|
|
|
|
Use the Posts list for posts in this blog.
| Yi-Jian Ngo | 7/10/2009 3:17 PM | | 0 | | I believe that storage will be in the vanguard of enterprise cloud adoption. One reason is that storage is simple (esp vs. apps), and thus easier to experiment with. Another is that the rate of demand for storage is increasing faster than the cost of storage is decreasing while IT budgets remain flat – so anything that purports to increase storage efficiency will likely be at least tried. As with all new technologies, there’s always roadblocks to adoption. The most daunting today seem to be security and potentially higher costs versus on-premise storage. Security has at least 2 aspects – the technical and the legal. Most people would agree that a well run cloud storage service provider is likely to be more technically secure than the average enterprise, so concerns in this arena are far more to do with perception than reality. The legal aspect of security, however, is a real sticking point, and involves the need to comply with a whole slew of industry specific and geopolitical regulations. This suggests opportunities for startups with technologies that could automatically classify data into “cloud ready” and “in-house only” buckets, such as Expert System, Textwise and Syntactica. Costs can be broken down into the cost of the cloud storage itself and the cost of the bandwidth required to convey the bits to/from the cloud. With regard to the former, it is generally true that a well utilized and properly managed in-house storage infrastructure is cheaper than its equivalent cloud storage counterpart. For all the hype about cloud storage “turning capex into opex” – the fact is that capex can be translated into opex by a simple division of the expected lifetime of the storage infrastructure, and it’s not all that uncommon for it to be cheaper to buy than rent. One of the reasons for this cost disparity is the lack of a cloud storage hierarchy. In the on-premise storage world, there’s a whole spectrum of storage media ranging from the high price/fast access solid state drives to low price/slow access tape drives. Thus an appropriate blend of these tiers tends to be cheaper than the always-on, one-price-fits-all cloud storage hawked by most cloud storage providers. Offering multiple tiers of cloud storage, such as what Diomede Storage proposes, is one way to close the gap. Another way to overcome the cloud storage cost issue is to use a radically different backend architecture, such as p2p. This is highly risky – many enterprises tend to have violent emotional reactions to p2p schemes, regardless of how technically secure they actually are, and it doesn’t help that there’s a crowded graveyard of (mainly consumer-oriented) p2p storage startups. Symform and Comvaya are a couple of brave young companies that are pursuing this approach. Moving on to bandwidth costs – it is true that any use cases that involve the frequent movement of prodigious amounts of data (e.g. primary backup) are very unlikely to be economic for cloud storage in the near term. That being said, there are plenty of other use cases (e.g. archiving) that can be quite appealing. In some of these, it’s not uncommon for a WAN link pointing to a secondary data center to already be in place, and there’s no additional cost to simply redirect it at a cloud storage service provider. One bandwidth-related opportunity that’s often overlooked is the ability to automatically move data closer to the applications that actually use it, which can have dramatic impact on application performance. This is, in effect, delivering previously unaffordable CDN-like technology to enterprises. Asankya and Pixel8 are examples of companies doing interesting things in this space.
| Approved | | Yi-Jian Ngo | 5/30/2009 4:06 PM | | 0 | | Many startups will salivate at the prospect of grabbing a slice of the search market. And there certainly have been many strenuous exertions – with everything from local search to vertical search to semantic search to real time search to novel search visualizations & interfaces etc. etc. etc. The result? Continued Google Dominance. The fact is that Google owns search today, and it is quite unwise for a startup to challenge them on their home turf. Rather than trying to out-search Google, a shrewder approach would be to figure out how to break search. What can you do that will make search irrelevant & obsolete? Let’s say you’re a tourist visiting a foreign city 15 years ago. How would you find the things that interest you? Most likely, you’ll go to the local tourist information office or look up a guide book – the search engines of the pre-internet era. Now, what alternatives do you have that will enable you to completely bypass those resources? First, perhaps you have a friend living in the city that you can ask. In other words, a mode of discovery based on trust and relationships. This in effect is the gravy train that the owners & operators of social graph data have been frenetically chasing, albeit futilely (for now). I think it’s a matter of when, and not if, someone cracks the code. And I think it’s going to be much more about calibrating the right user interface than about conjuring flashy new algorithms. Second, suppose you possess a telepathic ability to know what tourists similar to you enjoying doing in this city. In other words, discovery based on what people like you like. In practice, this usually involves various schemes of coaxing people to part with personal information in exchange for suggestions, such as bookmark sharing, or perhaps aggregating & mining reams of personal browsing histories to generate recommendations. Third, let’s say you have a crush on Jennifer Lopez, and thus want to go stay at the hotel she stayed at, eat at the restaurants she ate at, shop at the stores she shopped at etc. In other words, discovery based on what people you admire like. This could be particularly interesting as it ties in closely with e-commerce and has the potential to produce many unexpected pivots between people, media and objects of desire. I’m sure there’re infinite other strategies that entrepreneurs can dream up. To sum up, if you aspire to beat Google, it’s not about cooking up a better search, it’s about how you can devise ways to shrink the search market. | Approved | | Yi-Jian Ngo | 4/22/2009 11:03 PM | | 0 | | Commoditizing your products’ complements is a shrewd tactic, given that the lower their price, the higher the demand for your products. For example, free & abundant roads did wonders for US automobile sales. And the perpetual downward spiral of PC hardware prices contributed much to the corresponding proliferation of PC software. With that thought in mind, it’s instructive to review the Open Cloud Manifesto, a vaguely worded declaration on cloud interoperability that could have just as easily sprung from the bowels of the United Nations. There was much hullabaloo about who signed and who didn’t, the latter including several companies that often take the moral high ground on standards and openness. Ultimately, it all boils down to who has the most to gain from commoditizing the cloud. Peddlers of complementary products like consulting services and hardware have given the Manifesto their tightest embrace, while cloud service providers, unsurprisingly, will continue to be conspicuously absent. | Approved | | Yi-Jian Ngo | 4/1/2009 11:47 PM | | 0 | | It wasn’t that long ago when it was still fashionable to debate the relative merits of good old Presentation Server versus this new “VDI” thing. There was even a memorable session at a virtualization conference that featured a group of server based computing evangelists dueling against the backdrop of two giant boxing gloves, concluding with the solemn prediction that VDI will soon “knock out” its more mature (and presumably obsolete) relative. Today, it’s becoming obvious that there are not just two, but many, many ways to do desktop virtualization – separations can be made at the bare metal, operating system, application, user state or presentation layers (plus several variants in between), each with their own pros/cons. So rather than having “one that rules them all”, it’s likely that the world ahead will fragment into a multiplicity of desktop virtualization flavors, each with their own niche of end-user scenarios. The challenge, though, is that IT administrators won't want to have to manage each flavor of desktop virtualization in their respective silos. I believe that some kind of universal management system that can dynamically compose the appropriate user experience based on the endpoint context will likely be very valuable in the years ahead. | Approved | | Yi-Jian Ngo | 3/27/2009 10:13 PM | | 0 | | Today, IT administrators are spoilt for choice when it comes to products proffering to optimize the utilization of their virtualized environments. What these products basically do is to use clever algorithms to stuff as many virtual machines as possible into a physical server so as to make full use of the underlying CPU, memory, I/O etc. The underlying assumption is that the fewer physical servers you have, the lower your datacenter costs. Seductive, but untrue. While there are many studies out there with slightly different numbers, most people will agree that power represents a large and growing slice of datacenter costs, and that the power consumed by CPUs and the associated cooling needed to keep them from blowing up in turn represents a significant portion of those power costs. Now overlay that with the fact that the power consumed by a CPU tends to increases exponentially with utilization, particularly at higher rates of utilization. What that implies is it could actually cost more to run one physical server at 100% CPU utilization than two physical servers at a lower CPU utilization, meaning that your fancy virtualization optimization software could inadvertently be increasing your datacenter costs. Perhaps an opportunity for an enterprising startup to bridge the server virtualization & power management worlds? | Approved | | Yi-Jian Ngo | 3/18/2009 12:42 AM | | 0 | | Managing my meeting schedule is annoying, time consuming but necessary – sort of like filing my tax return. But unlike tax return software, which has significantly improved the user experience, scheduling software has barely evolved over the past decade. Scheduling a meeting sounds deceptively simple. It starts with one party making an offer of a date/time, then the other parties either accepting the offer or making counter-offers until an agreement is reached. In practice, it can get horribly messy, often devolving into a linear programming exercise conducted over email with complexity that increases exponentially with the number of parties. What if I could just hand all that unpleasant negotiation over to an automated agent? A request could take the form of a party or parties that I want to meet with, the mode of the meeting (in-person or remote) plus any restrictions around the latest time that the meeting must take place by. The agent could be subject to some personalized rules, such as the appropriate hours that meetings can take place, and the appropriate buffer time between meetings. A company that does some elements of this is TimeBridge – but I’ve encountered very few adopters, and it’s not encouraging that neither of their VCs actually use their service. One function that the agent could deliver is the ability to automatically reschedule a chain of meetings on the fly. So if say, my flight is delayed, I don’t have to shoot off a flurry of emails and calls to reconfigure my day. It may also maintain a cache of “nice-to-have” meetings that can be quickly slotted in should another meeting be unexpectedly canceled. Another function I would like is for the agent to be smart about is the location of the parties I want to meet. For a remote meeting, this includes taking into account time zone differences, thus eliminating common gaffes like the Israeli startup that recently invited me for a web conference at 4am my time. For an in-person meeting, this includes automatically grouping meetings in similar locations together so as to minimize travel time. Finally, it will be nice if the agent can be predictive, rather than reactive, to my needs. One example could be to suggest potential meetings to attend given where I’m planning to be. I’ve lost count of the number of times I was stuck cooling my heels in a coffee shop when I could have instead been meeting with an interesting startup or attending a networking event just round the corner. LuckyCal makes a valiant attempt at this, though it’s currently more focused on consumer rather than business scenarios. | Approved | | Yi-Jian Ngo | 3/3/2009 11:16 PM | | 0 | | Fear of vendor lock-in is one of the most cited reasons by enterprises for staying out of the cloud. Predictably, this has led to a rash of cloud interoperability proselytizing, frequently invoking visions of cloud nirvana where applications flit effortlessly across multiple data centers and cloud service providers in obedience to some universal standards. Interoperability standards, however, merely make it possible to move stuff around. They do not make it practical to move stuff around. And one thing that is most certainly impractical to move around today is huge volumes of data, particularly if it’s tethered to production workloads. So for enterprises fidgeting over cloud vendor lock-in, thinking really hard about where & how they want to store their data will likely be far more productive than interoperability evangelism. And for analysts trying to predict which cloud service providers will dominate the landscape, a careful evaluation of how easy & economical they make uploading & managing data will likely be a sound leading indicator. | Approved | | Yi-Jian Ngo | 2/25/2009 11:19 PM | | 3 | | Another potential casualty of the economic maelstrom are 11 public libraries in Philadelphia. This is not good. Many people I know, myself included, have benefited tremendously from public library infrastructure. Even if we choose to believe the (somewhat dubious) claims by the Kindle-clinging crowd that reading printed books will soon be consigned to a geriatric pastime, public libraries still provide a place for quiet study, for community gatherings and (ironically) internet access. Drastic times call for creative measures. Many public libraries sit on a rich vein of data – the borrowing history of their customers – that can be mined & monetized for delivering highly targeted ads. For example, people typically check out books like “What to Expect When You’re Expecting”, “Fodor’s Disneyland for Kids” or “The Official Guide for GMAT Review” for quite specific reasons. Also, hobbies such as canoeing, cooking or calligraphy can be easily discerned from borrowing patterns. That being said, there are many issues that will need to be addressed, such as ensuring advertisers do not get their hands on personally identifiable information (PII), and that regulations like COPPA are complied with. Ads can be delivered in a wide variety of form factors. They can be banners or text strings on the library website and/or online catalog. They can be appended to alerts that libraries send out to remind customers that a book is due, or that a hold is available for pickup. They can even take on more traditional forms like inserts in library newsletters, or get printed on the book check-out receipts. And as many advertising executives know, accurately targeted ads command correspondingly high CPMs. Lots of folks will probably squeal in horror at the very suggestion of such desecration of a hallowed institution. Though personally, I think that an ad-supported library is better than no library at all. | Approved | | Yi-Jian Ngo | 2/17/2009 9:44 PM | | 0 | | If I were a stock analyst trying to predict the movement of the markets, an abundance of analytical tools lie at my feet. Similarly, if I were a geologist searching for oil, a meteorologist second guessing the weather, or even a marketer trying to decide if the next big ice cream flavor will be Kahlua Walnut Banana Chip or Coconut Cherry Chocolate Crunch, the shelves groan with a plethora of tools just begging to be put to work. However, if I were an IT manager seeking to make sense of the cascades of operations data spewing from all corners of my datacenter, the paucity of options is despairing. Certainly, there are point solutions out there which are quite good within their (very) narrow domain, such as a particular vendor’s products or a particular corner of the datacenter. And of course there’s Splunk, a search engine for operations logs, which is great for firefighting but unable to stop bad things from happening in the first place. What will be really cool is a holistic system that can real-time ingest and normalize operations data from all layers of the stack (including power equipment) & cross-correlate it to determine interdependencies. This will enable at least 2 things: higher capacity utilization since you can run things hotter if you can predict what’s going to happen, and reduced manual labor & downtime since automatic alerts and remediation can be executed the moment there’s the slightest whiff of trouble. If we believe that IT infrastructure will become increasingly centralized and industrialized, that implies datacenters are going to get larger and their innards stuffed with an ever shifting spectrum of heterogeneous technologies, a far more complex beast to tame. It’s unlikely that a patchwork of point solutions plus the raw muscle of manual labor is going to be up to the task. Perhaps a golden opportunity for some erstwhile hedge fund quant seeking their next challenge. | Approved | | Yi-Jian Ngo | 2/10/2009 10:11 PM | | 1 | | The digital photos & videos I take over a weekend often exceed the total storage capacity of the PC I had back in my college days. This surging tide of consumer-created photos & videos hit a milestone in 2008, when for the first time the total capacity of consumer storage shipped exceeded that of enterprise storage (Morgan Stanley’s Internet Trends). Despite this burgeoning photo & video sprawl, a