The iTunes Application store is open for business. The offerings that will further separate, differentiate, and personalize your iPhone have finally arrived. Want to turn your iPhone into an Etch-a-Sketch (and really, who doesn’t)? Now you can. Looking for games to stave off boredom? There are plenty. Hoping to be more productive? Well you can do that to, but as to why you would want that is a mystery to me. There are many sites highlighting the best Apps so I won’t retread that ground here, but I will link to them below.

The Apps store will definitely something for everyone, but after spending a few hours perusing it this morning I was thinking of some yet to be released applications that could be particularly useful. These ideas were borne during the time I was writing Yankee Group’s 2008 Device Survey in January. I wanted to learn more about how consumers researched products and turned that education into action. User reviews and peer group were the most used resources and the most influential. Price also played a critical role. Those factors shaped the applications I would like to see:

1. Mobile User Reviews.  Getting unbiased products reviews while at retail is nearly impossible. The end result of this is buyers seeing products, going home to research them, and then going back to the store to buy (or instead buying online). This is bad for retailers who want to invoke buying action immediately and in an era of $4+ gas all that additional travel is also bad for consumers.  This application addresses that. It would provide a compilation of unbiased reviews scoured from the most frequent sites on the web, Amazon.com, Bestbuy.com, Circuitcity.come, CNet.com. A buyer simply loads the app, inputs the device they are interested in buying and receives a roll-up of ranking from each site. Drilling down would provide the verbatims users rely so heavily on online. This can be extended to anything really, CE, books, etc.

2. Compare Pricing. The internet freed us from waiting for the Sunday paper to arrive to compare prices. Now its time to take it one step further. This application would allow users to input the price of a specific device at the retail location they are currently in. The application would then scour the web for other retailers prices and use GPS to show which locations in your vicinity offer the same product for less. Naturally, the mapping software would then provide turn by turn directions to help you get there. 

3. What will this work with? In the ever evolving world of technology, CE buyers are challenged to determine if something is interoperable with the rest of their devices. This application would let users input all the devices they own. When making a purchase decision they would input the new device and it would provide information as to what devices in the home it will and won’t work with. 

Ultimately, these applications would simplify the buying process and help bring the means to independently research a product directly at retail. No longer will users have to go home to ensure that the router they want to buy works well, fret over buying something that is cheaper next door, or worry that what they buy won’t work with what they own. This is the epitome of Anywhere - consumer’s accessing what they need when they need it wherever they are. Now all we need is some developers to actually make these applications and everything will be perfect.

Sites providing great insight into the best iPhone Applications

Tech Crunch

Engadget

Gizmodo

Recently I’ve been asked by several publications to comment about mobile security, and more specifically about the security issues that we are seeing on smart mobile devices. Jim Finkle at Reuters did a nice job rounding up the usual suspects in a widely-circulated article that I recommend highly. In it, he quotes Symantec COO Enrique Salem (a smart cookie) and McAfee’s CEO Dave DeWalt (someone I have not met, but who is also said to be a smart cookie). He also solicited some insightful comments from Mark Rasch, a cyber-security lawyer I haven’t met, but whose SecurityFocus columns I have been reading and enjoying for years. I contributed my own little soundbite, which attempted to put things in perspective. All of these parties have interesting things to say, but a multi-interviewee story like Jim’s cannot give you the True Yankee Perspetive. So here it is.

Our take on “mobile security” has always been contrarian, and different from that voiced by the most popular interview subjects, namely security vendors. That camp’s position, grossly simplified, is this:

• Computers, particularly the Windows operating system, has long had a “malware problem.”
• Mobile phones are increasingly taking on computer-like features
• Because mobile phones are like computers, they will soon have malware too
• And because everyone has a phone, everyone will soon have malware

The general point is that endpoint security vendors see mobile phones as just another endpoint that will obviously have the same issues as other platforms they provide products for. In other words: mobile phone security is an adjacent market that they can safely expand into, because we all know that the problem space is the same, right? Right?

Elementary enough on its surface, the logic breaks down under casual scrutiny. The logical flaws remind Yankee Group of the old Woody Allen syllogism from Love and Death: A) Socrates is a man. B) All men are mortal. C) Therefore, all men are Socrates.

