Wednesday, 21 November 2012

Joining Gartner

I've not blogged for a couple of months now and thought I should explain why: I've joined Gartner as an analyst, or more specifically a Research Director working in mobility with a particular focus on mobile apps, mobile app platforms and mobile strategy.

Gartner rules prevent me from commenting publicly on areas we cover and for very good reasons. Unguarded analyst remarks have been used by the press and vendors and can have unintended consequences on share values and sales. People take our views very seriously and having met more stunningly intelligent, articulate people in the last few weeks than in a very long time, rightly so.

So this blog will now occasionally feature me commenting on things unrelated to mobile: cameras, books, films, art, theater, running, exercise and other cool things that I come across. I may appear on the Gartner Blog Network in the new year depending on how busy we are. 

Monday, 17 September 2012

Chasmic Angst

The tragicomic outpourings over the iPhone 5 continue, with the entirely unsurprising record preorders being taken as final proof of the sheep-like nature of iPhone users or the unquestioned supremacy of the device to the faithful depending on which zombie army you hear. This comes on top of howls of pain from techie fanbois seemingly expecting everything from projectors to time travel, and the hoots of derision from Android users who've been taking panoramas for a year now and rightfully take exception to claims of novelty. Perhaps saddest of all are pundits (and I'm looking at Robert Scoble here) diluting their equity by attempting to talk up the unremarkable, although the fanbois attempting to justify both the proprietary nature and prices of Lightning cables and adaptors may come bottom equal.

All this noise is drowning out the silent entry to a new era. We may, finally, have reached the infamous and quite possibly mythical Year of Mobile, although it would probably be safer to stick that label on 2013.

This is because it would seem that Apple has now crossed Geoffrey Moore's chasm. The fact that the device is boring, has the same Fisher Price interface as four years ago and doesn't do anything new or interesting is what they like about it.  Early majority users now feel comfortable splashing out on one of these devices in the misguided view that it's a stable, safe purchase.

Large numbers of normob users will have a dampening effect on genuine innovation so the Apple fanbois had better get used to it. Of course life would be easier for them if they hadn't spent the last few years being objectionable to all other mobile users and if Apple stopped claiming originality where none lies.

Thursday, 13 September 2012

Photoshop Fixation

Yesterday's Apple launch of a device with a slightly larger screen has lead to howls of horror from graphic designers and a part of the app dev community. Oh no, they cry, not another set of screen dimensions for which we need to make a separate UI!

Sigh.

This kind of comment has been going on forever. Before mobile it was desktop apps, and it has always existed on the web where many designers prefer to work to some imaginary fixed size than make the most of the available screen. I feel like I've been fighting the same battle over and over since the 1980s. I even completely automated it for the Java ME world of smart and feature phones that existed before the iPhone and Android.

I can't resist saying this again, sorry. When the iOS SDK first came out I looked in vain for the API that returned screen dimensions. Checking the sample programs they all used literal hardcoded numbers, not even proper constants. I really was shocked, but apparently the powers that were had decided that 320x480 was what the masses wanted, now and forever.

And so Photoshop became the mobile UI prototyping tool of choice.

To understand why this is so wrong it helps to go back to the basics of art training. A good knowledge of anatomy - bone structure and musculature - is fundamental to being apply to paint, sketch, draw or sculpt people. Artists have to understand what's going on below the skin to make their work look good. The same is true for designers: prettiness is not everything, it's got to hang on the bones and move with the muscles.

At least this time round I'm not the only person wanting people to design adaptively. The responsive design and progressive development movements have understood that relative design and intelligent adaptive coding can not only address a few dozen pixels here and there but create optimal user experiences across widely varying screen resolutions.

The rest of you had better take heed and get with the program: there are more and more form factors coming to market. Making your pretty face fit the head it appears on isn't that difficult. Just get on with engineering it.

Tuesday, 11 September 2012

Are comments the death of debate?

Historically most people spend time with like-minded friends and have limited exposure to those of opposite views. Even when we do meet someone with opposite views there is body language and societal rules about how to behave and talk with them. When this doesn't happen we have other words like riot or lynch.

On line things are different. While there are sites where like-minded people can pat each other on the back and support their points of view, there are plenty of sites that at least try and address topics where multiple views may be help. Technology news is a classic.

The internet has long been a safe haven for trolls who love to wind others up or simply don't have the social skills to see what they are doing. However we seem to me moving into a time where opinion has become a matter of faith. Faith, as we all know, is not based on fact. Faith is usually undermined by fact and destroyed by reasoned debate.

In an ideal world unfettered commenting on articles would be a great public debate, leading to shared enlightenment and harmony. Unfortunately most of them dissolve into a brawl. Just look at Techcrunch comments on anything mobile, or any posting even vaguely related to American politics. They all lead to disproportionate, unseemly outpourings of hate. Eventually that will be enough to prevent many people from discussing a topic, which may well be what the haters want. Not the suppression of debate, although some will, but not to have their views challenged.

Monday, 10 September 2012

Mobile OSes and the UNIX Workstation Wars

Last week I wrote about tech culture having shorter and shorter memories. When an old friend reminded me of the Apollo Domain workstation, one of the first proper graphical workstations on the market back in the 1980s, I was struck by the resemblance between the current mobile market and the workstation market then.

Back then PCs were slow things that accountants used for spreadsheets and on which secretaries typed up documents in Word Perfect, not realising that their whole profession was soon to vanish. Serious minded people with engineering degrees and beards needed the oomph of a Graphical Workstation.

Apollo's Domain was one of the last proprietary operating systems as UNIX spread. Indeed, if you go back to that seminal work on technology entrepreneurship, Gordon Bell's High-tech Ventures, securing a UNIX license is one of the steps any startup must go through.

UNIX was everywhere, except that everyone had their own "added value" version and silly name. IBM with AIX, HP with HPUX, Sun with SunOS then Solaris, Digital with Ultrix, ICL with PNX for the short-lived Perq product. Each one vaguely similar yet irritating different.