simple & effective way for consumers to backup all this stuff has proved elusive. The vast majority of people I know are one hard disk crash away from losing their digital memories. Permanently. Of course, there’s the old school solution, typically involving making manual regular backups onto an external hard drive or some kind of optical disk. The main problem here is that it takes discipline to do this, which most folks lack. A secondary problem is that external disks, and especially optical disks, can and do fail. While there are automated alternatives involving some variation of home file servers or even network-attached storage appliances, those generally exist in the province of geekdom and are well beyond the financial & technical means of the average consumer. Then there’s the (relatively) newer cloud storage alternatives. Mozy, Carbonite and Jungle Disk are just a few of a bewildering array of me-too service providers that have mushroomed over the past 3 years or so. The main problem here is turtlerisque upload speeds (at least in the US). And in many cases, this comes accompanied with performance degradation on your PC, rendering it impotent except for the most basic tasks. Yes, I know you can just leave your PC on overnight to complete the uploads, but that’s hardly a positive user experience. I wonder about the potential for some kind of hybrid solution. Say a smallish USB-attached appliance that automatically detects and grabs the appropriate new files from a PC, caches them on-board and then gradually bleeds them wirelessly up into the cloud. The price of the appliance can be kept low by subsidizing it from a recurring fee for the cloud storage service. Ctera has something similar in the market today, but it targets small business & isn’t consumer friendly. Rebit has a very consumer friendly appliance, but doesn’t have an attached cloud service. Oh if only they would make something together… | Approved | | Yi-Jian Ngo | 2/3/2009 8:50 PM | | 0 | | Virtual goods represent another avenue for making money with consumer web services. They’re not a new concept – Chinese and Korean websites have been selling them for years. For most Americans though, they comes across as a trite silly – why on earth would anyone pay real money for something intangible? Perhaps I can sum it up with the 7 Deadly Sins: Pride. I’m fashionable and discerning, and see no reason why my on-screen avatar shouldn’t sport Gucci sunglasses, a Benetton jacket, a Prada handbag, Jimmy Choo shoes, an Akin Konizi haircut… Gluttony. No, it is not enough that I have the Grand Obsidian Battleaxe of Turin. I too must have the Mystical Plate Armor of Elements, the Orthogonal Bow of Devastation, the Annihilator Amulet of the Convoker, the Bucolic Trousers of Nassau, the Preened Spatula of Valor… Envy. Why should I settle for a lame screen name like michaeldn08 when all my friends have those cool premium handles like BoneCrusher and SkyWave? Lust. I really like her, but not sure what to say – so why not start off with some suggestive virtual bouquets, perhaps with some virtual organic chocolates on the side? Greed. Come let me show you my rare items collection – you see that complete set of limited edition icons? And those special Christmas angels – I got a different one for each of the last 4 years. And my turquoise crystal plant – you know you can only get that if you have at least 1 million karma points… Wrath. So you think you’ve won, have you? Well, I’m going to hurl feral abuse at you, vandalize your profile and buy upgrades for my spaceship all the way to Allusion class. You just WATCH OUT… I’m so going to CRUSH YOU... Sloth. I am way too busy watching television, besides, leveling up my character sounds too much like work. How much did you say a Level 60 Necromancer is again? Oh, and did you know I can issue game play instructions through my mobile phone for a small fee? Whatever the motive, the fact remains that somewhere around $1.5B to $2.1B worth of virtual goods are sold each year. Virtual goods evangelist Susan Wu asserts that 70% of China-based Tencent’s $1B revenue derives from virtual goods. That’s a big pot of gold, which certainly should not be ignored by struggling consumer websites trying to stay afloat on online advertising fumes. | Approved | | Yi-Jian Ngo | 1/28/2009 12:07 AM | | 1 | | For those brave early adopters of enterprise cloud computing, a question that often comes to mind is which of their apps, now comfortably ensconced within the cozy confines of their private datacenter, should be allowed into the big bad cloud out there. Beyond the obvious exclusion of apps that raise assorted security or compliance alarm bells, I believe that apps which are spiky, stateless and self-contained are cut out for the cloud. Spiky. Apps that experience significant spikes in the resources they demand are ideal candidates. On one extreme end of this volatility spectrum are apps that are used only once for a specific project. Moving down the scale, we run into apps that swing into high gear only during certain events (presidential elections), seasons (Christmas) or time-of-month (book closing). The corollary to this is that apps which are boringly consistent in their resource consumption are awful candidates for the cloud. It’s almost always cheaper to simply buy the hardware needed for such apps outright rather than to pay a perpetually recurring service fee. Stateless. Apps that have been architected in such a way that maintaining state is crucial to their execution are unlikely to be agreeable with life in the cloud. Self Contained. Apps that need to talk to lots of other things (databases, other apps etc.) that live in the datacenter will likely be ill-suited for public cloud deployment. Not only will they end up sucking a lot of bandwidth, there’s also the pain of securing their communications backhaul into the datacenter. | Approved | | Yi-Jian Ngo | 1/20/2009 1:21 PM | | 0 | | Over the past year, it’s become increasingly clear that the economic value in server virtualization is migrating up the stack into what can be loosely termed “virtualization management” – the business of keeping the ever-growing herd of virtual machines now rampaging through datacenters in line and under control. This trend has not been lost on virtualization startups, which continue jamming into every possible niche of this market. Within the virtual machine lifecycle management segment alone we have Embotics, Fortisphere, DynamicOps and ManagedIQ, just to name a few. Unfortunately for all of these startups, VMWare is also fully aware of this trend, and has been trampling on erstwhile partners as it moves to capture this market opportunity. Rabid competition and an edgy platform vendor do not bode well for positive business outcomes. So where then lies the most promising opportunities for aspiring virtualization startups going forward? Rather than expending effort to squeeze into rapidly shrinking gaps in the virtualization stack, why not try instead to find whole new applications for virtualization? One example is GreenBorder (acquired by Google in 2007), a security startup which used virtualization to ring fence web sessions running on PCs, thus preventing malware infiltrations. Today, CheckPoint’s ForceField and Symantec’s Vibes provide similar functionality. Another example is SkyTap, which enables software developers to deploy and tear down cloud-based virtual test labs on demand. This eliminates the need to build and operate physical test labs, a considerable cost savings. A third example is IT Structures, which provides online sales tools to IT companies with particularly complicated products. Rather than watch eyes glaze over during the course of a tedious presentation, a salesperson can give the prospect a login code to his very own private sandbox pre-installed with the proffered solution in a real-world context, all accessible via web browser. The prospect can then try for himself the solution at work, poke around with it, and share it with others in his organization. Apparently this dramatically increases the probability of a purchase order. The primary reason why virtualization has been spreading like wildfire across datacenters is because of its first killer app – server consolidation. The examples listed above illustrate just 3 of the myriad potential applications of virtualization out there. Perhaps there are other killer apps just waiting to be discovered. Or perhaps there aren’t. Whatever the answer, I believe much value will be captured by the entrepreneurs who can find a burning problem that virtualization can be applied to solve in a way that wasn’t possible before. | Approved | | Yi-Jian Ngo | 1/13/2009 11:21 PM | | 3 | | Since time immemorial, consumers have widely regarded advertising as a necessary evil they have to endure in order to get access to the media they want, be it newspapers, radio or television. And as advertising began its inexorable march online, a constellation of startups have tried using ever more sophisticated technology to try to make online ads more relevant, more interesting, more palatable. However, that same old attitude still continues to prevail. Tellingly, in a 2008 consumer survey conducted by Razorfish (an online marketing agency), consumers declared that banner ads were their favorite advertising format for online video. That may seem a little odd, until you realize that banners, which are typically wrapped around the video-playing window, are the only ad format that can be easily ignored. All others – pre-rolls, mid-rolls, post-rolls and the various flavors of “bubble insertion” or product placement – directly disrupt the viewing experience. I rather doubt that technology in and of itself will ever make consumers like ads, any more than painting elaborate flames on a car will make it go faster. Rather than trying to hatch new schemes to more efficiently cram ads down consumers’ throats, perhaps it may make more sense to create ads that they actually want to consume? One example is Rick Steves’ Europe, a series of 30min “travel guides” frequently screened at prime time on US public television, and which I try hard to avoid due to its tendency to conjure fantasies of luxurious European vacations in my wife’s mind. What most people don’t know is that the show’s producers basically give it away for free to public television. Now, while Rick is certainly passionate about traveling in Europe, he is no fool at business. He runs a veritable empire that spans guide books, travel DVDs, guided tours and even his own brand of luggage and travel accessories. The programs that he generously “donates” are essentially advertisements for his products & services, advertisements that attract hordes of eager viewers nationwide. Another example is Reuven Cohen, a hyperkinetic entrepreneur who runs Enomaly, a cloud computing startup. Rather than blatantly promoting the magnificent merits of his company’s software, he chooses instead to contribute to cloud computing community – starting online groups & discussion boards, organizing a series of mini conferences and writing an industry-centric blog. As a result, he’s become one of the most visible individuals in the nascent cloud computing domain – which has brought more attention to Enomaly than would otherwise have ever been possible through any advertising campaign. In short, I believe that the locus of advertising will gradually shift towards the creation of valuable and compelling content. There is, however, a relative dearth of professionals or companies that can provide such content creation services. Perhaps advertising agencies might evolve in this direction, or perhaps this may an opportunity for forward-thinking individuals? | Approved | | Yi-Jian Ngo | 1/7/2009 4:16 PM | | 0 | | Ask any cloud-leery IT professional what’s holding him back, and chances are you’ll hear “Security!” blurted out as one of the top concerns. Now, “Security” can mean at least two very different things. The first is of the “Oh my god! Evil Russian Hackers will break in and steal my secrets!” or “What do you mean my data could be on the same server as my competitor?!” variety. Those concerns are generally unfounded. I expect that cloud service providers, whose businesses will literally vaporize under the glare of a Big Security Incident, will be harder to compromise than the average Fortune 500 company. So this is mainly a perception issue, though it can take a long time to shift a prevalent worldview – remember the years it took to convince consumers that banks were more secure than pillowcases. The second thing that “Security” can mean is compliance. And that is a very real and very tangible problem, the root of which lies in the fact that most laws were written pre-cloud. To compound the problem, legislative efficiency is an oxymoron. This means that we’re going to be stuck with the equivalent of horse-and-buggy traffic rules dictating what cars can do on modern highways for a little while. One specific example is PCI compliance. To oversimplify things a little, one requirement is to know which physical boxes your sensitive data (e.g. credit card numbers) is living on. This effectively shuts out entire swathes of the retail and financial services industries from the cloud. Another example is the US Patriot Act. As you can imagine, a Canadian company won’t be too thrilled to discover that a foreign government can legally snoop on its cloud-based data just because it happens to be residing within US national borders. Of course, problems beget opportunities. One possibility is delivering Regulation Compliant Clouds. This could be done by using a cloud middleware layer with embedded legal logic that composes the requisite stack by stitching together the appropriate cloud infrastructure services from other providers. So if your business is encumbered by a certain regulation, you could order up, say, a HIPAA-compliant cloud (priced, of course, at a premium), and get productive right away without having to deal with the excruciating technical & legal intricacies. Taking this one step further, how about Regulation Optimized Clouds? Without going into too many details, let’s just say that it may be quite beneficial to have pieces of your IT infrastructure (or data) residing under the jurisdiction of one government rather than another. Expensive lawyers would call this sort of thing legal arbitrage, and their services today are generally reserved for the deep-pocketed. Won’t it be neat (and won’t you be willing to pay quite a bit for) a cloud service that can automatically orchestrate the physical placement of your IT assets on a global scale to take advantage of regulatory aberrations, saving you a truckload of money in the process? | Approved | | Yi-Jian Ngo | 10/14/2008 1:48 AM | | 2 | | Over the past year, current and aspiring cloud infrastructure providers have been locked in an arms race to build the biggest, baddest data centers out there, preferably somewhere in the boondocks with cheap land and big waterfalls. Yet in a recent paper, James Hamilton suggests that this scramble for “bigger is better” may be misguided. First, he points out that while the innards of a mega data center may be bulging with commodity, off-the-shelf IT equipment, the data center building itself is extremely proprietary and frightfully expensive, ringing in at about $200M per site. Part of this hefty price tag is due to massive (and wasteful) over-engineering to ensure that the data center never, ever goes down, since the failure of a mega data center will assuredly be a Career Ending Event for its keepers. Second, while electricity purchased in bulk by mega data centers does indeed cost much less than the electricity I use to power my microwave oven at home, it is delivered in a raw form that needs to be massaged considerably before being fed to the servers within. That means considerable capital expenditure for the requisite power shaping equipment, plus additional losses as the electricity wends its way through that equipment. All in all, that nice discount may not be quite as large as expected. Third, mega data centers need to be connected to the outside world with mega data pipes, and yes, attractive volume discounts are available to purchasers of such pipes. Unfortunately, mega data pipes also require monstrous routers, which are necessarily accompanied by shocking price tags. Additionally, such centralization of resources can lead to the peculiar phenomenon as in the early days of FedEx, where packages were sent from one floor of the Empire State Building to another via Memphis. One provocative idea tabled in the paper is to substitute a mega data center with a collection of condos stuffed with server racks. Condos are essentially commodity real estate with electricity that can be fed directly to servers and network connectivity from your friendly local ISP. Though clearly a thought experiment (oh, what will the neighbors think?!), it does hint that the barriers to entry for cloud infrastructure providers may not be all that high, since it is well within the means of even a small time web hoster to expand one condo at a time. There’s also the slim but intriguing possibility of real estate holding companies choosing to monetize part of their portfolio through machine rather than human tenants. Of course, there are challenges aplenty. It’s much easier to manage one big site than lots and lots of little sites, though progress has been made on the design of containerized “lights-out” data centers. Some abstraction layer will be needed for most applications to run reliably on geographically distributed resources. And an intelligent traffic cop will be required to dynamically assign resources for a particular request as close to the requestor as possible. Fortunately, there are multiple vendors addressing various angles of these challenges – 3Tera, Rightscale, Elastra, Enomaly, 10gen and Q-layer are just a handful of the startups in the space. While it’s unclear who (if any) will prevail, I believe that mega data centers will eventually go the way of mainframes, as the resources within the cloud fabric evolve towards a multiplicity of smaller & more agile nodes.
