Russ Pearlman's Blog

The Inquirer recently reported that Bob Dredbin has joined Apple. Bob is the former CTO at AMD and has extensive experience at Silicon Graphics, ATI, Artix and LucasFilms.

I think that this move shows that Apple is starting to take mobile gaming even more seriously. Of course, with the major success of the application store and the push for micro transactions in the iPhone/iTouch 3.0 software update coming this summer, they have reason to be serious.

I often ask the trivia question to friends and colleagues: what is the top selling gaming platform? Many guess the Wii, others think it must be the PS3 because of BluRay and others think that the XBox 360 is probably tops (at least in the United States). Usually, they fail to think about the Nintendo DS – which outsells the other 3 significantly.

I bring this up because my 10 year old son, who owns a DS himself, has now saved enough money (from birthdays, etc.) to buy an Apple iTouch. He doesn’t care about music or videos – he wants to play games! I wonder if Apple could eventually outsell the major consoles. Certainly the consumer form factor is there, the portability is there, the low cost purchase point is there, there is lots of gaming content available and it provides connected entertainment to Facebook, MySpace, Twitter, IM and email.

My big bold prediction. Sales of the iPhone/iTouch will outpace at least 1 of the major console players this Holiday sales year. And, DS/DSi/Gameboy and iPhone/iTouch will collectively outsell all consoles combined.

The Obama campaign had some pretty interesting promises when it came to technology (see their position note). Now that Obama has appointed Aneesh Chopra to the role of Federal CTO, I thought it would be a good idea to look back at their position paper. Here are the relevant promises:

1. “[The CTO will] ensure that our government and all its agencies have the right infrastructure, policies and services for the 21st century. The CTO will ensure the safety of our networks and will lead an inter agency effort, working with chief technology and chief information officers of each of the federal agencies, to ensure that they use best-in-class technologies and share best practices.” I’m not sure who could be against that, but having seen this attempted within MUCH smaller bureaucracies, I’m not sure how Mr. Chopra will be able to accomplish such lofty goals.
2. “The CTO will have a specific focus on transparency, by ensuring that each arm of the federal government makes its records open and accessible as the E-Government Act requires.” If you click the link, you can enjoy the 72 page E-Government Act of 2002. It’s mind boggling and references back to numerous other laws. Some basic research shows that it’s been very slow in implementation.
3. “The CTO will also ensure technological interoperability of key government functions… [so] we do not have a repeat of the failure to deliver critical public services that occurred in the aftermath of Hurricane Katrina.” Again, this is admirable, but I’m not sure that national disasters can be overcome by IT. Think of what 9/11 did to the phone systems of NYC. Anyone who has been in IT long enough knows that when an unexpected peak in activity occurs against systems – they just can’t handle it and they crash. Unless you are looking to spend enormous sums of money to anticipate those extreme peaks, you have to accept that there will be system failures. It seems that the CTO should focus more on disaster recovery than interoperability.
4. “In the 21st century, our economic success will depend not only on economic analysis but also on technological sophistication and direct experience in this powerful engine of our economy. In an Obama administration, the government’s economic policy-making organizations and councils will include individuals with backgrounds in our technology industry.” Good. However, this particular CTO is a government veteran, not an industry veteran.

Overall, I think it’s great that Obama has appointed the first Federal CTO. And, from the sound of all the adulation, it sounds like Mr. Chopra is a good candidate. But, I wish that his mission was founded more around innovation instead of bureaucracy.

For example, I would love to see a more ambitious plan for school and education around technology. And, I don’t mean putting in the Internet. (We all know that anyone can blog and say anything on the Internet – hehe). What about using tools like RosettaStone, the language instruction software for helping to teach languages? Or, how about adaptive testing mechanisms that help address specific areas where students need to learn better? Or, how about advances in digital books / textbooks so that cost efficiencies can enable more children to have the latest books?

Let the Federal CIOs worry about infrastructure, interoperability and the like. Let’s bring in a real CTO position that drives innovation, efficiency and the kind of new thinking that can partner with private companies to really push the effectiveness of government.

Amazingly with IBM dropping out of the bidding, Oracle was able to acquire Sun Microsystems today. I’m sure that more and more will be made of this in the coming days / weeks, but I wanted to provide some of my own thoughts:

• First, what this means for the database market. Oracle is the market leader in the Enterprise database space with it’s Oracle RDBMS. Of course, there is competition from IBM (DB2) and Microsoft (SQL Server). But, now that Oracle will get MySQL as part of the Sun prize, there is a rather interesting puzzle about what they will do with it. Perhaps we will find Oracle “light” or perhaps they will provide an update / migration path. Or, perhaps they can add some of the clustering support to it that would lead to a very serious blow to SQL Server. In my opinion, this is most likely bad news for Microsoft while I suspect DB2 will be uneffected.
• Second, Java. From its acquisiton of BEA, Oracle has built a rather impressive J2EE stack from portal to SOA middleware to services registry to RDBMS. By adding in Sun, they gain that much more credibility. This one is a direct blow against IBM since it really steps up their presence as a true comprehensive solution for anyone serious about J2EE. (IBM, of course, will continue to dominate J2EE for mainframe shops – but that is a shrinking market).
• Third, the open-source marketplace. Oracle is lagging behind IBM significantly in the open-source space. And, Sun had made a recent push to head that way themselves. Not only does Oracle now pick up MySQL, but it also picks up Glassfish, OpenESB and other projects owned by sun. I think this is going to potentially be a huge boon for Oracle, especially in the services area.

