It turns out, now that I look at it, that it's rather hard to go to the Mimecast blog and just find my posts. (In fact, it may be impossible.) So from now on I'm going to try to remember to post pointers here whenever I blog there.
I believe my 2011 predictions post was my 8th on the Mimecast blog, so for anyone who's interested, here are the other seven:
Richard Stallman's Cloudy Vision
(Archived in 2026 at https://guppylake.com/mimecast-blogs/StallmanCloudy.txt)
More Eggs, More Baskets: The Importance of Diversity in Email Management
(Archived in 2026 at https://guppylake.com/mimecast-blogs/morebaskets.html)
A Short History of Email's Future
(Archived in 2026 at https://guppylake.com/mimecast-blogs/HistoryEmailFuture.txt)
Wikileaks Lessons for CEOs: Information Security Management is there to Protect, Not to Ignore
(Archived in 2026 at https://guppylake.com/mimecast-blogs/wikileaks.txt)
Watching from the Sidelines: MessageLabs vs. SORBS
(Archived in 2026 at https://guppylake.com/mimecast-blogs/DefendingTheCompetition.txt)
The Long Wave Goodbye
(Archived in 2026 at https://guppylake.com/mimecast-blogs/LongWaveGoodbye.html)
Is the Pendulum Winding Down?
(Archived in 2026 at https://guppylake.com/mimecast-blogs/NotAPendulum.html)
Friday, December 24, 2010
Thursday, December 23, 2010
Predictions for the Technology Industry in 2011
I haven't been posting much here, in large part because my blogging energies have been going into my work blog at Mimecast. But I just posted something my non-email-geek readers might also enjoy, a tongue-in-cheek look at the year to come:
http://blog.mimecast.com/2010/12/predictions-for-the-technology-industry-in-2011
I could crosspost more of my Mimecast blog posts if anyone thinks they'd like that....
http://blog.mimecast.com/2010/12/predictions-for-the-technology-industry-in-2011
I could crosspost more of my Mimecast blog posts if anyone thinks they'd like that....
UPDATE: Mimecast's blogs are gone, but a draft of this piece is at:
Tuesday, November 9, 2010
My 3 or 4 picks for the Hall of Fame
Yesterday's big news, as I'm sure you know, was the publication of the 2011 list of post-1972 candidates to be considered (by the Veterans Committee) for induction into the baseball Hall of Fame.
The Veterans Committee evaluates candidates who failed to win "popular" election (by baseball writers) during their initial period of eligibility (15 years for players). This means that the players on the VC ballot aren't usually once-in-a-generation superstars like Willie Mays or Tom Seaver. Thus it's not surprising that 4 of the 12 candidates are on the list primarily for non-playing achievements.
If there's a no-brainer on the list, it has to be Marvin Miller. By unionizing baseball and creating free agency, he raised the average ballplayer's annual income from that of a journeyman plumber to that of a half dozen neurosurgeons. He completely outwitted the owners every step of the way, and would have made them look like fools even if they hadn't already done it to themselves. Not surprisingly, he made some major enemies along the way, which is the only thing that could keep him out of the Hall.
The Veterans Committee this year is 8 players, 4 executives, and 4 media. The threshold for election is 75%, which means that the executives would need only one more vote to blackball Miller. The easiest way to do this would be to buy the vote of one of the media representatives. I can't imagine how any of the players could vote against Miller.
Next, I'm going to surprise some of you by saying I'd vote for George Steinbrenner and Billy Martin -- together, because neither of them would have gotten in without the other. It's a tragic love story of two men who hate but need each other -- perhaps now that they're both gone, someone can make a real tearjerker of a homoerotic movie about them. Baseball needs characters like these.
And that's it. I wouldn't vote for any of the other 9. Tommy John was a fine pitcher, but few would remember his name if it hadn't been repurposed, as in the "Tommy John surgery" that has saved countless arms. You don't get into the Hall for being a guinea pig. Lou Gehrig is there because of what he did *before* he got Lou Gehrig's disease. (By contrast, there was a Bush league long before two of its members became US presidents.)
Pat Gillick is a cipher to me, and my reluctance to vote for him may simply reflect that, like most fans, I don't have enough insight into what baseball executives really do. I see no signal achievements that advertise his greatness -- but possibly I'm punishing him for being so much saner than Steinbrenner.
The remaining 7 candidates -- Vida Blue, Dave Concepcion, Steve Garvey, Ron Guidry, Al Oliver, Ted Simmons, and Rusty Staub -- were all very, very good players. They all had moments of greatness, and several -- Garvey especially -- excelled over extended periods of time. But none of them, it seems to me, amassed either the statistics or the legend and anecdotes that put you in the Hall of Fame.