My folksy-philosopher dad likes to say that the old saying “seeing is believing” works in reverse, too. In other words: if you believe that a mobile malware maelstrom is approaching, you will see storm clouds everywhere.

Even when the storm clouds are just vapor.

Now, I won’t deny that certain mobile platforms (for example, Symbian) have had some problems with mobile malware. Most security analysts who follow the mobile world are well aware that there are many variants of CommWarrior and Skulls circulating out there. And yes, we know that BlueTooth auto-discovery could well allow phones to be hijacked at close range. Thank you, Sophos, for staging a media event that demonstrated this. Brilliant and well done. We also know that some end-users will be frustrated and occasionally tricked by SMS messages they receive from fraudsters. But misdirection and mischief (social engineering) is not the same thing as malware.

Where I part company with the vendors is the notion that somehow the mobile malware maelstrom is inevitable. Yankee Group has long maintained a consistent position on the coming mobile malware epidemic: there won’t be one. Breathless predictions of impending maladies — regularly recited by sellers of miracle tonics — cannot disguise the fact that the necessary preconditions for pervasive mobile malware do not exist, and never will. Here’s why the tonic-sellers’ logic is fatally flawed:

• Mobiles don’t have a monoculture operating system. Symbian, Windows Mobile, Android, iPhone and RIM all have significant shares, and we won’t see any of them gain more than 50% of the market.
• Malware has no obvious mass-infection vector. Short-range, rifle-shot BlueTooth promiscuities don’t count.
• Less-open operating environments. Most of the smartphone OSes (Symbian, iPhone, RIM for starters) require some form of digital signature to run a third-party application. This provides an audit trail, and gives the OS vendor (or carrier) an opportunity to revoke the certificate if the app misbehaves. I happen to like Apple’s model, because there’s one certificate issuer and thus one point of accountability. No, rogue apps run in jailbroken phones don’t count because they won’t be substantial.

None of these inconvenient facts seem to trouble security vendors too much, and every few months Yankee hears about another mobile security product launch. But mobile anti-malware software isn’t selling. John Thompson (Symantec CEO) more or less admitted it at this year’s Vision conference in Las Vegas, where he said that substantial investments in mobile security software wasn’t a very good use of shareholder money. Hats-off to JWT for telling the truth.

Setting the record straight on mobile security means talking straight about what is actually needed, and what is just hype. Enterprises certainly need the ability to remotely kill devices that have been stolen or lost. And certain kinds of mobile phones will probably also need encryption to keep sensitive contents safe from casual prying eyes. But on-board anti-malware software to prevent phones from contracting hypothetical future maladies? As Mike Rothman might say, “not so much.”

I’ve just begun researching a report with a working title of “Best of the Mobile Web.” As a result, I was pleasantly surprised to see that not only does OpenTable now seat three million diners a month, but it also has launched a mobile version of its web site. For those unfamiliar with the company, the premise is simple: it allows you to electronically find and book restaurant reservations. It is a great solution for those times when you want to plan a great meal in a new area, or simply want to explore new restaurants.

I think the mobile web version of this service is a perfect example of what the mobile web is good for. It has a simple, clear function, namely making restaurant reservations. It works on many mobile platforms; the fact it works on my BlackBerry’s limited browser is testament to its versatility. And it eschews Flash, graphics, and scripting in favor of a standard HTML pages that load quickly, even over slow wireless networks.

It’s too early to claim that OpenTable will be one of the best mobile web sites for my report. Every site has to be evaluated according to 25 Anywhere web criteria, so great content alone isn’t enough to land a spot on the list. Nonetheless, I have to say that OpenTable.com certainly has Anywhere appeal. After all, what’s the point of ubiquitious connectivity if you can’t find a place to eat dinner?

A few days ago I posted the requirements I deemed necessary to upgrade to a 3G iPhone. While the good folks at Apple decided to ignore all of my requests they did one thing that superceded all my other demands - dropped the price in half. For $200 I can get a new iPhone with 3G and GPS that I didn’t think would alone justify my need to upgrade. I will stifle my disappointment over the still 2Mp camera and unknown inclusion/exclusions of bluetooth stereo while I fork over my $200.

