The Black Liszt - Page 17 of 27 - Fact-based contrarian thoughts about software

Healthcare Innovation: Can Big Data and Cognitive Computing Deliver It?
Most people seem to agree that healthcare is ripe for innovation, and badly needs it. Lots of people are talking up two potential sources for that innovation: Big Data and Cognitive Computing.

I'm strongly in favor of data, the bigger the better. But is the Big Data movement going to make a difference? I'm strongly in favor of cognition, computing, and computing that is smarter rather than dumber. But is the Cognitive Computing movement likely to make a difference? Here's a summary of some thoughts.

Process Automation and continuous improvement

Here is a description of the core process automation process implemented by a company I've invested in, Candescent Health. It describes the process that can and should be applied to all of health care.

The point isn’t that there’s data and analytics – the point is that there’s a closed-loop process of continuous improvement where actions are based on rules. This is the framework that is required to make anything happen. Without it, you can’t put your proposed new clinical action into practice with double-blind A-B test and see if the results of your analytics actually deliver benefits in the real world! Or even just deploy it!

How about just making the basics work?

Here is the story illustrated by Mt Sinai hospital about how everyone focuses on “innovation” and fancy new things, when just having the computer systems run reliability has a huge impact on patients – and unless those systems run, the results of fancy new analytics can’t be delivered to benefit patients.

If the car won't start or run reliably, who cares how good the fancy sound and navigation systems are?

How about making the computers work?

I love data and analytics. But doesn’t it make sense to focus on getting the operational computer systems to actually run well before moving on to the fancy stuff?

Paying top dollar for computers doesn't make them work

In fact, just about anything you do with healthcare data that is going to be brought to the front line of care requires functioning computer systems to be able to pull off – the big healthcare systems pay Greenwich CT prices and get trailer park results.

Clean data isn't easy to get

Both data warehousing and the fancy new Big Data movement share the under-appreciated problem of getting good quality data in analytics-ready form. Sounds simple, but the difficulties make progress a grinding crawl on many efforts. See this for example.

Big data sets tend to have Big problems

Massive data sets have built-in problems that make it hard to get actionable results.

AI: How about under-promise and over-deliver for a change?

Skepticism about Cognitive Computing in health care is warranted. There is a rich history of over-promise and under-deliver for AI efforts in general.

Real-world solutions waiting to be automated

Meanwhile, there are proven gems in the medical literature just waiting to be disseminated to the front lines of health care via point-of-care computer systems that are languishing in journals.

What can make a difference?

There are lots of practical, tangible ways to make things better, in spite of all the obstacles to change pervading our healthcare system. Here are some examples of people doing the right thing, all them with investments by Oak HC/FT:
- Candescent delivers better imaging results with less expense by applying basic continuous-improvement workflow automation.
- VillageMD delivers better results with lower cost by feeding back results and advice to PCP’s.
- Aspire delivers better results at lower cost for end of life – by having one person be in charge, managing everything from the patient point of view.
- Quartet makes a difference by applying behavior health as needed to help other conditions.
These companies embody some common themes:
- Knock down the silos, have a patient-experience-centric point of view.
- Applying common sense has huge benefits.
- Focus on delivering results to the front line (patient) is hard but necessary.
- A system of continuous learning and delivery is a pre-condition to delivering any results of analytics for patient benefit.
Conclusion

The big hot topics in healthcare of Big Data and Cognitive Computing are little more than fashion statements. Data, of course, is a good thing; so is having computers do smart things. But without doing some basic blocking-and-tackling and applying some practical common sense, a great deal of time, money and energy will be spent accomplishing nothing.
Innovation: Some History
"Innovation" is an innovation — it's a new thing that loads of people think it's important and something we should pay attention to. The Chief Innovation Officer is the most recent addition to the CxO suite.

Someone other than me should write a history of "innovation," fully explaining how we got to where we are with it. I've contributed two or maybe even three cents to the effort. I'd like to go back a century or so and explore some of the fertile soil out of which modern "innovation" grew.

What is Innovation?

Just last year, you could have spent a whole week learning about innovation from the best and brightest:

During that week, here's some of what you would have learned:

See what you missed? Not just regular innovation, but "game-changing" innovation; innovation that "generates new ideas" and "executes new solutions." Hadn't thought of that before: innovation can "execute" solutions, and "new" solutions, at that! This Innovation appears to be an "essential skill" of leaders who have the "desire to transform organizational processes and behaviors." Wow.

This is big. What's the core idea? It appears to be coming up with "new ideas" and acting on them.

The roots of Innovation

People have been doing new stuff for a while now. Make a list of the things that have been invented in the last two hundred years, and when your hand gets sore from writing, let me know. However strong your hand, you're likely to run out of strength long before you run out of things to add to your list.

So why do we need to beat the drum and add yet more to the overhead with CIO's and the rest?

The reason is simple:
1. People resist change
2. Organizations resist change
3. Big organizations resist change in a BIG way.
We've been through this. It's a well-understood idea, thoroughly grounded in human psychology. It's not just that psychologically, people resist change. It's that they are highly incentivized, even rewarded, for resisting change. If that sounds strange, you should check out books like the Innovator's Dilemma.

We can learn a couple important things from organizations that were terrifically innovative at the start:
1. They were started by unusual, driven people, often education drop-outs, who never took a single course or seminar in innovation, much less business education. See this and this.
2. Once those amazing organizations grew to become leaders in their field, they almost always stop innovating! But they know they need it, so they acquire what they can't create. See this.
Large companies figured this out a long time ago.

Here's an attempt at H.J. Heinz around 1909 to solve the problem:

Yes, it's a suggestion box.

Why have a suggestion box? It's anonymous! The person who has the feedback or the great idea can make it without fear of punishment or retribution. That's absurd, perhaps you say! Why would anyone in authority punish someone who makes a suggestion for improvement? Try it sometime. Just make sure that your suggestion goes against the "common wisdom" at your organization.You'll see.

The impulse to foster what is now called innovation has been around for a long time. It's a bubble phenomenon now, but some form of it has been bubbling along for centuries. "Change," like motherhood, is judged to be a good thing, unless and until it's you who have to change, and the change isn't in your favor. That's why real change mostly comes from upstart people who create upstart organizations.

Conclusion

The well-intended suggestion box of past centuries was an attempt to solve a deep-seated issue with people and organizations. It has morphed into the modern innovation movement. You can expect results that are every bit as stunning as those well-known new things that came from pieces of paper stuffed into suggestion boxes. If you still insist on change that works, see this.
Organizing for Successful Innovation: Recent History
One of today's hottest trends is fostering innovation. It's real important! There are books, conferences, certified experts and all sorts of things. Let's do two things: (1) look at the origins of today's acknowledged tech leaders; and (2) see how those tech leaders innovate today.

The origins of today's tech leaders

What would we find if we looked at the origins of some important organizations that took the market by storm, grew rapidly and became part of the modern landscape? Did they come from people following the popular methods for fostering innovation? Let's look at some big, successful tech companies, and find out how they got started. There are two possibilities:
1. It came out of some large organization that followed modern innovation methods. Or its founders were avid readers of books on innovation, certified innovation trainers, attendees of innovation conferences, or otherwise showed that they were nurtured by innovation thinking.
2. It was started by one or two people who set out on a mission without any of #1 and kept marching forward until they got it done, perhaps with the help of VC's (venture capitalists).
I've already discussed the cases of Microsoft, Facebook and Oracle here. Their founders not only lacked training in "innovation," they were all college drop-outs! How could they have possibly founded three of the largest, most successful and valuable tech organizations? Must have been luck, I guess.

