Market Watch Archive
Market Watch
July 11, 2005
“VoIP providers are moving into uncharted waters, Cell and GSM phones have to register the phone,” Farnsworth says. “VoIP is working from a different paradigm — for example, BYOD (Bring Your Own Device) services. How do you register users and devices, authenticate users and ensure legitimate devices?”
“It's difficult to do security [for VoIP] because of its inherent complexity,” explains Internet veteran Karl Auerbach, former ICANN Director and CTO of Internetworking Labs, a VoIP interoperability testing company. “The design of VoIP protocols tries to cover as bases as possible, implementers have to deal with all these possibilities.”
, including issues regarding activation and authentication of VoIP phones. VoIP calls account for a growing number of financial transactions that are currently unsecured over the Internet.
Market Watch
June 28, 2005
To Open Source or not to Open Source - that is the question. Or is it? Open Source has matured into a robust development model, and many businesses that shied away from it are reconsidering it. The good news these days is that Open Source is no longer an all-or-nothing choice.
This article, found on linuxworld.com, summarizes the dual-licensing business model, and includes issues involved with dual-licensing and examples of companies that practice it.
Market Watch
June 22, 2005
Here is a link to the Australian government open source guide. It is a pretty good overview of different issues related to using open source products, including indemnity/warranty and issues to be aware of when using various open source licenses including the GPL.
Included is a description of the dual-licence approach for open source software vendors:
A number of open source software vendors release products under both an open source licence and a proprietary licence. This approach can work well in situations such as subcomponents or libraries. Releasing software under an appropriate open source licence increases the likelihood of broad adoption without expensive marketing. In such situations, other developers may want to build proprietary technology using the library. They generally need to opt for the version licensed on proprietary terms. Such terms generally include a royalty component, which is part of the original vendor's revenue model.
Market Watch
June 08, 2005
iRobot and Frontline Robotics are each developing robots with swarm or hive capabilities. These are robots that can make decisions as individuals but can also communicate with other robots in order to coordinate their actions to solve problems.
iRobot's SwarmBots communicate with their neighbors using their own internal messaging system. Global behaviors are formed from the interactions of many individuals by using a collection of "group behavior building blocks." [...] Proposed applications include land-mine disposal, nuclear/biological/ chemical threat detection, surveillance, and interplanetary exploration.
Frontline Robotics is developing six-wheeled unmanned ground units, or "Grunts," that are able to "perceive a security threat and take action in a coordinated manner."
Using their "hive intelligence," every robot in a team will be able to see what others see.
Market Watch
May 16, 2005
An Ars Technica article reports that,
in the new PSP, Sony has included support for 802.11b networking but has neglected to support WPA security. The WEP security protocol, which contains several major security problems, is supported but provides insufficient security. The security implications for a hand held device might not be great, but customers will have to revert to WEP on their home networks in order to maintain compatablility with the PSP.
WEP is garbage. Someone clever commented in a Sony message board thread about this issue that WEP is so insecure and fast WEP-cracking utils are so widespread and easy to use, that it's almost like there's a Ron Popeil product out that'll do it for you.
Market Watch
May 12, 2005
According to an article on Slashdot,
Palamida Inc. has created an "open-source detector" - a tool called IP Amplifier 3.0 which can match code to a database of more than 38 million commonly used open source files.
With open-source related lawsuits on the rise, a market is developing for automated tools that detect the presence of open-source code within larger application development environments. Palamida Inc. stepped in with IP Amplifier 3.0
Here is a link to a more detailed article about the market for open-source detection software and Palamida Inc.'s IP Amplifier 3.0.
Market Watch
May 06, 2005
A Linux programmer has reported a legal victory in enforcing the General Public License. CNet News.com reports that a court in Germany has issued an injunction barring a company called Fortinet from distributing products which include "initrd," a GPL-licensed linux component to which Harald Welte holds the copyright.
The case highlights the ease with which open-source software can spread across the computing industry--but also the growing pains that companies face as they adjust to new legal concepts underlying the collaborative programming approach.
In an update,
Fortinet has settled and agreed to make available the GPL-licensed components of its software and to modify its licensing agreement to include the GPL licensing terms.
Market Watch
May 05, 2005
MontaVista is changing to a royalty based sales model. This model, which is more traditional in the embedded market, can reduce upfront costs associated with per-seat licensing.
The new model is intended to appeal to those who can't spend large amounts of money on Linux products-the very customers who are most likely to build their own version of Linux instead, Ulander said.
