Trends in Business Intelligence

Five trends in Business Intelligence (BI) are identified and examined in the September 2009 issue of Smarter Technology. There is some overlapping among the five items but it's a good selection to illustrate current developments in BI:

• Predictive analytics - BI can advance further by adding more advanced statistic analysis tools and models.
• Agile development - a model with small but continuous improvement is more in line with how other parts of the enterprise works.
• User-centric BI - providing richer tool sets for different groups of users allows a better use of BI.
• Visualization improvements - visualizations have developed a lot with Web 2.0. There are many technologies that makes it easy to produce more sophisticated presentations and this can be better implemented in BI.
• Operationalization of IT - This is an important but a complex trend. There is a need to make the information more accessible and operational in nature. BI should also be better integrated with other kind of information systems - it's fair to assume it will be much tighter integrated with ERP and other business systems.

Two important driving forces behind these trends are the maturity of BI itself and general developments in IT. The current economic climate is also an important factor by focusing attention on providing hands-on and immediately useful information.

Looking ahead - will these trends eventually push BI to merge with other IT systems and thus start to dissolve as a distinct technology? I hope not, such a scenario would have a negative impact on the development in the long term.

Enterprise Cloud

There are many cloud providers on the market and many more will surely to emerge shortly. One new player - OpSource Cloud - is a bit different (public beta) by providing many enterprise security features.

VPN comes standard with any service and the security can be customized within a multitier environment. Full control over the firewall is also provided and an advanced access control schema. The system is SAS 70 audited and the support ambition is high.

It's definitely an interesting product and will be attractive in some circumstances but I am not sure there is currently enough demand for this solution. Time will tell.

Apple in the Enterprise

Apple's operating system has gained traction in the consumer market, moving its overall market share from the traditional level of 3-4% to the current level of 8%. If Apple keep it up will Mac OS soon be in the double digits and that is a completely different story than previously - it's still a small player but it's now playing in the big league.

Despite Apple's success in the consumer market is there not much, if any, traction for Mac OS in the enterprise market. Silicom.com explored the issue with CIOs and analysts in a recent article and concludes that the main resistance remains the "prohibitive costs involved in such a change". The cost factor is, of course, even more of an issue in the current economic downturn.

So far, nothing new but the article move on and explores two interesting issues:

1. Mac OS is entering the enterprise through the backdoor by end users bringing (unsupported) Apple computers into the environment
2. Apple's image as product for artists and designers.

On the first issue, introduction through the backdoor - it's certainly taking place and the author reference support for the seriousness by quoting Michael Silver of Gartner and
cheerfully concludes that it's a "phenomenon that's only set to snowball". It may be a bit too early to declare this as a snowballing process - it's hard to quantify to what degree this occurs and if there is a sustained impact because of this anarchistic behavior.

Apple may still have have an image, among some people, as a product for artists but the company has been successful to move the image away from the traditional notion and, instead, cast it as a product for independent and cool people. Continuing penetration of the consumer market will further help Apple in this endeavor and other successful Apple products such as the iPod and iPhone contributes to positioning Apple, as a brand, in the mainstream

Another hurdle for Apple to overcome is the conservatism among the IT grunts in the enterprise. The article doesn't explicitly comment on this, presumably because the main focus is on the CIO level, but the fact remains that it will be very difficult to change the status quo without buy-in from this group. After all, it could be disastrous for a CIO to introduce Mac OS in the organization and depend to IT workers loyal to Windows for success. It's a dangerous if a group has the ability to prove its point by its own failure. The only way for Apple to break into this market is by remaining persistent and improve support for enterprise features. If there would emerge more players (read Google) in the operating system marketplace would that too be to the benefit of Apple.

Locked in Battle - Microsoft, Apple, and Google

Nobody can have missed the animosity and confrontation between Google and Microsoft. Fierce competition is a good thing but I am somewhat surprised by the sustained hostility and fervor. Apple is certainly also a player and competes with both Google and Microsoft in different segments but there is just not the same kind of hostile energy when Apple is involved.

