I gave a talk yesterday for the SEATTLE ANGEL CONFERENCE group.  The topic was how to create Due Diligence material for a Startup to raise capital.

This was part of their Angel Portfolio 101 series of talks.  This is part of the great work that John Sechrest and Chris Morse are working on.




I gave this talk at the Impact HUB Bellevue startup center.

I’ve been helping people create investor pitch decks to raise capital here in Seattle.  The Seattle startup community has a great group of people for funding startups.

Here are a list of pitch decks, that are interesting to look at.  Many of them aren’t in the typical format for a pitch deck, but they have some good slides on how to visualize critical parts of their business.

SPARKON.com has launched

We here at SPARKON help young people visualize their future, and then build it.

The SPARKMAP that we provide parents and their children is pretty amazing.   I’ll share my own SPARKMAP:

Open it here

  has a wonderful article on our SPARKON.com launch.

The article is here, and here are some great quotes.

Do you have a teen who’s trying to find a direction in life?

“Life in a box”

The service, primarily targeted towards teenagers and their families, uses a student’s interests and a pair of personality tests to create what Sparkon calls a “SparkMap” – a large, interactive document that outlines opportunities for teens to explore their interests as well as potential college majors and careers.

“It’s like a life in a box for them to build up their entire life,” Starbuck said.

We are working hard on SPARKON.com.  Empower.me will be transitioning to SPARKON.com.

SPARKON.com will allow students from high school, college and middle school to visualize their future in our SPARKMAP.  The SPARKMAP is a 20 to 30 page report that is generated by decoding the teens internal passion, which comes from our personality tests and more.

We then have fun online videos where teens can pursue their interests and build their future.  These videos are learning videos and their Sparkmap generates a custom curriculum based directly on the student’s most interesting areas.

We are still testing and putting on the final touches to SPARKON.com.



Come check out SPARKON.com.

This blog post was co-authored by Bryan Starbuck and Janis Machala.

Recently Bryan did a search on Seattle Interim or Contracting CFOs across who specialize in working with startups.   Below are the set of CFOs where we filtered through to final discussions and reviewed them in-depth.  These are CFOs where we’ve heard great things about them from various people who have worked with them.

The above list was the "short list" for the final stage of Bryan's consideration for his open position.  Due to time constraints, Bryan didn't interview CFOs from many of the firms in Seattle.  There are many more excellent CFOs and great firms that are used by Seattle startups, such as Atlas Accelerator, CFO Selections, CFO2GO, vCFO, Tatum and many more. This blog was not intended to be a compendium of all resources but feedback from the in-depth interviews and experiences we have had with a subset of the pool.

Pricing:

The rates vary from $140/hour to $185/hour, with a few exceptional people at $125/hour or greater than $185/hr.  Many prefer retainers in order to not have to count hours or to encourage overly minimizing hours.  

There is a challenge for startups that are really early stage.  They may have raised less than $50-100k in external funding and want to work on financial projections for fundraising.  The challenge can be if a CFO wants a minimum retainer of $3k/month to make it worth their while for just a minimal number of hours per month, but then that ends up being equal to 70% of the salary of a $50K/year full-time employee.  The impact on the startup is that they almost increasing their expense rate by a full head-count for even the minimal number of hours for a CFO.

Finance Department:

Bryan is a fan of having one strong general person to act as a "one person finance department" handling everything from bookkeeping up through controller level work for $50/hour to $65/hour.  The CFO can still be required periodically to augment the process for reviewing senior level work or for more sophisticated financial modeling and capitalization scenario development.

Many financial firms spread the work across 3 or 4 people: bookkeeper, accountant, controller, and VP of Finance.   Bryan feels that this can be a  challenge because when you need to make decisions, the knowledge is in pieces in different people's heads and you need to get them all together in order to get decisions made.   This requires paying hourly rates for several people for an hour meeting.  The meeting can then be inefficient while the finance people ask each other questions to get the full set of facts during decision making.  