Royalty-based sales models are common in high volume products such as
cell phones and other consumer electronics devices.
According to the article at CNET, MontaVista expects its revenue to be split between the per-seat and royalty-based licensing models.
Market Watch
April 28, 2005
According to an article in EE Times,
security is the main factor that is stalling the development of multimedia content in mobile handsets. Despite an explosion in design for mobile phones delivering digital media content such as MP3 files, streaming-TV broadcasts, and videogames, these multimedia features still aren't being offered to consumers.
What's the holdup? According to Jay Srage, cellular-system marketing manager at Texas Instruments Inc., it boils down to security, the absence of which prevents the development of content, thus stifling consumer interest in newer handsets and discouraging traffic on next-generation cellular networks. The lack of a secure mechanism to protect valuable digital content within a handset could evolve into "a killing issue" for operators.
Market Watch
April 19, 2005
As full-featured handset sales increase, with forecasts of 43% of the global handset marked by 2008,
Linux is projected for long-term smartphone dominance. Mobile platforms were scored across various criteria and Linux scored highest on the criteria that "matter most to OEMs and carriers."
Linux leads other platforms in openness and low cost - factors that are essentials to success in a market defined by tight margins, rapid innovation, and standards adherence.
PeerSec's open source MatrixSSL solution is open and cost effective for exactly these reasons.
Market Watch
April 19, 2005
A memory leak caused a disruption that inconvenienced some of Comcast's 7 million high-speed Internet customers nationwide. The problem occurred sporadically for roughly a weeklong period ending Wednesday.
Engineers have fixed the problem, which occurred in the software that enables customers to call up Web pages. [...] Comcast engineers say data that normally would be discarded remained in the system. It took up space, or memory, that should have been made available for new Web page transactions
PeerSec's MatrixSSL has support for zero memory allocations, making MatrixSSL safe for this type of operation.
Market Watch
April 06, 2005
With linux currently accounting for less than 10 percent of business,
CEO of Wind River Ken Klein sees Linux bordering on becoming half of its device software business in three to five years.
Why did you make the switch to Linux?
Klein: We responded to the demands of our customers. Customers, particularly in the telecommunications marketplace and to a lesser extent in consumer electronics, were making a beeline to Linux.
Market Watch
April 06, 2005
This article explains dual licensing and how it does not serve as a threat to open source software. The open source business model:
revolves around the open source version of the software serving as advertising for the proprietary version. [...] The proprietary versions thus help pay for the development of the open source versions. [...] None of these further dual licensing practices is a threat in either the short nor the long-term to the open source movement.
Market Watch
April 05, 2005
NetworkStreaming releases SupportDesk 8.2, a new version of their secure web based remote control solution. With SupportDesk, clients can securely access pc, mouse, and keyboard control of remote desktops simply by directing customers to a link.
NetworkStreaming's remote access greatly reduces travel expenses by enabling remote access to clients and employees from anywhere in the world. Compatible with any web browser, SupportDesk has simplified remote support for over 1000 clients worldwide, and with SupportDesk 8.2 that support just improved.
Market Watch
March 31, 2005
The security software and appliance market continues to grow, and is expected to be worth 5.5 billion worldwide by 2008.
The strong growth is being attributed to factors such as new viruses, malware and hacking attacks. Analysts said these were "compelling companies of all sizes to invest in security."
Market Watch
March 29, 2005
Systems management and security are merging due to compliance requirements.
"Security is going to fold into the systems management world because it logically doesn't make sense for you to manage infrastructure without security being weaved into every part of it," Singh said. "Eventually it will be the same market."
This supports our philosophy that security and systems management are interdependent. Security is a standard component of modern management interfaces from embedded devices to enterprise systems.
Market Watch
March 28, 2005
This is an interesting
review of the Linksys WRT54GC Compact Wireless-G Broadband Router at Lynksysinfo.org. Lynksys' tiny router is not much bigger than an ipod, at less than four inches square and less than one inch thick. Features include:
• Compact Size easily fits in laptop bag
• Competitive Price with full size and pocket routers
• Impressive Wireless performance
• Previously Unavailable features like Static DHCP available
• WPA2 Support
• Easily adds wireless to any situation
Market Watch
March 25, 2005
Persistent VoIP fraud confirms need for stronger security over Internet phones.
