What I’m Reading on 06/23/2014

  • “Due to its early success and/or promise, Wink is about to become its own company, according to the New York Times. The company’s main technology is software that works like an operating system to connect all of your automated home devices. With the tap of Wink’s mobile app, a user is able to configure everything from a light that turns on when you walk in the door to security system settings. As a companion, Wink has just developed a hardware hub, so that devices that operate on Bluetooth, ZigBee and Z-Wave, rather than Wifi, can also connect to Wink.”

    tags: bs hub iot

Posted from Diigo. The rest of my favorite links are here.

What I’m Reading on 04/23/2014

Posted from Diigo. The rest of my favorite links are here.

What I’m Reading on 04/21/2014

Posted from Diigo. The rest of my favorite links are here.

What I’m Reading on 04/10/2014

Posted from Diigo. The rest of my favorite links are here.

For the Love of Big Data: Approach to policy can determine outcomes

Several weeks ago I was on the panel “Privacy and Innovation in the Age of Big Data” at the International Association of Privacy Professionals in Washington, DC USA. My role was to present the attraction and value of data but not to constantly interrupt myself with “but, but, but” for policy and privacy issues. That is, I was the set up for IBM‘s Chief Privacy Officer Christina Peters and Marty Abrams, Executive Director and Chief Strategist, Information Accountability Foundation, to talk policy. The audience was mainly privacy experts and attorneys.

I presented four slides and I previously posted those via SlideShare. Here and in three other posts I go through the bullets, providing more detail and points for discussion.

Approach to policy can determine outcomes

For the Love of Big Data: Approach to policy can determine outcomes

Reductions in the amount and kinds of data can produce diminished or inaccurate results

I think this is obvious: if crucial data that could help define the context is missing, then the model will probably be incomplete. Therefore, it will be hard for you to produce results that have a high confidence level, or you will be missing factors that are needed for better prediction or optimization.

Think of all the data that is necessary to predict how a particular farm field of tomatoes will do during this next summer season. Geography with elevation, expected sun and rain amounts, wind, soil conditions, planned fertilization, and natural or irrigated water supply all have an effect on what will actually happen. If your model is missing these, your prediction or your ability to tweak the factors to maximize yield will be compromised.

Policy must take into account the value received by individuals for the use of their personal data

You as a consumer may happily give a coffee shop information about your  location in order to get a discount on your next beverage. This is not exactly being “off the grid.”

Increasingly people are willing to give up personal information in exchange for discounts, higher quality, and position within social networks. Formal policy must take into account that privacy is not a fixed idea and will vary over time from person to person as more lucrative items can be traded for it.

Enforced data localization may decrease analytical completeness unless we can move intermediate results or the site of computation

If I am forced to keep all my data, metadata, and derived results within some geographical boundaries, my ability to combine these with information elsewhere will be curtailed. Can we move those other results to the constrained site for more extensive computation? Indeed, can we move the computation to the data instead of the other way around?

These are issues of both policy and cloud technology. What we do and where we do it is limited by both, but as technology often seems to advance far faster than policy, there will be a mismatch between what we can (and should) do with what we are allowed to do.

Big Data is not just about the data. It is about the intended use and the location of that use. Privacy, security, and data ownership are all important considerations that must be factored in before we do the “science” with the data.

Previous: What issues can analytics present?

Also see:

What I’m Reading on 02/06/2014

  • “Today no one dies from standard wars, not that you’d know it from Internet comments. But years, millions of dollars, and endless arguments are spent arguing about standards. The reason for our fights aren’t any different from those that drove Edison and Westinghouse: It’s all about who benefits – and profits – from a standard.”

    tags: standards

  • “People have all sorts of reasons for connecting their homes. Some people want to monitor the nanny, or keep an eye on things for security or safety reasons. Others just want to see what their pets do when they’re not around. I happen to fall into the latter camp.”

    tags: cats iot

  • “It might surprise you just how often large companies give away their code to the open source community. At that point, anyone can contribute, debug, or download the code from a repository on GitHub or the Apache Software Foundation—and then use it for themselves. “

    tags: open source

  • “He’ll arrive at the lab just in time to participate in a major new initiative aimed at doing just that. Project Lucy is a 10-year, $100 million effort by IBM to work with governments, universities and development organizations to address Africa’s grand challenges. A key element will be harnessing IBM Watson, which beat two grand-champions on the TV game show Jeopardy! IBM announced the initiative today while Chief Executive Ginni Rometty and members of her senior executive team were meeting with government and business leaders in Nigeria.”

    tags: project lucy africa ibm

  • “There are extensions that stand alone, and others that add value to existing apps and web services. Some are so useful that Chrome users should take a look and see what they are missing.”

    tags: chrome extensions

Posted from Diigo. The rest of my favorite links are here.

What I’m Reading on 01/23/2014

Posted from Diigo. The rest of my favorite links are here.

What I’m Reading on 01/01/2014

  • “If you have forgotten your Galaxy Note’s password, you can unlock the device without a factory reset, but only if you can answer your security question or if you have a Google Account set up on the phone. Note that the Google login prompt only displays after several unsuccessful attempts with your password. If you do not have a Google Account associated with the tablet or a security question configured on the device, you must do a factory reset to recover your device’s password.”

    tags: password galaxy note

  • “What follows are some of the easiest food-related resolutions you will ever make, from cooking big pots of grains and beans once a week, to buying frozen produce, to pickling things à la “Portlandia.” Committing to just a few of these, or even one, will get you moving in the right direction toward eating more plants and fewer animal products and processed foods. My suggestions are incremental, but the ease with which you can incorporate them into your normal shopping, cooking and eating routines is exactly what makes them sustainable and powerful.”

    tags: sustainable resolutions diet

  • “The shrimp in question are called Northern shrimp or, more locally, Maine shrimp. They are the southernmost appearance of a species, Pandalus borealis, that can also be found in Canadian and Icelandic waters, but the ones caught here in the Gulf of Maine tend to be at the bigger end of the species. They are usually caught in the winter, when females come close to shore to lay their eggs in cold water. They are smaller and typically sweeter than warm-water or farmed shrimp, with delicate, edible shells, and are popular in European and Scandinavian markets, although New England chefs use them, too.”

    tags: maine shrimp

Posted from Diigo. The rest of my favorite links are here.

What I’m Reading on 11/19/2013

  • “Thus, ASF can only agree to the TCK license if Oracle will amend it consistent with the 2002 side-letter referred to above — i.e. by removing or reconstruing restrictions that are incompatible with ASF’s licensing and development practices — and to make available under these terms all of the TCKs Apache has previously had access to. We would be eager to work with Oracle on these revisions.”

    tags: apache oracle

  • “The acquisition will see Microsoft pay €5.4bn to buy the unit and also license Nokia patents for the next 10 years. All of the 4,700 Nokia’s Finnish employees who work in devices and services will be transferred to Microsoft, and the country will become a new centre of mobility R&D for the company.”

    tags: nokia microsoft

  • Google is getting even more proactive about security. In a blog post on Monday, Google announced that it is expanding its Patch Reward program to pay users that uncover security flaws in Android.”

    tags: google android hack

  • “Dropbox has always had a flair for the dramatic. Its CEO and co-founder Drew Houston, for example, appeared on a YouTube clip in 2012, belting out “Rocket Man” with a pint in hand at a Swiss bar—just one of several bravura performances. The company’s offices in San Francisco—replete with swings that dangle from the ceiling, a full bar and a recording studio—are among the most decadent. And, of course, Dropbox has garnered attention for raising an incredible $257 million in funding during its five-year journey.”

Posted from Diigo. The rest of my favorite links are here.

Tuning up the website

I’m a bit under the weather today, so I’ve been sitting on the couch fiddling with this website, a WordPress blog. Its most recent large overhaul happened over the Christmas holidays at the end of 2009 when I archived my previous blog and launched this one.

The theme I had been using until then was heavily customized and had not kept up with the various improvements made in WordPress for the layout, widgets, and other features of themes. MinervaSo I switched to the new and official Twenty Ten theme, did some customizations within the user interface for such, and then added some PHP code to rotate the header images among my photos in an uploaded directory. (This last feature is more or less built in now, but my code is working so I’m keeping it.) I made these customizations in a child theme of Twenty Ten that I called Minerva after one of our cats, now unfortunately and prematurely departed.

Before I settled on Twenty Ten, I looked at dozens of candidate themes and I investigated using Drupal for the blog. Ultimately I ruled out the other themes because they didn’t have the look I wanted and I liked the idea of the WordPress team itself supporting my base theme. While Drupal was and is wonderful software, I stayed with WordPress because I wanted to preserve the links to all my old blog entries and have consistent formatting between the current and archived blogs.

Through the years I’ve added and subtracted plugins and widgets as they were updated or I found new ones that had functionality I wanted. The social buttons you see under this post are one example of using a plugin that did not exist in 2009.

I’ve been keeping WordPress itself, the plugins, and the themes up to date on a regular basis. Aside from improved or fixed functionality, this at least helps keep the security up on the site.

So today I started out by looking at the other official WordPress themes that came after Twenty Ten. These are called (wait for it): Twenty Eleven, Twenty Twelve, and Twenty Thirteen. I didn’t think any of them look better than what I have.

Then I looked at some others that are high in popularity among the thousands of WordPress themes. I downloaded and installed several of them and ultimately decided that I would stay with what I had. They either didn’t impress me visually or they would have required more customization than I’m in the mood for today.

I deleted the FaceBook plugin because it was superfluous with the new social buttons. I then started playing with the “Recent Posts” widget that is in the right column. Since I’ve been writing blog entries less frequently than I did a few years ago, many of the entries that do appear are of the “What I’m Reading” variety that are automatically generated from my use of Diigo.

Screen shot of the Recent Posts Extended widgetThe Recent Posts area was dominated by these postings of links and I wanted to exclude them. Unfortunately the built-in widget did not seem to work correctly when I adjusted the visibility of the posts to display.

It took only a few minutes to find a much improved widget called “Recent Posts Widget Extended” (catchy name). This not only allowed me to block the posts I did not want appearing but also let me include excerpts. I think it is an improvement and you can see a screen shot on the left.

So that’s it for now. I’ll still keep looking for new themes, plugins and widgets, but I’ve reached the point of diminishing returns for the moment.

What I’m Reading on 08/15/2013

Posted from Diigo. The rest of my favorite links are here.

What We Do When We Do Analytics Research

In May of 2013 I was asked to contribute an article to ProVISION, an IBM magazine published in Japan for current and potential customers and clients. That piece was translated into Japanese and published at the end of July. Below is the original article I wrote in English describing some of the work we do in my group by the scientists, software engineers, postdocs and other staff in IBM’s Research labs around the world. It was not meant to inclusive of all analytics work done in Research but was instead intended to give an idea of what a modern commercial research organization that focuses on analytics and optimization innovations does for the company and its customers.

When you look in the business media, the word analytics appears repeatedly. It is used in a vaguely mathematical, vaguely statistical, vaguely data intensive sense, but often is not precisely defined. This causes difficulties when you are trying to identify the problems to which analytics can be applied and even more when you are trying to decide if you have the appropriate people to work on a problem.

I’m going to look at analytics and the related areas to help you understand where the state of the art research is and what kind of person you need to work with you. I’ll start by separating out big data from analytics, look at some of the areas of research within my own area in IBM Research, and then focus on some new applications to human resources, an area we call Smarter Workforce.

Big Data

This is the most inclusive term in use today but, because of that generality, it can be the most confusing. Let’s start by saying that there is a large amount of data out there, there are many different kinds of data, it is being created quickly, and it can be hard to separate the important and correct information from that which you can ignore. That is, there are big data considerations for Volume, Variety, Velocity, and Veracity, the so-called “Four Vs.”

I think these four dimensions of big data give you a good idea of what you need to consider when you process the information. The data may come from databases that you currently own or may be able to access, perhaps for a price. In large organizations, information is often distributed across different departments and while, in theory, it all belongs to you, you may not have permission to use it or know how to do so. It may not be possible to easily integrate these different sources of information to use them optimally.

For example, is the “Robert Sutor who has an insurance policy for his automobile” the same person as the “Robert Sutor who has a mortgage for his home” in your financial services company? If not, you are probably not getting the maximum advantage from the data you have and, in this case, not delivering the best customer service.

Data is also being created by social networks and increasingly from devices. You would expect that your smart phone or tablet is generating information about where you are and what you are doing, but so too are larger devices like cars and trucks. Cameras are creating data for safety and security but also for medical and retail applications.

What do you do with all this information? Do you look at it in real time or do you save it for processing later? How much of it do you save? If you delete some of it now, how do you know those parts won’t be valuable when we have better technologies in a year or two?

When you have so much data, how do you process it quickly enough to make sense of it? Technologists have created various schemes to solve this. Hadoop and related software divides up the processing into smaller pieces, distributes them across multiple machines, and then recombines the individual results into a whole.

Streams processing looks at data as it is created or received, decides what is important or not, and then takes action on the significant information. It may do this by combining it with existing static data such as a customer’s purchase history or dynamic data like Twitter comments.

So far I’ve said that there is a large amount of data currently stored and being newly created, and there are some sophisticated techniques for processing it. I’ve said almost nothing about what you are doing with that data.

In the popular media, big data is everything: the information and all potential uses. Among technologists we often restrict “big data” to just what I’ve said above: the information and the basic processing techniques. Analytics is a layer on top of that to make sense of what the information is telling you.


The Wikipedia entry for analytics currently says:

Analytics is the discovery and communication of meaningful patterns in data. Especially valuable in areas rich with recorded information, analytics relies on the simultaneous application of statistics, computer programming and operations research to quantify performance. Analytics often favors data visualization to communicate insight.

Let’s look at what this is saying.

The first sentence has the key words and phrases “discovery,” “communication,” and “meaningful patterns.” If I were to give you several gigabytes, terabytes, or petabytes of data, what would you do with it to understand what it could tell you?

Suppose this data is all the surveys about how happy your customers are with your new help desk service. Could you automatically find the topics about which your customers are the most and least happy? Could you connect those to specific retailers from which your products were bought?

At what times of the day are customers most or least satisfied with your help desk and what are the characteristics of your best help desk workers? How could this information be expressed in written or visual forms so that you could understand what it is saying, how strongly the data suggests those results, and what actions you should take, if any?

