First Integrated Unified Communications platform looking for something to do

I have been very busy trying to get the technology and market ready for (as far as I know) the world’s first truly integrated unified communications platform. I created the Perzonae brand and company to get it to market. The short story is that a number of things went wrong and the platform is now mostly ready but the market is not available for me at the moment. So I am closing down the Perzonae company and am looking for a means to make money of the UC tech I developed.

The platform I created combines address book, targeted presence, location awareness, IM, email, VoIP etc. all bound together with one sign-on. Today the service comes with its own self-updating client but a limited-service web interface was planned.

We found that the combination of multiple services and multiple identities works extremely well for anyone who really uses their on-line communication tools. Who has just one email account these days combining private and business emails, or one phone number, one IM account? The rest of us is spending too much time checking multiple (voice)mailboxes and other accounts just to get up to date. That was what the Perzonae service was to solve.

By integrating and not just aggregating accounts we had the ability to go multi-modal, so you start a conversation with mails, and then switch to IM, to speech etc and back to email again only to pick up the real-time conversation at some other time.

To make all of this possible I needed a new kind of middleware, one that is geared towards secure, real-time bidirectional communication. So I created MERCURY, an object oriented, real-time middleware platform. It communicates through regular routers and firewalls (so no user-configuration needed), keeps communication the link alive and automatically secures it. Yet one can dictate real-time behavior on the communication, so no annoying timeouts.

The complexity of such a platform I handled with a structured architecture based on the best practices from both the Internet and the telco world, both used to scaling networks in their own way.

It looks like I am the first to accomplish this feat.

So all revved up and no where to go I am sort of idling right now. There must be others who need a mostly done platform. Hopefully the volcano ash from Iceland will not mess up the Next Web Conference next week where I hope to meet people who want to have a couple of year’s head start for the next generation of communications.

Destealthing...

After a year of radio silence I am back to blogging. What happened in those 12 months? Well, mostly I have been coding. Lots and lots of coding. The result you will see soon when we launch Perzonae.

When you are concentrating on the design, the architecture, the code, the bugs, there is little time to write a blog, the stuff that fills your day is usually not interesting for anyone else.

Now that I am emerging from this process, I will write more often.

In the past year there were several times something happened in the new that I had a strong opinion on, however I did not blog about it. Why? In these days, even in the west, governments take an increasingly dim view of non-mainstream opinions. In the current climate a misunderstanding about my intentions when blogging could hurt my life and business more than I expect my blog would improve it and the life of those around me. So I chose the path of caution. I find this a very worrying trend where freedom of speech is limited by petty civil servants and politicians and the harm they can cause.
I dub it the non-free-west. This is definitely food for thought...

Shockingly Irresponsible Government

I recently had to renew my passport. At first sight I was only unhappy with the photograph on it, because of the new regulations one is not allowed to smile on the photo and look in a certain way it made me look like a gulag prison warden. However the biggest disappointment was the fact that it now contains an RFID chip. This technology is supposed to make border crossings quicker and should prevent forgeries.

Well as a security measure it fails to work, it appears to be a 5 minute job to clone a passport. In response to this news a spokesman said: "It is hard to see why anyone would want to access the information on the chip.” Well now any gulag prison warden may use a copy of my passport, oh swell.

Of course anyone who cares to find out knows that the RFID chip should communicate over short distances but will readily work over a distance of meters.

This new feature also makes me less secure. Even if one does not want to decrypt what is on the passport one would like to know which nationality is passing by, e.g. to explode a targeted bomb.

So we are now issued with an identity document that if we should not carry it with us at all times we are obliged to carry it with us all the time when we travel abroad. To anyone who cares to make a study of the possibilities the new features in this document make me less secure because I may become a target for terrorist attack or identity theft.

To come back to the spokesman, it is easy to see why someone wants to access that chip! In fact the chances that this will be abused are about a 100%, considering the number of passports handed out, carelessness of its carriers and the rewards inherent in abusing the data.