The emerging scams underline the lower level of security protecting Voice Over Internet Protocol, or VOIP, the Internet-calling standard that has upended the telecommunications industry over the past several years.
VoIP calls, which cost much less than calls over traditional phone networks, also offer lower security. This allows for phone scams such as: Caller ID spoofing to gain personal information like account numbers and passwords, telemarketer scams, and transferring money out of stolen credit card accounts and wire-transfer services. Members of the VoIP industry admit that they don't have a way to authenticate VoIP users.
VOIP industry pioneer Jeff Pulver, whose Free World Dialup service can be used to spoof calls, said he couldn't prevent abuse of his system.
Although
a similar article was posted 9 months ago, it seems the VoIP industry is moving towards fully authenticated call control and signaling. We've been working with several industry players to include TLS authentication directly in phone and gateway devices with MatrixSSL.
Market Watch
July 27, 2004
This computer.com article on the need for embedded security presents some scenarios of why the increasing number of embedded devices on the network require security.
From cars to cell phones, video equipment to MP3 players, and dishwashers to home thermostats—embedded computers increasingly permeate our lives. But security for these systems is an open question and could prove a more difficult long-term problem than security does today for desktop and enterprise computing.
While the thermostat or washing machine examples aren't as common a situation as networked access to critical infrastructure, the article points out that device security issues are often much higher stakes than standard PC security. The challenges in providing even a PC level of security with a basic firewall and Secure Sockets Layer for a device are requiring innovative solutions.
Market Watch
July 26, 2004
SSL VPN solutions are growing in popularity over the older IPSec technology.
SSL is immune to the network address translation problems that plague IPSec gear when it tries to establish tunnels through firewalls that change private IP addresses into public IP addresses. SSL traffic flows through firewall TCP Port 443, which is almost always left open, so no special firewall configuration is needed.
IPSec operates at a lower level of the protocol stack, so the two technologies fit somewhat different niches. IPSec encrypts all network traffic, while SSL is an application protocol level security solution. This means that SSL is easier to deploy and operate over standard network setups, but applications must be modified to be secured.
Market Watch
July 08, 2004
VoIP can be used to get around caller ID. Using a VoIP system, it is possible to both spoof any number from your caller ID, and access incoming blocked caller ID.
This arrangement relies on telephone equipment at both ends of the call being trusted: the phone switch providing you with dial tone promises not to lie about your number to other switches, and the switch on the receiving end promises not to reveal your number if you've asked that it be blocked.
This is another good example of why VoIP security standards for authentication, such as TLS for SIP need wider adoption.
Market Watch
June 11, 2004
Clay Shirky's January article on VoIP and WiFi also discusses a distruptive technology combination. He has a very common sense take on market trends that cuts through the marketing and market hype surrounding the use of new technologies.
Market Watch
June 11, 2004
Robert Cringely discusses the WRT54G router with Open Source Linux firmware and provides a good overview of the possibilities that can arise when two grassroots technologies - Public Wi-Fi and Open Source development are combined. Now see how much telecom innovation can happen without patents!
The article mentions SSH and Web access with the Sveasoft firmware. Too bad it doesn't also mention that
MatrixSSL provides the WRT54G SSL solution. With OpenSSL at 800KB, it was just too large to fit within the 4MB flash space. At 50KB, MatrixSSL was a perfect match to add security without sacrificing any of the other enhanced functionality Sveasoft provides.
Market Watch
June 11, 2004
Budgets for IT security are expected to rise:
"Information security remains a top-five issue for CIOs, and the debate regarding appropriate investment levels continues to rage," Tom Scholtz, vice president of the Meta Group's Security and Risk Strategies advisory service, said in a statement.
IT managers are looking for security features in products.
MatrixSSL provides industry standard network security for
many markets, including networking and VoIP equipment.
Market Watch
June 11, 2004
WindRiver is promoting the idea that device software is the next era of explosive technology growth. We agree that managing and securing increasingly powerful and complex devices is shaping up to be a huge challenge. As devices are more connected, and more relied upon to function without error and withstand attack, new technology is required to meet this goal.
"Software innovation in the past has focused on 'traditional IT' systems," said Stephen Balacco, analyst, of Venture Development Corporation. "The next technology wave is device software that creates new scenarios for connected smart devices. Software is increasingly the key driver of competitive advantage for manufacturers building more technologically advanced devices and will raise the notions of what embedded systems are capable of doing."
