Will Technorati bring visitors?
Now that I have a somewhat decent amount of content I’m fiddling around with getting the site indexed by more sources. Right now almost all of my traffic comes from Twitter through the initial posts of the topics.
So Technorati I’m claiming this blog: 3s4h7akv62
Now we’ll see if you bring any visitors! I’ll share updates after a month or two of trying to find new ways to bring traffic to the site.
Cloud computing makes “blacklists” obsolete, now is the time for “digital identities”
A common security technique is to classify attackers by IP addresses or reverse DNS lookup and blacklist the bad ones. This technique has been falling in popularity with the increased usage of DHCP and NAT for Internet access and cloud computing will be its death knell.
Cloud computing allows attackers to rapidly switch IP addresses for as low as $0.015 per switch or per hour of using the address. Right now only a few clouds exist so it isn’t quite the wild west yet but over the next 2-5 years we’ll see the thousands of dedicated hosting providers all switching to offer cloud services.
So what this means to the IT security world is you have some time to think about this and get it right using the few clouds out there now. “Getting it right” may require more than just individual enterprises coming up with a way to solve it for them. We really need to get together as an Internet community and discuss this in the broader scope of entity identification. I use the term “entity” because we need a way to identify systems and individual users.
We're going to digital ID, the train is leaving the station
Identity and access management has always been viewed as an enterprise or site specific issue — this needs to change. The recent Twitter hack is an example of how out of control identity and access management has become. Understanding and documenting all of the application interactions around identity management in an enterprise is something few if any have a firm grasp on. We’ve finally reached the point that implementing an Internet wide “digital identity” with a centralized identity and access management architecture similar to the domain registration/SSL certificate heirarchy.
OAuth and OpenID are a good place to start the discussion as they have the proper frameworks but they lack a centrally managed authority or list of authorities to manage identification and authentication. Major “trust” providers on the Internet need to get together and solve this: VeriSign, Google, Microsoft, Ebay/Paypal, Banks, and major Internet Service Providers (AT&T, Verizon, Comcast, Cox, Time Warner, etc.).
Major Web 2.0 players have large directories of people but they don’t have a real trust relationship — just because you have a Myspace/Facebook/Twitter account doesn’t mean I should trust the e-mail you send me but if Chase Bank says you have a bank account with them and you’re sending me an e-mail I’m much more likely to trust it. With the appropriate identity management if you’re sending spam I can flag that and Chase will tie it to your “digital identity” which is tied to your “real identiy” provided when you created that bank account. It will be much more difficult to create new identities than it is today and we’ll see a significant decrease in “wild wild west” type behavior on the Internet.
The secondary benefit is consumers will also start to take security more seriously as they won’t want to waste time getting the “spammer” flag removed from their digital identity because their system was hacked (similar to disputing things on your credit report if the system works out properly). They’ll also prioritize security in their buying decisions forcing system vendors to take it more seriously.
A tertiary benefit will be a reduction in misleading activities that lead to horrible events like the Myspace teen suicide because people won’t create fake identities to hide behind. Some may say this is part of the “fun” of the Internet as it allows them to escape from their day to day lives. That type of fun isn’t good for both parties involved — typically part of the fun is misleading other people such as the recent case of the lady that pretended to be a 15 year old kid with cancer. “Fake identity” activities like this should be restricted to a place like Second Life where everyone knows people are pretending.
As private industry and a world society I hope we can take care of this ourselves before it gets so out of control Congress tries to figure out how to do it and we end up with some horrible mess of a “National ID and Digital Identity Act” that looks at it only from the perspective of the USA and makes it very difficult for non-US citizens to do anything online (as most of the major Internet properties are US based) creating a whole new barrier for 3rd world citizens to overcome.
Cloud Computing, “For Everyone, Not Everything”
Cloud computing is a broad term that covers Internet based services that provide SaaS (Software as a service), PaaS (Platform as a service), and IaaS (Infrastructure as a service). SaaS services are the most commonly used cloud solutions — web based e-mail is the prime example. The most widely used PaaS offering is probably WordPress.org unless you consider customizing your Facebook profile a very restricted PaaS. IaaS is the newest of the cloud services with the most well known example of Amazon Web Services which includes EC2 (cloud servers) and S3 (cloud storage).
Until Hotmail launched in 1996 we all pretty much had an e-mail client on our own system and potentially had to run our own mail server if we didn’t want to have a mailbox tied to our college or ISP — now almost all of us use any number of SaaS e-mail services. Many of these e-mail services now include full features that businesses expect such as Rackspace E-mail or Google Apps Enterprise.
Before cloud based services if you wanted to have a website you had to run your own server until GeoCities launched in late 1995 — now PaaS providers from GoDaddy, for low price, to Mosso, for horizontal scale, provide very capable platforms to deploy a website without having your own server.