Microsoft has a huge lead in the operating system market. Google is moving into this market and is in a position to finally bring Linux to the masses. However, the primary objective is surely not to directly challenge Microsoft but rather to develop a niche and chip away the impression that Microsoft owns the operating system market. More diversity in the operating system market will certainly benefit the smaller players and not by proportional measures - the gains for smaller players will accelerate as the market is changing. Microsoft will surely remain the leader, by far, for foreseeable future but Apple's OS X and Google's forthcoming Chrome is an attempt to change the dynamic of the market by breaking what has appeared to be a Microsoft monopoly - it is not a bad game plan.

Microsoft is challenging Google in the search market and Bing is a really good effort but it lacks an edge compared with Google and the core functionality - search - is, at best, comparable to Google. Currently, there is simply not enough incentive for users to abandon Google for Bing. But Microsoft will continue to challenge Google and they have time to work on the product.

The cell phone market and portable music player (iPod) markets are equally interesting. Google's Android platform is gaining traction and it will soon appear on more phones. Microsoft Mobile is far behind. Palm and RIMs Blackberry are fading. The iPhone is such a strong concept that it will surely continue to gain in the high-end segment of the market. Apple has managed to create a community driven ecosystem in the apps market and iTunes remains in a strong position in digital music sales - it's a concept that is very difficult to copy even if the competitors will eventually catch up and even surpass the iPhone itself. Microsoft's attempt to challenge the iPod with the Zune is so far pretty far from being a seriously threat.

On the application market is Microsoft's flagship - the Office Suite - under attack from both free software with similar capabilities (foremost OpenOffice) and web based applications such as Google Apps. The latter threat is more serious because it's an attempt to change the fundamentals - from local applications to web based applications. The web based applications have not caught up yet but they're making headway and key functionality such as offline capabilities are slowly emerging. This is a fundamental threat to Microsoft and this is the wider implication of the fight in the browser market. Just like with the operating system market, the primary objective of Microsoft's competition is to defeat the dominance and change the market.

The three companies are big enough to stay in the game for a long time so it will be a long battle. It may not only prove to be a good fight and drive innovation through competition but increased friction in the three areas (search, operating systems and web applications, and hand-held devices) may accelerate the development further and create ripple effects.

Google's Operating System

Google's announcement of the plan to release a Linux operating system, Google Chrome, next year wasn't exactly greeted by a unison voice of excitement from the Linux or from other parts of the open source community. The concerns are many, including fear that it will only splinter the Linux community and that Google will end up owning the world.

I don't know if Google will be successful but it seems like many miss the point of what Google is aiming at doing. The point is not to challenge Microsoft at building the current kind of operating systems. The point is to drive the development of operating systems in the direction of web applications and cloud computing. And that is much needed.

It is a good project. Google has defined a clear mission. It knows Linux very well and understands the power of web apps and the cloud and how to harness it. After all, Google built its breakthrough technology on Linux and a cloud-style design making computers work together. Lastly, no matter how people cut this - it's perceived to taking up the competiton with Microsoft and there are very few companies that can do that in a credible way. Google is one of them.

Vendor Management

Ericka Chickowski lists six CIO mistakes in vendor management in her article in CIO Insight, May 2009. It's a good selection, let's have a look at the mistakes to avoid:

1. Failing to speak with one voice: It's important to manage the interaction with the vendor. Too many cooks without an executive chef is a big risk and managing a vendor by committee doesn't work.
2. Skipping the homework: Investing in the project with good prep-work is usually a very good investment - minimize the need for the vendor to read your mind. The vendor want to avoid mind reading but will have a shot at it if needed - you may not be too happy with the outcome.
3. Fixating the price: The price is important but it's only one aspect. What ueis a good price if the vendor will not deliver a good product or not on time?
4. Using too few suppliers: Reliance on a few vendors expose you to risk and undermine your position in negotiations. Diversify!
5. Only dealing with large vendors: Choosing "safe" and large vendors may not be a guarantee for success. Often, you will get the B-team of a large vendor while smaller companies generally provide direct access to the principals.
6. Signing and forgetting: The signature of a contract is merely the start and checking-in and reviewing status is imperative.