Market Watch
June 06, 2004
The BusyBox GPL Hall of Shame calls out device manufacturers who have violated the GPL license agreement by using GPL code in their hardware without releasing all the source code. LinkSys went through this for a period, and eventually opened up its firmware source as required by the GPL. This sparked a
huge boost in popularity, as custom firmware and functionality was created by developers around the world.
MatrixSSL is available as a
GPL version for open source projects, and the
commercial version is available for products exactly like these, that do not want to release their source code.
Market Watch
June 05, 2004
A security vulnerability on a common LinkSys router was found this week. The router apparently allows remote, Web based administration even if the "remote management" feature is turned off. The built-in firewall will prevent external access, but on some units this is disabled by default. A workaround is to enable the firewall and forward ports 80 and 443 to another IP address. Since the users of most routers never change the default login information, a blank username and password "admin" will allow remote access to all configuration. Since the firmware of the WRT54GS is open source, it is possible that a remote attacker could remotely upgrade the firmware of the router to run arbitrary code, for example an open spam relay.
A similar security hole was found in a popular Netgear router this week. An undocumented backdoor username and password was put in the firmware by the OEM for the product. Both LAN and WAN hosts can access the Web based configuration of the router with this password. There is no workaround in the configuration; a firmware update is available to solve the issue.
What could have been done?
- The firmware in both devices should have been audited for security by the company releasing the product. The firmware should have not passed due dilligence by LinkSys or Netgear.
- Authenticating firmware upload signatures with a trusted certificate would prevent the issue of malicious firmware updates.
- Secure, remote update of device firmware and configuration would allow manufacturers to roll out a fix without relying on users to update their passwords, firewall configuration or firmware.
Market Watch
May 15, 2004
Security Considerations for Voice Over IP Systems (1.2M PDF) draft was recently released by the US National Institute of Standards and Technology. It presents an excellent overview of the security and related performance issues with the two most common protocols for session establishment, SIP and H.323. The difficulty in providing security for unreliable packet protocols and through firewalls is also well described. TLS is one of the primary recommendations for key exchange for
secure VoIP.
Market Watch
February 24, 2004
Intel, Microsoft Corporation, BEA systems and Canon Incorporated will publish a new Web services specification,
WS-Discovery, which describes a way for a Web service to easily find and connect with other Web services over a network automatically. The publication of the specification is an effort to expand the existing Web services architecture to computing and peripheral devices that are not typically reachable through Web services, such as computer peripherals, computing appliances, and consumer electronics.
Nice to see a standard that allows discovery of Web services without UDDI. More interesting than the actual specification is what information and messages are sent in this discovery protocol, and how they match our own device Web services discovery.
Two potential issues with WS-Discovery are the reliance on Multicast and SOAP. IP and UDP multicast aren't widely routed, so internet scale discovery might be an issue. Using a P2P multicast algorithm may get around this restriction. The requirement for SOAP is not surprising at all given the sources, but SOAP processing still seems a bit heavyweight for embedded applications. Of course, discovery of devices that are behind a firewall is also not supported.
While this standard doesn't look like anything revolutionary in a technology sense, if adopted, it will allow a wide array of devices to discover each other. The semantic notion of Web services remains a problem for compatible service providers to work out (as usual).
Market Watch
December 22, 2003
LinuxDevices has 14 case studies of the use of embedded Linux in devices. Many of these projects are networked devices using TCP/IP, Bluetooth and/or GSM for connectivity. Here's an example of what a slot machine vendor has done:
The game operator can access and download cash flow data from individual gaming machines, monitor the function, collect data for service and repair, and deliver alert signals to security personnel.
Using standard operating systems such as Linux in embedded devices will make it easier for common solutions to be developed, increasing the accessibility and functionality of these devices.
Market Watch
September 30, 2003
VIA has announced the
Nano-ITX motherboard form factor. Their line of IA32 compatible embedded processors and Mini-ITX motherboards has been very popular in set top box designs, and this form factor is even smaller. The motherboard is 12cm square. The same size as a CD case. It includes a fanless 1ghz VIA Nemiah CPU that has performance similar to a 600mhz Celeron processor.
We are interested in using our software to manage the network services provided by upcoming projects using these small form factor designs, and can't wait to see what devices will be developed.
Market Watch
September 30, 2003
Another "legitimate" use of P2P protocols. There are so many useful properties to decentralized peer discovery, we really feel that the time is right to start using this technology to solve long standing scalability and cost issues for networked software. The developers of Kazaa talk about their
voice over IP software that is built on their peer-to-peer technology. The software looks similar to instant messaging applications, but uses P2P for finding and connecting to friends online.