Now IaaS providers like Amazon, Terremark, and Rackspace are eliminating the need to always deploy and manage dedicated configurations for complex applications. Before these type of IaaS offerings companies like Twitter would end up with their own datacenters and dedicated infrastructure. Load testing services from companies like SOASTA would be cost prohibitive to offer.
So what about the title, “For everyone, not everything”? It sounds like cloud has the capability to do everything now doesn’t it? In a broad sense, yes, it can do a bit of everything but specific use cases in all service times aren’t a fit for cloud. In the e-mail world if you want to do offline messaging on an airplane you want a mail client. At the platform service level perhaps your application runs 10x faster if you can customize a couple of libraries or it just doesn’t work at all without those changes. The infrastructure offerings force you to re-architect for horizontal over vertical scale to use them effectively.
Many other use cases aren’t a fit for the cloud yet. Take video rendering as an example; it is much less expensive to buy a video card capable of performing rendering than it is to stream the rendered video over a network as 30 JPGs per second. Another example is a retail POS system, at least some of the functionality needs to be in the store — you don’t want to stop selling things if network connectivity is lost. Many more explanatory and reasonable examples abound.
Will cloud ever be the answer for all computing needs? I doubt it, but over time it will be used to solve more problems because a centrally managed pool of resources provides greater efficiency and flexibility. An example on this is utility power; we use it almost exclusively now but for a few use cases we still need generators. Cloud will succeed and it will be adopted for a wider set of use cases over time as it will address those use cases better than previous generation solutions.
Unexpected use cases, what a Service Provider never sees coming…
Service Providers launch offerings with a particular use case or set of use cases in mind. Flickr launched a photo/video sharing site, Joyent offers Accelerators to host websites, and Google/Yahoo/Hotmail/etc. offer free e-mail. All of these services have other ways they could and probably are being used….ways the product teams never expected.
Plenty of on-line backup services exist, Jungle Disk (disclosure, they’re owned by my employer), Carbonite, Mozy, AT&T Remote Vault, and more. These services are all priced around $50+/year after you have a resonable amount of data. This is where Flickr enters the picture in our unexpected use cases…by using steganography I can have 50GB of free backup and after that it only costs me $24.95/year for unlimited.
Why are free e-mail services interesting? They offer free storage and bandwidth again expecting you to use it for e-mail. Many of their terms of service don’t prohibit account sharing. If you are a software company looking for a low cost way to distribute your newest release get company@<freemail>.com and upload it there. Setup the auto-updater in your software to check for a new version in the e-mail and if it is there download and update.
For general web hosting providers offer different package offerings with CPU/Disk/Bandwidth under the expectation you’ll host your entire site with them. To differentiate some offer extreme amounts in one of the categories to attract customers. One example of this is Joyent Accelerators with 10TB of transfer for $45/month (or $199/year prepaid). They figure you can’t use 10TB of transfer with 5GB of storage. I can host all of my images for an advertising campaign at Joyent and store the DB and rest of the site elsewhere. Off AWS 10TB of download transfer would cost you $1,700/month but CPU/Disk are much less expensive than they are from Joyent (my employer is Rackspace where our cloud offerings are priced much more like AWS).
This extends beyond just technical services as well. The best example of this is the “all you can eat buffet”. They pick a price based on average consumption and charge everyone the same. This works better in the buffet world than it does in the information services world as people generally eat in groups of friends or family. Information services however we can consume individually thus allowing use case versus price arbitrage much more efficiently.
Service cost arbitrage exists all over, the reason we have it, and the reason more people don’t take advantage of it is many of them aren’t efficient to utilize. If I release a steganographic Flickr backup client they’d change their terms of service. If all software companies started using free e-mail services for distribution, they’d change the terms of service. Even the “all you can eat buffet” would change the terms of service. When I used to wrestle in high school our team of 40+ would go to buffets after our tournaments and we’d frequently see a near-realtime change in the terms of service — i.e. we’d get thrown out of the buffet after we ran them out of food.
When developing a service offering the best way to meet the expectations of all of your customers is to price each component in a fair manner. Consider running promotions or specials with limited terms if you’re trying ways to attract new customers rather than setting artificially low prices in a particular category believing people will use the expected use case.
Google’s “Office” is YouTube
Right now Google is a “one trick pony” and eventually like Microsoft did with DOS and then Windows you saturate that market and can only grow at the pace of the industry. The only way to have huge growth again is to find a new line of business. For Microsoft it was and still is the Office suite (Word, Excel, PowerPoint, Access). For Google it is going to be YouTube…
This isn’t going to happen over night but it isn’t much more than 5 years out. Early adopters are already consuming Netflix through their Xbox360. TV manufacturers are starting to include network adapters and PC manufactuers are shipping home theater studio PCs with remotes. The next generation of home game systems will all be TV/Movie capable; Microsoft can already run the AT& U-Verse software on an Xbox360 (Microsoft is partnered with AT&T with the video delivery software).
