The Dangers Of Hitching Your Wagon To Some Else's Horse

The Dangers Of Hitching Your Wagon To Some Else's Horse
Photo by Stephen Hui / Unsplash

Back in the day, I was a pretty avid Google Reader user. For those of you too young to remember it, Google Reader was a very cool thing: it was an RSS reader, but it was also a social reader because people could follow you and see what kind of marvelous things you shared. I miss it very much. The reasons behind Google Reader's demise more than 10 years ago were simple: it cost more than $0 to maintain and it was hard to monetize. A combination that a monopoly does not like, really.

On top of that, other social networks were gaining traction, and Google wanted in on that action. As it is usually the case, things that are good for the people are bad for the profit-seeking enterprise. Shutting down Google Reader had the, let's say, interesting side effect of causing some difficulties to savvy entrepreneurs that had hitched their wagons to Google's horse. Third-party Google Reader front-ends like Feedly and Reeder had to pivot quickly, while things like FeedDemon and Pulp shut down completely.

Google Reader Interface
Google Reader interface circa 2007/https://www.flickr.com/photos/helloooo/

Reddit and Twitter changing the terms of service for their APIs killed a bunch of third-party front-end apps, too. Twitterrific, Apollo, Tweetbot, Reddit Is Fun, and others died because, well, we can't have nice things. It didn't matter that you've paid for those apps. Wagons were hitched to horses you did not own, and those horses are more profitable elsewhere.

There are also the cases where a fake "disruption" is behind certain disappearances. Take Uber, for example: it was all nice and good and oh, what a great thing!, back when the rides were being subsidized, the cars were nice and clean, and service was good with mints and little bottles of water. Now the rides are more expensive than they were when you used taxis, any car that moves can be a ride share car, and you have the bonus of not having the faintest idea about how much you'll pay on any given moment because the real innovation here is dynamic pricing.

It didn't "disrupt" anything. It merely replaced the incumbents and shifted the profits. Rides today are just as expensive as they used to be, the cars are trash, wait times when demand is high are just like the old times, and you have no idea if today's ride is going to cost the same as yesterday's. The car reeking of weed is free, though.

How does that relate to our subject matter here? Well, if you like having a way out when things take a turn for the worse, you don't hitch your wagon to someone else's horse. More importantly, you don't hitch your wagon to the wagon someone else hitched to someone else's horse. Especially when you have no leverage.

Do you have a plan for the non-zero chance that AWS will double the amount of money they charge your company for, uh.. let's see here, everything? It might have nothing to do with anything at all. One fine morning some shareholders might throw a collective tantrum and demand price hikes because they want more money. Or maybe the new owner of a product you've been using since forever is just greedy. Unlikely, but not unheard of (cough VMWARE cough). The smart thing to do would be to have an exit strategy regardless. This question should be in everyone's business continuity playbooks:

Can we survive an infrastructure price hike of 10%? 25? 50???

And that's the easy question to ask. However unlikely that scenario might be, it's not outside the realm of possibility. And you can argue that this is true for anything you pay for that's not price controlled. That's you attaching your wagon to someone else's horse. Call it a first-party risk, plan accordingly, and move on. The more insidious situations are not so trivial, though.

Imagine a situation where your Chief Whatever Officer decides to burn millions of dollars on some miraculous tool that leverages OpenAI's LLM models. Salespeople told them that this incredible feat of technology is able to, I don't know, sift through your logs, parse network traffic, query OSINT and threat intel sources, and do something with this information. It's automating your SOC! For a fraction of the price! Sounds good to me. Sign me up, and I'll gladly perform the layoffs myself.

Fast forward to the moment everyone realizes that OpenAI's current business model is not sustainable and their investors got antsy. SOC-In-A-Box now has to pay five times more money for the same million tokens or find another horse. Other horses, if they exist, are charging the same. To stay profitable, SOC-In-A-Box must raise prices, too.

Can we survive an infrastructure price hike of 100%? 250? 500???

The price per million tokens right now is subsidized much like the Uber rides of yore. Much like Uber, OpenAI is burning money with no path to profitability that doesn't involve massive price hikes. Remember that $5 ride? It's $50 now, thank you very much. What are you going to do? Pay $49 to Lyft? Hail a cab? They ran those out of town, buddy!

You have the sudden realization that "a valuation of one trillion dollars" is not the flex people think it is. It only means "this company will have to find a way to make at least a trillion dollars +$1 in profits just to give some return to the people who invested in it, and these people are very serious about returns of investment." and OpenAI is nowhere near that. Your individual contributor ass that didn't get a say on the purchase of SOC-In-A-Box now has to worry about ways to keep the show going when your employer can no longer afford it, so you go back to your playbooks and start to think about ways to bounce back from "we no longer can afford blue team activities." Or worry about ways to put food on the table because you were laid off as a money-saving initiative by the new Chief Whatever Officer who came onboard after the previous one who caused this whole mess left to join another victim company.

Do you have a business continuity plan against late-stage capitalism? No? Better get on that, then. Some disruptions don't come from threat actors.