Tag Archives: identity

Perfect virtualization is a threat to Windows: VMWare aims to embrace and extinguish

One advantage Microsoft Windows has in the cloud and tablet wars is that it it is, well, Windows. Microsoft’s Office 365 cloud computing product largely depends on the assumption that users want to run Office on their local PC or tablet. Windows 8 tablets will be attractive to enterprises that want to continue running custom Windows applications, though they had better be x86 tablets since applications for Windows on ARM processors will require recompilation.

On the other hand, if you can run Windows applications just as easily on a Mac, Apple iPad or Android tablet, then Microsoft’s advantage disappears. Virtualization specialist VMWare is making that point at its VMworld conference in Las Vegas this week. In a press release announcing “New Products and Services for the Post-PC Era”, VMWare VP Christopher Young says:

As our customers begin to embrace this shift to the post-PC era, we offer a simple way to deliver a better Windows-based desktop-as-a-service that empowers organizations to do more with what they already have. At the same time, we are investing in expertise and delivering the open products needed to accelerate the journey to a new way to work beyond the Windows desktop.

Good for Windows, good for what comes after Windows is the message. It is based on several products:

VMView: enables users to work on a remote Windows desktop from a machine running thick or thin client Windows, Mac, iPad or Android. Some versions let you check out a VM for offline working. Virtual desktops have advantages over local ones, in that they are more manageable, more secure, and more robust. Zapping and reinstating a virtual desktop is easier than rebuilding the OS on a physical machine. The new VMView 5.0 claims up 75 percent bandwidth improvement and better 3D graphics. Performance is always compromised to some extent, versus a local operating system, but for many business applications it is more than good enough.

VMWare Horizon: A cloud identity platform which centralizes authentication and access management. You can think of it as VMWare’s cloud-based replacement for Microsoft Active Directory. It is currently focused on access to web-based applications but at VMWorld the company announced its extension to virtual Windows applications, a capability to be in beta by the end of 2011.

Project AppBlast: Lets users run virtual Windows application in an HTML5-capable browser running on any device.

Project Octopus: a data synchronization service to enable collaboration and data-sharing, which will link to VMWare’s other services.

VMWare’s advantage is its strong technology and that Microsoft allowed its own virtualization technologies, including Hyper-V and Remote Desktop Services, to fall behind.

That said, Microsoft has made a substantial effort to catch up in the last few years. Hyper-V and System Center working together form the basis of Microsoft’s private cloud, and under the covers the Azure platform is based on Hyper-V virtual machines. Microsoft’s advantage is the notion that if you are running Windows server and Windows applications anyway, you will be better off with the built-in virtualization features rather than a third-party solution. Microsoft can also afford to undercut VMWare’s prices, because it is bundling virtualization with its operating system. Microsoft has made it easier to run mixed VMWare and Hyper-V systems by supporting VMWare with System Center.

An entrenched competitor is hard to shift though, and VMWare appears to have won the argument with Dell, which has announced the Dell Cloud based on VMWare’s vCloud multi-tenant services.

What is interesting here is not so much the question of who runs Windows applications best, in a variety of virtual scenarios, but the extent to which VMWare succeeds in establishing its own identify system as the heart of an application platform that lets enterprises move seamlessly to a non-Windows world. In other words, VMWare Horizon is now VMWare’s most strategic product. If it succeeds, then it is not only Microsoft that will need to pay attention.

Google+, Bing social search, and internet monopolies

The big new thing in social media right now is Google+, the search giant’s latest attempt to grab a slice of the social internet from Facebook and Twitter.  I have been trying it for a few days and like everyone else have enjoyed playing with circles, the ability to categorise contacts into groups and choose who you sharing with. I like that it addresses a core issue, the fact that we want to share different things with different people, but dislike the added complexity. In practice, if I have a personal message I am likely to use email or some other form of direct messaging, whereas what I post on a social networking site I will likely address to everyone.

Still, Google+ is a decent effort, and irrespective of how it compares in detail to its rivals, I think it may take off simply because Google has other properties, specifically Google search and Google Android, which will point you to it.

The value of social networks to a search company was highlighted this week, not by Google but by Microsoft at its Worldwide Partner Conference. The opening keynote was short on big news, but did include a demo of new features in Bing, that other search engine.

