Some believe “Google is evil”. Apple is vocal on privacy. Apple going to use Google Cloud?

Funny. If you’ve followed tech news recently, you couldn’t have missed Apple’s high profile court battle on user privacy. A lot of people, namely tech savvy people, are rather vocal in their belief that Google might be too casual with user privacy. The news that Apple is signing up to use Google Cloud should sound kind of ironic. To the fanbois at least.

This is business, though. As it should always be. Whether this turns out to be true or not, despite all the fuss made about Steve Jobs’ alleged vindictiveness, Apple has demonstrated pragmatism time and again. I remember the early days of Apple’s iCloud, some tinkerer had found out that it was using Microsoft Azure. Apple never said a thing about that back then.

This kind of news item should also send a message to the business decision maker. There are just too many decision makers out there that would rather not think for themselves. Whatever provider you might feel more trustworthy, at the end of the day, building the capability to leverage any Cloud service would wind up the winning strategy.

A chosen quote from the news article:

Apple signed a contract reportedly worth as much as $600 million to use Google’s cloud platform.

Source: How Google Just Landed Apple as a Customer–and Beat Amazon to It |

OpenID Connect and browser redirect, the web should get over its HTML hangover

OpenID Connect would have been superb without the annoying notion of html redirect. I despised OAuth2 for that, I jumped on the specifications of OpenID Connect thinking it would have a good answer, and I wasn’t pleased to see that it’s still there. So either vendors have an interest in keeping things that way, or there was an oversight. The latter is implausible, so it’s got to be the former.

When I saw the OpenID Connect announcement my hope just went up that, finally, OAuth2 would be getting a decent replacement and it’s annoying web browser logic would go away. Nope, it seems that’s not the case at all, so I came quickly back down to earth and needed to get this out of my system.

I started reading up OpendID Connect specifications. It looked promising until I got to the point where it mentions redirect URI (section “ Authentication Request” ), there I froze, shock and horror! I don’t get it, why would a 2014 web single sign-on standard specification have such a narrow focus.

When writing a modern web application, if architected properly, one certainly would have completely separate notions of visual and non-visual elements. A web solution that isn’t composable isn’t future-proof and is doomed to quick obsolescence. Yes, sure, the web picked up thanks to HTML and HTTP. But the Internet was there long before all that and, we’re surely heading towards an Internet where a lot of chatty stuff isn’t going to surface to a user until at the very last moment, at a final consumption point. Issues such as identification and data access are to be resolved well before anything is ready to be made visual. Authentication and authorisation are not visualisation problems, they are data access concerns. Data can and should be manipulated in a composable manner, until it’s finally rendered. There should never be any assumption about visualisation in the guts of non-visual elements. Visual elements should be calling on the non-visual elements, not the other way around. That’s how, most probably, the Internet Of Things and any great stuff looming in the horizon would be architected. In this context, I don’t get the reasoning behind tying OpenID Connect to things like browser redirects.

So, OpenID Connect rings quite a few good tones, but it didn’t seem ambitious enough for me to fully empower the next generation Internet solutions. In many ways, it looks like a vendor toy that would be great for tool vendors but developers would need to figure out ways to make it even more usable. That’s a shame, a missed opportunity.

A Personal Cloud system for iOS devices

Omnipresence, a personal cloud solution for users of Omni Group’s products. This is a nice system for the power user looking to leverage their work across devices and remain firmly in charge of the process.

Omnipresence, from Omni Group, is potentially a very good answer to the need for a Personal Cloud system. I don’t see the term Personal Cloud being hijacked by anybody yet, as far as I can tell, so I am laying claim on it.

The ability to synchronise data across all your devices is a clear problem these days. Omnipresence is addressing the issue from the perspective of Omni Group’s users, but you’d ideally want it for every kind of file. Conceptually it’s a sort or private cloud solution, but I’d rather avoid that term here to make my point independently of vendor terminologies.

The fact that you can roll your own web service is a net benefit for the user, compared to the existing solutions from Dropbox and others. Apple’s iCloud hasn’t yet solved this problem in the way that I’d want it (see my post that mentions this subject, a while back), the big players (Dropbox, Microsoft, Google, Amazon) would tie you into their own infrastructure. Aside from the catchy and quite spot-on name, Omnipresence goes in the direction that power users would appreciate more.

One potential drawback is that you’d have to raise your game in terms of Internet security. Deploying a web service (WebDav based) without hardening it is potentially disastrous, this should be done by security conscious people.

It’s too early to tell how this is going to fare, but I like the approach.

