Big Trapeze

On the 10th or 11th of August, a portion of Facebook’s PHP code was accidentally leaked. Facebook made an comment on a blog reporting the story that pointed to a problem with mod_php displaying their index page as plain-text.

“Some of Facebook’s source code was exposed to a small number of users due to a bug on a single server that was misconfigured and then fixed immediately. It was not a security breach and did not compromise user data in any way. The reprinting of this code violates several laws and we ask that people not distribute it further.�

As a developer, I have two equal but opposite thoughts. 1. I would hate for my code to leak and give away any hints as to the security or well-being of my sites. But, 2., since I develop alone, it’s always great for me to see how other developers go about writing code and developing their sites.

I have seen the code, and there’s nothing earth-shattering in there that should give the guys at Facebook much to worry about. They may have to change some directory structures, but the code uses so many includes and external functions that it’ll be very difficult for anyone to do anything too nefarious with it. Since I wouldn’t want people passing my code around, I’m not linking directly to it here. You can find it pretty easily without my help anyway.

Nik Cubrilovic has some good methods on trying to fix these kind of leaks, and I’ll be implementing them ASAP on my servers.

Well, it’s been a while since I last gave a glimpse behind the scenes of my new startup. My plans are to launch June 1st, and things are finally coming together. The site itself is nearly ready for launch, I have a few things I’d like to tweak, and a few browser-compatibility issues to deal with, but it’ll be done soon. Right now, I’m taking care of the unfun-ness of the business: meeting with the lawyers, accountants, and bankers.

The Lawyer
I met with a lawyer this morning, and he’s working on some Terms of Service I’ll need to keep myself out of legal issues. He was great–easy to talk to, had relevant questions, good ideas, and was encouraging.

The Accountant
I met with an accountant yesterday, and wasn’t too impressed with him, so I may look for another. I really don’t know what I didn’t like about him, it just didn’t feel comfortable. And when you’re starting a business, you need to work with people you feel comfortable with, and it just wasn’t that way with him.

I thought I wanted a lawyer and accountant that were young, progressive, technologically-minded people. It turns out age has little to do with it–and being a technophile may not be a requirement either. My lawyer is 65+, doesn’t have an email address on his business card, and has a circa 1998 brick phone. The accountant is in his late 20’s and has a Blackberry, but other than that showed little interest in staying current with techno trends or news. I’m meeting with another accountant Thursday and will know more then–maybe it’s just the nature of accountants.

The Banker
Banking is a crazy issue altogether. Banks aren’t in business to look pretty–they’re beastly about wanting money, and they’ll take it any way you can give it to them… finance charges, minimum balance charges, transaction-limit fees, average daily balance fees, high-activity fees, no-activity fees, ATM fees, merchant account fees… you get the picture. The beauty is, they take this money, plus any money you store with them, and make MORE money using your money, it’s really amazing–it’s the purest form of perpetual motion I’ve found. In my next life I hope to be a banker.

That being said, you have to deal with banks, so again, go what you’re comfortable with. I looked at accounts at all the big boys, Bank of America, Chase, Wachovia, Wells Fargo, but I ended up staying with a local hometown bank. They actually have branches in several cities, so it’s not like a mom-and-pop thing, but the beauty of dealing with a local bank is this: 1) You keep your business local, and 2) If you need something, like a rule bent here or there, they don’t have to call a corporate office 8 states away to get approval.

I went inside this bank, rather than getting online and opening an account–and I’m glad I did. They generously lowered my opening-balance requirement, and actually talked me out of an account that would make them more money because a different (free) account they had worked better in my situation. One of the accounts they offered had a monthly service charge but unlimited transactions of deposits and withdraws. Another account was free but limited me to 150 transactions per month. Since my site will take money from customers, I could outgrow the 150-transaction limit quickly, and that was concerning. She investigated and found out that the 150-transactions only counted as “in-person� transactions, and there was no limit to electronic. Being web-based, 99% of the transactions on my account will be electronic (web-based), so the limit was no longer a factor. If you’re signing up for an account that has a transaction limit, check to see if it only applies to physical, in-person transactions. Had I opened my accounts online, I would’ve messed up and gotten the account that had the service charge.

Just be comfortable
It all comes down to what you’re most comfortable with. If you’re not comfortable with your bank, your accountant, or your lawyer, it’s going to make it tough to talk to them when the need arises. Establishing good relationships with them can give you more ideas to help your business grow. Some ideas will be good, some just won’t work for you, but at least you’ll have a few extra brains to help you out. Both Lawyer and Accountant had some ideas for me that would make me more money off the site, but it’s advice I didn’t like–I’m not making this site to languish in poverty, but I’m also not looking to rip people off. The project is about helping people raise money, and the very nature of it is to help give, not help take away (things that will become more lucid after I launch…) Just remember–advice is not an edict. Take it, test it, and see what works best for you.

I bit the bullet and formed the LLC today. Supposedly. I’m still waiting on the paperwork and/or a confirmation call from the company. It was pretty painless, other than the $348 I spent to get it done. I used “The Delaware Company�, and their website touts the fact that they are the “5 Minute Online Delaware LLC�.

True to form, it only took about 5 minutes to complete the registration online. The questions were relatively straight-forward, asking me things like my 1st and 2nd choices for a company name and my initial member name(s). Since my company name is pretty unique, I entered two variations of it for my choices. I’ve decided to go with “Acrobatic Labs, LLC� (or “Acrobatic Laboratories, LLC�), as the company name. I’m sure if there’s any variation of that name out there both of my choices will be trashed, and I’ll have to come up with something else. I’ve already done some preliminary Google searches, and wasn’t able to find anything like that. I went ahead and bought the domains, too. (I’ll explain the whole circus / acrobatic / trapeze metaphor at a later time.) As for the “initial member names,� I just entered my name.

The only confusing part about the whole LLC process was applying for an EIN. An EIN is bascially the SSN for your company. You’ll probably need an EIN if you’re going to pay employees. I don’t plan on having any employees right now, much less paying them, but I went ahead and bought the EIN so I wouldn’t have to mess with the IRS for it later. One of the questions on the form was “date of first payment to employees� or something, and I tried to leave it blank. The form returned with an error, so I put “unknown.� I’m not sure that’s acceptable, since the EIN form will be filed by The Delaware Company to the IRS. I’m sure I’ll find out soon enough.

I had my information filled out and payment sent within about 5 minutes. I submitted the order at 10 AM, and received the confirmation email shortly afterwards.

Costs so far:

* The Delaware Company’s Corporation/LLC Package, $249
* Tax ID number (EIN) Obtainment for U.S. Persons, $49

What next? According to their FAQ:

We draw up and file your Delaware Certificate of Incorporation (Also known as the Articles of Incorporation) with the State of Delaware within hours after receiving your order. If you order weekdays before 4:00 PM, you will receive the following items the very next business day: your Certificate of Incorporation as well as a leatherette company kit, which includes a minute book, 20 custom numbered stock certificates, a company forms disk and more.

I’ll have more updates as soon as they happen.

1:08PM - Received shipping notification and FedEx tracking number from The Delaware Company

11:57AM (Thursday) - Received shipment from FedEX

1:39PM (Thursday) - Received EIN number from the IRS via The Delaware Company

There, that’s it. I’m officially a business now. I received a binder full of official documentation and “whereas’s� and “therefore’s� of which little makes sense to me right now. It also contained a CD full of customizeable documents which I’ll need to go through and print various forms to complete my official-ness.

This really was an easy process.