The government does not seem to care or even understand that in an attempt to make its citizens more secure they actually made them less safe! I find this shocking.

Next they will probably want to include RFID chips in money to make it less forgeable, allowing any mugger to carefully select the victims to the ones actually carrying a lot of money, by reading and counting the RFID tags on the victim’s banknotes.

I already ordered my own RFID blocking passport sleeve to protect me from my well-meaning government….

UPDATE: I have not heard from my order at difrwear. Mails are unanswered, looks to me this company is defunct. Let's see if I can get my money back....

What’s wrong with Internet and computers today?!

Last week I saw a piece over on wired news by Kevin Mitnick. This former hacker now turned security expert gives his Top 10 list of steps you should take to protect your information and your computing resources from the bad boys and girls of cyberspace.

• Back up everything! You are not invulnerable. Catastrophic data loss can happen to you -- one worm or Trojan is all it takes.
• Choose passwords that are reasonably hard to guess -- don't just append a few numbers to a no-brainer. Always change default passwords.
• Use an antivirus product like AVG or Norton, and set it to update daily.
• Update your OS religiously and be vigilant in applying all security patches released by the software manufacturer.
• Avoid hacker-bait apps like Internet Explorer and disable automatic scripting on your e-mail client.
• Use encryption software like PGP (pretty good privacy) when sending sensitive e-mail. You can also use it to protect your entire hard drive.
• Install a spyware detection app -- or even several. Programs that can be set to run frequently, like SpyCop, are ideal.
• Use a personal firewall. Configure it to prevent other computers, networks and sites from connecting to you, and specify which programs are allowed to connect to the net automatically.
• Disable any system services you're not using, especially apps that could give others remote access to your computer (like Remote Desktop, RealVNC and NetBIOS).
• Secure your wireless networks. At home, enable WPA (Wi-Fi protected access) with a password of at least 20 characters. Configure your laptop to connect in Infrastructure mode only, and don't add networks unless they use WPA.

Technically Kevin is right, socially this is wrong. What this list highlights is that the combined Internet and PC industry has delivered a product that when compared to cars one must not only have a drivers license but also to be a mechanic able to maintain one’s own car and driveway. Yet we feel anyone should be able to own a PC and get onto the net.

This list being published on wired news most users will simply go on their merry way in blissful ignorance, even those whom it does reach may not be able to do this or have the energy to expend to actually perform these tasks. The way I see it the real audience is the tech-savvy crowd that can do something about it.

For the tech-crowd the main issue should be twofold (1) how did we get into this muddle and (2) how to get out of it? I will not go into a detailed discussion on each of the points, although that would make for an interesting day of discussion. I will stick to the main points:

1. PCs are very good at running programs, any program. This has led to its success (“oh just download this prog and you wil have … for free”) but also is a serious security risk
2. PC programs have practically ultimate power on the PC so any program may wipe all the user’s data. (note that unix and by inference MacOS X and Linux also allow programs run by the user to wipe all the user’s data, their security only prevents it from killing the system too)
3. PCs have way too many settings. An ordinary PC user scratches only the surface of what the PC can do. But in order to make everything work out of the box, all kinds of convenient services the user may never need are enabled by default. Each of these may provide a security threat.
4. Same with WiFi, that too is set-up out of the box for convenience not for security.
5. Internet protocols were created for a “friendly” network used by serious people, today the Internet is anything but that…

Now, as an engineer, users never cease to amaze me with the level crappyness of technology they are willing to put up with. On the other hand I do feel the engineers have let the users down in this area.

Engineers: accept your responsibility it’s time to put things right!

European Commission and access regulation

The European Commission has called for a review of the new communications framework. Well it seems like they have some weird idea of how open markets will create consumer choice for access infrastructure.

