Tag Archives: Reorganization

Google’s Missteps

By Jeremy Wagstaff

This one needed some correcting, for which apologies, and also, unsurprisingly, attracted some opprobrium. It’s Google Notebook, not Notes, and Jaiku’s founders are Finnish, not Swedish.

I’m a big fan of Google. A big fan. But I’ve finally realized what its problem is. It doesn’t know what the hell it’s doing.

Take its recent decision to close something called Google Wave.

Google Wave was introduced to much fanfare back in May 2009. I can’t really describe what it is, but I can tell you what Google called it. Email killer, a new version of the web, etc etc. “Wave is what email would look like if it were invented today,” said one of its creators.

Then, a few weeks back, they killed it. CEO Eric Schmidt said: “We liked the (user interface) and we liked a lot of the new features in it,” he was quoted as saying,  “(but) didn’t get enough traction, so we are taking those technologies and applying them to new technologies that are not announced.”

Schmidt explained Google’s policy like this: “Our policy is we try things. We celebrate our failures. This is a company where it is absolutely OK to try something that is very hard, have it not be successful, take the learning and apply it to something new.”

The point is not that Wave was rubbish. Or great. It’s that we never really got to try it out. When Schmidt says that “we tend to sort of release them and then see what happens” he’s telling the truth. Only it’s not really something he should be too proud about.

Quite a few of us worked quite hard to make Wave part of our lives. Not many of us, admittedly, but enough. Enough to be somewhat peeved to find it’s not going to be around much longer.

This isn’t the first time Google has done this. Google Notes Notebook was a way to collect snippets from the web and save them in the browser. Great, but Google killed that one off. They bought and killed off something called Jaiku, a better-than-Twitter service developed by some guys in Sweden Finland (thanks, Gabe,Adewale Oshineye and others). Of course, like Wave, they don’t actually shoot these things dead, they just go to some weird twilight zone where new people can’t sign up and existing users look kinda passé.

Like people who overstay a party that never really took off.

Who’s going to continue using a product that could disappear at any minute?

This, arguably, is fine when you’re not actually paying for the product. Well, not directly. But what happens when you shell out $500 for it?

That’s what happened when fools bought into Google’s foray into the cellphone world with their fancy Nexus One phone. What it called the Superphone, with plans to make lots more. “Imagine a thousand gphones!” said Schmidt

So people went out and bought it and yay! less than a year later Google closes down the online store where you can buy the thing and then, a few weeks after that, said that it’s not making any more phones.

Of course, Mr. Schmidt put a positive spin on it all.

But it’s not good enough.

I was one of those people who bought the phone because I love Google’s email service, its photo service, its online documents service, its RSS reader, its chat program, its maps. Its search engine. Pretty much everything it puts out. And I thought to myself: all this in a phone, made by the same guys, it’ll be heaven!

Only it wasn’t. The phone is good, but not great. I still use it, but my hope was that Google would be serious about all its products and pulling them together into one seamless service.

Never happened. And now, clearly, never will. Yes, Google make the operating system—the Android OS—so they still have a dog in the fight, but clearly they’ve decided that spending more time on the cellphone thing isn’t worth it for them.

Now these are the gripes of someone who feels a bit like a mug. But they’re also the ramblings of someone who feels there’s a fundamental problem with Google’s approach to the post-search world.

They don’t seem to get it. Buzz, their version of Twitter, is awful. It ignores the fundamentals of the service: it’s personal while also being impersonal, it’s chatty while at the same time having to be succinct. It’s not the same as email, and the people we share tweets with are not, necessarily, the people we email. So putting it together with Gmail was dumb.

Google has got to tread carefully. It’s not really had a hit for a while—since Gmail, probably, back in 2004. Yes, its Google Docs are good, but they’re not taking over the world. And the things they thought might take over the world—such as Wave—are poorly thought out, poorly promoted, poorly supported, and killed off with an insouciance that doesn’t only upset those people like me who took time and effort to build them into our workflow. It’ll also upset two other key groups: business users and investors.