Here is a link to the original announcement article: OmniPresence document syncing

Scalability is basic hygiene for Internet Services, trade it off at your own risk

Scaling can mean a lot of things, the way companies address it and make trade-off decisions have a large impact on the user experience. I am tempted to believe that Apple may be making many software trade-off decisions by sacrificing scalability, and that is a bad idea for Internet services. Apple talks a lot about creating the best possible user experience, and it is believable judging by their success: haven’t they been at the forefront if IT consumerisation? However, many of their Internet based services just don’t seem to scale up to good user experience. With Apple’s clout and the abundant supply of talent for a company like that, I don’t understand why they’re still not plugging gaps in these Internet services. That was the reasoning behind my tweet around mid-October, where I speculated that an acqui-hire was in order for Apple.

Scaling can mean a lot of things, the way companies address it and make trade-off decisions have a large impact on the user experience. In these days of dwindling attention span, users expect snappy experience regardless of the amount of data or people interacting on any platform. I am tempted to think that Apple may have made many software trade-off decisions by sacrificing service scalability, and that is a bad idea for Internet services.

Here are some examples of what I mean:

  • Safari Reading List feature: it works well when you have just a few of items bookmarked. Since it’s easy to use, my reading list grew quite fast and this is causing Safari to become less responsive whenever I try to view the list from one of my devices.
  • iTunes Match: this is quite handy, all your music on iCloud and you can listen to them on up to 5 iOS device. However, if you have a large music library and that your Internet connection quality fluctuates, you quickly get an non responsive music playing experience. So, it appears that the Music App isn’t able to gracefully degrade iTunes Match service.
  • Using documents from iCloud: this works well with a good Internet connection, but Pages or Numbers tend to get stuck whenever something isn’t smooth in the network connection. Furthermore, iCloud documents created with a Mac are not fully supported by iOS versions, it converts them or duplicate them, it’s a pity that it works that way.
  • I can’t directly share my purchased books and PDFs between iBooks on iPhone and iPad, these need to be manually copied around and sync’ed with iTunes.
  • Apple’s App Store is getting slower and slower all the time. In the early days, it used to be fast. But nowadays, with everybody putting up App Stores, Apple AppStore service or its client applications don’t appear to be coping very well.
  • Server Manager is now a stand alone app that can be installed on Mountain Lion on any Mac and turn it into a server. That’s great, but I discovered a couple of annoying issues with it. First, if you ever touch the embedded RubyGems package then you could be in for a ride. When you dig deep into it, you see that Server Manager ships with its own PostgeSQL and Ruby on Rails distributions, so why not completely sandbox these? The second issue I found is that, as I move my laptop around it gets assigned new IP addresses that cause problems with the embedded DNS Service. Sleep/wake cause Server Manager to start up really slowly and become non-responsive for a while. I know how to work around these but not before hitting a problem.

These are different types of shortcomings that all relate to scaling trade-offs, sometimes the volume of data is causing problems, other times it’s just the way of sharing objects that doesn’t scale out across devices. If a service has an upper-bound scaling threshold, why not either advertise it or adapt the user experience to reflect that? None of the examples above could have escaped Apple’s legendary experience design and iterative refinement crafting. These have to be happening because someone thought them good trade-offs, but I can’t find a good justification for trading these off for anything else. The use cases that are covered in my examples are all too simple, predictable if not obvious for a large scale product usage.

Apple talks a lot about creating the best possible user experience, and it is mostly believable when you use their devices and also judging by their success so far: haven’t they been at the forefront if the current consumerisation? However, several Apple Internet based services just don’t seem to scale up to good user experience. This is surprising to me, because it’s impossible to imagine Apple not knowing the consequences of the trade-offs they made in this area. Yes sure, it’s hard to excel everywhere, but with Apple’s clout and the abundant supply of talent for a company like that, I don’t understand why they’re still not plugging gaps in these Internet services. That was the reasoning behind my tweet around mid-October, where I speculated that an acqui-hire was in order for Apple.

I am basing my examples here on Apple, because I experience many of their products every day. But, in fact, these observations apply to any organisation putting out Internet based services. For Internet services, designing for Scale isn’t luxury, it certainly must not be a second thought, it is fundamental to any ambitious endeavour.

Scalability is difficult to get right. Inexperienced teams would typically cry foul, the catch phrase “premature optimisation” is bandied about by people who are not sure how to go about it. That’s fair, if you don’t know how to address scaling it’s best not to try. But large companies that ship products to hundreds of millions of people cannot trade-off scalability without paying a heavy price for it. Competition is heating up, Microsoft and Google are getting better at responding to Apple’s dominance, and this will force all three to ship products that scale smoothly.

Should Users Run Their Own Cloud Crash Safety Harness?