Over in the world of PCs there was Windows and a tiny number of people using Macintoshes. CP/M was already dead and nobody in their right mind was making new operating systems until some bright spark came up with the idea of an open-source version of UNIX.

Strikes me that the world of mobile is very similar - each company has it's own variant on a theme, all with some kind of irritating "added value". What can we learn from this? While most of those old UNIX versions still linger on in high-value data center systems, the workstation market has vanished, leaving a world with Windows, Macintosh and a smattering of Linux amongst techie people. Hardware makers went back to doing hardware and just licensing software, limiting their efforts to littering their products with useless extras. The consumer and non-specialist market prefers something it recognises.

RIM and its efforts to make something out of BB10 remind me most of Apollo and Domain. Brilliant at the time, but eventually succumbed to the lower-cost, standardised UNIX layer. Acquired and assimilated into HP in the end. 

Friday, 7 September 2012

The Network is the Risk

John Gage of Sun Microsystems, now part of Oracle, famously came up with the slogan The Network is the Computer to usher in a new style of computing. He was describing the UNIX workstation paradigm. Machines connected by a local network cable and using a central file server. This architecture, which is now taken for granted, ushered in a whole new range of threats and risks.

Fast forward a couple of decades and network is largely synonymous with Internet that risk has become a whole lot bigger. Faster forward again to today and both network and Internet are synonymous with wireless, ubiquitous connectivity. Each stage widening that range of threats and risks.

It is therefore time to introduce a new aphorism:

The Network is the Risk

People serious about information security still keep discrete computers discreet in metal-lined tents. Enterprise IT departments keep trying to lock their data away in key-card protected data centers, but it keeps leaking out into mobile devices of all sorts. That network connection is now the biggest risk CIOs face.

Wednesday, 5 September 2012

Shorter and shorter memories?

Just as the memory capacity of portable devices explodes are our cultural memories getting smaller? While software and computing have continually reinvented themselves, it seems that the memory cycle is getting shorter and shorter and narrower and narrower.

Maybe this is an aspect of the increasing complexity of technology where nobody can know the entire stack from circuit to UX. Yet at the same time that technology makes it easier and easier to decipher.

This came to mind reading an article about QR codes where the author clearly had done no research on the topic at all. A few quick searches and he would have learned that the idea of cameras always being sensitive to QR codes has long existed in Japan and other markets. As it is his piece comes over as, in the words of the social media generation, an epic fail.

Looking at the burgeoning consumer app market you can find loads of examples of people trying to reinvent concepts that failed five years ago for good reasons. Unfortunately adequate technology was rarely one of them. This could explain the rather depressing stream of emails telling me about services I'd forgotten signing up to were closing.

But one area where we really, really should remember all the failed systems in the past is in enterprise integration. Nobody has an excuse anymore, technical or business, for thinking that whatever they are building will not have to connect to other systems or to new end point devices. Yet this happens again and again.

So people, please check your history, plan for the future, and only then start to build.

Monday, 3 September 2012

Are development tools always playing catchup?

Older people will know that the item in the picture is a Stanley Yankee pump screwdriver. You carefully slotted the bit into the screw and then pressed the handle, hard. The ratchet turns and you drive the screw into the work. It requires strength and accuracy as those things were quite long.

Of course yankees have long been discarded in favour of their electric descendants and rightly so. An electric screwdriver gives more power, longer, without quite so much accuracy, and often comes with torque control to boot. Power tools in general have represented a huge jump in operator performance, ranging from chainsaws to minidiggers and backhoes through to Dremels.

However the jump from Yankee to electric screwdriver is nothing like as big as the jump from a traditional screwdriver to the Yankee. And unlike the jump in productivity from first steam shovels over an army of navies, sometimes a couple of guys with a shovel are more effective than a minidigger.

While software development tools have moved on from when we punched codes into cards and tapes, they are still largely recognisable. We have seen lots of fantastic productivity aids like autocompletion, library look up, static checkers on top of simply having more screen space. However have we seen the huge quantum leaps like the steam shovel?

Proponents of 4GL tools would say they have, but, like a steam shovel you still need people round the edges to finish the job. They'll do fine if you don't mind software that is the equivalent of raw shuttered concrete, otherwise you need to pass it on to the finish teams.

The availability of huge, free class libraries for everything from UI to analytics is probably a more significant step for the creation of attractive, advanced software. They take out much of the grunt from the old days when you had to write your own linked list package for each new data structure.

The real problem, however is that the vast increase in expectations and complexity in apps leads absorbs all the improvements in developer performance. We wouldn't need the wonderful jquery transitions functions if we were happy with content simply changing. Extra time that was gained by using things like comms libraries are absorbed by fiddling around with graphics.

The consumer revolution is out the bag and we need to consider any software team a multi-disciplinary one, including designers, writers, and QA as well coders. About the only thing we can be sure of is that complexity is not going down and that expectations are going up while we set yet more form factors and channels appearing.

Friday, 31 August 2012

More pain: captchas

Captchas are those things where you have to decipher some illegible text and type it in. They are a pain and I'm sure most people wonder why on earth they are there. The answer is, as usual, well known to the tech community but a mystery to normal folks. It is to solve what is essentially vandalism - preventing spam robots flooding systems with junk.

Of course the vandals are finding their way round captchas through the use of better image recognition technology, hence the increasingly illegible text, and by the use of minimum-wage humans somewhere in a cold warehouse deciphering the damn things all day.

Despite that captchas are still quite effective which is why they appear on almost all major sites. They have one huge advantage: there is no need for prior information about you. They are a guard that can precede registration or fit nicely into a casual process such as commenting.

Ever tried logging into Facebook from a new or recently-cleaned computer? It feels like you're challenged by the triple heads of kerberos: password, captcha, then the ultimate test: identifying people in your and your friends photos. A brilliant mechanism but it relies on having access to names and faces ruling it out for the vast majority of systems.

Secret questions are good too, as long as you know what they are. One e-commerce site I used once and wanted to use again challenged me to to give it my secret answer - without telling me the secret question. And of course I have no idea which of a range of questions I used!

