Sony, DNC, Celebgate, our daily headline is dominated by hackers exploiting yet another round of victims. The media never shy away from analyzing and publishing stolen information: some argue that hackers (both individuals and institutions) bring transparency to corrupt political organizations, greedy multi-national corporations and questionable celebrities. What they fail to admit is the fact that while leaked information destroys shareholder value and personal privacy, it satisfies people's "curiosity" and drives site traffic and media ratings up. Without getting into the debate of whether it does more good or bad to the society, I believe hacking is often ill-intentioned (KGB, WikiLeaks) and creates consequences that are too big and does collateral damage to too many innocent people, and I think today's email infrastructure is to blame.

Let's go back in history to the age of paper mail. When someone intercepts a package, they gain one piece of information. Today, a simple Gmail password reset phishing scheme easily exposes tens of thousands of emails in one account. It's almost laughable to compare the magnitude of damage/reward and the amount of effort required. We rely on the vigilance of every email user to distinguish phishing email and once one user fell for the trap, almost the entire domain is fallen. What if a new email infrastructure can fix this?

1. Gaining one password should not allow access to 10,000 emails. When someone logs into an email account, he/she should ONLY be able to see unread emails and today's emails.
2. To search or browse for older ones, two-factor login is required.
3. After every certain number of search queries (e.g. 10 scrolls), another two-factor login is required.
4. To download the entire email catalog, the strictest level of security is required. We can throw in fingerprint recognition, facial recognition, Iris recognition, password questions or all of the above.

This proposal is simple: we strike a balance between security and convenience. By separating client use cases with usage frequency (unread, search and download all), we can largely increase security without losing too much time. It's going to be a hard sell to individual users but I can see larger organizations adopting it.

Would you promote email infrastructure like this in your organization? If anyone wants to launch a startup with this idea, let me know!

• Originally published: https://www.linkedin.com/pulse/todays-email-infrastructure-fundamentally-flawed-maxwell-zhou

I've recently learned from Chao Qin about an analogy that compares Software Engineering to DotA.  It sounded outlandish at first, but upon closer examination, these two activities shared striking similarities and I'll try jot them down. (For those of you who's never heard of DotA, this article is probably very hard to understand. In short, DotA is a Role-Playing Game (RPG) where players of two opposite teams farm gold and level up, eventually try and destroy the opponent's base. )

1. Farming (DotA) = Tasking (Software Engineering). DotA players will try compete for last hits on endless lane creeps in order to gain gold and experience. They occasionally take on jungle creeps to collect bigger rewards. Software engineers finish small tasks streaming in everyday to gain experience and earn salary, while occasionally take on side projects or participate in "Hackathons". 

2. Change lane (DotA) = Switch team (Software Engineering). DotA players might find it helpful to move to another lane in order to farm quicker and safer, while software engineers might have an urge for switching to another team. 

3. Level up (DotA) = Promotion (Software Engineering). DotA heroes level up by cumulating experience. Software engineers become more and more proficient until getting promoted to the next level. 

4. Pushing (DotA) = Big Rock Project (Software Engineering). In DotA, each team's main objective is to snipe enemy heroes, clear enemy creep waves and eventually take down enemy buildings. When an enemy tower goes down, every player on the team is rewarded with the one last-hitting getting the lion share. Similarly, finishing a Big Rock project in the software engineering world is what keeps the team moving forward. If the project is successful, the whole team will receive the credit while the engineer leading the project normally gets the most applause. 

5. Team Lead (Dota) = Engineering Manager (Software Engineering). Whether it's during pushing, ganking or team fights, a DotA team requires a lead player to actively provide guidance and issue orders while fighting within the team. In a tech company, engineering managers are responsible for supervising engineers, overseeing product development and "code 30% of the time" (Eliot Horowitz, founder of MongoDB).

Do you agree with my list? What analogy do you have for your line of work?

Originally published: https://www.linkedin.com/pulse/software-engineering-game-dota-maxwell-zhou

I always assumed companies should focus on creating the most desirable product or service at the most competitive price point, and customers will buy what they want the most, but it's often not the case. 

Want ≠ Buy

Here are two main areas that are also critical apart from the traditional 4Ps (product, price, place, promotion).