Another group that will be equally, if not more so compelled to now buy are consumers who had been sitting on the fence because of cost. In an informal poll I conducted earlier with one friend who has been lusting after the iPhone since he first drooled over mine some months ago I learned that the fence sitters will soone be resting more comfortably on the Apple side. While this is a small sample size (I promise, our surveys are more statistically relevant) the steep price decline will do wonders for Apple’s ability to further penetrate the broader market. Now all we need is a sub $1,000 iMac and Macbook!

And one other thing - does anyone want an iPod Touch anymore?

At Yankee Group, we’ve been researching and predicting the future for a while now. Sometimes we get it right, and sometimes not so much. Our biggest Big Bet is the one we’re making around Anywhere — the notion that the global connectivity revolution will introduce dramatic changes in the way we live and work.

A key part of our Big Bet is around something very tiny. Made from plastic and glass and silicon, mobile phones are getting smarter every day. Even better, the increase in flat-rate data plans means that the mobile internet usage is going to explode. This broad macro trend — increased mobile internet usage — has profound implications for security, and in particular for mobile identity. If you take your phone, keys and credit cards with you, it seems to me that you will want to take your identity along too.

With that background in mind, I’m pleased to give YG blog readers a quick preview of a report I just finished today called Sizing the Mobile Identity Opportunity that puts numbers around how big mobile identity might be. Based on a model derived from our consumer data and mobile forecasts, the numbers, which I believe are conservative, are eye-popping. Assuming our forecasted mobile usage trends continue as we expect, by 2012 US mobile subscribers could generate over 360 billion identity events per year. By “identity event,”  I mean the act of authenticating to an online service or website. Applying the Law of Large Numbers to a miniscule fee per event yields another big number in the hundreds of millions of dollars. These are dollars that mobile operators and identity management vendors could leave on the table unless they capitalize on the opportunity.

This report won’t be available for several weeks. It usually takes a little while for our Editorial services group to bang out the dings in my dented prose, and for our peer reviewers (which in this case will include several outside organizations) to weigh in. More about this soon!

I am not a mobile web developer. Rather, I am more of a “weekend programmer” focused on traditional web applications. (I am a co-author of Apache JSPWiki, a Java-based wiki software package. No prizes for guessing that I wrote the security bits.) But even though I haven’t tried to do any mobile development just yet, my iPhone’s web browsing capability has gotten me curious about makes a good mobile application — from the nuts-and-bolts perspective. So it was with great interest that I read Brian Fling’s excellent Web 2.0 Expo presentation, Design and Develop for the iPhone and Beyond. I recommend it highly: not only did Brian teach me a few technical tips, he also clearly explains the mobile development stack, from the mobile operators up through the application toolkits. It’s a cracking good deck, too; almost as elegant and entertaining as Dick Hardt’s rapid-fire Identity 2.0 presentation from 2005.

Yesterday I spoke at Symantec’s Worldwide Sales Conference. The speaking gig itself — a panel on consumer security — was a blast. Byron Achohido (USA Today reporter) moderated. My co-panelists included a representative from the Cato Institute, a Symantec researcher, and a top security architects from Amazon — a person I’d heard of, but had never met. The panel was a lot of fun, and there were few surprises. What was surprising was what I found at the airport today on my way out this morning. Let’s go to the videotape. I arrived at Las Vegas airport around 11AM. After getting through security and to my gate, I began the usual squinty-eyed scan for power outlets — a vulture-like circling motion that I’ve come to recognize in other fellow travelers. Once I found and commandeered a suitable power source, I flipped open the lid of my notebook and looked for a wireless signal. Lo and behold, I discovered that rarest and most delightful of finds: free public wi-fi. When an Anywhere Consumer has a few minutes free and finds something nifty there’s only one thing to do: Twitter the good news, of course! But first, I skimmed the last few days’  worth of tweets using my RSS reader. Then I logged on to the Twitter website directly and sent the following tweet to my ~80 followers: “So Wifi is free at McCarron, which is cool.” One of my former colleagues responded, not more than 5 minutes later, with this: “Free WiFi at McCarran due to strong views McCarren CIO Sam Ingalls.” Fifteen minutes after that a crony at another analyst firm sends me a direct tweet (SMSed to my mobile phone) saying he wished he’d known I was at the Symantec event, because he was there too. To top it all off: I peered closely at my Finder window and noted that Bonjour was telling me that there were at least five other Macs in the immediate vicinity, one of which was named “Book of Power.” What’s remarkable about all this? Nothing, really. Just another day in the life of Ubiquitous Connectivity. But reflecting a bit on the whole thing, I’ve concluded that:

• Free services like Twitter, and McCarren’s wi-fi network — foster novel kinds of spontaneous social interaction.
• The  underlying network protocols — in this case, HTTP (web), SMS (Twitter), Bonjour (local network discovery), 802.11 (wireless) — are less important than the experiences they foster. With apologies to James Carville, it’s the application, stupid!
• Communities like Twitter flourish precisely because of their decentralization, and they illustrate how “circles of friends” provide an important alternative to centrally-managed hierarchies (such as those created by IT departments).

Perhaps the most important lesson is also the most obvious: never mind the technology. Left unchecked, you can waste a lot of time on Twitter.

For years, I’ve used the phrase “4D smell-o-vision” to represent the next big bandwidth consumption thing. What I’ve intended to convey is the apparent silliness to us now of future digital applications, ones which may in fact prove to be useful to our kids, or their kids’s kids. I remember how pointless I thought color computer displays were when I first saw them (of course I was a very small child at the time).

Today I wonder if we might really be moving to 4D smell-o-vision after all!  I’m in Tokyo, where The Japan Times reports that NTT Communications has introduced Mobile Fragrance Communications — the ability to download custom fragrance communications, ultimately released by a dedicated device loaded with component fragrances in cartridges, but mixed according to the instructions downloaded by keitai.

Notwithstanding my childhood predictive boo-boo on color displays, I have to say I have a healthy suspicision of the utility to the average consumer of this innovation. In fact, I’m willing to go out on a limb on this one to say that I highly doubt the likelihood of mass adoption of Anywhere Fragrance (sm) behaviors. 

But I will say this: the next five to ten years will feature a wave of new mobile offerings from the weird to the wonderful. And in that wave will be a few things that will transform consumer experiences just as dramatically as the mobile phone itself has done. It’s constant experimentation that will unlock the sweet smell of Anywhere activity success (sorry).

The rattle of jackhammers and traffic gridlock welcome any visitor to London after the ides of March.

The UK financial year is ending: Spend your budget by April 5 or expect a cut, particularly if you’re in public works.

This year, the thud of suitcases locking and money swooshing down the Thames join this noisome mix. London’s non-doms and investors are in startled exodus.

The cause: severe new UK tax laws. And they’re empoverishing our industry.

Read the rest of this entry »

With the emergence of true mobile computing, one of the things Yankee Group wants to work out for our clients is the impact on the user experience. When you don’t have a bright 15-inch screen and a mouse or a touchpad for instance, how much information can you request? When you’re not at your desk but in a harried queue shoving your carry-ons forward with your feet, how well can you concentrate on what a mobile screen has to tell you?

As usual with big directional changes in technology, vocabulary has to help us think differently. I’ve been talking about the likelihood that we’ll start to see atomized applications — apps reduced from today’s do-it-all-with-footnotes monsters to very simple, discrete tools doing just a few things. YG analyst Carl Howe says the term he’s hearing is ‘Chiclet’ apps, as with the iPhone interface being rapidly adopted elsewhere. But beyond reducing app bloat to a simple set of functions, there’s also a need to think more simply about presenting information. In a document- and report-centric world, we’ll be re-thinking content delivery in a big way.

David Birnbach, CEO of Vaultus Mobile, was talking with us about this the other day, as Yankee Group works to figure out solutions to mobilizing our substantial Anywhere databases. Vaultus develops mobile clients for large enterprises that want to give employees or customers mobile access to corporate databases. “People seem to want to go from the aggregate level, e.g. all store sales, to the unit level, like women’s shoes sales in one store, in just two or three clicks. You have to strip back to a clean slate in planning what to present. It needs to start out very rolled-up-ish.”

My spell-checker doesn’t like that word, but I do!