Once you have the data you want to use, you filter out the unnecessary parts and clean up what remains. For example, you may not care whether I am male or female and so can delete that information, but you probably want to have a single spelling for my surname across all your records. This kind of work can be very time consuming and can be largely automated, but usually does not require an advanced degree in mathematics, statistics, or computer science.

Once you have good data, you need to produce a mathematical model of it. With this you can understand what you have, predict what might happen in the future if current trends continue or some changes are made, and optimize your results for what you hope to achieve. For our help desk example, a straightforward optimization might suggest you need to add 20% more workers at particular skill levels to deliver a 95% customer satisfaction rate. You might also insist that helpful responses be given to customers in 10 minutes or less at least 90% of the time.

A more sophisticated optimization might look at how you can improve the channels through which your products are purchased, eliminating those that cause the most customer problems and deliver the least profit to you.

For the basic modeling, prediction, and optimization work, one or more people with undergraduate or masters graduate degrees in statistics, operations research, data mining/machine learning, or applied mathematics may be able to do the work for you if it is fairly standard and based on common models.

For more sophisticated work involving new algorithms, models, techniques, or probabilistic or statistical methods, someone with a Ph.D. is most likely needed. This is especially true if multiple data sources are combined and analyzed using multiple models and techniques. Analytics teams usually have several people with different areas of expertise. It is not uncommon to see one third of a team with doctorates and the rest with undergraduate or masters degrees.

Our work at IBM Research

I lead the largest worldwide commercial mathematics department in the industry, with researchers and software engineers spread out over twelve labs in Japan, the United States, China, India, Australia, Brazil, Israel, Ireland, and Switzerland.

While the department is called “Business Analytics and Mathematical Sciences,” we are not the only ones in IBM Research who do either analytics or mathematics. We are the largest concentration of scientists working on the core mathematical disciplines, which we then apply to problems in many industries, often in partnership with our Research colleagues and those in IBM’s services business divisions.

We divide our work in what we call strategic initiatives, several of which I’ll describe here. In each of these areas we write papers, deliver talks at academic and industry conferences, get patents, help IBM’s internal operations, augment our products, and deliver value to clients directly through services engagements.

Visual Analytics

One of the topics in IBM’s 2013 edition of the Global Technology Outlook is Visual Analytics. This differs from visualization in that it provides an interactive way to see, understand, and manipulate the underlying model and data sources in an analytics application. Visual analytics often compresses several dimensions of geographic, operational, financial, and statistical data into an easy to use form on a laptop or a tablet.

Visual Analytics combines a rich interactive visual experience with sophisticated analytics on the data, and I describe many of the analytics areas in which we work in the sections below. Our research involves visual representations and integration with the underlying data and model, client-server architectures for storing and processing information efficiently on the backend or a mobile device, and enhancing user experiences for spatio-temporal analytics, described next.

Spatio-temporal Analytics

This is a particularly sophisticated name for looking at data that changes over time and is associated with particular areas or locations. This is especially important now because of mobile devices. Information about what someone is doing, when they are doing it, and where they are doing it may be available for analysis. Other example applications include the spread of diseases; impact of pollution; weather; geographic aspects of social network effects on purchases; and sales pipeline, closings, and forecasting.

The space considered may be either two- or three-dimensional, with the latter becoming more important in, for example, analysis of sales over time in a department store with multiple floors. Research includes how to better model the data, make accurate predictions using it, and using new visual analytics techniques to understand, explore, and communicate insights gained from it.

Event Monitoring, Detection, and Control

In this area, many events are happening quickly and you need to make sense of what is normal and what is anomalous behavior. For example, given a sequence of many financial transactions, can you detect when fraud is occurring?

Similarly, video cameras in train stations produce data from many different locations. This data can be interpreted to understand what are the normal passenger and staff actions at different times of the day and on different days, and what actions may indicate theft, violent behavior, or more even more serious activities.

Analysis of Interacting Complex Systems

The world is a complicated place, as is a city or even the transportation network within that city. While you may be able to create partial models for a city’s power grid, the various kinds of transportation, water usage, emergency healthcare and personnel, it is extremely difficult to mathematically model all these together. They are each complicated and changes in one can result in changes in another that are very hard to predict. There are many other examples of complex systems with parts that interact.

Simulation is a common technique to optimize such systems. The methods of machine learning can help determine how to realistically simulate the components of the system. Mathematical techniques to work backwards from the observed data to the models can help increase the prediction accuracy of the analytics.

This focus area provides the mathematical underpinnings for what we in IBM do in our Smarter Cities and Smarter Planet work.

Decision Making under Uncertainty

Very little in real life is done in conditions of absolute certainty. If you run a power plant, do you know exactly how much energy should be produced to meet an uncertain demand? How will weather in a growing season affect the yield from agriculture? How will your product fare in the marketplace if your competitor introduces something similar? How will that vary by when the competitive product is introduced?

If you factor in uncertainty from the beginning, you can better hedge your options to maximize metrics such as profit and efficiency. There are many ways to quantify uncertainty and incorporate it into analytical models for optimization. The exact techniques used will depend on the number and complexity of the events that represent the uncertainty.

Revenue and Price Optimization

The decisions you make around the price you charge for your products or services, and therefore the hoped-for revenue, are increasingly being affected by what happens on the demand side of your business. For example, comments spread through social media can significantly increase or decrease the demand for your products. Aggressive low pricing given to social media influencers can increase the “buzz” around your product in the community, thereby increasing the number of units sold. If you can give personalized pricing to consumers that is influenced by their past purchase behavior, you can affect how likely they are to buy from you again.

Demand shaping can help match what you have in inventory to what you can convince people to buy. This focus area therefore affects inventory and manufacturing, and so the entire supply chain.

Condition Based Predictive Asset Management

When will a machine in your factory fail, a part in your truck break, or a water pipe in your city spring a leak? If we can predict these events, we can better schedule maintenance before the breakages occur, keeping your business up and running.

We can get the parts we need and the people who will do the work lined up and doing the work in a timely way. Since there are multiple assets that may fail, we can help prioritize which work should be done earlier to keep the whole system operating, even given the process dependencies.

Integrated Enterprise Operations

You can think of this focus area as a specific application of the Analysis of Interacting Complex Systems work described above to the process areas within an organization or company. For example, a steel company receives orders from many customers requesting different products made from several quality grades. These must be manufactured and delivered in a way that optimizes use of the stock material available, configures and schedules tooling machines, minimizes energy usage, and maintains the necessary quality levels.

While each component process can be optimized, the research element of this concerns how to do the best possible job for all the related tasks together.

Smarter Finance

I think of this as the analytical tools necessary for the Chief Financial Officer of the future. It integrates both operational and financial data to optimize the overall financial posture of an organization, including risk and compliance activities.

Another element of Smarter Finance includes applications to banking. These include optimization of branch locations and optimal use of third party agencies for credit default collections.

Smarter Workforce

A particularly large strategic focus area in which we are working is the application of analytics to human resources, which we call Smarter Workforce. We’ve been involved with this internally with IBM’s own employees for almost ten years, and we recently announced that we would make two aspects of our work, Retention Analytics and Survey Analytics, available to customers.

Retention analytics provides answers to the following questions: Which of my employees are most likely to leave? What characterizes those employees in terms of role, geography, and recent evaluations and promotions? What will it cost to replace an employee who leaves? How should I best distribute salary increases to the employees I most want to stay in order to minimize overall attrition?

Beyond this, we are doing related research to link the workforce analytics to the operational and financial analytics for the rest of an organization. For example, what will be the affect on this quarter’s revenue if 10% of my sales force in Tokyo leaves in the next two weeks?

Survey analytics measures the positive and negative sentiment within an organization. While analytics will not replace a manager knowing and understanding his or her employees, survey analytics takes employee input and uncovers information that might otherwise be hard to see. Earlier I discussed a customer help desk. What if that help desk was for your employees? How could you best understand what features your employees most liked or disliked, and their suggestions for improvement?

This is one example of using social data to augment traditional analytics on your organization’s information. Many of our focus areas now incorporate social media data analytics, and that itself is a rich area of research to understand how to do it correctly to get useful results and insight.

In Conclusion

Analytics has very broad applications and is based on decades of work in statistics, applied mathematics, operations research, and computer science. It complements the information management aspects of big data. As the availability of more and different kinds of data increases, we in IBM Research continue to work at the leading edge to create new algorithms, models and techniques to make sense of that data. This will lead, we believe, to more efficient operations and financial performance for our customers and ourselves.

Daily links for 12/06/2012

Posted from Diigo. The rest of my favorite links are here.

Daily links for 10/08/2012

  • “An even bigger challenge is the coming explosion of machine-to-machine (M2M) data. Wireless sensors, for instance, are becoming commonplace in a variety of consumer and industrial devices, including vending machines, healthcare products, home security systems, and parking meters. Sensors are increasingly ubiquitous in the transportation industry, too. High-speed trains in Japan, for instance, have sensors that check for seismic activity, environmental changes, unexpected rail traffic, and other anomalies.”

    tags: analytics bigdata

  • “Dan Feinberg, director of the Northeastern University Health Informatics graduate program, said he believes that having the ability to analyze data will eventually become the equivalent of having electricity for medical practices. It will be a necessary part of delivering care and will become central to what doctors do on a daily basis, but analytics will become such a common tool that it will cease to differentiate practices from one another.”

    tags: analytics healthcare

  • “We’re thrilled to announce Union Metrics for Tumblr. This is the very first measurement product designed specifically for Tumblr that provides analytics based on their entire firehose of data. That includes more than 100 million Tumblr events per day. And, to add to the excitement, Tumblr has officially named us their preferred analytics provider!”

    tags: tumblr analytics

Posted from Diigo. The rest of my favorite links are here.

Daily links for 06/15/2012

  • “Last week we announced the release of AppScan Enterprise v8.6 and its ability to integrate with QRadar. QRadar – which automatically maintains and updates information about each host system’s services, applications, vulnerabilities, traffic/use level, Internet exposure, users and more – is enhanced by the addition of application vulnerabilities information from AppScan. This greater context allows QRadar to better detect and prioritize threats by calculating more accurate risk levels for each asset and more accurate offense scores for each incident. In addition to creating more accurate overall risk levels for each asset in QRadar’s asset database, application vulnerabilities information also helps QRadar better detect and prioritize threats through real-time correlation with IPS/IDS alerts.”

    tags: security ibm

Posted from Diigo. The rest of my favorite links are here.

Daily links for 05/31/2012

Posted from Diigo. The rest of my favorite links are here.

Mobile: Build, Connect, Manage, Secure, Extend, Transform

In various IBM presentations about mobile starting at the Impact conference at the end of April, we’ve been using a slide that looks like this:

IBM Mobile Strategy

I’m going to give a quick introduction to some of the terms on the slide and what we mean by them.

Client Mobile Initiatives

From IBM’s perspective, what is the client trying to do with mobile and why might they want to talk to IBM about it? In an earlier draft of this we used the phrase “client mobile entry points.” This wasn’t always clear to people, but it did convey the idea that a customer is starting from one very specific aspect of mobile and wants to have a discussion about that. The three areas on the slide intersect all parts of the mobile lifecycle.

Now let’s start in the upper right corner and move clockwise.

Build and Connect

It is often the development or IT staff that begins here.

Where do mobile apps come from? What is necessary to construct the part of the app that lives on the device, smartphone or tablet, and the part that lives on the server on the backend? What tools are available for the developer for the full application lifecycle? How about testing for all the mobile operating systems and devices? For the device, what framework will allow you to have exactly the right balance of native code and HTML5 to give you the functionality, performance, and portability you need? How will you handle having apps for at least Apple iOS and Android? On the server side, can you use Java to create the code to support whatever you mobile app is supposed to do?

Regarding connectivity, this includes from the device to the backend and then also among the backend systems, applications, and databases to which you need to communicate. Having a system that can talk primarily to only one kind of backend system might seem expedient today but will possibly not support everything you want to do with future mobile apps. Having a mobile server that sits in the corner and has only weak integration with your services, messaging systems, and enterprise services busses is not really being enterprise-ready.

Manage and Secure

It is often the operational IT staff or CIO’s office that begins here.

It can be very hard at times to separate all the capabilities needed for security, application management, and device management. I think it is a very smart career move to become highly proficient in all the elements of mobile security.

Almost everything you can use for security for the web, you can use for mobile. You need to manage security at the device level, at the individual app level, over the network, and within the enterprise infrastructure. Since mobile devices will increasingly be used for portions of sophisticated attacks from many directions and sources, you’ll need security intelligence based on analytics that can correlate, detect, and shutdown such attacks.

The area of data separation is getting a lot of attention these days through techniques like partitioning, containerization, and virtualization. We’ve seen many ways of doing this, especially for Android, and I’m waiting to see what Apple might do in this area.

It’s best to catch security problems before your app goes out the door.

At Impact I heard an estimate that there were close to 100 Mobile Device Management vendors out there. Choose carefully for the long term, especially if this is your most important and earliest mobile project.

Extend and Transform

This is place where the business side usually starts. Geolocation from the mobile device is frequently necessary for these apps to differentiate themselves from laptop alternatives.

Many customers are extending existing applications or channels to mobile. Have an online retail website? Create, or have someone else create, a dedicated and branded mobile app that allows catalog browsing and purchases.

If you are a bank, similarly create a mobile app but decide what functionality should be in there. I might apply for a mortgage from within my laptop’s browser but I won’t be doing it from my smartphone.

So extend means to take what you’ve got and add a mobile dimension. This is increasingly becoming table stakes, or required, for B2C enterprises. Many companies are focusing on doing this and many people are getting paid to help them do it.

For me, “transform” is the really interesting one of these two, however essential “extend” is. This means combining multiple services to create significant added value. Put another way,

a transformational mobile app is one that significantly improves the quality of your personal or business life, allowing you to do things you have never done before, and permitting you to be more effective and productive in an especially seamless way.

Transformational apps often pull in social and commerce aspects, backed by analytics. They may involve partnering between players in difference industries such as financial services, hospitality, retail, healthcare, government, and travel and transportation.

What I learned about mobile at IBM Impact 2012

In this post I talk about IBM mobile products and what happened at a large IBM conference. As a result, it is more specific to IBM’s offerings than some of my other blog entries.

This week I’ve been in Las Vegas at the IBM Impact conference. The days have been a blur of meetings with partners, customers, and colleagues from around the world. We’ve talked about the new PureApplication System and updates across the software portfolio for connectivity, integration, business process and decision management, and application integration.