Maybe they're the exceptions! Maybe most of the rest fit comfortably into the mold of #1! Let's look at a few:
- Apple. Jobs and Wozniak. College drop-outs.
- Amazon. Bezos. Princeton grad, worked in finance, hedge funds. Jumped on a vision.
- Dell. Michael Dell. Started in his dorm room, dropped out.
- Google. Stanford grad students, dropped out. VC backing.
Why all the college drop-outs? In each case, a founder who was already obsessively good at something saw a related opportunity (sometimes with a buddy), dove in to make sure he didn't miss the opportunity, and made it more important than anything else. Including "education."

A pattern seems to be emerging here. It's not looking good for theory #1.

How today's tech leaders foster innovation

Now that these companies are big and successful, surely they are great at innovation, right? They must have certified innovation experts just crawling the halls, and a good fraction of the staff out attending innovation conferences, right? They must be just cranking out innovations left and right!

They try, in various ways. But it turns out that these great companies aren't any better than any other large organization at innovating — and you can see it by all the acquisitions they do! They have HUGE resources — how could some scrappy bunch of nobodies possibly come up with something they couldn't invent themselves?

Well it happens. It's happening right now, in AI. Look at who's doing the acquiring:

Facebook alone has made more than 50 acquisitions, most of them since 2010.

How about Google, who are supposed to be the smartest and most innovative of all? They've acquired more than 180 companies. Someone figured out the ten most expensive buys:

And the grand total is …

Now, that's innovation for you. Just ask your boss for a multi-billion dollar budget, and you'll be able to innovate like Google!

Until then, remember, there really is a better way to approach making your company better, even if it is unlikely to win any awards for "innovation."
The Innovation Bubble

We're in the middle of an innovation bubble. "Innovation" is hot. Innovation "experts" are coming out of the woodwork. Everyone wants some innovation. If you're not "fostering innovation" you're hopelessly outdated.

Some people say you need teams for innovation to take place. As a responsible manager, it's your job to foster innovation in your teams. Here's one of the books you can read about how to do it:

"Leadership" is a timeless favorite. Naturally, if you're an excellent leader, part of what you do is make innovation happen. Here's one of the books you can read about it:

Maybe you're not a big reader, but want to make sure innovation happens anyway. You can go to conferences, world-wide ones even:

What if you really want to get serious about innovation; how do you do it, after all? The good news is, it's not at all mysterious! You can go to school and learn all about innovation:

If you're an executive, you can take some time off and learn about it too.

Maybe you're having trouble breaking through. It could be that the missing ingredient is certification. Hmm, let's Google it, and see if any places can help out:

After all, you can say you're a great innovator, but without an official certification, why should anyone believe you?

Lots of people are doing it, even people with MBA's:

If you're really good, maybe you can become a CIO — no, not a chief Information officer, a chief INNOVATION officer. And then, if you're really good, maybe you can attend a round table:

What if you want help fostering innovation inside your organization? There are prestigious places just waiting to help you out — it's their business, and you may not be doing it the right way:

It's probably too late, but it would be a shame not to at least try to catch up with this innovation thing. An awful lot of people seem to think it's the best thing ever.

Of course, there are a few lonely voices saying this innovation thing is just a fad. They seem to say that if you want real innovation, there is a simple way to get it. They're probably just whiners who ignore the experts, and don't want to take the trouble to read a book, attend a conference or get certified. Too bad for them.
Software people: You get what you pay for

What's more important: programmers who are really good, really productive and consistently turn out high-quality code that helps the business? Or software managers, whose technical skills are not at issue, and whose job is to hire and manage programmers? Or, if they're really important, they hire managers of managers. Based on where most put their money, it's the managers we value most.

If you want things to get better in software, you may want to consider rewarding the people who actually, you know, do the work.

Management bias

Who's in charge of your organization? Let me guess … a manager. Am I right? So when it comes down to the important things, who do you think gets valued the most highly … other mangers, perhaps?

Most organizations have a pay scale that rises with increasing "responsibility," i.e., how "high" you are in the management hierarchy. I use quotes here because I'm deeply cynical about those things. Since when do the top people truly take responsibility for things, instead of blaming some poor underling? And height in the hierarchy implies goodness and value.

Look at this fascinating list of the best-paying jobs:

This list is clearly incomplete because it doesn't have things like CEO on it. But still, you'll notice that the people at the very top are individual contributors, doctors and lawyers. Right behind them are a couple kinds of technology managers. Then a "strategy manager." What about the next one, Software Architect? Sadly, in most organizations, the person with that title may not manage many people, but is considered way too "important" to actually write code, you know, like the peons do. Then we've got our first actual value-producing job category, an engineer! Not software, though. Of the last four jobs listed, three are explicitly management, and the fourth, "solutions architect," is a person who wouldn't be caught dead lowering himself to writing code.

It doesn't have to be this way

Many interesting organizations don't work this way. One example I've explored in detail is baseball, where the players are valued most highly, and where the vast majority of the managers were themselves excellent players, usually for many years.

In more detail, here are some of most highly paid managers:

Here are some of the most highly paid players:

Notice a difference in pay scale? Baseball has clearly decided that while managers are important, it's the players who win games. What an idea!

Conclusion

If what you think your organization really needs is lots of managing, and you figure the software will somehow get itself written, then you should pay your people like everyone else seems to. But if you actually need high-quality software that works and meets your needs, you may want to consider a different strategy.

p.s.: If you want to learn more about software people, see my book on the subject.
Enterprise selling is the enemy of software speed and innovation

You’re a small software company. Of course, you’re innovative, adaptable and fast-paced! What other kind of small software company is there? You’re beginning to grow. You take the big step of hiring an experienced, professional sales person. And not just any old graduated-from-selling-cars salesperson. You’ve got one with an MBA, and with a solid track record of enterprise success. Why wouldn’t you? It’s time to stop playing sand-lot baseball and graduate to the big leagues!

The salesperson does his job, and has a major enterprise on the hook. They’ve seen your innovative product, and want it. They’ve talked to your existing customers and have decided you’re the real deal. You’ve agreed on a general pricing framework, which looks like a company-making gold mine to you, and a reasonable deal to the buyer. Now you’re getting down to resolving the final issues before sealing the deal.

No big surprise, your software isn’t a perfect match for their needs. How could it be? This will be your first enterprise customer! Everyone knows they have a unique set of needs! This is your chance to find out what they really are, meet them, and step up.

Your product road map gets pulled out. The buyer goes over it with a fine-toothed comb. They complain that it’s not terribly specific, the dates and targets are vague, and there’s little detail backing it up. And there are important things they need that are missing, without which they won’t be able to fully benefit from the wonderfulness of your product.

As you dive into the details, a gulf emerges between the way you are used to doing things and their expectations. You don’t have formal “market requirements documents” to assure that what you’re going to build takes into account the needs of the market and where it’s going. You don’t have formal “product requirements documents” of the kind they're used to seeing, with everything spelled out in advance and validated, so you’ll be sure that you build the right thing the right way the first time. This is too important to screw up! And if the enterprise customer is going to have to wait for what they really need, and commit to it before seeing it, they want to be absolutely sure they know what they’re going to get, when they’re going to get it, and how much it will cost. It could be a career-destroyer for the executives on the buyer’s side to set expectations, pay money, wait for months, and then have a belly-flop. If that’s what they wanted, they could just as well go to their own IT department, which has a proven track record of producing really big and painful belly-flops nearly every time. If we’re going to commit to some little, unproven company (they say), we want it locked down. We need to avoid failure here, don’t you see?