P2P is a widely used and abused term. Software is not peer-to-peer just because it establishes direct connections between two users; most Internet software does this to some extent. True P2P software creates a network through which all clients join together dynamically to help each other route traffic and store information. The power of the network grows with the number of users.
An interesting feature of their technology is that they are not using Session Initiation Protocol (SIP), as nearly all other VoIP systems do. This is because of firewall traversal issues. Our technology at PeerSec has also has to balance standards and firewall traversal.
Our research shows that more than 50 percent of broadband users are behind NAT (network address translation) and firewalls and can therefore not make full use of VoIP solutions that are based on SIP (Session Initiation Protocol).
More information at skype.net
Market Watch
September 24, 2003
Interesting commentary on
why you would have an Internet connected refrigerator. Actually, the comments at the bottom of the article are more interesting. The general consensus seems to be that it is just not worth network-enabling most appliances. There isn't a practical mechanism to determine the items in a refrigerator, and is there really a need to monitor the power status of an appliance? Maybe in an industrial environment, or maybe for the manufacturer, but the likelyhood of a refrigerator-only power loss vs. the cost to replace spoiled food doesn't seem worth it. Even if the author was able to be notified of the problem, could he really have found a repairman, scheduled a replacement, had the food transferred and made available a key to his house, all from South Africa and before his food spoiled?
There could be some value in connecting appliances in a house through local mesh networks to a security monitoring firm which could make arrangements to take care of maintenance problems in addition to security, but at this point it's still more practical to just clean up the mess if it happens.
Market Watch
September 10, 2003
Cometa Networks will be installing 250 WiFi access points in Seattle by the end of the year. Cometa is backed by some big players including IBM, AT&T and Intel. They plan to wholesale the service to other companies. While we are in agreement that it is unclear whether or there is money to be made in personal subscription fees for such services, the increase in available Internet access is a great trend for devices. Only a small subset of people may be willing to pay for access in a building lobby or store, but a device manufacturer may be very interested in allowing network access to the device for a small fee to allow for upgrading, inventory, or fault detection.
The increase in cheap, available "last-foot" network access for embedded devices is one of the reasons that our software is even more relevant. With low priced WiFi chipsets and ubiquitous access, the barrier to effective deployment becomes management software.
Market Watch
September 08, 2003
We first read about
Intel's Personal Server back in May, but it seems to be getting more press lately. The server actually has a some of the features provided by our PeerSec technology. Each wireless device has a built in Web server that supports web services and WebDAV for file access. The device uses universal plug and play to find devices in close range. It's exciting to us to see how powerful small devices are becoming, although the use cases for this type of device don't seem as compelling as companies using
mesh networks for other purposes.
Market Watch
September 05, 2003
News.com overview of the latest consumer devices using Linux.
Linux's key advantage over other operating systems is that the core software is freely available and widely embraced. In the cutthroat electronics business where profit margins are 1 percent or 2 percent at the best of times, any measure that save money is welcome.
This slashdot article discusses recent news about Motorola using Linux (and WindowsMobile) in its new phones and selling its stake in Symbian. Several people bring up a common misconception about embedded Linux. Although changes to the kernel to allow it to run on phones must be given back to the community, this does not mean that the phone itself is open. The service providers still control what software can be put on the phone. This realization will make the news of Linux in consumer electronics less exciting for hobbyists, but is great news for us as embedded software developers.
Market Watch
August 21, 2003
Local Area Security has an open source network security package that boots directly off mini-cd. It contains a bootable version of Linux (
Knoppix), and includes network scanning software such as
Ethereal and
Nessus. At 107 MB with window manager, it's not small enough to fit on a 50 MB wallet-sized business card CD, but mini-cds are relatively portable. I suppose the same thing could be done with a flash drive or dedicated laptop, but this is a neat idea regardless.
Market Watch
August 19, 2003
O'Reilly ONDotnet has a good overview of Service Oriented Architecture (SOA). One of the cool things about SOA can be seen right in the article. Although it is in an area dedicated to Microsoft .net, the concepts discussed are not specific to any single platform or language, as this is one of the benefits to this architecture.
Today, we face complex issues like distributed software, application integration, varying platforms, varying protocols, various devices, the Internet, etc...
