Three Volts

I drove down to Palo Alto today and had lunch with three of the co-founders of Voltage Security. Smart guys. They are a well-knitted team with personalities and perspectives that complement each other well. I liked that.

Three Volts: Rishi Kacker, Guido Appenzeller, and Matt Pauker

This is how their key product, SecureMail works:

Alice at Company A would like to send her customer, Bob at Company B, a sensitive email that must be secure for compliance reasons. She uses Voltage SecureMail to send the secure email to Bob.

Alice sends a secure email to Bob
After Alice composes the email, she simply hits the Send Secure button, which automatically secures the email, along with any attachments, using Bob’s email address “bob@b.com”.

Voltage SecureMail does not require pre-enrollment of users to receive secure email; even if Bob has never previously communicated with Alice or has never used Voltage SecureMail, he is still able to receive secure email from Alice.

Bob receives the secure email
The first time Bob receives the secure email on his laptop, Bob clicks on a link in the message header and downloads the Voltage SecureMail client. He then proceeds to enroll and authenticate to Company A’s SecurePolicy Suite. The method used to authenticate Bob is completely flexible to the requirements of the enterprise.

Bob decrypts and views the email message
Upon completion of proper authentication, the SecurePolicy Suite will present Bob with his private key to read the sensitive email. Alice and Bob can now communicate securely with Voltage SecureMail.

With his private key downloaded to his laptop, Bob can decrypt and view his received secure email even when he is offline on an airplane. Bob can even read his secure email at a business center using Voltage SecureMail's transparent roaming capabilities.

As you can see, Voltage neatly sidesteps the need to build expensive PKI infrastructures. Although their biggest weakness is the need to install software on the client, the problem is offset to some degree by the viral aspect of the solution:

Alice infects Bob by sending an encrypted mail that prompts Bob to download and install Voltage client in order to read the encrypted message. With client installed, Bob can send encrypted mail to others as well, infecting them in the process.

They chose a good name for their company because another way to look at it is electricity (security) flowing and spreading across the Internet via e-mail, charging everyone in the process with higher security. Voltage Security sounds a whole lot better than Viral Security, no? <g>

Update #1: I changed "three co-founders" to "three of the co-founders" after reading Scott's post. There are four co-founders of Voltage as you can see here.

Chicken that lays bullets

CHICKEN is a Scheme-to-C compiler (via Dave). Cool. I haven't done anything in Scheme for years, but looking at this Chicken makes me hungry. Don't forget to get confused with their performance chart. It's available under BSD license.

Ghost-Blogging

Blogs of executives are starting to appear and at least some of them seems to be using ghost-bloggers according to a comment by Elwyn Jenkins (aka Microdoc) to my Blogs will fade away post is of any indication. Elwyn wrote:

"I would have to disagree that most of the writing can now go in-house for most corporations. People within corporations do not have the time to 'blog' for their company, and few feel that they can write. Already, I write three blogs for large companies and have a growing list of clientele. I will soon be putting writers on to handle the volume of writing. The task is to listen to what is going on within a company, learn the voice of a key person and blog for that person. The client ultimately publishes today's blog, but a professional writer, thinks up the ideas, and puts a spin on today's blog to match in with a series of events within the corporation."

My initial response was "Whoa! That's cheating." But I thought about it some more and tried to think about it from the perspective of businesses and executives. It made sense. While writing style matters, it is the message that matters more. How we think and how we write also make a lot of noise that seeps into our blogs and interefere with the message we are trying to convey.

Still, I thought ghost-blogging is a topic others might want to think about. One blogging lessons I have learned recently is that I should write, not only about what I want to write about, but also what my readers want to write about in response to my post. Participation is a big component of blogging after all. So tell me what you think of ghost-blogging.

If you are a forward-looking executive for a large corporation who wants to see how blogging can help you do your job better, but have either terrible writing skills or leaky-temper problems, give Elywin a call. I have both problems, but I don't have much of an *ss to cover. You do.

Update #1: I have created a Ghost-Blogger Directory for people to offer their services. Until a better directory is created elsewhere, this will have to do. Send me a note if you want to be included.

Convea: Open Source Oddpost?

Last week, Adam Smith of Convea asked me to take a look at their product, Convea. I didn't have time to look at it until now, but I am glad I did. At first glance, it was a just another open source web-based groupware. Their list of business and technical benefits made me glaze over like the sides of a cereal box. Tiny screenshots didn't help much either. So it wasn't until I tried the demo that I uttered "Wow!" just as I have when I saw Oddpost first time.