The proven salesperson who works for the little company assures his young compatriots that this is just how things are done. If you want to sell to these guys, there’s one answer. “Yes.” Time to grow up!

Many little software companies say “yes” at this point. Then they take the road to purgatory and march straight to hell, working as hard as humanly possible to meet the needs of their “gold-mine” customer not only as to substance, but just as importantly as to process.

When small, innovative software companies start to enjoy big success, many of them encounter this kind of opportunity, which is actually a serious obstacle. Who would think that the road to success goes through the valley of death for innovation?

My recently published book on Software Business and Product Strategy, deals with issues of this kind and many more. My books on Project Management and Wartime Software also address this issue.
Software Business and Product Strategy Book
My book on Software Business and Product Strategy is now available, in Kindle and paperback formats.

It went through dozens of drafts as two separate private circulation papers on the way to its current form. Here's the front cover:

Here's the back cover:

It's the fifth book in the on-going Building Better Software Better series of books. Here is a description of the origins of the series, and here is a description of each of the earlier books, with links to blog posts with highlights.

Most of my experience is with computer-based businesses, but there's a rumor, to which I give credence, that the principles described apply to all kinds of small business.

I recognize that there are piles and piles of books on building businesses and creating product strategies. You can get degrees in it from eminent tenured professors at fancy schools who have publications and honors trailing after them. You can participate in all sorts of programs that teach "innovation" and provide fledgling innovators with access to all sorts of seasoned help. So why another book?

Pretty much for the same reason that I wrote the earlier books in the Building Better Software Better series: the vast majority of the books and articles I read tell you to do one thing, and the people I see who start and build software-based businesses to success do something different!

I spent a couple decades creating or working for young, innovative software-based businesses. I have spent a couple more decades investigating, following and investing in software-based businesses — hundreds of them! In multiple technical and business domains. I've worked closely with the leaders of these companies, and with many of the techies in them. I knew and they knew what you're supposed to do, and what's supposed to work. As time went on, I began to notice how the usual "success" rhetoric played out in reality. Patterns began to emerge.

One of the patterns I describe as "Step Theory." It's a core pattern that is highly correlated with success. There are vertical steps and steps to the side that are often cornerstones of success. Among the dozens of examples I use are Athena Health and Huffington Post.

Another important pattern is the relationship between strategic positioning and tactical execution, which I illustrate with a CRM company, a beach umbrella service and the invasion of Europe.

A few other points, each illustrated in the book with examples, are:
- everyone knows they have to "focus," but knowing how to actually do it is rare
- everyone knows how important strategy is, but trying to make tactics match strategy screws things up
- everyone wants to foster creativity and be creative themselves, but it's often too much creativity that sends young ventures off the tracks
- paying attention to what "the market" tells you frequently dilutes your efforts and prevents success
- starting a great new business requires looking into the future; but unless you then concentrate on what's in front of your nose and ignore the future, you're doomed.
- simple things like minimizing customer risk and delivering fast, hard-dollar benefits are crucial
- shifting company strategy while following success patterns is often crucial to success
- feedback loops and continuous improvement beat "perfect" plans every time
- listening to the "wrong" customers can be as bad as listening to none of them
- …and lots more!
Each major point in the book is a general pattern I've noticed. Most of the points are not generally talked about in places that are supposed to teach these things. Each has been reinforced in my mind by some of the amazing entrepreneurs I've had the pleasure of working with over the years. Each of the patterns is illustrated by examples I've encountered in real life, sometimes by people who just did the right thing, or by groups that encountered issues and responded by doing the right thing.

To everyone in the book and everyone else I've worked with, please know that you have my gratitude. It is in part to thank you for teaching me that I have tried to put your lessons into this book, lessons I hope will help others on their path to making the world a better and more productive place.
Software Product Strategy

I've written a book on Software Business and Product Strategy. With emphasis on the "Software."

Software business and product: MBA's

People go to business school. They learn about product strategy, markets and the rest. Now a certified expert professional, they join some scrappy little software startup. What a mess! These people have NO idea what they're doing! Let's clean things up and create a proper product strategy, the kind that would earn an "A" grade in B-school.

The business tanks. There are recriminations. The funding was inadequate! We were too late! Too early! The software was no good! And on and on. Anything but … our product strategy was completely inappropriate for a SOFTWARE business. Unthinkable! Business is business. Products are products. BZZZZZZTTT! Sorry, that's just plain wrong.

The MBA needs to read the forthcoming book.

Software business: ideas

You're naturally innovative. You come up with good ideas. Finally you've settled on one. This is the one to back — it's really going to work!

You dive in. You learn stuff. You start interacting with people. You realize there's more stuff out there than you thought. We've got to add this! And that! After living with the idea day and night, you realize that the business you're beginning to build is just the tip of the iceberg. It has so many implications in so many adjacent areas. We really don't want to just ignore all this other stuff; it would be leaving a huge part of the potential business on the table!

This is the path to disaster. The entrepreneur needs to read the forthcoming book.

When will the "Software Business and Product Strategy" book be available? Soon. I'll let you know.

Update: It's available. See here.
Fintech: pay before, pay now, pay later
Cards, cards, cards – they all have the same shape and size, they all have a mag stripe on back, similar numbers and date and your name on the front. How different can they be?

I admit, they all have this in common: you can use them to get stuff. Instead of cash. That’s a lot to have in common! But the next level deeper, they can be so different, it’s amazing.

One of the biggest differences is when you pay for the stuff you get with the card. All cards fall into one of three buckets in terms of the “when do I pay” question. The buckets are:
- Pay before. Put money onto the card. Then you can spend it. No money on card, no stuff.
- Pay now. Use the card. Is there money in your account? You get your stuff. The money will be pulled within a day.
- Pay later. Use the card, if you haven’t used it “too much” recently. You’ll eventually have to pay, with interest if you take your time.
Pay before

In the industry, this is usually called a prepaid debit card. There are two categories of these.

The first kind is usually called a gift card. You can see these hanging on racks near the check-out counters of stores.

As you can see, each is worth a certain amount of money at a given retail store.

Some retailers have gotten pretty creative about their card designs, like this one that is supposed to be for millennials:

What if you just want to give money? Now you can do that. For example:

The second kind of pay-before card is usually called a prepaid debit card, but the key thing about it is that it’s rechargeable, which means you can put more money onto any time and use it for any purpose.

Prepaid debit cards normally have substantial fees associated with using them, because it’s the only way the companies doing the processing can make money. They’re not associated with a bank account, so they’re perfect for people who don’t have one.

Of course, technology being what it is, companies have evolved these categories — some gift cards are now rechargeable.

The key thing to understand is that pre-paid debit cards are “debit cards” for technical purposes – but they’re NOT associated with a bank account. That’s what makes them easy to buy. Whether they have a bank account or not, people can use pre-paid debit cards anyplace cards are accepted.

Pay now

The industry calls this a debit card. It’s tied to a bank account. When you use the card, you debit the account, which is normally a checking account.

Depending on how you use the card, the actions and underlying technology can be quite different. If you just tell the system it’s a card, it will usually be treated as an off-line debit card, and the charge will be made to your account overnight. If you admit it’s a debit card, you’ll be asked to enter the PIN, just as though you were at an ATM. This is usually called PIN debit. The money is immediately removed from your account.