1. How the customers want to buy.

Most entrepreneurs naturally start from how they want to sell. However, by doing that they often overlook their customer's search process in finding the product/service (PR, marketing, social media, referral etc.), and the most desired payment model, such as lease, purchase or subscription.

For example, I loved the Mercedes SLK but ended up leasing a BMW, because they provided a 2-year lease option and included a very comprehensive maintenance program for free. Payment model dominated this decision.

"Align your business model to how your customers want to buy; integrate the customer buying process into your support operation" (Martin Zwilling on Forbes)

2. What are the customers' concerns.

When I first saw Oculus Rift's video, I was amazed and totally wanted one regardless of the price. But I didn't end up pledge for their campaign because it just didn't "seem fit". I wasn't sure what games will be supported and which console is required. I didn't know about the company's reputation and their execution capability (even Google failed to build a Google Glass developer community). Customers want "end-to-end solutions", which may require product/services from more than one vendor. 

The other example is Alfa Romeo's 4C Coupe, which is an awesome car by many reviewers and sells on the same price range to Mercedes, BMW and Porsche's entry level sports coupe. However, being the new kid on the block, customers are naturally concerned about the reliability, maintenance cost and safety. Before getting these potential concerns out of the way, Alfa Romeo's sales number will remain at double digits per month in the U.S., even after sizable marketing spendings. 

In a startup's world, these two issues might drive the business from being product-centric to being more and more customer-centric. The good-o single tagline marketing approach (think "It's toasted" in Mad Men) might appear too naive and not efficient enough. Data-driven business models are sometimes required to make sure product/services are created the way customers want to buy and eliminate customers' concerns before hitting the "Pay" button. 

Originally published: https://www.linkedin.com/pulse/customers-might-buy-what-want-maxwell-zhou

The value prop for LinkedIn China team would be drastically different because we’re promoting a new platform and should really focus on user growth while fueling engagement. I’ve thought about a couple things that we could do to help LinkedIn become successful in China. I’ll be focusing on mobile part.

1. Connectivity

a) US-China connection issue. We want to ensure that our Chinese users can enjoy the same level of mobile experience. However, internet connection between US and China is slow and not stable. Flagship in China sometimes takes a long time to connect or simply resolves 404. Therefore we should do two things: 

• Better local CDN support (a local version of licdn or other supplier)
• Separate Data Center (maybe costly to maintain but should be considered in the long run)

b) Wi-Fi vs Cellular. Chinese users normally have a relatively small and slow data plan avoids to browse long form information on GPRS/3G/4G connection. In the forseeable future, Wi-Fi would still be the dominating choice for most users. We could customize our app to:

• Cache more content (load more while under Wi-Fi)
• Offline rich-media posting, Offline posting/accepting connection requests
• Show small/compressed images while under Cellular
• Alert when switched to Cellular connection

2. Integration

a) Inbound. One of the main difference between US and Chinese users are the way they login to mobile apps. Chinese users like to login through integrated accounts or other forms (phone number, short user name). To simplify new user sign up and return user login in, we could provide:

• Register/Login through WeChat, Weibo, Baidu, Sina and etc.
• Register/Login with phone number. We could do SMS verification 

b) Outbound. One way to make our app more popular is through outbound sharing to other popular local platforms. LinkedIn has a high value user base and recently released the publishing platform to China. We could leverage these valuable content and let them become advocate for LinkedIn on other social medium.

• Enable sharing LinkedIn/SlideShare/Pulse content to WeChat, Weibo and etc. organically. 
• Create a pay wall to enforce new user registration 

c) Growth hacking. We can take advantage of LinkedIn’s current ABI flow and customize it to tailor local needs. Eventually we’ll go into the stage of organic growth. 

• Network Invitations. (phone contacts, email contacts via Tencent QQ mail 126 and foxmail, social contacts including local social networks syncing)
• API integration ("You friend xxx just joined LinkedIn"; think Nike+ API integration with Path and Facebook)
• Incentives. Promo premium trial or other form to encourage user to invite their friends (think Dropbox)

3. User Habit

a) Messaging > Email. Chinese users are huge messaging fans and don’t check email as often. Another main area that LinkedIn China can customize on is messaging. Voyager is building a messaging part under Nash. We could leverage that and provide some customization. The most important part would be providing a local server to enable quick delivery and instant notification. 

