Sunday, July 31, 2005

The Blue Ocean Paradox

There is a wonderful book, "The Blue Ocean Strategy," now on the business best seller lists that encourages businesses to look beyond simple extensions of today's products and services, and to find their own unique products that appeal to a vast wave of new customers. It's a great book, and is one I highly recommend. And, like so many great business books, it's premised on a readily observable, widely accepted reality. We all know at face value that its message is true.

Everybody knows that the most amazing business success stories invariably involve a guy, an idea, a new way of doing things, and, an appreciative new market that flocks to buy the resulting product or service. The most-told stories of blazing growth and profits involve unknown entrepreneurs, unanticipated products, and uncharted new markets.

The VC Response To Innovation

Have you ever approached a venture capital company as an unknown entrepreneur, with an unanticipated product, aimed into an uncharted market space? If so, you know that the result can be pretty ugly. No matter how obviously your new approach strikes to the heart of a vast new sea of buyer demand, the VC guy simply points to his investment criteria, calmly explains how your oddball plan doesn't fit the mold, and then sends you along your way.

The truth is that VC companies don't want to invest into truly earth-shattering new markets and products. So, despite the known truth of the Blue Ocean Strategy, the result when trying to fund such an out-of-the-box venture is that the guys who should be most motivated to seek out businesses with the potential to carve entire new markets into existence actually turn these projects away on a regular basis. This is the Blue Ocean Paradox.

The most financially lucrative new ventures are the least attractive to venture capital companies. A little "different" is good; but, being too different is the kiss of death.

Where The VC Approach Breaks Down

Skimming the "requirements" listed on a variety of venture capital company web sites quickly points to a few common threads in their expectations. And, perversely, it is these common threads that are at the heart of why VC companies almost always pass up the most promising and profitable new ventures. Here is a look at a few of those points.

Experienced Management Team

It's amazing how nearly every VC company wants to only back an experienced management team, and will only consider projects submitted from such teams. The paradox here is that throughout history the best companies have emerged from some of the most inexperienced people on the planet. In his series of books exploring the course of innovation in modern business, Clayton M. Christensen notes that the only way to truly maximize the early success of a innovative business is to put it into the hands of managers who are not steeped in prior methods and existing habits. In other words, the only way that truly innovative business ventures can reach their highest early growth potential is when piloted by inexperienced managers... ones who are not bound by historical precedent or corporate dogma.

It's a good thing that Steve Jobs and Steve Wozniak found a private backer for their little business venture (in Mike Markkula). Their inexperience at running a computer manufacturing company would surely have seen them driven out of the offices of every VC firm in California.

Category Defining Business

VC companies make it plain that they are only really interested in companies with the potential to lead their market segment. The fallacy in soliciting only category defining companies is that the idea presupposes the existence of a quantifiable "category," in the first place. How does a VC firm react to a proposition based on opening an entirely new market? What's the response when zero financial metrics exist for such a project, because the market into which it is aimed simply has never previously existed? Even though the first company to mine such an opportunity would have an enormous opportunity to truly define the new category, VC guys run for the hills when such a project comes their way.

Venture capital guys really do not want category defining companies in their portfolios. They want companies that can compete strongly in existing categories.

Acceptable Types Of Businesses

All VC companies precisely state what type of businesses are acceptable investments, and which are not. The premise here is that the people working in the VC firm must provide sufficient in-house expertise to properly evaluate a business venture, and, that this expertise can only come from prior experience. At face value that makes good sense. But, in reality it creates quite the hurdle to any new venture that is also an entirely new type of business. "Normal" is a requirement to get VC funding, despite the fact that the most lucrative business ventures are also the ones that take the most abnormal approaches to providing entirely new value to customers.

Some Ventures Are Doomed From The Start

Today's reality in new companies seeking venture capital is that it is not good to be too clever, too inexperienced, too creative, or too different. If you are, you are doomed from the start in gaining institutional venture capital funding. No matter how strong your premise nor how well crafted your approach, if your business plan sits too far out of the box you will have to find another funding route.

The result of the Blue Ocean Paradox is that the brightest new ventures face unneeded delays and risk oblivion from capital shortages, and venture capital companies lose out on the highest rates of return on their capital funds, because the traditional approach taken in the VC community is structured to exclude the best business prospects.

From this writer's view, it seems like the time is ripe for a truly innovative venture capital approach to emerge. The rewards to both the brightest entrepreneurs and the innovating VC firm will be remarkable. Until that happens, such bright new ventures will remain privately funded ventures, nursed into existence by sheer entrepreneurial determination, credit cards, second mortgages, and angel investors.

Monday, July 11, 2005

WiFi In Conflict: Entertainment And Security

This is a quick, informal post to share some thinking I've been exploring about the coming wave of streaming music and video over wireless networks.