Pay later

Finally we get to the credit card. It’s a credit card because when you use it, someone is giving you credit for the amount you charge, and will expect you to pay the money back. You are welcome (sometimes encouraged) not to pay on time, because then you have to pay interest on the loan you’ve taken out. Unlike a home mortgage, which is “fixed” credit, the credit card is “revolving” credit, because the money going in and out is like going through a revolving door.

When you swipe a debit card, your bank account is checked to see if there’s enough money to cover the charge or the cash. When you swipe a credit card, your revolving credit line is checked to see if there’s enough credit to loan you enough money to cover the proposed purchase.

Summary

Using a card always involves money. But whether the money is already out of your pocket, comes out when you use the card, or whether it’s a bill you’ll eventually have to pay makes a large difference to you, which is reflected in a large difference in what happens behind the scenes.
The Apple-FBI Fiasco

The brouhaha with Apple and the FBI's investigation of an act of terrorism is tragic, comedic, scary and ridiculous. The only good "side" to take here is a side that few people, and none of the major actors, appear to be on.

Here are some of the major points.

Why the FBI needed help. The FBI should have submitted the phone to Apple for cracking immediately, using Apple's standard procedure for this. Instead, they bungled it. They changed the password and locked themselves out of the phone and its iCloud backup.

Whose phone? Apple got on it's higher-than-high horse refusing to help crack the phone because it protects the privacy of individuals. But the terrorists had already destroyed their personal phones. This was a terrorist's government-issued work phone. No privacy was involved.

The FBI's "unprecedented" request to Apple. Apple has a department that cracks phones. They crack thousands a year, and hundreds a year just for national security cases. Apple has a formalized process for it, which as of today remains on their website. The FBI's request should have been run-of-the-mill. Details here.

The slippery slope. Apple made claims about how responding to the FBI request would create a master key that would soon render all Apple phones insecure. This was bogus, as I detail here.

Privacy uber alles. Apple stood up as the firm defender of personal privacy — including that of murderers and other criminals.

Lost opportunity. Apple could have come out of this a hero — a strong protector of personal privacy and a strong ally of law enforcement against terrorists and criminals. Here is how.

Apple's insecure software. Apple's wants us to think their software is wonderful and their security flawless. No one mentions the scores of bugs that riddle their software. With each release, they introduce at least as many new bugs as they fix. Some of the bugs are security holes! White-hat hackers find some of them and tell Apple; Apple responds by eventually fixing the bugs and eventually releasing the fixes.

Finally cracking the phone. After all the sturm-und-drang, a "private company" approached the FBI and offered to crack the phone — and cracked it, leading the FBI to withdraw their suit against Apple. The company is Cellebrite, which has a commercial service that cracks iPhones in a forensically sound way. Do you think someone at the FBI could have used Google to find this group before suing Apple? Do you think Apple could have referred the FBI to them quietly instead of making a stink?

No one comes out of this mess looking good, including the media, which did little research and simply took sides. For example, I have found no media outlet mention Apple's standard phone-cracking service, which I published here. After this and the recent events in Europe, who can feel good about either the FBI or Apple?
Fintech: the world of cash cards

Cards. Love them or hate them, they are a key part of our lives in general, and of the fintech part of our lives in particular. If you're going to understand fintech, it's important to understand at least the basics of what goes on behind the scenes with cards. Not to mention knowing the proper terminology to use.

You spot a bank. You know you're getting low on cash. You stop and walk up to the machine. You pull out your wallet, and here comes your first choice: which card should I use? You probably don't think much about it, since there's probably a card you're used to using. But what makes your "cash card" special is that you know the four digit PIN code that stands between you and your cash.

But they're not all the same. The most basic and original kind of card is an ATM card. Here's an example:

Notice that the card doesn't say VISA or Mastercard on it. It's an ATM card, which is different! You put the card into the machine:

Then you enter your PIN code on the keypad. The ATM machine is actually connected, perhaps through a series of networks (more on them later) to your bank's computers. The first few of the card numbers identify your bank. Your bank gets the request and checks your balance. If you have enough money in your account, the bank immediately debits your balance, and sends an approval of the withdrawal request to the ATM machine. The machine then counts out your money and you take it:

You take your card and the transaction is complete, just as though you had been with a human teller.

The original ATM machines were connected to the same computers in roughly the same way as human tellers. Each bank had its own ATM machines, just as each one had its own branches.

Shortly after ATM's were deployed, the first interbank network was rolled out. One of the first was NYCE.

NYCE was developed and owned by a set of New York banks to enable a customer of any bank in the network to use any ATM that was also in the network. There are now over 300,000 ATM's in the NYCE network, and a whole lot more in the other networks that sprang up to compete with them.

If you pull out that bank card and try to pay for a meal in a restaurant with it, things aren't going to end well. But banks want you to use their cards! So after some time, the debit card was introduced. It looks nearly the same as an ATM card, but not quite. Here's mine, for example:

It has the same general appearance and numbering scheme as the ATM card pictured above, and the same "good thru" date. But it says VISA, and it says "DEBIT," which makes it different!

One way to think of it is a card with two hats on.

Hat number 1, the DEBIT hat: it's an ATM card. You put it in an ATM machine, enter your PIN, get your cash and away you go.

Hat number 2: the VISA hat: it's a "credit card." You hand it to the cashier at the store, it's swiped, and you walk away with your stuff. Except that, instead of being a separate account, the card is associated with your normal bank account, and the money comes directly out of your checking account. No talk of "minimum payments," it just comes out. Hope you've got enough there! Because it's not a "credit" card — it's, sneakily, a kind of cash card!

That's enough about cards for one sitting. But I hope you can see a theme emerging: there are a number of systems designed and built for different purposes that can be accessed by cards that look and act much the same … except the underlying technology is completely different.
Fintech: Whose rails are you using?

Like most specialist areas, fintech has its own vocabulary, highly meaningful to insiders but opaque to outsiders. The important issue of “whose rails are you running on” is one of those phrases.

Insider vocabulary

Some people learn to play a bit of baseball when they're young:

They learn basic vocabulary like bat, ball, base, hit, grounder, fly ball, catch, throw and out. That's already lots of words! But the pros and other people who are seriously into what the rest of us lightly call the "game" share a greatly extended set of concepts, words and phrases among themselves.

To take a couple simple examples, there is the “squeeze play” and the “infield fly rule.” Those are just a couple I happen to know. I'm sure there are whole piles of words and phrases that are way beyond me. It’s the use of that specialized vocabulary that distinguishes people who “know baseball” from those who merely watch or attend games.

Fintech is no different. There is some shared vocabulary among all the sectors of fintech. In addition, each specific fintech domain has its own set of vocabulary and concepts, arranged in layers according to how deep you are into the business or technology of the specific fintech sector.

Rails in fintech

When someone talks about "rails" in the payments sector of fintech, they're talking about the mechanics of how money gets from a sender to a receiver. It's about transportation.

It turns out that the image of "rails" is appropriate. Rails are what trains run on. They're big, elaborate, fairly expensive things that were developed a long time ago, and have been somewhat modernized. They constitute a system that is completely separate from and incompatible with the larger and more recent system of roads used for trucks and cars.

Even though railroads started decades before the modern road system, they are a valuable part of today's transportation system. They handle certain kinds of transportation far more efficiently than road-based trucks could.

Same thing with financial-system "rails." They are robust, reliable and cost-effective for the kinds of "cargo" they transport (financial transactions), and not about to be replaced any time soon.

