2005 Plans

I haven't been posting much but I am still here, a little busy, but here nonetheless.  On the last day of 2004, I am thinking about some of the ideas I'll be working on next year.

Most significant one is a new form of micropayment service.  I hesitate to call it technology because there is nothing new there in terms of technology.  Rather, it's pulling together old pieces into new configuration and wrapped with easy to use surface.  The goal is to make micro-content purchase addictive and hassle-free.

A less grandiose idea is hopefully a mobile killer app: HyperCard for mobile devices.  The goal here is to make it really easy for cellphone users to create and share simple mobile apps.

I am gonna start exploring and experimenting with both ideas and see where they might lead.

Happy New Year Everyone.

Tsunami, News, and Time

The tsunami born out of the massive 9.0 earthquake in the Indian Ocean took two hours to reach Sri Lanka, but there was no warning.  When the earthquake occured, another tsunami was born: tsunami of information.  Unprepared, tsunami of seawater across the ocean outraced tsunami of information across fabric of technology over social networks.

We can build a tsunami warning system in little time with just what we already have: networks of telephones, instant messaging, e-mail, news feeds, TV, and radio.  If spammers can 'inform' millions of people with a single button, any one of us could have sent tsunami warnings to all the TV and radio stations in the Indian Ocean.

This tragedy reminded me how important time really is in news processing.  While Google News obviously doing much more than time analysis, you can get a lot with simple keyword search for news articles created within a range of time that starts with approximate time of event.  Also general culture or region specific shape of news propagation can be used to increase or decrease search weights.

By combining time analysis with language analysis, it should be possible to identify smaller waves of news within a larger wave.  In a sense, each propation of news is a synchronization in language, meaning we tend to use the words we are exposed to.

Implementation is rather simple but time consuming.  You look for a set of keywords and time range that returns the desired shape.  This process can be short-circuited by increasing weights on words used by search engine users during the same time period.

Hmm.  Looks like I got side-tracked.

Woes of Big Holidays

Egad.  One down, one more to go.  I hate big holidays because the big ones are actually three in one: Blah Eve, Blah itself, and After-Blah Sales Day.

On Blah Eve, my wife expects me to pay attention to her.  That means lots of kisses and lip service.  I wonder if the word Eve being the name of the first gal had something to do with this.

On the Blah Day, my wife expects me to pay attention to the family.  In modern terms, this means doing far more TV watching than my usual 30 minutes a day.  The worst part is that TV programming really sucks on such days.  Radio is even worse.

On the After-Blah Sales Day, my wife expects me to be invisible.  Actually she is the one that does the disappearing act from dawn til dusk.  If I happen to get up too early, I get the deathray look.  This morning, I got up just as she was putting on her shoes to go out shopping.  Oops.

Scoble Hunt

Scoble is getting a lot of heat for his Hi Bill post.  I don't see why they think he is crazy or accuse him of insulting the Windows Media team.  The only part that rubbed me the wrong way was the firing part.  The rest is just a post written by an employee who cares enough about the company he works for to hang his balls out the window.

Who cares if his suggestions don't make sense?  That's his blog.  Should bloggers be restricted to writing posts that make sense to everyone?  Well, up your foobar if you think so.

As to what I think about his post, I think his suggestions are good.  Good, not in the sense of success or brilliance, but in the sense that such change will be good for Microsoft even if the project fails.  Like people, companies don't learn or evolve while doing the same things the same ways.

Pokey Man

In case you are wondering what happend at the final poker tournament, things were going very smoothly for me until only five players were left, including me.  I had a decent size stack by that time but I made the mistake of fainting and jabbing when there were four really good players looking to score a KO.  In short, I failed to shift gear in time.

Two half-hearted plays knocked my stack down low enough for the leading player to swoop in to finish the kill.  I did receive a decent prize earlier for knocking out a former champion so my ego is still in a pretty good shape though.  Most importantly, I can now get some sleep.