Sadly we are faced with a need for something like captchas to protect against the invading spamming hordes and that's going to be a pain for the foreseeable future. Blending of mobile with web potentially gives systems the ability to validate identity on the other channel, but that requires disclosure of information and doesn't work on mobile alone. Identity management is an interesting area and one with a lot of scope for growth, especially in the consumer space.

Thursday, 30 August 2012

Password pain

Continuing from yesterday's security there, I'm going to pick up on two real pain points: passwords today and captchas tomorrow. Workers in IT will have literally hundreds of them to use on everything from wifi access points to secure rooms containing building security back office machines. There's no way they can store them all hence the rise in apps that help store passwords hopefully securely. Prior to that people wrote them down or kept them in text files.

A long time ago when working on steam-driven machines we had to use double, 16-character automatically generated passwords that changed every two weeks, usually on five to ten dev and test systems. (It was a hardware company, we had lots and lots of toys.) The only way was to keep them stored somewhere and the most common solution was the equivalent of Notepad and then copy/past them into the remote logins. Hopefully nowadays people in equivalent positions use KeePass.

Normal people, on the other hand, probably don't know about such tools or, more importantly, realise they need them. I doubt we've moved much forward from the scene in 1983's WarGames where the school secretary keeps a list of passwords in her desk drawer.

While normal users are probably aware that they should not use obvious passwords and all the rest, they probably don't know why. Probably just as well if they did they would probably avoid the services.

On the other hand maybe they should know. I registered on a well-known ERP vendor's website to access some reports yesterday - it asked for a 6 to 8 letter password, letters and numerals only. And you want people to spend millions on big backends based on clearly a VARCHAR(8) password store?

But my least favourite of all these systems are the partial passwords used by financial companies, most notably as part of the 3-D Secure from Visa and MasterCard. These ask for different letters of your password, usually giving away the length of the password at the same time: please enter the third, fiftth and tenth letter of your password. I defy anyone with a decent password to be able to do that without writing it down first, blowing away the shoulder surfing risk reduction. Meaning that your password is now available to snoopers at both the consumer end and the backend where it can only be stored in cleartext to allow a check of that nature. And that means it is only as secure as the vetting process on the database engineering team.

The only glimmer of hope in this arena is the growing use of Facebook, Twitter, Google and others as means of logging people in without the need for the entry of passwords. Facebook offers really good authentication due to its vast collection of photos that it will require you to identify. Google offers two-factor authentication with mobile which is inconvenient but reasonably secure. While Twitter hasn't quite reached those levels yet; at least there don't seem to be any exploits.

Sounds mad that a social media platform is more secure than the banks, but there you have it. Perhaps your internet banking service should authenticate with Facebook. Stranger things have happened.

Wednesday, 29 August 2012

Security and the common man

A friend of mine posted a link to this article today: The Importance of Security Engineering. It's an interesting appeal for the creation of a more formal approach to security, even the creation of a proper security profession, although the author isn't quite clear how about the right way to achieve that. His point wasn't really that - it's just that most people don't understand security - probably security of anything, but especially information systems. We know this to be true since most people don't understand the basic elements of the systems let alone the security aspects.

Security is generally about complexity and constraints, being represented as encryption and policies in IT. Unfortunately people don't like either of these things and therefore try and do without them for as long as possible: let's face it, security is a hassle. But not having any will be even worse as it will end in disaster, either falling foul of some exploit or, possibly worse, the law. Increasingly credit card issuers are doing their best to push responsibility back on users and governments are regulating access and management of user data. Protection is needed as an individual and a corporation.

Complexity has been at the root of locks since they were first invented, trying to keep one step ahead of the pickers. However locks have a second, almost magical effect: they imply security without necessarily actually offering it. A massive lock on the back of a castle door didn't just make it more difficult to open, it made the owner feel better protected and probably put off the softer marauders. A modern-day example of this is the pathetic little things that luggage manufacturers insist on providing with their products. One slight tug and they break, but they provide a degree of comfort to the owner. A lock symbol provides a sense of comfort to users, but sadly nothing to deter attackers who are likely to be a long way away.

Policies are all about doing things properly and protecting sensitive assets, the electronic equivalent of not leaving your wallet on a cafĂ© table or making sure that documents are safely locked up. The mathematical complexity of encryption has nothing on the nefarious complexity of assessing potential exploits and both are definitely in the realm of specialists. Most policies are like airport security theatre and only protect against threats that have already been tried. Serious protection comes from thinking like a black hat and exploring each and every avenue from which your systems could be attacked.

There are specialists who will do this for you, but even they haven't always thought through all the myriad ways that mobiles can be added to the mix. Nobody has. So we have to attempt to instill in users a sense of precaution, even an element of fear, to ensure that mobile end points are at least handled properly. We're just at the beginning of this process and there's a lot of FUD, especially from vendors with weak solutions to nebulous problems. You should be assessing how you are protected, whether a consumer or an enterprise mobility manager; a little investment will give a big return.

Tuesday, 28 August 2012

The surprise jealousy of BYOD

When IT dishes out the same low-spec, end-of-life device, be it phone, laptop or desktop, to everyone there is little scope for jealousy. That's one of the advantages of uniform, as well known by schools in particular.

Move to a model where each can provide their own device. What happens to people who may need a top-end model for work, but can't afford one? Especially when senior management, who can afford the latest toys, are provided with phones that they don't use or understand.

This is the jealousy conundrum of allowing free use of personal consumer devices at work. And your mobile policy had better address it, starting with needs analysis.

This is particularly useful when it comes to tablets, where nobody really needs one yet but it might make a useful addition to the fleet of toys. A good way to smoke this out is to ask whether someone is willing to give up their laptop in exchange for a tablet. Most of them will suddenly reconsider how important it would be to them.

I've found a matrix mapping tasks to needs to devices is incredibly helpful. You can use this to define the priorities for each device. Adding whether the task touches sensitive data, if relevant, and you have the beginnings of a simple risk assessment table too.