Moreover, I think that if you look carefully, you'll find that their most passionate advocates are also fierce supporters of the teams they played for. Reds fans can be forgiven for having no doubt that Concepcion belongs in the Hall, and the same goes for Dodgers, Yankees, Pirates, and Expos fans. (Are there any Expos fans?) And as a long time Mets fan, I'd love to see Rusty Staub become the second Hall of Famer wearing a Mets hat. (Triva answer: Tom Seaver.) I'd love to see myself crowned Mr. Universe, too, but that doesn't mean I deserve it.
I'd like to believe that, were I on the Veterans committee, I'd preserve the high standards of the Hall and vote for only 3 of the 12. But I'm probably kidding myself. In 1967, my father took me to my first-ever professional baseball game, where my Columbus Jets beat the Syracuse Chiefs 1-0. Afterwards, I waited patiently in line to get my ticket signed by the young nobody with the winning RBI.
I'm pretty sure I can hear my father saying, "Hold on to that, he could be in the Hall of Fame some day. You never know." I have it still. Just above my own compulsive annotation, in much larger letters: Al Oliver.
OK, so I'd probably end up voting for 4 of the 12. Baseball without maudlin sentiment would be just a more athletic version of chess. Maybe Al Oliver's career didn't *quite* justify Hall of Fame entry, but to my mind, he missed it by no more than a single autographed ticket stub.
The Veterans Committee evaluates candidates who failed to win "popular" election (by baseball writers) during their initial period of eligibility (15 years for players). This means that the players on the VC ballot aren't usually once-in-a-generation superstars like Willie Mays or Tom Seaver. Thus it's not surprising that 4 of the 12 candidates are on the list primarily for non-playing achievements.
If there's a no-brainer on the list, it has to be Marvin Miller. By unionizing baseball and creating free agency, he raised the average ballplayer's annual income from that of a journeyman plumber to that of a half dozen neurosurgeons. He completely outwitted the owners every step of the way, and would have made them look like fools even if they hadn't already done it to themselves. Not surprisingly, he made some major enemies along the way, which is the only thing that could keep him out of the Hall.
The Veterans Committee this year is 8 players, 4 executives, and 4 media. The threshold for election is 75%, which means that the executives would need only one more vote to blackball Miller. The easiest way to do this would be to buy the vote of one of the media representatives. I can't imagine how any of the players could vote against Miller.
Next, I'm going to surprise some of you by saying I'd vote for George Steinbrenner and Billy Martin -- together, because neither of them would have gotten in without the other. It's a tragic love story of two men who hate but need each other -- perhaps now that they're both gone, someone can make a real tearjerker of a homoerotic movie about them. Baseball needs characters like these.
And that's it. I wouldn't vote for any of the other 9. Tommy John was a fine pitcher, but few would remember his name if it hadn't been repurposed, as in the "Tommy John surgery" that has saved countless arms. You don't get into the Hall for being a guinea pig. Lou Gehrig is there because of what he did *before* he got Lou Gehrig's disease. (By contrast, there was a Bush league long before two of its members became US presidents.)
Pat Gillick is a cipher to me, and my reluctance to vote for him may simply reflect that, like most fans, I don't have enough insight into what baseball executives really do. I see no signal achievements that advertise his greatness -- but possibly I'm punishing him for being so much saner than Steinbrenner.
The remaining 7 candidates -- Vida Blue, Dave Concepcion, Steve Garvey, Ron Guidry, Al Oliver, Ted Simmons, and Rusty Staub -- were all very, very good players. They all had moments of greatness, and several -- Garvey especially -- excelled over extended periods of time. But none of them, it seems to me, amassed either the statistics or the legend and anecdotes that put you in the Hall of Fame.
Moreover, I think that if you look carefully, you'll find that their most passionate advocates are also fierce supporters of the teams they played for. Reds fans can be forgiven for having no doubt that Concepcion belongs in the Hall, and the same goes for Dodgers, Yankees, Pirates, and Expos fans. (Are there any Expos fans?) And as a long time Mets fan, I'd love to see Rusty Staub become the second Hall of Famer wearing a Mets hat. (Triva answer: Tom Seaver.) I'd love to see myself crowned Mr. Universe, too, but that doesn't mean I deserve it.
I'd like to believe that, were I on the Veterans committee, I'd preserve the high standards of the Hall and vote for only 3 of the 12. But I'm probably kidding myself. In 1967, my father took me to my first-ever professional baseball game, where my Columbus Jets beat the Syracuse Chiefs 1-0. Afterwards, I waited patiently in line to get my ticket signed by the young nobody with the winning RBI.