Layers of competing technology

Fintech's technology of "rails" is not only separate from the "normal" way data moves around today, it's remarkably complicated. You may think it's pretty simple, just like I did. It's just adding and subtracting, and every once in a while you multiply to calculate interest; how bad can it be? Reality educated me; I was wrong, big time! And what's worse, there is more than one system of rails!

Let's take one rail system as an example: the ATM network, a.k.a. cash machines.

These are older than you might think. Here's what an early cash machine looked like in 1967:

It was just a railroad car; no network yet, and therefore no "rails." But a true networked version soon followed. It's not easy to find out the historic details, but it appears to have happened early in the 1970's:

The ATM network is just one set of rails. The credit card network has a rather different set, which is completely incompatible. Which is why, among other reasons, the choice of rails is important!

Conclusion

The "rails" used by financial transactions in fintech are deep, robust, incredibly complicated and separate down to the roots from most modern technology. The chance that a bunch of bright kids in a garage is going to come up with a bright idea and replace it next year is zero. And there's more than one rail system to use!

That's why one of the most important questions for payments in fintech is "whose rails are you using?" Even if you have no clue how those rails are built, and few people do, the answer is nonetheless important.
Apple can help fight crime while maintaining privacy
Apple can and should maintain the privacy of the information their customers have on Apple devices. But what if the owner is a criminal or terrorist, and the relevant law enforcement agency has a court-ordered warrant? Apple should bend over backwards to help the agency fight crime and terrorism. It can do this without "back doors" or any of the awful things that some people talk about.

The government

The government scares me. I don’t want them anywhere near my private information. They have way too much power. If any little thing goes wrong, someone in government can trample all over me. My fear is equal opportunity. If Republicans are in charge, some of them will be corrupt and will decide to use my private information to trample on my rights. If Democrats are in charge, same thing. And bureaucrats of whatever stripe … I shudder. I want to be able to have my private information encrypted and secure, so that no one – including the institutions who are supposed to be keeping us safe – has access to it. PERIOD.

Sadly, the government already has whole huge piles of my private information all over the place in their files and computers. Moreover, the government appears to be incompetent at keeping private information private. The IRS has been hacked. The White House itself has been hacked. Even that biggest and baddest of security agencies, the NSA, had a massive insider breach. This is not the sort of thing that’s going to be fixed, because they don’t even have the theory of information security right, much less the practice. Details here.

On the other hand…

There are bad guys out there!

Bad guys are bad. They want to steal things. Some of them want to hurt me. They have all sorts of reasons. Some are crazy, some are sociopaths, some are evil, some are driven by a religious and/or political ideology that leads them to commit acts of violence; sometimes we call them terrorists. People in various institutions have the job of keeping law-biding people safe from the depredations of criminals, crazies and terrorists, and/or tracking them down after they’ve done one of the heinous things they are wont to do. These protectors including various branches of the military and other branches of the government, including the CIA, FBI, NSA and others. Like any normal, sane person, I want to be safe. I want someone to keep me safe from the bad guys, and when bad things happen, I want someone to track down the bad guys to prevent them from doing more bad, and to send a message to other bad guys that they probably won’t get away with whatever bad thing they have in mind.

This means…

The government needs to keep out of the private business of the citizens. We are part of a country ruled by a Constitution. There is a Bill of Rights, the fourth amendment in particular. HOWEVER: The government's job includes keeping us citizens safe while protecting our rights. Part of the job.

The people who keep us safe and dig into crimes when prevention hasn’t prevented need to be able to do their jobs. If the courts agree to issue a subpoena, they need to be able to search for evidence. Under the fourth amendment and codified in long-standing procedure, there is a process for ensuring that the privacy of law-abiding citizens is maintained, while at the same time ensuring that, with proper judicial approval, searches and seizures can be performed to maintain the safety of citizens.

Under the right circumstances and controls, sane people want government law enforcement agents to do their jobs, protect us and catch wrong-doers.

What about Apple?

Prior to iOS 8 and the current brouhaha, Apple responded as it should have to requests of this kind, thousands per year of normal requests and hundreds per year involving national security. See here for details. Suddenly they changed. Here is the choice they made.

Currently Apple has a well-deserved reputation as a criminal’s friend and supporter of terrorists. Do you think the bad guys don't pay attention? They do.

What Apple should do

Apple should become:
- the best friend of law-biding citizens who want to maintain the privacy that is their right under the Fourth Amendment, while at the same time becoming
- the scourge of criminals and terrorists.
Specifically, Apple should strengthen and grow the facility they already operate on their Cupertino campus to receive and crack the devices of criminals and others, under strict subpoena and court order control. As they do today. They can and should extend this valuable, safety-maintaining service to iOS 8 and all future hardware and software.

Would this be expensive? What if it cost, say, $20 million a year? That amounts to less than 0.01% of the CASH that Apple has on hand. It would be a rounding error at ten times the cost.

Apple could brand the center as the scourge of criminals and terrorists, and make their phones something that bad guys actively avoid using. That way, anyone who uses an iPhone is proclaiming that they’re a good guy – and they’re also proclaiming that Apple keeps their private information safe and secure, unlike (I’m sad to say) most government agencies.

Is this possible? Yes. Apple has wisely avoided denying that they are incapable of cracking a phone that is in their physical possession. Which are the only phones they should be cracking anyway. Should they give their tools to anyone else? NO WAY!

What about phones that are in the field? Could Apple remotely hack them? Of course they could! Strictly under court order, strictly from the Cupertino Bat-cave, and solely the identified phone under Warrant.

Apple's ability to crack phones under these strictly limited circumstances has NOTHING to do with creating dangerous "back doors" or somehow defeating amazing encryption. It's about hardware and the software that runs on it, both of which are entirely of Apple's design and under their control.

Apple has the opportunity to protect the privacy of its customers much more effectively than the government does, while at the same time helping law enforcement protect us against criminals and terrorists. I hope they'll step up and do the right thing.
Fintech Business Strategies
The business strategies employed in fintech aren't much different from general tech strategies, and they all leverage the fundamental drivers of innovation that drive all the tech in fintech.

Behind every fintech business strategy are a few simple principles:
- Eliminate places
- Eliminate people
- Eliminate things
- Reduce time
- Reduce cost
Every fintech business strategy is a specific implementation of technology that employs some combination of the principles above.

The leading strategies include:

Expand the pool of consumers/users

Who would have thought that people who operate web sites are good candidates for loans? But like many other businesses, they have to pay suppliers (like data centers) promptly to avoid getting cut off, while their customers (like advertisers) aren't as prompt as they might be in paying their bills. Rapidly growing Fastpay meets this need in a sophisticated, integrated way that includes lending money, but goes way beyond just lending money. For example, here's one of their latest services:

Expand the pool of producers/providers/sellers

What if you sell stuff at the local farmer's market? People keep coming up to you wanting to buy your produce. They don't have enough cash, but they have a credit card. What if you could accept their money without going through the nightmare of expense, hassle and non-portable devices regular stores put up with? Enter Square, whose little device and app turn the smartphone you probably already have into a POS terminal and card acceptance device:

Apply technology to make an existing service: better, faster, cheaper

Lots of fintech is direct to consumer, but important fintech companies operate completely behind the scenes, largely invisible to normal consumers. An exciting company that has a new, machine-learning-based approach to credit card fraud prevention is a good example. By doing a far better job of preventing fraud, Feedzai reduces the cost of providing credit card services dramatically. Here's one way they express the issue:

Replace and enhance existing technology

Sometimes, the innovating fintech company is able to completely replace a legacy product. This is ambitious and difficult to pull off, but the rewards are great if you can do it. Everyone is familiar with point-of-sale (POS) terminals and credit card charge terminals that are normally separate devices. For example, here's a card terminal at my local pharmacy:

Poynt has invented a single device that replaces the card terminal the consumer uses to swipe or insert their card as pictured above, but also POS terminal used by the retail clerk. Here it is:

Cut out a middle-man (disintermediation)

This has been a favorite business strategy since long before 1-800 Flowers started cutting out local florists. It's alive and well in fintech-land. A good example is Insureon, which uses the web to attract very specific groups of small business people and sell them insurance that is completely directed to and appropriate for their needs. For example, how many local insurance offices do you suppose cater specifically to the needs and perspectives of dog walkers?