Monday, 27 August 2012

Not over yet

There has been an impressive amount of thoughtful writing over the weekend about the on-going Apple-Samsung patent trials. I haven't seen too many fanboys crowing about it, but that might just be that I've not read the places where they write. And in any case it would be far too early for them to claim that iThis and iThat have conquered all.

Last week we saw both a Solomon-like judgement in South Korea where some phones both Apple and Samsung were banned for infringing each others IP, followed by a curiously one-sided result from the US.

I don't have any doubts that in the early stages of developing their amazing Galaxy line Samsung did indeed copy the lumpen iOS interface. I remember avoiding certain Samsung phones precisely because they did look like iPhones, however the things that are being quoted as being copied clearly have prior art, and that's disturbing.

At least the jury ruled that consumers could tell Galaxy tablets and iPads apart. A small element of common sense in the noise, especially when there are tablets on the market that really are physical copies of the iPad design down to the logo on the back.

What's also interesting is that it would seem that the jury didn't follow the judges instructions properly, and that alone is cause for an appeal if not a retrial. One of them has been quoted as saying he wanted to punish Samsung - not a very balanced sounding comment and demonstrates how the trial, inevitably, turned into a circus.

Apple's blind rage against Android and actual belief could lead it into unexpected trouble. One is that the result has apparently worked as an endorsement of Samsung devices: just as good but much cheaper, seems to be the message. The other one is that, having provisionally established that a rectangle with curved edges can be claimed by one company, that same stick can be used to beat Apple. And the recent Motorola claims are now reinforced.

The real winners are, of course, the lawyers, and the losers are consumers who will probably have to pay more for phones and tablets. More importantly, small companies with good ideas are also losers asit seems them have no protection under the current US patent regime.

Friday, 24 August 2012

Camera+Cloud = Long-term security risk

While it is now clear to the whole world that what happens in Vegas no longer stays in Vegas, the problem of rapid and often automatic uploading of images is something that needs concern everyone. Phone cameras have long been of concern to security officers but attempts to ban them in the workplace have largely failed outside of military or heavily regulated premises. While holding images of work documents and information on the phone was bad enough, but now many people with smartphones will have some automatic cloud upload enabled.

I've used phone, tablet and real cameras extensively for years to record white boards, and recently there has usually been a crowd of people doing the same. Save taking notes and provides an undebatable, ambiguous record of at least what was written down. It means that whiteboards can be wiped down immediately which seems like a good, secure thing to do.

Having those images immediately available on the laptop is handy too - it means that you can type them up easily, email them to colleagues or upload them to project tools like Huddle, IdeaPlane or Chatter. Or accidentally upload them to Facebook along with little Suzy's birthday party pictures.

And once on the cloud - whether public or private - they stay there. Until recently Apple's iPhoto Stream did not even allow deletion of images. DropBox automatically uploads images, as do other similar services. Android has Instant Upload for Google+. So a typical personal iPhone with access to a personal DropBox, work-related Egnyte, and a configured Photo Stream could end up with at least three copies of the photo. At least because each of those services will diligently copy the file to each and every device on which it is configured: laptop, desktop, tablet.

Apple's Photo Stream is a particular issues here as deleting a copy from one device does not remove it from the others in the same way the file-sharing systems work. A user with an iPhone, iPad and Macintosh will have to delete the same image three times making it easy to leave some alone. Android's Instant Upload is a little easier in that it only creates an on-line copy but again this will not be removed when the handset copy is deleted.

Unlike the Minox-totting secret agent most staff will be blissfully unaware of this, but consider disgruntled employees coming across a forgotten shot on a confidential whiteboard on their own iPad having returned a work iPhone. Lots of potential for trouble.

Since the BYOD cat is out of the bag in many companies, certainly for senior staff who can afford smartphones, it is now clear if prevention is possible. Reminders, education, policy and contractual protections all help until better management tools arrive.

Thursday, 23 August 2012

Mobile security risks: carelessness

There are a lot of scary reports about mobile security risks, usually promoted by companies offering solutions to the alleged problems. Most FUD is targeted at Android because it allows apps more freedom. However most people ignore the most obvious risk: owner carelessness.

The biggest risk for any mobile device - phone, tablet or laptop - is loss or theft. And while theft is a large risk, simple carelessness is the biggest one. When we were working on mobile betting apps the biggest risk we identified was simply leaving the phone on a table in a bar while going to the toilet and friends larking about it with it.

While a number of solutions have been envisaged to stop you losing a phone, the simplest approach is to ensure that it itself is protected with a password or pin and a timeout. You may still lose the phone, but at least people can't get into it.

From an enterprise point of view it is possible to enforce security for email protocols (Microsoft Exchange does this, for example), but it is equally important for consumers. Do you really want someone picking up your phone having access to your Facebook and email?

So far I've never lost my phone - although I've had the occasional panic - but I was convinced of the need for protection a couple of years ago as the amount of information invested in my device rose above a certain threshold. I use a seven digit security code which is quick and easy to type, certainly much easier than having to re-enter passwords in each app. This is one of the basic anti-carelessness protections I've written into IT mobility policies, especially for BYOD, and recommend to everyone.

Wednesday, 22 August 2012

Zombie Mobiles

We're all very quick to talk about RIM disappearing, Symbian vanishing, the end of Windows Mobile, although all of these systems have made huge contributions to where we are now. In the industry we're always clamouring for new toys and usually enjoy upgrading.

But outside in the real world most people don't know what kind of phone they have, nor do they care. And for many people changing or upgrading brings fear and uncertainty to the point they would rather leave well alone and stick with it. Given that many of these devices are rather well made they can stick around for some time. Welcome to the Zombie Operating Systems that Refuse to Die.

In the world of computers this is a well known, although little discussed problem. There are people still running their businesses on Windows 95 out there storing their data on Zip drives. Some large companies still refuse to upgrade from Windows XP. There are probably people still running industrial processes with PDP-11s.

While the users of these systems are perfectly happy (at least until things break when panicked searches of eBay start), they create issues for software vendors and employers who are considering encouraging staff to use their own devices, or BYOD as it's known.

