Wednesday, August 31, 2005

fyi Pure-portal era ends, as BEA charts new course


Pointer to article:,10801,104263,00.html?source=NLT_ERP&nid=104263

Kobielus kommentary:
I find this headline more interesting than the story it reports.

This notion of pure-play portal vendors is so obsolete. It became clear several years ago that the pure-play portal vendors were all going to be acquired or killed by the superplatform vendors—IBM, Microsoft, Oracle, SAP, and BEA--chief among them. This notion of a “portal” as a discrete product segment is pure mid-90s. Architecturally, the key concept is the “presentation tier,” and, specifically, a presentation tier in which the principal client is the browser and the principal server platforms include the Web server, application server, and, pretty much, any other server that presents a Web user interface via HTML, JavaScript, etc. In this context, a “portal” is, essentially, any presentation server that aggregates pointers to contents, applications, and other resources hosted elsewhere. In the context of a superplatform, the portal server is usually bundled/integrated with application servers, integration brokers, DBMSs, development tools, and applications galore.

This particular portal vendor has definitely seen better days, and had long ago been marginalized as a market has-been. That plum done fallen from its tree and shriveled.


Monday, August 29, 2005

fyi Google Unveils Instant Messaging, Phone App


Pointer to article:

Kobielus kommentary:
This phase jumped out at me: “Google's grand unification theory may find favor with users tired of IM's historic Balkanization.”

It grabbed me on several levels.

First, I’m struck by the fact that Google is pursuing a grand unification theory (GUT) strategy, in terms of amassing a motherload of users, applications, content, and partnerships around its brand. That’s so 90s.

Second, the fact that Google is doing so while pursuing a “by invitation only” strategy re Gmail is paradoxical, but, in a way, that’s so 00s. The 90s GUT strategy—mastered by Microsoft and Yahoo—was “invite everybody and everything, throw every last scrap of free content and app functionality you have at them, and hope that some cash bubbles up out of the brew.” And, it worked, to the extent that Yahoo is marvelously profitable, Microsoft’s holding it own, and Google, to a great extent, is riding their business models to sustainability.

However, Google has come of age in the post-dotcom-crash post-9/11 world, in which the gated community—not the public commons—is the preferred governance model. It’s invitation-only strategy on Gmail is a gated community that provides the appearance of being more exclusive and/or secure than MSN Hotmail or Yahoo Mail or any other free webmail service. Though it’s still free. People are flocking to Gmail because of this perceived exclusivity. The Gmail brand has that cachet, and Google shouldn’t tamper with it. That’s among their chief differentiators in the commoditized cyberbrand world.

In many ways, IM is a perfect complement to Gmail. IM historically has been a “gated community” collaboration environment of trusted peers. Even in a “public commons” IM environment like AIM, MSN Messenger, or Yahoo Messenger, every user ropes off their own personal gated community in the form of buddylists that are invited to pub/sub their respective presences and thereby exchange messages.

Essentially, IM is a collaboration service where “Balkanization” is part of the core traditional concept. You don’t want everybody on earth to be able to see your presence or pop those annoying messages on your screen. So the service must be Balkanizable from the get-go in order for it to retain its core value, as the enabler of personal gated communities.

Which explains why open standards have been slow to gain traction in the IM space. Five years ago, I predicted that IM standards such as the then-new SIP/SIMPLE would soon dominate the space. Soon, Jabber emerged and promoted XMPP, which has also received IETF’s imprimatur as an alternate open standard. Most of the IM service providers and product vendors committed to implementing one or both of these specifications, and to gatewaying amongst themselves. Some of which has actually happened, but how many of you are on IM systems that make use of such open protocols and/or gateways to enable any-to-any multivendor B2B IM?

I’m not. And I’m sure few of you are as well.

That’s because open standards are not users’ top priority in application environments such as IM that thrive on exclusive peer groups—aka gated communities.

Google should continue to develop itself as the premium brand for search, webmail, VoIP, and other services on the Internet—without charging premium prices. A certain snob appeal can provide the halo around a brand that keeps the hoi polloi forever clamoring for access. And willing to pay for access to that inner circle.

Nice trick if Google can carry it out. If they have the vision and the nerve.