There are hundreds of fintech companies working to extend and disrupt the financial services industry. The business strategies described above are typical, but not exhaustive; and some companies pursue combinations of them. (Note: all the companies used as examples except Square are ones in which Oak HC/FT has an investment.)
Fintech Innovation: the Drivers
What are the underlying principles driving innovation in Fintech? The same, identical, unchanged principles that drive innovation of tech in general. Nothing new! It's just applied to Fin.

We all know what those principles are. We've become used to them as wave after wave of improvement washes over the devices and services we use every day. In normal, physical things the changes are dramatic, going from literally using horse-power:

To steam-powered engines on rails:

To jet-powered planes that fly us in the sky:

Compared to last year, things get: faster, cheaper and better. That's it!

But when electronics and software are involved, as they are in most of fintech, the rate of change is even greater. That's why most of the disruptive changes we see in fintech are little more than fintech catching up with other sectors that have pioneered and are already using the technology. Like for example, "gee, people seem to like their smartphones. There are an awful lot of them out there. Maybe we could figure out a way to put the tech in fintech; maybe build an app or something?!"

What this amounts to is simple in principle, though often challenging in practice.

So how does faster, cheaper, smaller/better underlie innovation in fintech? The main ways include:

Replace physical objects large and small with digital

This reduces cost and speeds things up.

Devices instead of places

Don't go to a place (which is expensive to build/buy, maintain and staff), use your computing device. Call up the specific banking-like function you want on your device, and get your job done, right now. Consumers prefer it because it eliminates travel time, wait time and hassle. For example, money transfer with Abra:

Replace people with data and algorithms

This reduces cost and speeds things up. Consumers prefer it for the same reason they'll use an ATM even when human tellers are available. Don't make an appointment, get dressed up and see the loan officer at the bank; enter your data in the loan app and get an immediate decision with immediate access to the money. For example:

Summary:
- Use the device you have to get the job done.
- Eliminate the man in the middle; no people.
- Digital beginning, middle and end.
Result: faster, cheaper, better!
What is Fintech?

Fintech. It’s new. It’s big. Everyone wants a piece of it. Better jump into Fintech before it’s too late!

But what is Fintech? Fin? Like the thing that fish have? That Chinese people put in soup for special occasions?

No, it’s not the technology behind Shark’s Fin soup.

It’s “Financial” Technology.

Oh, that’s simple. Fintech is about money! I know what that is!

But since when is money new? And everyone has always wanted a piece of it. So “Fintech” can’t just be money, if it’s both “hot” and “new.”

And it’s not. “Fintech” is the name for a diverse collection of companies and products, each of which applies modern technology to some aspect of financial transactions.

Phew! That’s quite a mouthful! And kind of vague. So let’s dig in and see what’s really going on.

Fintech and real people

First of all, let’s be clear that the vast majority of people, normal people, not only don’t know what “fintech” is, they don’t need to know and don’t really want to know. Who feels the urgent need to replace their old “fin” with a fancy new “fintech,” after all?

Just think about phones. Maybe you didn’t envy the people who walked around with giant phones with antennae sticking out of them yakking away on the street.

But the second you saw someone pulling a ringing flip phone out of their pocket and answering the call, you probably felt the urge. And then when the iPhone came out? There were lines snaking out of Apple stores. Everyone knew what phones were and how they worked, and all you had to do was see one of the fancy new ones to want one.

“Fintech” is something investors, market analysts and corporate types in financial companies think and talk about. Regular people? Nope. It’s more like "energy sector” or “entertainment;” it’s a group term that covers lots of stuff that’s only vaguely related. For example, here’s a graphic that shows one group’s view of fintech:

And then when you dive into just one sector of Fintech, Bitcoin/Blockchain, here’s something that shows the intense interest of big corporate players in it:

Over 70 strategic investors have put real, old-fashioned money into these startups!

Conferences

Let's talk about conferences. Big ones. That, as a normal, everyday kind of person, you've probably never heard of.

Like Money20/20, an amazing conference that started just four years ago, whose subject is "disruptive ways in which consumers and businesses manage, spend and borrow money."

Another conference is smaller, but is all about people who invest in the kinds of small companies at Money20/20:

And who among us "normal" people might have even gotten close to the right answer to the question, "How much money was invested in Fintech companies last year?"

Perhaps now you're starting to get a sense of why Fintech is new … and why it's hot, hot, HOT!!
Apple’s Cancer Prevention Strategy

The CEO of Apple declared that he has joined the ranks of the nation's oncologists, and is working to prevent the government from forcing Apple to create a new form of cancer and "expose hundreds of millions of people to issues."

The CEO of Apple is anxious to prevent future "issues."

Let's look at the case of Brittney Mills,

This is an example of an "issue" that took place in April of 2015 in Baton Rouge, LA, long before the Apple CEO got worried about cancer. Here's the "issue" that Ms. Mills experienced:

Investigators still haven't been able to find who killed her and her unborn child. They've tried hard.

They went to Apple for help. Apple refused to help the police get the evidence that might lead them to the person who killed Brittney Mills and her unborn child. The local district attorney wrote to the US Senate Judiciary committee about the case:

His pleas and those of Brittney Mills' family were ignored. The case of Brittney Mills isn't the only one:

Law enforcement getting information from a dead person's cell phone is similar to getting information from their wallet: not something anyone would normally do — but when the person is dead, the only way to proceed.

Apple's refusal to help Baton Rouge law enforcement catch the person who murdered Brittany Mills is taking place in thousands of cases all over the US:

Apple's response? An escalating war of words. A half hour's worth in ABC's "exclusive" interview with the CEO.

While declaring how important safety is, "doing this," i.e., helping get information from the cell phones of murdered pregnant women, "could expose people to incredible vulnerabilities." Does this mean the Apple CEO is concerned about future "incredible vulnerabilities" that are worse than being murdered?

And then we have the old slippery slope argument:

OOOhhhh: law enforcement might turn on the camera!! I guess the Apple CEO thinks that's worse than being a pregnant woman living alone, opening your door at night for someone you know, getting shot and dying. And not being able to find out who did it.

Now we get to what Apple is being asked by the courts to do, which is the equivalent of creating cancer:

I demonstrated in my prior post that Apple has cooperated with law enforcement in the past, and given out private information on literally tens of thousands of cases, including at least a thousand cases a year involving national security. Apple was able to provide this information because they had written for earlier releases of iOS a much stronger version of what is needed for iOS 8. Apple has written it. It wasn't cancerous before. How would it be cancerous now?

Similarly, when he claims that helping the court would "expose hundreds of millions of people to issues," he assumes this software would somehow escape from Apple's control, when the prior versions did not.