It is hard to find someone for $65/hour that can do the controller level work on down, but they can be found with enough searching.   For early stage startups, they may only need 5 to 10 hours per month to complete all of the accounting.  In those cases, Bryan finds paying $65/hour and having one person with all of the information and only needing one person in meetings can be useful.  It does not seem optimal to get a bookkeeper for $25 to 50/hour (and others for other rates) as worth the cost savings when the startup only needs them 5 to 10 hours per month. As your complexity increases, you’re venture funded, start having customers you may find the span of a bookkeeper, controller, CFO makes sense.

Janis is a fan of hiring an Office Manager who can do a broad range of duties. Have the Interim CFO or Controller develop the chart of accounts and assemble a schedule for what government (state and federal) forms need to be filed by when and then train the office manager on simple bookkeeping with QuickBooks or find an office manager with prior bookkeeping experience. By having one person dedicated to broad office duties they can be the glue between the Interim CFO and the executive team members. There’s so much to be gained by having administrative help (a person to run errands, go to bank/Coscto/post office, ensure office supplies and vendor management occurs regularly, scheduling meetings with outsiders/insiders, coordinate travel, competitive research, employee morale, etc.). Then the CFO is monitoring cashflow, developing monthly dashboard/metrics, prepping materials for board meetings, negotiating with banks and investors. One gets a lot of mileage out of a can do junior level person and a seasoned part-time war horse who’s seen it all. Oh, outsource payroll…not worth the headaches associated with all the government reporting!

My new startup is Empower.me.  (http://www.Empower.me).  

I gave this talk at the Eastside Incubator in Washington state.  The incubator is across the street from Microsoft and has a lot of Microsoft people looking into joining a startup.

The talk is also focused on big companies employees to learn startup techniques to bring back into their work in a big company.

The founder that turns into the CEO needs to grow their skills quickly.  When they raise capital and have a board of directors, if they aren’t at or ahead of where they need to be, they will be replaced.

This talk is for creating companies, being the CEO and growing the skills in that area.  This specifically talks about the startup’s first two years.

Here are the slides:

Here is the video

With my background in startups and recruiting, I’m always asked about how to hire for early stage startups (three people asked last week).   This blog post is for startups with 1 to 10 employees that don’t have enough funding to hire a recruiter as an employee.    The goal is for startups to hire high quality talent without letting the position remain open for an extended period of time.

I created TalentSpring.com because of how hard it was to hire top Talent at Microsoft.  4 years later and after the acquisition, I’m still a big believer that the TalentSpring search model is the best way to get top talent resumes in minutes.  I’ll include all techniques that tiny startups use to show the full range of techniques.

NOTE: Hiring brilliant talent is fundamentally hard.  Without a tool like TalentSpring, it will require around 10 to 40 hours of labor — if you want to guarantee the position will fill in 1 to 3 months and with quality candidates.  It can take less time if an additional 6 month lag is okay for your business.

Techniques:

#1: TalentSpring: The best way with the least hours of work is TalentSpring.  However, the market we focus most on are agency recruiters or companies that have a recruiter or team or recruiters inside of their company.  The details are here.

#2: Track people who Applied: I recommend startup companies use an “Applicant Tracking System” in order to take notes and track as they reject or progress candidates.  They will generate new resumes because they will drive free organic traffic from SimpleHired.com, Indeed.com and other sources.  My company (Talent Technology) sells HireDesk as an ATS.  There are a wide range of great ATSes from free ATSes (JobScore.com) to bigger and more sophisticated ATSes (Taleo, VirtualEdge, Oracle, and more).  Since price isn’t a problem, there is no reason not to have one to save time tracking which resumes you rejected and which are progressing.   Opening positions in the ATS will get them advertised for free so open those job postings SOONER rather than LATER.  The traffic from SimplyHired/Indeed you will receive for free will deliver “n” resumes per month per job posting, so keep job openings open over time to get resumes for free and in quantity to help hiring later.   Also, use the URL to your ATS job posting (with Apply button) when you post it everywhere (Job postings, tweets, etc.) because it will funnel people to apply directly into your ATS so you never have to upload their resume or enter them in your ATS.

