Sunday, June 26, 2011

#DevTO - You don't just write code

#DevTO started out with @kevinkvs and @jonezy thinking about the need to have a regular meet up for developers in Toronto to share and learn from each other. I first heard of this idea on Twitter from Chris and was immediately intrigued and offered to help out. @clickflickca also joined in later on the fun and brings his experience organizing and running other events around Toronto.

A big part of our jobs involves learning; from yourself and others around you. The challenges you encounter are as wide as the job titles. The other big part of the job, is showing off how you solved that problem and what you have learned.

Some of us are lucky to have a team of awesome developers that you work with every day to learn from, bounce ideas off and show off the end result. Some of us might not have that daily. How to convince your boss that the database needs optimization? How can you reduce your build time in half? Need to know about common pitfalls building mobile sites? Got some IE6 horror stories and the scars to prove them? This is where #DevTO comes in.

No matter what technologies you have used, are currently using or are thinking of learning #DevTO is for you. The broader the audience the better. This event is not just limited to developers. Kevin co-founder and Community Cobra Commander of #DevTO said it best:


If you are liking the sound of this so far then make sure you RSVP to our second event tomorrow night:



Thursday, June 16, 2011

All developers are not created equal - hence not interchangeable

Earlier yesterday I came across this article on the New York Times: Thieves Found Citigroup Site an Easy Entry. At first I thought, "Man, another big site had their customer data compromised", but as I continued reading this incident is a little bit different; especially the nature of the attack that was described in the article. The marketing and PR departments for these brands - and in this case Citigroup - need to be a little more careful about the kind of technical information that gets released when shit hits the fan.
Think of it as a mansion with a high-tech security system — but the front door wasn’t locked tight.
After reading through the article and the retarded nature of the attack you can't think of it as a mansion with a high tech security system; not even close. Some context on this attack:

In the Citi breach, the data thieves were able to penetrate the bank’s defenses by first logging on to the site reserved for its credit card customers.Once inside, they leapfrogged between the accounts of different Citi customers by inserting vari-ous account numbers into a string of text located in the browser’s address bar. The hackers’ code systems automatically repeated this exercise tens of thousands of times — allowing them to capture the confidential private data.The method is seemingly simple, but the fact that the thieves knew to focus on this particular vulnerability marks the Citigroup attack as especially ingenious, security experts said.
So, all these thieves needed to do is basically log in with their own or even someone else's Citigroup account and lo and behold this account number was present in the address bar after login. Changing it gave them access to someone else's account. A little script to repeat this for thousands of accounts and scrape the details.

This process was described by "security experts" as "especially ingenious". Really?!? This is the oldest trick in the book; i.e. mess around with the URL until you get somewhere. These "security experts" should get fired if this kind of attack was surprising.

The "what can we do, we got hacked" wagon got extremely popular in recent years, especially this year, but this Citigroup incident is different. There is no excuse for being on the "we are retards, we got hacked" wagon. When your "high-tech security system" is composed of changing account numbers in URLs, then what else can someone find if they look harder?

How does one get to this position? I think at the root of the problem is the thinking that people working in technology are interchangeable cogs in a giant machine. When you are building the pyramids, yes you can get 40,000 slaves and have them drag giant slabs of rock into place and stack them with virtually no way for an error to occur. And yes you can get another 40,000 slaves and replace the first 40,000 and they will still drag and stack the rocks as good as the previous 40,000 did. That mentality works when the tasks at hand are fairly simple and mechanical such as building the pyramids, or the production line at Ford. It is absolutely not valid in technology, yet there are many executives, project managers, and software architects today that think its possible.

The other part of the problem has to do with measuring expertise. The above assumption that developers, architects, designers, etc. are interchangeable also leads to the flawed assumption that a developer with 10 years of experience can replace any other developer with 10 years of experience as well. It is easy to get to that assumption when you think of these tasks as mechanical such as building the pyramids, or putting the wheels on a car. 10 years of experience developing doesn't have the same weight it did 30 years ago. Most developers today got into while they are teenagers, and hence by the time they graduate university they already have 10 years of experience developing stuff. Also, there are more technologies today that are available to the average developer to experiment with and try out, than there was 30 years ago. Hence why building technology systems  and development in general is a combination of science and art. The Sistine Chapel would have looked different if Leonardo da Vinci painted it instead even if he got the same directions from the Pope. The Pyramids would have looked the same regardless where the 40,000 slaves came from.

So for an online application that has to do with people's credit card accounts to fail at this level doesn't give me the warm fuzzy feeling that I should be getting when I read "Citi has implemented enhanced procedures to prevent a recurrence of this type of event." - if I were a customer.

Where else did you not do the due diligence you owe your customers? What other skeletons are in the closet? The New York Article should have started out like this:
Think of it as a tent with a zipper — but the zipper wasn’t closed.