| Approved | | Yi-Jian Ngo | 10/2/2008 12:10 AM | | 2 | | With dramatic flourish, the mouse was clicked and dragged, and the lights on the stage obligingly dimmed and brightened. And so there you had it: the Home Of The Future, where your PC will control your lights, heating, television and other sundry appliances. Applause, applause. That conference happened more than a decade ago. The man on the stage was a famous and extraordinarily wealthy IT executive. The vision was dazzling, some would say beguiling. Yet despite great expenditures and exertions, it has stubbornly refused to translate into reality. Why? First, it’s unclear that home automation is something that most people want. It may be a neat (if somewhat geeky) party trick to be able to turn on your oven from your office laptop, adjust your home thermostat from your mobile phone or remotely muster your Roomba to start vacuuming. But I struggle to understand what value this creates, or how it materially improves peoples’ lives. Second, should someone actually want a home automation system, it’s not immediately obvious where to buy it. Sure, a quick internet search will likely surface AMX and Crestron, a couple of the more established players in the space. They may even dredge up some of the surviving startups, such as Control4. Problem is, these are unknown names to the average homeowner – how do I compare, how do I know which is right for me? Third, should a homeowner actually find a vendor that works for him, he’s in for a nasty sticker shock. These systems typically cost somewhere between a Toyota Corolla and a Lexus SUV. One reason is that specialized hardware is often needed, since most home controls and appliances lack intelligence and interoperability. Another is that most systems are customized and need expensive technicians to install. So is home automation a lost cause? Not so. I think there are at least a couple of scenarios where it could make sense. The first, and more promising, is energy management. The major pre-requisite here is the implementation of consumer rate-based pricing in the US (already in widespread use in Europe) and the deployment of smart meters to homes. For homeowners, being able to lower energy bills through assiduous (or perhaps automatic) scheduling of appliance and HVAC usage will be quite attractive, especially with current prices. And for energy generation companies, this allows them to smooth out their load, reducing the need for capital investments to accommodate peak loads. The second is home health care. It’s almost certainly cheaper (and likely more socially desirable) to keep an elderly family member at home rather than send him or her to a nursing facility. A phalanx of health monitoring & communications devices, such as cameras, sensors and video conferencing terminals, could let care givers stay in touch & automatically call for help should something be amiss. And possibly a large mobile device may provide assistance with getting around the house, or even execute simple household chores. The major challenge here is the uphill battle of persuading health insurers to provide coverage for such a system. | Approved | | Yi-Jian Ngo | 9/23/2008 6:53 PM | | 2 | | Despite energetic media coverage about desktop virtualization, actual deployments have been modest at best. What’s holding it back, and what needs to happen in order to propel it across the chasm? To be clear, “desktop virtualization” can mean at least two rather different things. The first is the model of virtual machines running in the bowels of the datacenter/cloud and projected out to users on the edge, often referred to as Virtual Desktop Infrastructure or VDI. While there are clear benefits to this approach (most notably reduced management costs), the performance challenges from trying to jam a fat client experience through a (hopefully persistent) skinny pipe plus the cost challenges from having to stand up expensive SANs to store the desktop images do not bode well for widespread adoption. The second is the ability to run multiple virtual machines on top of the client operating system, also known as the desktop variety of operating system virtualization. While there are concrete use cases for this, such as enabling users to run multiple operating systems (e.g. Windows on a Mac) or to launch a secure computing sandbox within an unsecure client, they address the needs of a relatively small percentage of users. In addition, this approach does not present any manageability benefits as IT operations still has to wrestle with the multiplicity of client operating systems at the edge. Once again, not a recipe for broad adoption. What then, is the key to unlocking mass adoption of desktop virtualization? One potential candidate is running multiple virtual machines directly on the desktop client’s hardware, otherwise known as bare metal client virtualization. Since this eliminates the client operating system, it promises the manageability benefits that can be derived from VDI. And because the virtual machines will be running on the client, it also sidesteps VDI’s performance and cost issues. Of course, the pre-requisite for bare metal client virtualization is the existence of a bare metal client hypervisor. This is a particularly hairy piece of software to build, not least because of the complexities of passing through PC device drivers and power management schemes. While VMWare has announced its intent to create one, there are a number of startups that are already in the market, such as Neocleus and Virtual Computer. The use cases for bare metal client virtualization are still emerging, though there are at least three that come to mind. One is the ability to deploy a locked-down workspace for corporate use side-by-side with a second workspace that end-users can modify but is walled off from certain resources, simultaneously maintaining ease of management while allowing some degree of end-user flexibility. Second is the quick deployment of policy-compliant workspaces to clients used by temporary or guest workers. And third is the offloading of certain utilities, particularly desktop security software, onto a separate virtual machine – possibly portending the arrival of desktop virtual appliances. | Approved | | Yi-Jian Ngo | 9/15/2008 2:04 PM | | 1 | | 12,000 laptops are lost at US airports every week, according to a study commissioned by Dell. No doubt great news for laptop recovery service providers such as Absolute, zTrace and (of course) Dell. But less obvious to their eager customers are the risks inherent in these services. The general way that such schemes work is to stick a hard-to-find & hard-to-remove piece of software on the laptop which, if connected to the internet, periodically phones home with its location to a server operated by the service provider. So should the laptop be lost, its location can be pinpointed, improving the chances of recovery. What this means is that the service provider effectively keeps a record of where you’ve been and where you are. Not sure about you, but I’m not terribly thrilled to have a commercial anti-theft service tracking my daily movements. It’s not that the service provider will deliberately misuse the data – that will put it out of business – but the very fact that the data’s there is a temptation for would-be hackers & stalkers. Looking to the mobile carrier world, there has been much excitement about location based services – everything from friend finders to child monitors to adding location context to mobile ads. I wonder, though, in this rush to develop and sell such services, if the carriers have considered that some of their customers would rather not have their location known at all ? Could it be possible that one of the most popular location based services may in fact be the ability to selectively block the use of personal location information in the first place? Turning back to laptops, if you’re not keen to bare your location in exchange for anti-theft services, check out an open source application developed by a research team at the University of Washington. Dubbed Adeona after the Roman goddess of safe returns, it claims to preserves users’ privacy through the use of cryptographic techniques. | Approved | | Yi-Jian Ngo | 9/11/2008 1:45 AM | | 2 | | Had a blast at one of the startup world’s biggest shindigs, getting to know lots of interesting companies and the fiercely passionate entrepreneurs that run them. Here are my favorites: Awind allows mobile phone users to wirelessly transmit content (slide presentations, video etc.) from their phone to a standard monitor, projector and certain TV sets. Their solution consists of a modem-sized box that connects to the display plus software that lives on the mobile phone. Even as the compute power of mobile phones increases exponentially, the mobile user interface is still constrained by the size of the device. Awind’s solution represents part of a broader ecosystem of technologies that can liberate the mobile user interface from its physical constraints, opening up new use cases that could enable mobile phones to become the primary personal computing device of choice in the future. The Echo Nest provides a rich laundry list of music metadata ranging from genre to artist bios that can be consumed by other websites via APIs. While there is no lack of music metadata purveyors, Echo Nest is interesting because of the fine granularity of data that they have pertaining to song structure, such as the key, tempo, rhythmics, instrumentation and so on. There I believe lies the foundation for deep quantitative analysis of a piece of music that could predict its popularity within a particular audience segment or geography, enabling the song to be targeted more effectively and thereby smoothing out the hits-based nature of the music business. Maverick Mobile provides a rather whimsical version of LoJack for mobile phones. It allows victims of mobile phone theft to remotely disable their phone, encrypt their data and download the phone number associated with any SIM card that is subsequently inserted. Just for kicks, it also enables them to indulge in such shenanigans as downloading the thief’s contacts list to make crank calls, as well as directing the stolen phone to emit a shrill alarm that can only be disabled by removing the phone’s battery. While many wireless carriers provide some form of anti-theft service, relatively few match Maverick’s functionality and edginess. With 270 million mobile phone users in Maverick’s home market (India) alone, a set of carrier distribution deals even at a very nominal fee could rake in significant revenues very quickly. Microstaq has developed a semiconductor chip substitute for a solenoid valve used in HVAC systems which increases their efficiency by at least 20%. To accelerate adoption for major HVAC vendors like Carrier & Honeywell, they are custom designing their product for each vendor so it can be a “plug and play” replacement for existing valves, eliminating the need for redesigning the entire HVAC system. Colossal sums of money are expended on electricity for running HVAC systems, so even a 20% savings represents a compelling value proposition for both end users and vendors seeking product differentiation. Microstaq is a great example of applying cutting-edge technology to shake up a mature market, a path often neglected in the lemming stampede towards the latest tech fad. UGA Digital enables consumers to send photos directly to digital photo frames over the internet. For example, tech-savvy parents in San Francisco will be able to transmit pictures of their little ones to grandma’s photo frame in Florida without the pain of walking her thru the nitty gritty of downloading etc. etc. While this may seem to be a rather trivial & simplistic application, I believe that UGA Digital, as well as similar outfits like Chumby, are at the vanguard of an emerging category of lifestyle devices optimized for distributing all forms of digital content (music, video, news, alerts etc.) into the home. These devices will have none of the complexity of the PC, and will complement existing mobile phones, media players and TVs. They represent part of a broader trend where elements of the web are gradually making their way into the real world. Usable Security Systems allows consumers to login to all their websites (Facebook, Yahoo etc.) using a single password. A new user needs to download and install a browser plug-in, register their PC with Usable’s servers and provide their desired global username/password as well as a list of their current username/password pairs. During login, the user is prompted for their global username/password, which is combined with cryptographic keys generated from the PC and Usable’s severs and presented to the website for authentication. The challenges of consumer web single-sign-on have been with us for a while, and there are many corpses of startups and big company projects that tried and failed. What strikes me about Usable is how simple it is to setup and use for both consumers and websites, the latter of which does not need to modify its code at all. And unlike other schemes which rely on a password vault somewhere in their architecture, Usable does not store and is in fact unaware of the consumer’s original username/password pairs. While it is a given that Usable (like all security products) can be broken, the key question is how much effort will be required to do so. If it’s a sufficiently painful experience for would-be hackers, perhaps they have crafted a reasonably robust & user friendly service that will allow consumers to throw away most of their passwords, especially for less sensitive destinations like social networking and online news readers.
| Approved | | Yi-Jian Ngo | 9/4/2008 12:06 AM | | 2 | | Whenever “Green IT” is invoked, it’s usually about reducing the energy consumption of IT equipment or manufacturing/powering them with renewable resources. Which is a pity. Because the really Big Green Opportunities out there are about applying IT to transform entire aspects of day-to-day life. What if, for example, we could eliminate the need for office buildings? Datacenters account for just 2% of US energy consumption, and even if we throw in all the PCs and sundry edge devices, the total is unlikely to exceed 5%. I’ll wager that office buildings account for an order of magnitude more – and that’s not even counting the green goodness from taking all those cars off the road. The idea of scraping the corporate office, variously referred to as telecommuting or virtual companies, has been with us for some time, but adoption has been languid. One reason is behavioral, and stems from an older generation of managers that still harbors the primordial need to physically watch over their cubicle-toiling underlings. This will gradually unravel as they retire and the children of the internet enter the workplace, compelling companies to rethink their policies if they want to attract and retain the best young talent. The other reason is technological, and becomes blatantly obvious once you compare the huge difference between having a face-to-face meeting versus a video/teleconference. And despite the increasing use of instant messaging, blogs, wikis and feeds, there’s still the inability to recreate the visceral experience of dropping into a colleague’s office for a casual chat, or exchanging pleasantries by the pantry. Looking ahead, I believe that innovation in the following 3 areas will play a key role in addressing these gaps in collaboration technologies: The first is virtual worlds. And this is most assuredly not about shoehorning World of Warcraft or Second Life into an enterprise context. Lots of thinking needs to be done – from distilling the raw elements of virtual worlds that make them so immersive and compelling to figuring out how best to layer on such workplace necessities like workflow and data security. The second is telepresence. The most striking example of this today is Cisco’s telepresence meeting rooms. Such systems, however, are still very expensive and quite unsuitable for home offices. Is there a way to bring them to the masses, like what webcams did to video conferencing? The third is bandwidth optimization. Rich collaboration will likely require lots of highly time sensitive data to be transmitted – are there some clever ways that this can be done without overwhelming existing networks? Especially interesting are technologies that can squeeze more juice out of wireless spectrum, so that individuals won’t have to be tethered to a land line. Personally, I think that it’s going to be a while before Microsoft demolishes its corporate headquarters and replaces it with a giant park. In the meantime, for those who are truly green-of-heart, perhaps pushing the envelope on collaboration technologies will have a far greater impact than creating yet another carbon footprint widget. | Approved | | Yi-Jian Ngo | 8/29/2008 2:14 AM | | 2 | | Hilarious poem by Sam Charrington highlighting the difficulty of nailing down a definition of cloud computing. The Blind Men and the Cloud It was six men of Info Tech
To learning much inclined,
Who went to see the Cloud
(Though all of them were blind),
That each by observation
Might satisfy his mind The First approached the Cloud,
So sure that he was boasting
"I know exactly what this is…
This Cloud is simply Hosting." The Second grasped within the Cloud,
Saying, "No it's obvious to me,
This Cloud is grid computing…
Servers working together in harmony!" The Third, in need of an answer,
Cried, "Ho! I know its source of power
It's a utility computing solution
Which charges by the hour." The Fourth reached out to touch it,
It was there, but it was not
"Virtualization," said he.