The Liberty Profile in the new WebSphere Application Server version 8.5 has been an especially hot topic. Conversations about that often go something like “It takes up less than 50Mb. Wow! It loads in 5 seconds. Show me! You can develop with it on your Mac. IBM did that?”

We’ve also had quite a few conversations about mobile and I’ve learned a lot.

Now I’m one of the executive leaders for mobile at IBM and I discussed it (briefly) on the main stage on Tuesday, gave an hour+ talk on “Top 11 Trends for Mobile Enterprise,” did press interviews and a panel with journalists, and challenged and was challenged by industry analysts on the topic. So I had a lot to say about mobile. But more than whatever I said, I learned an incredible amount of what our customers and partners are doing with mobile today. We also discussed how IBM’s new mobile products, IBM Worklight 5.0 and the IBM Mobile Foundation, could be essential to them over the next few years.

Here’s a bit of what I learned.

System integrators are looking to pick the one or two best mobile platforms on which to focus their efforts. The hybrid mobile app development model in IBM Worklight is very appealing because of its open standards and technology approach, and because it allows the creation of everything from pure native apps to those that are mostly HTML5 content.

Security and app management are critically important. Both IBM Worklight and Endpoint Manager for Mobile Devices, included in the IBM Mobile Foundation, have capabilities that address this. In some organizations, the BYOD, or Bring Your Own Device, movement is accelerating their concerns but also their need to react quickly. My suggestion is to consider security and device management as extensions of what you already do for your website, web applications, and hardware like laptops and servers. Don’t think of mobile as this odd new thing, consider it as adding on to what you do already.

Partners have started building mobile apps on Worklight, often without any initial guidance from IBM. This is wonderful. It reaffirms what we knew when we acquired the company earlier this year: Worklight is an elegant product that you can use to create mobile apps for multiple device types, connecting them securely to your backend infrastructure.

Mobile apps are not islands. That is, don’t think of a mobile app server as something that sits in the corner by itself while the rest of your infrastructure is elsewhere. We included IBM WebSphere Cast Iron in the IBM Mobile Foundation because we knew that customers and clients needed to have apps talk to enterprise applications like SAP but also services that run on clouds.

Infrastructure support for a mobile app could be very little or might need to be very large. IBM Worklight 5.0 will ship the Liberty Profile of WebSphere Application Server in the box. So you get small and fast. If you have an existing WebSphere Application Server ND deployment, you can put IBM Worklight right on top of that. This includes WebSphere running on System z mainframes using Red Hat Enterprise Linux.

Mobile can extend your business. If you have a web presence for retail, mobile can extend that. If you are a bank and have ATMs, mobile can extend some of those functions to mobile devices. If you have automotive repair shops, mobile can increase customer trust and loyalty.

Mobile can transform your business. Your first mobile apps will enable some core functionality, but later apps and versions may bring in social, analytics, commerce, and industry-specific elements. Don’t think of just an air travel app, think of one that helps me use my time in airports productively and eat healthily.

So to sum it up: mobile is surging for good reasons, customers and partners are asking the right questions, IBM Worklight is appealing to them as platform on which to build multiple mobile apps, we think the IBM Mobile Foundation is a solid base on which construct your mobile enterprise, and I’m looking forward to showcasing the many, many mobile apps created by and for our customers and partners at Impact 2013.

Daily links for 05/02/2012

  • IBM has been steadily investing in the mobile space for more than a decade, both organically and through acquisitions: building a complete portfolio of software and services that delivers enterprise-ready mobility for clients. Increasingly, enterprises are reaching beyond their traditional IT boundaries by consuming new Cloud services and creating new mobile applications for employees and customers for broad consumption by customers, partners and developers.”

    tags: ibm mobile foundation

  • “IBM also added ways for enterprises to bring their current data and services to mobile devices. New capabilities in IBM DataPower appliances are designed to help IT departments quickly bring their existing resources to mobile devices. WebSphere Cast Iron, based on technology the company acquired through its 2010 buyout of hybrid cloud software vendor Cast Iron, can help enterprises link mobile applications to clouds and other back-end infrastructure, according to IBM.”

    tags: ibm mobile

  • “Looking to give solution providers a leg up in the mobile computing market that is expected to grow from $22 billion in 2012 to $36 billion by 2015, IBM today rolled out Mobile Foundation, a portfolio of IBM mobile computing technologies that are designed to simplify the management of mobile computing and applications in the enterprise.”

    tags: ibm foundation mobile

  • “Building on its recent acquisition of Worklight, the new foundation further expands IBM’s strategy to provide clients with a mobile platform that spans application development, integration, security and management. For example, using the IBM Mobile Foundation, an airline can transform the way it interacts with its customers by establishing a secure two-way relationship with mobile applications, IBM said. Now, they can use their applications not only to keep customers apprised of their travel plans and current weather conditions, but also send push-notifications to alert them if there are changes or opportunities for upgrades. This is all made possible by deep integration into the airlines’ back-end systems and relevant cloud services.”

    tags: ibm mobile

  • “IBM has wasted no time in exploiting the technology it acquired through its January purchase of mobile apps platform provider Worklight, which underpins the new Mobile Foundation release. At its Impact show in Las Vegas on Monday, the firm launched a new set of mobile tools that let developers build a single application and then run it across multiple mobile platforms, such as Apple‘s IOS, Google‘s Android and RIM’s Blackberry.:

    tags: ibm mobile

Posted from Diigo. The rest of my favorite links are here.

The spectrum of hybrid mobile app development with Worklight

The hybrid approach to developing mobile apps offers advantages for those wishing to produce pure native apps or those that have HTML5 content.

Earlier in 2012, on January 31, IBM announced its planned acquisition of Worklight, a provider of a mobile application development platform. Several weeks later the deal closed. There’s a lot of discussion of Worklight and IBM’s Mobile Enterprise strategy here at the IBM Impact Conference in Las Vegas this week.

Worklight’s components include a Java-based server that can run on the WebSphere Application Server, developer tools that can integrate with app lifecycle products from IBM Rational, a runtime monitoring and application management console, and multi-device runtime support. For this last part, Worklight uses a hybrid approach based on PhoneGap (now incubating in the Apache Software Foundation as the Cordova project).

A hybrid approach like this is an elegant way of using open technologies and standards to span the full spectrum of mobile application development.

The mobile spectrum for hybrid

The advantages to using HTML5 is that the content (HTML), CSS (formatting and UI), and Javascript (coding logic and UI) are portable across browsers on many devices. Your HTML5 will look and operate the same on Apple iOS, Android, and other modern devices.

If you can build your app entirely using HTML5, do it. You can place it on the web or your intranet and your users can access it anytime they want. You can also update it when you wish. You can also skip the whole app store experience. This approach is based on open standards, the best way we have found to handle interoperability.

At the other end, we have Native. This uses the low level APIs and programming languages for specific devices. For example, for Apple iPhones and iPads you would usually code your app in Objective-C and link in any other libraries you need. The full power of the SDK and device is available to you.

It is also completely non-portable, albeit powerful. When you need to produce an Android version, be prepared to code the app all over again. Each version will look completely native to the device, and this is an advantage to multiplatform approaches that force apps to have a common but non-native look everywhere. (“Our app works the same and looks ugly everywhere.”)

For hybrid apps, you use only enough native code to establish the main processing loop for your app, use device capabilities like the camera, and link in any special binary libraries. You try to maximize your use of HTML5 so that as much of your app is portable. PhoneGap and hence Worklight can help make your use of native code easier to port across platforms. Throw in Worklight’s support for Javascript frameworks like Dojo, jQuery Mobile, and Sencha Touch, and you’ve got a powerful solution.

Here’s something important that a lot of people miss about the hybrid approach. If you use no HTML5 content whatsoever, you still get the app manageability, push notification framework, and security from Worklight. So you get a pure native app that is nevertheless in the same “family” as your mobile apps that do include HTML5.

At the other other extreme, even if you use no special native features and try to have your app being almost completely HTML5, you get to put your app in an app store, and you, once again, get the app manageability, push notification framework, and security from Worklight.

Worklight logoSo Worklight and its hybrid approach covers almost the entire range from pure HTML5 to pure Native.

What if you already have a source of HTML like an app server or portal and want to build a mobile app around it? You can use this content, CSS, and Javascript as the main core of a mobile app built with Worklight. So what you built in the past can be repurposed in your mobile apps.

This also means that your developers’ web programming skills are usable when building Worklight hybrid mobile apps. If you are a software developer, this is a very effective way to quickly add mobile app development to your portfolio of skills.

Some apps will use a lot of HTML5, some will use very little. With Worklight’s hybrid approach, your skills are applicable across many different kinds of mobile apps. This is important, trust me, because you won’t be building just one mobile app in the future.

Also see:

Daily links for 03/30/2012

  • “City government agencies around the world continue to explore mobile applications to provide services more effectively and to reach citizens in new ways. And it’s not just for civil services — cities are embracing apps to highlight their own civic culture and even promote community action. Here are 10 cities that offer mobile apps for citizens, tourists or both. Does your city have an app? What do you like about it?”

    tags: mobile apps

  • “Hearn believes that mobile app development projects will start to take security and privacy into the design process within the next two years because a lot of countries around the world are focusing on the privacy issues and starting to pass more legislation that make the penalties a lot stricter and harsher for business that don’t do it.”

    tags: mobile privacy security

  • “Mobile development has come a long way in the past few years. But as technology continues to introduce new and more innovating products at a rapid pace, there’s room for many developers to make huge mistakes along the way — ones that could jeopardize their product or even their entire business.”

    tags: mobile app development

  • “We enlisted IBM‘s Leigh Williamson, a Distinguished Engineer and a member of the CTO Team, to guide us through the different ways that developers can go about app testing. Testing is not as simple as a developer trying to troubleshoot the native code on an app. Mobile apps are often vertical software systems with a variety of moving parts on the front end, in the middle and in a back-end cloud. Your code on the device may be running perfectly fine, but you would never know it because it is being corrupted from the back end that feeds it information. Or maybe some of the middle-tier services, like third-party SDKs, are running improperly. When something goes wrong, sometimes it is easy to figure out what is broken. Many times, you have no idea.”

    tags: mobile app testing

Posted from Diigo. The rest of my favorite links are here.

Daily links for 03/17/2012

Posted from Diigo. The rest of my favorite links are here.

The mobile lifecycle

I’ve been giving many talks lately to customers and partners about IBM‘s mobile strategy and recent moves in our product portfolios. See, for example, the news of the Worklight acquisition and the presentation I gave at Mobile World Congress 2012. Here are some more detail on one of the slides, the mobile lifecycle.

Mobile lifecycle issues

Let’s go through the bullets one by one.

Strong demand by LoB

Mobile is personal: people have and use smartphones and tablets in their everyday lives. It makes it much easier for business people to imagine how mobile apps can affect and improve their effectiveness, customer loyalty, and revenue. This then drives the CIO, CTO, and the IT staff to decide how to create and distribute the apps. Their decisions include choosing a platform on which they can can consistently build the 5, 10 or more apps they will create in the next 3 to 5 years.

Higher expectations of user experience with mobile apps

Since people have so much experience with personal use of mobile apps, even games, they  expect very high quality user experiences from apps provided by enterprises such as banks, insurance companies, healthcare providers, and governments. They have similar high expectations for any apps they use to get their jobs done, such as business analytics, workflow, supply chain, commerce, and social business.

Lack of best practices guidance on how to deliver mobile applications

There’s been a lot of mobile app building experimentation by businesses in the last two years. Many of the apps were outsourced and, while they may look good, came in much more expensively than expected. Some of the apps were native, some were HTML5, and some were done in “interesting” ways. Businesses need to control the costs in building and maintaining the apps, while getting maximal reuse of current staff technical knowledge. This means you take what you know and apply it to creating your first mobile app, but also use the same information and technologies to build many mobile apps after that.

More direct involvement from users/stakeholders in design

It’s not up to the IT team to figure out all the technology to build, run, connect, manage, and secure mobile apps as well as to define the user experience. People who will be using the apps want to influence the interface design, and in many cases insist upon it.

Native programming models are not portable across devices

You can create amazing beautiful and functional apps using pure native methods with the Apple iOS and Android SDKs. Whichever one you pick, you can then do it all over again for the other one. This may be what you have to do, but recognize the difficulty and the expense. While some companies offer on-device environments to try to make apps work and look the same across devices, I think a much better approach is to maximize the use of open standards like HTML5. You also need to balance optimizing for a particular device, maximizing cross-platform code, and not having your app behave in a “least common denominator” manner.

Highly fragmented set of mobile devices and platforms

Raise your hand if you think we won’t see any more mobile operating systems in the next five years. Anybody? Nobody? Apple is different from Android which is different from BlackBerry which is different from Windows Phone. Android? Which version of Android? You need a mobile development and management platform that can handle mobile devices that exist today and will be introduced in the next few years.

Very large number of configurations of devices, platforms, carriers, etc. to test

Not only do we have many mobile operating systems, we have many handset providers and they may tweak the operating system and the applications available on it. The same goes for telcos. So you need a testing strategy that helps you cover the range of platforms you want to support. By the way, it is ok to say that you won’t cover all possible combinations. Pick the ones you absolutely must support and choose a mobile development and management platform that can handle those and the ones on your immediate roadmap.

Mobile landscape evolves at a much faster pace

New handsets come out every year, as well as major versions of mobile operating systems. Point releases of the operating systems come out every few months. For smartphones and tablets, many parts of the world are shifting from 3G to 4G. If you take too long to develop your mobile application or solution, you will be a generation or two behind by the time it gets to market.

More frequent releases and updates for apps with more urgent time-to-market demands

Not only do you have to get your app to market to match the hardware and software used by your consumers, you have to update and distribute your app as frequently as necessary to address bug and security fixes and competitive feature additions. Backward compatibility is important, but you need to evolve your app as fast as necessary to deliver what your users need to be productive and to stay your users.

Daily links for 02/29/2012

  • “With these latest mobile announcements, Sutor said IBM continues to complete a set of mobile-optimized tools and capabilities to support mobile apps across their lifecycle — design, development, test, provision and operate.  But the focus goes beyond traditional SDLC, he added. Because mobile apps – whether enterprise or B2C – also often need to communicate with and access legacy resources (database, policy, security, management), the IBM announcements also deliver special mobile-optimized integration, security, compliance and management, Sutor added.”

    tags: ibm mobile worklight

Posted from Diigo. The rest of my favorite links are here.

