Pot of gold at the wireless tap; Tom and Jerry, all over again; Where there’s E, there’s V

Books2Byte – February 2003


Pot of gold at the wireless tap

D. Murali

eWorld offers a peek into `the savvy investor’s guide to profiting from the wireless wave.’


FOR more than a century, since the pioneering work of Marconi, wireless technologies have teased investors with their potential for runaway profits. A line like that in the blurb of a book sounds as the right medicine now, when profits are running away from businesses. Tom Taulli and Dave Mock join to provide “the savvy investor’s guide to profiting from the wireless wave” in “Tapping into Wireless” – with `inside details’ on a `fledgling but well-entrenched industry’ that can offer `virtually limitless investment growth’. That should be enough of a teaser for those raring to go. A few snatches:

  • Many forecasts in the 1980s said that there would be 100 million worldwide cellular subscribers by 2005. This mark was passed way back in 1997. The US alone passed this mark 5 years early.
  • Average Revenue Per User (ARPU) is the most prominent metric for service providers because it generally measures the quality of customers the provider attracts. This number is usually stated in monthly terms. A low ARPU relative to the competition shows that a company’s services are more appealing to cheapstakes.


  • One of several key factors in placing a large colour display into a cellular phone is the amount of battery power it consumes. Since phones are already draining the battery to provide basic voice functions, adding a bright, colour LCD makes it tough to still provide talk and standby times. Therefore, one of the large technical hurdles in the area of displays is to make them consume as little power as possible while still giving a good visual experience.
  • Currently, wireless security is somewhat lax. In early 2001, researchers from the University of California found security holes in the so-called Wired Equivalent Privacy (WEP) algorithm in the IEEE 802.11b standard. Basically, WEP is supposed to protect wireless communications. In fact, some hackers were able to break into corporate networks remotely, say, from a laptop in a car across the street from the company.
  • Mobile communications are becoming a way of life, and people everywhere are learning the unique benefits that a small hand-held device can bring. These are exactly the types of markets that investors dream about: worldwide appeal, plenty of growth potential, and unlimited niche possibilities developing over time.

Do you hear the ring tone?


Going, going, go online

There are three reasons why your business needs to take advantage of online auctions: (a) Online auctions provide instant, low-cost exposure to new markets and opportunities; (b) auctions help you enhance brand loyalty; and (c) it is virtually certain that your sharpest competitors are already there. But how can companies tap the power of online auctions to maximise revenue growth? Leland Harden and Bob Heyman have the answers in “Auction – App” – `the first book to explore the exciting new world of B2B and B2C online auctions from a marketing point of view’. As the back cover states, the book details how companies – from hometown mom-and-pop stores to multinational corporations – are using Internet auctions to find the best deals on goods and services while, at the same time, locating cost-effective markets for their frontline products and excess inventory. More:

  • In reverse auction, a buyer comes to the marketplace and says, “This is what I want. Who’s going to give me the best deal?” Then, of course, sellers lower their prices in an open market, competing with one another to provide the buyer with the best possible deal for the requested item.
  • Having captured most of the Internet auction market, eBay has a new goal: to become the “operating system” for all related e-commerce over the Internet… It would become possible for eBay to manage literally billions of transactions per day.
  • Auction buyers come in two flavours: those who are using this venue because they need to search for the lowest prices, and those who enjoy the game of trying to “win” against other bidders who want the same item. Promotional auctions are aimed at the people with money in their pockets, so it behoves you to give them the best entertainment value for their trading bucks.
  • Internet shoppers have proved to be attracted to contests and promotions. Everyone likes to get something for nothing. A properly designed contest or sweepstakes can result in substantial traffic. If you don’t have the creativity to design and run a contest yourself, the whole project can be outsourced to specialty marketing firms.
  • Auctions are the ultimate engines for establishing a product’s or service’s true market value. Consumers are no longer constrained in their ability to research, negotiate, or find the best price for virtually anything for which they are looking. They hold the cards now, not you.

So, you better hold the book.

Miles to go before KM is reached

When business slows down, companies find they have real people and virtual profits. The solution lies in having virtual business and real profits. Which means capitalising on the universe of knowledge within the company – that is information traversing seemingly infinite pathways – and leveraging intellectual capital. Pioneering thinkers have shared their thoughts in “Knowledge Management and Networked Environments”, a book edited by Alfred Beerli. A few excerpts:

  • Most companies are still using a traditional accounting framework to report performance and this does not adequately account for intellectual capital and intellectual assets. This is particularly true of companies in knowledge-intensive industries. The lack of standards for performance management of intellectual capital and assets poses a problem for management, since return on investment for knowledge facilitation initiatives may be rather challenging to calculate.
  • For buyers to feel that it is worthwhile for them to disclose information, they must be provided with incentives. Customers are assumed to place economic value on the information that is generated through transacting, communicating, and collaborating with them and are willing to release this information if they can profit by doing so (e.g., compensation, gifts, coupons, rebates, special offers). Airlines’ frequent flyer programs are a prime example of customers’ economic calculus at play.
  • Explicit knowledge can often be easily transferred through electronic media or other forms of documents such as manuals and handbooks. But knowledge can also exist in stories, actions, metaphors, analogies, behaviours, or visions. Sharing this implicit knowledge is more difficult, since the direct interaction of the people inside the organisation is crucial.
  • Even in turbulent times, companies need a system to capture the innovative and very often intuitive ideas of talented people both in and outside their organisation.

Relying only on the `gut feeling’ of the CEO, trial and error, or just simply pure luck may lead to a successful strategy once, but it is most unlikely that a second superior strategy will be crafted once the current one is outdated.

  • New times call for new forms of learning, or creating and exploiting knowledge, and for a new approach to training.

Pressures such as “just in time” or “on demand” increase the need to modify the way we learn. And the biggest conundrum of all is the fact that 60 per cent of the careers that are going to exist in ten years’ time don’t exist today.

A more frightening corollary would be: 60 per cent of careers that exist today will cease to be around in about a decade.

Books courtesy: Landmark. http://www.landmarkonthenet.com

Wednesday, Feb 05, 2003



Tom and Jerry, all over again

D. Murali

It’s a cat-and-mouse game all over again, on the lines of Tom and Jerry. Security experts and hackers are seeking ways to outwit each other. Here’s fresh hope on the fortification.


IF you are familiar with Tom and Jerry, hacking and security measures are no different. When breaches are found, fortification is carried out, and soon there are new security breaches, and so John Chirillo comes with a second edition of his book “Hack Attacks Denied” in the area of network security for Windows, Unix and Linux networks, packed with about 400 pages of `fresh material’. And as the back cover announces, there are over 170 new countermeasures, patches for top 75 hack attacks, `TigerSurf 2.0 Intrusion Defense’, cleanup and prevention of malicious code including Myparty, Goner and so on. A few excerpts follow:

  • To prevent unauthorised or malicious SMTP (Simple Mail Transfer Protocol) usage, it is important to configure the service to act as a mail routing gateway, but from within the local mail domain. The daemon should never accept outside routing requests. It is also advisable to configure extensive logging with some form of archival processing, to facilitate conflict troubleshooting, and in some cases, to be used as evidence for potential hack attack prosecution.
  • Tauscan is a powerful Trojan detection and removal daemon, capable of detecting most known backdoors that are used for remote hack attacks. The program operates in the background, and surprisingly, uses very little system resources.
  • By design, many Web sites divulge critical discovery information on their “pages”. Content such as contact names, e-mail addresses, phone extensions, network infrastructure diagrams, network IP address ranges, even community names are published over the WWW. So, avoid including on Web pages contact names and e-mail addresses. In their place, you can use Web site guestbook/feedback scrips or generic mail accounts.
  • Not all cookies are bad, but many are. In fact, originally, a primary purpose of cookies was to be helpful to users; they were intended to identify user preferences before generating dynamic, custom Web pages. The downside of the process, which has been exploited by hackers, is that some sites and intranets have been designed to distinguish IP addresses and hostnames; moreover the lifespan of cookies varies, and some, called “persistent cookies”, hang around for a very long time available to hackers. Java and JavaScript work along the same line as cookies when it comes to discovery techniques. So, as with cookies, a lot of Java code on the Internet can be used against you…
  • Audit trails maintain a record of system activity by system or application processes and by user activity. In conjunction with appropriate tools and procedures, audit trails can provide a means to help accomplish several security-related objectives, including individual accountability, reconstruction of events, intrusion detection, and problem identification.

Don’t deny yourself this book.

Nuts-n-bolts of security

IN a world full of `malice and error’ how to design systems that can be resilient? Ross Anderson provides a `guide to building dependable distributed systems’ in his book “Security Engineering” – something that is `dense with anecdotes and war stories’ plus `pointers to recent research’.


