Amazon Internet of Things platform Just in time

Screen Shot 2015-10-09 at 5.15.48 PM

Yesterday Amazon introduced its IoT services for AWS. Bravo! Kodus to Andy Jassy and AWS leadership to identify the opportunity and responding timely with a decent product. Other cloud services may start catching up in a couple of years when they realized they missed the boat.

Four years ago, I worked for a company which was a world leader in control systems. For many of us IoT is a new concept, but it is just commoditization of control systems. There is no new concept in IoT. At the time I predicted that IoT will disrupt the control system market (I was laughed at). A market full of PLCs and Industrial computers with ridiculous programming languages and terrible data analysis products. It was obvious to me that Arduino’s and IoT will one day consume this lucrative market. I even wrote a report for my Surviving Disruptive Technology course I took at Coursera. This hasn’t happened yet but it will, sooner or later. My prediction is that it takes a few years for Amazons of the world to provide sensor network tools that are orders of magnitude nicer, and more powerful than their old sluggish enterprise counterparts. The only thing that keeps the old enterprise in place is the ability to talk to industrial motors and high voltage, three phase systems plus the complex sales structure of enterprise, yet it won’t be long before someone cracks this code too and the open IoT floods the enterprise and with it takes out a lot of legacy businesses.

In 2012, I created an IoT cloud service prototype, with similar features like the Amazon’s IoT service launched yesterday and a grand vision on analytics, I started to pitch the idea all the way from CTO to my direct management. I gave a demo to the CTO (and everybody else down the leadership ladder) and showed how these distributed sensors can communicate in real-time securely and how such platform unleashes the potential for machine learning and analytics. It was well received on the top but at the bottom, it got stuck with the mid-level management. They decided that we should pursue the idea but there were endless meetings with sparse timing and eventually no decision was made until I left there to work at Microsoft. Maybe if I was a lot more patient we would have built an IoT platform before Amazon. Same old story about large traditional corporates (I encourage you to read about the Kodak downfall and take the Coursera course, it is a very interesting contemporary tale). I wanted to build this platform which I called Wombat, as an open-source project but at the time my afternoons and weekends were busy with writing my thesis and journal papers.

I am glad that that Amazon is doing this eventually and I am sure they will kill it! Go Amazon!

P.S. Here is the link to my presentation deck I used those days to pitch my idea. If it helped you in anyway let me know.

How not to fail like Ashley Madison! or a guide to hackproof application (part 1)

Ashley madison failure


The irony of a company so built around secrecy and gigabytes of profile informations roaming around internet is hilarious!

Even Ashley Madison’s advertisement is inferring: “We are here to keep your secret”

So how did such a scandalous failure happen? I don’t know but in this post I will try to describe a (near) hack-proof architecture with the hope that it does not happen to your application.

Whatever your company does, if there is customer data somewhere, there is a risk it could leak. Security should not be taken lightly. A data breach can crush a successful company to dust in one day! And in the cloud era, you should make sure not only your application is secure, but also a breach in cloud provider does not jeopardize your data.

On the other hand, security stays in the way of productivity. Making it hard for hackers to access your data will make it hard for your own developers and analysts to do the same. The valuable resources that need to go to building the product has to go to the security.

So, “What is the minimum we should do to make our application hack-proof?”

In these series of blogs I will address this question, and we will discuss an architecture to particularly prevent these hacks:

  1. Separating data that uniquely identifies the customer from the rest of data and securing this data separately.
  2. Encrypting data such that even the breach of data and some encryption keys does not cause a problem.
  3. Hot to make sure only authenticated services from specific hosts can access your sensitive data.
  4. In the worst case scenario that a hacker has access to your application and your main credentials, and can imitate your service to get data, how to prevent large scale data breach and catch them early?

Yet another Amazonian response to NYT article, except this one has a solution

Disclaimer: This short text is not about Amazon, it is about the whole tech industry in united states.

My grandpa used to say: If you want treasure, you need work for it! Hard.

This quote, is as true for companies as is for individuals. If a company wants to do extra-ordinary things that others deem impossible, they need to work really, really, really hard and smart. Delivering a gummy bear in the same day for free and still being profitable, having the best customer service in the planet, or slashing the price on cloud and still make profit while competitors can’t even get close to that price, are incredible achievements and require a lot of work.

And people enjoy working hard when they are solving hard problems. Any person who has hiked for a peak on a weekend knows this.

So, is there a way to work mediocre and still get great results? I don’t think so.

BUT, there remains the problem of empathy. Putting a cancer survival on ‘performance improvement plan’ is (… fill up the blank), even as an isolated case.