Interview with me on mobile

The February issue of the IBM Smart SOA & BPM Newsletter has an interview with me titled “Delivering value with mobile enterprise technologies.” From the introduction:

We asked the Vice President of IBM Mobile and member of the IBM Academy of Technology to discuss the trends in mobile computing and the advantages of these trends to businesses today. Sutor talks about the biggest challenges that organizations face when building a mobile enterprise, and how they can get started on the right path, including using security controls and standards, to achieve business value from mobile enterprise technologies.

I answered the questions:

  • What trends do you see in regard to mobile technologies and use of these technologies?
  • What advantages do these trends bring to organizations?
  • What are the biggest challenges organizations are facing in integrating mobile technology into their businesses?
  • What can businesses to do maintain security controls?
  • What role do standards play in building a mobile enterprise?
  • How can a business get started with mobile technologies?

Daily links for 02/23/2012

Posted from Diigo. The rest of my favorite links are here.

Daily links for 02/15/2012

  • “The flaw — which involves a small but measurable number of cases — has to do with the way the system generates random numbers, which are used to make it practically impossible for an attacker to unscramble digital messages.”

    tags: security

  • “Minecraft’s open-ended creation has made it possible to recreate places and objects inside its virtual world. We’ve seen Minecraft renditions of Hyrule, the Death Star trench run from Star Wars, and even the first level of Super Mario Land. Now, one gamer used the virtual world of Minecraft to recreate Azeroth, the titular world in the massively popular World of Warcraft.”

    tags: minecraft wow

Posted from Diigo. The rest of my favorite links are here.

Podcast now available: Enterprise Mobile Management and Security

Yesterday my IBM colleagues Caleb Barlow, Vijay Dheap, Naveed Makhani and I recorded a podcast called “Enterprise Mobile Management and Security.” In it we discussed BYOD (Bring Your Own Device), mobile management, mobile security, why mobile is posing new opportunities and challenges for IT departments, what’s new about mobile, and IBM’s announced acquisition plans around Worklight.

You can listen to it several ways:

Upcoming podcast about Enterprise Mobile Management and Security

On Monday, February 6, at 4 pm et, I’ll join my IBM colleagues Caleb Barlow, Vijay Dheap and Naveed Makhani to discuss “Enterprise Mobile Management and Security”. As you might expect, I’ll also talk about IBM’s planned acquisition of mobile application vendor Worklight.

Visit the podcast website for more information about listening in. Here’s the excerpt for the session:

Mobile devices are rapidly becoming the end-point that drives business results. With the increasing trends in “bring your own device” and mobile threats doubling in 2011 how do you responsibly embrace mobile while protecting your security and IT infrastructure? In this podcast Caleb is joined by Bob Sutor, Vijay Dheap and Naveed Makhani to discuss the trends in mobile along with IBM’s intention to acquire Worklight.

IBM: Going Mobile with two big announcements

Today IBM announced some important enhancements to its Mobile strategy for supporting customers looking to grow and transform their businesses, whether they are B2C, B2B, or B2E.

IBM Advances Mobile Capabilities with Acquisition of Worklight

From the press release:

In a move that will help expand the enterprise mobile capabilities it offers to clients, IBM today announced a definitive agreement to acquire Worklight, a privately held Israeli-based provider of mobile software for smartphones and tablets. Financial terms were not disclosed.

With this acquisition, IBM’s mobile offerings will span mobile application development, integration, security and management. Worklight will become an important piece of IBM’s mobility strategy, offering clients an open platform that helps speed the delivery of existing and new mobile applications to multiple devices. It also helps enable secure connections between smartphone and tablet applications with enterprise IT systems.

IBM Announces New Software to Manage and Secure the Influx of Mobile Devices to the Workplace

From the press release:

IBM today introduced new software to help organizations better manage and secure the explosion of smartphones and tablets in the workplace, while also managing laptops, desktops and servers.

IBM Endpoint Manager for Mobile Devices helps organizations support and protect the growing mobile workforce. Through this software, firms can use a single solution to secure and manage smartphones and tablets, as well as laptops, desktop PCs, and servers. It manages Apple iOS, Google Android, Nokia Symbian, and Microsoft Windows Mobile and Windows Phone devices.

The software extends security intelligence to deal with the growing threats from mainstream adoption of the BYOD trend. Organizations can install the IBM software in hours, remotely set policies, identify potential data compromises and wipe data off the devices if they are lost or stolen. The software helps configure and enforce passcode policies, encryption and virtual private network settings.

Why I think this is important

After spending the last several months speaking with customers, I’ve concluded that 2012 will be a very significant year for Mobile in the enterprise. I think this is the year when customers will decide on the mobile platforms and tools that will carry them into the middle of the decade, and begin to discard earlier experiments.

The old category of MAP or MEAP (Mobile Application Platform or Mobile Enterprise Application Platform) is not sufficient anymore. Customers need everything to build, run, connect, manage, and secure mobile applications. Remember that we’re not just talking about the apps on the devices (and there are many devices), but also the backend server infrastructure necessary, and this needs to be enterprise-ready. By this I mean that it needs to scale and you must be able to integrate it with the services, applications, processes and data that are essential to your organization.

Therefore the modern Mobile platform needs device-side and server-side application development and lifecycle tools; support for multiple devices and mobile operating systems; mobile application an device management; security capabilities from the devices all the way to the back-end; and scalable, transaction-capable connections to the IT systems on which your organization depends for its business. This is what IBM is demonstrating today in these strategic announcements in addition to its existing products and solutions.

Join me today in Tweetchats

I’ll be using Twiiter today for 2 one hour sessions to discuss these announcements with Scott Hebner, VP of Marketing and Channel Management for IBM Tivoli.
The first session is planned for 10:30 to 11:30 AM ET and the second for 1:00 to 2:00 PM ET.

Both sessions will use the hashtag #ibmmobile. My Twitter name is @bob_sutor and Scott’s is @SLHebner.

You can follow us via your usual Twitter client or else use the Tweetchat tool at http://tweetchat.com/room/ibmmobile.

Also see these blog entries

IBM mobile infographic

Daily links for 01/19/2012

  • “But 2011 was the tipping point. iPhones now have more users than BlackBerrys within corporate environments, and Aberdeen Group mobile analyst Andrew Borg notes that many organizations have figured out how to handle the Apple security model comfortably, lessening the dependence on BlackBerry Enterprise Server outside of a small percentage users with special security requirements. Additionally, iPads became the corporate standard, with Windows-like market share, for tablets the same year. In fact, Aberdeen Group says that 96 percent of businesses have at least one iPad in use. Who’d have thunk it?”

    tags: apple mobile blackberry

  • “Among the more than 700 IT professionals polled for a Check Point study (PDF) out today, iOS accounted for 30 percent of the collective traffic on their networks. But RIM’s BlackBerry was hot on Apple’s trail with 29 percent. As BlackBerry has long been a corporate standard, the rise of iOS is a clear sign of the consumerization of IT in which employees want to use the same devices at work that they use at home. The trend is even more notable since Apple gears its products for individual consumers with little focus on the enterprise market specifically.”

    tags: apple ios blackberry

Posted from Diigo. The rest of my favorite links are here.

Thoughts on mobile management

What does it mean to manage a mobile device, say a smartphone like an Apple iPhone or one with Google‘s Android operating system?

At the lowest level, the device level, you might want to

  • establish a policy for length and structure of passwords
  • set or reset a password
  • detect whether the phone had been jail-broken or rooted
  • configure device-wide VPN
  • set power management policies
  • manage the low level security of the filesystem or other local storage
  • wipe the device entirely or reset it to factory settings

Above that, at the application level, you might want to

  • inventory the device for installed applications
  • install or update applications
  • set security policies for use of the applications, their data, and their network connections
  • selectively remove an application or its data
  • configure application-specific VPN
  • manage anti-virus and other security tools for browsers and other applications that access the web
  • manage installation and use of an enterprise application store behind a firewall, private hosted outside, or via external sites like the Apple iTunes Store or the Android Marketplace

The first list of items, with additional functions, is part of Mobile Device Management, or MDM. Note that people do sometimes confuse “MDM” in this context with “Master Data Management.”

The second collection is part of Mobile Application Management, sometimes shortened to MAM.

The first thing to notice is that what I deemed “management” often has a lot to do with security, especially when the phone is used to access enterprise data and systems.

Second, in practice, those who provide MDM functionality often provide some MAM functionality, and vice-versa. That is, a vendor might say “I can give you an enterprise app store but can also wipe devices.”

BYOD, or “bring your own device” complicates things because I probably do not want the organization for which I work to impose overbearing policies that affect my personal use of my phone. I certainly don’t want them to wipe my entire device if I leave the organization juto remove all traces of enterprise data or network access.

So the line is blurry between MDM and MAM, and I think we should get rid of the distinction altogether. That is, let’s just talk about Mobile Management and combine the two categories above. It will simplify things, remove the imprecision of the definitions, and bring better clarity to what vendors do and do not offer.

So if we can agree that Mobile Management consists of 27 common capabilities (for example), a vendor that offers 5 of them can be more fairly compared with one that offers 25.

No doubt that vendor proving minimum capability will embellish the description by adding “but we do it from the cloud!” (grin)

Mobile BYOD is not unbounded

BYOD, or “bring your own device,” is an important topic in today’s discussion of mobile in the enterprise. Employees buy their own smartphones or tablets, love them, then bring them to work and want to use them to access company data, systems, and applications.

For the CIO, this represents an opportunity to save money by not having to pay for and provide devices, but opens up many questions about how to allow secure access and management of the enterprise portions of those devices. I’m here at the Lotusphere conference in Orlando, so it shouldn’t surprise you when I say that many of IBM‘s customers are looking at Lotus Traveler for secure access to email, calendar, and contacts on mobile devices, for example.

BYOD does not mean that any employee can bring any device to the office and demand that it be allowed access to the company’s digital infrastructure. That said, if the CEO brings in his or her sexy new smartphone, the CIO may feel more inclined to make that work.

In practice, CIOs will say that certain devices running specific mobile operating system versions, augmented by security and management software and policies will be allowed access to the company’s network. That is, “bring your own device” really means “bring your own device as long as it is one of the following.”

Many enterprises already support Blackberrys, so that will be relatively easy. There’s not too much variation among Apple iPhones and iPads beyond the major version numbers. So while a 3g phone might work, I think many enterprises will insist on a 4 or 4s phone, probably running the latest version of iOS.

Android is more problematic because there are many handset providers and many versions of the operating system. Expect individual handset vendors to negotiate directly with CIOs to allow use of their devices in the CIOs’ companies, even if those devices are bought by the employees.

The wildcard here will be Windows Phone and the devices that support it. While Apple iOS and Android are very different, both technically and culturally, Windows Phone is different yet. While Mango is quite nice looking, as I saw from the Nokia team at Lotusphere, will individual purchasers and CIOs wait until Windows Phone 8? Will the rate of adoption allow it to be accepted into the enterprise any time in 2012 or might it even be 2014 before the demand is sufficient for supporting it inside companies?

My advice to CIOs is this: if you support Blackberrys, you will need to support them for the foreseeable future. The newer iPhone and iPads will need to be given enterprise access because of their marketshare and the demands of senior management. For Android, pick a couple of handset vendors, perhaps based on a survey of your current employee users, and settle on the level of the operating system you will support. Educate yourself about Windows Phone, but the above combinations are probably of more immediate and higher priority.

Also see: “10 predictions for enterprise mobile for 2012″

IBM Mobile Technology Preview v3, now with iOS support

IBM just released the third drop of the IBM Mobile Technology preview at ibm.co/ibmmobile, with details of the update on the tech preview blog.

This release includes updates to the mobile application manager with social feedback, SMS support, tools, and, perhaps most important, support for Apple‘s iOS mobile operating system. The first two releases supported Android only.

This drop also includes the latest version of the Liberty Profile for the WebSphere Application Server. It’s a great example of how we think customers will use the Liberty Profile and OSGI in action.

The Mobile Tech Preview is our way of giving you a glimpse of what is going on in the IBM labs around the area of mobile application development, tooling, security, and management.

Mobility and Endpoint Management at Pulse 2012

Pulse banner

From March 4 through 7, IBM will be holding its Pulse 2012 conference at the MGM Grand in Las Vegas. One of the main streams of the event will be the Mobility and Endpoint Management track, and I’ll be a member of the keynote panel kicking off the discussions.

With the ever-increasing number of endpoints organizations must manage – physical and virtual servers, desktops, laptops, point of sale and mobile devices – it is imperative to gain visibility, control and automation. These devices simultaneously represent security risks, employee productivity, and new business opportunities. Join us at Pulse 2012 to hear from your peers and IBM experts on how to minimize risks, increase productivity, and increase innovation.

Mobile devices in particular have a very large impact throughout the organization today. Their rapid adoption over the last several years has significantly increased the “consumerization of IT” and forced IT departments to adopt Bring Your Own Device (BYOD) policies. At IBM we understand this goes well beyond the devices themselves though – it impacts network traffic, internal software development and custom applications, employee collaboration and use of social media, and much more. We are enabling businesses to build mobile applications, run and connect them to backend systems, manage their devices and applications, and secure their businesses on mobile – all to help our customers create new business opportunities and extend existing business capabilities.

You can register today for the conference and don’t forget to mention Mobile as one of your main interests in attending.

My talk at Lotusphere 2012

Next week is IBM’s Lotusphere conference in sunny and, I hope, warm Orlando, Florida. For those of you attending, I’ll be giving a talk called “Harnessing the Power of Enterprise Mobility” on Monday, January 16, from 11 to 12 AM. The session number is 1582A and the room is Swan – SW 7 – 8. The abstract is

It’s hard not to talk to an enterprise customer these days without getting into a discussion about Mobile. By 2012, the shipment of smartphones and tablets is expected to exceed that of traditional personal computers, including laptops. Enterprise CIOs want to use these personal mobile devices to give better access to their internal data and processes for employees, as well as enabling better purchasing and support services for their customers. Complicating this is the variety of devices used, employees who wish to use their own devices at work, application level and device management, cost controls, and security concerns. In this session, Bob Sutor will discuss his views on the foundational needs of enterprises for a mobile application platform, mobile device management, and security along with comments on how IBM can help you become a social business that leverages experts wherever they are working.

I’ll also be hanging out at the Enterprise Mobile booth from time to time, talking about the IBM Mobile Technology Preview. Stop by and say hello!