I'm pretty sure I can hear my father saying, "Hold on to that, he could be in the Hall of Fame some day. You never know." I have it still. Just above my own compulsive annotation, in much larger letters: Al Oliver.
OK, so I'd probably end up voting for 4 of the 12. Baseball without maudlin sentiment would be just a more athletic version of chess. Maybe Al Oliver's career didn't *quite* justify Hall of Fame entry, but to my mind, he missed it by no more than a single autographed ticket stub.
Monday, August 30, 2010
Some parts of the sky might be falling, eventually, or maybe not!
For most of my career, I've tried to live constructively at the interface between computing technology and less technical areas, such as business strategy and public policy. Mostly this has meant educating the more wonkish folks from the non-technical side, but sometimes I've also spoken out in public. I'm sure I'll continue to do both, but each time I do, I'm reminded of why most technologists probably avoid this sort of gig.
It's not that such work isn't interesting or rewarding; it often is. But when I (or, I suspect, almost anyone) try to work simultaneously in two very different domains of knowledge and reasoning, I can't possibly do an expert job in both. The goal is to do a passable job in both, to enable a few nuggets of information to cross a large gulf in the middle of our society's collective consciousness.
I mention this because I just published an article aimed at CIO/IT-business types, trying to alert them to some changes on the horizon for the Internet. In my experience most IT directors -- like the general public -- tend to think of the Internet infrastructure as a done deal, a static entity. And in fact most changes to the Internet tend to happen through growth (new protocols and applications) rather than through changes in the established infrastructure.
But sometimes the infrastructure just has to be changed, and we're about to see a major burst of such changes, so it concerns me that business IT departments are underaware and underinformed. (Disclaimer: yes, I think the cloud model, of which I am a part, is a smallish part of the solution.)
This is dry stuff. Getting it down to just a few paragraphs will inevitably involve oversimplification and omission. Making those few paragraphs get the reader's attention might involve a few more. The end result, therefore, is that what I describe is almost a caricature of what I expect to happen. In this case, yes, I expect these things to happen, but no, I don't expect them to pop off like a string of firecrackers, with no long tail on their deployments. But I believe that the closer I come to making it sound like the sky is falling, the more likely my intended audience is to get my message. Getting this kind of message across without being alarmist is not easy.
Anyway, here is the article if you want to read it. Does it cross the line into overhype unbecoming a scientist?
It's not that such work isn't interesting or rewarding; it often is. But when I (or, I suspect, almost anyone) try to work simultaneously in two very different domains of knowledge and reasoning, I can't possibly do an expert job in both. The goal is to do a passable job in both, to enable a few nuggets of information to cross a large gulf in the middle of our society's collective consciousness.
I mention this because I just published an article aimed at CIO/IT-business types, trying to alert them to some changes on the horizon for the Internet. In my experience most IT directors -- like the general public -- tend to think of the Internet infrastructure as a done deal, a static entity. And in fact most changes to the Internet tend to happen through growth (new protocols and applications) rather than through changes in the established infrastructure.
But sometimes the infrastructure just has to be changed, and we're about to see a major burst of such changes, so it concerns me that business IT departments are underaware and underinformed. (Disclaimer: yes, I think the cloud model, of which I am a part, is a smallish part of the solution.)
This is dry stuff. Getting it down to just a few paragraphs will inevitably involve oversimplification and omission. Making those few paragraphs get the reader's attention might involve a few more. The end result, therefore, is that what I describe is almost a caricature of what I expect to happen. In this case, yes, I expect these things to happen, but no, I don't expect them to pop off like a string of firecrackers, with no long tail on their deployments. But I believe that the closer I come to making it sound like the sky is falling, the more likely my intended audience is to get my message. Getting this kind of message across without being alarmist is not easy.
Anyway, here is the article if you want to read it. Does it cross the line into overhype unbecoming a scientist?
Wednesday, August 25, 2010
E-mail's Past, Present, and Future
Recently, the Enterprise Systems Journal was kind enough to ask me some questions about the evolution of e-mail. Since that was something I'd been meaning to blog about, I'll be lazy and include a pointer here:
ESJ Interview with Nathaniel Borenstein
It's pretty much the first time I've set down any of my retrospective thoughts about MIME, all these years later, but I don't think it will be the last. Are there any MIME-related questions that you would like me to try to answer?
ESJ Interview with Nathaniel Borenstein
It's pretty much the first time I've set down any of my retrospective thoughts about MIME, all these years later, but I don't think it will be the last. Are there any MIME-related questions that you would like me to try to answer?
Monday, August 2, 2010
Is the pendulum winding down?