Overall, I think this is a great move by Oracle. It helps to marginalize some of Microsoft, it allows them to better compete with IBM and it brings them into the modern open-source space.

Again, how that all works its way out is still unknown…

A colleague of mine forwarded on an article from CNet about HP investigating the use of Android for it’s Notebook computers. Essentially, companies like HP are looking for ways to drive down the price of Notebook computers – trying to push below the $200 mark. Using an operating system such as Windows requires a hefty licensing fee, so replacing it with something else is a reasonably good idea.

Now, my colleague proposed that using something like Android could also help in the convergence of entertainment content such as music, games, etc. between mobile devices. After all, a notebook running Android and a mobile phone running Android results in the exact same applications running on different form factors. This extends the potential consumer based beyond just T-Mobile phones.

This got me thinking, though.

As an iPhone user, I often “defend” the device against offerings from other companies. For example, the Sprint Instinct and Rumor phones are mighty capable. But, for me, the secret sauce of the iPhone is entertainment connectivity. Regular readers of my blog – or those that have to endure my opinions in person – know that I’m a big advocate of digital libraries. While Apple hasn’t implemented Utopia, it’s the closest thing there is yet. iTunes provides a computer based digital library that I can use to stream across my local network, sync to my portable device and use on the primary computer as well. The iPhone then, is really just a delivery device (although is a really sleek, cool package). I haven’t seen such a compelling offering anywhere else (though the Kindle is getting there for books).

So, other than bragging that I have an iPhone, what does that have to do with Android and Notebook computers? Well, the problem to me comes down to digital libraries and distribution. Running Android on the notebook doesn’t have anything to do with that. How do I download music onto my Android phone? How do I get games? How do developers deal with the multiple form factor? A platform company (such as Google – who makes Android) working with a hardware company (such as HP – who makes the notebook) is missing the key bits: an application store with 10,000′s of interesting applications, an entertainment store with 100,000′s of music tracks, a video store with 1,000′s of TV episodes and movies and a suite of SDKs. Of course, you also have to figure out the DRM part of the equation – otherwise good luck getting movie studios to provide compelling content.

Some quick thoughts:

• As for music and video, until Android can figure out DRM – this is a non-starter. Unfortunately, DRM and open-source just don’t mix. Perhaps this will require a proprietary extension like what JCA enables for Java applications.
• For games, ditto DRM, but more importantly, where are the strong development tools (like what Microsoft has done for XNA) to support multiple device properties (e.g., video screen size, physical controls like a mouse, etc.) while leveraging a mostly consistent code base? (For those not familiar with XNA, it does a good job of creating XBox and PC applications from the same code base – you only really have to differentiate the development of the application for device specific qualities. In theory, this works for Zune applications as well, but I haven’t been able to test this out myself).

With all of that said, I think HP would be better served to look at Android as opposed to say Ubuntu Linux. But, it’s not the operating system that’s exciting – it the content, the distribution of content, the availability of content and the compelling experience (device, content and platform combined) that makes all the difference. I think there is an amazing opportunity for someone to take this spot – perhaps Google or HP are already thinking about it… Hmm…

“In his 2002 autobiography, the Bali nightclub bomber specifically referred to online credit card fraud and carding as a means to fund terrorist activities, and encouraged his followers to use this method to obtain financing,” said Chairwoman Yvette Clarke (D-NY) during a March 31, 2009 Homeland Security Hearing “Do the Payment Card Industry Data Standards Reduce Cybercrime?”

For those of you not up on your Payment Card Industry (PCI) security standards, it’s a set of requirements that merchants who accept credit cards must meet in order to continue accepting credit cards. Generally, these include IT best practices (such as keeping software current and loaded with anti-virus), protecting sensitive data (such as encrypting credit card #’s) and keeping all facilities physically protected. The requirements are segmented into 12 overall areas with over 200 sub-requirements. Over the years, these requirements have been generally lauded.

The Homeland Security hearing was an open discussion on the effectiveness of these standards. Having had a hand in helping to PCI certify a number of clients (and act as primary architect for them), I understand how basic these really are – and I understand how easily they could be thwarted. There is a strong recommendation by the panel to supplement these requirements with an equally strong push back from retailers to not further burden them. (For example, the CIO of Michael’s talked about requirements that all employess sign an attestment to their understanding of the security requirements. This doesn’t make sense for seasonal or transitory retail workforces.)

I’m a strong advocate for more intrusion detection at the system level. But, I suspect fraud mostly occurs at the human level – like most major security breaches. As we continue to fight the overseas contingency action (formerly known as the Global War on Terror), we need to not only protect the economic viability of individuals but the overall safety of our country. So, what can we do to help enforce security?

I think the best solution is to mandate that all payment processors and banks return authorization tokens whenever a credit card is accepted at the point of sale (either on-line or in-store). The retailers should NEVER have to keep credit card information on file (either encrypted or otherwise). In the case of chargebacks (i.e., returns or customers refusing to pay the transaction), the retailer should only have to supply the authorization token to prove that the transaction took place. In 2006, we took this approach with a major on-line retailer using the token service provided by CyberSource. It was more expensive, but it made PCI certification a snap.

The big advantage to this approach is that the retailers don’t have the burden of all the PCI requirements. I’m sure that many of them fail to detect intrusions and/or keep a sufficiently secure environment (including employee hands-off!). Only the payment processors or banks would need to keep the secure environments, and, in the case of breach, only one company would need to understand the scope of the intrusion to alleviate the economic exposure.