10 predictions for enterprise mobile for 2012

Yes, it’s that time of year of for predictions for what we might see in the next twelve months. Being in the IT business and in a company like IBM, I’m somewhat hamstrung in what I can say regarding the future because of confidentiality, but here’s my attempt at some prognostications that won’t be giving away anything secret.

These are my personal predictions and not those of IBM.

  1. There will be a huge rush to fill the developing void being left by RIM and Blackberry, and smart enterprise CIOs will focus on security and management issues first.
  2. Although there seem to be 1 or 2 new entrants in the mobile device management area every week, potential customers will learn that it takes more than being able to call an API to wipe a device to give you enterprise credibility.
  3. The differences between mobile application management and mobile device management will become clear.
  4. Companies that develop multiple applications will understand that some will be web/HTML5 based, some will be native, and some will be hybrid. You don’t need to support just one kind and your application platform vendors shouldn’t force you to do so.
  5. CIOs will realize that the connection between mobile and cloud is overhyped. CIOs will realize that the connection between mobile and cloud is underhyped. That is, your use of cloud for mobile applications may not be in the way you expect today.
  6. Traditional networks that support web applications will need to be reconfigured and re-optimized to support an increasing amount of traffic from mobile devices. The number of interactions will dramatically increase, their length will be shorter, and significantly more asynchronous notifications from the server side will all drive a lot of R&D.
  7. While Android fans continue to claim world domination and Apple keeps selling more and more iPhones and iPads, look for Microsoft‘s relative marketshare to start inching up.
  8. WebOS is done, but look for a new smartphone/tablet operating system to arise by late 2012 that will start to challenge RIM and Microsoft for the number 3 and 4 market positions.
  9. Amazon will have a serious tablet in the market by mid-2012 that will start to get some enterprise interest. The connection between that and the Amazon cloud will become clearer. The device may not be running Android.
  10. Apple will make changes to iOS to make it easier to support both personal and enterprise secure personalities on the same device. Yes, I know you can do this on Android today, but we weren’t talking about Android, were we?

Bonus: I will give up my Blackberry and get an Android smartphone for the first time (to complement my personal iPhone and iPad).

Daily links for 12/14/2011

Posted from Diigo. The rest of my favorite links are here.

Getting started with mobile in the enterprise: The IBM Mobile Technology Preview

Over the last 15 years of my career, I’ve seen several ideas or technology trends capture a significant amount of customer, press, and analyst attention. There was Java, XML, web services, SOA, and cloud. In and around all those were standards and open source. To me, the unquestionably hot technology today is mobile.

To be clear, I’m not talking about what happens in cell phone towers or the so called machine-to-machine communication. I mean smartphones and tablets. Those other areas are important as well, but devices are so front of mind because so many people have them.

Apple is obviously playing a big role with its iPhone and iPad, not to mention the half million apps in their App Store. Google and the Android ecosystem have produced even more smartphones and a whole lot of apps as well. Then there’s been the drama around HP and webOS, plus RIM and the PlayBook and outages. So we’ve got competition, winners and losers, closed ecosystems, and sometimes open ones. What’s not to love about mobile?

It can get confusing, especially for people trying to figure out their enterprise mobile strategy. They are looking for strong statements, for “points of view,” that will help them take advantage of mobile quickly but also aid them in avoiding the biggest risks. This is made even more interesting by employees bringing their own devices to work, the “BYOD” movement.

Not every employee is issued an official company smartphone and the devices they buy themselves are often better than what the company might provide. So they are saying “I’ll pay for my phone and my contract, let me have access to work systems so I can do my job better.” The recent ComputerWorld article “IBM opens up smartphone, tablet support for its workers” discusses some of what’s happening in this space at IBM, my employer.

Next there is the whole web vs. hybrid vs. native discussion regarding how to build apps on the device itself. Should you write it to the core SDK on the device (native), stick to developing standards for continuity and interoperability reasons (web), or something in between (hybrid)? Which is faster and for what kinds of apps? Does the app cause a lot of network traffic or does it require great graphics? Are you willing to bet that HTML5 will get better and better? I’ve started discussing this in a series of blog entries called “Mobile app development: Native vs. hybrid vs. HTML5″ (part 1 and part 2). Your choice will involve tradeoffs among expense, time to market, reuse of web skills, portability, and maintainability.

What about management? If I bring my own device to work, how do the company’s apps get onto it in the first place and then get updated? Is there an enterprise app store? If I leave the company, do they zap my whole phone or just the apps they put on it? There are differences between Mobile Application Management (MAM?) and Mobile Device Management (MDM) that you need to understand.

Let’s not forget security, as if we could. A colleague of mine, Nataraj Nagaratnam, CTO of IBM Security Systems, told me the way to start thinking about that for mobile is that “a secure device is a managed device.” That doesn’t mean that all security falls under management, but rather you need to have device management to have a complete mobile security strategy. You also need to be handle identity management, authorization and authentication, single sign-on across apps, data loss protection, and all the things you need to worry about with the web today such as phishing, viruses, worms, social networking, VPN, etc. Security must be there but it also needs to be unobtrusive. Most mobile users will not know what a certificate is nor whether they should accept it.

Fundamental to managing and securing mobile devices compared to laptops is that people tend to lose their phones a lot more often than they lose their laptops. That’s a good starting point for thinking about the differences.

With that as prolog, let me introduce you to the IBM Mobile Technology Preview on IBM developerWorks at http://ibm.co/ibmmobile.

The Mobile Technology Preview encapsulates several technologies we’ve been working on in the labs. We’re making it available for you to experiment with it, comment on it, share your requirements for your mobile platform, discuss the pros and cons of different approaches to mobile app development on both the device and server side, and join the community to make it better.

We plan to update the Technology Preview as we add or change the feature set, ideally because of your stated requirements. In this release we’ve included

  • an application server runtime that uses the WebSphere Liberty Profile of the WebSphere Application Server 8.5 Alpha (runs on Linux, Mac, and Windows)
  • a notification framework
  • a hybrid app development model using HTML, CSS, and JavaScript
  • basic management functions
  • location-based security
  • several samples featuring notifications, Dojo, PhoneGap, and a starter insurance app for handling car accidents.

The Mobile Technology Preview is available for Android devices.

I plan to use the tech preview from time to time to illustrate some of my discussions of mobile in my blog. I encourage you to try it out, track its progress, and influence its roadmap.

Employee mobile device + work = potential security problem

Employee: “I lost my iPad.”

Corporate security: “Why are you telling me?”

“I had company documents on it.”

“But you had the mobile security package installed, right?”

“Err, no.”

“I would have thought the company president would have known better …”

With the BYOD, or Bring Your Own Device to work, movement rapidly picking up steam, more and more employees are taking their smartphones and tablets to the office. This can be a boon to the CIO’s office if it no longer needs to foot the bill for those fancy new devices, but opens up all sorts of security problems.

The great thing about the current generation of phones and tablets is that they are so usable. Even forgetting apps, having mobile browser access wherever you are gives you access to information and processes that can help you do your work more efficiently and in a more time sensitive way.

Of course, being so convenient and light, it is also easy to lose them. This is why you can’t just tell your people to use their phones for work. You need to manage the access and resources they have, and be able to shut it down or delete them if the case arises. This could because because of a lost or stolen phone, but also because the employee should no longer be able to get to company data. There are levels of security access and people who are former employees should have no access at all.

All of this is on top of the security problems we already recognize and handle on laptops, such as phishing, viruses, and data loss protection.

And now a word from my sponsor …

IBM is today announcing the Hosted Mobile Device Security Management service. Capabilities in the new mobile security service include:

  • Configuring employee devices to comply with security policies and actively monitoring to help ensure compliance over time
  • Securing data in the event that a device is lost or stolen
  • Helping to find a lost or stolen device – wherever it is
  • Protecting against spyware and viruses
  • Detecting and removing malicious and unapproved applications
  • Monitoring and tracking user activity
  • Enabling more secure connectivity

And now back to me …

Seriously, this is a big but I believe containable problem if you take the necessary steps to understand the security exposures of employee devices in the enterprise and take steps now to provide the necessary security. Many people are familiar with the security and management capabilities of RIM and Blackberries, and they are now asking for the same level of comfort for iPhones, iPads, and Android devices.

If you don’t have a security policy in place for mobile devices in your company, you should start putting one together and implementing it now. Think about how many devices will need to be supported, what kinds, to what they will need access in terms of processes and data, and what you need to do when something goes wrong.

An employee need to understand that if he or she wants to use that cool new tablet for company work then he or she will need to live by the rules and policies set down to protect the organization’s assets. There’s a spectrum of possibilities between “you can’t use your own to device” to “you can do whatever you want.”

As an industry we’re trying to help companies move from the first situation to something in the balanced middle that provides the right level of security while maintaining the convenience, usability, and power of the devices.

Also see:

Heathrow, more and less

This morning I’m returning to the US after several days in the UK, specifically IBM‘s Hursley Labs near Winchester. It’s been a good trip but as it wound to a close I began to turn my attention, and my anxiety, to the flights home.

I’m not afraid of flying, that’s not the source of stress. Rather, I hate dealing with long lines at the airport and the people ahead of me who are seemingly rebooking travel for 50 of their relatives. Because of this, I like to get to the airport early.

My first flight today leaves out of Heathrow Terminal 3 and goes to Chicago. When I can, I try to stay near Heathrow the night before flying so I don’t have to worry about travel problems on the roads or trains due to accidents or strikes. So last evening I checked into a new-to-me hotel, the Heathrow Hilton, near Terminal 4. This is a very nice, very modern hotel, though I was shocked that they still allow smoking in some of the rooms. My room was designated as non-smoking, but that familiar acrid and nasty smell wafted down the hallway as I got to the door.

The Chinese restaurant in the lobby was quite good and I turned in relatively early after doing some email and reading (Mercury Falls by Robert Kroese). My flight leaves at 1:15 pm so I left the hotel a few minutes after 9. In the past, I’ve taken the Hotel Hopper from my hotel to the terminal, but there was a walkway from the Hilton directly to Terminal 4. So I walked, and I walked, and I walked. The walkway is an enclosed elevated tunnel with occasional windows that give you a peek at all the traffic below you.

I arrived at Terminal 4, got on the elevator to take me down to the train that would take me to Terminal 3 (or on into London had I not been paying attention). I got off, realized I was on the wrong floor, smelled yet more cigarettes, and finally made it to Floor -1.

I then started moving swiftly toward the trains since the next one was to leave in 4 minutes. Perhaps I was too swift, because I got caught up somehow in the luggage barriers about 40 feet from the train. I went splat on all fours, banging my knees on the ground. After thinking “ouch” my next thought was how I was going to maintain some level of dignity as I got myself up, dusted off, and onto the train. Some very helpful security guards asked if I was ok, which I was, if a bit sore, and I got myself to Terminal 3.

In the old days I was Executive Platinum on American Airlines which gave me all sorts of perqs including being able to check in at the Business and First Class counter. Alas, I am only a lowly Gold member now having not travelled enough in the last year. So it was with great pleasure that I saw that I could check in at a kiosk and skip the long line with the 50 relatives who needed rebooking. That took two minutes.

Then it was on to security which used up 10 more minutes. So all in all, it took me less that 45 minutes to get from my hotel to where I am now, having breakfast in a restaurant (Eggs Benedict, Diet Coke) inside the terminal. Perhaps my anxiety was misplaced, though my back does feel a bit sore from my spill.

However, I’ve travelled enough to know that each positive experience only partially offsets the negative ones. So my fingers are crossed that the remainder of the trip goes reasonably well and I get home safely around 1 am.

Daily links for 10/20/2011

  • Google has confirmed that the source code for Android 4.0 ‘Ice Cream Sandwich’ will be made public, after it refused to release the code for its predecessor ‘Honeycomb.'”

    tags: android open source google

  • “RIM’s troubles started last week when the company’s services, including e-mail and BlackBerry messaging, went down across the world. After a few days, the company was finally able to get its services back online. But by then, the damage was done, and many users around the globe started complaining.”

    tags: blackberry apps

  • “With a unique, end-to-end view of their businesses, today’s CIOs are a driving force behind what makes companies work smarter. It is critical, as one CIO put it, to “ensure you understand the vision, have a clear strategy and execute where the business wants to go.” This is one of the many insights uncovered when we met face-to-face with over 3,000 CIOs to create The Essential CIO-the largest study of its kind to date.”

    tags: mobile ibm cio

  • “As is usual when dealing with mobile operators and corporate IT, some caveats apply. So far only Android devices will work with the Horizon hypervisor with VMware unable to offer the benefits of a hypervisor-enabled virtualization on Apple’s iOS devices including the iPad and iPhone for Verizon. Steve Herrod, the CTO of VMware, said in an interview that’s he’s happy to do it when Apple decided to let others play around with its operating system. Meanwhile he reiterated that eventually he hopes to get VMware’s Horizon product written into the Android code.”

    tags: vmware verizon mobile virtualization

  • “But Lookout, a start-up that makes security apps for phones, wants iPhone owners to use its product, too. On Tuesday, it plans to introduce an iPhone app that addresses what its founders say are worries unique to iPhone owners.”

    tags: lookout security iphone

Posted from Diigo. The rest of my favorite links are here.

Something new, something (big) blue: IBM WebSphere Application Server V8.5 Alpha

While this post definitely falls into the category of “a word from my sponsor,” I hope you’ll take a look at the software being discussed if you have at all been involved with Java and web application servers.

wasdev banner

One of the most fun parts of being in the software world is being able to get your code into the hands of developers. While you can have great big product releases with much fanfare, other times there are smaller alpha and beta drops that can surprise you if you take the time to look at them. This is one of those latter instances.

If I’m developing code, I’m not going to get it right the first time. I’ll need to fix bugs but I’ll also need to progressively add features. This means that I’ll be editing, starting up the environment, testing, tweaking, debugging, over and over again. My environment and tools need to make this fast and easy for me. When I’m done coding and testing, I need to know that what I produce will run in a production quality environment with the right security, performance, availability and other qualities of service. I need a web application environment, both runtime and tools, that gives me all this.