This was originally published in Tech News World.
If you've been in IT long enough, you've probably heard someone observe that, for as long as there have been computers, there has been a long, slow pendulum swing between centralized and distributed computing paradigms. From mainframes to remote terminals to timesharing to PC's to client/server to mobile devices to cloud computing, the pendulum has been easy to discern, though harder to explain.
In the midst of the constant change that is the IT industry, the idea of a stable, long-term cycle between centralization and decentralization is appealing. It might be comforting if something in our industry were as stable as the tides! Sure, we're all worked up about cloud computing now, but soon we'll be refocusing on what we can do locally with our next-gen smartphones, or perhaps our cybernetic implants. It's never a long hop from comforting myth to received wisdom or dogma, and by now many people view the cycle as a law of nature.
I think the received wisdom is wrong, and the apparent pendulum is about to stop swinging.
Sure, sometimes what looks like a pendulum is in fact a pendulum. But at least as often, if you're swinging back and forth between two alternatives, it's because neither one of them alone is meeting all your needs. When you finally find an alternative that does meet all your needs, you can stop swinging. In this case, technology is finally reaching the point where we can have our cake and eat it too. We want fast, powerful, rich applications that we control completely, but we want to do absolutely zero work to administer our machines and applications.
For applications that interact with you immediately and richly, nothing will ever beat a computer that's right near you, perhaps in your hand. But the average user has no patience or tolerance for maintenance activities -- storage, backup, and system administration and operation in general. Such tasks are far better accomplished by remote servers, professionally administered. Traditionally, application designers have had to trade off the speed and responsiveness of a local application against the reliable remote maintenance of a server-based application.
That tradeoff will soon be as obsolete as EBCDIC. Today, we have ultraportable machines that provide rich interfaces and media. We have near-ubiquitous high-speed Internet connectivity, almost anywhere you might want to go (with a few lamentable exceptions such as my own home, but that's a story for another day). And, to allow users (even corporate ones) to be largely oblivious to the problems and complexities of running reliable services, we have the emerging paradigm of Cloud Computing.
It's true -- mostly -- that no individual technology in Cloud Computing is fundamentally new. Networked services have been around since the 70's, and most modern applications were first demonstrated in the 80's as part of university projects like Andrew (Carnegie Mellon) and Athena (MIT). But as one of the participants (in the Andrew project), I can tell you that much of what we did was amazingly cool on campus, but completely impractical for the wider environment. Trust me, your iphone wouldn't seem nearly so cool if it had to do all its communication at 14.4 kilobaud. (Your Android wouldn't either, but at least you could distract yourself hacking the system code to try to speed it up.)
What's new -- what makes cloud computing far more than the latest buzzword -- is simply that all of the pieces have finally come together in mature form: powerful computing devices so cheap you can view them as nearly disposable. High speed connectivity so ubiquitious you can view it as nearly everywhere (if you don't visit me). And maturing cloud-based services so reliable that you can view them as nearly always available. When you put all of these together, you can begin to look at all your data processing needs in a radically different light.
Properly configured, a cloud-oriented user should never have to worry about backing up anything, ever again. He'll never need another disk or flash drive, because his data will always be available to him anywhere he goes. Similarly, a business that has moved its office functions to the cloud should never have to worry about system administration beyond the most localized activities, such as adding and deleting user accounts, or keeping the local network running. (Of course I'm not talking here about companies that write or operate complex systems; I'm talking about businesses using services that are not part their own mission or expertise.)
Did you drop your Droid into the swimming pool? Did your salesman leave his laptop somewhere in an aiport? In the cloud world, these become no more than minor nuisances -- you just replace the machine and reconnect to the cloud. Your data is intact, and you once again have at your fingertips more processing power than all the computers in the world back when astronauts walked on the moon. (This is literally true today for Droid users, but not most laptop users; cloud computing can make it so for the vast majority of business users as well.)
I love the new paradigm -- that's why I recently jumped ship from a cushy position at IBM to work for Mimecast, a cloud startup -- but it certainly has its downsides. Jobs for sysadmins in non-computer-oriented companies will dwindle, but this will be offset by jobs at cloud companies, and by jobs administering cloud services and taking ever-better business advantage of their capabilities. And the issues of privacy and security will, in any conceivable architecture, always demand constant vigilance from providers and thoughtful attention from users, administrators, managers, providers -- pretty much everyone.
Still, I think that the promised land is in sight. Most of us will find the cloud world simpler, more efficient, and more pleasant to use than what has come before. Once you've been in the cloud for a while, you'll never want to come back -- unless you've stumbled onto a bad service provider. That's probably the biggest danger in the next few years, as the cloud market sorts itself out. We can see the promised land from here, but if you want to get there safely, a trusted guide is still an awfully good idea.