A `nuts and bolts’ discussion is promised – of protocols, cryptography and access controls – as also a `lowdown’ on biometrics tamper resistance, security seals, copyright marketing and so on. Read on:

  • A competent opponent who can get a single account on a shared computer system can usually become the system administrator fairly quickly; and from there he can do whatever he likes. The typical exploitation path is thus outsider to normal user to administrator, with the first of these steps being the hard one.
  • When designing protocols that update the state of a distributed system, the conventional wisdom is ACID – transactions should be atomic, consistent, isolated, and durable. A transaction is atomic if you “do it all or not at all” – which makes it easier to recover the system after a failure. It is consistent if some invariant is preserved (e.g. debit to equal credit).
  • Transactions are isolated if they look the same to each other, that is, are `serialisable’. And they are durable if once done they can’t be undone.
  • If any biometric becomes very widely used, there is increased risk of forgery in unattended operation: voice synthesisers, photographs of irises, fingerprint moulds, and even good old-fashioned forged signatures must all be thought of in system design. Biometrics is usually more powerful in attended operation. Also, many biometric systems achieve most or all of their result by deterring criminals rather than being effective at identifying them.
  • Whether GSM (Global System for Mobile Communications) security was a success or a failure depends on whom you ask. From the point of view of cryptography, it was a failure. Both the Comp128 hash function and the A5 encryption algorithm were broken once they became public. In fact, GSM is often cited as an object lesson in Kerckhoff’s Principle – that cryptographic security should reside in the choice of the key, rather than in the obscurity of the mechanism. The mechanism will leak sooner than later, and it’s better to subject it to public review before, rather than after, a hundred million units have been manufactured. From the phone companies’ point of view, GSM was a success. From the criminals’ point of view, GSM was also fine. It did not stop them stealing phone service.
  • Be sure to learn of vulnerabilities as soon as you can – and preferably no later than the press (or the bad guys) do. Listening to customers is important; provide an efficient way for them to report bugs. Consider offering an incentive. And have a plan to deal with the press. The last thing you need is for dozens of journalists to call and be stonewalled by your switchboard operator as you struggle madly to fix the bug. Ship your press release as soon as the first (or perhaps the second) journalist calls.

Buy this `engineering’ book even if you’re an accountant.

Tick your choice

A presentable qualification in the vitae of IT security professionals is the Certified Information Systems Security Professional (CISSP) tag offered by ISC2. The exam experts, Ronald Krutz and Russell Dean Vines, provide `an arsenal of inside information on CISSP and how to master the certification test’ in “The CISSP Prep Guide Gold Edition 2003”. The book packs about 700 Q&A, covering the ten domains in the syllabus. Take on a few questions from the book:

  • According to NIST, which choice of the following is not an accepted security self-testing technique? (a) War Dialling; (b) Virus Distribution; (c) Password Cracking; (d) Virus Detection.
  • A “back door” into a network refers to what? (a) Socially engineering passwords from a subject; (b) Mechanisms created by hackers to gain network access at a later time; (c) Undocumented instructions used by programmers to debug applications; (d) Monitoring programs implemented on dummy applications to lure intruders.
  • A form of digital signature where the signer is not privy to the content of the message is called a: (a) Zero knowledge proof; (b) Blind signature; (c) Masked signature; (d) Encrypted signature.
  • The definition “A relatively small amount (when compared to primary memory) of very high speed RAM, which holds the instructions and data from primary memory, that has a high probability of being accessed during the currently executing portion of a program” refers to what category of computer memory? (a) Secondary; (b) Real; (c) Cache; (d) Virtual.
  • In software engineering, the term verification is defined as: (a) To establish the truth of correspondence between a software product and its specification; (b) A complete, validated specification of the required functions, interfaces, and performance for the software product; (c) To establish the fitness or worth of a software product for its operational mission; (d) A complete, verified specification of the overall hardware-software architecture, control structure, and data structure for the product.

Go for the `Gold’.

Books courtesy: Wiley Dreamtech India P Ltd.www.wileydreamtech.com

Wednesday, Feb 12, 2003



Where there’s E, there’s V

D. Murali

Get the latest picture on the virtual cousins.

 V business

WHEN we are talking about electronic developments, the virtual cousins are not far off. That is why “E-Commerce and V-Business” – as the title of a book by Stuart Barnes and Brian Hunt – sounds so natural as saying Bombay Sisters or Asia Brothers in a concert schedule. The book examines the impact of the Internet and associated technologies on two related aspects of business: electronic commerce and virtual organisation. The authors show “how forward-thinking companies are reaping considerable strategic advantage from exciting new business models in these areas”. There is more:

  • Classical economic theory does not usually address the issue of information, content, or knowledge as a tradable good. The value of information is traditionally seen as derived exclusively from reducing uncertainty. In the Internet economy, however, information/ content is simultaneously a production asset and a good.
  • For any community to thrive it needs to achieve a critical mass. If the chat rooms and discussion rooms are empty or do not have new content, membership dwindles quickly. Industry.Net was never able to attain the critical mass in time for the community to thrive. Since many businesses adopted a `wait-and-see’ approach, the community never took off.
  • Currently most travel agencies focus resources on providing their customers with a transaction and reservation service. Instead they could try shifting the emphasis to providing an information service. Providing a wealth of information via a Web site with relevant links to other sites could do this.
  • Interorganisational systems (IOS) refer to the computer and telecommunications infrastructure developed, operated and/or used by two or more firms for the purpose of exchanging information that supports a business application or process.
  • There needs to be a high degree of trust amongst virtual organisation members and an acceptance and understanding that risk is to be somehow shared amongst those standing to benefit.
  • The assets of the virtual organisation are not traditional `bricks and mortar’, but the ability of human networks to leverage relationships and to reinvent themselves by drawing on rich memory banks and flexible workspace identifications.

