Friday, November 26, 2010

Why Microsoft Wants Novell's Patents

On Monday, Novell let it be known that it would be acquired by Attachmate Corporation in a deal worth $2.2 billion. Meanwhile, in a Form 8-K filing with the SEC, Novell stated that it "will sell to CPTN all of Novell's right, title and interest in 882 patents ... for $450 million in cash." CPTN Holdings LLC is a consortium of technology companies organized by Microsoft.

Immediately, people began to speculate that the reason Microsoft would bid such an enormous amount of money to obtain Novell's patent portfolio (which, by the way, comes to only 462 issued U.S. Patents; the 882 figure represents applied-for patents as well as issued patents) is to get its hands on the intellectual property around UNIX. (Novell acquired UNIX from AT&T in the 1990s.)

But it now appears that Novell will not be selling UNIX patents as part of the CPTN deal. So the $450 million question is: What, exactly, is Microsoft (via CPTN) paying all that money for?

I'll offer my own speculation. (Disclosure: In 2006 and 2007, I was a member of Novell's Inventions Committee -- the company's internal patent-oversight board. I don't maintain "special connections" with the Committee, however, nor do I pretend to speak for Novell.) If you look at Novell's patent portfolio as a whole -- and in particular, if you look at the bulk of the work done in the past five years -- you can't help but notice that the single largest category of inventions has to do with security.

If you go to the USPTO website and so a search on patents with "security," "trust," or "authentication" in the Abstract, where Novell is the Assignee, you'll come up with 60 hits. The search query I used was:

(((ABST/security OR ABST/authentication) OR ABST/trust) AND AN/Novell)

If you do a search on ABST/encryption, you'll get another 12 hits. That's 72 hits out of 462 granted patents (roughly 16% of the total) having to do with encryption or security.

Microsoft is well aware of its lagging reputation in matters involving security. And the company well knows that the success of its initiatives in cloud computing, collaboration, and social networking will depend, in large measure, on whether it can present a credible security story to customers. There's a lot at stake (to put it mildly). Compared to the size of the cloud computing, collab, and social markets, $450 million is a pittance.

How good are Novell's security patents? That's another question. Many (not all) of them are genuinely clever. Exactly which ones Microsoft has its eye on, though, is a secret probably only a few people in Redmond know.

Sunday, November 21, 2010

Getting Started with Adobe AIR

It seems I'm always late to a good party. Yesterday, I finally did something I've been meaning to do for, oh, at least two years: I compiled and ran my first Adobe AIR application. And in typical masochistic fashion, I decided to do it with Notepad as my code editor and command-line tools for compilation. It's not that I can't afford Dreamweaver or Flash Builder, mind you (I have both products and recommend them highly); it was more a matter of wanting to get dirt under my fingernails, so to speak. That's just how I am.

The whole process of downloading the AIR SDK, reading online code examples, and getting my first example up and running took a little less than an hour from start to finish. There were only a couple of rough spots (both easily resolved). The first was creating my own self-signed security certificate. I did this with the ADT tool that comes with the AIR SDK. The magic command-line incantation that worked for me was:

adt -certificate -cn SelfSign -ou KT -o "Kas Thomas" -c US 2048-RSA cert.p12 password1234

Naturally, you'll want to change some of the parameters (e.g., the ones with my name and initials, and the password) when you do this yourself. But running this command should produce a certificate named cert.p12 on your local drive, assuming adt.bat (Windows) is in your path.

For example code, I turned to the text editor example described here. I compiled the code with:

..\bin\adt -package -storetype pkcs12 -keystore ..\cert.p12 TextEditorHTML.air application.xml .

(running a command console from a location of C:\AIR\TextEditorHTML, with my certificate stored under C:\AIR). The first time I did this, I got an error of "File C:\AIR\TextEditorHTML\application.xml is not a valid AIRI or AIR file." If you get the "is not a valid AIRI or AIR file" error, it means you left the trailing period off the foregoing command line. (Note carefully the period after "application.xml" at the very end.)

And that was basically it. My first AIR app: done in under an hour. Now, as Shantanu Narayen says, "let the games begin!"

Thursday, November 18, 2010

The Strength of Weak Ties


Hydrogen bonds (dotted lines) are only about
5% as strong as covalent bonds (solid lines).


Last Saturday, there was a fascinating discussion on Twitter about the power of weak connections. It was a real-time Tweetup held under the banner of #ideachat, the latter being a monthly Twitter Chat focused on the process of ideation, held every second Saturday of the month at 9:00 a.m. EST. (Ideachat bills itself as "a Salon for Twitter Thinkers About Ideas." It is founded by Angela Dunn, Idea Designer and Digital Consultant, aka @blogbrevity.)

The discussion was loosely grounded in the work of Mark S. Granovetter, whose 1973 paper "The Strength of Weak Ties" (American Journal of Sociology, May 1973, pp. 1360-1380) is one of the most widely cited papers in sociology. (See also Granovetter's 1983 followup paper in Sociological Theory, "The Strength of Weak Ties: A Network Theory Revisited.")

I won't try to recap the whole discussion here, since you can read the full transcript online elsewhere. Suffice it to say that in little more than an hour, 92 people contributed 695 tweets on the subject of how weak ties contribute to the spread of ideas in social networks. The discussion seemed particularly apropos given that almost none of the discussants knew each other except through the casual, transient contact afforded by Twitter and TweetChat (the tool used by most participants in the discussion).

My main contribution to the discussion was to draw a parallel between weak social ties and the physical chemistry of hydrogen bonding. I pointed out that in chemistry, weak links (viz., hydrogen bonds) are responsible for much of what makes biomolecule behavior interesting. It's a hard point to try to make in 140 characters or less. But it's worth spending a minute thinking about.

In chemistry, there are several types of chemical bond. The strongest type is the covalent bond: This is the kind of bond that connects the various atoms in a molecule (such as the hydrogens to the oxygen in water). About 5% as strong as the covalent bond is the hydrogen bond, which represents the weak electrostatic pull between electron-rich atoms and electron-poor atoms of different molecules. About an order of magnitude weaker still is the van der Waals force between atoms. Hydrogen bonds and van der Waals interactions are transient in nature, whereas covalent bonds are (for all intents) permanent, or at least long-lasting.

It turns out that a lot of interesting chemical behavior arises from the short-lasting weak interactions that go under the name of hydrogen bonding. The concept of surface tension arises from it. Protein folding happens the way it does because of hydrogen bonding. The stickiness of adhesives is due to hydrogen bonding. (Epoxy, on the other hand, owes its strength to covalent bonds.)

At one point in the #ideachat session, I asked (rhetorically) which is more useful, Scotch tape or Krazy-Glue? Someone later suggested a better analogy would have been duct tape, or even PostIt notes (which famously rely on an adhesive that is almost -- but not quite -- ineffective). You can do a lot of useful things with Krazy-Glue (which relies on covalent bonds to get the job done), but I can think of at least 100 times more things you can do with duct tape. Tape is incredibly more versatile, even though the mechanism by which its adhesive works is fundamentally at least 20 times weaker than the mechanism behind Krazy-Glue.

In the same way, I tend to think that the weak ties engendered by things like Twitter tend, in the aggregate, to produce effects that are surprisingly far-reaching -- causing many tipping-points to be reached long before they otherwise would be.

Whether you agree with my physical-chemistry analogies or not, I encourage you to take part in the next #ideachat, which is scheduled to happen on the eleventh of December at 9:00 a.m. Eastern U.S. time. Mark your calendar. I'll see you there.