Stefan Weitz Director of Influentials, showed how Bing can interact with Facebook so that you search results are annotated with the preferences of your friends. Here, Weitz has searched for “Mango” and Bing shows a section of results marked as Liked by your Facebook friends:


He then searches for Hawaii hotels for kids and sees this:


Once again, he sees two of his own contacts who have Liked a specific web site. He can go to the site with more confidence, or even click the name to interact directly with his contact and find out more.

This is powerful stuff, though the examples are contrived, and this is only going to work if you and your contacts do many of the same searches with the same search engine. The Microsoft/Facebook alliance has an advantage over Google in that Facebook has a bigger and more mature social graph; but Google has the advantage of a far larger search share, especially outside the USA. On this site, for example, here are the figures for July:

  • Google 90%
  • Bing 3.7%
  • Yahoo! 3.4%

You can figure out how much that leaves for “Other”.

Another Bing move also merits reflection. Weitz went on to demonstrate how Bing wants to you to do the transaction as well as the search on its portal. It is actually fine for Bing to do this with its small market share; but I am not sure that I like the implications for search in general.

This hints at my central concern, which is monopoly. One reason I like Twitter is that I have no sense that Twitter wants to take over my digital life. I know Google does; it wants my searches, my email, my documents, my music, my location, and now my friends.

I know Facebook wants a big slice of it too; it wants me to live inside its walled garden.

These thoughts chime for me with another incident from the last few days. I posted something  for sale on eBay, the dominant online auction site, and found that it has notched up its terms and conditions with me further in its own favour by insisting that I set up automatic payment of its fees before it would allow me to post the item. It also happens that PayPal, owned by eBay, has recently sent me a notice advising that it is restricting the number of sales that can be funded by credit card, I presume because it dislikes the consumer protection gained by buying by credit card.

The connection here is that eBay and PayPal only have the liberty to make these unilateral changes in their terms because of lack of competition. Yes, there are other online markets; but if you actually want to sell stuff, there is little real-world choice. Well, there is Amazon; and there is another organisation which, for all its many merits, is constantly extending its reach.

It is curious in a way, that when the web first appeared it seemed to be a great opportunity for the little guys – because on the Internet, nobody knows you’re a dog – but what we are now seeing is that winner-takes-all applies to a degree which goes beyond anything in the bricks and mortar world.

Cloud is identity management says Kim Cameron, now ex-Microsoft

Kim Cameron, formerly chief identity architect at Microsoft, has  confirmed that he has left the company.

In an interview at the European Identity Conference in Munich he discusses the state of play in identity management, but does not explain what interests me most: why he left. He was respected across the industry and to my mind was a tremendous asset to Microsoft; his presence went a long way to undoing the damage of Hailstorm, an abandoned project from 2001 which sought to place Microsoft at the centre of digital life and failed largely because of industry mistrust. He formulated laws of identity which express good identity practice, things like minimal disclosure, justifiable parties, and user control and consent.

Identity is a complex and to most people an unexciting topic; yet it has never been more important. It is a central issue around Google’s recently announced Chromebook, for example; yet we tend to be distracted by other issues, like hardware features or software quality, and to miss the identity implications. Vendors are careful never to spell these out, so we need individuals like Cameron who get it.

“Cloud is identity management,” he says in the interview.

Cameron stands by his laws of identity, which is says are still “essentially correct”. However, events like the recent Sony data loss show how little the wider industry respects them.

So what happened at Microsoft? Although he puts a brave face on it, I am sure he must have been disappointed by the failure of Cardspace, a user interface and infrastructure for identity management that was recently abandoned. It was not successful, he says, because “it was not adopted by the large players,” but what he does not say is that Microsoft itself could have done much more to support it.

That may have been a point of tension; or maybe there were other disagreements. Cameron does not talk down his former company though. “There are a lot of people there who share the ideas that I was expressing, and my hope is that those ideas will continue to be put in practice,” he says, though the carefully chosen words leave space for the possibility that another well-represented internal group do not share them. He adds though that products like SharePoint do have his ideas about claims-based identity management baked into them.

Leaving aside Microsoft, Cameron makes what seems to me an important point about advocacy. “We’re at the beginning of a tremendously complex and deep technological change,” he says, and is worried by the fact that with vendors chasing immediate advantage there may be “no advocates for user-centric, user in control experience.”

Fortunately for us, Cameron is not bowing out altogether. “How can I stop? It is so interesting,” he says.