They had done a great job of simulating Windows UI cleanly. Playing with it, it was difficult to keep in mind that this was all done in DHTML, the language of torture if you are a perfectionist. While overall integration could use improvements, you can easily tell that countless hours of hard work went into it.

Convea is open source and GPL version is available for free. To lift the GPL curse so you can use it on your commercial website or intranet, you'll need a Standard Commercial License ($1995). To develop commercial products with it, you'll need a Commercial Services License ($9995). Oh, it's ASP-based currently although there seems to be talk of PHP and ASP.NET versions.

Disclaimer: Having spent most of past 20 years helping startups, I enjoy helping them get their message out through my blog. I won't call something bad good, but I felt my readers should be aware of my sympathetic bias toward startups. Also, if you are a startup and think you have a great product but not enough exposure, let me know.

Update: The demo requires IE 5.5+.

Freed from Freedom Fighters

AOL has begun dismantling their Mozilla team (thx Dave). I am not sure whether I should be happy or sad.

New Dog

Ho ho ho. We got a new dog. It doesn't have a name yet, but here he is. Oops. I forgot to ask whether it's a he or she. As to what, I think it is a new breed created by mixing poodle and something else to minimize hair shedding and smell.

It's not like I care whether a dog smells and sheds hair or not. I love all animals, especially dogs. Having him/her in the house makes me so happy that I might start barking any minute now.

Future of Blogs: Small Businesses

Business market, particularly the small business market, is where most of the action and the money will be in the future, not personal blogs. Benefits of blogging technologies, such as ease of update, content syndication, moblogging, audblogging, fotologging, and social networking, will allow small business owners to explode into the web like never before and propell blogging into a day-to-day necessity for survival.

For proper perspective, think about how little hole-in-the-wall stores so common in Asia might use blogging technologies to improve their business. Then scale it up and expand across the globe across language boundaries.

Copyrights and Blogs

We are about to enter the marshland of copyrights, a wet land of confusion that lies between the land and the sea. On land, things are on firm ground of fair use. In the sea, what sinks and what doesn't is clear cut. In the marshland, nothing is certain.

As I mentioned before, value-added blogs and feeds are coming our way. But copyright issues could sink it before it gets here. Last night, I asked "Dave" how he would feel if I created an RSS feed of his posts I liked. His answer was no, and I suspect majority of bloggers will feel the same way.

Imagine a newspaper of blog posts delivered to 100 million readers three times a day. While some might think this is impossible, I have walked though most of the serious technical and business issues and have concluded that such newspaper is not only possible, but potentially very profitable.

Biggest unknowns are the copyright issues. It's not just the bloggers and how they feel about commercial syndication of their posts, but owners of the material bloggers frequently refer to or embed into their post either partially or as a whole. It's a big iceberg that could turn any ship into Titanic.

SVG Moving Again

SVG has been dead in the water for some time, but now there are signs of some movement. Most importantly, Adobe has released a pre-release version of SVG Viewer 6.0. FYI, SVG Viewer is an IE plug-in for displaying SVG graphics within web pages. I hope they keep their asses moving so that all the SVG fanatics don't end up looking like fools. Apache's Batik team has also released the final version of Batik 1.5, a Java implementation of SVG renderer. You can find source, binaries, and list of changes here. Yes, it is slow so get a fast machine if you want to sell it upstairs.

If the nonsense above made you wonder what SVG might be, it is an XML-based vector graphics format whose capabilities overlap Flash and Postscript to varying degrees but has a lot more. As you know, a lot more can be a blessing as well as a curse. We'll see how the future turns out. Frankly, I like SVG in the same way as a fireman might smile while watching surfers frolic on the beach as the firetruck rushes by them.

Someday. Someday. Hopefully on a Sunday.

3D-Secure Rising

3D-Secure is the protocol behind the ongoing change in online shopping experiences for shoppers around the world. It allows shoppers to protect themselves against credit card frauds by requiring a PIN to be entered to complete online transactions. Visa's program is called Verified by Visa. MasterCard's program is called SecureCode. If you haven't heard of either before, you will for it will eventually become mandatory.

For the past two years, getting all the merchants and credit card issuers to make the transition to 3D-Secure has been slow going as expected. Now signs of progress made has started to appear. For example, 35-40% of orders at Good Guys are processed by Verified by Visa (thx to Scott Loftesness). Even better, the manager of loss prevention at GoodGuys.com said:

"I`ve never had any negative feedback. Customers say they feel safer shopping with us knowing their card is protected. It makes their lives easier and it makes our lives easier." – InternetRetailer.com

Excellent! BTW, Good Guys.com is a customer of Arcot Systems, the leading 3D-Secure solutions vendor.

Don Park's Weekly Habit

Well, sorta weekly.