a risk-adjusted basis, and the target is 40%.  IMHO this, while certainly not "buy it and sit" like speculating in something like Bitfraud, fits that category -- but since success is of course directly related to both your analysis (rather than mine) and how you execute (rather than how I execute) this is all hypothetical, but if that 0.1% penetration can be turned into 0.5%, well...... you do the math.

View this entry with comments (opens new window)

2017-11-20 16:27 by Karl Denninger
in Small Business , 155 references
[Comments enabled]  

For a bit of background see this article, or check out the page at

The software now has had added to it a quite-complete Amcrest IP camera interface.  It is capable of triggering events on any of:

  • Motion
  • Audio (either "any" or "above threshold")
  • SD card removed (if you have one in the unit)
  • Dry contact (these cameras have a user-selectable normally closed or open input on the back; quite useful for things like a door or window switch, for example.
  • Attempted hacking (e.g. repeated authentication failures)

These capabilities should be functional against any "modern" Amcrest IP camera with reasonably-recent firmware.

In addition at any time (not just on the triggering of these events, but any event HomeDaemon recognizes) each camera can be instructed to take a snapshot with optional motion to a pre-set point occurring first.  The snapshot can be taken as a "regular" (subject to roll-off) or "protected" (in a folder not subject to roll-off) image.  The software has configurable limits for the maximum number of snapshots to keep and the minimum file space that must be available on whatever device is used for same, and it will manage space as required to remain within those limits.

The snapshot and "grab" functions are all implemented over "https" (and require it) since the provision of a username and password to the camera is required and while the cameras supports "digest" authentication (better than "Basic", which Amcrest recently removed -- thank God!) MD5 digests are not particularly secure.  It is strongly recommended that the storage volume for retrieved snapshots not be on the system boot device (e.g. a plugged-in USB stick is appropriate) to prevent the possibility of trouble with that device causing problems for the running system.  Once stored having a timed job or listener transfer images as you wish to an offsite location is a matter of trivial implementation since there is a full FreeBSD operating system running under the HomeDaemon-MCP code and the files stored are standard .JPGs with names based on the camera name, date and time.

Finally, all of this, like the rest of HomeDaemon MCP's operational capabilities, takes place under a high-performance multi-threaded implementation so as to be able to transact against multiple cameras at once.

Since the system includes certificate-based authentication already building in rights management (either on a subscription or purchase basis) would be quite easy to suit whatever business model you may have in mind.

Come check out the description and more info -- this code is for sale, all-rights and in source (written entirely in "C"), should you be looking to either establish to expand a home control firm with a security-related focus.  Click on the contact links on the right sidebar to get ahold of me -- and thanks!

View this entry with comments (opens new window)

2017-11-16 15:03 by Karl Denninger
in Small Business , 61 references
[Comments enabled]  

HomeDaemon-MCP has now had added to it's bag of tricks an interface to Amcrest IP cameras.

It can now "sense" motion or other events (as defined on the camera) and trigger events on HomeDaemon.  Among other things Amcrest is nice enough to expose a simple HTTP-based API that allows you to move the camera to a given preset and take pictures.

This makes trivial interfacing and extending HomeDaemon's existing capabilities in providing an "alarm" service to include taking of pictures, using the camera's motion sense capabilities as a "trip" and, of course, securely copying them to your private file storage on or off your local network.

This functionality should work with all Amcrest camera devices on the market of reasonably-recent vintage and firmware. I have verified that it is fully functional with both the 1080p (one revision back) and 2k (current) models.

There is no longer a need to trust anyone else with said images other than yourself, ever.  It is trivial to, for example, have the system take images on a timed basis and upload them somewhere, whether that "basis" is predicated on an event (e.g. motion detected somewhere, not necessarily in the immediate area of the camera), to take a picture once a day of your pool water level and email it to you (nice if you are worried about evaporation being a problem so you can ask the neighbor to come turn the hose on for a couple of hours, etc) and more.

See here for more information.

View this entry with comments (opens new window)

I've talked about HomeDaemon-MCP before.

It's still here, of course, but has continued to be refined and developed.

The current version is 3.0.0 and runs the place.  What's distinct about it compared against other choices?

First and foremost, it has no "central site" requirement at all.

In other words nobody but the owner has access to it and what it controls and monitors.  It uses SSL certificates both to secure your login (via a simple https interface) and to control slave connections between units (of which it can support an effective infinite number of.)  It will talk seamlessly to Zwave devices (including secure ones using AES encryption) and, for those who insist or have legacy devices, X10.

The certificate-based security model means it's trivial to set it up either a "buy it once, get a certificate good for what amounts to lifetime service" or a "buy a certificate good for a year" sort of model (e.g. subscriptions) on the retail side.

In the present political environment I have no interest in retailing it or developing the business structure to either put forward a distribution model or a retail sales model.

But you might.

Oh, and there's a provisional patent related to it that I will file (obviously before I tell anyone what that is or how it works) and it will go with the code, if someone buys it from me.

Yes, this is a "one check" sort of deal, but as you can imagine it might be a fairly large check.

If there's interest use the links on the right to email me and I'll get back to you promptly.

This is what the "monitor" page looks like on my cellphone:

And this is what's running all of that except for the pool gear (it'll run on essentially any system that can run FreeBSD; the Pi happens to be nice and cheap!)

The pool gear has another Pi with a handful of inexpensive ADC (commodity "adafruit" modules for analog sense and relay) ports to switch the valves, pump VFD and spa heater, enclosed in an inexpensive outdoor-gasketed sprinkler-controller enclosure.  It connects over a machine-certificate secured SSL link via WiFi, appearing as a seamless part of the whole.

No more spying, no Alexa, and if you're wondering how stable it is here's your answer -- the last downtime was due to me voluntarily turning the power off to do some work on the rack underneath it..

HD-MCP Controller
Private System; unauthorized access is punishable by law.

$ uptime
2:57PM up 144 days, 17:16, 1 users, load averages: 0.19, 0.18, 0.13

View this entry with comments (opens new window)