The Browser Market and Web Apps

The browser market is fundamentally different today compare with a few years ago. The latest market share provided by Net Applications leaves Internet Explorer with a 67.77% market share. This is down nine percent from a year ago but the trend becomes even more pronounced when looking even further back such as the above 90% market share in late 2004.

While Microsoft owned the browser market five years ago, it is now a diverse market place with Firefox continuously growing and after passing the 20% mark in late 2008 and now listed at 23.84%. This is an annual increase of about five percent. The diverse nature of the browser market is fortunate as web apps gain increasing importance. Hence, the technology to access the web is not controlled or dictated by one company or group.

Safari has increased its market share to 3.53% which is about a percent higher than a year ago. The increase for Safari is currently not primarily driven by the browser itself but by the success of Apple's products.

The newest player, Google's Chrome, remains at a modest share of 1.79% but the product is still very much in its infancy. Google is pretty open and clear about its ambitions, as articulated in a recent interview - serving as a catalyst to improve the JavaScript capabilities of all browsers seems to be one of the principal motives behind the project.

How will the future browser market look like? If the current trends will remain steady may we in two years have a situation with IE at 50%, Firefox 30%, Safari 15%, and Chrome at 5%. However, that assumes that there are no disruptive change.

Web Apps - Google Showing the Way (Again)

Once again - Google has built a web based application which is superior to a regular client application. I am referring to the improved Gmail web application for iPhone and G1. The web app was released earlier this month and I took plenty of time to try it out. I have switched now and I am only using web Gmail on my iPhone.

I have noted that the improved web app has, largely, been greeted positively but most reviewers still seems to refrain from switching from the mail app - for instance, as reported on The Web Worker Daily and by bloggers such as Matt Thommes. Email usage and habits may account for some differences of how the native mail app is compared with the web app but I wonder if the reviewers had the patience to really give the web apps a fair chance.

The web app implements key Gmail functionality such as threaded email conversations and labels (and stars). The proper search functionality is an added benefit. But the benefits goes beyond that and the app is, in my view, much smoother and more responsive. It's interesting that the inherit Ajax functionality of the Safari browser offers a richer experience than the native applications - the floating bar is probably the most obvious example of this. I also find it possible to accomplish more with fewer actions in the web interface.

The only real down-side I see at this point is that some buttons are a bit small, such as the refresh button.

What Business Leaders Can Learn from the Military

Colonel Tom Kolditz was the guest at a recent Harvard Business IdeaCast. He is an expert on leadership in dangerous situations. Col. Kolditz is teaching at West Point and the author of "In Extremis Leadership: Leading as if Your Life Depending on It".

Obviously, leadership in extreme situations where lives are in danger is a bit different but the Colonel points our three lessons business leaders should contemplate in the situation with economic uncertainty:

1. With the feeling of increased danger, there is increased focus on the leader. Individuals will rely more on the leaders and try to read how the leader perceives the situation and what approach will be pursued.
2. There is a greater focus on the core competence of the leader while "soft skills" becomes less important as the stakes are higher.
   
3. Trust in a leader becomes more fleeting than normally and trust is largely determined on an assessment of if the leader is going to put the interest of the organization first.

The discussion is also available through iTunes podcast directory as Harvard Business IdeaCast 133.

Top 10 Functions to Outsource

Most of CIOs and CTOs will be asked to trim costs and improve operational efficiencies as the economy labors through the recession. Outsourcing is one option.

Baseline Magazine discussed what functions are most suitable for outsourcing with Frank Casale of the Outsourcing Institute and Allen Weinberg of McKinsey & Company’s Outsourcing and Offshoring Practice Group. This is the resulting top ten list:

1. Application Development. If this is new - start small with a project or two.
2. Testing. This is good to outsource whether you outsource other parts of the process or not.
3. Application Management. If you prefer to keep the dev team in-house, is this an option to make the organization lean.
4. Database Management. You can often buy better expertise in this area for a fraction of price for staff.
5. ERP. Outsourcing in this area has matured and is increasing.
6. Help Desk. Outsourcing the entire of part of the function may cut costs and increase the service level.
7. PC Maintenance
   
8. Systems Integration. Restructuring in the market place (by mergers and acquisitions) will increase the need to integrate systems.
9. Infrastructure Management
   
10. Business Process Outsourcing (BPO).
    

Execs Views on IT - Importance, Efficiency, and Innovation

The IT Governance Institute (ITGI) recently released the survey An Executive View of IT Governance. The survey was conducted by interviewing 255 non-IT executives across 22 countries. There are some interesting general conclusions in the results despite the lack of focus on a specific geographical area or an industry.