#3: CraigsList Job Postings: The fact that CraigList charges between $25 to $75 per job posting makes it much cheaper than most other job postings.  The quality is often lower at CraigsList, however the right candidates periodically come through.  CraigList is so cheap, purchasing a job posting is often worth while simply because it is so inexpensive.  Hopefully you receive 15 to 30 resumes from the job posting, however only 3 to 5 resumes may reach the quality you are looking for.   You must write your job description and subject line to have a strong pull to attract candidates, and that can increase the number of people who apply up to 400% over boring job postings.

#4: Tweet/Facebook/LinkedIn: I recommend posting on Twitter, Facebook and in Linked-In’s stream mentioning the types of open positions you are filling.  Include a bit.ly link to your ATS job posting for people to apply.  There is no silver bullet to hiring so getting the word out as far as possible helps.   Adding a line to your email signature helps (“We are hiring a VP of Engineering and Sales Manager”)

#5: Your Website: Your ATS creates a “Job Site” website that is publicly visible, and often brandable to be consistent with your company website.  Adding a “Careers” link will further get a small amount of traffic, but that traffic will often be a strong culture match (passionate about your business, startup employees, local candidates, salary compatible, etc.).   Also, posting on your blog about your new open positions is helpful.

#6: Networking Events: Attending local networking events that match the people you need to hire is also useful.  Attending different events and only visiting each event only once will gain access to the most social circles with the least time investment.  An important technique is to mention to people “We are hiring xxx”.  The person at the networking event may not be a right match, but they may know someone.  People at networking event strengthen relationships by connecting people who are a match in business.

#7: Recruiting on Linked-In: When getting certain positions filled is critical, such as executives, and when top quality is a must, there is a lot of value in spending 4 hours focused on deep searches in Linked-In.   Most of the other items in this list mostly deliver a flow of resumes over time for free and with little labor (but are valuable only with 3 to 5 months of flow).  This technique is useful when you must guarantee someone is hired and sooner than later.  Google searches in the following pattern can be helpful:  “Seattle Area” Ruby EC2 “VP of Engineering” site:linkedin.com -jobs.   You can browse your Linked-In first degree connections for people who are high quality and browse their connections for people who match the job titles you need.   TalentSpring is a paid service that makes getting resumes nearly instantaneousness from this source and many others.  However, if you have absolutely zero budget and are willing to spend 4 hours to 20 hours, you can often find some of the potential that exists in Linked-In.

#8: Hiring an recruiter as an employee: Startups who raise $3m+ and need to hire several employees in the next quarter or two often hire an employee to be a full time internal recruiter.  This could be less expensive than an agency recruiter.  The issue is that there is a huge difference between a great recruiter and a mediocre recruiter, and that will show up in positions just not getting filled or the quality that you receive being low.  I have seen several companies close a VC round, hire a recruiter and then realize months later that they were low quality and having to replace the recruiter and the positions never filled.  This can result in the worst of all situation so the risk must be managed.

#9: Hiring an Agency recruiter: Recruiting high quality employees inescapably takes 10 to 40 hours of labor if you don’t want filling the position to drag out.  As a business leader, you need to also need to visualize the “time value cost of money” of the position taking an extra 2 to 6 months to fill.  Understanding the amount of lost revenue or value is lost every month the position remains open will be helpful in opening up your mind to paying money for paid services: job postings, TalentSpring (Talent Technology’s external search) or an agency recruiter.  Using an agency recruiter is a way to free up your time, only pay on success and that person will put in the hours on all of the labor listed above.  Most startups that I know don’t rely on a single recruiter and instead allow several agencies to work on the position in parallel.  This allows the company to win because they benefit from the strongest agency since poor quality agencies won’t deliver at all, won’t deliver soon, or will deliver low quality candidates.  Agencies have a rack rate of 25% to 33% of first year hired, however these fees are highly negotiable.  Startups have paid agencies as low as 15% to 10% of first year hired salaries at the very lowest range of the spectrum.