Thursday, June 24, 2010
IBM, the Holocaust, and Me
A couple of years ago, in an act of subversion that makes her papa proud, my youngest daughter gave me an unusual Chanukah present: IBM and the Holocaust by Edwin Black:
My first reaction was to wince uncomfortably, probably not the reaction she was hoping for. At the time, I was employed by IBM and trying to maintain the most positive attitude possible. This book didn't promise to make that any easier.
Like any large company, IBM does lots of good things and some bad things as well. At IBM's size, both the good and the bad can be pretty dramatic. But implicated in the Holocaust? I just didn't want to think about it. By the time the holiday was over, I told my daughter that this would be the first book I opened whenever I eventually submitted my resignation to IBM.
I kept my word, and devoured the book promptly upon my recent job change. Delaying reading the book was probably a good career move, but eventually proved a bad one for my self-respect as a moral person. Had I read it while at IBM, I might have taken actions distinctly unhelpful to my career progress. But I don't think I would have regretted them.
I can't possibly condense, in a blog entry, a work that took years for the author and a small army of reviewers and fact checkers to put together. It's a work of stunning and meticulous scholarship, derived from tiny bits of evidence scattered all over the world. But a few disturbing facts are inescapable to anyone who reads the book fairly:
1. IBM profited handsomely selling technology to both sides throughout World War II.
2. IBM technology and technicians were indispensable to the logistics of the Holocaust. Every concentration camp had at least one IBM punch card machine, while some had dozens. IBM technicians regularly serviced these machines, and trained others to do so.
3. IBM'ers provided the technical, statistical, and theoretical knowledge to efficiently identify and target the victims of Hitler's Final Solution. When the Nazis entered a town and promptly rounded up anyone with even one Jewish grandparent, they could do so because IBM had helped them convert volumes of local and church records, documenting births, marriages, and conversions, into tidy stacks of IBM punch cards.
4, IBM's technologies also created the efficiencies by which the Nazis could enter a town and demand, say, 75 Jews for transport to the camps. IBM punch cards ran the railroads, and told the Nazis when they could schedule transports to the death camps, how many rail cars were available, and how long the lines were at the gas chambers. Whole trainloads were thus efficiently murdered within minutes of their arrival.
5. All of these efforts depended on a steady flow of millions of punch cards, which only IBM could manufacture with sufficient precision for the finicky machines. That flow never ceased; there were plenty of cards left for the Allied liberators.
Mr. Black studiously avoided making any conclusions or inferences he couldn't support from his research. (He claims to be able to produce documentation for every sentence in the book.) But I'm under no such constraint. The impression I got, from this book, is that the Germans would have been hard pressed to exterminate half as many people without IBM's help. (This might even be an understatement. In France, where IBM was weak, punch card technology was rare, and a few brave technologists sabotaged the census cards, most Jews survived. In Holland, relatively speaking a high-tech mecca and IBM stronghold, most perished despite the legendary efforts of good Dutch Christians.)
But was this perhaps just IBM's German subsidiary, acting under the constraints of one of the most brutal and tyrannical regimes in history? Not a chance. IBM kept close tabs on its operations in enemy countries, through IBM's office in neutral Geneva. And Thomas Watson, IBM's legendary president, worked tirelessly and openly to keep his business going in Nazi Germany until America's entry into the war, for which efforts Hitler awarded him the Eagle and Star, the highest honor the Nazis gave to non-Germans. IBM'ers have since done their best to erase history, but a few pictures survive:
That's Hitler and Watson on the left. Watson eventually returned the medal under intense pressure from the US government and others, but only after Hitler had overrun half of Europe and was trying to bomb London into submission.
I think that's all pretty bad.
But the war has been over for 65 years. Nearly everyone involved in IBM's shameful activities is dead, of course. Why should we care today? What does it have to do with today's IBM?
It must still have some relevance, because IBM is still stonewalling. Mr. Black dug through archives and libraries throughout the world, but over a hundred requests for information from IBM were denied. Typical responses claimed that IBM has no information relevant to that era -- this from a company with legendary archives and full time archivists on staff! I can only conclude that today's IBM is actively hiding something -- something even worse than what I've summarized above.
For better or worse, American law says that corporations are people. This has all sorts of negative effects, which I hope to write about in future blog entries. But in this case, one has to ask: if a person stands accused of this level of complicity in the largest documented act of mass murder in human history, why has he (it) not been called to account? There's no statute of limitation on genocide. If we can prosecute a sick 89 year old man for crimes committed when he was a 23-year old Nazi guard, why do we not hold accountable one of the largest and most powerful corporations in the world?