IT is considered to be very or somewhat import to the organizations, as indicated by 87% of the execs. IT is also perceived to contribute to efficiency and effectiveness on equally high levels, rated at 87% and 81% respectively. The same standard is, however, not maintained when it comes to contributions to innovation. Only 59% of the execs consider IT to make very or somewhat important contributions. Of this number, the very important contributions is a dismal 22%.

The consensus is somewhat reassuring - that is, IT is important and it makes important contributions to efficiency. However, the low rating in the area of innovation should be call for concern especially for organizations operating in a particularly competitive or technology intensive environment.

Innovation is a different animal and it takes a mix of using analytical skills and thinking outside the box. This is different from making sure the lights are on at all times and optimize system performance and peoples interaction with IT systems. Clearly, more work needs to be done in IT innovation and the best approach is to try different solutions based on the assets available.

Community-source Development

IBM's success with community-source development provides much needed metrics to illustrate the effectiveness of this model. In community-source, the traditional means of using employees for software development is combined with open source collaboration.

The community-source approach is more focused on solutions to needs compared with the traditional open source model. Additionally, the concept attempts to capitalize on sharing code across different kinds of project in a more seamless and integrated way than traditional open source.

Community-source is the result of open source combined with Web 2.0 thinking and a strong project management component. It's not really new, IBM started in 2002 but it took a few years before it matured. IBM's community-source effort currently have more than:

• 31,000 users
• 1,400 projects
• 2,400 instances of direct reuse of components

The potential for large savings in development costs and avoiding vendor lock-in comes at the top of the list of specific characteristics of community-source development that may be particularly appealing in the current economic climate.

Ultimately, community-source allows organizations with shared business challenges to collaborate. This surely means lower costs but they have to be mindful and keep an eye on the competitive edge of the value proposition especially when direct competitors are involved in the process.

Top 10 Security Technologies

This top ten list may not appear on Letterman's Late Night Show but it's interesting for the enterprise computer environment - the ten most popular security technologies have been identified in Deloitte's 6th Annual Global Security Survey, as referenced by Baseline magazine:

1. Anti-virus software
2. Firewalls
3. Spam filtering
4. Virtual Private Networks - VPN
5. Web content filtering/monitoring
6. Intrusion Detection Systems - IDS
7. Anti-spyware software
8. Directory servers
9. Encryption
10. Intrusion Prevention Systems - IPS

In sum, no big surprises on the tally and the four are predicable. 96 % of the organizations in the survey have anti-virus software and firewalling remains a necessity but it's alone not enough. Spam filtering has become necessary in order to keep the junk-mail at bay and VPNs are used to connect networks and allow employees and others access to the corporate network.

The Google Goof

You may have heard about the snafu at Google on Saturday morning when all items showing up on Google search were listed as potentially harmful sites. It was, literally, a small error - a slash was added to a file by mistake. News about the glitch spread fast and it showed up on my Twitter within minutes and the rumors where flying during the 40 minute malfunction.

Obviously, Google needs to modify that procedure and add a review and maybe use technology to analyze how the new paths impact the search results. Hopefully, some changes have already been made. The incident illustrates, however, how incredibly dependent we are on this one company. I must confess - I am an avid consumer of Google's services but this dependence is not good.

Unfortunately, it will probably be a long time before any company can seriously challenge Google. Microsoft will not succeed - they have proven to be ineffective in the web space. Yahoo is sinking. Microsoft will get it for a better price now but it's still a sinking ship.