"That's precisely what we've got!" The Fifth, so sure the rest were wrong
Declared "It's SasS you fools,
Applications with no installation
It's breaking all the rules!" The Sixth (whose name was Benioff),
Felt the future he did know,
He made haste in boldly stating,
"This *IS* Web 3.0." And so these men of Info Tech
Disputed loud and long,
Each in his own opinion
Exceeding stiff and strong,
Though each was partly in the right,
And all were partly wrong! There has been much cacophony about cloud computing definitions, and I have little inclination to dive into the fray. What’s most interesting to me are startups that can demolish the barriers standing in the way of mainstream cloud adoption – it is challenging to use, difficult (and sometimes impossible) to manage, and doesn’t play nice with many regulatory requirements. | Approved | | Yi-Jian Ngo | 8/27/2008 2:00 AM | | 1 | | As Green IT becomes increasingly sexy, there has been much chatter about the power savings that solid state storage can bring into the datacenter. Does this make economic sense, or is it yet another case of greenwashing? Let’s walk through some napkin math. Most magnetic disk drives consume at least 10 watts of power, versus about 1 watt for solid state drives. If we assume that power costs 10 cents per kWh, you will save (10 watts – 1 watt) x $0.10/1000 x 24 hours x 365 days = $8 per year by using a solid state drive. Next, we need to factor in the savings from cooling infrastructure – a useful rule of thumb is that every watt generated in the datacenter requires an additional 0.7 watts to cool it. Given that datacenter hard disks are expected to last at least 3 years, the total savings over the lifetime of a solid state drive will be ($8 + $8 x 0.7) x 3 years = $40 per drive. Now, it’s not uncommon for datacenters to have tens of thousands, if not hundreds of thousands of disk drives, so $40 per drive can translate to millions of dollars in potential savings, nothing to be sneezed at. The big problem, however, is that solid state drives still cost hundreds of dollars more than equivalent magnetic disk drives, which more than negates the savings from power consumption. So while there are certain usage scenarios (such as IO intensive applications) where solid state storage makes economic sense, if peddlers show up waving nothing but a green flag, they ought to be abruptly shown the door. | Approved | | Yi-Jian Ngo | 8/21/2008 2:53 AM | | 1 | | To say I was surprised would be putting it mildly – apparently you can watch full-length episodes of most anime series for free at various websites (according to my anime-addicted buddy). If any website tried to pull the same stunt with say, Disney’s content, you’ll have trouble finding the body after the lawyers are done. Now, anime is mainstream media in Japan, and together with manga (its printed cousin) is a multi-billion dollar industry. Corporate Japan is not exactly known for altruism or incompetence – why on earth would they tolerate such blatant pilfering? Perusing the startling variety of anime available online, I noticed that the majority had been translated, in some cases into as many as 5 languages. This translation was done for free by dedicated fans who superimpose their own subtitles onto the video, in what’s apparently a common practice known as “fan-subbing”. This allows the anime to reach a broad audience well beyond its home market, gaining legions of new fans, of which a small subset might decide to purchase the original article (for better quality) and/or its associated merchandise. Another interesting phenomenon in the anime/manga industry is Dōjinshi, graphic novels drawn and self-published by amateurs with original plots but based on popular copyrighted characters. While such antics are not exactly encouraged, the owners of the characters usually choose to look the other way – and I believe there are at least 3 reasons why it makes business sense. First, it gives fans an infinite variety of sub plots, filler arcs & alternative storylines to satisfy any need or fantasy, which can indirectly boost the popularity of the original series. Didn’t like the romantic pairings in Harry Potter? Check out the version where Harry secretly makes out with Hermione. Hated Jar Jar Binks? Go for the alternative where he gets crushed to bits by droids. Next, it provides a source of talent by being the training ground for the next generation of artists. Several prominent manga artists started out drawing Dōjinshi. And in Europe, many professional DJs similarly got their start at pirate radio, a variety of clandestine and unlicensed radio broadcasting. Finally, it can deliver valuable market data. Dōjinshi are sold quite openly in Japan, including at massive conventions dedicated exclusively to the medium, where the quantity and variety of materials available about a particular series are pretty good leading indicators of how “hot” the series is. Similarly in the US, media measurement outfits like BigChampagne are already mining data about P2P music downloads to determine where fans of a particular band are geographically concentrated, enabling bands to optimize their live performance schedules. Purveyors of media in the US tend to reach instinctively for the lawsuit stick when confronted with pirates, though it is quite possible that a more nuanced approach might actually create more value for all parties involved. While it is not always possible (or indeed desirable) to embrace a pirate as a partner, their very existence suggests that perhaps there’s some customer need that’s not being fulfilled, so maybe the constructive thing to do is to craft an appropriate competitive (as opposed to legal) strategy. For when it comes to media, what kills is not piracy – it’s obscurity. | Approved | | Yi-Jian Ngo | 8/14/2008 1:53 AM | | 1 | | 10% of all non-spam emails that arrive in corporate inboxes are never read, according to informal polls of Microsoft Exchange administrators. Within Microsoft, that number rises to a whopping 33% – I guess I should count myself lucky that most of my colleagues actually respond to my emails. Lots of folks would interpret the non-reply to a business email as a social snub. The reality is that most recipients are being grievously assaulted by a relentless barrage of messages, so they probably either never saw or didn’t have time to get to your email. Few people I know would stridently assert that they have their business email communications “under control”. Given the intensity of end user pain and the fact that there are at least 300M business mailboxes worldwide, you would think that ought to be a thriving gaggle of email organization vendors out there somewhere. In fact, the pickings are rather slim: ClearContext purports to solve some of these issues, but my test run of their beta revealed many rough edges, both on their user interface & their underlying analytic engine. Seriosity (Attent) gives email senders a virtual currency to tag the relative importance of their messages, but this requires users to do extra work and feels like too much friction to adoption. And xobni, despite being endorsed by no less than Bill Gates himself, is primarily an (excellent) visualization tool of your historical email heuristics, but does little in terms of actual organization. I believe that the El Dorado here is an effective email prioritization algorithm. When I open my mailbox, I want all the high priority emails bubbled up to the top, and those of lesser significance relegated to the bottom of the heap. And as an ancillary to that, I would also find it immensely valuable to be automatically alerted should recipients be recalcitrant in replying to high priority email messages that I send. All this is easier said than done. What constitutes “high priority” can differ quite significantly from individual to individual & situation to situation, so some type of static metric is unlikely to cut the mustard. The key is to be able to acquire very rich context for individual email messages or threads, which seems to be a natural application for semantic technologies. While most media buzz around semantics has focused on consumer web services – such as Powerset (acquired by Microsoft), Hakia, Radar Networks (Twine), Adaptive Blue and Evri – there have also been a handful of startups applying semantics to address enterprise markets, such as Attensity, Endeca and Silver Creek Systems. It would be particularly interesting to find any startups building something at the intersection of email & semantics.
| Approved | | Yi-Jian Ngo | 8/6/2008 12:19 AM | | 0 | | One of the key attributes that startups seek in an investor is relevant domain expertise. If you’re making quantum computers and you ask someone who made his fortune in digital media to join your board, that’s sort of like asking a NASCAR racer to be your co-pilot in a stealth bomber. At best, no harm will come of it, but chances are it could be fatal for all parties involved. So how do you tell if your prospective investor really “gets” your domain? Other than walking thru their career experiences and doing a few reference checks, you can learn quite a bit simply by observing how they react to your pitch. As a general rule of thumb, if you find yourself spending a lot of time on the problem definition/market opportunity part of your presentation, chances are that you’re dealing with a neophyte. Experts will typically breeze through that section and deep dive into your product and value proposition. | Approved | | Yi-Jian Ngo | 7/30/2008 2:13 AM | | 1 | | During my first drive into Boston many years ago, it didn’t take me long to get hopelessly lost. I later learned that the labyrinthine road system was not in fact an elaborate trap for hapless outsiders, but owed its legacy to a time when horses were the primary vehicles it conveyed. Looking back in time to when the internet was built, it’s hardly surprising that the mix of data funneling through its pipes has changed dramatically. Most striking has been the growth of video traffic, which is expected to account for 90% of consumer traffic by 2012. While it’s a stretch to compare delivering video over the internet to an 18-wheeler truck trundling over cobblestone roads, the fact of the matter is that online publishers are still getting stomach ulcers over how to distribute their high quality video content cheaply & reliably. And it’s abundantly obvious to viewers that there’s a huge difference between watching the same show on their broadband-connected PC versus their TV. Some pundits go as far as asserting that this lousy fidelity is the root cause behind the scarcity of online video profits. Now, there’s no shortage of startups proffering solutions for video distribution. Move Networks, Velocix, Oversi, BitGravity, RawFlow, Digital Fountain & Vusion are just a small sample of what’s out there, and while they have different approaches, they generally operate (wisely) within the confines that existing internet infrastructure imposes. I’m curious though, given the sheer magnitude of the problem, if it makes sense to follow a more audacious path. Video traffic possesses its own unique characteristics and looks set to take over the internet – should we really be using the same stack developed for a different era to convey it? Perhaps there is a whole new class of network device designed from the ground up for video. Maybe it’s about making changes deep down the stack between the physical & IP layers. Because it really doesn’t matter how many lanes you add to a road, or how you optimize the placement & timing of traffic lights, or how many vehicles you outfit with GPS systems – traffic will still crawl if the roads aren't properly paved in the first place. | Approved | | Yi-Jian Ngo | 7/23/2008 12:50 PM | | 0 | | Won’t it be neat to know which customers your competitors are calling on? Or perhaps the number of salespersons they have in a particular geography? How about the technical details of that “top secret” product they’re developing? You would think that procuring such information would require messy tactics like breaking into their systems, executing a well-placed bribe or stealing an unguarded laptop. In fact, it can be accomplished from the comfort of your armchair simply by browsing and mining profiles on LinkedIn. To be fair, LinkedIn cannot control what folks choose to disclose on their site. Though I would except that many companies will find a tool that monitors what their employees are up to on social networking sites and sends alerts of potential issues to be rather compelling. | Approved | | Yi-Jian Ngo | 7/17/2008 1:18 AM | | 0 | | Chinese mythology is replete with deities that ride clouds up into the heavens. Many startups similarly seeking nirvana on the back of cloud infrastructure have found their ascent rudely interrupted. It seems unlikely that any single cloud infrastructure provider can be entirely immune to outages. The massive scale of such operations is unprecedented, so statistically catastrophes are to be expected. And there’s the Dark Side of the web, already capable of taking out the internet infrastructure of a small country. By comparison, crippling a cloud provider for fun or profit should be a walk in the park. While starving startups have few alternatives, businesses are likely to take a dim view of such unscheduled downtime. Of course, they could choose to maintain a duplicate copy of their systems on-premise, but that will really screw up the economic advantages of using cloud infrastructure in the first place. But what if the duplicate copy lived at a second cloud provider, so if the first cloud provider went belly-up, the systems would automatically failover? Even better, how about an abstraction layer that knits together all cloud providers, so you can just deploy your systems to this “meta cloud” which would automatically distribute it across multiple cloud providers? Well, we could wait years for cloud interoperability standards to (hopefully) emerge – kudos to Eucalyptus for starting the ball rolling. In the meantime, this feels very much like a wide open opportunity for aspiring cloud startups to step into. | Approved | | Yi-Jian Ngo | 7/9/2008 2:56 AM | | 0 | | Purveyors of plush mattresses are quick to point out that since you spend 8 hours per day on their product, their eye watering prices are fully justified. Rarely mentioned is the fact that you’re unconscious for most of those 8 hours. Less well known is that the typical US commuter spends 1.5 hours per day in their car, which is about 3x the average time spent on the internet. Multiplied across 600 million vehicles, that’s a huge chunk of “dead time” that folks are wasting stuck behind the wheel. In parsing the market opportunities for tech startups building consumer products/services for the automobile, I find it helpful to think of the car simply as a very big consumer mobile device, with many parallels in particular to the mobile phone. The usage scenarios are similar – location based services (navigation, local search, traffic, tracking/SOS), entertainment (audio, video, games) and communications (diagnostics, maintenance alerts). Both even have a similar bugbear with distribution – while mobile startups have the wireless carriers, auto startups have to contend with the auto manufacturers. Of course, there are important differences between the car and other mobile devices – in particular, the user is always multitasking & has restricted freedom of motion. While it will be foolhardy to speculate on what the next auto-based killer app will be, I believe there are a handful of factors that will increase the probability of an auto startup’s success. First, user interactions with the service should primarily be auditory – perhaps you could talk to your car and ask it to play a time-shifted radio program. While I’ve come across intriguing systems that can project various images onto the windshield, I personally believe that visually distracting interfaces can be fatal for the driver. Second, the ability to execute with zero help from auto manufacturers. This does not mean ignoring them – they are a crucial part of the value chain that will need to be engaged at some point – but rather that the business should not pivot entirely on “winning that big distribution deal with GM”. So perhaps making some sort of device sold through retail channels, or maybe software that allows existing devices (e.g. mobile phones) to perform something