Cruising the RSA Conference

I will usually check out the RSA Security conference trade show floor just to get a flavor of what's hot, new, tired, overdone in that domain. This year it occupied most of the Moscone North show floor; quite a change from my first RSA show in the early '90s, where the trade area sparsely filled one of the smaller upstairs meeting rooms in the Redwood Shores Sofitel. Impressions:

Every year the show is less about cryptography per se. I'm sure this has something to do with RSA's attempts to diversify as its patents expire, but I do think it reflects the state of the field. Crypto has become a standardized component of security solutions, and the biggest perceived threats are not in the privacy area.

You can assess the perceived threats du jour by counting booths. A blur of intrusion detection systems. Every conceivable combination of app-layer, network edge DOS/malcode/spam detection and management hardware thingie. Piles of single-signon or authentication gadgets, all pledging allegiance to some federated identity standard or alliance. Trivial conclusion: These areas are all over-invested, steer clear unless you have a chance to back a company with significant growth in the top line and its customer list.

Coolest thing at the show: An actual quantum cryptography product from Magiq Technology (name thanks to A. C. Clarke, no doubt). I'm impressed that quantum crypto has made it in such a short time from esoteric theory to a chunk of hardware for which you can write a PO. And if the number theory behind public key crypto makes your head hurt, just try quantum entanglement. The virtue of this gadget is completely unbreakable key exchange at a distance. The catch is that you need a fiber optic connection direct to each point that needs key material - that'll slow down deployment just a tad. Fortunately for Magiq, they seem to have some friendly angels who are willing to wait out the transition from science project to real business.

Test: Ignore this post

Testing item template change to improve RSS results. 3, 2, 1....

ETech Journalism Panel Quotes A

ETech Journalism Panel Quotes

A little late, I know, but I wanted to point out that Susan Mernit has extracted the juiciest pull quotes from the transcript of a very good panel.

Changing the Guard If you

Changing the Guard

If you read Due Diligence with an actual browser - rather than an RSS aggregator - you'll know that the blogroll includes a section devoted to those serving our country overseas. With the rotation of units to and from Iraq and Afghanistan, there are some changes in order:

• Chief Wiggles, aka Paul Horton, is back with his family. He's the guy who used his blog to start Operation Give to donate toys to Iraqi kids, showing that citizens' media are good for more than stateside politicking, and earning a mention in a presidential speech along the way. In his real job of interrogator and debriefer, he may have been responsible for getting some of the 'good guy' senior Iraqis out of detention camps and back to work on our side. I want to keep up with the Chief's projects, so he's migrating up to 'Defense Spinoffs'.
  
• Army medic Jeremy Botter isn't quite out of the sandbox yet. He's in Kuwait helping wash down and reorganize his unit's transport, so is hopefully out of harm's way. (Funny how wargames never mention running a whole division's worth of gear through the carwash...)
  
• Jason von Steenwyk is helping prepare his Florida National Guard battalion to move out of Ar Ramadi down to Kuwait and into the carwash line. You know, Ramadi, as in the baddest part of the Sunni Triangle. A financial journalist in 'real life', his critiques of the media coverage of Iraq and the military in general have been wickedly on target.

Thank you all, gentlemen, for your service, and for taking the extra time and energy to let us know what it's like.

There's a new shift headed out, and the blogroll will be updated accordingly:

• Warren, writing as 'LZ Xray' at Iraqi Ground Truth is back in Iraqi, after already serving one rotation at the start of the war. He's in Civil Affairs, one of the places where the real outcome of the Iraqi campaign will be determined.
  
• Eric or 'Dagger Jag' is with the 1st Infantry, and is already in Kuwait gearing up to head north. That JAG, like the TV show but with much added grunge and boredom, I'm sure. He'll see a back story of the occupation that we won't get any other way.
  
• 'Sgt. Hook', a veteran milblogger has been getting his unit ready to deploy to Afghanistan. Just in time for the spring Omar and Osama hunting season.

Good luck, good hunting, come home safe. (Write when you get the chance.)

(And thanks to Smash and Greyhawk for keeping track of everyone out there.)

