Tuesday, June 30, 2015

The ridiculous cost of real estate transactions and a possible solution

Most people don't know this, but I have my real estate broker's license. About ten or so years ago I put in the time to get my license because I noticed that I was paying a 2-3% premium on everything I purchased or sold. I figured if I can save myself that 2-3% and perhaps my friends and family, then I would come out way ahead of the cost of maintaining the license. 

 Since then I've done dozens of transactions for family and friends in addition to those that I've done for myself. It goes without saying that I contribute a good portion of my commission to their closing costs since they're friends. Lately though I've been noticing that with real estate costs as high as they are, my commission checks are disproportionately larger than the effort I have to put it. Don't get me wrong. I put in the necessary time for anyone I represent. I make sure I help them research the properties, I negotiate everything for them and help them avoid any costly mistakes associated with escrow, title, and lenders. I go above and beyond what anyone else would ever do for them because I want to make sure they're getting a good deal. But even then, even after all the hours, I still feel like the commission is disproportionately large compared to the effort. On rare occasions when the deal  becomes extremely complicated and requires several hundred hours of research, work, and negotiation, it might be somewhat feasible to get paid more than 1.5% of the total sales price, but otherwise ...

 Here's an example of a typical deal in Southern California. A couple I recently work with had a purchase budget of $800,000. I spent a few hours talking to them to really understand what their needs were. I then did some research on the neighborhoods they were interested in and learned the streets where I thought they would want to live. I drove by a few properties, previewed all the good ones and worked out all the numbers for them. So far I was about 12 hours in. I then met with them on three separate occasions to look at homes. Having previewed everything and done all the numbers saves us all time so we only had to look at about 10 homes total. They went back to the same house over and over again and eventually we ended up making an offer well below asking price. After about 3 days of back and forth our offer was accepted and with about 25 total hours of work put in, my work was nearly done. Over the next 45 days I made sure that all the paperwork was getting signed by the right people and any inspections were getting done on time. We're talking maybe a total of 10 more hours for a total of 35 hours. 

 The commission on this deal was 2.5% so I stood to make $20,000 for my 35 hours of work. That's $571/hour. I contributed a substantial portion of that towards my buyer's closing costs but even then I walked away with more than $10k. I know what most agents would say at this point: "What about all the hours you had to spent finding the customer and doing marketing and ...". To them I say: "That's true with every other business also".


 A lot of agents/brokers earn their commission. They negotiate hard on behalf of their client and they look out for their best interests. But the majority of agents basically list a property on the MLS (about 8 hours of work including photos), then they sit back and wait for their commission check to arrive. That's total BS. It used to be they had to do a lot more work for the 2-3%. But with technology as good as it is, it's really a click-next wizard and you're done. How does that make sense that when you sell your hard earned asset through an agent, that somehow for less than 40 hours of work, he/she gets to keep 3% of your hard earned money?! It's ridiculous. Ridiculous considering that most agents won't even put a penny into advertising your place or even hold a proper open house for you.

 I know I'm going to get attacked by a lot of agents for this. But it's time for reform. Everyone should have to earn what they keep. In a perfect world, you'd pay an agent a fixed fee regardless of the price of sale and a commission for every dollar over a certain threshold. For example, if your house comps for $800k, your agents would get $4k upon sale, and 10% of every dollar over $750k. That way, if your property sold for $740, you would only pay the agent $4k. But if it sold for $800, then you'd pay him $9k. Or some sliding scale like that.

 Personally, I'm not in this business to make my living. I just do it to help friends and family. And I do believe in each agent's right to make a good living if they're willing to work hard for their clients. But in an environment like Irvine where the average house sells for over $1M, and the seller has to fork over $50K in commissions (2.5% to each agent), I think there is room for a disruption and the time has come. 
Posted by at No comments:
Labels: , , , , , , , , ,

Thursday, June 11, 2015

How to encrypt an existing MySql database

One thing I want you to keep in mind as you're reading this, is that this is a very basic guide to quickly get some encryption on your data. It is by no means a failsafe enterprise-level chinese-hacker-proof way of encrypting your data. Furthermore, aside from just encrypting some of your data I recommend at least the following:

  • Encrypt the entire disk volume that your database resides on
  • Encrypt the entire database instance
  • Create firewalls at every levels of your infrastructure
  • Use the highest level of encryption that fits the limits of your performance window
  • Get a chastity belt and a few Assa Abloy padlocks to protect your server
Now with that said, here's a super simple way of encrypting your stuff.

Let's say you have a table called user that looks like this:


As you can see, nothing in this table is encrypted, because you can obviously read it. Don't worry this is all fake data ;)

Anyway, you probably want to encrypt that email column so if someone gets into your db they can't just steal all your email addresses. Here's the quick and easy way:


UPDATE user SET EMAIL = AES_ENCRYPT(EMAIL, 'password');

The 'password' should probably be a nice long string that you're going to guard with your life going forward. What this does is it encrypts the EMAIL field with the key 'password' and updates it in the database. So now what your result set looks like is this:


Hard to guess what those emails are now.

By now you're probably a bit impressed, but asking yourself, okay great, but how the heck do I use data that looks like this in my own application? Well, I'm glad you asked. Here's how:


SELECT FIRST,LAST,CAST(AES_DECRYPT(EMAIL,'password') AS CHAR) AS EMAIL, WHEN_CREATED FROM user



Hint: If you don't user the CAST( ... AS CHAR), you'll get a blob returned in MySQL which is probably not what you want. MySql needs to know how to interpret the encrypted data once it has decrypted it. Also, If you don't say "AS EMAIL" after the casting, you'll get the whole formula as your column name and it will be pretty nasty, so this is cleaner.

Some more very important stuff to consider:

  1. You should consider changing your data type to binary since this is no longer being stored as a varchar
  2. You should definitely consider increasing the size of the encrypted (now binary) column because it now takes up more room and you don't want crazy errors you can't debug later.
  3. Storing the key in a safe place goes without saying, but try to come up with a pretty cryptic string like 'HDIEdygygde783juinifiaaoeygyqyegyYYHGEYD' and just use that within your application to decrypt. The downside of doing this is that if you lose this key, then you are essentially screwed.
Happy encrypting

Posted by at 1 comment:
Labels: , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)