I wrote this post for startups with less than 10 employees who often have no budget, almost no time and no access to an internal recruiter.  Recruiting is always hard work so I hope these techniques are helpful.   It is useful to think of recruiting as “How many people have learned of my job opening” per month and “How many qualified resumes have I read” each month.  Recruiting is the process of getting these to scale.   If the numbers don’t scale up, then the months to fill the position expand out.

Happy recruiting

-Bryan

Most of my friends are getting iPads and/or iPhones.  Here are my notes on my favorite apps.   This is a great match for startup employees and engineers.

Apps for work productivity: (Especially startup company builders)

• Reeder: This is my Google Reader application.  It stays in sync with Google Reader feeds & unread statuses.  I consider this my "Learning machine"  (iPad, iPhone?)
• Zenbe: Great TO-DO app with separate lists.   Great web page version for laptops that stays in sync with iPad & iPhone.   (iPad, iPhone)
• Quickoffice:  I have my laptop PowePoints, Excel and Word docs sync to DropBox.com.  I then can read and WRITE to those files using Quickoffice on the iPAD.  I don't have to remember to "upload" from my laptop, so I can edit files without having to "prep" them before leaving my laptop.    (iPad, iPhone?)
• iMockups & Sketchy: These are wireframe creating apps for people who design software product UI.  I love mulling over ideas in comfortable places with the iPad and later moving them to the laptop at later stages.
• Kindle: Having your ebooks on your iPAD is great for reading books whenever time opens up (at home, lunch at work, vacations).  Never have to remember to drag books with you.
• MindMeister: Mind mapping software that is very good syncing the files across the WEB version for my laptop, my iPad and my iPhone (iPad & iPhone)
• Skype: I pay $10 into my account so I can send text messages with skype.  This allows me to easily send them from my iPad or iPhone.  I have to use the iPhone version on my iPad.   (iPhone)
• Instapaper: Send good web pages to be saved to be read later
• Keynote & Numbers: I use these to sketch out raw ideas in a coffee shop.  This is great to get past the creative huddle early in a comfortable place.  Then later I email them to my laptop in order to do serious business modeling in PowerPoint and Excel.   I never use the "Pages" spreadsheet.  I recommend buying that later only when you need it.  (iPad)
• TripIt: Great for travel  (iPad & iPhone)
• WeatherBug: Good for getting the weather (iPad)
• SugarSync:  I stopped using SugarSync, but this app was great when I used SugarSync.  I found Dropbox to be the best.  (iPad)
• Textnow: Free text message
• Friendly:  This is the free facebook application.  I never get a chance to use it.  (iPad)
• Find iPhone: Use this in case you want to find your iPad when you lose it (iPad & iPhone?)
• Wi-Fi Finder: Great to find a place to use your laptop (iPad)
• Kayak HD: Find hotels or flights (iPad)
• iLunascape: This is a multi-tab browser.  This is great for web pages to load in parallel for fast flipping between tabs to already loaded web pages.

Games: (for people who like a thinking challenge instead of arcade games)

• Slay: More complex than risk, but relaxing  (iPad)
• Cover Orange: Good planning with physics
• Cut the Rope: Good planning with physics
• World of Goo: Build with physics and be strategically efficient  (iPad)
• Beyond Ynth: Logic physics and puzzle
• Plants vs Zombies HD: This is Plants vs Zombies and a fun planning app (iPad)
• GodFinger (& All Stars): Grow a civilization with resource & time constrints
• Angry Birds: Good planning with physics.  Catapult game
• ACrawler HD: Truck driving physics
• MX Mayhem: Motorcycle riding physics
• TradeNations: Good for relaxing building, with time constrained resource allocation
• Galcon Fusion: Fun for a while
• Control Freak: Fun strategic resource control game
• Montezuma: Find the best path
• My Kingdom for the Princess: I only played a few minutes
• Cave Run: Jumping and action
• Gravity HD: Physics and planning
• Castle Warriors: Take over resources
• New York: Great roller coaster physics
• Crack Code: Decrypt the code using permutations
• Hotel Mogul: Resource Planning
• Bumper Boats: Directional planning