IBM has just released the WebSphere Application Server V8.5 Alpha. First of all, this is a shiny new thing that developers, particularly Java developers should check out. Within this is something new and different tha we’re calling the Liberty Profile. The website describes what you get with this:

The WebSphere Application Server V8.5 Alpha delivers a simplified and lightweight runtime for web applications. Incredibly fast restart times coupled with its small size and ease of use make V8.5 a great option for Developers building web applications that don’t require the full JEE environment of traditional enterprise application server profiles. Highlights of the WebSphere Application Server V8.5 Alpha include:

  • Free and frictionless download for development purposes
  • Ultra lightweight modular runtime with an install size of under 50 MB
  • Incredibly fast startup times of under 5 seconds
  • Simplified configuration for quick time to productivity
  • WebSphere Developer Tools available as Eclipse plug-ins

To get started, download the server and/or the tools.

You can learn more via articles, videos, podcasts, and samples.

We have a blog where you can learn what the IBM developers are doing with WebSphere and Eclipse. In particular, check out Ian Robinson’s entry on “Introducing the Liberty Profile.”

Finally, and this one is really important, join the community and participate in the discussions.

Sometimes products are just small evolutionary changes from what was there before. This represents something profoundly different. In my opinion, and I am far from partial, it is worth a look.

Mobile app development: Native vs. hybrid vs. HTML5 (part 2)

I’ve seen and heard a lot of discussion about how people build applications for mobile devices. While there are literally hundreds of thousands of apps out there for Apple, Android, Blackberry and other smartphones, I can’t help but think the majority of these are one-off efforts. In this series in the blog, I’m going to tackle some of the issues with developing mobile apps, especially for enterprise use, and along the way propose some ideas for making the process easier and more repeatable.

mobile client technologiesIn the last entry I spoke about the attraction of writing pure Native applications for mobile devices. They’re fast, have full access to all the device features, and can be made as beautiful and functional as your software development skill allows. They’re also non-portable and can take more people, time, and money to develop.

Wouldn’t it be nice to be able to develop applications using open industry standards that run in many different environments? You know, applications that allow text content, great formatting, images, video, forms, and interaction with backend systems?

Sounds like the web, no? The language for expressing the format of web pages is HTML, CSS is used for specifying formatting, and JavaScript provides a programming language and environment for dynamically altering pages and responding to events. Somewhat confusingly, the term “HTML5″ can just mean the latest version of HTML under development at the W3C or it can mean HTML + CSS + JavaScript.

HTML5 logoWhile there have been many motivations for developing HTML5 given the experience of people creating billions of web pages, I think it’s safe to say that creating a standards-based cross-platform environment for mobile devices was an important reason. That is, don’t think of a web page as just something you read, but rather consider it an application with which you are interacting.

I won’t go into all the features of HTML5 but there are several good references on the web in addition to the spec to which I linked above. In particular:

Generally, HTML5 allows much better and more consistent ways of embedding multimedia in web pages. It also adds new elements to help you structure the document. The Document Object Model, something I worked on in ancient history, is now considered core to the specification and the programming model.

These are nice things for web pages, but does HTML5 give you anything new that makes its especially attractive for mobile devices? One of these is the geolocation application programming interface. In short, this allows you to programmatically determine your location, and then do something with it. That “something” might be to pinpoint your location on a map, provide a starting point for map directions, determine what weather forecast to show you, or display ads for local businesses, for example.

You can also store information locally on your device, though that opens up the question of security if you happen to lose it or you somehow get hacked.

What about access to other core features on your device? Using pure HTML5, can you snap a picture? How about use the compass or receive a notification? You can’t, but remember that you can still do all the interactions that you’ve been doing for years in your browser. You can read all sorts of information, do searches, buy things, access FaceBook, and so forth.

So HTML5 provides a richer interactive environment than we’ve had before and is starting to allow programmatic access to some device features.

If HTML5 does everything you need for your planned application, then use it.

HTML5 is still under development and you are seeing support for it from the big industry names that supply browsers or content, companies like Google, Apple, Amazon, and FaceBook. IBM, of course, has been and continues to be a huge supporter of open Internet and Web standards.

You do need to understand which HTML5 features are considered solid and which are experimental. You should also experiment with formatting on multiple devices to make sure that your app looks right (not too skinny, not too wide, just right) on the smartphones or tablets that are important to you.

Note that an HTML5 app is really just a web page, so you don’t need anyone’s permission to put it into an app store. For many people, that is more than enough reason to try really hard to make HTML5 work.

Also, even if you are developing some native applications, you might decide to do some HTML5 ones as well. The more experience you get in creating apps with different capabilities, the better you will get at economically providing apps faster to your consumers, customers, or employees.

So Native gives you everything, but is non-portable. HTML5 is portable and standards-based, though it is still under development and does not give you full access to the device. What do you do if you want the best of both worlds?

Next time I’ll talk about the Hybrid approach where you provide Native-like access to more device features via APIs that can be accessed from JavaScript and thus HTML5.

Hybrid is this weird middle ground between Native and HTML5. Over time, this gap between them will get smaller. There are several approaches for both development and runtime of Hybrid apps, and I’ll discuss them next.

Also see: “The spectrum of hybrid mobile app development with Worklight”

10 things to think about to improve software product descriptions

I’ve been back in a software product area since the beginning of June, and I’ve been spending a lot of time looking at product descriptions and literature. Not just IBM‘s, mind you, but those of our competitors as well. This includes traditional, commercial “proprietary” software and commercial open source software.

Some of the descriptions of products in the industry are quite good, but many are pretty bad. They seem to range from “this is so high level that you have no idea what the product does” to “this has a long list of technical details that we hope impresses you even though you might not know how they could possibly help your business.”

I know, I know, different descriptions for different audiences. What you say to someone in development or the CTO should probably be different from what you say to the CIO and almost certainly different from what you say to the CFO. However, when there is only one, everyone suffers.

You need to know who your audience is (“segmentation”) and then shape what you say. Explicitly address your different audiences. It’s ok to say right at the beginning of each paragraph to whom you are speaking.

Here are a few suggestions, written from the perspective of a customer.

  1. First and foremost, the goal in acquiring software is to accomplish something. Tell me if your product will help me do that. This might be a simple yes or no.
  2. If I am a developer, tell me how easily your product will let me do what I wish and how it will make my life simpler and more productive. This new ease is in comparison to the previous version of your product as well as offerings from your competitors. Don’t overdo it on cute statements like “we make developers happy.”
  3. Match new or improved technical features to business value. “By doubling the amount of memory your application can use, you can now serve 25% more customers in the same amount of time and increase your revenue.”
  4. Regarding business value, stating how your software can help increase revenue (as above), improve security, increase availability, improve customer loyalty, decrease maintenance costs, and simplify integration with other parts of the business are all good things. If your software will help do none of these, why would I possibly install it?
  5. Don’t be overly simplistic about TCO (total cost of ownership) and TCA (total cost of acquisition). I can add up transactional, service, and support costs over 5 years as well as you can.
  6. Do, however, give me a way to compute the real return on investment from your software. Even if your TCA is $0, I may need to pay my people, your people, or a services integrator money to make it work for me. Give me examples based on real customers if possible.
  7. If I read your website and after 5 minutes I still don’t have the vaguest idea what your product does or why I might want to install it, you’ve failed. Start over.
  8. Separate promises of future functionality and value from what you can do right now. I’m interested in your roadmap, but I have problems to solve right now. Do not imply you can do more today than you can.
  9. Use graphics well to convey what your software does and the value it gives me. Don’t think that adding more tiny boxes with tinier print in them improves things. You are educating me about your offerings so I can make an intelligent and well informed decision. You are helping me make the case for acquiring your software within my organization.
  10. For emphasis: tell me how your software will make my organization better, more efficient, and more profitable, and how I can serve my customers better. If it will lead to great personal success for me, so much the better!


KVM News Today: Meet the Open Virtualization Alliance

Today a whole lot of companies, including BMC Software, Eucalyptus Systems, HP, IBM, Intel, Red Hat, Inc. and SUSE, announced the creation of the Open Virtualization Alliance.

OVA logo

From the press release:

… today announced the formation of the Open Virtualization Alliance, a consortium committed to fostering the adoption of open virtualization technologies including Kernel-based Virtual Machine (KVM). The consortium will promote examples of customer successes, encourage interoperability and accelerate the expansion of the ecosystem of third party solutions around KVM, providing businesses improved choice, performance and price for virtualization.

The Open Virtualization Alliance will provide education, best practices and technical advice to help businesses understand and evaluate their virtualization options. The consortium complements the existing open source communities managing the development of the KVM hypervisor and associated management capabilities, which are rapidly driving technology innovations for customers virtualizing both Linux and Windows® applications.

KVM virtualization provides compelling performance, scalability and security for today’s applications, smoothing the path from single system deployments to large-scale cloud computing. As a core component in the Linux kernel, KVM leverages hardware virtualization support built into Intel and AMD processors, providing a robust, efficient environment for hosting Linux and Windows virtual machines. KVM naturally leverages the rapid innovation of the Linux kernel (to virtualize both Linux and Windows guests), automatically benefiting from scheduler, memory management, power management, device driver and other features being produced by the thousands of developers in the Linux community.

Daily links for 04/07/2011

  • “OMG® today announced the formation of the Cloud Standards Customer Council (CSCC). OMG is also announcing that CA, IBM, Kaavo, Rackspace and Software AG have joined the CSCC as Founding Sponsors. The Cloud Standards Customer Council is an end user advocacy group dedicated to accelerating cloud’s successful adoption, and drilling down into the standards, security and interoperability issues surrounding the transition to the cloud. For more information on the CSCC, visit http://www.cloud-council.org/.”

    tags: cloud omg standards

  • “Nokia has confirmed that it has closed the source code for the Symbian smartphone operating system. It says that despite it describing its new model for Symbian smartphone operating system development as “open and direct” the “open” part did not refer to “open source” but to being “open for business”. The “open and direct” model is designed, according to Nokia, to “enable us to continue working with the remaining Japanese OEMs and the relatively small community of platform development collaborators we are already working with”.”

    tags: nokia symbian Open Source

Posted from Diigo. The rest of my favorite links are here.

A winter escape from New York

This is a not a story about leaving the City for a fun-filled winter vacation. Rather, it details how I managed to get home ahead of the sixth big snowstorm to hit the area this season.

This last week I was in New York City to speak on a panel at the SIIA Information Industry Summit. I flew down from Rochester, NY, on Tuesday and although there was a two hour delay on my flight, I got to my hotel in Times Square with no major problems.

New York City and many of the towns and cities along the US northeastern seaboard have been hard hit with snow storms this winter. These have caused quite a bit of travel disruption and loss of school for children in the Mid-Atlantic and New England States.

In contrast, where I live in northwest New York state, my son has not had any snow days off this winter, though some schools did take a day off when the temperature was below -10 F last week. This surprises some people, I believe, because they think Rochester, Syracuse, and Buffalo are just slightly below the Arctic Circle. (I jest.)

Map of 42nd StreetMy panel was late in the morning on Wednesday. When I awoke in the hotel it was clear that it was already snowing. Due to some confusion on my part, I had several long blocks to walk to the conference site, as my hotel was on West 42nd Street and the conference was at Cipriani on East 42nd Street, across from Grand Central Station.

It wasn’t worth trying to find a taxi during the morning rush hour and I figured it would be quicker to walk than getting stuck in the slow traffic. I still thought this was true even though I had a rollerboard suitcase and my backpack.

I got down to the street and immediately noticed that it was indeed snowing quite heavily. But, wait, look at all those silly people with umbrellas! Where I live, in the northern snow belt, real men and women don’t use umbrellas in the winter. So I walked half a block and got pretty much coated with wet sticky snow. I stopped under a store awning and pulled out and raised my umbrella.

It was a slippery walk for 15 minutes, made worse by my wearing dress shoes. I got to Cipriani without falling, gratefully checked by bag and coat, and settled in to the conference. The meeting was focused on the publishing industry and my panel dealt with some of the issues in moving to digital publishing for mobile devices. John Patrick put up a good summary over in his blog.

The panel ended around lunch and I called my assistant for the second or third time that morning to see what the travel situation was. I was due to fly out of La Guardia airport around 5:30 that afternoon. One of my options was to stay another night in New York and fly out the next morning when, presumably, travel would be less affected by the snow. There were already several canceled flights on Wednesday morning.

We decided that it would make sense for me to head out to La Guardia airport, so I grabbed a taxi out front of Cipriani, once again managing not to fall on my butt in the slippery snow. It was a slushy but easy ride out to the airport in Queens, helped a bit by our going through the Midtown Tunnel and so avoiding some of the snow on the road.

La Guardia was oddly unbusy since many people had checked on their flights, realized they were were canceled, and stayed away. Security was a breeze and I was through it in about 15 minutes.

It was then around 1:00 and there was a delayed flight to Rochester leaving at 1:20. My flight at 5:30 still showed up as on time, but that really only meant that it was too far in the future to show an accurate schedule. At least it had not been canceled, yet.

To me it is oddly excited to get to an airport and find out that you might be able to take an earlier flight, especially if you are homeward bound. I went to the gate for the 1:20 and learned that the plane was going to be coming from Portland, Maine, but it had not yet left. There were, however, plenty of empty seats and the gate attendant put me on that flight in addition to the one at 5:30.

Time went by and the gate attendant to whom I had spoken left when her shift ended around 3:00. I decided to doublecheck on my dual seat reservations and so went back up to the desk. It turned out that I had not been put on the correct earlier flight at all.

The gate person offered to move me to that flight but warned that I might be bumped if they had weight restrictions. This happens in bad weather when the planes have to put on extra fuel to allow for takeoff or landing delays, or if their flight paths are changed.

If I did shift to the earlier flight, maybe I could get back on the 5:30 if I was bumped. I asked how it was that I had gone from having two seats to possibly having none, but she just shrugged. So my choice was to wait and see if I could grab a seat on the late 1:20 or, failing that, just take the 5:30 home. Meanwhile, it was still snowing.

La Guardia to Buffalo to RochesterA third option then presented itself. A flight to Buffalo started boarding from that same gate. I asked if I could have a seat on that, and I snagged one. I ran back, got all my bags and coat, and got on the plane. My seat was 13A, that coveted last row window seat opposite the bathroom, but it was a seat!

We went through normal de-icing, took off after a little delay, and landed in Buffalo 5o minutes later. By 5:00 I was driving out of the airport in a rental car. At 6:15 I was returning the rental car and getting my car from the parking lot. By 7:00 I was home, earlier than I would have been if I had taken that 5:30 plane.

Well, much earlier, it turns out. The 5:30 was canceled as the weather got worse. The delayed 1:20 did eventually fly but I have no idea if I would have had a seat on it. At that point, I didn’t care. I was home.

