Connie, Erica and I attended Adobe's analyst days this week in New York, and Connie and I had a chance to sit down with Bruce Chizen, Adobe's CEO, over lunch yesterday. Adobe is a major player in the Web 2.0 universe, with Flash (and the new Apollo technology) competing with Ajax-based technologies for creating rich internet apps (RIAs).
While Ajax is more open, Flash nonetheless can boast better cross-browser and cross-platform support, especially when moving into the realm of mobile devices. Ajax can run into problems just between Internet Explorer and Firefox, but the Flash player works in both browsers as well as in Safari — and on Linux too. In the mobile, world, Adobe showcased a first-of-its-kind tool for testing how a Flash movie looks on a variety of different cell phone models, with extremely rich metadata about each device. It was able to simulate things like the appearance of the screen outdoors vs. indoors, and the performance of a movie on different phones. We also saw a Sony PlayStation 3 running on Flash content.
One interesting question was about whether PDF was threatened by Microsoft's recent moves to create a replacement standard in its XML Paper Specification (XPS). Bruce's answer was, to paraphrase, "No." He believes — and I agree — that it's too late to displace PDF with any format, and especially not with one whose promoter has the goal of selling Windows and Office in mind. Adobe's recent submittal of PDF to the ISO will really help its adoption in government, too.
The big TJX disclosure prompted me to take a look at the number of personal data records inappropriately disclosed. One such source is PrivacyRights.org. They have kept a record of public disclosures of data breaches since January 2005. Their very conservative count (including records of only US breaches with the possible exception of some of TJX in the UK and Ireland) puts the total data breaches over the last two years and 3 months at over 150 million. That's half the population of the US! Looking through you can clearly see that they've not counted anything that is not publicly verified. So chances are good that your personal data has been lost in the past two years. Since this is a tough problem for corporations to handle, what might the solution be? One tactic I'd support is to make it harder to get credit. Sure it's convenient to open a credit card the same day in your favorite store for a discount, but it stops thieves from getting one in your name too!
Postal regulations matter. The US and most other countries are moving to 'shape-based pricing', which means that postal prices will now reflect the size of the mail being sent, not just its weight or delivery terms. Why is this happening? And do we care? It's happening because the postal regulators have boned up on economics and discovered an amazing thing: their costs are very much related to their machinery's ability to handle volume automatically (no humans). I'll refrain from the usual postal references here.
the first full day of events at the 2007 RFID World Conference, and I’m here in Dallas, Texas taking part in the activities. Most
attendees I’ve talked with agree that attendance is up from previous years,
although representation from RFID users remains notably small. Chatting with
those users who are here has been interesting – these early adopters have
clearly mastered the physics and hardware of RFID but are now encountering
next-stage challenges in data management and integration. Solving these
obstacles seems to be top of mind for both users and vendors alike as they seek
more process-improvement dividends from their RFID investments.
Roy Wildeman | Senior
Analyst | Forrester Research
Often when I order takeout food, the restaurants know who I am right away — as if I was a member of the family. At some restaurants, my son placed the order regularly in the past and they will ask about him, "Is Justin okay? Why isn't he placing the order today?" They will leverage the information in my record to make the order simpler. "So you take the plain nan with that?"
If these small establishments with limited resources have this kind of personalized service, why is it that the biggest financial institutions in the world seem to not have any idea who I am? And if I want to extend my business with them, why do I need to start from scratch?
Information managers I speak with struggle to address these pain points in external communications with customers, clients, citizens, agents, and stores; account opening is near the top of the list of pain points. It exists at the lonely edge of the business process where the company interacts with the client — where information bounces between a company's firewall and the customer's domain — but why is this so difficult?
I spent a fine day at Hyland Software with A.J. Hyland and his team at the Hyland Software annual partnership conference last week. I'd have to say A.J.'s been a bit riled up of late. He admits to having a large chip on his shoulder — analysts and others have been telling him for years that the smallish pure play vendor will have trouble competing, and they make a good case. Consolidation continues and Microsoft Office 2007 is creating confusion for ECM buyers and more fodder for industry watch dogs.
Yet Hyland has grown revenues consistently and has been profitable for years. I speak to information and knowledge management professionals every day and one thing is constant: they are trying to buy solutions that solve problems. And most care little about who is buying who; they care even less about whether an ECM provider is part of a big company positioning for infrastructure of a medium size pure play emphasizing applications and vertical markets. Most companies are like the homeowner that wants a better shower but doesn't really care whether the underlying pipes are PVC or cooper.
"Which operating system is most secure?" is a popular IT religious debate. Symantec released its Internet Security Threat Report for July - December 2006. Around page 40, they discuss the number of vulnerabilities from each operating system vendor and the time it took to patch the vulnerabilities. One way to look at these numbers is to see who patches their systems first as considered in this article on internetnews.com. Considering only that metric, Microsoft comes out the winner with their average 21 days to patch. Hidden behind this number though is the fact that Microsoft advocates for responsible disclosure, which means that security researchers in theory report any new vulnerabilities to Microsoft in secret to give Microsoft an edge over malicious hackers. Open source projects often reveal their vulnerabilities publicly. It's unclear to me precisely how Symantec determined the patch disclosure date and if responsible disclosure would have an impact that gives Microsoft some extra time.
We could measure differently and look only at the number of high severity vulnerabilities; after all, the rest aren't as critical. Then we get a different ranking:
Google announced yesterday that it is changing its data retention policies on searches. It will now anonymize its search logs so that the data is "much more anonymous" after 18-24 months. The skeptic in me wants to know what much more anonymous means, as AOL thought that it had anonymized its searches when it released user search information to researchers. So I dug a bit deeper and looked at their log retention policy FAQ. Seems that they plan to change bits in the IP address and the cookies they send out. That will make it harder to trace specific searches back to a particular person by an IP address. They make no mention of preventing a similar AOL disclosure snafu by ensuring that individual searches by the same person are anonymized in different ways from each other; otherwise, if they are all anonymized in the same way (i.e., IP address 220.127.116.11 goes to 18.104.22.168 each and every time), the searches aren't really anonymous because people tend to search on their own names, SSNs, addresses, etc.