useful with respect to a car, such as enabling the user to pipe music from a virtual jukebox in the cloud through a car’s audio systems. Finally, an effective method for in-car advertising that can sustain the business. The reality is that most auto startups’ products will fall in the “vitamins” rather than the “antibiotics” category, and charging a subscription can really crimp adoption. All that excitement around satellite radio seems to have petered out of late, and anecdotal evidence suggest that ONSTAR’s renewal rate is rather dismal. | Approved | | Yi-Jian Ngo | 7/2/2008 2:40 AM | | 1 | | Interesting rule of thumb based on military operational research performed by Frederick Lanchester during World War I: If you’re trying to enter an existing market where the dominant player has greater than 40% market share, you will need to spend at least 3x the sales/marketing budget of that leader to succeed in a head-on attack. However, if the largest player has less than 25% market share, all you need is 2x the sales/marketing budget of the leader to succeed – the cost of entry is much lower. Thus, if you're a startup confronting a formidable incumbent that you lack the financial wherewithal for a frontal assault, consider re-segmenting the market to create a submarket where your product can be unique or substantially different. As an agile but (usually) dirt-poor startup, it’s crucial to pick your battles carefully. | Approved | | Yi-Jian Ngo | 6/25/2008 1:32 AM | | 1 | | Along the road from starting a business to (perhaps) getting to the Next Big IPO, one of the more daunting assignments that an entrepreneur will likely face is the process of raising capital. The task can be decomposed into qualitative & quantitative elements. The former has many parallels with serious dating. Get a mutual acquaintance to make an introduction. Present yourself well, but be sure to also check out what others think of the investor. Remember that you may be spending many years together, often under high pressure circumstances, so if something doesn’t smell right or makes you uneasy, don’t be shy to walk away. When it comes to the terms & numbers, it’s important to educate yourself on the basics. Know your way through a term sheet. Understand the common financing options you have. Talk to others who’ve been through this before. So when rubber hits the road, you have a mental framework ready to guide the negotiations. I believe that a helpful perspective is to start with the total capital you expect to need at multiple points over the next few years to get your company to where you want it to be, and then back into an appropriate valuation range for today. A useful simulator for visualizing this analysis can be found here. | Approved | | Yi-Jian Ngo | 6/18/2008 1:02 AM | | 0 | | Given all the cacophony around JeOS, and the vigorous (and probably correct) assertions that virtual appliances are the future model for application delivery and deployment, you could be excused for tolling the death knell for server operating systems. After all, should you desire to deploy an application in this alleged future, you would just download the appropriate virtual appliance, plunk it on your favorite hypervisor and viola! Who needs an operating system (described memorably by FastScale as a “bloated 2GB DLL”) that brings with it a nightmare of configuration mismatches, incomprehensible incompatibilities and other sundry pain points? The reality, as is often the case, is a little more nuanced. The operating system hasn’t vanished – it’s simply morphed into a more svelte entity that’s comes bundled within each virtual appliance and only contains the components that the application actually needs. So what’s changed is not the existence of an operating system, but rather how it is packaged & distributed. The era of the one-size-fits-all operating system pushed out through hardware OEMs may be drawing to a close. What we could see instead is a buffet of operating system components that application vendors will selectively mix-n-match and then distribute as part of their virtual appliance. This transition from a hardware OEM to a software OEM licensing & distribution model will likely be heart wrenching for operating system vendors. Then again, if there are any vanishings in the coming years, it’ll probably be of those operating systems that failed to adapt. | Approved | | Yi-Jian Ngo | 6/11/2008 1:15 AM | | 2 | | Won’t it be nice if you could come in for work and just play computer games all day? Given the tantalizing productivity gains that could be reaped if people applied the same zeal to work as they do to games, it’s no wonder that much energy has been expended on bridging the gap. One approach has been to bring elements of work into the gaming environment. Particularly promising have been the various training simulators for the military & healthcare verticals, some of which are rather effective and quite literally save lives. More disappointing have been the multitude of educational games that were supposed to revolutionize the classroom. Their main problem is a gaming environment that pales in comparison to what most youths today expect, which can easily cost tens of millions of dollars to build. Somewhat intriguing has been the idea of using games for crowdsourcing. For example, players in a virtual world often choose a profession such as a doctor or a miner. In order to raise their level, they could be asked to acquire a slice of real world domain knowledge, such as how to identify a cancer cell or a good place to drill for oil, and have actual data fed to them. The results could provide valuable information to real world physicians and geologists. The other approach has been to bring elements of the gaming environment into the workplace. Here I believe the greatest potential lies in immersive & intuitive user interfaces. Imagine the time saved if I could navigate my desktop, an ERP system, or for that matter the management console of a datacenter with the same ease that I can plunge through a virtual game environment. Also interesting has been the idea of creating some kind of points system that allows people to store/redeem/trade credit for tasks they perform – an analog to Dragon Kill Points which are used to distribute the loot from a mission among team members in many role playing games. Seriosity has already built an email prioritization application based on this concept. Another use could be enabling people within a company to build a reputation for domain expertise, hence improving the accuracy of enterprise people search tools. Or perhaps it could form a component of an internal prediction market that augments existing corporate forecasting methods. | Approved | | Yi-Jian Ngo | 6/4/2008 2:03 AM | | 3 | | Even as the size of the blogosphere continues to burgeon, I’m finding it increasingly hard to find high quality blog content. The signal-to-noise ratio has decreased, but the filtering technologies just haven’t caught up. Today, if you want to find original, insightful content on most topics, you’ll probably do a lot better perusing the shelves at your friendly neighborhood library than trawling through the oceans of endless blogs. There are several reasons for this. People tend put a lot more thought and effort into a book than they would into a blog post. And while it’s technically possible today to self-publish, for the most part books still need to survive the scrutiny of publishing houses to get meaningful publicity & distribution, which puts a floor on the quality of what makes it into your public library. But the most significant problem for blogs, I believe, is the lack of any ranking system that actually works. In comparison, it’s much easier to separate the wheat from the chaff from a mountain of books. A simple & effective yardstick is how well a book sells – when people have to open up their wallets, they’re making a tangible vote of confidence in what they’re expecting to get in return. One way to augment that yardstick is by also taking into account when the book was published. Any book that came to press decades ago but is still selling like hotcakes probably has something pretty compelling within its covers. Today, there are at least a couple of ways that blogs are ranked. The first is by harnessing social energy, but that has been shown to be vulnerable to manipulation. The second is algorithmic approaches which try (and mostly fail) to return both relevant & quality content. One of the better tools I’m stumbled across is filtrbox, but there’s still considerable room for improvement. One way or another, I think there’s a lot of value in building a service that can, for a particular topic, bubble up the best of the blogosphere. I certainly would pay for it. And I think lots of other people & businesses would too. | Approved | | Yi-Jian Ngo | 5/28/2008 2:58 AM | | 0 | | It’s been nearly 10 years since Scott McNealy famously admonished a bunch of reporters: “You have zero privacy. Get over it!” Nowhere has this statement been driven home harder for me than the few minutes I spent on pipl and ZabaSearch, free websites that search & aggregate data about individuals. Suffice to say that they could be quite disruptive to certain segments of the Private Investigator industry. While most people are still blissfully unaware of the existence of such services, it’s only a matter of time before they bubble up into the mainstream, and there’s going to be a lot of nervous and unhappy folks out there. I think there’s a huge market opportunity for a service that can discover and eliminate information about individuals on the internet. Execution could be tricky though – this feels like something that’s going to get entangled with regulatory/legal policies fairly quickly. | Approved | | Yi-Jian Ngo | 5/21/2008 12:09 AM | | 0 | | Many American parents cringe when they learn about their offsprings’ behavior on the web. Salacious messaging, saucy photo sharing, revealing of intimate personal details – oh my! But the results of an IAC/JWT survey of 18-25 year olds in urban China and US suggest that American youths are relative church mice: | % agree | China | US | | Interactivity helps create intimacy, even at a distance | 82% | 36% | | It’s perfectly possible to have real relationships purely online with no face-to-face contact | 63% | 21% | | The Internet helps me make friends | 77% | 30% | | The Internet broadens my sex life | 32% | 11% |
I believe that these results have several implications. First, China will lead the world in the sales of virtual consumer goods. If people care so much about their online persona, you can bet that they won’t be holding back when accessorizing their digital alter-egos with everything from designer shoes to novelty genitalia. These “frivolous” items, rather than advertising, will likely form the bedrock of revenues for Chinese social networking sites in the near term. Next, certain categories of relationship-based consumer web services that flopped in the US could flourish in China. One example is online dating, which has a spotty record at best in the US, while in China the dating site 51.com ranks among the top 10 online properties by visits. Another is demand aggregation, where large groups of people are rallied online to visit a store at the same time to demand a lower price for a specific item, sort of a physical variation of defunct sites like MobShop and Mercata. Finally, there’s the intersection of all this social energy with the heavy usage of mobile phones. I believe that this will lead to many examples of innovation and invention that could push China ahead of the US in the mobile social networking domain. | Approved | | Yi-Jian Ngo | 5/13/2008 2:01 AM | | 0 | | Over the past decade, data driven techniques have been steadily gaining ground over more intuitive approaches. Marriott’s Courtyard brand was born from the results of a conjoint analysis, not a light bulb going off at an executive retreat. And the crisp metrics generated by online advertising campaigns are placing intense pressure on legacy “I waste half of my budget, but don’t know which half” advertising models. It's particularly interesting when quantitative methods are applied to former bastions of intuition. Moneyball is a memorable account of how a professional baseball team used statistical techniques rather than talent scouts to identify undervalued players. And Epagogix has sophisticated algorithms that can allegedly predict a movie’s box office takings based on the script alone. It doesn't take an education in music to observe the similarity between musical and mathematical notation. Just as algebraic chess notation is used to describe the moves in a game of chess, I wonder if a piece of music can be expressed in some standard schema that makes it amenable to quantitative analysis. That will open the door for analyzing the entire musical corpus, and perhaps distilling the essence of what it is that makes a piece of music “good”. The obvious near-term application of data driven musical analytics is to predict whether a new song is going to be a hit – companies such as Platinum Blue and Polyphonic HMI already have some traction. I wonder when we will have the ability to build the musical equivalent of IBM’s Deep Blue–a system which can write original music just as well as the world’s leading composers, and the impact that will have on the world’s music ecosystem. | Approved | | Yi-Jian Ngo | 5/7/2008 2:03 AM | | 0 | | I recently had the opportunity to have dinner with a small group of startup CEOs. Unusually, none of them had actually founded a startup before – they were all professional managers brought in to take a startup to the next level. We discussed the lessons they had learnt over the course of their startup careers (most had led more than one startup), and one thing that kept coming up was how best to manage their relationship with the startup’s founders. They agreed that the right approach was being firm with the founders that they were in charge, and to quit quickly otherwise. This did not mean pushing the founders aside, rather that the founders should stick to the division of responsibilities that were agreed upon and not engage in non-productive interference, particularly in areas they had little expertise in. Trying to politely ignore or manage around such antics simply prolonged the inevitable, and could seriously hurt the startup in the process. | Approved | | Yi-Jian Ngo | 4/30/2008 2:18 AM | | 0 | | One of my favorite quotes from the book Fooled by Randomness is Wittgenstein's Rule: Unless you have confidence in the ruler's reliability, if you use a ruler to measure a table, you may as well be using the table to measure the ruler. I believe that we are in the very early phases of the migration of enterprise IT infrastructure into the cloud. Once it’s there, though, I expect that there will be a need to measure its consumption in a uniform way, regardless of whether it’s desktops, servers or data centers that are being purveyed. Simplistic metrics like time or compute cycles are unlikely to survive contact with cloud infrastructure that can conjure up customized stacks in real time from globally-distributed & heterogeneous resource pools. Failing to come up with an appropriate yardstick could lead to hairy billing issues, savvy customers tinkering with clever arbitrage schemes and potentially the inability of cloud service providers to effectively predict how much to charge in order to cover their costs. One candidate for such a universal metric is the Computing Resource Unit or “CRU”, developed by SatoriTech, a virtualization analytics startup. CRU is a quantitative measure of compute capacity calculated via an algorithmic approach that normalizes a wide range of input variables. Unlike metrics that are simply a thin layer of code wrapped around a set of arbitrary “consultant-generated” frameworks, the patent-pending technology behind CRU is the product of multiple years of research and is currently deployed in some of the largest commercial & government institutions in Sweden, where it is used to measure & benchmark the efficiency of internal IT infrastructure. I wonder what the impact of such a universal metric will be. Some would argue that it will commoditize IT and destroy value. But it's also plausible that the economies of scale that cloud service providers achieve would merely shift value in their favor and that of their end customers.