Key Components of SOA
The first step in learning something new is to understand its vocabulary. In the context of SOA, we have the terms service, message, dynamic discovery, and web services. Each of these plays an essential role in SOA.
PeerSec implements a secure service oriented architecture, so read on to get another perspective of the benefits of designing distributed software this way.
Market Watch
August 17, 2003
CiteSeer indexes scientific papers, and cross references the results by citations giving . This is a great way to do research on cutting edge computer science research. Here are the results for
secure peer-to-peer. Academic papers seem to be more open in their acknowledgement of competitive research than corporate whitepapers, so the linked citations usually give a pretty thorough overview of the various research projects in the technology area. CiteSeer also links to papers that cite the given paper, so derived research can be found, showing where other groups are taking the technology.
Market Watch
August 11, 2003
LinuxDevices did an embedded OS market survey in May. 54% polled indicated they would consider paying for development/support services, while 64% said they would not consider paying per-device royalties. Our business model fits well with these findings. Also, embedded Linux went from the number 2 OS, behind VxWorks, to number 1.
Market Watch
July 24, 2003
There's been recent controversy about Linksys using Linux and other GPL software on at least one of its WiFi routers without making their changes public. The motivation behind the uproar is half based on upholding the ideals of Open Source, and half wanting to hack the source for the router and utilities and re-generate working firmware. Slashdot was one of the early sources for this news,
so here's the relevant Slashdot search.
Another interesting article on the Linksys device.
We're just happy to see more devices using Linux, since our software has already been tested on several linux distributions!
Market Watch
July 22, 2003
Representational State Transfer sounds complicated, but actually describes how the Web works. There is a school of thought that Web services should operate in the same way as the Web. There is an ongoing discussion of the differences that is worthwhile understanding if you are interested in the broad scope of things that can be considered Web services. Google search for REST web services.
Market Watch
July 20, 2003
We got a kick out of this article on
no-frills Seattle startups when we were forming PeerSec. We have to agree with the no-frills aspect of things, even though we do have a foosball table and an office remarkably close to Sightward's! We've also done a lot of the work ourself, paid for by customer revenue and private investment, rather than venture capital. We're appreciative of the trend for focus to be on execution and customers, rather than hype and growth. It really caters towards smaller, less over-funded companies such as ourselves.
Market Watch
July 18, 2003
Ember has developed hardware that sets up p2p mesh networks. Their technology allows devices to route packets through other devices, allowing a wireless network to be formed in an isolated location, or at an increased distance from an internet connection. A usage example of this technology is sensors on each floor of a building that detect HVAC status, elevator status, alarm status, etc. Rather than having to wire a line to each sensor, or provide a WiFi access point on each floor, each sensor creates a wireless bubble. Ember's routing technology allows each sensor to be addressable, so a request coming in through a land line on the ground floor can be hopped from sensor to sensor until it reaches any point on the building. Ember's apis handle the autodiscovery and routing, so the network acts more like a traditional TCP/IP network. We're pretty exited about mesh networks; their hardware and low level protocols match well with our secure P2P web services technology.
Market Watch
July 13, 2003
This article gives a great overview of the type of device management our technology provides. We were forwarded this article with no reference to the author or source. Please let us know if you run across the original.
Over-the-Air (OTA) device management: Why this is important in the world of wireless
There is a growing paradigm brewing in the wonderful world of wireless. It has to do with the need to update disparate wireless handheld devices that roam in and out of coverage. Here are a few examples.
- You go to a store and buy the latest cell phone. You go home and take it out of the box, charge it and then turn it on. Wouldn’t be nice if you could just activate it using the wireless link already in the phone instead of having to call someone on the phone who has to then “program” the phone and activate it?
- Or, what happens when a handset manufacturer finds that there’s an error in the device’s firmware that controls the operation of the wireless handheld
device? Wouldn’t it be nice if the handset manufacturer and the carrier could
simply send an upgrade to the phone that would “re-flash” the firmware so that the handset’s problem could be fixed on the fly?
- Or, how do you sync up the contacts in the handheld? Today, most of us put the device in a cradle, hit a button and synchronize our contacts in the PC (from Outlook or another contact manager) with the handheld. Wouldn’t it be nice if the synchronization process would simply take place over the wireless link so you didn’t have to do the “batch sync” anymore?
It wasn’t too long ago that doing these kinds of things were something that was discussed as a visionary dream. However, do to rapid advances in both
handset design and carrier networks, these dreams are now becoming a reality. The entire category of doing system updates to wireless handsets using a
wireless link is called Over-the-Air device management or simply OTA for
short. OTA is going to become common jargon before long. Here’s why.