Apple does know a way to avoid the problem. And it's had years of experience over tens of thousands of cases that the method is safe and effective.

The issue is simple. Apple refused to provide the help needed to identify the murderer of Brittany Mills and her unborn child. Apple says providing that help is like unleashing a plague of cancer. I say to Apple: please unleash that cancer.
Apple’s Approach to Privacy, Terrorists and Criminals
Apple is locked in a public battle with the prosecutors of the San Bernardino terrorist case about helping the FBI. Tim Cook has been in full public-relations mode asserting how this "unprecedented" request is like distributing a "master key" that will make everything on iPhones public.

The government's request (as opposed to how it's described in the media) is reasonable; it is a simple extension to iOS 8 of part of a service that Apple already provides to government agencies for tens of thousands of Apple devices. By refusing to continue providing the service, Apple prevents local police from returning stolen iPhones to their rightful owners. Apple prevents law enforcement from solving crimes of murder, sex abuse of children, sex trafficking, robbery and other crimes. And Apple prevents the FBI from keeping us safe from terrorists.

The awful things Cook claims will happen if he complies are already enabled by horribly buggy and security-hole-ridden Apple software. Nothing the government has requested will make things worse.

Apple’s official privacy policy

What was Apple’s privacy policy before the recent war of words on the subject? The policy is clearly stated on the Apple website. There are lots of words about how Apple loves and respects it customers, and Apple is wonderful. The words lead to this conclusion:

That sounds pretty stark! No back door and no server access. Ever! That sure sounds like my information is secure, no matter what!

Apple’s actions on privacy

As it turns out, those are weasel words. Which you can find out by a little digging. All you have to do is go to their “government information requests” page. There they admit that they respond to subpoenas and search warrants. But they “limit our response to only the data law enforcement is legally entitled to for the specific investigation.” Well, maybe it’s not so bad…

Scanning down the page, in HUGE type, is this assurance that practically no one is affected by all this:

An amazingly tiny fraction of “customers” have been affected by this grudging acceptance of government coercion.

How much does that tiny, tiny fraction amount to? Being super-conservative about doing the calculation, I took the quarterly sales just of iPhones only for the last 3 years (2013 to 2015) as reported publicly by Apple. Truncating each reported result to the lower million, the total is 546 million iPhones. The real number, including iPads and going back further in time, is probably more than twice that. But the arithmetic even for that number is interesting. Using Apple’s own 0.00673% number, the total is 36,745 customers.

That number does not include “national security” requests, which according to the same page, is more than 750 requests for the first half of 2015:

To summarize rhetoric and reality about Apple and privacy:

Rhetoric: We don’t create backdoors and “have never allowed any government to access our servers. And we never will.”

Reality: We dish out customer data as required, and do so by the tens of thousands. But we pout while we’re doing it.

What Apple really, really does

Dig a bit further, and you can download the details of what and how customer information is handled at Apple, in this document:

Here’s a bit of the table of contents:

You can see that the range and scope of information available goes way beyond anything you might imagine from scanning Apple's website pages.

The document also declares that Apple can provide an incredible amount of information from any iOS device prior to 8.0, but “will not” perform data extractions from 8.0 or later. The extraction “…can only be performed at Apple’s Cupertino, California headquarters…”

What the government wants

The government’s request is short and to the point.

They want help defeating iOS 8’s PIN brute-force avoidance mechanisms:

Here’s what they suggest an acceptable means of providing the help would be, a piece of loadable software:

They specifically request software that works for only that phone:

They don’t demand possessing the software; it’s OK if Apple physically has the device and keeps the developed software on site, without even requiring that government agents be present:

And if Apple can think of a different way to accomplish the same results, it’s OK with the court:

In summary, the court will provide Apple with the terrorist’s government-issued iPhone, and wants Apple to create software that will enable the government to do the hard work of figuring out the iPhone’s PIN code so that the government can access the data on the phone. The government is willing to let Apple do this work with the phone at Apple’s offices, with no government agents present, wants the software to work only for the iPhone in question, and does not request a copy of the software.

Tim Cook’s response

Apple hacks and gives the government the private data of tens of thousands of customers. Probably a thousand times a year for national security issues. It does this in its facilities, using software it developed for the purpose.

The feds are investigating a terrorist attack on US soil in which 14 innocent people were murdered. The phone in question wasn’t personally owned by Syed Farook; it was owned by the government agency for which he worked, and whose employees he murdered. Breaking years of Apple practice, Tim Cook refuses to help. He explains himself on the Apple website:

He declares the request “unprecedented.” Sure, if you ignore the tens of thousands of other requests Apple had no trouble satisfying.

He says the order “threatens the security of our customers.” And the possibility of future terrorist attacks doesn’t?

He says the order “has implications far beyond the legal case at hand.” Yes it does. But not the way he means it.

A little further down, he gets to the crux of the matter:

He claims he doesn’t have what the government wants. Everyone knows that, and it’s implied in the court order. But he had the equivalent for earlier versions of iOS.

He claims it’s “too dangerous to create.” While he blathers about encryption and about how Apple can’t get at your data, here he makes no claim that the software is impossible to write – and it’s not! He’s just saying he won’t create it, because he’s too moral or something, and the software would be too "dangerous." Although more powerful versions of the requested software were built by Apple for prior versions of iOS, and they somehow weren't dangerous.

He claims the request is for a “backdoor to the iPhone.” Wow. You can review the actual request above. It’s no such thing. It’s a piece of software that circumvents the iOS 8 defense against brute-force PIN-breaking. Apple gets to create the software and use it at their offices on the provided phone.

Cook goes on:

“The FBI wants us to make a new version of the iPhone operating system.” Maybe that sounds technical and accurate to someone who didn’t read the documents, but it simply isn’t true.

“In the wrong hands, this software…” How exactly is it going to get in the wrong hands, Mr. Cook? Apple employees have full and unfettered access to the source code of Apple software, including iOS. Any time one of them felt like it, they could make an unauthorized version and spirit it to some off-site server, and do all sorts of evil with it. That was true yesterday, is true today, and will remain true regardless of what happens here. The current situation doesn’t change the chances of malicious software being used for bad purposes one iota.

“…would have the potential to unlock any iPhone in someone’s physical possession.” BZZZTTT! What this software would do would be exactly and only what the government is asking for: make it possible to brute-force hack the PIN code, which has one million possible combinations for the default 6-digit PIN. For normal humans, this means you would have to:
- Acquire someone’s iPhone
- Get and load the hacking software onto it, assuming it has somehow wafted out of Apple
- Then, by hand, try 6 digit PIN codes until you got to the one that worked
- On average, this would occur after entering half the possible codes, a total of 3 million digits. This would take more than 34 days of continuous one digit per second attempts.
- Or, if you really are a super-hacker, you could automate the process. Which I won’t go into here.
Cook then gets wilder:

Yes, the software, once created, could, would and should be used on "any number of devices." Devices that were provided to Apple at their offices with proper documentation and court orders. Most of these devices, as today, would have been lost by their owners, and Apple is helping the owners identify them so they can be recovered. Many of these devices, as today, would be evidence in criminal proceedings. And hundreds of these devices per year will be related to national security issues, as they are today.

I am very concerned about the FBI being blocked from tracking and stopping terrorists before they kill. But I'm equally concerned about the "merely" criminal aspects of this. For example:

Cook has more:

Because Apple built software used by Apple on specific phones delivered with court orders to Apple facilities, the government will now be able to listen to your microphone or camera. How exactly does this leap happen?