It is clearly very hard to eliminate infrastructure outage, even for some of the biggest players in the industry. However, we are heading to an era where Cloud infrastructure may be ‘too big to fail’, are companies going to ensure they are ready for this? Ultimately, it is an issue of the economic value of risk. Those with sound risk management practice in place would have less to fear, I am not sure many have though.

The Cloud is becoming so essential to so many companies that there comes a point where provider’s infrastructure outage could cause serious liabilities. Every few months now a large Cloud provider experiences a technical incident that takes down many popular startup company web sites for several hours. These are not some odd amateur providers, we are talking about Amazon, Microsoft, Google, the biggest there is in this game. Such outages used to be the lot of Facebook or Twitter, those companies seem to have remarkably improved their infrastructure availability, it is the turn of smaller startups by way of their cloud providers.

It’s obviously very hard, if not impossible, to completely eliminate outages, but what surprises me is that these outages are taking a long time to recover from, for infrastructure serving hundreds of companies (if you consider the ripple effects).

A naive way to look at it would be to imagine that cloud providers are running specially crafted test lab that would continually run failure scenarios and teach the operations teams how to detect them, and hopefully leading to remediations that would be put in place before they are ever experienced in real-life. This may sound costly but it wouldn’t be for companies like Amazon or Google. Perhaps they actually do something like this. In this year alone, every time such Cloud incidents has occurred and were fully investigated, it turned out that the root cause could actually have been anticipated if not prevented. Arguably it’s very hard to stress and crash test a large server cluster, but these companies have the resources and know-how to model incident scenarios and run simulations. It may be that the growth rate is much higher than the occurrence of serious infrastructure incidents, making it a lower priority for provider to double down on incident prevention. I wonder then, should it be up to the users to plan for and protect themselves against such incidents?

I don’t want to oversimplify but I imagine it economical for those with high stake in the game to setup safety harnesses. The issue at hand is really that of the economic value of risk, easily determined for a business that trade by the hour, not so trivial for companies that make no money but are valued based on the user traffic they get.  Those with sound risk management practice in place would have less to fear, I am not sure many startups have though.

If a company’s valuation is determined by the traffic they generate with no associated monetary transaction then an infrastructure outage (that can be blamed on someone else) may not have such a high economic impact. However, online advertisement is a big source of income for many startups, some sell goods and services online. For these companies an untimely outage means less visitor traffic which means missed income, and for such companies it may be critical to put in place some form of cloud outage safety harness.

Dropbox called a feature, not a product. I tend to agree

I’ve never for once thought of Dropbox as anything but a transit place, a location where one drops a file waiting for somebody else to pick it up. I’m also using the free account, my motivation being that I have too many other online storage places already.

I’ve always perceived Dropbox as a transit place, a location where one drops a file waiting for somebody else to pick it up. I’m also using the free account, my motivation being that I have too many other online storage places already. I did see another article on Techcrunch, saying that Dropbox have raised $ 250M in funding, very impressive.

But I do think that this article makes an interesting read:

Microsoft are all in – is this panic in the Clouds for some?

With Microsoft’s latest push to Cloud computing, the field is likely to change significantly in many ways. For developers, a mixed-blessing as they can target the Cloud but at the same time need to architect more carefully than before. For competitors, this could mean going back to the drawing board and reviewing those marketing materials. For the end-users, security could become a nigthmare fairly quickly.

I read the news today oh boy,
the Redmond giant has just joined the war.
(my bad retake on a Beatles classic, I love The Beatles)

Now that Microsoft is all in the Cloud, things are set to change in some significant ways. Like it or not, Microsoft is doing what they’ve always done: embrace a technology promise with the intention to rule it. I’ve read a few articles and blogs mocking Microsoft’s Cloud announcement, which I found to be a misguided view on the tech giant.

Few would have forgotten, there was a time when Microsoft was scorning the Internet. Eventually, they turned around and entered the web browser market, and bossed it comprehensively, wiping out Netscape’s market in the process.

Microsoft all in the Cloud, There’s something in it for everyone.

For Microsoft Competitors: is it, Panic in the Cloud yet?

At the very least, lots of people will now have to scrub their presentation slides and other flyers, positioning Cloud as an alternative to Microsoft has become a confusing message, no longer a differentiator. Regardless of how they do it, if Microsoft says that they’re in, buyers will take notice and start to ponder their position, markets will react. That is what matters the most to Microsoft’s clients and partners alike, they’re definitely avoiding the fate of WordPerfect.

For Visual Studio Developers: is it, the strongest will surf the Cloud?

Enabling Visual Studio developers to directly target Cloud platform will be a huge empowerment to lots of developers. The ability to develop and package Azure applications from within Visual Studio is going to hit the right chord for many. The bad news is that, more than ever sound architecture design will determine success and failure. The finest developers will be able to do really nice stuff, those who just click their way to a solution will probably create a lot of mess.