There are only two possible responses: make a huge effort to support everything with a gracefully degrading mobile internet site for those with older devices, or just tell everyone to get with the program and get something decent. I strongly favour the latter, accompanied by a recommendation and even purchase program. But you may have to go down the former route if, for example, the chairman cherishes his ancient golden Nokia 8800 too much to let it go.

This is, of course, only one of the BYOD issues. The consumer mobile app world has already voted with its revenues and moved to newer grounds. Enterprise providers may not have that option, as a key customer demands back support. More on other challenges later in the week.

Tuesday, 21 August 2012

Patents 2.0

Imagine looking up patents this way?
Google has now spoken out about how software patents are unhelpful and the tech press is buzzing about the futility of it all. Perhaps it's time for us all to think about how to actually improve the process and provide a new framework - Patent 2.0 to use a slightly out of fashion style of name.

Before launching into that I think it's worth reminding people that until recently software could not be patented. Indeed many patent offices still do not accept software patents. The reason being that there had to be a system, production method or device being protected, not a business method or process.

It is also worth looking to two other sources of ideas. The first is the academic review process where research only counts if it has been peer reviewed and published. The ease with which people can publish material on the web has perhaps pushed that a little of sight, but the concepts are still very valid. A little bit of effort should be required before claims can be asserted. Otherwise we descend directly into politics, which is what is effectively happening in the Apple vs Samsung vs Microsoft vs Motorola vs Nokia battles.

The other is the Open Source movement, where anybody can post any piece of code they have knocked up, but only the good ones are propagated as the community will not adopt anything else.

These are both very similar - the only real difference is that the academic process is formalised and anointed by professional bodies like the IEEE and professorial status.

So how can we get Patent 2.0 working? First of all the convoluted existing system is way too complex to fix overnight. And it probably works fine for other industries - I have no idea if there are a group of pharmaceutical engineers having a similar debate - so perhaps we just need to revert to the original status of not permitted software.

Next step is to make a new, global registration service for soft concepts: software, design and perhaps other things that may come into play like music and sounds although they may be adequately covered by copyright.

This global service would be peer reviewed to ensure that prior art and really obvious stuff isn't accepted. Of course this needs some definitions. What's obvious to you and me might be rocket science to someone else so we need some objective definitions. Here are some criteria that I think help define obvious:

  • Moving something (action, method, system) from one domain to another. As example, watching a video on a portable device is not an innovation from watching it on a static device.
  • Incremental changes to something else that make no new contribution. As example Apple's lawyers claiming that rotating pinch zoom by 45Âş makes it new.
  • Something that is really well known and taught in basic CS class, for example doubly-linked lists. (Thanks to Crawford Currie for the link.)
  • Claims are challenged at point of registry by the peers, not "lazy evaluated" at the litigation stage, which is the current process, eliminating the vast majority of the basics.
I've been trying to come up with some kind of minimum intellectual value concept but so far not found one. Besides which I tend to feel that market competition will determine which one wins and that's probably better anyway. In a non-commercial framework this seems to work well, with many open source packages offering the same facilities but some becoming industry standards due to their quality while others fade away.

What else could we add to Patent 2.0 to make it work better than the present system?

Monday, 20 August 2012

Avoiding the negative spiral

So now Google Motorola Mobility join the patent litigation frenzy. They hadn't really been left much choice by the aggressive tactics of certain other players who think that there is a huge amount of legal fees innovation in a gesture being rotated by 45Âş.  Even the usual fanboi trolls on techcrunch kept quiet about that.

So just as Seth Godin is talking his usual good sense about avoiding the race to the bottom we see exactly that happening to the protection of intellectual property.

For those who have no experience of dealing with patents, the process is very long and very expensive. In order to have effective protection you need to cover at the very least in Europe and the US as well as any market in which your product can be expected to make an impact.

While some patent offices will rely on other ones for approval, each one still requires separate applications and usual local agents. But that's assuming you get as far as having some kind of acceptable filing - and that's likely to take years and many thousands of £/$/€.

You also have to go through an interminable and disconnected process of review against prior art which includes huge numbers of patent applications to which you have no access at the time of submission. And many of these are astoundingly broad and often meaningless. And the broader and more meaningless they are you can be sure that the authors are from larger corporations. Unlike startups where filing patents is an investor-driven distraction, these companies have whole departments of lawyers who are paid to argue with the examiners about minutiae which your or I would ignore as being absolutely obvious. Read some existing patents alongside the examiner's response to your own work and you'll wonder whether there are two sets of standards being applied: one for big companies and one for the rest of us.

Clearly this is not right. We need to change the whole way intelectual property is protected, streamlined for an efficient workflow, accessible to everyone, and with a minimum level of genuine originality.

Tuesday, 14 August 2012

Patent nonsense

Scan by Bart Solenthaler
I've written six software patent applications and read hundreds more. Generally they are difficult to understand, generic, and written in an arcane jargon that borders on steampunk in its delight of Victorian language. While it might work for mechanical systems and processes, I would argue, is not a good way to describe algorithms or software concepts.

Not that the real subject of this piece is about anything as complex as that. It's been well summed up as being about rectangles. I am referring, of course, to the Apple vs Samsung patents case.

Anybody with even a basic knowledge of computer history will know that Apple basically borrowed the whole Macintosh look and feel from Xerox PARC research. And then claimed they invented it and tried to prevent anybody else from using it. Unsuccessfully, thankfully.

Now the battle is over the rather boring square shape of phones and tablets, as well as some simple but powerful software concepts around touch screen usage. It would seem that a surprising number of people think Apple invented the touch screen phone, which is not true. The first one we had as a test device was the Sony Ericsson P800, which was launched in 2002 and had such obvious things are tapping numbers and emails to activate them.  The keyboard folded down to expose a much larger screen, or could be completely removed for those who had escaped candybar land.