b) Local customer service. This is not technical but I’ve thought about it. We should learn from Evernote’s experience entering China and provide quick and responsive official WeChat/Weibo accounts for customer service. Right now LinkedIn China’s WeChat account is focused on marketing the brand, but we could add in more information to evangelize our product.

c) QR and proximity. QR is huge in China. Our China Engineering team added QR for WeChat on LinkedIn profile page. It would be easy to add features such as QR for connection and QR for following. Proximity is being introduced in Voyager by Jacek Suliga on Relationships iOS, and we could leverage that to emphasis on new user invite instead of nurturing existing network.

d) Language support. We need to enable flawless experience for Mandarin users especially during searching and managing profile. Mobile client could provide easy switch between multiple language profiles and also enable unified name search (Chinese/English name mapping).

Here are my thoughts. LinkedIn users not looking for a job can be very inactive due to the website’s brand in Western world. However, LinkedIn China is a brand new product to most Chinese users and therefore we could double down on the Social Network side of things. Engagement for LinkedIn flagship globally (Voyager stack): 

<Screen Shot 2015-05-05 at 9.56.10 PM.png>

We want to make LinkedIn China users engage more on a daily basis, and regard our product as a Social Network instead of a job search tool. 

Most China users are novice users who only have very little connections (0 - 5). Right now flagship feed for novice users mainly consists of PYMK and WVMP, which are not the most useful. LinkedIn China has released 领英洞察 (localized Pulse with 3 articles a day, 40 “Influencers"), a good thing to have but very limited.

People spend time on a social network because of good content. Good organic UGC gets published through the viral loop.

Looking at the viral loop: 

<viral loop.png>

Many China users are stuck at the first step: Nothing to “See”. Therefore, the priority right now is to present more quality content to new users. We need to create some customized features.

1. Polls. LinkedIn pulled the plug on Polls last year and eventually removed Polls in Groups, in order to focus on other features targeting competent users. We could bring this feature back to China since people love to engage through it. Some legacy code may also be leveraged.

2. Trending local posts. Since most shares are intended for “everyone”, we would identify based on city and industry to show a section of trending posts (text, article, rich-media) to novice users, even if they’re not following the sharer.

3. Localized follow (people/company/channel). We need to make sure content is delivered under user’s language preference. At the same time, rally a group of quality publishers (invitational seed publishers). 

4. Events. Event or conference page. LinkedIn China can not have groups feature due to political agreements, but we can definitely make event pages a big hit. 

5. QR and Proximity. I’ve already elaborated from the previous email.

6. Industry news and influencer insight. This can be a separate module that gets promoted in the new mobile app.

Eventually when we have a more mature and engaged user base, The hook canvas would come into play to fuel engagement even further. 

<hookCanvas.png>

1. Education

a) Major. One thing different between US and China's education system is that college major is decided before freshman year in China. There will be a number of students willing to change career upon graduation. LinkedIn China can build a feature around college major, including major choice tips for high school students, major related information and discussions, as well as transitioning in and out from a major. LinkedIn has all the information to provide these guidance and highEd team can provide support. This section might also attract parents.

b) Alumni Class. The landscape for Alumni groups are very different in China, it’s more closed and intimate and people tend to only hangout with others from the same class or plus and minus one year. We can leverage class year information on LinkedIn to create Alumni Class pages and bring together people from same university class. 

2. Knowledge Hub

Besides Wikipedia and Baidu Baike, Zhihu is incredibly popular on the knowledge sharing market in China. However, Baidu Baike’s information is mostly non-practical and Zhihu’s information is very scattered and hard to aggregate. LinkedIn has an edge on providing a Wiki-like tool to serve professional, practical, aggregated knowledge. For example, we can have a section called UI Design and users can create entries such as “top UI Design textbooks”. This Knowledge Hub would use "anyone can edit” model and it can become an incredible knowledge sharing central.

3. Workplace killer app. As you mentioned LinkedIn at Work, I’ve talked to Michael Olivier and Ankit Gupta about their ideas on LED, and they really wanted to create a killer app that focuses on one thing, namely employee directory. Messaging was purposely left as a lesser priority, so they just went with the existing inbox infrastructure plus a newer skin. I think we have the opportunity to make another workplace killer app that’s tailored to Chinese companies. Office messaging app like Slack, enterprise collaboration app like Google docs can be huge for LinkedIn, but very costly to build.