Great for 2 to 4 year olds:

• Geared HD
• Toyshop
• XmasTale
•  Doodle Buddy
• Art of Glow
• Paper Toss HD
• Virtuoso
• Touch Hockey
• Talking Tom
• Talking Harry
• New York: Great roller coaster physics
• Cover Orange: Good planning with physics
• Cut the Rope: Good planning with physics
• World of Goo: Build with physics and be strategically efficient  (iPad)
• Plants vs Zombies HD: This is Plants vs Zombies and a fun planning app (iPad)
• GodFinger (& All Stars): Grow a civilization with resource & time constrints
• Angry Birds: Good planning with physics.  Catapult game
• Galcon Fusion: Fun for a while
• FarmStory
• Friendsheep 

Other:

• NetFlix: Stream movies or add and manage your queue.  (iPad & iPhone?)
• XFinity: A great way to see upcoming TV shows, and possibly set your DVR. (I never get time to use this)   (iPad & iPhone?)
• Fandango: Great for movies.
• Zappos: Best shopping for shoes ever.
• Flipboard: Worth checking out for news.  I didn't get into it
• Twitteriffic: Twitter client

I'd love to hear your ideas in the comments.

This is too interesting not to share.

Reposted:

In the 20th century, this would have been a job for James Bond.

The mission: Infiltrate the highly advanced, securely guarded enemy headquarters where scientists in the clutches of an evil master are secretly building a weapon that can destroy the world. Then render that weapon harmless and escape undetected.

But in the 21st century, Bond doesn’t get the call. Instead, the job is handled by a suave and very sophisticated secret computer worm, a jumble of code called Stuxnet, which in the last year has not only crippled Iran’s nuclear program but has caused a major rethinking of computer security around the globe.

Intelligence agencies, computer security companies and the nuclear industry have been trying to analyze the worm since it was discovered in June by a Belarus-based company that was doing business in Iran. And what they’ve all found, says Sean McGurk, the Homeland Security Department’s acting director of national cyber security and communications integration, is a “game changer.”

The construction of the worm was so advanced, it was “like the arrival of an F-35 into a World War I battlefield,” says Ralph Langner, the computer expert who was the first to sound the alarm about Stuxnet. Others have called it the first “weaponized” computer virus.

Simply put, Stuxnet is an incredibly advanced, undetectable computer worm that took years to construct and was designed to jump from computer to computer until it found the specific, protected control system that it aimed to destroy: Iran’s nuclear enrichment program.

The target was seemingly impenetrable; for security reasons, it lay several stories underground and was not connected to the World Wide Web. And that meant Stuxnet had to act as sort of a computer cruise missile: As it made its passage through a set of unconnected computers, it had to grow and adapt to security measures and other changes until it reached one that could bring it into the nuclear facility.
When it ultimately found its target, it would have to secretly manipulate it until it was so compromised it ceased normal functions.

And finally, after the job was done, the worm would have to destroy itself without leaving a trace.
That is what we are learning happened at Iran’s nuclear facilities — both at Natanz, which houses the centrifuge arrays used for processing uranium into nuclear fuel, and, to a lesser extent, at Bushehr, Iran’s nuclear power plant.