My experience of the US Patent Office in particular was that even complex and genuinely original algorithmic concepts came back with an examiner's comment to the effect that it was obvious. So how come Apple's attorneys can get really obvious stuff, like making a tablet, well, rectangular accepted as a patent? This is what I don't understand. Nor can I understand some academics supporting claims of obvious things like one-figure scrolling with the P800 had in its browser years before Apple even made phones.

But the real concern is the impact on free thought, innovation and progress. Not to mention intellectual honesty and a desire to push the industry forwards.

I think it's time for Patent 2.0, but that's the subject of another post.

Monday, 13 August 2012

Start, stop, smooth

I've just come back from holiday where I was driving a rental Peugeot 308 Eco which had an interesting feature: it automatically cuts the engine when it isn't in use. At traffic lights or junctions the engine simple turns off. At first I thought there was a problem with the car and turned the ignition key to start it again, but after a couple of tries I discovered that it started itself instantly when I pushed in the clutch and engaged a gear.

Timing was essential and for the first couple of days the car and I didn't quite synchronise, resulting in it beeping plaintively at me to push the clutch back in and let the engine start. Once this little dance had been worked out between us it was much smoother than I had expected.

Smoothness is absolutely essential in user interface design and all too many people rushing into the mobile and web app space don't seem to understand this. While Peugeot's engineering team probably didn't think in terms of user experience, they knew that if the eco mode on/off function wasn't blended into normal driving nobody would use it no matter how much fuel it saved.

Another example from the world of cars it the Toyota Prius, which shifts from battery to petrol engine without the driver being aware of the change. Without the animated dashboard display the occupants of the car would be completely unaware of what was powering the vehicle as it is incredibly smooth.

UX designers should reflect on this. Perhaps they are used to using delay-free, lossless local connections. Perhaps they only work on pretty Photoshop comps and don't think about the actual interaction. Whatever it is, it's a pain and will hold up adoption by normal folks.

At a design level, think dynamic from day one and ensure that delays are packed together in natural points. From an engineering point of view, pipeline data downloads while users are reading the last so that their next move is instant. You can almost always predict the most likely action, if they do something other than the obvious next step then they'll expect a delay. Delays break focus and are likely to cause people to click away or sigh and fire up another app that is more responsive.

Wednesday, 8 August 2012

Fruits of machine vision

Visual search is often touted as being a way to get consumers to research products online while in a store. Moral issues aside, this has never appealed much to me as a model as I reckon that the immediate gratification outweighs any price benefit. However I've now seen a different use of visual product recognition that was stunningly good.

While buying holiday supplies in Carrefour TNL in Nice, I was rather surprised to find that there were no queues at the fuit and veg scales. For those unfamiliar with the process, you have to weigh the produce yourself before heading for the checkouts. Normally this involves a lengthly hunt through the user interface for whatever you were buying, leading to lines building up.

First thing I weighted were green beans - boom, no sooner had I put the bag of beans on the scales than the display offered me green beans as first choice! Next was a bag of flat peaches - again, that was the first choice offered.

Curiosity raised, I looked underneath the screen, and sure enough there is a camera focussed on the scale pan. Clearly there is some very nice software behind the camera as recognising flat peaches through a translucent plastic bag is impressive.

But my next purchase foxed it. The system was unable to identify six Royal Gala apples. Not surprising since they could have been one of several red apple variants all about the same EU-regulated size, but shows there is some way to go. I was taken back to the default menu to hunt through several screens of different types of fruit.

Despite that limitation, I am still deeply impressed by the practicality of the system and the smartness of recognising odd-shaped items through a translucent material. From a retail perspective it is a big step forward towards the holy grail of increasing throughput.

Friday, 27 July 2012

Custom music for all: MusicFlow

Hours and hours of summer holiday videos are no doubt being cranked out everyday, many of them to never actually be watched. The production values required to make truly watchable video are very high, and include good and ruthless editing, titling, and a proper soundtrack. We now have some super easy and powerful tools for editing and titling, but music has been a really tough thing to get right. Most of us don't have composers and orchestras at our beck and call. But this has all changed with made-to-measure music with MusicFlow from MuseMantik.

Now in open beta, MusicFlow let's you pick a style of music and dictate the required emotions on a time line for your video. So if there's a an exciting bike stunt at 3m 27s you can crank excitement up to maximum, fading away to the sunset behind the mountain to close at 5m 43s.

As an experiment I showed MusicFlow to my 12 year old daughter who likes making videos, including Lego animations, but always struggles with music and sound effects.  She got it immediately and is now eager to lay down some tracks for a new animation that she and a friend were working on.

So if you are looking to make a polished summer vacation video, check out MusicFlow to add your own soundtrack.

Monday, 23 July 2012

Well done Vodafone for reasonable roaming

While most operators are taking their time to comply with new EU roaming charge rules, Vodafone have again moved into a leading position with their new Euro Traveller tarif. For £3 per day you have your UK charging scheme and data plan anywhere in their Euro zone. There don't seem to be any other complexities:
If you're a Pay monthly customer, Vodafone EuroTraveller allows you to use your phone in our Europe Zonewith the same confidence as in the UK - so you'll have freedom from unexpected bills. For just £3 a day, you can take your UK minutes, texts and mobile internet to Europe - and you'll only be charged on the days you use your phone.
Previously Vodafone had Passport where there was a 75p charge per call over the home tarif and data was £5 per day for a fairly miserly quantity. So the £3 is a good deal. Kudos to Vodafone.

Friday, 20 July 2012

Don't blame HTML5 for bad engineering

There's recently been quite a lot of anti-HTML5 based app publicity, usually surrounding reports like this that the Facebook mobile apps are being rewritten as fully native for performance reasons.

I am reminded off two sayings, one old and one more recent, although I've not heard either of them for a long time.

A bad workman blames his tools is the first one, and it only takes an experienced eye to look at the Facebook app for Android to recognise that it hasn't been thought through, is sloppily written, and at best badly tested.

There's no language in which you can't write a bad program, or words to that effect, used to be an adage when programming languages actually looked different from each other. A good programmer can craft a great app in pretty much anything while a bad programmer can manage to ruin all the good intentions in any programming model.