Changes in the Web CMS Market

The year started with a surprise in the CMS market - Autonomy acquired Interwoven. In a way, it makes sense because Autonomy wants to add Interwoven's WorkSite to its compliance products. But the acquisition drastically change the dynamic in the competition between between Interwoven and Vignette in the web CMS space.

It looked like Interwoven had a leg up on Vignette before the acquisition and it was openly talking about going after Vignette. The biggest question in the wake of the acquisition of Interwoven is how Autonomy will manage the integration of the new entity and its long-term plans (or lack thereof) in the web CMS market. It's hard to ignore that it doesn't have a stellar track-record when it comes to integration of new entities.

Amazon Sales - Like a Rocket

Good news from the corporate world is almost news itself these days and Amazon's 2008 fourth quarter sales report is cheerful reading.

The sales for the quarter increased with 18%. Such an increase is, of course, huge in the face of struggling retail sales but Amazon also outperformed the US e-commerce sector which is estimated to have suffered a 3% decline for the same period.

Examining the Case Against Web Apps

Web based applications have been on the raise for many years and the trend is embraced without much exception. So, it's only healthy to consider the opposing point of view in Neil McAllister's piece "The case against Web apps".

The article is a five point critique of browser-based web apps:

1. It's client-server all over again.
2. Web UIs are a mess.
3. Browser technologies are too limiting.
4. The big vendors call the shots.
5. Should every employee have a browser?

Neil fails to make a convincing make the case that the drive towards web apps are fundamentally not sound - he fails on two accounts. First, many of his concerns, while valid points, are pain points and challenges in the development of web apps and not evidence of structural shortcomings in the concept. Second, he disregard the overall developments in the computer industry and assumes technology as static.

For instance, Neil points to the challenges of maintaining datacenters. It's a challenge to shoulder capacity for services with a large number of users no matter what kind of applications is used, web apps or not. The challenge of scaling computer power is something that is addressed with technology such as clustering and cloud computing. So, it's a valid point but not really an issue of web apps or not.

The author criticizes the inherit thin-client approach of web apps and points to the fact that a lot of client-side computer power is left under-utilized while the application is running on the server. The development of netbooks and smartphones contradicts the assumption that there will always be powerful client-side CPUs but the fundamental problem with this argument is an underlying assumption that web apps, as a technology, is static. I think it's likely we will see more work pushed over to the client in web apps. Actually, the modest attempts to provide off-line functionality for some web apps is actually a step in this direction.

Again, the author has a point - there are strengths to a more traditional client application architecture but it's narrow minded to assume applications would be limited to the traditional desktop application. The iPhone and G1 phones demonstrates this by using applications as a centerpiece in the customization of those devices. We can have a resurgence of applications in some contexts and it just doesn't contradict the web apps concept.

The bottom line is - the web is already a vital media channel, and all content and service providers will have to maintain some offering on the web. Consequently, moving some applications into the web space is an inherit streamlining of technology.

Looking at the big picture, one of the biggest benefits with web apps is that it provides a widespread platform allowing for new applications to emerge without the traditional barriers.

Case Study: My iPhone

In order to illustrate the highly customizable nature of the iPhone, let me share what I have on mine as a small case study.

Address book: My address book is connected to an online contact database provided by ZYB. This provides an ongoing backup of my contacts and it's much easier to add and edit information in a browser. The app for syncing is SyncML by Synthesis AG.

News: I am a newsjunkie. I get general news from AP by the app Mobile News. The current version of the app is a bit slow to update the headlines but it's otherwise a good app and fantastic content. The app Bloomberg is an incredible source of financial news and information about stocks. The app use movement of the phone for navigation in a very smart way. I get customized news with the RSS reader NetNewsWire by NewsGator.

Networking: The apps (in order of importance) are Facebook, TwitterFon, and LinkedIn.

Calendar: I use the Google Calendar and the app SaiSuke provides full access. It costs a few bucks but it's well worth the price.

To do: The app Zenbe by the company with the same name provides the ability to work with to do lists on the phone and online. The lists can be shared by many users and also integrated into web content such as the customized Google page. I use it for work lists, private lists, and grocery shopping lists - it's very practical.