No business user is going to start playing around with a Google product thinking it might be good for their company, because who knows when Mr.. Schmidt is going to pull out his hunting knife? And investors? Well, we’ve seen plenty of tech behemoths who were one- or two-hit wonders.

It’s not time up yet for Google. They’ve just launched a sort of phone service that could be a Skype killer, but who’s going to ditch Skype in their office for something that might not be around in a year’s time? They not only need to come up with good new products. They need to find ways to convince their users they’re not just playthings, given and taken back on a whim.

The Hazards of Recommending

image

Think twice before you agree to recommend someone on LinkedIn. They may be a logic bomber.

You may have already read about the fired Fannie Mae sysadmin who allegedly placed a virus in the mortgage giant’s software. The virus was a bad one: it

was set to execute at 9 a.m. Jan. 31, first disabling Fannie Mae’s computer monitoring system and then cutting all access to the company’s 4,000 servers, Nye wrote. Anyone trying to log in would receive a message saying “Server Graveyard.”

From there, the virus would wipe out all Fannie Mae data, replacing it with zeros, Nye wrote. Finally, the virus would shut down the servers.

Luckily the virus was found and removed. But what has yet to be removed is the suspect’s LinkedIn page which shows that since he was fired he has been working at Bank of America, something I’ve not seen mentioned in news covering the alleged incident.

(Apparently this piece mentions this fact but the information has since been removed. This raises other interesting points: What way is there for a company to police claims by people on networks like LinkedIn that they indeed worked at that company? Why was this information removed from the story or comments?)

image

What must also be a bit awkward is that the suspect, Rajendrasinh Makwana, has a recommendation on his LinkedIn profile from a project manager at AT&T, who says that

he was much more knowledgable at the subject matter than I was. He demonstrated leadership at times of crisis. He helped me learn the ropes. I would love to work with Raj again.

The recommendation is a mutual one; the person in question gets a recommendation from Makwana as well. But what adds to the awkwardness is that the recommendation was posted on October 25, 2008, which was, according to an affidavit filed by FBI Special Agent Jessica Nye, the day after Makwana’s last day of work—which was when he allegedly planted the virus:

“On October 24, 2008, at 2:53 pm, a successful SSH (secure shell) login from IP address 172.17.38.29, with user ID s9urbm, assigned to Makwana, gained root access to dsysadmin01, the development server. … IP address 172.17.38.29 was last assigned to the computer named rs12h-Lap22, which was [a Fannie Mae] laptop assigned to Makwana. … The laptop and Unix workstation where Makwana was able to gain root access and create the malicious script were located in his cubicle.”

Ouch. If the FBI is right, the suspect was buffing his CV, seeking recommendations from former colleagues right after planting a script that could have deleted all of Fannie Mae’s data.

Lesson: Think hard before you recommend someone on LinkedIn. How well do you know this person?

Stoop to Congoo?

Is business networking site Congoo resorting to spam to build its user base? I suspect it is.

Congoo is on one hand a good idea — a place to gather and monitor content on your industry, including content that is usually subscription only (like WSJ.com, who publish my weekly Loose Wire column.) But it’s also a networking tool — indeed, its blurb emphasizes that over the content:

image

But I don’t like being spammed, and I think Congoo may be doing that. Of course, they’re not alone in being accused of spamming — the likes of Plaxo, Zorpia and other networking services make it overly easy for a new recruit to send an email blast to everyone in their address book without them realizing it. To me that’s spam. Even Facebook isn’t entirely blameless: Add any application to your profile and you’re usually within a whisker of spamming all your friends unless you’re alert and scout around for the “skip” button.

But Congoo seems to be taking a different, and in a way more openly spammy, approach. It’s emailing non-subscribers — apparently at random — inviting them to join the network — with no apparent invitation from an existing user, or even a personalized email to indicate the recipient is being chosen for a specific reason. Here’s part of what I got this morning, from someone called Rebecca Simpson, identified as “Manager Network Development”:

We would like to formally invite you to add your professional profile on Congoo. You may recognize many of the professionals already featured:  Media & Advertising  Healthcare  Internet Finance Technology  Politics  & Law

Rebecca’s Congoo profile says she has “specialized in working with press and media outlets to distribute information. I have also organized and executed guerilla marketing campaigns as well as developed proprietary systems and methods for measuring ROI on Web buzz.”