Saturday, February 26, 2011

Rogers OnDemand Online Vs. Netflix

A week after the condo I'm renting suffered from a bathroom flood fiasco, I sat down last night to watch some TV at home. Now, my whole unit is a mess, and furniture has been moved around so I couldn't really use my TV, instead I decided to use Rogers on Demand Online (RODO). However, I am also a Netflix customer, but for some reason I chose to try RODO.

Rogers On Demand Online

I first signed up to RODO when it was in beta and was invited to sign up for it via Twitter, back then I actually liked it, the streaming was decent and I was actually impressed. That was the last time I used it until last night. Of course I forgot my password, and I needed to reset it. Strangely the guys at RODO decided that I need to answer my hint question first before they e-mail the address I signed up with the reset instructions. So off I go to the Rogers tech support page, which now seems to have a "24/7" online support chat. Yeah right. I downloaded the software they wanted, and waited for someone to "be right with me" for  quite some time - probably 10-15 minutes - before I gave up. 

Next, I call the Rogers support team and tell them the problem, they reset my password and ask me to try again. However RODO still shows my profile has been locked and I need to reset the password. The support service lady resets it again, and I still can't get in. Then *drum roll* ... dropped call.

I'm getting a little agitated right now, but I still can't log in. Then I get an e-mail to my phone saying my Rogers' portal password was reset. Great, so she ended up resetting the password to the billing portal. Isn't it bad enough that we have all these different passwords to remember, now we need to remember different passwords for the same company?

So I call them again; this time the wait time is "greater than 5 minutes". What does that mean? am I going to celebrate my 28th birthday before someone helps me?. 20 minutes later someone gets to me, and they reset the password for the right service. Awesome, now lets watch a movie. 

I log in to RODO, everything seems okay, so I start browsing the shows and movies. I don't know what the logic was for some of these movies and shows, but it almost like different channels have different presentation. The stuff that I would normally watch via Rogers on Demand on my TV looks great on the site, and I see a picture and some description and ratings. However, when I look at the stuff on TMN or another channel, it looks different. Its garbage.

Anyway, lets get on with it, so I pick a movie and then to my horror the quality was crap - even pixellated - and it was lagging as well. Great, all this for nothing. Ok, let me try a show, maybe it was just the movie. I wanted to catch up on Modern Family, so started that. No. Same shit.

Okay, I'm out of here. I leave a comment regarding their service and that I'm going to Netflix. (I'll leave the rant about the TV version of ROD for another post, but for now think about this: how come they still can't figure out how to display the full movie name? Is it really rocket science? If someone knows, please tell me, seriously, please.

Netflix

So, after my unsatisfactory experience with RODO, I go do what I should have done from the start. Netflix. Now, I signed up to that on my PS3, which I can't use right now due to the mess after the flooding, so I need to reset my password because who knows what I set it to when I created the account from the PS3. Anyway, go to netflix.com, and reset my password. Holy crap, I don't need to answer my hint question, the password reset got sent to the e-mail, amazing! 45 seconds later I am logged into my Netflix account - and even fixed my billing address since I moved 2 months ago and Netflix hasn't been able to charge my credit card. I pick a movie (and yes the selection is not as new as ROD but there are still some awesome shows, documentaries and classics there, some even delivered in HD. 

Netflix got their streaming technology nailed. Awesome quality. Great streaming. You only need to wait a minute at the start while it sets the player up, decide on the quality it will send, and buffer the movie. So why is that? Why is it that Netflix can do such a better job at the whole customer experience thing, than Rogers could?

The answer is on the Netflix Tech Blog.

Netflix is a technology firm that delivers media. Rogers is a media/communications firm, using technology to delivery media. Similar to my post about Yahoo's Culture vs. Google's Culture, Netflix would definitely have a higher innovation ratio than Rogers because of this difference in both companies. When technology is viewed as a cost center (as it is most likely the case at Rogers), then you end up with sub-par client facing technology such as Rogers On Demand Online, and even the Rogers portal itself. This goes to most "corporate web applications" as well.

As we get more entrenched in an online world, the big corporate world needs to let go of the perception that "technology" is a cost center and not a partner for delivering excellent and innovative customer experiences. 



Saturday, December 11, 2010

Mobile e-commerce & augmented reality?

When you think e-commerce what comes to mind? For me, I think Amazon.com and eBay.com. I remember reading somewhere that Amazon wasn't the first online bookstore, but in fact it was books.com - which is gone now by the way, and instead redirects to Barnes & Noble. Today, Amazon doesn't just sell books anymore, heck I can even order 18-inch wheels from there. But, what comes next? The e-commerce market is already at a point of saturation and it comes down to a battle-of-the-brands. Do I order this book from Amazon? or Barnes & Noble? or even Walmart? Should I buy a Dell from Dell.com? or from Walmart.com?