We're about to see a major conflict between the current approaches to erecting data wireless networks and entertainment wireless networks. There are a couple of major elements that are jarringly different between the two approaches. With data networks set up as essentially closed systems, heavy security mechanisms make the best sense. But, with entertainment aimed networks, the better paradigm is based on openness.

With WiFi handheld media players and gaming devices, standard definition video players, HDTV sources, stereo music players, and even WiFi based cordless telephones, there will be a need for instant network access, instantaneous node handoffs, and, open access to any number of unpredictable devices that might stroll into the network that will need simple and instantaneous connectivity. Today's closed architecture approach to implementing data networks contradicts each of these needs.

I see a time not far away when the norm will be to have two wireless networks in a home, one for data, and, one for entertainment. There might be some commercial value in the way that's done, so, I'll stop here. But, it's certainly an interesting dichotomy that the WiFi industry is about to be forced to face, isn't it?

Thursday, July 07, 2005

The Ugly Myth Of WiFi Security Risks

Look anywhere on the net, or in a current technology magazine, and you will quickly find article after article bemoaning the sorry state of "WiFi security," and warning people about the risks of having their WiFi networks hacked. My favorite example is the FBI road show that seems to be touring the country, scaring the bejeezus out of folks by actually demonstrating how to crack a WEP encrypted WiFi LAN in about three minutes. Scary stuff, right?

We are warned that a WiFi sniffer/cracker/wardriver guy can intercept our logins for our online banking, our credit card numbers and personal information that we key into a shopping site, and, any other frighteningly personal data that we send out over a wireless LAN. And then, we're shocked with the oft-quoted statistic that about 70% of WiFi LAN setups are running "naked," that is, completely unsecured! That is certainly an unsettling situation, right?

The Truth About Stealing WiFi Data

I have spent the past couple of weeks making calls, sending emails, and, studying the web, trying to get as many WiFi security experts to answer the following question as possible: "Just exactly how many documented cases have you personally seen of a WiFi crook actually collecting, deciphering, and then criminally using any personal data that was captured in the air, from a WiFi network... not from one of the computers on the network, but, directly from the WiFi packets being transmitted?"

Zero. Nada. None. Never. It hasn't happened. It is a myth.

I'll not reveal the name of the FBI agent I managed to speak with on this topic, as he is actually one of the guys traveling around putting on the aforementioned 3-minute cracking exhibition. But, even he mumbled his way around and around until finally admitting that cracking the WEP encryption was pretty easy, but that actually then retrieving and making any nefarious use of any sensitive data contained in the zillions of packets scooting around a WiFi LAN was virtually impossible. He really, really wanted to focus the conversation on the idea of cracking the WiFi network to gain access to the computers on the LAN. I, however, made him squirm by staying zeroed in on the idea of retrieving comprehensible data directly from the LAN traffic.

So, with just a little effort, I have managed to dig up yet another tech industry conspiracy to compel users to overspend on technology features, and, to over-involve themselves in unneeded technology complexity. (the first was discovering the utter lack of risk to Mac OS X viruses)

Why Your WiFi Data Is Actually Safe

To summarize my findings in very simplistic lay terms, the traffic on a WiFi network is transmitted in tiny little chunks of chopped up data, called "packets." Each data packet has a pile of network protocol stuff codified at the start and end, and, has about 1Kb of actual user data sandwiched in the middle. And, the packets themselves are in no particular sequence, when intercepted. Frankly, figuring out what any of it actually means is harder than guessing the next card to pop out of a 6-deck shoe at a Las Vegas blackjack table. It is theoretically possible, but, it is several orders of magnitude harder than simply cracking the encryption scheme of a WEP enabled WiFi LAN. It's hard enough that, after some 40 conversations with active WiFi industry security people, I haven't found even one example of it actually ever having been done.

Interestingly, I also cannot find even one such expert willing to buck the herd and to say this for publication. Cowards.

The Practical Approach To WiFi Security

Based on my findings, I am adopting the following WiFi security protocol for my own home and business LAN systems:

1. Secure each computer that's attached to the network.

2. Leave the WiFi network in "public" mode (unencrypted/unpassworded).

With this approach, all of my files (and my network transmitted traffic) are safe, it remains a snap for any WiFi client device to instantly connect to my networks, and, the worst "crime" that anyone can commit against me is to occasionally sneak a free connection to one of my T-1 Internet hookups.

Don't believe me. Do your own research, and verify the great WiFi security myth for yourself. And, keep all of this in mind the next time you read some article by a self-touted security expert extolling the virtues of a zillion unnecessary complexities he wants you to dial into your WiFi setup.