So how does all of this help Google and YouTube? Right now for TV+Broadband the consumer spends $80-200/month with the broadband component costing $20-80 leaving $60-120 for the TV content portion. Broadband $/Mbit will continue to become more efficient allowing more and higher quality video to be delivered over it.
Time Warner Cable already sees this coming and they put new bandwidth caps on their broadband (5GB, 10GB, and max 40GB tiers) that limit their users to ~9 hours of HD quality video per month. AT&T only offers their highest speed broadband bundled with TV service (you can get 6Mbps DSL for $35/month which is enough to deliver 1 HD stream). Verizon offers their FiOS service with or without TV and for $69.99/month you get enough bandwidth to have 3 HD streams going at once.
So as long as the carriers providing the bandwidth don’t lock Google out they’ll be in the game for the TV portion of the revenue. Right now all cable providers are limited to providing commercials based on service area — Google and YouTube can deliver commercials to each subscriber. Google can cross reference your search information and base the commercials you see on that. Because of this they can generate more $/commercial. Imagine this — you searched earlier in the day for ‘new car’ and went to Ford, Audi, and BMW websites — now you’re watching the newest episode of “Super Show” on YouTube and Google can show you car commercials.
The TWC, Cox, Comcast group will fight this as hard as they can because they don’t have a carrier backbone so if you’re a traditional cable customer expect to see further limits like the one TWC has in testing in a few service areas now. AT&T and Verizon are better off as they don’t need to pay transit fees for traffic from their subscribers across the Internet.
With mobile devices starting to become video capable Google is in the drivers seat here as well. YouTube already works perfectly on my BlackBerry Bold and as mobile carriers move from 3G to 4G and battery technology makes huge strides (thanks to the investment coming from the automobile industry) many of us will be watching TV in the future on our phones.
What about Hulu? What about other video startups? Just like Microsoft having the OS it was much easier for them to create a synergy and add the Office suite. All of the pure video plays lack the dominance in search that give them the ability to better place relevant advertisement.
The TV advertising market in the US is between $50-60B annually. Google can double their revenue by getting half the market share in TV advertising that they have in Internet search. Android, cloud computing, business e-mail and office applications, and the rest of their current projects don’t have the potential that TV does. They can be good profitable business units but Google’s route to the next major growth will or won’t happen based on their ability to execute with TV.
Cloud Computing forces IT “Evolve or Perish”
When I started this blog I thought I’d be talking about technology on a regular basis and so far I haven’t. This is still somewhat business related but it is also very tech heavy. The tech focused pieces I intend to explain at a level that an average “nerd” gets but the average adult can read.
Earlier today I spent an hour watching one of the Rackspace founders deliver a training video intended for new hires in 1999. In the video they go through the complexity of ensuring hardware works properly together, that the OS is installed properly, and that DNS is configured properly. Now just 10 years later much of this is significantly simplified. When is the last time you spent time dealing with an “IRQ conflict” or “checking jumper settings” (hardware related troubleshooting that is automagic today)?
Now as we move to cloud computing with pre-defined virtual machine images the “OS is installed properly” piece is going away. Projects like TurnKey Linux will lead to one-click application stacks on top of an OS. For much of the IT community their career has been performing these tasks. Now instead of an application developer needing a system administrator to “build the server” they go to a web based control panel, pick the system type they want and click “create” and the server is spawned.
It isn’t that the system administrator career is being completely eliminated; rather instead of every company needing their own system administrators in the future the computing providers will need them and general business will only need to have an IT staff that works on their specific business applications. Business won’t need to have many other “building block” level IT roles either: networking, desktop support, and storage/backup administrators.
Many in the IT industry think I’m taking things a bit far when we have this discussion. I don’t believe it’ll happen over night but during the next 10-20 years it will. Looking back in the past nobody has a “typing pool” to type up hand written notes, a “courier” to deliver a message across town in a hurry, or a “research” department to go look up basic information we all have access to now through a search engine in a matter of seconds.
This is where the “evolve or perish” comes in. If you’re within 10 years of retirement and focused on the building blocks you may want to consider a job at an infrastructure company or risk the business you work for now eliminating your position in a transition to cloud computing. If you’re at the start of your career and focused on those building blocks you need to be the best and brightest in your field so you can obtain one of the service provider jobs in a much smaller market going foward. Your other option is to evolve and move further up the application stack. This could mean learning how to properly architect an application to make the most cost effective use of the utility priced OS clouds or it could mean going all the way up the stack to interface design.
This isn’t all doom and gloom. Evolution and automation like this increase productivity allowing us to focus on moving forward more rapidly. If you enjoy your IT industry job start asking your employer what you can learn above and beyond the building blocks to help out. While you may not need to today it is much better to be ahead of the game rather than waiting around for a layoff to start learning in panic mode.