We don’t know how to formalize empathy? When it comes to soft values, we can only hope our managers will do the right thing.

Hoping that managers who are already under pressure to deliver will do the right thing in the most complex human situation is not the right approach.

Solution is simple:
Have the policy to let employees with hardship (families with new-born child, people struggling with disease, or other issues) have long paid time offs, and give them the chance to get their acts together and help them come back to a team that is fit for their new reality.

But is this going to make the company bankrupt?
No, it is only going to improve the brand, retain talent, and improve employee moral, if “I know company is there for me in hard times, I would be there for the company in hard times too.”

This is not a new concept. There is even successful, insanely profitable business model around empathy (can you guess, yes it is insurance). A large company can easily afford to guarantee empathy in workplace, and even make profit from it.

Will this ever happen:
Yes, many companies already do such practices. Amazon’s Career Choice Program is a good example of how empathy can become a policy. As the demand for a healthier workplace grows among high skilled workers, companies will adopt better practices.

Billion dollar idea:
I can see (and hope) that there would be a billion dollar venture in future that empowers every small and large company to give their new moms long vacations. They can makes money from charging a monthly premium (from employer or as salary sacrifice) like insurance companies.

Club W! The new business model of “Scam the customers, Scam the venture capitalist”

After reading an article that mentioned “Club W“, a (so far) successful startup that sells wine “personalized” to the customer’s taste with great! price, I decided to give them a shot!

There is something great with the idea of personalized wine! With so many variety of wines and the sheer amount of wine being sold everyday which produces valuable data, this idea makes total sense. I would love to get affordable high quality wine, personalized to my taste!

However, there is a problem with my “Club W” experience. A simple one; their wine is neither personalized, nor high quality or good price! Basically they look more like a scam than a real business. They have built a website that asks you some basic questions, which at best can help them segment customers as red/white dry/sweet drinkers – not a real personalization, and get you to accept a monthly subscription by giving up a one-time discount on first purchase. A monthly subscription that you can only cancel if you call their customer service in business hours. Instead of coming up with great products with good prices, they focus on physiological tricks to get customers money. An approach that is “guaranteed” to fail on low-margin highly competitive retail market.

I think “Scam the customers, scam the investors” is a business model commonly seen in U.S. due to the large pool of potential first (and only) customers. I personally see this over, and over with companies that have terrible products and terrible service, but big marketing budget. Another example is “ADT Home Secutiry” with a two star ranking on Yelp – to get you thinking.

I developed a recipe for a successful “Scam the customer, scam the investor” business model. Don’t hold me accountable on this, but it has worked for many companies.

1 – Come up with a great idea that everybody likes, but you can not deliver on (such as affordable home security or cheap quality wine tuned to customers taste)

2 – Somehow! raise a bunch of money and build a very good marketing team.

3 – While others are trying hard to win the customers with great products, focus on getting new customers, forget about customer retention and referral, just rely on traditional / online marketing channels. You will have a good go until your marketing budget finishes.

4 – Use the sales figure growth to convince the venture capitalist that you have a great growing business.

5 – Hope that you will figure out a real sustainable business model, once you raised several hundred million dollars.

Quick Javascript encryption

Don’t use this for production:

Why interviews are failing at large and small companies?

Brian Acton, founder of WhatsApp, which was acquired by Facebook for $16B (B really B), stated in tweeter that he was rejected by Facebook in 2009!

So, you don’t hire someone for $1X0K range, then you buy him for $16B? 160,000 times more! Of course Acton would not be as valuable as an engineers, as he is as a successful entrepreneur, but my point is: If this isn’t a sign that interview processes are a failure – even at Facebook – then what is it?

How to generate human readable IDs?

All of us have been given a record number or an ID of some sort for further reference. For example, the payment receipt, or a reservation number.

It is great to have a way to uniquely identify something, but don’t you hate spelling those numbers over the phone or writing meaningless numbers on paper stickers?

What if the IDs where not so boring? Actually, they don’t have to. Feeling tired of this disconnection between databases and humanity, I suggest to translate unique ids, uniquely to funny interesting, (well yet meaningless) sentences.

I have created a shell script on my mac that generates 16, 24, 32, 40, 48, and 64 bit unique IDs.

Please note that there is no need to store these IDs as long strings in databse, basically every number can easily be translated to a sentence with a discrete and simple mapping:

Assume we have 2 maps of “adj” for Adjectives, and “non” for Nouns. Use the following rule to generate the human readable IDs.

For example a 32 bit ID: adj  non “with” adj non

In above every adj, or non translates to 8 bit. We just need to keep two list of 256 words. One for adj and one for non.

Below is some examples for generating random IDs:

Read the rest of this entry »