| Approved | | Yi-Jian Ngo | 4/21/2008 6:03 PM | | 0 | | Golf is an activity that requires a tremendous amount of overhead. Aside from actually learning how to swing, aspiring players also have to set aside continuous time blocks of 4 hours, gain membership at a suitable course, acquire an expensive bouquet of clubs & assorted paraphernalia and plow through an arcane set of rules. Soccer, on the other hand, can be enjoyed with just a ball and some open space. It’s hardly surprising that there are a lot more soccer players than golf players in the world. One of the things that I look for in a startup is a product or service that’s really easy for customers to adopt. Let’s just say that I’m allergic to anything that’s complex enough to need direct sales forces, armies of consultants and/or meddling with large swathes of the installed IT infrastructure base. While the delivery of enterprise applications from the cloud has gone a long way to reduce the friction of adoption, the use of cloud infrastructure services themselves to power an enterprise is still pretty hard to do. Nick Mehta from Trinity Ventures has some interesting musings here, but the bottom line is that if you’re the IT manager of a mining company in Wyoming, you’re going to find the task of adding cloud services to your infrastructure about as pleasant as a root canel. I believe there’s a huge opportunity for startups such as 3tera to make using cloud infrastructure services more like playing soccer instead of golf. A good start will be a set of online tools that have the look and feel of existing management consoles. And the next step could be to make it really easy for the enterprise that needs just that extra bit of compute power/storage/etc. during peak times to “burst” into the cloud.
| Approved | | Yi-Jian Ngo | 4/15/2008 4:47 PM | | 0 | | These days, you hear a lot more about “consolidation” and “maturity” in the security industry than about innovation. VC investments in security startups have halved over the last 2 years. And a recent survey by Goldman Sachs indicates that the growth of IT security budgets will decline from the double-digits to just 8% in 2008 and 6.5% in 2009
So it would seem that doing a security startup today is somewhat akin to train surfing. I beg to differ.
First, the fundamental drivers of security threats are accelerating. Gary McGraw’s “Trinity of Trouble” describes these as connectivity (growth of the internet & web services), extensibility (widespread use of plug-ins, mashups) and complexity (exponential increase in the length of code bases).
It is unsustainable for the severity of threats to increase at a rate greater than the resources available to mitigate them – that trajectory implies that swathes of IT infrastructure will gradually be rendered unusable. I believe there is the opportunity for innovators to plug the gap with a different approach, possibly spawning the VCs’ holy grail – the next $1B+ security category. While only time would tell the details of its composition, I expect that aspects of automation and semantics will be involved.
Second, security is a perpetual game of cat-and-mouse, implying a continuous need to build new defenses to adapt to the shifting threat environment. So while things like anti-malware and anti-spam are indeed “mature”, the tectonics of technological innovation are exposing new surface areas of attack, from virtualization to rich internet applications to mobile phones.
While many enterprises tend to be more concerned about mature attack vectors than emerging ones, it usually takes just one CNN Moment for corporate wallets to rapidly spring open. And at that point, startups that have developed rock-solid defenses for those new attacks will find themselves well placed.
| Approved | | Yi-Jian Ngo | 4/8/2008 11:54 PM | | 0 | | Had a lively group discussion about the best way to structure a startup’s org chart. Went to and fro on the pros and cons of various models, until a veteran entrepreneur hit the nail on the head – you know that you need to reorganize your startup if your staff are spending most of their time in internal meetings. | Approved | | Yi-Jian Ngo | 4/1/2008 11:21 PM | | 0 | | 2006 was supposed to be the coming out party for holographic storage. Multiple product launches were eagerly anticipated. There was a fair amount of media buzz, complete with analyst estimates of 45M unit shipments and a $125M market by 2010. The reality today is bleak. Aprilis is gone. Optware has gone into hibernation. Only InPhase is still soldiering on, having banked a whopping $93M of venture capital. They have launched a write once, read only disk drive at $18,000 with disks priced at $0.60/GB. Even with its alleged 160Mb/s data transfer rate (which is merely 2-3x that of a typical tape drive) the solution’s economics will likely limit it to niche applications within media archiving. I believe that the lack of traction of holographic storage stems from a combination of high technology risk with high business risk. Few people will dispute that it’s no mean feat to reliably store data by bouncing lasers off specialized substances which push the limits of materials science. But even if those technical challenges are surmounted, the resulting value proposition is hardly compelling. Aside from the usual resistance-to-change issues, the product suffers handicaps that lots of users care about (read-only, high price) and does not approach an order of magnitude improvement in the areas where it’s supposed to have an advantage (access speed, high density). So while I don’t expect to be pulling out a 1TB holographic storage card from my wallet any time soon, I believe that the underlying holographic technology could still find alternative applications – perhaps by allowing me to enjoy 3D images on my TV without those silly glasses. | Approved | | Yi-Jian Ngo | 3/25/2008 1:37 AM | | 0 | | It can be a challenge today to find a large enterprise that’s not tinkering with desktop virtualization in some way, shape or form. Marketers have been capitalizing on the virtualization hype to repackage what’s essentially an old technology as the latest and greatest route to eye-popping cost savings. Not that there isn’t an element of truth in the glossy brochures – most of the chatter about reduced desktop management costs is very real. Having previously deployed and managed enterprise IT systems, I’ve learnt never to underestimate the ability of end users to abuse the software on their desktops. Anything that insulates my golden client image from compulsions to install cheeky cursors or other assorted paraphernalia would make me very happy indeed, and more crucially, free up my team’s resources to work on more productive tasks. And of course, there's the considerable savings from either deploying cheaper client machines/terminal boxes or simply depreciating existing PCs over a much longer time period. However, there are at least a couple of wrinkles to the story. The first is performance. Don’t expect to be able to deliver the same experience as a locally executing desktop – existing remote access protocols and connection brokers are still not quite up to the task. This was one of the drivers behind Microsoft’s recent acquisition of Calista.
Performance gaps means you’ve got to be real careful with managing end user expectations. Angry end users will lead to a spike in support requests and could even compel you to roll back your deployment, both of which will rapidly evaporate any expected savings. It also implies an opportunity for startups to develop creative ways to push a rich desktop experience out through a narrow pipe. While it is possible today to get desktop virtualization to sort of work within a LAN environment, things get dicey very quickly once you try to reach end users working in remote offices across the WAN. The second wrinkle is that you’re effectively shifting cheap storage at the desktop to expensive big iron in the data center. This is rarely mentioned in those neat ROI calculators that desktop virtualization vendors are all to keen to hand out, but if neglected could easily trigger a heart attack in your CFO. Again, there’s an opportunity here for startups to develop storage optimization schemes for virtual desktop environments. For example, there shouldn’t be a need to store certain common elements in each virtualized desktop (e.g. the operating system) multiple times. | Approved | | Yi-Jian Ngo | 3/18/2008 1:27 AM | | 0 | | One of the attributes that many investors look for in a startup (besides rockstar team, multi-billion dollar market opportunity etc.) is focus. This is understandable, as startups that try to do too many things at once or switch directions too often are more likely to fail. But a blind pursuit of focus can prove counterproductive for an entrepreneur. Many years ago, a friend of mine invested in a new sushi restaurant concept in Asia. The basic idea was to have an open kitchen in the middle of the restaurant surrounded on all sides by a counter along which customers perched on stools. The chefs prepared a variety of dishes which they placed on a miniature mechanical train that traveled in an endless loop around the counter. Customers simply grabbed the dishes that piqued their fancy as the train went by. It was a novel idea and customers loved it. Within two years of launch, the entrepreneur had opened a few more restaurants with many more in the pipeline. He had also concluded that the open kitchen was taking up space that he could rather fill with customers. So he reconfigured the seating layout and invested in a central food processing facility that delivered sushi to his restaurants for final assembly. As it turned out, the central facility had excess capacity. To absorb it, the entrepreneur decided to enter the catering business. This was against the opinion of all his advisors, who asserted that he needed to focus on expanding his chain of restaurants. He disagreed – he felt that catering was complementary and would improve his capital efficiency. Initially, things went terribly. Disappointed customers expected the train to be part of the catering package since it was so integral to the brand. Through sheer persistence and a dash of ingenuity, the entrepreneur managed to build a portable version of the train. Immediately, the catering business caught fire – no one else in the market had such a cool gimmick. One day, a catering customer called out of the blue with an unusual request. She was the events manager for a mobile phone manufacturer, and wondered if she could rent the portable train for her phones to ride on as part of the display for her conference booth? Since then, the trains have appeared at multiple events around the world, ferrying everything from diamond jewelry to potted bonsai plants. Today, while restaurants are the most visible part of the overall business, cut throat competition (including an outfit that features boats instead of trains) has crimped margins. Most of the value is actually in the catering business, which is several times larger and has benefited most from economies of scale. And the “conference services” business, while relatively small, enjoys the lush margins associated with cornering a niche market. I believe that while it’s important to focus on your current plan of action, it’s just as important to be attentive to, but not distracted by, all the options around you, including those that might appear somewhat serendipitously. Focus must be counterbalanced by adaptability – the art of knowing when and how to reallocate your resources to capitalize on the shifting waves of opportunity. Not many people remember today that Excite’s original business plan was database search, that PayPal started out writing encryption software, and that Flickr sprang from online gaming roots. If these companies had pursued focus in the literal sense, we probably won’t remember any of them at all. | Approved | | Yi-Jian Ngo | 3/12/2008 2:13 AM | | 0 | | Despite energetic community efforts and the blooming of a thousand identity initiatives, the path to profits for online consumer identity services has proved remarkably elusive. Sxip Identity, one of the best-known identity startups and helmed by identerati extraordinaire Dick_Hardt of the Identity 2.0 Slideshow, has not succeeded in raising any venture capital to date. And neither have the other startups in the space, which include Vidoop, JanRain and ootao. While it’s possible that none of these startups have actually tried to raise capital, it’s not exactly a vote of confidence in this era of bulging VC coffers. Now Sxip Identity has sold the enterprise piece of their business, the only part that had a fighting chance of generating near term economic value. I will hazard to guess that the customer acquisition costs for Sxip Access were larger than the potential lifetime value of each customer, and the resulting cash burn was diminishing Sxip Identity’s modest cash pile at an unsustainable rate. The acquirer, Ping Identity, is a top federation shop and one of Microsoft’s strategic partners in identity management. Sxip Access is complementary to their product portfolio and can be pushed thru their existing enterprise sales channels. Looks like a nice tuck-in and I wish Andre all the very best. So what now for the remnants of Sxip Identity and its counterparts? I believe there are at least three challenges ahead. First, there needs to be some agreement on common standards, which I accept is extremely hard, but where much progress has actually been made over the past years. Next, a focus on fundamentals like customer needs and usability. Their regular shingding has the feel of a science fair that’s long on intellectual stimulation but short on value creation. Finally, it’s unclear what the economic incentives are to be an online identity provider – the entity that verifies that you are who you claim you are. Taking on that role feels like assuming an awful lot of risk with uncertain financial rewards. Without any reliable identity providers, the level of trust that can be established will be insufficient for transactions of any significant value to take place. And if no valuable transactions take place, it’s hard to pinpoint who’s going to pay for the underlying identity service. History has demonstrated that an erstwhile panned online consumer service can unexpectedly prove to be rather valuable. So is there a pony in here somewhere? I think it’s possible, but not very probable. | Approved | | Yi-Jian Ngo | 3/9/2008 3:56 AM | | 0 | | Jeff Fisher from Desktone has posted some thoughts on desktop virtualization. One interesting scenario he paints is a future where employees will be expected to provide their own physical PCs that corporate IT departments will simply stream a virtual PC desktop to. While it’s not uncommon today in certain industry verticals, such as defense and healthcare, for virtual workspaces to be served out to execute within an isolated sandbox on an unsecured host (vendors like Kidaro and Sentillion come to mind), the host is almost always a corporate asset. I don’t know the extent to which Jeff’s prediction will come to fruition. Though I wonder how PC hardware vendors are evaluating the impact of desktop virtualization on their future. | Approved | | Yi-Jian Ngo | 3/4/2008 2:37 AM | | 0 | | One of the more intriguing ideas to bubble out of the virtualization ecosystem is VMCasting – the notion of distributing virtual machines via RSS feeds. Coined by Enomaly, an open source consulting firm best known for Xen management tool Enomalism and co-founder Reuven Cohen, its primary use today is as an Enomalism feature that allows large groups of virtual machines to be updated at one go. I believe that VMCasting can also be leveraged as a friction-free delivery mechanism for business software vendors to push virtual appliances containing “ready-to-go” capsules of their solutions (fabricated using tools from vendors such as rPath or CohesiveFT) out to customers. This will eliminate the need for IT managers to pray that a new app will play nice with their existing stuff or sit around waiting for a hardware appliance to arrive in a FedEx crate. Let’s say you’re an IT security manager. Won’t it be nice if you could subscribe to a feed of security appliances, and with just a few clicks test out those that look interesting? And if one really cuts the mustard, unlock access to its full functionality by making payment and signing a licensing agreement online? Another potential use of VMCasting is for the deployment of apps to mobile phones. Veterans of the mobile apps space will likely have tussled with making their apps work across the amazing sub-varieties of mobile operating systems. And it can still be a dicey affair for end users to run rich apps through a mobile browser, especially in the absence of a fat wireless pipe. From the perspective of an IT manager, the ability to easily & quickly push a standardized, pre-configured & encapsulated enterprise app out to all smart phones in their corporate network could prove rather appealing. And for end users, I certainly won’t mind being presented with a constant stream of cool apps matching my interests which I can install and run effortlessly with a single click.