An Old Media Dog Learns

An Old Media Dog Learns New Tricks

Back in mid-2001, Terry Semel left Warner to take over Yahoo. Rhetoric at the time revolved around getting away from the discredited advertising revenue model, adding more for-pay services, and doing more media partnerships. The latter, plus suspicion of his baked-in old media habits, led me to whisper doom to those who would listen.

Seems I was right about the business direction, but wrong about the person. Semel has learned some new tricks, or perhaps it's more appropriate to say the market taught them, and he had enough of a clue to listen. The media bundle strategy died first. The consolidation and then revival in the Internet advertising market made part of the revenue model whole. And he has apparently caught on that things like e-mail and personals - you know, where people talk to each other - are where the value's created online. So credit where it's due: Semel has learned the lessons fast and well enough to avoid the fates of ExciteAtHome and Lycos, Internet ships run onto the rocks by old media pilots.

But we do have to mention the one that almost got a way, and may still: Search. Yahoo never invested in creating a credible search engine, and as it gorped up its previously clean home page with more tie-ins to its partners and promotions, it left market space for Google, with a capable search engine and pristine interface. Enough market space for a potential multi-billion dollar IPO, while Yahoo has had to scramble and buy up and lash together other search properties, at its shareholders' expense.

Hat tip: TechDirt

Required Reading Safire.

Required Reading

Safire.

Wi-Fi: Up from the bottom

Wi-Fi: Up from the bottom

A Business Week article on the state of the Wi-Fi market is mistitled "Before Wi-Fi Can Go Mainstream". It is, in fact, already mainstream, but the adoption pattern is not one apparently recognizable to the BW writer. It is familiar to some of us Old Farts. We've seen it before: It's the PC all over again.

First some numbers. The consumer / SOHO Wi-Fi market segment was $1.6 billion in 2003. Assuming an average of $200 total was paid for AP and client, that's about 8m new installs last year. With a total market size of $2.5b, and an independent estimate of 22.7m total client and AP units shipped, that should be in the ballpark. Add on prior year shipments, and we may have quietly gotten to around 10% penetration into households. Not too shabby for a standard that was once upposed to be too complex and costly for the end user!

BW sees the lack of 'roaming agreements' among public hotspot providers as a major barrier to further adoption. Leading me to wonder why you need a roaming agreement when public Wi-Fi is turning into a free amenity. Glenn Fleishman reports on Schlotzsky's success with free Wi-Fi to attract and retain customers. (Hat tip: Cory) This may not make your local bagel shop into the Great Good Place, but it is becoming a competitive factor that may make Wi-Fi access free - if you're willing to wander down to the local watering hole and spend a few bucks.

Where adoption is slow is in large businesses. The 2003 figures attribute about 1/3 of the market to large enterprises, and considering the larger price tag typically paid for APs from the likes of Cisco, that's a lot fewer installs. This is usually written off to security concerns. That's true on the face of it, but fails to reveal some underlying issues.

The initially broken WEP security for Wi-Fi got some headlines, but can be ameliorated. The real problem in larger enterprises is often the many years of accumulated decisions on network and device architectures, authentication and privileges. With fixed PCs and wired networks, it's been very easy for designers and administrators to conflate location, device, network topology, user, role, and privileges when setting up network and applications systems. The combination of Wi-Fi and laptops invalidates any such assumptions, and will force IT to go back and clean up their prior simplifications.

The decision for wireless itself can be a tough sell if the company has recently coughed up for something like an optical network rebuild. Network admins used to planning cable routes and wiring closets need to learn about RF propagation and interference. Lurking behind can be the need to rebuild the enterprise's authentication and security around roles and privileges, a nontrivial endeavor. So, stick a few APs outside the firewall in public meeting rooms, and let someone else take the Wi-Fi arrows in the back.

Small businesses and homes have much smaller installed networks (if any), smaller premises, and simplistic authentication and security practices. Lack of a legacy means they can adopt easily. This underlies the PC-like market pattern. The tyranny of the installed base holds back the large enterprise buyer. While they will eventually adopt, the current Wi-Fi buying pattern is not a prelude to the mainstream, it is the mainstream.