The answer, of course, is obvious: It's one of the largest and most powerful corporations in the world. If it doesn't want to be held accountable, what politician is brave enough to try to do so?
I think IBM should hold itself accountable. If I were still at IBM, after reading this, I think I'd feel honor-bound to work, quietly and internally, towards a change of policy. Today's IBM'ers are good people, and none of them are complicit as individuals in the horrors of the Nazi era. Most of them, I am sure, are completely unaware of the depth of IBM's complicity in mass murder. But they should be. I should have been.
Here are three things I think IBM should do to show that today's company is, in fact, a completely different kind of company than the one that profited by automating the Nazi genocide machine:
1. Open the archives. Whatever's in there, get it out. It may reflect badly on those who came before you, but it will reflect well on you. Your predecessors may be villains in future textbooks on business ethics, but it's not too late for you to be a hero.
2. Start a discussion, internally and externally. IBM has often set the standard for business ethics; it has been a pioneer in civil rights, diversity management, environmental responsibility, and many other areas. Today there's an opportunity to set the standard for a corporation squarely facing its past and analyzing its mistakes and wrongdoings. You could teach the whole world how a corporation -- a "person" that can live forever -- can come to terms with bad actions a lifetime ago.
3. Make amends. No, you can't bring back millions of murdered human beings, but you can and should do something, make some kind of gesture that acknowledges your unrepayable debt. I don't think the monetary reparations that Germany sent Israel after the war are the right model for what you should do today. Instead, IBM can afford to create or sponsor entire institutions dedicated to genocide prevention and/or business ethics, which might actually help prevent such horrors in the future.
Do I expect something like this to happen? Well, actually, yes -- I really do, eventually. The IBM I know is an amazing, wonderful company, which takes its current social responsibilities as seriously as any company I know. Eventually, it will have to remove its blinders and face up to its past. That time is long overdue, but I think highly enough of IBM to be sure it will happen some day. Today would be good.
Thursday, June 10, 2010
So long, and thanks for all the big blue fish!
Today I am announcing my departure from IBM, to take a job as Chief Scientist of Mimecast, a much smaller company based in London. I'm very excited about the move, even though being a Distinguished Engneer at IBM is in many ways one of the best jobs in the software/Internet industry.
I want to share a few thoughts about IBM as I depart that institution. IBM is a truly amazing place. I have been fortunate enough to work, study, or live in some of the most intellectually stimuating communities on the planet, including
Simply put, I grew progressively more dissatisfied during my time at IBM because it seems to be too big for one person -- well, for me, at least -- to have the kind of large-scale effect, on a short time frame, to which I have grown accustomed in the rest of my career.
I don't consider myself a loner. I have always done my best work as part of a team, in which each person's strengths compensate for another's weaknesses, and vice versa. But 400,000 people is an awfully big team, and I have to confess to being impatient -- once I think I've seen a good idea or an answer to a problem, I want to get it done. At IBM, more than once, I threw up my hands in frustration on a given topic, only to see the company finally take action on it a year or so later. I'm possibly just too impatient for a company the size and tempo of IBM. I consider that at least as much a personal character flaw as a problem of IBM's.
I don't expect to have that particular problem at Mimecast. Mimecast is a rapidly growing company, but still has fewer than 200 employees, a size which should prove more conducive to rapid impact and progress. To put it in perspective: at IBM, the title "Distinguished Engineer" made me, on paper, one of the 600 or so most influential technical people in the company. In contrast, *every* employee of Mimecast is one of the most influential 200. As Chief Scientist I can reasonably hope to make a bigger impact in a month or two than I made in seven years at IBM.
Worse, at IBM, I have had to fight a perpetual tendency to see myself as a failure, just because it's so hard to have an impact on a scale I find meaningful. Perhaps my real failing is an inability to be content as a small cog in a big machine. At any rate, I now expect to begin again to emphasize what I see as my strengths -- finding creative solutions to technical and business problems, and helping to build an organization that implements those solutions.
My three decades in the Internet industry have been very rewarding, but I'm not ready to rest on my laurels. There is too much left undone, and there are too many genuine threats to the open, human-centered Internet that so many of us have worked to build.
At Mimecast, I'll be working to help realize the dream of "cloud computing" without sacrificing the values of freedom and privacy that once seemed fundamental to the Internet, but are increasingly under threat. Cloud computing could, if we let it, become the final nail in the coffin of privacy, but that doesn't need to happen. There's no reason cloud computing can't be based on the principle of giving information owners complete control over the use and disposition of their data. It's a worthy goal and an exciting challenge, and I feel ready to fight the good fight. Wish me luck!