In prose I expect they understand better than the direct way I usually communicate ;-) I tried to press upon them that infrastructure is inherently a natural monopoly and should be regarded as such. Failure to do so will destroy a lot of capital and hamper further innovation simply because it creates unrest in the market and uncertainty for service providers who are supposed to bring innovations to the consumers.

From the response:

”The cornerstone of the regulatory framework, competition between infrastructures is not economically viable or sustainable in physical access networks. This policy hampers investments, creates uncertainty because a destructive price war is foreseen by all players. It drives them to seek regulatory intervention to secure de-facto monopolies. This prediction is based on economic analysis and observing previous infrastructure investment cycles.”

As anyone who has studied the economics of infrastructure in general and access infrastructure in specific knows that the investment for access is so great that the market pressure is immense to fully utilise that infrastructure.

From the response:

“Study of investment in infrastructure from the railways in the USA to recent Internet access investment consistently shows that investment in infrastructure in general and especially access infrastructure leads to an all-out war for dominance, a war driven by the necessity to raise utilisation to 100%. Parties that lose in this war are either removed from the field entirely or find their assets bought out of a bankruptcy sale at a fraction of their worth, destroying investments and fuelling another round of price wars. History shows that such price wars lead to much uncertainty for consumers, loss of investments and no innovation.”

Now why would the nice people in Brussels come to any other conclusion? Well that is because they look at the current telecoms market and see a co-existence if telcos and cablecos. Forgetting that this only came to be because until recently each had their own market for their own product. Now they are fully on each other’s turf they are busy kicking the other out.

From the response:

“The current status is an artefact, created by liberalization of the two networks which started with a de-facto monopoly on exclusive services (telephony, TV). Competition on broadband as we have seen had not possible without the platform created by these de-facto exclusive monopolies. This artefact cannot be used as a basis for a policy for the future. Policy should be based on insights in the economic forces at play in such a market and knowledge gained from earlier infrastructure investment cycles.”

Now let’s hope they listen.
You can find the full response on the EemValley website

All-IP, where do I plug in?

In the wake of all the news regarding the OPTA basic OK of KPN’s all-IP migration I was curious about the other side of this story. The news was about the companies that have (DSL) equipment in the KPN local exchanges, locations that KPN tries to get rid of in their move to all-IP (there is a nice schematic near the end of the OPTA doc showing the new network layout).

The other side of this story is of course that this move practically kills LLU. Now that is not such a major landslide as in the Netherlands KPN has been buying alternate DSL providers and their ISP left-right-and-center. Today it is hard to find an ADSL ISP in the Netherlands that is not going over KPN’s infrastructure all the way or even one that is not owned by KPN outright.

I have said it before and I will gladly say it again, a true broadband infrastructure is a practical monopoly. Ok, considering the local situation in the Netherlands it might be a duopoly, with the cable operators also covering almost all the homes. That is, a monopoly for those that will take the investment to go to a true broadband network, as each additional party will have roughly the same investment costs while the available revenue drops. KPN seems to have seen the light and now will run its fiber along that of CityNet when the street is open anyway. UPC is still in denial and trying to filibuster through litigation, and FUD reports by reputable research institutes, knowing they will lose when true broadband is here.

So at some point either KPN or local FTTH initiatives will bring true broadband to every home and company in the Netherlands, and no doubt a similar situation will emerge in other countries. At this point LLU is a thing of the past and these parties will be regulated into offering broadband services to anyone who wishes to burn it.

OK, that being the case, if I am going to run a unified service provider offering a mix of voice, messages, video etc. (a not so hypothetical case) where do I plug in?

Today I can rent space and servers at any of several data centers with plenty of bandwidth to the nearest internet exchange. When this service becomes popular and I want to provide, say, HD multi-party conferencing I will need a lot of bandwidth into the home of that telecommuter. I will need to be able to tell the KPN network that although they are offering a regular 4MB/s Internet connection and some 40MB/s for TV, I do not care, I need KPN to guarantee me 15MB/s with very little loss and delay for as long as the conference lasts between my media servers and that home and charge a reasonable price for it.