Google Docs: I sometimes use Google Docs and the app MiGhtyDocs provides read access to the docs while on the go.

Wikipedia: The app Wikipanion provides easy access to Wikipedia. It's fast and easy enough to be used while engaged in conversations or in meetings.

Personal finances: I use the generic Banking app and it provides basic access to my accounts. That's just perfect, not too much access but limited to looking up information easily on the go. The app Pageonce is interesting and I use it to centralize account info and access information of services such as my AT&T billing information, rewards programs, travel info, etc. It can be used for other matters such as credit cards but I am not comfortable to go that far.

There are a bunch of other good and nifty apps, such as AIM, What's On? for looking up the TV schedule, iSSH for server administration, AirSharing to carry files on the phone. I also use the Amazon.com app for shopping and researching products.

There is actually something for everybody on my phone and my five year old daughter love to play with the app iDoodle2lite.

There are also decent games for the phone and apps using the GPS.

Of course, the phone is also a phone and an iPod, it provides access to email, web browsing, camera, and alarm clock - those are important features but it's not what makes this thing rock.

IT Trends 2009

Baseline magazine lists 10 IT trends for 2009. There is considerable overlapping among some items and the ranking can debated but it's not a bad list:

1. Software as a Service (SaaS)
2. Virtualization
3. Enterprise mobility
4. Energy-efficient data centers
5. Security, risk and compliance
6. Social networking
7. Web 2.0
8. Document management and e-discovery
9. Project management and project portfolio management
10. Web and video collaboration

This list captures the general trends, beyond enterprise computing - the main thrust is still the convergence on the Internet. The convergence includes moving traditional activity into a web context and the birth of new ,web based, means of interaction between people and storage of information.

The convergence is increasingly apparent and accelerating for computer devices. The traditional division between cell phones and laptops is blurred by the iPhone and the G1 on the cellphone side and the netbooks on the laptop side.

The delivery of computer capacity is also increasingly delivered over the network and cloud computing is now delivering more server computing power and storage over the Internet.

Windows Infection - Possible Botnet

The worm has a few names - the most common are: Downandup, Downadup, Conficker. The underlying problem (vulnerability) was found some time ago and Microsoft released an update in mid October. The worm came about by the turn of the year and the infection rate has been something extraordinary - estimated at about 9 million about a week ago.

It's not terribly hard to fix an infection with removal tools provided by a number of companies but the purpose of this worm in unclear and it has a remote-control mechanism. Consequently, the worm can produce a very large botnet. Huge. Much bigger than anything we have seen.

The original infection was somewhat new by installing from memory devices and tricking the user to actually do the installation. The worm is then spread automatically from the infected machine.

The worm is a mutating code piece of code - this is not a new technique but it's used to disguise the control mechanism making it harder to shutdown. The worm is also packed with self-defense measures making modifications to security and network settings.

Now what? Well, we'll see if the worm will in fact be used to marshal a botnet. If so, this sucker may pump a good deal of spam or conduct other mischief such as powerful distributed-denial-of-service (DDoS) attacks.

What's Different with SaaS?

What is the impact of introducing Software as a Service (SaaS) in the enterprise? No fundamentally new IT issues are raised by SaaS but there is a shift in focus and some adjustments to the infrastructure may be needed.

There will be a stronger reliance on the SaaS provider compared with traditional software. If the SaaS provider is down - well, that's it. The troubleshooting will be limited to figuring out when the provider will restore service. The loss of control is very uncomfortable for many IT professionals but it can (and should) be addressed by managing expectations.

Another consequence of SaaS is a higher degree of dependency on the connectivity to the Internet. The biggest change is that the quality of the connection will be more important than previously.

SaaS will also affect the user experience and the change with be in both positive and negative terms. Communication is key - my experience is that a mixed bag of changes doesn't usually cause too much of a problem with users as long as it's properly communicated.

iPhone and G1 Driving the Market

A few years ago, who would have guessed that Apple and Google would drive the cellphone market? Well, here we are - these two companies are now the high-end cellphone market. OK, RIMs Blackberries and a few similar gadgets are trying to adapt to hang on but they are not in the driving seat.