| Approved | | Yi-Jian Ngo | 2/26/2008 2:55 AM | | 3 | | Many virtualization startups I’ve met with recently have expressed some degree of hesitation, even skepticism, about developing support for Hyper-V. I find this perplexing. First, VMware is likely to accelerate their annexation of adjacent markets currently served by their partners. This is primarily because their investors have their feet to the fire after they missed Wall Street analyst expectations for revenue growth in their last earnings release. Expect additions to their acquisition list that already includes Akimbi (test lab automation), Propero (desktop connection broker), Dunes Technologies (orchestration) and Thinstall (application virtualization). While getting acquired may be a good outcome, there are few positive angles for startups that suddenly find themselves in direct competition with their platform vendor – just ask the folks at test lab automation shops Surgient and VMLogix. Supporting heterogeneous environments could prove a sound strategy to stave off a potential existential threat. Next, there’s the perception that Hyper-V is late to the party with sub-standard technology. The crucial thing to realize is that Hyper-V’s key differentiator is not about being first to market or even having the most technical razzle-dazzle. It’s about distribution, and more specifically, Enterprise Agreements. Let’s say you’re a corporate IT manager. How troublesome do you think it will be to renew your existing contract with Microsoft, which incidentally will come with Hyper-V baked in? Compare that with the pain involved in bringing in brand new vendors, explaining and convincing management that this “virtualization” thing is important, running a series of proof-of-concepts, trying to extract dollars from a shrinking budget to pay for your deployment, and so on and so forth. IDC forecasts that the Windows Server 2008 installed base will be 2.5M by the end of 2009, and 18M by the end of 2011. So if you’re running a virtualization startup and are still dithering over Hyper-V, there are at least 18M reasons to consider otherwise. | Approved | | Yi-Jian Ngo | 2/19/2008 7:27 PM | | 1 | | Individuals can be authenticated either with something they know (username/password), something they have (smartcard) or something they are. The last category, better known as biometrics, comes in multiple flavors, which include fingerprints, faces, irises and typing tempos. IDesia brings to the table yet another flavor – authentication via heartbeat. Their patented algorithms extract personally identifiable information from a standard ECG. Users simultaneously touch 2 button-sized sensors with each of their hands for about 5 seconds to authenticate. Costs are low - the entire system is just a couple of conducting leads attached to a simple ASIC plus a bundle of software. Recent tests conducted by NPL on a sample of 104 test subjects resulted a 0.6% false reject rate and 3.5% false accept rate – significantly better than fingerprint sensors. And while no authentication system is impregnable, it’s a lot easier to chop off someone’s hand than to replicate their heartbeat. IDesia is trying to execute licensing deals with hardware manufacturers of various stripes – laptops, mobile phones, watches and so forth. I’m skeptical that most users of laptops or mobile phones need biometric authentication – seems like overkill. I wonder if their technology could enable value-added services in scenarios where heartbeats are already being measured. Lots of people monitor their heart rate while working out – what if they could easily upload that data into a secure store to monitor and analyze their progress? Increasing numbers of patients rely on home health monitoring services – would more people use such services if there was a simple way to enhance their security? At the moment, IDesia’s technology is pretty raw and only available as a demo kit, so there is much work to be done before commercial launch. I believe their technology is promising, and wish them all the best in their endeavors. | Approved | | Yi-Jian Ngo | 2/12/2008 2:41 AM | | 0 | | One of the brightest entrepreneurs I know runs Dragonfly, a boutique consulting firm that specializes in risk management. He once recounted to me the story of one of his clients, a mid-sized engineering firm based in a small country in Asia. This company had approached him for help on their expansion strategy – they had superb operational capabilities and had always depended on organic growth, but this had slowed as they became increasingly dominant in their home market. They had been mulling an acquisition in another country, but having never done one before were understandably wary. After carefully analyzing the situation with a strategic lens and a sharp pencil, my friend concurred with his client that making a foreign acquisition was indeed highly risky. However, he also found that it was even more risky to do nothing. Sitting cooped up as a big fish in a small pond while competitors consolidated and gained regional/global scale would pose a serious threat to the company’s long term survival. Over the past few days, the masses have waxed lyrical about Microsoft’s bid to acquire Yahoo. Much of the chatter has been negative. The Price. Unnecessary Distractions. Talent Leakage. Clash of Cultures. And so on. Yes, I agree that this is a bold and highly risky endeavor for Microsoft to pursue. But then, would it be even more risky if Microsoft didn’t? | Approved | | Yi-Jian Ngo | 2/6/2008 10:23 PM | | 0 | | Interesting presentation on fundraising by Simon Clark from Fidelity Ventures. Some great nuggets for decoding VC-speak: “we’re researching this space” = we want to invest in your competitor “we would like to review your model” = I don’t understand the economics of the industry “how do you size your market” = I don’t like paying for research “we’re in if you can find a lead” = Let’s see if someone else figures out how to make this deal work | Approved | | Yi-Jian Ngo | 1/28/2008 11:57 PM | | 0 | | Not too long ago, a China-based VC told me that nearly all the startups he was seeing were of the “Copy To Asia” or C2A variety. Each pitch inexorably led to the goal of becoming the “Google of China” or “Facebook of China” or “YouTube of China” etc. I believe that 2008 will be the year where home-grown startup innovation takes root in the Middle Kingdom. We will see some truly unique technologies and/or business models emerge, most likely in the entertainment, online services and mobile spaces. The first driver is the increasing maturity of the startup support infrastructure. Global VCs and startup service providers have set up shop, entrepreneur networks are better organized and a class of veteran entrepreneurs are on hand to share their experiences and legitimize the startup path to riches. The pieces are in place for startups to leverage China’s native advantages – a deep pool of engineering talent and a massive domestic market. The second driver is the upcoming Olympics. Back in 1964, a young company called Sony used the XVIII Olympiad to catapult itself onto the world stage. We expect to see similar attempts from Chinese startups as the world’s spotlight is focused on Beijing. Needless to say, I and my partner-in-crime Yun Xu are keeping our eyes trained on the startup scene in China. And we are searching for companies that have the potential to "Copy To America”.
| Approved | | Yi-Jian Ngo | 1/21/2008 10:17 PM | | 1 | | As a young techie, it was hard to resist the temptation of looking for space aliens with my PC. And so I became an early adopter of SETI@Home, a project that now counts 3 million users who contribute their spare PC processing power to scanning radio-telescope data for signs of extraterrestrial life. SETI@Home turned out to be the first of a menagerie of “volunteer grid computing” projects. Thanks in part to BOINC, an open source platform developed for running such projects, you can now choose between modeling the transmission of malaria in Africa, predicting climate change, simulating the particles traveling in a high speed particle accelerator and so on. And you can put to work other sources of computing power in your home, such as your game console. It’s quite likely that the majority of volunteers today hail from the techie community, a small fraction of total PC users. That suggests a massive reservoir of computing power sitting idle out there. To get a sense of the scale of the untapped potential, consider Folding@Home, a project simulating protein folding, which has managed, by leaning on volunteers alone, to command processing capacity that exceeds one petaflop, making it one of the most powerful grid computing networks on the planet. What if there was some way for businesses to tap into this dormant resource? It’s certainly possible with the right model in place – we know that FON has had some success with getting folks to share their private Wi-Fi networks. I wonder if a marketplace for compute cycles is the key. Users would download a client and receive payments for the cycles they contribute. And businesses would be able to plug in and get rate-based utility computing. Yes, I realize there are many issues to overcome – such as maintaining the security of corporate data in a public grid. But given the recent trends & advances in distributed computing, I wonder if it’s only a question of when, and not if, such a marketplace will emerge. | Approved | | Yi-Jian Ngo | 1/15/2008 2:13 AM | | 0 | | How do you know if it’s a real human trying to sign up for an account on your website or posting a comment on your blog, or whether it’s simply a software bot leaching your resources? The most common way today is to subject the alleged human to a CAPTCHA test, which requires he or she to type a string of letters or numbers from an obfuscated image: 
Unfortunately, software bots are getting adept at solving these tests, resulting in ever increasing degrees of image obfuscation, making them difficult even for real humans to decipher. Microsoft Research has launched a skunkworks project (codenamed “Asirra”) which comes at this from an alternative angle. Instead of forcing users to make out distorted letters, users are presented a set of 12 images of dogs and cats, and instructed to select all the cat photos. This is very easy for a human to do, but extraordinarily hard for a software bot. The images are drawn from a constantly changing database of 3 million cats and dogs, based on a partnership with Petfinder.com. You can add Asirra for free to your website, though it’s still in beta and could be unstable. If you’re an animal lover, there is an additional reason to try this out: each animal image comes with an “Adopt Me!” link, so you can simultaneously fulfill your human authentication needs as well as find new homes for stray animals. | Approved | | Yi-Jian Ngo | 1/7/2008 9:06 PM | | 0 | | Hackers are constantly trying out new attack vectors. One recent ploy has been to plant links to malware on hijacked or fake blogs that are disguised as holiday e-cards. A variation of this is where unsuspecting users are tricked into downloading malware that is supposedly necessary for viewing a holiday video. While you could install a web filtering tool as a defense, such software is typically only as good as the blacklist of dangerous sites that it maintains. Hackers, however, often deploy their malicious software using service-oriented architecture models, enabling them to switch the source of their malicious downloads on the fly, making it nearly impossible to maintain an up-to-date blacklist. An alternative approach to blacklisting is to use behavioral algorithms to detect and block suspicious traffic. There are a number of companies that do this in the enterprise space, such as Mazu Networks, though false positives (finding malicious traffic where there is none) are still a problem. Looking ahead, I believe that the behavioral approach will become more common as underlying algorithms improve, though it will likely still be complemented by a blacklist.
| Approved | | Yi-Jian Ngo | 1/5/2008 1:51 AM | | 0 | | It's taken a while, but my friend Rob Monster has finally lighted up his early stage VC firm's website, with details of his portfolio and investment approach. He is truly a guy with an S on his chest - having made a grand total of 12 investments in the past year alone. Do check out his new blog. | Approved | | Yi-Jian Ngo | 1/1/2008 3:00 PM | | 0 | | The past few years have been especially unpleasant for publishers of newspapers and purveyors of encyclopedias. What if they could, with minimal effort, translate & index their archives into multiple languages, thus broadening their target audiences and generating a new stream of revenue? Reams of patents are filed daily around the world. What will be the impact on global innovation if a startup in Silicon Valley could search in English for a patent written in German that's sitting dormant in Berlin, and license it for their product? On a lighter note, what if I could set my Facebook language preference to Mandarin Chinese, and have all Facebook pages I visit translated accordingly on the fly? Or have an Instant Messaging session with a Swedish friend where she automatically receives my Mandarin Chinese messages in Swedish, and vice versa? There are plenty of free translation tools on the web, such as the venerable Babelfish. They're okay if you want to impress your date by learning how to say "I love you" in 5 different languages, but they come up short for more serious tasks. Just try translating this post into another language you know, and chances are you'll be rewarded with several quotes fit for a jokebook. There are "enterprise class" translation services available, usually priced based on the volume of text translated because there is a human translator in there somewhere. But pure machine translation (i.e. no human) technologies are getting better - one such example is WorldLingo, which powers Microsoft Office's translation service and has spent nearly a decade building up a solid portfolio of intellectual property. Machine translation that actually works is massively scalable and no longer bound to the legacy rate-based pricing model. This opens the doors to alternative business models where the translation service can be given away for free in return for a cut of the incremental revenue generated from the translated content.
| Approved | | Yi-Jian Ngo | 12/18/2007 12:09 AM | | 0 | | Many startups today are global in some way - either drawing their employees from around the world, or selling their products across the globe. But how well do they really understand their customers/employees from the East? Here's a quick pictorial guide (courtesy of Liu Young), with Blue ==> Westerners and Red ==> Asians Way of Life 
Expressing an Opinion 
Contacts 
Enjoying 3 Meals a Day 
While Waiting in a Queue 
Partying 
Moods with Weather Changes 
Transportation changes 1970-2006 
Relations of Boss to Staff  | Approved | | Yi-Jian Ngo | 12/11/2007 2:03 AM | | 0 | | I have always been skeptical of clean tech startups that rely entirely on their green credentials to stay in business. Government subsidies come and go - solar energy veterans will recall the carnage that resulted from the Reagan administration. And while many people claim to wear green badges on their chest, few are inclined to follow up with dollars from their wallets. Thus it was refreshing to learn that Verdiem, a PC power management software startup, combines a green marketing posture with compelling economics. Their solution allow IT admins to centrally control the power settings of PCs in their network, so the PCs are off when not needed. This simple trick delivers annual savings of about $30 per PC, and comes with reporting tools that calculate metrics like reductions in carbon dioxide emissions - good fun for now, but potentially crucial should the government decide to pass green legislation. Verdiem has distribution partnerships with HP and Dell, as well as strategic partnerships with energy companies that rebate as much as 50% of the cost of Verdiem's solution. My team was sufficiently impressed with their management, technology and business model to provide funding for an extension they are developing for Microsoft's Systems Center Config Manager. Verdiem recently closed a sale to a Fortune 100 financial services firm, their first major commercial customer, and I was curious to learn how the deal got done. While the financial services sector is known for sharp pencils and sophisticated cost/benefit models, I was told that while the firm really liked the cost savings, what tipped the final decision was the positive PR they expected to generate from "protecting the environment". So while startups with economically unviable green products will unlikely be in business for long, startups that create tangible economic value can benefit tremendously by packaging their core value proposition within a green wrapper.