The true test of KPNs all-IP plan, and that of the other incumbents, is not if it supports today’s LLU DSL providers they are the past, but will it provide new services of the future.

It’s always nice to be proven right

Back in May I wrote about the T-mobile all-you can eat offer that explicitly excluded IM and VoIP, now the register brings the news that this limitation has been dropped. This is of course very much as expected, but it is always nice to be proven right. ;-)

What is the point of a Telco 2.0?

I started making this story for the upcoming Telco 2.0 conference but since they already have too many speakers and could not get me a slot, I expanded on the story and post it here.

Today there is much talk about next generation telco’s. Incumbent telcos are trying to become next generation networks by offering triple-play services. New players often try and do the same with similar technologies. But the big question is why would one want or need a telco when you can do everything peer to peer on the Internet (think Skype, Bittorrent)?

This question is side-stepped by those incumbents rolling our their IP-based Multimedia Systems, to their costs. They are moving their old business model to new technology, failing to see that new technology brings with it its own viable business models that are rarely the same as the old ones. In earlier blog entries I already mentioned that it is suicide to cross-subsidize bandwidth expecting your customers to make you rich by using the bandwidth to download your content or use your VoIP service. Recently Forrester computed just how much it will cost a telco doing this, $2000-$4000, per customer. Ouch!

So subsidizing Internet bandwidth is a bad idea, you have to make sure that the bandwidth is only used for your services, hello walled-garden IMS, or that the bandwidth pays for itself. The telco’s seem to be going for the walled garden variant, that I predict to become a huge failure because people do not like to be locked-in.

So if one can get around the telco and probably will, what is the point of there being a telco? And who will roll out the bandwidth if it is not the telco?

A new telco thatis to rise in the presence of the Internet (called a telco 2.0 for short) will have to live and thrive in the presence of competition. A telco 2.0 will have a reason for existence only if it can convince people that it can make life easier, more reliable, more fun, cheaper etc. if they just gave some money to it. There are many things a telco 2.0 can do, but I see three main points that are the basis of it all and differentiate a telco-based solution from a peer to peer one, these are convenience, trust and quality.

The Internet provides choice but, not convenience. There is so much to do on the Internet, information, services, games. Services like Google make some of that easier to find but in practice one often hears of sites from friends. Each service has a different user interface etc. Each site will wants to bind you by having submit email address (and other personal info) and setting up an account for you. Also payment is always a hassle. This leads to many people using only a few sites much. A Telco 2.0 can provide an easier way to access the information, games and services.

The Internet provides connectivity, but not trust. On the Internet no-one knows you are a dog. Well, yes and no. In an email conversation or a VoIP call from a stranger one has to take the other person’s word for their identity. Also in a peer to peer session one can find out the other person’s IP address, and from that their location, telling the person you are communicating with that you are not at home (burglary) and offers opportunities for hacking your terminal. There are only so many people you know, trust does not scale beyond a circle of friends. A Telco 2.0 provides that trust and privacy towards people you do not know (well).

The Internet provides connectivity, but no quality in the connection. Today there is no economical way for the incumbent broadband carriers to increase xDSL bandwidth to 100Mb/s symmetrical. A Telco 2.0 could buy bandwidth wholesale and deliver the bandwidth to the user’s when needed, in the quality as needed paid for by the service that needs it.

The business model of a Telco 2.0 will be centered around the tree issues described above, convenience, trust and quality from there the rest follows. Customers can not be forced to use a particular telco, they will pick the one that seems to score best to them on these issues when the price is right.

Bootnote: Reliability is one of those things that follow. Deploying your VoIP network unreliably, like KPN is doing, and making remarks like ‘it is new technology so outages can be expected’ when you just convinced people to dump their old phone line and take your VoIP service which then is unavailable for 10 hours three times in one month, like KPN is doing is not one to inspire trust in your ability to deliver.