The snow picked up in New York City and along the northeastern seaboard overnight and many places had 10 to 20 inches of snow by Thursday morning. Almost all flights out of La Guardia were canceled until Thursday afternoon. Had I waited, I would have been in far worse shape than if I were aggressive to find some way to get close to home on Wednesday evening. It worked out this time, but that wasn’t completely an accident.

Daily links for 01/19/2011

Posted from Diigo. The rest of my favorite links are here.

The trip that wasn’t

I should know better than try to travel in November.

This last Saturday I was scheduled to travel to Europe for a business meeting. It was the Saturday of Thanksgiving weekend, so I wasn’t surprised when I got to the airport to find the parking garage nearly empty. Most everyone was probably where they were supposed to be, though I knew the next day, Sunday, would be travel hell as people tried to return home or go back to school after the four day break.

Things were looking good as I got through security and headed to my gate. I grabbed lunch and still had two hours to spare before my flight.

It was a sunny cold day though rather windy, but flights seemed to be coming and going as scheduled. There was this one AirTran flight that was delayed and they reminded us every five minutes of that situation via the public address system. Then one of the announcements was a little different, it was for the 3:21 flight to Newark, and that was where I was going to connect.

I went up to the counter and learned that there was a little mechanical problem with the plane while it was still in Newark. Evidently they had knocked off or damaged some rubber pieces on the plane while the were deicing it. We were to sit tight and wait 25 minutes.

In less time than that, the gate attendant made an announcement that anyone with a connection time before 6:30 should come up. Mine was 6:50, but I figured that since international flights board earlier, I should check out the situation.

When I got to the desk, there was a teenage girl crying and the attendant was trying to find out what was wrong.

“Are you upset because you won’t get to Cincinnati today?”


“Then why are you crying?”

“Because I don’t want to leave.”

“So you want to stay here in Rochester?”


So they agreed that she could leave the airport and grab a flight the next day.

I got to up to the gate, promised the man that I wasn’t going to cry no matter what he told me, and found out that I would definitely miss my connection. Moreover, even though there was a later flight to Frankfurt, I might miss that as well. Rescheduling for the next day was hopeless. So I decided, reluctantly, to cancel my flight and went home. I called the travel agent and got my hotel reservation canceled, and sent email apologies to my colleagues in Europe.

This is the third time this has happened to me in the last 10 years, missing a flight to Europe because of mechanical or weather problems. I always feel very bad and guilty about it, though I know the situation is out of my control. I even tried to allow an extra day in this case.

I had other work to do on a work project and spent most of Sunday and a good deal of Monday handling it because of a tight deadline.

On Monday afternoon I got a call from a friend and coworker in Europe:

“Do you know that person you were supposed to meet?”


“She never made it here, she got stuck in snow at the airport in Frankfurt.”

So it’s good I didn’t go. I missed two cross-Atlantic flights and had more time to work on my project. I suspect we’ll try again in January, but ultimately things worked out for the best in terms of my not travelling. It would have been good to have that meeting, but we’ll get around to that.

Daily links for 11/18/2010

  • “But although Hewlett-Packard has marketed its Slate 500 on its website as “the ideal PC for professionals who don’t usually work at a traditional desk, yet need to stay productive in a secure, familiar Windows environment,” HP spokesman Roman Skuratovskiy says the Slate’s intended use is far narrower: “The HP Slate 500 is designed to run custom applications created by enterprise customers, unlike HP’s business laptops, desktops, etc.” (HP declined further comment when asked to clarify that statement.)”

    tags: ipad hp tablet

  • “Black Duck Software, a provider of products and services for managing the use of open-source software, has acquired the assets of SpikeSource, a provider of software tools and services to automate application component identification and assess security vulnerability. Among the technologies acquired was SpikeInsight, a cloud-based offering for automated application component identification and security vulnerability assessment; SpikeForge, a forge comprising 17 open-source projects; the Developer Community Forum, a group of forums associated with SpikeSource OSS projects, virtualization management technology and a number of other software assets.”

    tags: Black Duck Open Source

Posted from Diigo. The rest of my favorite links are here.

Daily links for 09/24/2010

Posted from Diigo. The rest of my favorite links are here.

Daily links for 09/21/2010

  • “Oracle’s Unbreakable Enterprise Kernel for Oracle Linux–what a name!–is based on the stable 2.6.32 mainline Linux kernel. For some reason, a few idiots seem to think this represents a Linux fork. Nope. It doesn’t. When you get past all the hype, Oracle’s new Linux just a Linux distribution that’s been optimized for Sun/Oracle hardware. Specifically, Oracle sees this as their Linux for the company’s Oracle Exalogic Elastic Cloud and high-end, Non-Uniform Memory Access (NUMA) servers. “

    tags: oracle linux Red Hat

  • Ubuntu community manager Jono Bacon has announced on his blog that Ubuntu are trialling a new process for developers who would like to see their applications appear in the Ubuntu Software Center. Bacon says that recently an Application Review Board was formed which is intended to provide rigorous reviews of applications submitted to Ubuntu and ensure that only high quality applications appear in the Software Center. “

    tags: linux ubuntu application

  • “Open Invention Network (OIN) today extended the Linux ecosystem with the signing of Mozilla as a licensee. By becoming a licensee, Mozilla, the developer of leading software applications including the popular Firefox web browser, has joined the growing list of organizations that recognize the importance of participating in a substantial community of Linux supporters and leveraging the Open Invention Network to further spur open source innovation.”

    tags: mozilla oin linux

  • “According to Microsoft‘s advisory, the flaw exists in all versions of ASP.Net, the company’s Web application framework used to craft millions of sites and applications. Microsoft will have to patch every supported version of Windows, from XP Service Pack 3 and Server 2003 to Windows 7 and Server 2008 R2, as well as other products, including its IIS and SharePoint server software.”

    tags: microsoft security bug

Posted from Diigo. The rest of my favorite links are here.

Daily links for 09/16/2010

Posted from Diigo. The rest of my favorite links are here.

Daily links for 09/09/2010

  • “We are continually trying to make the App Store even better. We have listened to our developers and taken much of their feedback to heart. Based on their input, today we are making some important changes to our iOS Developer Program license in sections 3.3.1, 3.3.2 and 3.3.9 to relax some restrictions we put in place earlier this year.

    In particular, we are relaxing all restrictions on the development tools used to create iOS apps, as long as the resulting apps do not download any code. This should give developers the flexibility they want, while preserving the security we need.”

    tags: apple

  • Apple has conceded. They have essentially rescinded all of the madness associated with 3.3.1. This is an amazing turn of events. It is exceedingly rare for Apple to capitulate, and it can only mean that pressure from the popularity of the far more open Android has taken its toll. It looks to me like the accelerating rate of Android app development and user adoption as apple concerned.”

    tags: apple

  • “Some of the first fruits of a European Union-funded project led by IBM are making their way into the field of cloud computing, in the form of a virtual machine migration technology.”

    tags: ibm virtualization

  • “Canonical works closely with IBM to certify Ubuntu on a range of IBM hardware.

    The following are all Ubuntu-certified. More and more devices are being added with each release, so don’t forget to check this page regularly.”

    tags: ibm ubuntu linux

Posted from Diigo. The rest of my favorite links are here.

Math apps and the updated iOS Developer Program License Agreement

Apple‘s changes to the iOS Developer Program License Agreement resolve some issues but still contain confusing elements for those who might want to develop sophisticated apps such as those for mathematical computation.

As I first discovered this morning in a blog post by Hank Williams, Apple has changed their iOS Developer Program License Agreement to be less restrictive on the tools used to create apps for iOS for the iPos Touch, iPhone, and iPad.

Apple’s press release states:

We are continually trying to make the App Store even better. We have listened to our developers and taken much of their feedback to heart. Based on their input, today we are making some important changes to our iOS Developer Program license in sections 3.3.1, 3.3.2 and 3.3.9 to relax some restrictions we put in place earlier this year.

In particular, we are relaxing all restrictions on the development tools used to create iOS apps, as long as the resulting apps do not download any code. This should give developers the flexibility they want, while preserving the security we need.

Those relevant sections in the license agreement are:

3.3.1 Applications may only use Documented APIs in the manner prescribed by Apple and must not use or call any private APIs.

3.3.2 An Application may not download or install executable code. Interpreted code may only be used in an Application if all scripts, code and interpreters are packaged in the Application and not downloaded. The only exception to the foregoing is scripts and code downloaded and run by Apple’s built-in WebKit framework.

3.3.9 You and Your Applications may not collect user or device data without prior user consent, and then only to provide a service or function that is directly relevant to the use of the Application, or to serve advertising. You may not use analytics software in Your Application to collect and send device data to a third party.

In April I looked at the previous restrictions in the license and concluded that it would be very difficult to to implement a full featured mathematics application on the iPad.

Nota Bene: I am not an attorney and the following does not represent a legal opinion and certainly not an official IBM point of view.

The changes to sections 3.3.1 and 3.3.s improve things somewhat today:

  • Evidently you can now have an interpreter on the device. This means that you could run Python or a Java virtual machine on an iPad.
  • From 3.3.2, prepackaged scripts are allowed, so interpreted Python code is allowed if that code comes with the app.


  • You cannot download code to be interpreted.
  • I am not sure if you are allowed to type in code on the iPad and then have it interpreted. I suspect not, because that code is not prepackaged with the app, even though it is not downloaded.

From the perspective of building a math app with Python or another interpreted language, I interpret this as strictly meaning that the app and libraries are fine now, but users cannot write new functions if the math app provides an interpreted language such as Mathematica and Maple do.

This is problematic. If, say, the library does not provide a factorial function, am I not allowed to write one?

I suspect that one of the things that Apple wants to avoid are system calls into the iOS operating system by random downloaded scripts. I hope it is not just a question of performance. Some computations take a very long time.

I really can’t see how this type of interpreted script for math computations should cause any problem for the iPad device, for Apple, or the users. This form of code interpretation is how things get done in these kinds of apps.

Indeed, if I have a word processing document it contains markup to indicate paragraphs, fonts, colors, and so forth. A work processing app interprets that information, which could be said to be a descriptive script. Or is ok to interpret such things? Do I need permission from Apple to do this?

I don’t think this is the last we will hear from Apple in this area. Their statement is now shorter, but it is not complete enough regarding the kinds of code that might be interpreted. I think another round is necessary to clarify matters.

On the other hand, perhaps all this is below Apple’s radar or level of caring. While that might be true, it might be better to ask permission first rather than asking forgiveness later when you submit your app for publication.

Daily links for 08/31/2010

Posted from Diigo. The rest of my favorite links are here.

Daily links for 08/19/2010

Posted from Diigo. The rest of my favorite links are here.

Daily links for 08/11/2010

Posted from Diigo. The rest of my favorite links are here.

Daily links for 08/10/2010

Posted from Diigo. The rest of my favorite links are here.

Daily links for 08/04/2010

  • “Demand for Linux programming skills has exceeded that for Unix programming skills for the first time ever, according to Richard Nott, director of recruitment site CWJobs.co.uk.

    Possible reasons for this include the fact that more mobile platforms are supported by Linux, as are HD boxes, Nott said. In addition, the increasingly popular open source operating system Ubuntu also runs on Linux.”

    tags: linux skills

  • “Either way, however, when it comes to security, there’s no doubt that Linux users have a lot less to worry about.”

    tags: linux security

  • “The purpose of this article is to identify some of our favourite free Linux games which have these addictive qualities. They may not offer breathtaking graphics, innovative ideas, or the highest presentation. However, what they do provide is great gameplay coupled with the urge of always having just one more play.”

    tags: linux games

  • “OpenLogic, Inc., a provider of enterprise open source software support and governance solutions encompassing hundreds of open source packages, today announced that OpenLogic continues to see impressive growth.

    “As our scanning business has taken hold, our revenues continue to increase at an even faster rate,” said Steve Grandchamp, CEO of OpenLogic. “Companies are realizing that combining the accuracy and efficiencies of OpenLogic’s OSS Deep Discovery with a comprehensive governance and support strategy ensures successful, safe and cost effective open source adoption.” ”

    tags: openlogic open-source

  • “Scott McNealy, former CEO of Sun Microsystems, has been a long-time advocate of free, open source textbooks and educational materials. Now that Sun is no more, he and Vinod Khosla (co-founder of Sun) are more actively pursuing their efforts to radically change the way educational materials make it into kids’ hands and, hopefully, taking us closer to a point where our reliance on expensive, dead-tree textbooks goes the way of their former company.

    McNealy and his social learning/textbook site, Curriki, were profiled by the New York Times yesterday and he called out something that most of us already know: the cost of textbooks is unacceptable and open source models can completely disrupt the multibillion dollar industry to the benefit of worldwide education.”

    tags: sun education textbooks

  • “Your current feed reader is full of unread items. You’re hesitant to subscribe to any more feeds because you can’t keep up with your existing subs. Maybe you’ve even abandoned feeds altogether.

    Fever takes the temperature of your slice of the web and shows you what’s hot.”

    tags: feedreader reader software

  • “This iPhone secret is notoriously difficult to discover, but explains how everyone gets those gorgeous quality images of the iPhone to post in blogs or screenshots illustrating applications in the iTunes App Store. Why it’s so difficult to find is anyone’s guess. But here is the simple 1,2,3 on how to do it yourself.”

    tags: iphone screenshot

Posted from Diigo. The rest of my favorite links are here.

Daily links for 07/19/2010

Posted from Diigo. The rest of my favorite links are here.

Daily links for 07/07/2010

  • “Mozilla on Tuesday released the first official beta of Firefox 4, the next major version of the popular open source Web browser. Mozilla has completely overhauled Firefox’s user interface and added several noteworthy new features for Web developers and regular end users.

    The new user interface represents a major departure from Firefox’s traditional look and feel. It is arguably one of the most significant stylistic overhauls that Mozilla has undertaken since the initial transition from the old Mozilla suite to Firefox.”

    tags: firefox interface user overhaul

  • “Mozilla recently released the first beta version of Firefox 4, the next iteration of the world’s second most popular browser (after Internet Explorer). The new Firefox offers the usual under-the-hood tweaks you’d expect, such as improved security and better page rendering, and it also supports WebM, Google‘s new open video standard project. But more importantly to the average user, Firefox 4 offers a refreshed layout and appearance. Here’s a look at some of the highlights.”

    tags: firefox

Posted from Diigo. The rest of my favorite links are here.