For Windows users: is it, the Cloud sets you free?

With Windows applications becoming first-class Cloud clients, it become possible to manage documents on the Cloud natively from Windows and Ms Office products. The notion of office application development is extended, the office becomes virtual in a way. This could be a stretch for infrastructure management, which is likely to become significantly harder and fragmented. A lot of IT managers might be scratching their heads over this prospect, strategic sourcing might become more crucial to some organisations.

Should IT managers not buy into Microsoft’s Cloud story, this could be another “Vista moment” for Microsoft. On the other hand, we know that the knowledge worker has been clamouring to be set free of work location. Cloud enablement for the masses of Windows users could actually force IT management to accelerate their Cloud adoption schedule.

Accidental IT infrastructure tsars

Some of the most successful innovations in IT infrastructure have come about by accident, by groups who couldn’t even be taken seriously when they started their venture. Is this the beginning of a bigger movement? Is this the edge of what an Agile culture could nurture?

In the past decade, some of the most successful IT infrastructure innovations have been stumbled upon, after the originators found themselves in unanticipated conundrum! In some instances, this kind of anarchic R&D is reaping rewards of several orders of magnitude higher than walled-in research efforts.

Think about it for a moment, we are enjoying an amazing array of technology that were created after some dudes’ fiddles and ramblings forced them to rethink their infrastructure. In their travails, clever & bohemian as they are, they’ve come up with solutions that many of us can enjoy. Witnessing such success, deep pocketed vendors joined in the fun, and the field is being redefined in the process.

Once frowned upon, FaceBook is now a leading contributor to prominent open source infrastructure projects. Google’s track record is longer and deeper, their data centre innovations are being copied around the world, their latest announcement in the U.S. is just illustrating how far reaching their ambitions are. The whole No SQL movement has spawned a category of data manipulation techniques forcing a rethink of the way we manage information. Google, Yahoo! and FaceBook are all strong leaders in this space. The best example is probably the open source Unix/Linux ecosystem (counting in the OpenBSD and FreeBSD variants, which are not Linuxes). What is happening with the uptake of Cloud computing is simply amazing, would make many a veteran chuckle (isn’t this what was supposed to be uncool?). Now that heavyweights such as Oracle and Microsoft are trumpeting the Cloud, we are probably entering a new era where mix-and-match will become a norm.

These infrastructure innovations are making it easier and faster for us to do more with our computing resources. Incidentally, this is also making us more vulnerable and fragile from a security point of view. Security breaches can do much more damage much faster than ever before. This could mean that our security infrastructure is simply being thrown out, forcing us to rethink the very notion of security.

Marketing mantra aside, here looking at you Google, these infrastructure innovations have had a profound impact on the way we perform computing these days. A substantial amount of these innovations were actually not planned, they seem to have been following a kind of Darwinian evolution theory, the good ones quickly gain traction and everyone adjust their positions.

Is this the beginning of a bigger and truly world changing movement? Is this a vindication of the open source phenomenon? Is this the edge of what an Agile (Californian?) culture could nurture?

Time will tell.

With Azure, it might be game-on for Microsoft!

At their PDC 2009 edition, Microsoft outlined a strong vision which might boost them in the Cloud

I watched Microsoft PDC keynotes yesterday and it left me quite an impression: Microsoft firmly intends to be a strong force in this Cloud markets, no doubt.

Ironically, Microsoft might become a big winner here. Thinking about it, Cloud turns the clock on vendor-independence mantra: businesses would rely more than ever on their cloud provider. This works for Microsoft too: it no longer matters what platform runs your business, so long as it performs and you get the expected value from it. Naturally there remain issues around security, governance and such, issues that are open for all vendors the same way.

By delivering quality tools and performing Cloud solutions, Microsoft is in the game. If you can depend on Google of Salesforce to run your business, what other reasons can there be for snubbing Microsoft? Can anyone credibly speak of vendor lock-in as a valid argument? The other important questions to ask are then around pricing and service terms.

The vision outlined by Microsoft appears sound to me, they also appear to be engaging customers in this effort. The tooling seems to be coming along nicely too, and Microsoft is wooing celebrity developers. It seems that a larger chunk of Microsoft technology is being made available in the Clouds, that is something I didn’t expect so soon – could still be just a teaser with no real intention to deliver much, we’ll see. But my impression at the moment is: game on for Microsoft, when they start shipping Azure.

As Microsoft starts to deliver Cloud services, the playing field becomes square and they can leverage their massive momentum to gain a significant market share once again. They might actually end up dominating the Cloud in the process!

I’m loving this epic battle in the Clouds. Will it be a winner takes all?