It's significant to consider the background of these two companies - one is an old computer company and the other born in the waves of the web. Apple may be a traditional computer company but it's a highly innovative player and it created a new market with the iPod. Google's lifeblood is innovation and they have been successful so far even if they made a number of PR blunders leading up to the phone.

The successful quest of these two companies is not a coincidence - the high-end cellphones are convergence gadgets. They're not phones and they are not computers - they are bit of both. I noticed that my usage the traditional computers changed when I started to use the iPhone. I also started to do some new things thanks easier access to information.

The access to the web browsing on the iPhone is good but that is far less important than what I anticipated - I don't browse the web that on with it. Instead, the apps provides easy access to the information I need and want. This represents another aspect of the iPhone/G1 concept - it's a highly customizible platform. Apple still controls the districution channel of the applications but they rely on others to produce the programs - this results in leveraging innovation on a scale no single company can compete with. The Google product has relinquished control completely and the total openess of the Android platform will probably respresent an important feature in the competition with the iPhone.

One important aspect of many of these third party applications is the integrate of the iPhone and G1 phones with other systems and information. Hence, the value proposition of these gadges is not only access to email and web but access to all other kinds of stuff we aready use (mostly on the computer). Additionally, Google and Apple have developed some new features and those are nice but they are not what makes these gadges fly.

Watch Out with Secure Certificates

You may have heard it, there is a problem with an aspect of SSL - namely MD5 hashes. The practical implication - it's possible for an attacker to "impersonate" a site with what would appear to be a valid https certificate or eavesdrop on the traffic (MiM - Monkey in the Middle). Vulnerabilities in MD5 have been known for years but exploiting this has now been done and demonstrated in public.

The problem and the remedy for rest with the Certificate Authorities (CA) issuing and verifying certificates. The fix is simply to use the SHA1 hashes instead and that is already done in many cases but the problem is that as long as MD5 hashes are accepted is there a risk that a false MD5 hash can be used.

How easy is this to do? Well, it requires some effort - the demonstration in Berlin involved 200 Playstatation3 machines working for a few days. Of course, any kind of computer power can be used for this kind of work, even (and maybe in particular) rough computer power such as hijacked computers forming bot nets.

It's noteworthy that other things relying on SSL, besides https certificates, may be affected such as SSL VPNs.

State of the Browser Market - Firefox Hits 20%

Firefox has exceeded a 20% market share according to Net Applications. The survey is primarily focused on the US browser market. Firefox appears stronger in Europe and a recent survey by Xiti Monitor of France pegged its market share to just over 30% in Europe. The trend is clear and it's even more pronounced in certain segments such as the web tech crowd using the W3Schools resources. The site has tracked browser statistics of its users since 2002 and Internet Explorer's started with a 85% share but this number has been decimated to 47% in November 2008.

Let's examine the competition between Firefox and Internet Explorer by looking at the value proposition of Firefox. Firefox offers rich functionality provided by the large number of available extensions (add-ons). This is a very successful way to leverage the community based nature of Firefox/Mozilla and it's difficult for Microsoft to replicate. Security is another aspect. Firefox has not stayed clear of security issues but the problems have not been on the same level as with Explorer. The recent vulnerability in December 2008 affecting all versions of Explorer was one of those very bad vulnerabilities putting the system of the user in jeopardy.

Microsoft has two major advantages - a fundamental lock on the enterprise browser market and the ability to integrate the browser with other products such as the Windows OS and specific applications. However, it's apparent that the company has been unable to use the latter to its advantage without getting in trouble with regulators or creating security problems. But the company still has time for a turn-around considering it claims 60-70% of the overall browser market.

There are also some smaller players in the browser market such as Apple's Safari, Opera, and the most recent addition - Chrome from Google. These browsers are not in any way serious competitors in overall market share but they change the landscape by reinforcing that the web is not a single browser environment. Safari and Chrome may actually not primarily aim at maximize its market share in the short run but create a narrow and specialized market around products such as, in the case with Apple, related to iTunes and iPhone. Nevertheless, the benefactor in the browser war at this juncture is definately Firefox.