November 26, 2007

Tiny screens

Many vendors (like Sharp ) are now releasing tiny (2 inches, 5 cms) screens.
Any geek can say wow, cool but what are they good for in a business environment?
Just a couple of ideas:
  • Graphs. Everyone loves graphs and statistics. Think about a showroom with tiny stats screens(like sells or expected grow) embedded in the walls. Striking. Rember, you don't just have to be good, you have to be remarkable.
  • Personal information: think about a creditcard size device you can lend to visitors at your building or at your congress, broadcasting tv streams with directions or ads on the next speech. Very sci-fi, isn't it?
  • MMS: yes, short video messages. Image a network of tiny screens broadcasting short messages in a production or industrial environment, solving noise and communication problems in the assembly line.

November 22, 2007

Social Intranets

There is a huge anti-revolution going on the last years. It's the "Web 2.0 isn't for serious people" attitude. Followers of this thesis will point out how digg doesn't present business-relevant news, and many famous and popular 2.0 services aren't usefull anyhow in a working environment. These are often strong arguments (take a look at the front page of digg and you will see what I mean) but let's see it from another perspective.

Think about YOUR intranet: it might be featureful, it might support document management integration and have many many features. So, what is missing?
Community, that's what Web 2.0 is all about. It doesn't matter what you are doing with it, but you need a community nowadays.

Now imagine an Intranet where you can know who's online looking at their faces in the upper part of the page, and you can chat with them with one click. Think of a Tag-based information repository, a user-based internal news system and personal blogs. Then, think about integration with outside services, and maybe even your partners' extranets.

If you still don't see how this can help the business, review the budget for the HR division under the "team building" entry: you'll see it can cover twice the price of such an infrastructure. Decrease in productivity and work time? Think about cross selling, think what your organization can do if it really starts working as one individual.

Maybe web 2.0 as-is isn't business oriented, but the right ideas are there for you to take. Do not overlook them.

November 18, 2007

Kindle and the future

As you all most likely know, a couple of days ago Amazon launched Kindle. Kindle is a whole new step in the world of e-books:the design looks great and early reviews are very good, from a technical standpoint.
What's more important, Amazon has created a completely new distribution channel for ebooks, and the story goes on.
But let's imagine, for a moment, that indeed this is the future of reading. Maybe not tomorrow, maybe not in a year, but that's the way to go.

Now, there are a couple of things I'd like to point out.

First: this opens a whole new market. No, I'm not speaking about books: costs in the "printing industry" aren't in the actual printing, nor they have anything to do with authors. It's all in the marketing department, and that's a greatest barrier to entry into this market: even with huge investments it's hard to be noticed, to be trusted.
I'm thinking of everything "side related" to the world of ebooking: everything making the experience of reading an e-book different from reading an "old" paper-book. Services. Subscriptions.Kindle-widgets. This is the new market, the innovation: there's nothing new in a pdf, nor in a txt.

Second: once Kindle (and its clones) will start to become more and more popular, it's likely we'll start so see some "write enabled device". You want to write on your book (well, maybe your textbook at least) don't you? I'd say we'll have write enabled devices in a couple of years,IF Kindle is as big a killer as it seems.
Once you have a very cheap reading device with some writing capabilities, what's the use for paper? You are reading your books on an LCD, you can take notes on an LCD... do the math.
I'd say that the benefit here is for early adopters: a paperless environment might mean huge savings in a short time span, and thus a big competitive advantage. At least, until it becomes a commodity.

NSA backdoors and encryption standards

It's on every security related websites: according to Schneier (actually Shumow and Ferguson) the NSA might have placed a backdoor on one of the new NIST approved random number generators.
This mathematical backdoor could allow the NSA to guess the random numbers given only a small sample: a huge problem for any security algorithm using those numbers. SSL (well, TLS), encryption, anything.
There are huge concerns in the security community about this story: while the standard itself can be easily not implemented - since it's just one of the three generators proposed - one could wonder what's lurking in the other algorithms.

This story reminds me the DES "scandal": NSA modified part of the IBM algorithm (sort of, constants) and shortened the key. No one actually knew was going on then, but after 20 (20!) years it was discovered that the tweaks actually improved the security of DES: NSA knew about differential cryptanalysis, thanks to an IBM engineer, and kept the secret for years while improving DES' resistance to it.
But still, NSA was able to break DES white relatively little effort, due maybe to the reduced keysize. You can read more here.

What's the lesson here? You can be 100% compliant and still be vulnerable in a matter of seconds: a new research is published, a new tool becomes available, and your "one million years guaranteed" encryption can be beaten in 24 hours. And it's likely that someone somewhere is able to break that encryption right now.

So, what are we - what are you - going to do about this? No, the answer is not "stop trusting encryption". You can't do it anymore, not in this world.

Instead, change the way you think about encryption. Most organizations, most people, think about encryption like a commodity, like something that is "hard-coded" and immutable, at least for some years. We'll change the encryption when we'll change the software is a very common quote. It's not enough anymore.

Start thinking about encryption like any of your security-related component: you have to monitor it, you have to upgrade it, maybe you even have to patch it. Here, standards are your friends: what's the chance of getting an upgrade for some obscure proprietary algorithm (Oracle anyone) ?