That may be so, but frankly I’m not impressed at this particular pitch. No attempt is being made to categorize me, as I’ve shown only an amateur’s interest in healthcare, and my grasp of law goes no further than thinking ‘tort’ must be in some way related to the word ‘retort’. And I’ve had no prior dealings with Congoo that I can recall aside from several pitches from their (somewhat, er, insistent) PR company, whose own contact database could do with some consolidating.

It appears I’m not alone in thinking this might be a bit too spammy to be decent business practice. The net-abuse mailing list last week collected four examples of an identical message from one Heather Faulkner, who also happens to carry the title of “Manager Network Development” (how many managers of one department are you allowed? I’m not really up to date on that kind of thing), while the spam manager at AKBK Home captured more than 50 in a few hours.

And then there’s Congoo’s own policy on spam, of which this seems itself to be a transgression:

Congoo is concerned about controlling unsolicited commercial e-mail, or “spam.” Congoo has a strict policy prohibiting the use of all Congoo mail accounts to send spam.

I’ve asked Congoo for more information on this, and on their policy about emailing people. At best, I’ve got it all wrong and it’s all a big mistake. At worst, it’s a pretty poor display of a networking site trying to build its base through tactics that make it little different to those of a Viagra salesman. Times may be tough amidst the runaway success of something like Facebook, and the critical mass of LinkedIn, but stoop low and there’s no way back to standing straight.

Save Money: Fire Yourself

How often does this happen? Mankato editor resigns rather than cut staff

MANKATO, Minn. — The top editor of The Free Press announced she would resign rather than cut newsroom jobs to meet budget targets.

On Tuesday, The Free Press reported the decision by editor Deb Flemming to leave the company on April 9 as part of a broader cost-cutting plan. She informed her staff on Monday.

“Clearly, my leaving kept additional folks in the newsroom,” she said. “You need people to do the job. Without people, it will impact the quality of the product you give readers.”

Flemming, 50, said she wouldn’t be looking for another newspaper job, at least right away. “I’ve been doing this for 25 years and I’m really looking forward to a change.”

Hats off to her. I await a report that a consultant hired to cuts costs immediately scrapped his own contract on cost-cutting grounds.

Banks, Phishing And A Dereliction Of Responsibility

Online commerce suffers from one major flaw: It’s online. That means we need to use computers (or computer-like devices, such as cellphones). It means we need to use the Internet. Together this is a lethal cocktail. And for online banking, it just may mean it is fatal.

Online banking, for example, is not like using an ATM. Or a credit card. Or a cheque. Or even cash. All these types of transaction are vulnerable to fraud but they are relatively easy to protect yourself against. If you lend your credit card, cheque book or ATM card to strangers then you are probably not taking the right precautions. For banks, deciding whether you as a customer have taken ‘reasonable precautions’ is quite an easy calculation to make, and they will make it in assessing whether or not they will compensate you for losses.

But what about phishing? Online fraud is — and will become — a lot more complex than offline fraud. Firstly, most folk don’t really know what’s going on in their computer, so how can they take reasonable precautions? I bet, for example, that if you ask most people to identify the icons in their system tray they won’t be able to get all of them. Secondly, if you use broadband, you are connected to the Internet most of the time. It’s a bit like hanging out overnight on a street corner in a bad part of town: You can’t reasonably assume that you won’t attract the attention of some bad guy at some point.

These are calculations of risk the individual should make when he or she conducts any kind of transaction online. But they are hard. We can look around for suspicious type when we stand at an ATM machine, or hand over a credit card to a store clerk, but online we have no really easy way to measure our security and safety. Online banking is not the same as undertaking other transactions.