There are a number of different categories of OTA device management. Here’s a summary of the more important OTA categories:
Firmware Upgrade – Most new wireless handsets are being designed so they can receive an upgrade to the handset’s firmware over the air thus avoiding a product recall. It also allows a phone to go into use quicker since exhaustive testing doesn’t have to be entirely completed. If an error is discovered after the handset is in the field, then a firmware upgrade command can be sent OTA. The phone goes inactive for a short time while the firmware is upgraded (technically, the internal firmware is contained in flash which is re-written from a special upgrade area in the phone). Companies such as Bitfone, DoOnGo and Blue Iguana are working with handset manufacturers and carriers to provide such “on the fly” upgrades to wireless handsets.
Synchronization – Synchronization is typically done for the user’s calendar, contacts and email. Today, most wireless PDAs still have to be put into a cradle and synchronized with the notebook (often with Outlook or another PIM). However, companies like Good Technologies are providing OTA synchronization that maintains the status of the user’s calendar, contacts and email in the background. This provides “zero desktop management” by the user since the user doesn’t ever have to put the handheld into a cradle to re-sync the handset Instead, all the updates are sent OTA and automatically made to the information in the wireless handset.
Service Provisioning – This is the process of activation, termination and other customer support services. This is just now beginning to happen with
some carriers. It allows users to activate their wireless device OTA and immediately use their wireless handset instead of having to go through a lengthy programming procedure in the store.
Software Distribution – With the use of a small version of Java called J2ME (Java 2 Micro Edition), applications can be written once and then downloaded to the wireless device which receives the application and is subsequently run using a J2ME run-time facility when the user selects the application. The Java platform on wireless handhelds allows for the downloading of a new application that is then run on the device.
Diagnostics – This is a process a carrier can use to test the device while in the field using the wireless link. It allows for ad hoc testing and reporting of the wireless device.
Notification, Alerts – While there is standard operation for making calls, doing email and processing real-time messages, there are situations in which broadcast of alerts may be necessary either by the carrier, by government agencies or by enterprises. The use of OTA alerts is a non-standard use of the wireless device but will become more common in the future.
Push Delivery of Content – While the user can make a demand request for news, weather, sports, financial information, if the information is pushed to the device in the background without a specific request, the delivery would be considered OTA delivery of content. The Blackberry email system operates in this manner where the emails are received in the background and are not requested to be delivered by the user.
Of course, all wireless communications are not considered “OTA.” Rather, OTA
is reserved to describe the things done to the “inside” of the system rather
than the normal things done by users. They are “behind the scenes” to make the device work better. Most are completely silent while others are, at most, have the user interact with the systems process.
There may be other categories that will be developed over time. The
important thing to remember is that OTA will become an integral part of the
device management of all wireless handsets. OTA will become as common as
turning on your phone each day.
Market Watch
July 12, 2003
Nokia and HP are working together on an "embedded cell phone" that is will be used to allow devices to communicate with each other. The technology category is called machine-to-machine, and is usually associated with cell phone technology, since WiFi and Ethernet are de-facto M2M communications. Our technology works at a protocol layer above any of these interconnects, and we are excited about new initiatives to allow autonomous device communications.
M2M News.com article.
Nokia's M2M initiative.
Market Watch
July 10, 2003
This
Techweb article on Web services goes along with our practical view of Web services. Here are the main points and our commentary:
Myth No. 1: Web Services Is A Revolution
Web services aren't really that different from Corba or DCOM, especially in the ways they are being pitched by Microsoft and Sun (see point 3). They are more "open" in the sense that the major players have agreed to cooperate on the basic interaction. We actually feel that the revolutionary part of Web services is that it is NOT one standard, but rather a simple way of conceptualizing distributed applications. The "easy" factor in producing content gives a huge boost to Web services. A primary reason for the explosion of the Web was that it was finally easy for average people to create content in HTML. As HTML changed to DHTML, and the realm of professional Web designers, people have taken to Blogging to produce content. The revolution in Web services is that it will allow interactive content to be developed en masse.
Myth No. 2: Web Services Are Not Secure
Web services have become more secure since our implementation of secure Device Web Services. In practice however, even with the same security standards, it is difficult to do mutual authentication between arbitrary systems. This isn't just a Web services issue. Look at how few people use secure email,
secure SMTP transport or secure POP.