I want to share a few thoughts about IBM as I depart that institution. IBM is a truly amazing place. I have been fortunate enough to work, study, or live in some of the most intellectually stimuating communities on the planet, including
- Deep Springs College,
- Grinnell College,
- the CS Department at Carnegie Mellon,
- University of Michigan,
- Bell Communications Research,
- and cutting edge startups, First Virtual and NetPOS.com.
Simply put, I grew progressively more dissatisfied during my time at IBM because it seems to be too big for one person -- well, for me, at least -- to have the kind of large-scale effect, on a short time frame, to which I have grown accustomed in the rest of my career.
I don't consider myself a loner. I have always done my best work as part of a team, in which each person's strengths compensate for another's weaknesses, and vice versa. But 400,000 people is an awfully big team, and I have to confess to being impatient -- once I think I've seen a good idea or an answer to a problem, I want to get it done. At IBM, more than once, I threw up my hands in frustration on a given topic, only to see the company finally take action on it a year or so later. I'm possibly just too impatient for a company the size and tempo of IBM. I consider that at least as much a personal character flaw as a problem of IBM's.
I don't expect to have that particular problem at Mimecast. Mimecast is a rapidly growing company, but still has fewer than 200 employees, a size which should prove more conducive to rapid impact and progress. To put it in perspective: at IBM, the title "Distinguished Engineer" made me, on paper, one of the 600 or so most influential technical people in the company. In contrast, *every* employee of Mimecast is one of the most influential 200. As Chief Scientist I can reasonably hope to make a bigger impact in a month or two than I made in seven years at IBM.
Worse, at IBM, I have had to fight a perpetual tendency to see myself as a failure, just because it's so hard to have an impact on a scale I find meaningful. Perhaps my real failing is an inability to be content as a small cog in a big machine. At any rate, I now expect to begin again to emphasize what I see as my strengths -- finding creative solutions to technical and business problems, and helping to build an organization that implements those solutions.
My three decades in the Internet industry have been very rewarding, but I'm not ready to rest on my laurels. There is too much left undone, and there are too many genuine threats to the open, human-centered Internet that so many of us have worked to build.
At Mimecast, I'll be working to help realize the dream of "cloud computing" without sacrificing the values of freedom and privacy that once seemed fundamental to the Internet, but are increasingly under threat. Cloud computing could, if we let it, become the final nail in the coffin of privacy, but that doesn't need to happen. There's no reason cloud computing can't be based on the principle of giving information owners complete control over the use and disposition of their data. It's a worthy goal and an exciting challenge, and I feel ready to fight the good fight. Wish me luck!
Tuesday, May 11, 2010
Facebook privacy policies over time
Matt McKeon has just posted a marvelous visualization of the evolution of facebook privacy policies over time -- just cick on the image to advance the year.
Sunday, May 9, 2010
Facebook: Too Intrusive Even for Me
I've resisted a very small urge to blog for years, so why would I start now? Simply put, I'm divorcing Facebook, so I need a new place to bloviate.
I should start by saying that I'm a huge fan of Facebook, and that I have long thought it was one of the best things on the net for promotting happiness and improving the human condition. It broke my heart, at least a little bit, when I decided yesterday that I could no longer tolerate their ever more outrageous privacy policies. This excellent article from Wired pushed me over the edge.
So, I posted what will probably be my last Facebook status update, a pointer to that article and the simple text:
I've spent my whole career telling people that privacy is, regrettably, dead, and that the only useful response to the death of privacy is to practice and teach tolerance. (If everyone with something to keep private respected everyone else's similar wishes, then technology's effect on privacy would be much less worrying.) Now, all of a sudden, I've become a privacy nut? Or, as my friend Carlyn responded to my Facebook post, "Quite a comment coming from such an exhibitionist as yourself!"
I think what's bothering me is that my lack of faith in technological protections for privacy doesn't translate to a lack of belief in basic human decency. Sure, social networking technology opens up huge areas for "monetization," but some of them, to my mind, are downright unacceptable. There need to be limits, and Facebook shows every sign of having decided to push as far and as fast as it can and let external forces set those limits -- if they can.
Are government regulators even within light-years of addressing problems like this? When I recall that we can't even agree not to sell guns to people on the terrorist watch list, it's hard for me to be optimistic.
A lot of my friends seem to be buzzing, cautiously, around the idea of an open alternative to Facebook. Their idea, more or less, is to design open protocols for social networking (based, I would hope, around OpenSocial as a starting point), Such protocols would follow traditional Internet engineering principles and allow multiple services that interact to create a "federated" social network, and can offer alternate privacy policies (and other terms) to their subscribers. And, of course, the system would be implemented as open source software.