| Approved | | Yi-Jian Ngo | 12/6/2007 1:42 AM | | 0 | | Barry Eggers from Lightspeed Ventures has posted his 2008 predictions for Enterprise Infrastructure. He believes that flash-based storage, which I posted on earlier, will gain traction in the data center. Also discussed are two different aspects of virtualization, where he validates Microsoft's 2006 acquisition of Softricity, and touches on the critical importance of managing virtualized environments. Deploying virtualization without proper management would be like re-enacting Al Pacino's Ferrari scene in the Scent of a Woman, albeit with a tragic ending. | Approved | | Yi-Jian Ngo | 12/4/2007 2:27 AM | | 0 | | Great advice from Ed Sim on the critical importance of making a positive first impression when your startup is selling into the enterprise. | Approved | | Yi-Jian Ngo | 12/3/2007 8:12 PM | | 0 | | There has been much discourse about when solid state drives will replace the traditional hard disk drive. While PCs with solid state drives are already on the market (but not moving many units) and hybrid drives have some traction, most solid state storage today is found either in consumer electronics or high performance computing environments. Many commentators compare the technologies on a $ per GB basis and find that solid state drives cost anywhere from 30x to 60x more. They then invoke Moore's law and conclude that mainstream adoption of solid state drives is more than 5 years away. $ per GB, however, is not the sole driver of disk drive economics. A more thorough analysis should also consider several other factors. IOPS (average number of input/output operations per second). If a hard disk is a cup of soda, IOPS is the thickness of the straw. Solid state drives can have 30x the IOPS of hard disk drives. Some server applications need fast access to large chunks of data that could reside at any part of a disk drive. Such applications are becoming more common as analytics are increasingly applied on ever larger data sets in real time. For these applications, IOPS is significantly more important than the capacity of the drives. If you're trying to drink as fast as you can through a straw, what matters is how thick it is, and not whether you are drinking from a cup or a barrel. As for the rest of us that don't spend our days wrestling with servers, IOPS can have a meaningful impact on the time it takes your PC to boot up. Imagine if you could turn on and use your PC just like a TV, rather than having to step aside to make a cup of coffee as your PC grinds through the startup process. Power consumption. Hard disk drives consume about 15 Watts, while solid state drives sip around 2 Watts. That means more time before your laptop battery goes flat, as well as considerable savings if you're operating a large datacenter. Durability. Hard disk drives have moving parts that wear out over time. The only things moving in a solid state drive are electrons, leading to greater longevity. $ per drive. The cost of making a hard disk drive is around $50, barring disruptive manufacturing techniques or a collapse in metal prices. In contrast, solid state drives are made of silicon and are not subject to this price floor. A tipping point in PCs will be reached once $50 can buy a solid state drive with "good enough" capacity complemented with a viable online storage service. Solid state drives have huge implications for Microsoft, since there will no longer be any physical distinction between memory and storage. This will influence how we think about architecting software in the future. | Approved | | Yi-Jian Ngo | 11/22/2007 1:52 AM | | 0 | | Much entrepreneurial energy has been expended on trying to make email better. By contrast, there are relatively few startups driving innovation around snail mail. I'll like to shine the spotlight on two such ventures. Earth Class Mail operates a virtual PO box service. When you sign up (rates start at $12.95/mth), all your mail gets directed to their processing facility, where each envelope is scanned and made accessible to you via a secure website. You can then choose to shred mail you don't want, or instruct their staff to open, scan and send the contents of the envelope to your inbox. This service is a boon for small companies that don't want the hassle of managing their incoming mail, virtual companies with staff spread across the world and individuals that travel extensively. While it's somewhat creepy to have a stranger open your mail, all their staff have security clearances (many are handicapped veterans), and their customer roster includes several law firms. ProQuo is a free anti-junk mail service provider. Sign up at their website, give them your name & address, and indicate what types of junk mail you want to block and what you're willing to receive. They make money by giving marketers access to consumers that actually want their marketing. Apparently the average US citizen receives 44 lbs of junk mail per year - this service has the potential to improve the efficiency of direct mail marketing while saving a few forests along the way. They are a spin-out of Ping Identity, a federated identity software vendor that is a member of Microsoft's Accelerator program.
| Approved | | Yi-Jian Ngo | 11/16/2007 8:15 PM | | 0 | | Last week, my group sponsored TiE Seattle's Funding Forum 2007. Several startups pitched their business plans to a panel of VCs and entrepreneurs and engaged in a lively Q&A. Here are a trio that stood out: SpringStar was the most interesting of the startups. They are a pest control vendor that has created an audio insect repellent which is inaudible to humans but drives undesirable bugs away. Their patented technology is based on several years of biomimicry research around insect communications. While they currently target the home garden market, their technology could be particularly attractive to the rapidly growing organic farming industry. Protelus is a data mining service provider that targets residential mortgage originators, such as mortgage brokers and credit unions. They snap into existing loan origination software systems, extract mortgage application data in real time and generate suggestions on the appropriate follow-up for each applicant, resulting in higher loan closure rates. It would be particularly interesting if they choose to give their service away for free in return for the rights to monetize the data that they collect through alternative means. JDL Digital Systems has built a video surveillance solution around their core digital video compression technology. They target surveillance-intensive verticals such as gaming & government with a low cost and ease of use value proposition. I was surprised to learn that a significant portion of the market is still using VHS tapes - sounds like a space that’s ripe for disruption. | Approved | | Yi-Jian Ngo | 11/7/2007 2:12 PM | | 2 | | Securent, one of the first companies in Microsoft’s Startup Accelerator Program, was recently acquired by Cisco for $100M. Securent provides a cross-platform, cross-application software solution that gives companies fine-grained control over who gets access to their information. For example, administrators can determine who can join a web conference, which SharePoint sites a certain user or group of users can access, and how long a support technician can view a customer record. One of Securent’s most interesting applications is enforcing the Chinese Wall between a firm’s investment bankers and equity research analysts. Compliance officers can specify a policy like “bankers cannot talk to analysts” which will block all forms of communications including email, instant messaging and phone calls. A less draconian policy might be “bankers cannot read any analyst materials before they are published” in which case only documents in a SharePoint library tagged “published” can be accessed by bankers. My team has worked closely with Securent to facilitate the integration of their technology with SharePoint Server 2007 and Office Communications Server 2007. This has been a truly win-win partnership – our products benefited from the value add of Securent’s technology, enabling our sales force to close crucial deals; while Securent received a huge boost in demand for their solution and credibility from standing side-by-side with Microsoft while pitching to some of the largest financial institutions in the world – factors no doubt contributing positively to the economic value of the company. We congratulate Securent’s management team on the successful transaction, and wish them all the best in their new home with Cisco.
| Approved | | Yi-Jian Ngo | 11/3/2007 2:45 AM | | 0 | | Caught up with a local entrepreneur at a security conference in Bellevue. Over lunch, he complained incessantly about a certain individual in his firm who was apparently ignoring him at meetings, not responding promptly to his emails, spreading rumors about him etc. He was clearly livid, though it was not clear if the feelings were mutual.
Which brought to mind an old story. A man was rowing his boat up a river in the fog. From a distance, he could make out another boat heading downstream directly at him. He shouted a warning, but the other boat continued on its course. Annoyed, he shouted more loudly and gesticulated wildly, but the other boat kept on coming. Finally the boats collided, and the man, now red with anger, screamed at the other boatman.
Only there was no other boatman. The boat was empty and had been drifting downstream with the current.
| Approved | | Yi-Jian Ngo | 10/27/2007 1:15 AM | | 0 | | During a meeting with a startup this week, the presenter's machine froze up mid-demo in a flurry of errors. Priming for the usual jibes about Windows stability, I was surprised when the blame was heaped instead on the PC's anti-malware/firewall software. So perhaps they were just being diplomatic; but that aside, this incident together with others I've come across recently suggest that performance degradation caused by security software running on the client machine is becoming a significant issue. The increasing sophistication of attacks has been driving the need for more complex defenses, which in turn are consuming ever greater amounts of system resources. That's what makes Yoggie's Pico particularly interesting. It's a plug-and-play device the size of a USB flash drive that connects to your computer’s USB port and contains 13 security applications, including anti-virus, anti-spam, anti-phishing, proxies, VPN and a firewall. It allows you to move all those resource-hungry security applications off your PC into a dedicated, security-optimized appliance, and also sports a handful of nifty features like IP address cloaking. Many segments of the security market have been gravitating towards appliances, particularly at the network edge. Yoggie's Pico is one of the first shots over the bow for an appliance at the endpoint. | Approved | | Yi-Jian Ngo | 10/20/2007 6:45 PM | | 0 | | Connecting your mobile phone to a Wi-Fi network can be a dicey affair. First, you have to hope that the login page loads properly on your browser. Next, you have to fumble with punching in credentials on a tiny keypad. Devicescape has an elegant solution – install their free application on your phone, register once on their website with your credentials, and you get logged in automatically whenever you’re within range. Their software also allows you to grant your friends access to your home Wi-Fi network without having to divulge any of your security settings (e.g. WEP key). As wireless internet networks become more widespread & easier to connect to, wireless carriers will come under increasing pressure to re-evaluate their rate-based pricing models. Not many consumers pay by the minute for long distance landline calls in the US today – I wonder when “unlimited nights and weekends” will give way to simply “unlimited”.
| Approved | | Yi-Jian Ngo | 10/14/2007 2:47 AM | | 0 | | An old friend recently pinged me through Facebook asking for my contacts. She had lost everything on her hard disk, she explained. But this was no run-of-the-mill hard disk failure. Her computer had been infected with a strain of malware that had encrypted her hard drive. In exchange for unlocking her data, a small sum of money was demanded, to be paid through PayPal. This is a particularly nasty or clever extortion scheme, depending on your perspective. Encryption can be extremely hard to break, especially if a long key is used. Keeping the “ransom” small makes it cheaper & more convenient to pay up rather than get help from an anti-malware vendor. And unless infections reach epidemic levels, police are unlikely to be motivated to investigate – careers are not made on solving petty theft cases, electronic or otherwise. Fortunately for my friend, she had no valuable data on her hard disk, so all she lost was an afternoon reformatting and reinstalling her software. I doubt most other victims fared as well. Low risk, high return attacks tend to grow in popularity. It is troubling that as of this time, it's unclear if any of the major anti-malware vendors have a countermeasure. | Approved | | Yi-Jian Ngo | 10/7/2007 3:22 AM | | 1 | | I pay $30/month for my 4Mbps internet connection at home. Yet many businesses pay about $1000/month for a 1.5Mbps WAN link between HQ and their branch office. How can this be? Yes, there are significant technical differences between my internet connection and an enterprise WAN link. In the simplest terms, the WAN link’s bandwidth is reliable, while my internet connection’s is not. Businesses need reliability, and have to pay through the nose to get it, leading to a mushrooming of WAN optimization products. These generally use various compression or traffic shaping techniques to extract more juice from a skinny WAN link. Talari Networks addresses the high cost of WAN links from a different angle. They have developed an $8k appliance that enables businesses to cobble together multiple cheap, unreliable connections (like my internet connection) to create a reliable WAN link. Their proprietary algorithms perform continuous monitoring of network traffic conditions, automatically load balancing traffic across multiple paths and dynamically re-transmitting & re-routing packets in the event of link failure or poor latency. Cheap WAN links will be a boon for bandwidth-hungry applications like video conferencing, VoIP and ERP/CRM. More fundamentally, they introduce flexibility into how enterprise applications can be architected and deployed. | Approved | | Yi-Jian Ngo | 10/1/2007 1:06 PM | | 0 | | There are many more startups in the markets I cover than I have resources to invest in. So how do I arrive at my short list? One tool I use is the 4P framework - People, Product, Plan and Profits. People are the lifeblood of all startups. Entrepreneurs with a solid track record are a big plus, particularly if they bring along a team from prior ventures. Passion and commitment can be inferred from entrepreneurs' actions, such as passing on a lucrative corporate career, or the willingness to personally assume a high degree of financial risk. Products that excite me have the potential to change the structure of markets, or are an order of magnitude better than the competition. Addressing a large and rapidly growing market typically provides a strong tailwind. Getting the timing right is crucial. Plans should lay out a well thought out go-to-market strategy. Lack of focus is a red flag, and could include targeting too many market segments or simultaneously executing across too many channels. Profits demonstrate the startup's ability to create and capture value. On average, a customer's lifetime value should exceed the cost of customer acquisition. So what about a startup's commitment to Microsoft's technologies? One common misperception is that my team only works with startups that are exclusively built on Microsoft's platform. That couldn't be further from the truth. Many startups that we invest in are platform agnostic. What matters to them (and us) is effectively addressing their customers' needs. And nearly all enterprises today operate heterogeneous environments. So if your startup isn't using any Microsoft technologies today, don't let that deter you from getting in touch. What matters most is that you're running an innovative business with a high potential to succeed. | Approved |
|
| View in Web Browser | /_layouts/images/ichtmxls.gif | /Blogs/yi-jian_ngo/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsx | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /Blogs/yi-jian_ngo/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsb | 255 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /Blogs/yi-jian_ngo/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsx | 256 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /Blogs/yi-jian_ngo/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsb | 256 |
|
|
|
|
|