Overarching themes at Web2Expo

At O’Reilly’s conference on emerging web technologies in San Francisco last week, several of the hit topics from last year’s conference have become full-blown tracks this time around, reflecting how quickly a niche topic like the Facebook Query Language or the mobile web become mainstream.


Another key trend is the move away from traditional web-based interfaces to alternate ways of interacting with applications, from SMS or instant messenger to e-mail. Brady Forrest, co-chair of the event for O’Reilly Media, also listed personal analytics as a growing theme at the conference, citing applications like Socialistics that provide “lots of info porn on your network.”

While much of the event’s content revolves around the practice of running sites, there are a growing number of sessions on how to manage user communities, design interfaces, develop SEO-friendly applications, and include gameplay in sites. “We’ve done a really good job of making this a place where people can learn from those who are defining the future of the web,” said Forrest.

It’s a reflection that the job of web operations, which used to involve hardware, is now as much about managing analytics, communities, content, and legality.

A whole new set of acronyms

The Interop track next week is all about cloud computing and software-as-a-service. The two aren’t necessarily related — in fact, there’s considerable confusion about what the difference between grid, cloud, and SaaS computing is, as well as a host of new acronyms: Platform As A Service (like Salesforce.com’s APEX), or Hardware-As A Service (what some folks are using to explain Amazon’s EC2.)

PaaS, HaaS … please, please, someone come up with Application As A Service.

Living in a virtual world

I’m at Web2Expo this week, followed by Interop next week. I’m moderating a discussion between database heavyweights: Brian Aker, Director of Technology for MySQL; Dave Campbell, Microsoft Technical Fellow behind MS SQL Server; and Matt Domo, General Manager of Amazon SimpleDB. My first question should really be, “why isn’t Oracle here?”

But with the exception of that session, everything I’m seeing is virtual. Here’s my list of ten companies with a virtualization theme you should probably know about.

  1. Elastra, whose seasoned CEO has them out of the gates in record time with a technology for provisioning whole app clusters across any grid you want.
  2. Platespin, who suck physical machines into the virtual world, and just completed acquisition by Novell.
  3. Bluelane, focusing on security within the virtual machine — since if someone owns your hypervisor, you’re a whole new kind of crispy toast.
  4. Stacksafe, who I interviewed for GigaOm out on the pier. Very interesting use of virtualization to do pre-production testing.
  5. 3Tera, who launched a major upgrade to their virtual machine management technology at Web2Expo this week.
  6. Rightscale, who make virtual machine management tools. They just closed a round from Benchmark.

But wait, you say, that’s not ten! Yep, there are four in the list that I can’t get into yet. Stay tuned. They’re all twists on essential parts of a modern application, using bits instead of atoms. And that changes everything.

Web2Expo – an inadvertent foray into security issues

I’m not a huge fan of security and everything that is associated with it. That’s not because I don’t think it’s important; I actually think it’s critical in both networking and application development. But, rather, it’s just not my thing and I’ve usually been in technology areas where security is important, but somewhat peripheral.

That being said, I attended a couple of sessions at Web2Expo today where security issues were a takeaway in both.

First, Jacob West (who’s written a book on security) gave an interesting talk on the “Dark Side of Ajax.” It’s not news that Ajax has some significant security holes that have been exposed already and are somewhat well known. Some examples:

  • Cross-site scripting lets malicious users insert bad javascript code into the content of a website and harm future visitors (the famous Myspace worm exploited this).
  • Cross-Site Request Forgery (CSRF or XSRF) is nasty and exploits websites that need user authentication (among other things)
  • And a new one called javascript hijacking that Jacob has actually written a paper on.

I’ve seen similar presentations at other Ajax/web2.0 events and it’s interesting to me how it’s a lot of talk about how there are problems and very little about what’s being done about them. Mr. West did talk about how some popular Ajax frameworks are addressing the javascript hijacking issue, which is great. But, what happens with the next vulnerability, and the one after that?

Continue reading “Web2Expo – an inadvertent foray into security issues”

Four kinds of visibility web operators need

4 kinds of visibilityMost of the web operators we talk to have some degree of visibility into what goes on within their applications. But many lack a complete picture of their site.

There are hundreds of tools available to show what’s going on with a production website. But the problems arise when people try to use the wrong tool for the job, which often leads to bad conclusions. In my experience, operational questions fall into four major categories:

  • What did my users do?
  • Could they do it?
  • Why did they do it?
  • How did they do it?

There are four classes of tool that answer these four questions. But they’re all similar enough to cause confusion. Here’s a clarification.

Continue reading “Four kinds of visibility web operators need”

Web2Expo San Francisco

Web 2.0 Expo San Francisco 2008Web2Expo San Francisco is coming up. The conference has grown quickly; initially, as a reaction to the popularity of O’Reilly’s more blue-sky conference, Web2.0 (which is now called Web2Summit.) Following the success of Web2Summit — the organizers sold out their 2,000 registrations quickly and had to turn away thousands more — they launched the Expo.

Web2Expo isn’t just a spill-over conference; it’s now got an identity of its own. If the folks at Web2Summit speculate and scheme, then it’s left to the Web2Expo attendees to figure out how to build what their less grounded peers have already promised.

Continue reading “Web2Expo San Francisco”

The downside of getting readers

It’s been an interesting day.

Over the past few weeks, I’ve been bothering friends of mine with questions about how the Internet as we know it might die. Many of them are part of the Bitcurrent crew. We came up with a decent list, which I cleaned up and posted on GigaOm.

1500 Diggs and a lot of comments later, I have a lot of thoughts on the responses. First (though I shouldn’t be surprised) is the vitriol of Digg. It seems like any “top 10” list is instantly considered lame, while at the same time it drives huge traffic. But there was some useful dialogue in the noise, too. Continue reading “The downside of getting readers”

Interop Las Vegas: Next-generation networking

It’s nearly April, and that means Interop.

Since 1994, I’ve been attending and participating in the Interop show. It’s an incredible endeavour; the world’s largest production network gets set up and torn down in just a few days. The show’s been around for so long, it has its own class A address block. Seriously, check it out.Interop free registration banner

One of the reasons for the show’s longevity has been its focus on education. Rather than just being a sales convention, it’s a source of learning for the internetworking industry. A while back, this meant proving that one VPN could talk to another. Before that, it was simply getting two Ethernet hubs to communicate.

Today, however, those interoperability issues are long over. Instead, we worry about how IT will work in the future, and how different services or different companies can interoperate.

Continue reading “Interop Las Vegas: Next-generation networking”

GigaOm Structure: Defining the future of business infrastructure

GigaOm, one of the leading tech blogs, launched its Structure conference recently. We’re going to be getting involved with the conference, helping to find speakers and vet topics.GigaOm Structure ‘08

In fairly sharp contrast to technology conference that focus on the “how” of infrastructure, Structure looks at the “why.” As one of the GigaOm folks told us, this event is more about the ways changing infrastructure can fundamentally alter an online business.

Continue reading “GigaOm Structure: Defining the future of business infrastructure”