Random Thoughts About Mary Meeker’s Internet Trends 2017 Presentation

Random thoughts regarding Mary Meeker's Internet Trends 2017 report:

Slide #5

The main question that popped in mind was where are the rest of the people? Today there are 3.4B internet users where the world has a population of 7.5B. Could be interesting to see who are the other non-digital 4 billion humans. Interesting for reasons such as understanding the growth potential of the internet user base (by the level of difficulty of penetrating the different remaining segments) as well as identifying unique social patterns in general. Understanding the social demographics of the 3.4B connected ones can be valuable as well as a baseline for understanding the rest of the statistics in the presentation. Another interesting fact is that global smartphones shipments grew by 3% while the growth in smartphones installed base was 12% - that gap represents the pace of the slowdown in the global smartphones market growth and can be used as a predictor for next years.

Slide #7

Interesting to see that the iOS market share in the smartphone world follows similar patterns to Mac in the PC world. In the smartphone world, Apple market share is a bit higher vs. the PC market share but still carries similar proportions.

Slide #13

The gap fill of ad spending vs. time spent in media across time follows nicely the physical law of conservation of mass. Print out, mobile in.

Slide #17

Measuring advertising ROI is still is a challenge even when advertising channels have become fully digital - a symptom of the offline/online divide in conversion tracking which has not been bridged yet.

Slide #18

It seems as if there is a connection between the massive popularity of ad blockers on mobile vs. the advertising potential on mobile. If there is such then the suggested potential can not be fulfilled due to the existence of ad blockers and the level of tolerance users have on mobile which is maybe the reason ad blockers are so popular on mobile in the first place.

Slide #25

99% accurately tracking is phenomenal though the question is whether it can scale as a business model - will a big enough audience opt-in for such tracking and what will be done about the battery drain resultant of such tracking. This hyper monitoring if achieved on a global scale will become an interesting privacy and regulation debate.

Slide #47

Amazon Echo numbers are still small regardless of the hype level. Could be fascinating to see the level of usage of skills. The number of skills is very impressive but maybe misleading (many find a resemblance to the hyper growth in apps). The increase in the apps world was not only in the number of apps created but also in the explosive growth in usage (downloads, buys) - here we see only the inventory.

Slide #48

This, of course, is a serious turning point in the world of user interfaces and will be reflected in many areas, not only in home assistants.

Slide #81

2.4B Gamers?!? The fine print says that you need to play a game at least once in three months which is not a gamer by my definition.

Slide #181

Do these numbers include shadow IT in the cloud or does it reflect concrete usage of cloud resources by the enterprise? There is a big difference between an organization deploying data center workload into the cloud vs. using a product which is behind the scenes partially hosted in the cloud such as Salesforce. Totally different state of mind in terms of overcoming cloud inhibitions.

Slide #183

The reduction in concerns about data security in the cloud is a good sign of maturity and adoption. Cloud can be as secure as any data center application and even much more though still many are afraid of that uncertainty.

Slide #190

The reasons cloud applications are categorized as not enterprise-ready is not necessarily due to their security weakness. The adoption of cloud products inside the enterprise follow other paths such as level of integration into other systems, customization fit to the specific industry, etc...

Slide #191

The reason for the weaponization of spam is simply due to the higher revenue potential for spam botnets operators. Sending plain spam can earn you money, sending a malware can make you much more.

Slide #347

Remarkable to see that the founders of the largest tech companies are 2nd and 3rd generation of immigrants. That's all for now.

A Tectonic Shift in Superpowers or What Sony Hack Uncovered to Everyone Else

Sony hack has flooded my news feed in recent weeks, everyone talking about how it was done, why, whom to blame, the trails which lead to North Korea and the politics around it. I’ve been following the story from the first report with an unexplained curiosity and was not sure why since I read about hacks all day long. A word of explanation about my "weird" habit of following hacks continuously, being a CTO of the Ben-Gurion University Cyber Security Labs comes with responsibility, and part of it is staying on top of things:) Later on, the reason for my curiosity became clear to me. As a background, to the ones who are deep in the security industry, it is already well known although not necessarily spoken out loud that attackers are pretty far ahead of enterprises regarding sophistication. The number of occurrences of reported cyber attacks in recent two years shows a steep upward curve and if you add to that three times non-reported incidents than anyone can see it is exploding. And although many criticized Sony for their wrong security measures still I don’t think they are the ones to blame. They were caught in a game beyond their league. Beyond any enterprise league. The reasons attackers have become way more successful are:

  • They know how to better disguise their attacks, using form changing techniques (polymorphism) and others.
  • They know quite well the common weaknesses in enterprises IT. You can install almost any piece of software in your lab and just look for weaknesses all day long.
  • They have more money to pour into learning the specifics of their targets and thanks to that they build elaborated and targeted attacks. In the case of state-sponsored attacks, the funds are unlimited.
  • Defensive technologies within the enterprise are still dominated by tools invented ten years ago, back then attacks were more naive if such can be said. Today we are in a big wave of new emerging security technologies which can be much more effective though enterprises enough time to get adopted.
So it is fair to say that enterprises are in a way sitting ducks for targeted attackers and I am not exaggerating here. And the Sony story was different than others for two main reasons:
  • The source of attack is allegedly originated and backed by a specific nation. And I am saying allegedly because unless you found the evidence in the computers of someone you can’t be sure and even then that person could have been entrapped by the real attackers. Professionals can quite easily cover up their traces, and the attackers here are professionals.
  • The results of the attack are devastating, and their publicity turned them into a nightmare for any CEO on earth. Some warning sign to the free world.
And Sony due to their bad luck got caught in the middle. 6a010536b66d71970c01bb07cb8c50970d-800wi Image is taken from http://www.politico.com/story/2014/12/no-rules-of-cyber-war-113785.html

The End of Superpowers

From a high-level view, it does not matter whether it was North Korea or not. The fact that such an event happened where potentially a state attacked a private company and its consequences and lack of ramifications are quite clear then this opens the path for the future to happen again and again and that what's makes it a game changer. Every nation in the world understood now they have got a free ticket to a new playground with different rules of engagement and more important different power balance. In the physical world power has always been attributed to the amount of firepower you’ve got, and naturally, the amount of firepower has a tight correlation with the economic strength of the nation. The US is a superpower. Russia is a superpower. In the cyber world these rules do not necessarily apply where you can find a small group of very smart people, and with very simple cheap tools they can wreak havoc on a target. It is not easy but possible. The attackers many times are only limited by their creativity and nothing else. In the cyber world, size matters less. Our lifestyle and lifeblood have become dependent on IT, our electricity, water, food, defense, entertainment, finance and almost everything else is working only if the underlying IT is functioning properly. Cyber warfare means attacking the physical world by digital means and the results can be no less devastating than any other type of attack. They can be worse since IT also presents new single points of failure. So if cyber wars can cause harm as real wars and size matter less wouldn’t that mean the rules of the game have changed forever?

Question of Responsibility

As soon as I heard that North Korea might be responsible for the attack I understood that Sony was caught into an unfair game and the big question is about the role of the government in defending the private sector, how and to what extent. Going back again to the physical world, in the case of a missile that is launched from North Korea onto the headquarters of Sony then the story and reaction were very much different and predictable. This comparison is valid since the damage which can be caused by such missile to the company is probably lesser from the economic perspective, not taking into account, of course, human casualties. I am not saying cyber attacks can’t cause casualties; I am just saying that this one did not. So why is there a difference in the stance of the US government? Why did Sony not ask for help and nationwide defense? The era of cyber warfare removes the clear distinction between criminal acts vs. nation wise offensive acts and a new line of thought should emerge.

So what the future holds for us?

  • A big wave of cyber attacks coming from everywhere on the globe. The “good” results of this attack will surely provide a sign of hope for all the people in the world who felt inferior from a military perspective. The attackers always go to the weakest links, so we will see more enterprises being attacked like Sony in a more severe way. A long, complicated, stealthy war.
  • A big wave of security technologies which aim to solve these problems, coming from the private and government sector. Security startups and established players in a way “enjoy” these developments where the need for new solutions is uprising steeply. I know personally some startups in Israel which can take the current advantage attackers enjoy technologies such as polymorphic cyber defense. I will elaborate on that in a future post since it deserves one on its own.
  • A long debate about who is responsible for what and what measures can be taken meanwhile - cutting down the internet across the globe won’t help anyone since there is today many ways to launch attacks from different geographic places, so location doesn’t matter anymore. It won’t be easy to create a solution which will be effective on the one hand and not limit the freedom to communicate on the other hand.

Meanwhile, you can gaze a bit at the emerging battleground

6a010536b66d71970c01b7c7271f5c970b-800wi Taken from a live attacks monitor on IPVKing

Can Microsoft afford to ignore Linux?

completed the of , their new and line of business - The Windows Observer--Antivirus, Anti-Spyware Strategy Moves Forward for Microsoft.

One line from the news caught my eye as something that makes immediate common sense but may not be right strategically after all "Not surprisingly, Microsoft will discontinue new sales of Sybari's products for the ( and ) and operating systems. It will, however, continue to sell and support Sybari software running on 's platform; the Notes installed base is predominantly -based.".