At Natanz, for almost 17 months, Stuxnet quietly worked its way into the system and targeted a specific component — the frequency converters made by the German equipment manufacturer Siemans that regulated the speed of the spinning centrifuges used to create nuclear fuel. The worm then took control of the speed at which the centrifuges spun, making them turn so fast in a quick burst that they would be damaged but not destroyed. And at the same time, the worm masked that change in speed from being discovered at the centrifuges’ control panel.

At Bushehr, meanwhile, a second secret set of codes, which Langner called “digital warheads,” targeted the Russian-built power plant’s massive steam turbine.

Here’s how it worked, according to experts who have examined the worm:

–The nuclear facility in Iran runs an “air gap” security system, meaning it has no connections to the Web, making it secure from outside penetration. Stuxnet was designed and sent into the area around Iran’s Natanz nuclear power plant — just how may never be known — to infect a number of computers on the assumption that someone working in the plant would take work home on a flash drive, acquire the worm and then bring it back to the plant.

–Once the worm was inside the plant, the next step was to get the computer system there to trust it and allow it into the system. That was accomplished because the worm contained a “digital certificate” stolen from JMicron, a large company in an industrial park in Taiwan. (When the worm was later discovered it quickly replaced the original digital certificate with another certificate, also stolen from another company, Realtek, a few doors down in the same industrial park in Taiwan.)

–Once allowed entry, the worm contained four “Zero Day” elements in its first target, the Windows 7 operating system that controlled the overall operation of the plant. Zero Day elements are rare and extremely valuable vulnerabilities in a computer system that can be exploited only once. Two of the vulnerabilities were known, but the other two had never been discovered. Experts say no hacker would waste Zero Days in that manner.

–After penetrating the Windows 7 operating system, the code then targeted the “frequency converters” that ran the centrifuges. To do that it used specifications from the manufacturers of the converters. One was Vacon, a Finnish Company, and the other Fararo Paya, an Iranian company. What surprises experts at this step is that the Iranian company was so secret that not even the IAEA knew about it.

–The worm also knew that the complex control system that ran the centrifuges was built by Siemans, the German manufacturer, and — remarkably — how that system worked as well and how to mask its activities from it.

–Masking itself from the plant’s security and other systems, the worm then ordered the centrifuges to rotate extremely fast, and then to slow down precipitously. This damaged the converter, the centrifuges and the bearings, and it corrupted the uranium in the tubes. It also left Iranian nuclear engineers wondering what was wrong, as computer checks showed no malfunctions in the operating system.
Estimates are that this went on for more than a year, leaving the Iranian program in chaos. And as it did, the worm grew and adapted throughout the system. As new worms entered the system, they would meet and adapt and become increasingly sophisticated.

During this time the worms reported back to two servers that had to be run by intelligence agencies, one in Denmark and one in Malaysia. The servers monitored the worms and were shut down once the worm had infiltrated Natanz. Efforts to find those servers since then have yielded no results.This went on until June of last year, when a Belarusan company working on the Iranian power plant in Beshehr discovered it in one of its machines. It quickly put out a notice on a Web network monitored by computer security experts around the world. Ordinarily these experts would immediately begin tracing the worm and dissecting it, looking for clues about its origin and other details.

But that didn’t happen, because within minutes all the alert sites came under attack and were inoperative for 24 hours.

“I had to use e-mail to send notices but I couldn’t reach everyone. Whoever made the worm had a full day to eliminate all traces of the worm that might lead us them,” Eric Byers, a computer security expert who has examined the Stuxnet. “No hacker could have done that.”

Experts, including inspectors from the International Atomic Energy Agency, say that, despite Iran’s claims to the contrary, the worm was successful in its goal: causing confusion among Iran’s nuclear engineers and disabling their nuclear program.

Because of the secrecy surrounding the Iranian program, no one can be certain of the full extent of the damage. But sources inside Iran and elsewhere say that the Iranian centrifuge program has been operating far below its capacity and that the uranium enrichment program had “stagnated” during the time the worm penetrated the underground facility. Only 4,000 of the 9,000 centrifuges Iran was known to have were put into use. Some suspect that is because of the critical need to replace ones that were damaged.