Which is why I think banks are wrong if they try to pretend it is. The BBC quotes Britain’s payments association, the Association for Payment Clearing Services (APACS) as saying that in a few years’ time “compensation could be denied if people had safety information but ignored it”. Apacs director of corporate communications Sandra Quinn is quoted thus: “What we have always said is that we won’t forever provide a guarantee. A good parallel might be with something like card fraud – if you act reasonably, you are covered.” The bottom line: where a customer had “not acted with care and been negligent”, the BBC quotes her as saying, banks in three or four years’ time could begin refusing refunds.

I’m sorry, but I think this is daft and the wrong way around. Banks were very, very slow to get off the mark over phishing. If I was a customer and had been phished I would have sued the pants off my bank for not warning me about it. Banks have a duty to monitor their website, their name, in fact the whole Internet, to protect their customers. For example, one company I spoke to gave me a list of website names registered that appeared designed to impersonate legitimate banks — Citibank was a favourite, with hundreds of names that could be mistaken for a legit Citibank site. Most banks, he told me, weren’t interested in subscribing to this service. Why? Because they didn’t feel monitoring these names — and the accompanying websites — was worth their time or their money. If I was a customer I would be livid: If a scammer set up a fake bank in the high street to defraud customers, you would hope the bank in question would be on top of it within seconds, warning customers everywhere to watch out and doing its damndest to close the operation down. The Internet is now the high street and banks need to start patrolling it, not ignoring it.

Sadly, I think banks still don’t get it. They think phishing is a static problem that will recede as more people know about it. But that’s not it at all. Phishing is the thin end of a new wedge that will lead to increasingly sophisticated efforts to use technology and social engineering to part consumers with their data and money. The banks’ role is not to put a few silly little warning notices on their website and set up silly little websites nobody visits (like this one) but to throw serious resources at protecting their customers: by building secure sign-on systems, by monitoring the bad guys, by offering well-staffed and accessible customer support hotlines. Anything less is a dereliction of responsibility.

Is It Back To Basics For The PDA?

What do you want in a PDA? The Register carries a story that seems to belie the conventional wisdom that folk want everything in one device. It quotes Jupiter Research as saying that vendors are getting it wrong by focusing on the high-end, convergent devices, when actually they should be looking at the low-end, just-give-me the basics, market. “The adoption of portable devices increases as their size and complexity of use decreases,” the Jupiter report says.

But on closer inspection the report’s not just saying that folk want a basic PDA. It’s saying that basic PDAs will remain the core of sales, but will gradually be taken over by phones that offer those same functions. This is the market’s “sweet spot for handhelds”, it says, where untis offer voice (read telephone), personal information management, or a combination of the two, ditching other integrated functions. By other integrated functions it means game play, playing music, that kind of stuff.

The figures seem to back this up: They show pretty low — 7% — penetration of the U.S. market. Jupiter forecasts a U.S. installed base of handheld PDAs will number just over 14 million at the end of 2003 and will only grow to 20 million by 2008.

I think on the whole they’re probably right. Extra bits and pieces just tend to make things go wrong, and if the machine goes wrong, and you have to send it off for repairs, you’re stumped. On the other hand, no mention is made of cameras, an area where I do think both PDAs and phones are going to see strong growth (see my column in FEER — subscription required). But I also believe there are other add-ons which are useful: Good voice recording — not just short memos, but a proper voice recorder that can store several hours of conversation — is useful for your modern thrusting exec (or journalist like moi).

Still, I think Jupiter have a point. Most folk I know just want something they can store their stuff on, and maybe check email in the office. Bluetooth, Wi-Fi etc: They’re all nice to have, but let’s face it, most people won’t use them. And given that ordinary PDAs are getting cheaper by the minute — fellow Jupiter analyst Avi Greenhart recently spotted the Palm basic Zire model for $43 at Best Buy — why bother going for the high-end stuff?