Listing all the things wrong with the current Facebook apps would take more time than I'm prepared to invest in it, but there are some clear areas that have not been addressed. One is error handling, especially on communications, another is handling back which sometimes heads off to interesting pastures new, and finally interaction between push notifications, alerts and the news feed which all get hideously muddled. None of these are related to HTML5 and JavaScript being slow - they are architectural difficulties that need addressed at a fundamental level.

HTML5 may not be perfect, but it has huge potential. Just as the formal definition of the environment hasn't been completed, the engineering disciplines around using it have not firmed up yet. An HTML5 app has a lot of moving parts which need co-ordinating, and the tools don't have a lot of static checking yet. I have a nasty suspicion that the name HTML5 makes people think that designers can create stuff using it, but it really needs hard-core software engineers at least until the tools mature. You wouldn't want us, the engineering, doing the graphic design so why should the designers do the engineering?

Thursday, 19 July 2012

UX crimes that should be extinct by now

Over the last few days I've been tripping over a bunch of very basic user experience problems with websites and mobile apps that should have died out years ago. It's all basic stuff yet it seems that too many people want to learn the hard way. Surely after all this time with the web these crimes against on-line society should have vanished!

Numeric Error Codes
I was utterly astounded to be told that error NZX005 occurred while I was trying to login to the Hertz Android app. Turns out this means that the password was wrong. Surely in this day and age we can do better than that? Actually the whole app is as bad as Hertz's airport service is good.

Click and Pay
I've recently found several sites, including LinkedIn, offer functionality which requires you to enter data only to find that when you click the Apply button or equivalent you are taken to a payment page. The whole area should be greyed out and clearly labelled as premium content, not dragging the user into expending effort that is wasted.

Selecting from a choice of one
How many people, do you suppose, have more than one account with Scottish Gas? Not many, I'd wager. Yet the vast majority, those customers with only one account, still have to explicitly select that single and only account before putting in a meter reading. For the hard of programming, there's a simple construct that is quite reliable that starts something like if (noOfAccounts > 1) {... which can be used to suppress things like that.


Hiding validation errors
Too many sites do this to name and shame them all. You've made some small mistake in entering a form, press submit and nothing happens. You try again, still nothing. After some hunting around, perhaps scrolling up or down, you notice a tiny piece of red text saying that there was a problem with one of the fields. Make it obvious, fools!

Galleries with jumping next/previous links
I like photos and often look through photo galleries. All too often when the photos aren't the same size the next/previous buttons jump up and down forcing you to hunt around for them instead of admiring the images. Fixing the size of the frame really isn't that difficult you know.

Horizontal scrolling
Much beloved of photographers for their portfolios, all too many galleries expect you to somehow guess that the other hundred luscious images are off to the right. Or the left. Even before Apple foisted the minimalist vanishing scrollbar on the world this was a really annoying design style.

No progress indicator
Another one from photo galleries - it's really nice to know if you are on image one of ten or one of ten thousand.

No wait indicator
One of my old favorites - show some kind of wait indicator if an operation even has the slightest possibility of taking more than half a second. All too many mobile apps forget to do this. I suspect it's because designers don't allow for real network latencies and do their testing using wifi on the same network segment as the back-end systems. We don't live in a perfect work, so don't design for one.

Fake data
This is common on search-based sites like travel and jobs. You find something interesting looking, click on it, and it vanishes, expires, or turns out to be buried in another site, the home page of which you are redirected to without any specifics. This is perhaps the worst offense of all as it's dishonest instead of stupid.

Can we please try and make these errors go the way of the dodo soon? Please?

Wednesday, 18 July 2012

WAC Who?

At the end of the Mobile World Congress this year there was the usual distribution of stuff that nobody wanted to take home. The day before a dude was going round distributing black T-shirts like he couldn't get rid of them fast enough. They had a red logo on them that looked like WAG. On closer inspection the logo is actually WAC for Wholesale Applications Community.

This might as well have been called YAUOIDTF (Yet Another Useless Operator Initiative Doomed To Fail) as it's unstated objective was to overtake the App Store models of Apple, Google et al. You don't need to be an industry expert to realise that a committee of 48 large, competitive organisations are never going to agree to anything useful. Just look at BONDI, OMTP and JIL if you need proof.

The only good news out of this is that the development that was done has been acquired by a good company: apigee. Some bits and pieces are being picked up by GSMA and W3C who are further proof of the snail like progress of non-commercial standardisation. More information over at Rethink.

And of course we still have our T-shirts.

Tuesday, 17 July 2012

MyTracks - Better location

I recently wrote about how location services still have a long way to go. While this is still true, today I've seen at least some of the obvious stuff fixed, although it is far from perfect.

Google engineering has an absolute obsession with math and stats, well into the obsessive-compulsive range in my view. I'm assuming this explains why the open-source Google MyTracks app applies at least some smoothing maths to tracking unlike, say, MapMyRun which had me flying from spot to spot by taking location data too literally.

MyTracks isn't perfect. It shows me jumping from one side of a river to another, but then it doesn't know there's a river there. It also claims that I left the house at 22km/h, a speed that might not quite catch Usain Bolt but is way beyond anything I can achieve. Even my heuristic approach to such algorithmic matters would spot that an immediate speed of roughly twice the average run speed is probably wrong and correct it.

The app is also missing a few simple UX things - eg starting a few seconds after you press go to allow you to put the phone away - but it is free and works pretty well. I'm assuming that if you're not running along the bottom of a steep-sided valley it will probably work very acceptably.

In my case I can knock off a few hundred meters from the logged distance and get something that's close enough for my needs.

Monday, 16 July 2012

Jelly Bean first impressions

In case you hadn't realised, Android release names are in alphabetical order. Jelly Bean is, therefore, the successor to Ice Cream Sandwich. The names are more fun than version numbers which often don't make a lot of sense in any case. And I find them a lot more appealing than Apple's pretentious big cat series for OSX.