The challenge is in managing the keys, providing authorities, and minimal user setup of security parameters, which is why we've implemented this as a service in our product.
No way! What about PeerSec Networks? ;-)
Sun and Microsoft are heavily driving standards, and have the most money and mutual aggression to invest in hyping this tech. There are also simpler models of web services, that are actually more likely to be used by smaller companies or internal implementations.
XML-RPC and
REST are used heavily in open source software, including
Movable Type, the software managing these news items.
Myth No. 4: Web Services Standards Are Under Control
There's not a standard data format (even within XML Web services there are at least XML-RPC and SOAP). There's not a standard protocol (HTTP is only a suggested protocol). Web services can be implemented as a simple HTTP GET or POST of arbitrarily formatted data (REST model). Is this a bad thing? No, not from our perspective. While it can be beneficial to have standard formats, it's more important to have documented formats, preferrably with free or open-source implementation libraries. When many, many vendors "agree" on a standard, in our experience it ends up producing an extremely complex solution that is difficult to implement, and use correctly.
Myth No. 5: The Web Services Industry Has Gone Cold
The hype Web services as a panacea will die down. The technology is being implemented in a large number of new products. Also, with Corba and DCOM dying, there's not a lot of alternative.
Market Watch
July 08, 2003
Mesh Networks is another provider of p2p networking topologies, along with
Ember. There are a lot of recent articles on this topic, easiest way to index them is through a
Google Search for Mesh Networks
Market Watch
July 02, 2003
Another interesting article on Nokia's M2M work. The first commercial use is in remote monitoring of water treatment plants. Several other "IT alert" type applications are mentioned. The potential uses seems similar to when ethernet really started taking off in devices 5 years ago or so. Of course wireless opens up a whole new class of devices. The analyst in the article says:
"I would expect every major carrier to offer M2M in the next eight months, It seems like a no-brainer."
Well, it's been 8 months, but I wouldn't be surprised if this takes years to get to the US.
Market Watch
July 01, 2003
The Seattle PI VC Notebook is a good source of information on the local business climate. There are some interesting articles and a low traffic forum, but we mostly read the funding and layoff tracker running from 2000 to the present.
Market Watch
June 27, 2003
This article from 2000 predicts technology solutions similar to ours. Embedded Linux, XML and IM
Market Watch
June 27, 2003
IBM Alpha works has a Web services implementation for devices. It's not clear whether the devices can provide as well as consume services. It's also not clear from the site exactly how this technology is intended to be used, although they have ported it to Palm, Symbian and J2ME. The C implementation is based on
gSoap, which is under the Mozilla Public License.
Market Watch
June 22, 2003
Sony, Toshiba, Hitachi, and other large consumer electronics vendors have formed an organization for using Linux on consumer electronics according to this news.com article. By providing requirements for Linux on equipment such as Digital VCRs and cell phones, open source developers stand a greater chance of meeting the needs of this specific market. CELF Web page.
As device software developers, we are excited about the plans to put Linux into more devices. Being able to use standard tools, compatible make systems, full posix support and quick porting of open source projects such as OpenSSL will make ports to new devices much quicker and let us use a common, tested codebase across many devices.
Market Watch
June 15, 2003
We have been interested in the
Danger Hiptop, aka T-Mobile Sidekick, especially the new model with color screen and attractive price point. Unlimited data access through
T-Mobile is $30 a month and includes email, Web browsing, text messaging and AOL Instant Messenger.
As a device software company, we are most interested in the Sidekick as a potential platform for our software, however there are some serious problems with this currently. It is not immediately clear, but in order to develop software for the device, you must install a special development version of the OS. The software you develop cannot run on a standard device, meaning you cannot deploy it in the field. In addition, this article shows how T-Mobile is using it's remote update ability with the sidekicks to control what software is able to run, without the owner's permission. Perhaps the "owner" of the device isn't the same as the person paying for the device and its service.
Most likely, the desire to control the software and services on a device both from the developer and end-user perspective is a bid to keep T-Mobile from being just a wireless pipe, which is understandable but frustrating nonetheless.
Market Watch
June 09, 2003
Marimba, the .com darling of "push" technology formerly known for it's photogenic CEO Kim Polese, is taking their software into the embedded software upgrade market. Article from Oct, 2001. Looks like they are currently more in the enterprise upgrade and desktop management business, although their website does have an embedded section.