Electronic Voting And The Criminal Connection

The story of electronic voting machines, and the company that makes many of them, continues to roll along. I wrote in a column a few weeks back (Beware E-Voting, 20 November 2003, Far Eastern Economic Review; subscription required) about Bev Harris, a 52-year old grandmother from near Seattle, who discovered 40,000 computer files at the website of a Diebold Inc subsidiary, Global Elections Systems Inc, beginning a public campaign against a company she believed was responsible for a seriously flawed e-voting system., already in use in several states.

Anyway, now she’s turned up more explosive material, it seems. The Associated Press yesterday quoted her as saying that managers of Global Elections Systems “included a cocaine trafficker, a man who conducted fraudulent stock transactions, and a programmer jailed for falsifying computer records”. The programmer, Jeffrey Dean, AP reports, wrote and maintained proprietary code used to count hundreds of thousands of votes as senior vice president of Global Election Systems Inc. Previously, according to a public court document released before GES hired him, Dean served time in a Washington correctional facility for stealing money and tampering with computer files in a scheme that “involved a high degree of sophistication and planning.”

Needless to say this is all somewhat worrying. When I followed the story I tried to concern myself merely with the technological aspects, which were pretty worrying in themselves; The e-voting system being pushed by Diebold seemed to have too many security flaws to be usable in its present state. But Ms. Harris’ digging seems to reveal a company that is, to put it tactfully, less than thorough in its background checks.

So what’s Diebold’s version? AP quoted a company spokesman as saying that the company performs background checks on all managers and programmers. He also said many GES managers left at the time of the acquisition. “We can’t speak for the hiring process of a company before we acquired it”. Acccording to Ms. Harris’ website, however, that’s misleading. Quoting a memo issued shortly after Diebold bought GES in early 2002, Dean had “elected to maintain his affiliation with the company in a consulting role”. Diebold, the memo says, “greatly values Jeff’s contribution to this business and is looking forward to his continued expertise in this market place”. AP said Dean could not be reached for comment Tuesday afternoon and I cannot find any subsequent report online.

It’s hard to see how Diebold is going to recover from what has been a series of body blows to its credibility in such a sensitive field as voting. The same day as Ms. Harris revealed her latest bombshell, the company announced “a complete restructuring of the way the company handles qualification and certification processes for its software, hardware and firmware”. Diebold hopes the announcement will “ensure the public’s confidence that all of our hardware, software and firmware products are fully certified and qualified by all of the appropriate federal, state and local authorities prior to use in any election”.

Clearly the whole fracas has done serious damage to public confidence in electronic voting. But it’s important to keep perspective. There’s nothing wrong intrinsically with e-voting — it’s a sensible way to speed up the process, make it easier for citizens and, perhaps, to extend the use of such mechanisms to allow the population to have a greater and more regular say in how their lives are governed. But like every technological innovation, it’s got to be done right, by the right people, with the right checks and balances built in, and it can’t be done quickly and shoddily. Most importantly, it’s got to be done transparently, and those involved in building the machines must never be allowed to conceal their incompetence by preventing others from inspecting their work and assessing its worthiness.

For details of Ms. Harris allegations, check out her website Blackbox Voting. A summary of the press conference is here, as are the supporting documents (both PDF files.)

Update: Microsoft Goes Soft in Thailand

 It’d be too much to suggest that Bill Gates reads my column, but Microsoft seem to be buying my idea (well not mine, really) that prices of their software should be geared to what local people can afford. IDG News Service’s Taipei Bureau reports that the US software company has cut the price of its Windows operating system and Office application suite in Thailand. Quoting a report released by market analyst Gartner Inc (it’s an Acrobat PDF file) Microsoft has reduced the cost of an Office and Windows package there for $40 and may do the same thing in China.
 
The move seems to be in the face of a government program which ended up selecting Red Hat Inc.’s Linux operating system and Sun Microsystems Inc.’s StarOffice productivity suite when Microsoft did not at first participate. Windows XP in the U.S. sells for between $85 and $130, IDG says, while Office XP Professional sells for about $250.
 
All this can only be good news, and bad news — eventually — for pirates.