My concern is that the biggest cost of this kind of service won't be the software. I'm all for open source, but I bet Facebook spends way more running its service than on writing and evolving the code. A large-scale service like Facebook requires serious infrastructure. There have been a few non-profits, but the vast majority of such services have been delivered by for-profit corporations, and for a good reason: they require the complex marshalling and management of a significant number of expensive resources. Those are precisely the skills at which busineess majors excel.
It would be fun to try building a more open and privacy-friendly facebook alternative, but you'd need an institutional home. Unless you could convince investors that there are enough privacy-conscious citizens to make your service profitable as a new enterprise -- and I'm skeptical -- it might be smartest to do it under the sponsorship and protection of an existing relevant non-profit such as ACLU or EFF.
Ultimately, however, I must annoy my conservative friends by saying that the best answer is probably government regulation. The fact is, we're all upset beacuse Facebook is acting like corporations have nearly always acted in the absence of any relevant legal constraints. Dare I suggest that the solution might be legal constraints, as it has been every time a new industry has emerged, matured into a near monopoly, and become abusive?
I should start by saying that I'm a huge fan of Facebook, and that I have long thought it was one of the best things on the net for promotting happiness and improving the human condition. It broke my heart, at least a little bit, when I decided yesterday that I could no longer tolerate their ever more outrageous privacy policies. This excellent article from Wired pushed me over the edge.
So, I posted what will probably be my last Facebook status update, a pointer to that article and the simple text:
"This is a good explanation of why I've mostly stopped using Facebook. I'm far from being a privacy nut -- I believe privacy is an obsolete concept -- but Facebook has gone way too far."That was hardly a profound addition to the Wired article, but it set off a small flood of messages -- the magic of Facebook, of course! -- including some from people I hadn't seen in as much as a decade. It felt like everyone was suddenly waking up to the same conclusion -- Facebook's turned into a bad guy, and we can't live without it, and we have no more trusted alternative. Like abuse victims, we still love our abuser and we don't want to divorce it, we just want it to change. But it won't change. Our privacy *is* Facebook's product, and it will milk us for as long as it can, until it is stopped either by competition or by regulation, neither of which are likely any time soon.
I've spent my whole career telling people that privacy is, regrettably, dead, and that the only useful response to the death of privacy is to practice and teach tolerance. (If everyone with something to keep private respected everyone else's similar wishes, then technology's effect on privacy would be much less worrying.) Now, all of a sudden, I've become a privacy nut? Or, as my friend Carlyn responded to my Facebook post, "Quite a comment coming from such an exhibitionist as yourself!"
I think what's bothering me is that my lack of faith in technological protections for privacy doesn't translate to a lack of belief in basic human decency. Sure, social networking technology opens up huge areas for "monetization," but some of them, to my mind, are downright unacceptable. There need to be limits, and Facebook shows every sign of having decided to push as far and as fast as it can and let external forces set those limits -- if they can.
Are government regulators even within light-years of addressing problems like this? When I recall that we can't even agree not to sell guns to people on the terrorist watch list, it's hard for me to be optimistic.
A lot of my friends seem to be buzzing, cautiously, around the idea of an open alternative to Facebook. Their idea, more or less, is to design open protocols for social networking (based, I would hope, around OpenSocial as a starting point), Such protocols would follow traditional Internet engineering principles and allow multiple services that interact to create a "federated" social network, and can offer alternate privacy policies (and other terms) to their subscribers. And, of course, the system would be implemented as open source software.
My concern is that the biggest cost of this kind of service won't be the software. I'm all for open source, but I bet Facebook spends way more running its service than on writing and evolving the code. A large-scale service like Facebook requires serious infrastructure. There have been a few non-profits, but the vast majority of such services have been delivered by for-profit corporations, and for a good reason: they require the complex marshalling and management of a significant number of expensive resources. Those are precisely the skills at which busineess majors excel.
It would be fun to try building a more open and privacy-friendly facebook alternative, but you'd need an institutional home. Unless you could convince investors that there are enough privacy-conscious citizens to make your service profitable as a new enterprise -- and I'm skeptical -- it might be smartest to do it under the sponsorship and protection of an existing relevant non-profit such as ACLU or EFF.
Ultimately, however, I must annoy my conservative friends by saying that the best answer is probably government regulation. The fact is, we're all upset beacuse Facebook is acting like corporations have nearly always acted in the absence of any relevant legal constraints. Dare I suggest that the solution might be legal constraints, as it has been every time a new industry has emerged, matured into a near monopoly, and become abusive?
Subscribe to:
Comments (Atom)