I blogged about social e-commerce at the beginning of this year, and some things are getting rolling in Collier's predictions, but we still have more to go before all her 2010 predictions are realized; sadly it won't be 2010; we're close I think, but I think social e-commerce is still a few years ahead. Its hard for these data silos to get broken down to really enable me to receiving recommendations from Amazon based on my Facebook friends or even tweets. Maybe I'm wrong.

But while these silos are up, m-commerce and augmented reality can go hand in hand, and it solves one of the problems faced by online shoppers; the "I'm not sure how this will look" problem. Its not a problem that every online store has, ex. I won't question how a PS3 will look like in my living room, nor will I question how a Mac mini will look like on my desk, so its not a problem there. It is a problem when buying something bigger, like furniture, appliances, decorations, wall paint, etc. Things that either take a lot of room, or might lead you to the dog house if your significant other does not approve take a lot of time to undo if you don't like where you placed it.

For e-commerce a picture is not worth 1000 words for most products out there. In the crazy world between my ears, I would go to the new place I'm moving into this month, pull out my iPhone 3GS and go to Ikea.com and start up their augmented reality furniture browser. I can then load up all the furniture I'm moving from the old place and see how everything comes together. It will then recommend other products based on the data it's collecting via my phone's camera, maybe different colours? maybe furniture pads to prevent the table from scratching the hardwood? Perhaps it'll recognize the TV and recommend a different place to reduce the glare in the morning since the windows face East?

Can it be done? I think so. The technology is already available. Where do you see mobile commerce heading in the next two years?

Friday, September 03, 2010

Don't tell me your TV supports Twitter (Part 2)

In Part 1 I ranted about the Samsung commercial that I caught on TV raving about accessing Facebook and Twitter from their new TV. I questioned how TV manufacturers are repeating the marketing campaigns the telecoms did a few years ago when the iPhone came out on select telecoms. The ones that weren't chosen such as Bell and Telus raved about their Blackberry, Palm and HTC lineups. They coined the term "social phones" or "smarter smart phone" and being able to access Facebook on their phones. Anyway, the future of mobile is in the apps, not the device nor the platform. I believe the same is true for TV.

In Part 2 I question the role of TV service providers and broadcasters in this new "smart TV" era that seems to be around the corner. The good thing that is going for these guys, is that they usually are Internet providers as well, or are at least partnered with an Internet provider. Smart TVs obviously need an Internet connection, so these guys will still be there. Their role could change a bit. As more Internet ready devices hit the market, it doesn't make sense for them to split their business into three lines; Internet, TV, Phone. What happens when we start getting fridges with WiFi / data chips? or washing machines? or even cars? I predict they'll just all converge into one line, connectivity and you pay for the data you use. Before we get there, we'll probably go through a stage where a standard package will give you X devices, a "gold" package gets you Y devices, and a "VIP" package gets you Z devices. Soon after that, that too won't cut it as it becomes the norm that devices have these connectivity chips built in.

Saturday, August 28, 2010

Fast Mover Advantage?

I just finished reading the book "The Accidental Billionaires" by Ben Mezrich. The book provides great stories into the lives of the "founding fathers" of probably the most successful website on the Internet today - Facebook - although it wasn't a first mover. What amazed me the most about the book is how fast everything was happening.

Maybe once upon a time "First Mover Advantage" was important, that time I believe is long gone. Maybe it was important when building and shipping any product or service was extremely costly and time consuming. It was probably an important idea or theory for the Space Race in the 60s and 70s. I don't think it is all that important today.

Image from http://www.flickr.com/photos/blackbutterfly/3051019058/

I think people should think more about the "Fast Mover Advantage" (I'm surprised there is no Wikipedia page on this today). The fast mover is able to counter all the hypothetical advantages associated with the first mover. Here is why:

Tuesday, August 24, 2010

Don't tell me your TV supports Twitter

Last night I caught a Best Buy ad on AMC about Samsung's smart/social/internet TV.  It reminded me of the Telus/Rogers/Bell BlackBerry ads a couple of years ago marketing Twitter and Facebook as features of their smartphones. They're still doing it with terms like "social phone" or "smarter smart phone" which I don't really understand.  I was still really excited about this ad, especially because it got the gears in the crazy place between my ears turning again...

Samsung seems confused about what to do with Google entering a market in which Samsung is one of the largest players. Add to that, Apple's arrival later this year with iTV. The same two companies that pretty much destroyed Samsung's chances in the phone industry. Samsung has its own OS for its phones, which also powers their smart tv - Bada. This is a bad idea:
  • PopularityRecent market results show iOS and Android capturing about 80% of the mobile web consumption. (Not including iPad). Since these numbers were gathered in June, the iPad has probably gained some more ground for iOS. Let's keep it at 80%. Samsung Bada's share is a fraction of that 10% for "Other", with probably an equal if not greater chunk of that "Other" going to SymbianOS.