Daily links for 06/24/2010

  • “Linden Lab®, creator of 3D virtual world Second Life®, announced today that company founder Philip Rosedale has been named interim CEO, and CFO Bob Komin has assumed the additional role of COO.  Linden Lab also announced that Mark Kingdon is stepping down as CEO.”

    tags: second-life

  • Red Hat, Inc. (RHT 30.91, -0.45, -1.44%) , the world’s leading provider of open source solutions, today announced the next step in the integration of its enterprise-grade server and desktop virtualization portfolio with the general availability of Red Hat Enterprise Virtualization 2.2. In addition to providing the first release of Red Hat Enterprise Virtualization for Desktops, the 2.2 update includes new scalability capabilities, migration tools and features to expand the performance and security of the solution.”

    tags: red-hat

  • Firefox logo“Mozilla is rolling out an update of its Firefox Web browser that adds support for plugin isolation. Version 3.6.4, which includes the new feature, was officially released on Tuesday and will be deployed soon through the browser’s automated update system.

    It is unusual for Mozilla to deploy a major new feature in a minor point update, but the plugin isolation capability is a worthy exception to the rule, since it will significantly improve the browser’s stability. In the new version of Firefox, plugin components like Flash and Silverlight will run in external processes. When these plugins crash, the browser itself will not be terminated.”

    tags: firefox, flash

  • “The Eclipse project has announced the Helios release train, a major update of the open source Eclipse integrated development environment (IDE) and many of its key components.

    Due to the modularity of the software and the diversity of its community, Eclipse is developed like a platform. There are a multitude of independently-developed components that supply specific kinds of functionality. The most widely-used components are collected into a set of standard Eclipse packages that are targeted towards specific kinds of development.”

    tags: eclipse, open-source

  • “The Fedex delivery man pulled up at 10:30 this morning with an iPhone 4 in his hand — there were 15 more on his truck. The packaging is elegant and simple to open. After syncing the iPhone 3GS and Stainless Shuffle to be sure iTunes was up to date, I connected the iPhone 4. The first screen to appear showed my mobile phone number and asked me to enter my zip code and last four of the social for authentication. After agreeing to the Apple and AT&T terms and conditions the phone was activated and the copying of apps plus thousands of songs and music began. I went out for an errand and when I got back the iPhone 4 was loaded with my data. The next step was to set up the Google accounts for over-the-air syncing of my 1,500 contacts plus all the calendar entries and gmail. Minutes later I was good to go. It doesn’t get much simpler than that.”

    tags: iphone

Posted from Diigo. The rest of my favorite links are here.

Daily links for 06/02/2010

Posted from Diigo. The rest of my favorite links are here.

Daily links for 06/01/2010

  • “In spite of its weak security, poor performance, and woeful standards compliance, a lot of people are still using Internet Explorer 6 as their Web browser of choice. A large part of this user base seems to be made up of corporate users. According to Stuart Strathdee, Chief Security Adviser at Microsoft Australia, one of the reasons for this continued usage is that companies have found a virtue in one of the browser’s biggest flaws: it doesn’t work properly with social networking sites like Facebook.”

    tags: ie6, browser

  • “Old-school icon designers and retro game houses alike will be delighted by the release of Sprite Something from Terrible Games. Whether you remember the days of creating icons in ResEdit, or prefer creating RPG characters with pixels instead of polygons, Sprite Something for the iPad will be right up your alley. Admittedly, the audience is small, but the nostalgia factor is too great for it to be ignored.”

    tags: ipad, sprite, graphics

  • “Of the 187 new entrants, all but one are running some variant of Linux and in fact 470 of the Top 500 run Linux, 25 some other Unix (mostly AIX) and the remaining 5 run Windows HPC 2008.”

    tags: linux, supercomputer

Posted from Diigo. The rest of my favorite links are here.

My least favorite volcano

Eyjafjoell, let me go home.

I’ve been in Europe this past week on business and was scheduled to return home to the United States yesterday. I’m still here though I hope to get out later today.

My Saturday morning flight from Munich went without any problems. Because I have elite status on the airline on which I was to travel home, I got to sit in the lounge before my cross-Atlantic flight from Frankfurt to Chicago. I was warned when I got there that my flight was 2 hours late and when I got online, I learned that the incoming flight was four hours late, having been held up in Chicago because of some mechanical problem.

As the afternoon went on though, murmurs about more ash from the Icelandic volcano began to spread. The current cloud is evidently fairly narrow, but is extending very far south and up as high as 35,000 feet. Therefore cross-Atlantic flights have to go way north or way south to avoid the cloud completely. This adds several hundred miles to the flight with associated additional time required.

Then my flight got canceled. When they announced it, I rushed to the front desk in order to get rebooked and maybe get a hotel room. I didn’t get the former immediately because they just weren’t sure about which flight they could put me on. I did get a voucher for the hotel at the airport. They had made me check my luggage in Munich, so they were going to take all the luggage from the now canceled flight and put it in baggage claim.

However, I knew that could take a while. I instead rushed right over to my hotel to get the room. Just as I was walking away with room key in hand, I heard a supervisor say to the reception staff that they were accepting no more room vouchers. So I was lucky and I got a free room. The hotel was not full, but the airline decided that it did not need to pay for delays because of the ash. I was lucky because I was early. In any case, I would have paid for the room. While it was important for last night, it would have been especially important if the delay extended for days.

I then went back across the street, figured out how to get into baggage claim, and retrieved my one piece of luggage. I made several more ventures out, primarily to get more Euros from the ATM in case the delay extended to several days and some food for the evening.

Though I had been given a dinner voucher, the hotel staff told me that it was no longer valid since the airline stopped paying passengers for their inconvenience. I didn’t have a problem with this, especially because I had a room. I didn’t want to eat in the hotel, so I just walked back to the airport and found a restaurant where I could get some “take-away” food.

The airline lounge opened at 7 AM this morning and I must admit I was there ten minutes early. Though they had originally planned to move me to a slightly earlier flight on another airline, I wanted to stay on this one. Essentially, I did not want to get lost in the system of the other airline if there were further problems.

So I’m now scheduled to fly out in a couple of hours, though my making the connection in Chicago is not likely. I’ll worry about that if it is an issue. Though it is a long way, I do drive between home and Chicago several times a year. What is mor probable, if I miss tonight’s plane I will hop on a very early one in the morning.

In any case, I know I can drive home from Chicago. I cannot do that from Frankfurt.

Update for Sunday, 14:00 CET: Flight just got delayed 3 hours because of ash drifting into some of the available tracks across the Atlantic. Will need to go back through passport control and security.

Update for Sunday, 16:20 CET: We got a track an hour earlier than we thought, so we’re going now.

Update for Sunday, 18:50 CDT: Landed in Chicago.

Update for Monday, 01:00 EDT: Just got home, 47 1/2 hours after I originally left the hotel in Munich.

No, I don’t want to store my data on your site

Flickr. Diigo. Evernote.

Everybody wants me to work on my machine but then synchronize my data to their site for safekeeping and social functions. I can understand this for situations where I want others to see my photos or my links, but what happens when I have ten or twenty of these services, all of which have separate interfaces, separate logins, separate passwords, and separate liklihoods to still be around in 5 years?

Unless I explicitly want to use their sites as places that others will visit to see my information, I want to store that data on my own site. That will still allow it to be accessed from anywhere when I have Internet connectivity, but I don’t need to worry about the services themselves just vanishing.

Yes, perhaps those sites have backups, but I can deal with a single backup for my one site. Also, I want the information available in a standard format. If one is not available, at least use XML.

I understand this might cause some business model issues with advertising or premium services. Indeed, if I use their software but use my site as the repository, it opens up security risks as well. Nevertheless, my controlling my data and having it available in standard formats will make me sleep better at night.

What do you think?

Daily links for 05/04/2010

  • “A group of Linux users has filed suit against Sony, upset about the company yanking Linux capability from its PlayStation 3 (PS3) game console.

    When PS3 made its debut in 2006, it gave users the option to run a so-called alternate operating system, something that couldn’t be said of Nintendo Wii or Xbox. The “Install Other OS” feature was popular among gamers who used Linux, the Unix operating system that is free to download.

    But a software update released on April 1 neutered the option, labeling it a security risk. Although the update was technically optional, gamers who failed to install it would no longer be able to watch BluRay movies, play new games, or download copyright-protected videos from a central server.”

    tags: linux, sony, ps3

  • “To this end, I am joining my colleagues from the Office of Management and Budget—Vivek Kundra, U.S. Chief Information Officer, and Cass Sunstein, Administrator of the Office of Information and Regulatory Affairs—in establishing a Subcommittee on Standards under the National Science and Technology Council’s Committee on Technology.”

    tags: standards, obama, government

  • “World of Warcraft steaming to an iPad from Gaikai server over regular Wifi.”

    tags: warcraft, ipad

Posted from Diigo. The rest of my favorite links are here.

Appliances and Linux

A couple of days ago I posted a link to a video I made with Novell‘s Tom Crabb about appliances and the role of Linux in them. Here are a few additional comments.

In your kitchen you have special appliances that, presumably, do individual things well. Your refrigerator keeps things cold,  your oven makes them hot, and your blender purees and liquifies them. There is room in a kitchen for each of these. They work individually but when you are making a meal they each have a role to play in creating the whole.

You could go out and buy the metal, glass, wires, electrical gadgets, and so on that you would need to make each appliance but it is is faster, cheaper, and undoubtably safer to buy them already manufactured. For each device you have a choice of providers and you can pay more for additional features and quality.

In the IT world it is far more common to buy the bits and pieces that make up a final solution. That is, you might separately order the hardware components, the operating system, and the applications, and then have someone put them all together for you. If you have an existing configuration you might add more blades or more storage devices.

You don’t have to do this, however, in every situation. Just from a hardware perspective, you can buy a ready-made machine just waiting for the on switch to be flicked and the software installed. Conversely, you might get a pre-made software image with operating system and applications in place, ready to be provisioned to your choice of hardware. We can get even fancier in that the software image might be deployable onto a virtual machine and so be a ready made solution runnable on a cloud.

Thus in the IT world we can talk about hardware-only appliances, software-only appliances (often called virtual software appliances), and complete hardware and software combinations. The last is most comparable to that refrigerator or oven in your kitchen.

Appliances in the IT world are not new. Datapower, for example, goes back almost a decade with XML processing. There have also been appliances for security, search, spam detection and elimination, and many other specific applications. So we’re well past the pioneer stage, and now we’re focused on ease of creation, deployment, and value.

Let’s focus on the virtual software appliances. Since the image is created to solve one class of problem, it really shouldn’t contain every possible feature in the operating system or possibly even in the applications that run on top of it. It should be just the right size and tuned for just the right use. This makes a simpler environment that takes up less room, is easier to maintain, and might be faster or more efficient.

That means that if you had the ability to package just the parts of the operating system that you needed and dropped the rest, your custom appliance will fit your job better without extra stuff thrown in. Getting back to my kitchen analogy, if all you are going to do is make scrambled eggs, that $300 stove will work as well as the $5000 one. Why pay for or install the high end model if you aren’t going to use all the features?

This is where Linux really shines when making virtual software appliances. Linux is composed of hundreds of packages and you can pick and choose among them to create just the base operating system you need. Now many of them are related, so you do need an understanding of which groups of packages you need to install to get the functionality you need. This can be done manually or more easily via a tool like Novell’s SUSE Studio. Either way, Linux gives you as little or as much as what you want to get the job done.

Beyond the operating system, the applications deliver and define the appliance. IBM’s Lotus Foundations puts together functions like email, calendars, contacts, file sharing, and backup into one appliance. Moreover, since the whole idea of appliances is to give you just what you need, you can create and use a basic model today and perhaps later grow up to another more advanced version with more functions or capabilities for more users.

An appliance might have one main application on top of the operating system or it may have several. If there is more than one, they need to work together and they need to interoperate with other software the user has on other machines. Open standards are therefore very important and should be on your appliance checklist when vetting your choices. Note that some people may start with appliances and then “grow up” into larger installations or, I expect, move to the cloud.

Ultimately your datacenter may have several appliances in addition to more general purpose hardware and software. Think of your kitchen: it has a range of specialized devices as well as multifunction ones. Your needs and budget determine the mix, the quality, and the quantity.

Pick and choose your appliances carefully. Focus on Linux as the operating system in the appliances because of its range of configurations, flexibility, security, performance, scalability, and general quality of service. Then worry about the applications, how they work together, and how well they employ open industry standards to plug into the rest of your critical infrastructure.

Daily links for 04/10/2010

Posted from Diigo. The rest of my favorite links are here.

On highly customizing that open source code

Several weeks ago at OSBC I posed a serious of “hard questions” about open source software. They weren’t meant to demean it, of course, but were really to say that software for the enterprise needs to be held to very high standards, whether it open source or traditional.

One of the sections was this:

Who will maintain your installation of the software?

  • If you are planning for your IT staff to install and maintain your software, make sure it doesn’t get orphaned when you have personnel turnover.
  • When software updates come along, you will need a plan to decide which ones to install and when, especially if major releases come along every six months or so.
  • If you customize open source code for your organization, are you prepared to propagate those changes into newer versions of the code?

Today I saw the story “You may want to avoid hacking your open-source CMS” which discussed The Onion’s experience hacking an old version of Drupal. To give you an idea, version 7 of Drupal is about to come out and the latest official version is 6.16. The Onion highly customized version 4.7. That alone should make you nervous since clearly the software has moved far beyond the point where it was forked.

The original article referenced discussed how The Onion moved from Drupal, a PHP application platform, to Django, a Python framework.

The problems with highly hacking code is that it is very hard to maintain it for functional and security fixes, you don’t easily get improvements to the code base, and you may be doing similar work to what is happening in the community, and maybe not as well.

This reminds me of a blog entry I did in December called “Open source software: modify, extend, or leave it alone?”. There I concluded:

There can be innovation in the core application, but that same application can become a platform for innovation if it has a good extension mechanism. Choose good applications that can be improved or configured outside the core software, and you’ll save a lot of trouble and gain some real advantages. This is true for open or closed source software.

Postscript: As Jonathan Bennett pointed out to me on Twitter, I failed to mention a very important aspect when you do make changes to open source code: offer your modifications back to the community and your code may make it into the main trunk of the project. That is, since you are doing some coding, become a contributor as well. This may not always be possible, but consider it.