The fact is, Apple software was, is and will be chock full of security holes and other problems. Here is Apple's own list of the dozens of security problems that were fixed in iOS 7. After fixing all those problems, iOS should be secure, right? Apple then found more bugs, refused to fix them in user's devices, and instead released iOS 8 with no less than 53 additional fixes to security flaws. So how did iOS 8 go, with all those fixes? Not so well, according to Wired:

Finally, Tim Cook once more:

Apple products have been buggy and filled with security holes in every release. It's riddled with back doors, side doors and bottom doors, all because of Apple's ineptness. It's not getting better. Mr. Cook wants us to fear that the mean government will force us to walk around without privacy. Well, we already are! And it's Apple software that's responsible! Extending Apple's existing practice to iOS 8 will not create a new situation — it will maintain Apple's historic cooperation with the legitimate law enforcement operations of government, protecting us from terrorists and criminals.

What is this really about?

I wish I knew. But it's hard not to think of money and market positioning. There is a large portion of the public that thinks that Wall Street and Big Corporations are evil. Meanwhile, Apple makes products that are used by millions of people who think this way. Apple wants to market itself as being for the 99% of people.

But it has a problem. It's one of the richest, most valuable corporations in the world. It charges top dollar for its products, which are entirely made in cheap-labor countries. It plays games to avoid paying taxes. It's bigger and richer than Wall Street! It's even richer than the US Treasury:

It's quite reasonable to imagine that Tim Cook is following in the Steve Jobs tradition of marketing magic to divert its customers from looking at the numbers. Numbers that show that Apple is a corporate behemoth whose sales are slowing, whose new product initiatives have failed, and is desperate to bolster its brand and hold onto customer trust (and revenue) it does not deserve.
I Want an EMR App

I want an EMR app. I want it badly. I want it now. It shouldn’t be that big a deal. Where are all my choices? What’s wrong?

My EMR

Who cares more about my health than I do? Who has more right to hold my medical records than I do? I should have a simple app that contains all my medical and health records, whether generated by me, a doctor’s office or a hospital. I should be able to have that data encrypted and backed up to the cloud, from which I should be able to access it myself or grant access to it by others. It should be easy for me to get the records concerning me from any medical facility I visit – including fancy stuff like MRI’s. It should also be easy to upload my medical records from the past and from other institutions – including the all-important medical history, which is normally handled in such a slap-dash way, too often peppered with errors and omissions.

Access to medical records and banks

Think about banks. They only have my money because I choose to deposit it with them. They provide regular statements, and on-line access to what I’ve got and my transactions. I can withdraw any portion of it whenever I choose. It’s my money, after all – and they’re charging fees.

Now think about a doctor’s office. They only have records about my visit because I choose to go there. I’m paying them for their services, including making tests and keeping records. It’s my data – taken from me with my permission, and paid for by me. How dare they not make every effort to make access to my data be as convenient as possible for me? If a bank made it as hard to withdraw money as hospitals make it to withdraw my own medical records, how long do you think the bank would stay in business? Is sending a bunch of data to my phone really harder than going into a vault and counting out the cash I request? Of course not – they just can’t be bothered!

The medical establishment has it backwards

Today, of course, all my records are scattered about, some in each medical place I’ve visited. They’re stored in different systems that are incompatible. Even software from the same vendor that are installed in different institutions don’t talk with each other! And they certainly don’t talk with me – and if I insist, the best I can get from most of them is a bunch of paper. Uhhh … people … computers have been around for a while now, and there are things called WiFi and the internet that are supposed to make things easier. The people who use them seem to like them. Why don’t you check them out??

Here’s the worst part – the whole medical establishment thinks in terms of them sharing my medical records among themselves. Instead of giving them to me. The patient. Whose records they are. They can think of nothing but, with prodigious effort and great expense, somehow getting all their systems to talk with each other. They can barely keep their own systems working, much less get them to intercommunicate.

Which they can’t do yet. I got an MRI at an office on west 57^th st in Manhattan. I had an appointment with a doctor at a major medical center a few blocks away. I did what I was instructed to do – I walked to the MRI place, waited while they made a DVD of my scan, and then walked to the hospital, gave it to a nurse, and waited while it was loaded in. Years ago, we sneeringly called this “sneaker-net.” Unfortunately, sneaker-net is alive and well in the wonderful world of self-absorbed, stone age medical computing.

EMR vs. My EMR app

The government has already spent nearly $20 billion dollars so far trying to get hospitals to use EMR’s.

A multi-year contract to “upgrade” a military EMR system is worth over $10 billion dollars.

The contract ended up being awarded to Cerner for over $4 billion, at least that's what they're saying now.

These figures are absurd. And after all that money, the systems crash, they’re incompatible with each other, and they’re filled with incorrect and incomplete information.

That’s one big reason why I want my own EMR app, with all my data in it. I can study it and do research at my leisure. I can take it with me. I can complete and correct my history. I can get new providers and their systems up to speed with me and my issues quickly and without the usual labor-intensive paper stuff, replete with errors and omissions. And best of all, it will cost considerably less than a billion dollars.

Conclusion

I’m ready. How about an open source project for it – if it makes sense to build and support linux this way, why not My EMR App? Anyone? But I’ll take it any way I can get it.
Software Business and Business School

What they teach you in business school does NOT help you running a software business. In fact, it probably cripples you.

The good news, sort of, is that most businesses are run by b-school principles and values, if not actually by b-school grads. So as a b-school grad running a software business, you won’t be a stand-out; you’ll be limping slowly along with the rest of them.

But what if you want to excel? Hit it out of the park? Then, I suggest, it would be worth your while to go against the grain, ignore the mainstream “wisdom,” learn what makes a software business different from other businesses, and execute on it.

Software CEO’s

Forget about what academics say. Let’s look at some prime examples.

Larry Ellison

Larry Ellison is a co-founder and CEO of Oracle. He’s one of the richest men in America. He didn’t graduate from college, but worked as a programmer. No formal business training.

Bill Gates

Bill Gates is a co-founder of Microsoft. He’s the richest person in the world. He started programming in high school, and didn’t graduate from college. No formal business training.

Mark Zuckerberg

Mark Zuckerberg is a co-founder and CEO of Facebook. He’s very, very, seriously rich. He started programming in middle school, and dropped out of college. No formal business training.

And so on

I could go on and on.

Enter the MBA

For some of these companies and many others, MBA types eventually enter and run the company. If you’ve gotten really big and successful and just want to coast along, it’s not a bad idea to hire a fancy-pants nanny to come in and keep your children from getting into too much trouble. Why not? You’ve earned it!

But to start the company? Do you hire the nanny to sleep with your husband to get pregnant so “you” can have kids? Not on purpose, anyway! Starting the company, innovating, doing the heavy lifting of hiring and leading the team and building an exciting new company is not something you hire out to an MBA. What’s worse, the MBA has all the wrong skills and applies inappropriate “management techniques” to getting this crucial job done.

The anti-MBA techniques

It’s far easier to be a programmer and figure out the best methods for building a software company on your own than to somehow un-learn, one at a time, all the stuff you learned in business school that just doesn’t work. In addition, you have to have the discipline to just shelve all the lessons you’re dying to apply that are probably good for most businesses – but are somewhere beyond the left-field fences in terms of a software business.

This is a BIG subject … and I’ve written a book about it! Which I’m going to publish! Soon! Yes, I’ll let you know…

Update: It's available. See here for a description, and here for the book.