The reporter's common sense as well as Microsoft's led to the almost automatic decision for Microsoft to discontinue the Linux product line and just keep Windows-based products alive. The common sense tells us why should a company like Microsoft support the endorsement of Linux, a direct rival on their core product - the operating system.

Still, following the same line of thought a question arises, If Microsoft stops supporting this Linux-based product line, will that affect in any way world-wide Linux adoption and endorsement by other vendors and users? The only thing a move like that does is a statement of PR and market positioning that they don't believe in the existence or viable future of the Linux platform.

Let's imagine the crazy scenario where Microsoft does keep this product line alive and even invests in it some more resources. What would be their benefits and downsides on a move like that.
Benefits:
1) Gain domain expertise and intimate acquaintance with Linux developers and most important users. Linux does and will exist regardless of the decision to discontinue this product line and while years ago a move like that could have killed the "unborn child" today it is more of acknowledging and getting to know your growing "illegal son".
2) It can help them understand better the economics of Linux enterprise and consumer users as well as keep a close eye on its adoption patterns.
3) Provide a much more friendly positioning to enterprise buyers and consumers that already know that MS-Windows is no more the only alternative for running applications; an example alternative is the application environment.
4) Yesterday I read a post How Microsoft Lost the API War on "" blog that discusses thoroughly how the longstanding fortress of Microsoft operating system and its API lock-in strategy erode. It might be just an expert opinion that will not hold true by Microsoft executives but still it has a lot of common sense in it. This can be an opportunity for Microsoft to fit in the new computing landscape that is evidently mixed by nature.

Downsides:
1) The stock may suffer temporarily by Microsoft's move that admits openly Linux is here to stay.
2) The internal pride and enterprise-wide goal of keeping the title of the ubiquitous operating system will vanish. This is a matter of a cultural change.

I personally think it is time for Microsoft to acknowledge the Linux paradigm shit, wisely, and stop pretending it does not exist.

Update: See complete coverage on the move internetnews.







How MS-Office XML Strategic Move will Affect Competition

opinion on recent move by Microsoft - Microsoft Introduces XML to the Masses.

"...For Competitors: The move to published, royalty free XML makes Microsoft less—not more, as many other analysts have asserted—vulnerable to from such sources as and , with its suite. Open source systems appeal was in the low (if not nominally free) license cost, accessibility, and ease of integration across enterprise applications. For most enterprises, these factors had to be weighed against the possible disruption of business caused by introducing a new, less refined office productivity suite to massive numbers of long-accustomed Office users. By using Open Office XML, Microsoft will effectively take accessibility and interoperability out of this equation."

Although this holds true, this move will reveal a weak spot on 's end, which will be the ease of migrating documents to other formats.

Today a strong lock-in holds many users to keep on using MS-Office except for reasons of product excellence and that is proprietary file formats. Opening these formats via will ease migration to other formats and will open up "fair" competition for other alternatives.







Single Sign-On for News Sites?

Many news sites require a username and a password, which is understandable in terms of specific business model requirements. Still, the burden for news readers, who are required to register and maintain an account information for each individual site becomes a real problem. Especially considering the huge cross-linking the blogosphere offers for online news sites.

I think that a central service, which will provide a single sign-on service for these sites will be very popular. At least for me:) and few colleagues of mine as well. A different approach can be to integrate this capability into news who serve the links to those news sites.

Anyone who cares to do something about this I will love to assist if I can.







Web-based Apps Offline Capability

It seems that web based applications can accomplish today the most extensive and complex tasks that were possible before only by locally installed software. One aspect that has not been addressed by either or Firewfox, the leading web browsing software, is working offline. Although Microsoft has mentioned it in the past under the hat of Smart Client architecture still current products do not show any sign of support.

Offline capability is something not trivial for browsers to implement due to the unique needs each application has and the inability of applying a generic approach to support these different needs.

Once implemented it will remove many barriers to network computing and will enable full productivity over the web. R&D and IT maintenance costs will be lower as well as removal or at least weakening of vendor lock-in with installed software. This futuristic scenario is the dream of many vendors that wish to play and win based on quality of software and features and not on sunk cost decisions.

A hybrid solution for this problem can be in the way of downloading a reducted copy of the web application locally (Can be downloaded by the browser as part of current "work offline" implementation) and when the user is disconnected from the net, the web browser communicates with the local version of the application that has limited but complete functionality. The offline "copy" of the application will be developed by the web application developers. Once connected back to the net, the browser can transmit this changes to the site as part of the startup phase (Should be implemented in a secure manner of course) where inconsistencies and confirmation can be displayed to the connected user.

This can be implemented easily within current browser frameworks and without many incompatibility issues.

If to be done by , who tend to implement new capabilities faster, a very strong! competitive edge will emerge.







Site Footer