And the limited number of those in use dwindled to an estimated 3,700 as problems engulfed their operation. IAEA inspectors say the sabotage better explains the slowness of the program, which they had earlier attributed to poor equipment manufacturing and management problems. As Iranians struggled with the setbacks, they began searching for signs of sabotage. From inside Iran there have been unconfirmed reports that the head of the plant was fired shortly after the worm wended its way into the system and began creating technical problems, and that some scientists who were suspected of espionage disappeared or were executed. And counter intelligence agents began monitoring all communications between scientists at the site, creating a climate of fear and paranoia.

Iran has adamantly stated that its nuclear program has not been hit by the bug. But in doing so it has backhandedly confirmed that its nuclear facilities were compromised. When Hamid Alipour, head of the nation’s Information Technology Company, announced in September that 30,000 Iranian computers had been hit by the worm but the nuclear facilities were safe, he added that among those hit were the personal computers of the scientists at the nuclear facilities. Experts say that Natanz and Bushehr could not have escaped the worm if it was in their engineers’ computers.

“We brought it into our lab to study it and even with precautions it spread everywhere at incredible speed,” Byres said.“The worm was designed not to destroy the plants but to make them ineffective. By changing the rotation speeds, the bearings quickly wear out and the equipment has to be replaced and repaired. The speed changes also impact the quality of the uranium processed in the centrifuges creating technical problems that make the plant ineffective,” he explained.

In other words the worm was designed to allow the Iranian program to continue but never succeed, and never to know why.

One additional impact that can be attributed to the worm, according to David Albright of the Center for Strategic and International Studies, is that “the lives of the scientists working in the facility have become a living hell because of counter-intelligence agents brought into the plant” to battle the breach. Ironically, even after its discovery, the worm has succeeded in slowing down Iran’s reputed effort to build an atomic weapon. And Langer says that the efforts by the Iranians to cleanse Stuxnet from their system “will probably take another year to complete,” and during that time the plant will not be able to function anywhere normally.

But as the extent of the worm’s capabilities is being understood, its genius and complexity has created another perplexing question: Who did it?

Speculation on the worm’s origin initially focused on hackers or even companies trying to disrupt competitors. But as engineers tore apart the virus they learned not only the depth of the code, its complex targeting mechanism, (despite infecting more than 100,000 computers it has only done damage at Natanz,) the enormous amount of work that went into it—Microsoft estimated that it consumed 10,000 man days of labor– and about what the worm knew, the clues narrowed the number of players that have the capabilities to create it to a handful.“This is what nation-states build, if their only other option would be to go to war,” Joseph Wouk, an Israeli security expert wrote.Byers is more certain. “It is a military weapon,” he said.

And much of what the worm “knew” could only have come from a consortium of Western intelligence agencies, experts who have examined the code now believe.

Originally, all eyes turned toward Israel’s intelligence agencies. Engineers examining the worm found “clues” that hinted at Israel’s involvement. In one case they found the word “Myrtus” embedded in the code and argued that it was a reference to Esther, the biblical figure who saved the ancient Jewish state from the Persians. But computer experts say “Myrtus” is more likely a common reference to “My RTUS,” or remote terminal units.

Langer argues that no single Western intelligence agency had the skills to pull this off alone. The most likely answer, he says, is that a consortium of intelligence agencies worked together to build the cyber bomb. And he says the most likely confederates are the United States, because it has the technical skills to make the virus, Germany, because reverse-engineering Siemen’s product would have taken years without it, and Russia, because of its familiarity with both the Iranian nuclear plant and Siemen’s systems.

There is one clue that was left in the code that may tell us all we need to know.

Embedded in different section of the code is another common computer language reference, but this one is misspelled. Instead of saying “DEADFOOT,” a term stolen from pilots meaning a failed engine, this one reads “DEADFOO7.”

Here and here are some of the sources.