My second Android device came from Vodafone in the disguise of being a genuine Google Experience Device (GED) but turned out to have been mucked about by Vodafone and updates came out very slowly and in one notable case, totally broken. They had actually forgotten to include the dictionaries: no autocomplete, no correct, nothing that needed words worked. And they didn't bother to fix it either; couldn't care less and didn't even acknowledge the problem.

For this reason I splashed out on a Samsung Galaxy Nexus direct from Samsung when it came out, with unadulterated Ice Cream Sandwich on it. This has proven worth the money as it is a great device and the OTA Jelly Bean update arrived last week, well ahead of operator-provided devices.

So how is Jelly Bean? Nice - it is faster, a number of small glitches that most people wouldn't notice have been fixed, Google Now looks like it can be useful, and there's a pile more transitions, transparency and artful design changes that make it pleasant to use.

The installation was particularly painless and pretty - nice graphics to show it's working and no interaction required. It might be my imagination, but photo unlock works more often than not now.

On the other hand I have noticed one app that has been affected by the upgrade: Yahoo! Weather no longer shows the name of the city for which it is displaying the weather. Everything else seems to be powering along nicely.

Slick would be the word if I had to pick just one to describe the upgrade.

Thursday, 28 June 2012

Glass to the Future

Having to wear glasses most of the time doesn't seem quite so irksome after the launch of Google Glass yesterday. Watch the promo skydiver video if you've not already seen it, or the concept video of day-to-day life with the glasses.

While the skydiving is a bit like a streaming helmet cam, the concept video is particularly important as it represents a different way of doing stuff that we actually do today by taking out our phones, unlocking them and then interacting. Not sure about muttering at your glasses to make them do things, but we've already seen a huge transformation in people's public interaction with technology.

I'm sure there will be a wave of lookalike social products for sharing, photos, location and the like, but frankly those are going to be covered by Google in the base product. That leaves a huge open space for some really exciting new stuff to happen, things we've not even thought of yet. 

In Neal Stephenson's highly entertaining book Snow Crash there are a group of people who are permanently wired up to stream information into the US Library of Congress. This is exactly what Glass can do - constantly stream all environmental data to the grid. This raises the interesting question of what you can do with it all. After all, I'm sure that it is possible to piece together people's lives from Instagram uploads but I suspect that the result is dull and useless.

Exciting as the Glass platform unquestionable is, the real excitement will come from the new apps that can make sense of the flood of data. Or stop the flood: even current camera phones cause infosec experts nightmares. It's one thing to ask people to leave their phones at the door of secure areas, but glasses are pretty fundamental. 

PS Snow Crash inspired me to write my own cyberpunk novel Network Sleeper.

PPS While it is annoying that Glass preorder is only available to US-Based developers, at least this was stated clearly up front. Far too many new products from Google and others have been launched to a global fanfare only to find out that they only work in the US, or in extreme cases, just the Bay Area.



Sunday, 24 June 2012

Location Still Off The Mark

Location continues to roll into more and more services. Perhaps people are getting used to it, or maybe it's just that there are more and more back-end systems that deliver location information. However there's a problem: the location is all too often annoyingly wrong. 

Let me site a few examples. I live on the edge of Edinburgh city center, yet Facebook systematically puts posts entered at home as being in Granton, which is the docks area and not particularly close. I have found no way to override this setting to something meaningful, like jumping up to city level and simply putting Edinburgh.

I love Path as a means of sharing considered photos with a small circle of friends and family. However it occasionally shows me arriving into completely random places, including Las Vegas and some strange place in rural China. I'm mystified where those came from.

And then there is MapMyRun which is supposed to track where you run. Normally I don't carry any tech with me when I run as I like the escape, but I thought it would be interesting to see what the result was. I was initially pleased to see that I had run much further than I'd expected. The pleasure turned to perplexment when I checked times, and then to irritation when I looked at the map. The tracked waypoints jumped around like crazy beans, as you may be able to see in the screen shot. Surely the coders of this app could work out that I could not have suddenly jumped 700m out and back in a few seconds. I can understand that they can't tell that I would have had to swim a river to achieve it, but even Usain Bolt couldn't have made that detour in the available time.

I've previously talked about the pointlessness of most location systems. Since then things have progressed and there are far more people using location regularly in the UK to make it more valuable. However it's got to be accurate. The quoted examples are just some of the issues I've seen recently. I still often find that the location I'm in does not show up at all or only on searching from it. 

Often the list of locations presented in mobile apps is cached from last use which is at best desperate and at worst deeply stupid. But I can understand why, as acquiring location is still very slow. So I think we need to invent a location-based equivalent of cache time-to-live, perhaps distance-to-live. Any significant movement will wipe the cache content.

And I'd like need an equivalent of the Google Maps zoom control: I can scroll out from the name of a café up to country level depending on what I'm doing.

Location has clearly a long way yet to go yet.

Tuesday, 8 May 2012

Mobile Quality Slipping

About a decade ago I was writing about the web as the land that test forgot. Nothing worked properly. It really felt like nobody tested anything. Thankfully that phase has passed and now, most of the time anyway, things work pretty well.

The quality front has, however, moved to mobile. There is so much pressure to move product and grab market share that nothing is being tested. Used to be that the software in mobiles was largely an afterthought and soon as the hardware was deemed ready the handsets were chucked onto the market. And with no ready way to update the firmware either. Nokia and Sony Erisson were both very guilty of that.

Now this phases seems to have returned with both my iPhone and my Samsung Galaxy Nexus restarting and glitching with annoying regularity. Apps fall over all the time, hang, or just don't respond when you tap in the right place. Even the mobile web is prone to this now - try that fascinating time sink Pinterest on a mobile and you'll see a mess. On Android it messes up immediately. On iOS it waits until you scroll a bit and the screen ends up like a collage of buttons and image fragments.

It's not as if people don't update their software often. I'm seeing a ton of updates all the time, but each one seems to bring fresh problems. Not to mention irritation at having to spend time administering them all.

A worrying tendency is that people seemed to accept this state of affairs without grumbling too much. Smartphones are expected to be a bit flakey it would seem. And that's not a good platform for the future growth that will make every phone smart.