Saturday, May 10, 2008

The Thomas Edison Effect

For anyone who has watched the development of computing, it is evident that the experience of vision and invention constantly must remind us of Thomas Edison, and his winning attitude that with every failed design the working light bulb came closer, which eventually proved to be correct.

In my own modest way I was able to see some of my visions realized when I was leading the design strategic IT systems for a shipping company, and even later I found out that some other designs of mine which were prototyped in the late 80's ended up being implemented nearly thirteen years after my departure from the scene.

Since the end of 2000 it seems I've been practicing bad timing, or so it seems for I got into the Internet game just when it was ending, working for what then seemed to be a promising ISP, Verio, just having been acquired by NTT of Japan, to form NTT/Verio. The most I got out of that was that they paid for a year of Japanese studies at the Japan institute in Manhattan, for the rest, I got to watch from the inside the collapse of the boom, which was then happening all around us and to us, and projects were going nowhere. In 2001 I got involved in the launch of a managed security service, with Riptech, later to be acquired by Symantec, to form Symantec Managed Security. The events of 9/11 squashed the fun. By late summer I had built up an interesting order book, but after 9/11 the market disappeared for about two years, and NTT/Verio was going through spasmodic RIFs every three months or so for all the time I spent with them, and by March 2002 my turn had come.

Regardless of all the frustrations, it was a fruitful period of exploring a lot of ideas which had been on my mind for a long time. It was during this time that my thinking about serious on-line collaboration began to take form, along with the fact that personal computers were such an obvious security disaster, that it should be possible to actually organize greater security on-line than a "personal computer," which from a security standpoint is leakier than a sieve. One of the first companies that I found really inspiring in that regard was, which is still in operation today. The magic of their infrastructure, which is pretty flexible, is that they have a built in, fully automated deployment of PKI, guaranteeing the integrity of communications within the domain. On the other hand the fallacy then is that in their standard consumer offering they provide access just based on username and password, which is inadequate identification for any type of secure transactions, but the potential exists to integrate secure identification, which today is available in many flavors.

At a later time, I began this blog simply to vent some of my ideas which I had not been able to realize, and that in turn led to a number of exchanges which some day may become fruitful.

Fundamentally I think that the whole thing about web 2.0 now makes it even more critically important to develop serious solutions for on-line personal workspace, which should be designed to provide better security than the physical world does, your PC in particular. The on-line world cannot offer us serious solutions as long as it exposes us to needless security risks, such as the avalanche of identity theft which is now going on. For the time being web2.0 is mostly driven by the ad-supported business paradigm, which seems to have become gospel, because of the evident success of Google, to such a degree that even Microsoft in its desperation is now working hard to compete with Google. Competition is good, if nothing else as a gauge to measure one's own progress, but any time businesses become obsessed with their competitors it usually spells trouble, for it indicates that they are in doubt about their own identity or mission. The effort is all about getting better returns from advertising, and the user experience is only the means to that end, which does not bode well for the user experience in the long term.

What is needed as a vision is an understanding that security, privacy are an asset, not a liability, and that the mission of online services should be to solve a customers problems, without giving them additional liabilities they did not have before. Consumer resistance to on-line payments is substantial as a result, because many consumers walk away when they feel their security and privacy is being threatened by the all around negligence of the on-line culture of the moment. In our future therefore the real solutions that will arise, which will form durable on-line businesses will need to be worth paying for. The ad-supported model leads companies to chase fads, and to permanently sacrifice the customers security and privacy, for ease of use, convenience, not to mention data mining, which remains an invasion of privacy no matter how you slice it. And just because the world seems to be in denial about it, does not mean the customer has lost their senses, and is not aware of it. There just don't seem to be many alternatives right now, although solutions like Safe-Mail play into this sentiment.

I believe that a fundamental analytical insight is that communication is not complete without a financial transaction capability, which is what remains one of the weak links on-line, and getting weaker by the minute with every theft of credit card numbers that are stolen. It seems to be a miracle that there are any left that have not been stolen. The mission is an integrated work environment which makes my on-line life a viable solution to the practical restrictions of the physical world, but as long as it increases my risk, with new and unacceptable exposures, it condemns itself to being a faddish and unstable business.

For any naive reader who thinks I'm too pessimistic about the current situation, think again, just now in the June 2008 issue of PC World, a columnist seriously recommends doing your on-line banking on a cell phone, since as of yet they have fewer security problems, and in another column I'm reading, the author suggest not entrusting ones medical data to either Google or Microsoft, unless and until there are laws to protect us. So, on the whole companies are their own worst enemies by taking the user for granted.

Copyright © 2008 Rogier F. van Vlissingen. All rights reserved.