Full disclosure: We have an investment in the Wi-Fi security and management space.

GPLs and venture A portion

GPLs and venture

A portion of an announcement received on a VC mailing list today:

Dear Colleague:

The use of open source software is pervasive today and, when used correctly, is a low-cost alternative to developed code. However, open source software can cause major headaches for companies looking for funding and for investors looking for exits. Today, some acquirers view open source as being no different than fraud on the books.

To help companies and their VCs tackle this complicated issue, we're bringing together top legal experts from Microsoft and Testa, Hurwitz & Thibeault (boldface in original - ed.) with two preeminent personality (sic) in the open source community for a dynamic 90-minute audio/Web seminar ... entitled:

"The Software Wars: How Open Source May Dramatically Affect Your Company's
Funding & Liquidity"

No matter how familiar you are with your company's technology and its origin, you can't afford to miss this interactive audio/Web seminar. Not only will you gain a better understanding of how open source can affect your company's value but you'll also receive a wealth of easy-to-implement strategies for managing the risk involved with using publicly available software code--or for avoiding it all together. When you join us, you'll have the rare opportunity to see clearly both sides of the dynamic open source issue....

... other topics... include:

• Which open source licenses are to be avoided and why
  
• How will the use of open source affect your company's target value
  
• What management policies are most effective in regulating the use of open source
  
• Ways you can minimize the damage of past open source use
  
• How best to comply with the licenses of open source code
  
• Who should you turn to for help addressing your open source issues
  
• Best practices for storing work and assessing compliance with regulations
  
• Tactics for creating internal systems to review proprietary software
  

Is this a legitimate issue of IP integrity due to GPL'ed code being commingled into a startup company's assets (along with a little overheated sales rhetoric), or part of a FUD campaign from you-know-who (see boldface). I report, you decide.

Update, to answer some question raised over on Techdirt: The web seminar is actually being put on by VentureOne, a VC oriented content operation. The two representatives of open source on the program are to be Larry Augustin of VA Linux fame, and now at Azure Capital, and Doug Levin, CEO of something calledBlack Duck Software. The specific mention of GPL was my own, as being the best known issue that might provide some rationale for the rhetoric. There was no such mention in the original promotional e-mail - the recipient is left to wonder what aspect of open source is so poisonous. That was my issue.

Somewhere in the Santa Cruz

Somewhere in the Santa Cruz Mountains...

... stands this amazing old growth redwood, discovered by a small band of intrepid trail surveyors this weekend. For scale, that's yours truly at center bottom; the base is about 12' in diameter. Due to its location, the top has been blown out of it at least four times, creating the unusual multiple trunked structure, each of which is four foot or so wide.

If you're in the Bay Area and come play in the dirt with us, we might tell you where to find this oldster and few other not-on-the-maps treasures.

(Photo credit: David Croker)

The Voices of Heros An

The Voices of Heros

An infant government with a weak constitution. Regional discord threatens civil war. Exports are raw materials, with no industry to speak of. Hostile neighbors sponsor an implacable resistance. Lack of health care leaves 1 in 8 mothers prematurely dead in childbirth, and up to 3 in 10 of their children die before the age of five. Many of the people wonder if the previous regime was better.

A questionable place to try an experiment in democracy, the United States of America in 1783.

Today we remembered the lives of two of our greatest leaders, one who led the first days of a more perfect union, and one who preserved it through the blood of civil war, giving freedom to those who were first denied it. It is fitting and proper that we should memorialize them by seeking to assist other peoples in obtaining their own freedom, particularly those beginning in similarly inauspicious circumstances.

Perhaps it take times that try men's souls to bring forth a Paine or a Douglass, speakers of honest and powerful words. In these latter days of irony, spin, gotcha, and weasel words, we miss their kind. But they do still exist, in places where the times require plain speech, and they have names like Mohammed, Alaa, Zeyad, Salam, and Ali. (If they can do this in English, what must they accomplish in Arabic?) It's a good day to call such men 'brother', and wish that they and others of their nation will be remembered as Founders of a democracy, another 221 years hence.