Friday, August 19, 2005

fyi RSS Name On Its Way Out In Consumer Market


Pointer to article:

Kobielus kommentary:
I agree with what Microsoft is (purportedly) planning to do in this regard. By way of historical parallel, does the mass market refer to Internet e-mail as “SMTP”? Or the World Wide Web as “HTTP”? The term “RSS” has stood for “Really Simple Syndication” and “RDF Site Summary,” neither of which jumps out and describes what this specification is all about: pushing feeds down to subscribing desktops. Rest assured, Dave Winer, that techies may continue to use your term “RSS” to talk about the plumbing of these feeds, but a commerce-friendly term like “Web feeds” would be better than “RSS,” at least in terms of articulating the application.


Thursday, August 18, 2005

fyi Project traces human ancestry and migration


Pointer to article:,10801,103979,00.html?source=NLT_AM&nid=103979

Kobielus kommentary:
Hi. I’m back.

This research project puts me in mind of “assurance,” which is the ephemeral trust bedrock on which identity management infrastructures rely.

First, my core definition of “assurance”:

• Assurance: the ability of an entity to ascertain, resolve, and verify others’ identities in a fashion that is consistent with the entity risk profile, and to refrain from or repudiate interactions in which such verification is lacking

Fundamentally, assurance depends on three strong “bindings” that our IdM and trust infrastructures should enable:

• Strong binding of an application interaction session to a presented digital identity/credential(s)
• Strong binding of a digital identity/credential(s) to a private key
• Strong binding of a private key to a private embodiment of DNA (i.e., to an actual human being)

The great chain of assurance: It all comes down to ascertaining that the real McCoy is presenting their actual credentials, and that those credentials were issued to that individual subsequent to a registration, vetting, and proofing process designed to bind it all to their genome.

Their DNA, and/or the outward phenotypical expression thereof. I can’t underline this more emphatically. As I said in my recent Network World column “Identity theft threatens federation”:

• “In the face of never-ending identity thefts, the only way out of this downward spiral is to continue reissuing new credentials to affected users, but only after reputable agents have proofed those users to strong assurance, and only if the new credentials rely on biometrics for strong authentication.”

The great enemy of assurance is impersonation, in which someone/thing acquires enough of our identifiers, attributes, and/or credentials to impersonate us online and elsewhere; to loot our assets; to apply for new bogus credentials in our name; and to generally trash our credit ratings and our lives.

Perhaps the word “assurance” is too vague to go to heart of the problem. Where unseen others find it so easy to impersonate us, maybe the solution is for us to “personate” ourselves ever more strongly. The triad of strong authentication goes part way there: authenticating ourselves online with something we know, something we hold, and something we are. But what if someone impersonates us in order to acquire all of those “something” factors under the guise of them being us? What then?

Which brings me back to DNA, which is our “birth day credential” (or rather, conception moment credential, but first presented publicly on our birth day). Why do we take a baby’s footprint upon birth, but not their DNA print? Why aren’t DNA prints strongly bound to a digital master of our very first identifier: our birth certificate? Absent that, how can we know for sure whether the person claiming to be Jane Doris Doe for the purpose of applying for a credit card account is in fact the person who was born with a particular DNA print and assigned that name at birth (or assigned a name that they later changed to Jane Doris Doe, perhaps upon marriage or adoption)? If we can’t strongly bind a person’s human name to their DNA at birth, and bind each new name (legally changed) to their previous legal name, always anchoring it all in their birth day credential, then assurance is never strong.

And impersonation is a constant threat. Hence the specter of identity theft. Whether or not my DNA flows from a pool plenished by Vikings or beekeepers is an entirely separate issue. Lots of people have the same general mix of DNA sources as me.

But only I embody this particular swirling eddy in that genotypical tidal pool that is currently clattering these fingers on this keyboard. And that deoxyribonucleic whorl/whirl/swirl is my inalienable credential. Considering that it’s available to anybody who finds a single strand of hair that falls from my balding head, it’s as public as the photograph that accompanies my column.


Monday, August 15, 2005

poem Dog


Sheepdogs shear the air
with their bark, prepare

the perimeter
beyond which white flocks

never tend, inside
which grow whole bubble

edens, clusters of
friends and familiar

foe to guide us by,
pastures that glide and

deliver us back
miraculous yields.