Hardworking Criminals and Poker

I attended a client's Christmas lunch yesterday.  Together we were a nice formiddable cluster of forces with lots of proven talents in our own fields — engineers, executives, lawyers, strategists, and investors.  At one point we talked about the current and near future security landscape and, frankly, the picture looks real good for security technology companies.

Most notable change was that the bad guys are focusing more on ways to attack at the infrastructure level, not only taking advantage of existing vulnerabilities but boldly creating their own.  For example, selling Cisco router clones with compromised firmware means they can gain full control over all the packets passing through those routers anytime they want.

With the world full of bad guys, working hard constantly to create new market opportunities for security companies, profit for those companies hangs in the balance between hope and despair.  With too much of either, disbelief kicks in.  While finding the right balance is difficult to do as a group, security technology market ecosystem is IMHO better than others such as open source market (create a useful jungle of a mess en masse, sell survival manuals and cleanup service), although not as good as the one defense companies have.

It's not just the criminals who are working hard.  Folks at Secunia have discovered another mind-wheeling IE vulnerability.  If you look at how it's implemented (view source on the page), you can see that it takes no more than a few minutes to mimick any website your want with minimal hassle.

If you are in the software business, you shouldn't despair.  The good news (?) is that highly critical vulnerabilities encourage users to update their software at unprecedented rate.  For example, this Acrobat Reader vulnerability, which allows hackers to run their code as soon as someone opens a compromised PDF file available over the web, means everyone with Acrobat Reader should update.

The added bonus for developers is that hassles of supporting legacy code can be easily blasted away with vulnerabilities (we really want to support legacy browsers, but we can't for security reasons) and creates new opportunities (Foo Explorer is full of bugs, get Foofox).

So are we winning the war against hackers?  You bet.  While the flow of vulnerabilities (hole flow?) will not stop until all of us are buried and stomped on for good measure, the good guys are making a lot more money than the bad guys.  Winning is easy if you are more flexible with the definition of 'we'.

Sorry guys.  I am feeling a little sarcastic (insanely optimistic?) today.  Maybe a nap will help.

Anyway, I have a big poker game tonight, a poker tournament finale with winners and runner ups from previous tournaments.  I attended only one tournament but managed to knockout enough players to secure my spot.  Odds are against me though.  Since I attended only one tournament, I don't know most of tonight's players and I haven't had any time to plan my strategy.  On top of that, I had only four hours of sleep last night.  So I'll have to wing it as I go and try to stay awake though the slugging fest.

Public yet Proprietary

News about Google Print raises some interesting questions.

If John has the only copy in existance of a physical book of which content not available anywhere, and its copyrights have expired, what rights does John have over the content of the book?

If Dave makes a deal with John to digitize the book's content, what rights does Dave have over the digitized content?

John owns the physical instance of the book, therefore he has full control over access to it even though he does not own the content.  Can John legally dictate terms of use over the content which he does not own in exchange for access?

Dave has a virtual instance of the book, so he also has full access control.  Can Dave provide online access to the book's content under whatever terms he dictates?

Now replace John with an public or government-funded institution.  What rights does the we have over the book and it's digitized contents?

Another twist.  Suppose Evan breaks into Dave's system, takes a copy of the digitized content, and posts it in newsgroups which Phil downloads.  Did Phil break any laws?  Can Phil use the content?

I am not a copyright lawyer so I don't know the answers to these questions.  Perhaps Professor Lessig can answer.

To me, ownerless doesn't mean community property.  It means free for the taking.  Google is doing exactly that, taking.  I have mixed feelings about what they are doing.  On one side, they are making new information readily available which is good.  On the other side, they seem to be claiming stewardship over orphaned information.

Ulcer and Cabbage

I woke up to a painful case of ulcer this morning.  Too much stress and spicy food I guess.  None of the usual over the counter medicine relieved the pain.  Thankfully, my wife found a home remedy: cabbage and carrot soup.  Whew.  I sure don't want to suffer like that again.  Ulcer turns your skull-shaped bowl upside down so you can't hold any thought in your head for more than a second.