Rich with academic inputs plus case studies.

Gates in the box

WELL, this is no ordinary gates, nor the box some `x’ box. We’re talking about Microsoft and its video game console, the Xbox. They say the video game industry is expected to double in sales over the next five years and that it has `already eclipsed motion pictures to become one of the largest and fastest growing markets in history’. The big gamble that Billy thought of was to enter the gaming industry with megabucks on line, chasing the idea of `the fastest, most mature, most advanced video game console ever’. How did the plan unfold? Dean Takahashi tells the story in “Opening the Xbox”. A few snatches:

 X Box

  • Because computer images consist of simple polygons that are strung together in complex meshes, the quality of computer graphics is often measured in how many polygons the machine can draw in a second. The PlayStation 2 could process a theoretical maximum of 66 million polygons per second, about 183 times faster than the 360,000 polygons per second for the original PlayStation launched in 1994.
  • WebTV had been launched with much fanfare about how it might spell the end of the PC era. But the box used a slow modem and had quirks that made PC veterans scoff.
  • It was hard to judge a game just from a sheet of paper. But Blackley made sure that the process offered some clues; he asked, for instance, that every proposal include a description of everything that happens in 60 seconds of the game. Overall, it was refreshing for Blackley to see how much creativity existed across the entire video game industry.
  • Since Microsoft was generating $1.5 billion in cash a month from its Windows and PC applications monopolies, it could afford to make big gambles. Sega had been bled dry as it had to borrow more and more money to finance its hardware sales. Sony had $5 billion and Nintendo had $7 billion in cash. And Microsoft was approaching $30 billion.
  • Most Microsoft teams didn’t have real identities of their own in Microsoft’s sprawling headquarters. But the Xbox team was able to commandeer a three-storey office building in the Millennium office park. Luke designed the lobby and the main meeting room. He later shifted out of the project to redesign one of the crown jewels of Microsoft, the Windows logo.
  • Games as they exist now are extremely popular in countries like South Korea and Japan, but in the US they still have some way to go. To capture more consumers, games will have to follow them wherever they go.

So, follow the game.

The story of naughty Netty

INSIDE the Cult of Kibu and other tales of the Millennial Gold Rush” is not a children’s book about an African tribe. The book by Lori Gottlieb and Jesse Jacobs is `an intoxicating collective memoir of the American Dream gone wild’, taking one through a `tour of the New Economy’s most eventful years’. A few excerpts:


  • There were so many ideas floating around, in fact, that to break through the clutter, each had to be shortened into a recognisable phrase, often cannibalising other successful brand-name startups. The telephone service auction site called Keen.com, for instance, was billed as the “eBay of 900-number calls”. A startup that sold only balls, called JustBalls.com, was dubbed the “Amazon.com of Balls”. A funeral planning site, HeavenlyDoor.com, became known as the “Geocities of Funerals”.
  • With journalism’s cardinal five W’s and one H, the digital funding tale can, in its broadest terms, be summed up as six questions: Who’s going to fund us? What valuation should we ask for? Where’s Paul Allen when you need him? When will this round run out? Why isn’t anyone returning our calls? How did we think that?
  • Meaningless phrases and words gave way to meaningless titles. Jerry “chief Yahoo!” Yang may have started the trend, but by the late nineties, Orwellian-sounding monikers like “media evangelist,” “minister of reason,” “master of logistics,” “chief executive officer, reality,” and “manager of first impressions” (adding new meaning to the phrase “glorified receptionist”) had become the norm in Net culture.
  • Getting the word out helps, but not until there’s something tangible to promote. Yet many startups with little more than a newly registered URL cried “Web site!” prematurely. Worried that their competitors might be “first to market,” they went ahead and pitched their products without – oops – product.
  • Young or old, hip or wonk – the result was often corporate boneheadedness. It was as if each company chose from a menu called “How to Destroy a Company,” when they received their funding. Panic only exacerbated the descent.

Enjoy it as a tragicomedy.

Books courtesy: Landmark. http://www.landmarkonthenet.com

Wednesday, Feb 19, 2003




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s