So, the next time you hear about encryption - anywhere: in a new software, in your network, in a new server - demand it to be modular, to be open. You want to manage it like any firewall, any antivirus, any IDS in your infrastructure.

Otherwise, you can just let NSA handle the problem, right?

November 15, 2007

Virtualization for Disaster Recovery

I wont' discuss why ANY business structure should have a strong Disaster Recovery Plan here. The point is, DR is deadly expensive.
The argument usually used is that since it's a strategical priority (most of the enterprises suffering severe data loss are out of business within 2 years) the cost of a DR solution are not avoidable.

What usually happens is that there is no such thing as an "Enteprise-wide tested DR plan". How can we achieve an affordable, testing-friendly, enterprise-level DR solution? Enter virtualization...

What good can virtualization technologies do for us in the DR space? Just to cite a few:
  • They provide a mean to achieve High Availability, even on remote sites. P2V migration software are available, without even a reboot required.
    Just create a Virtual copy of ALL your production servers and store them on a single machine. In the event of an hardware failure, just bring your virtual copy back online within 2 clicks. Just keep in mind you'll have to keep those server synchronized.
  • They finally allow us to do testing within an environment closely resembling the production one. This is a huge deal, since most DR solutions aren't fully tested: no one will take the responsibility of pulling the plug from the main database server to test a recovery plan, but with virtualization this suddenly becomes doable and easy. Most virtualization solutions will even allow you to test your application under hard network condition (high packet loss, narrow bandwidth and so on).
  • They can be used to leverage the existing backup infrastructure: data backup technology is far more advanced than "machine" and "application" backup. With virtualization, machines are nothing more than files and your "proven" backup infrastructure can be exploited to achieve a wider reach.

And the list goes on. Vendors are fully aware of this new business environment for virtualization, and are now releasing DR oriented products. VMWare has its Site Recovery Manager almost ready and the competitors are catching up quickly.

If you are not planning for server consolidation or virtualization just yet, keep in mind to think about it in your DR plan: it might be the right time to introduce this new technology.

November 12, 2007

10M for an android application

When ten or more chariots have been taken, those should be rewarded who took the first.

-Sun Tzu

That's exactly what's happening here . Google and the Open Handset Alliance wants developers for a still unreleased market, and they're issuing a challenge. There's nothing brand new here, but think about it for a moment.

When the IPhone was launched, we had not even one application available and no plan for an SDK. When Android will start running, we'll already have plenty of (free) software available. High quality software, too. See the point? That's what Google wants to make evident as the difference. It has "we're Google, we're different" written all over the place.

What can we learn from this? It is indeed possible to build communities even before the actual product is released. Specs, APIs and a "low hype high facts" attitude is all you need.
I bet we'll see this happening more and more. Why? Because, as Seth Godin would say, people in such a community are enthusiasts, and esthusiasts spread the word.


Edit Italy is out of the contest. No comment. More info here

November 10, 2007

Knowledge Tree 3.5 is out

KnowledgeTree opensource 3.5 STABLE is out and ready to download.
Sadly, we're still missing the upgrade scripts, but eventually they will be ready too. Knowledge tree is the opensource document management system.

Documanagement is often overlooked by managers in SMB, or handled by huge "fully integrated" colossuses in Enterprise environments. I won't debate on commercial solutions (mostly because I feel the Microsoft solution being the most advanced nowaday, and this hurts my opensource-oriented feelings) but there's something I'd like to point out.

We are in the middle of a deep rethinking of how our digital offices work. We are on the edge of a huge revolution, started something like a year ago and gaining impetus in the whole time. We're moving from a client-oriented software-strong environment to a web-centric browser based environment, where integration and compatibility are the core differential factors.
For years, we wanted the most feature-full softwares we could get, and we would expect everyone to use the same software. Now, we're more and more aware of compatibility issues.

That's the point. Compatibility, integration, flexibility. They're more important than a featurefull proprietary software, doing exactly what you need to do in your business right now. What will happen in 2 years? What if you switch your office suite for an online one (google-docs anyone?)?

Yes, one might argue that investing in an opensource solution is not a 100% protected engagement, since the project might just die. True, but how many business oriented, wide adopted big projects have you seen disappearing in the last couple of years? A couple, at most.

On the other hand, who's going to adapt faster and embrace others' (possibily, competitors') standards: an opensource community powered web-based software or a commercial gargantuan juggernaut application?

November 09, 2007

Going Live

Oversighting is a blog. Not a personal blog, it's a blog about technologies.
It's not a "what's new" blog like Engadget, nor a "long posts, huge contents" blog like Delirandom. It's not even a focused blog like Virtualization.info.

So, what is this blog about?
Oversighted technologies. And what's an oversighted technology? A technology with a completely unexploited use, able to change the way you do business - or maybe improve just a little your life.

Who's the audience?
I'm writing for the IT guys, in the broader meaning but with a business-oriented focus. IT managers or code gurus, I hope they will both find this blog useful.

What about that innovation evangelist tag?
It's half a joke half serious. Just follow the blog and see by yourself.