The FBI illegally obtained thousands of Americans' telephone records during the Bush administration. The individuals involved apparently used a variety of methods, often with the cooperation of phone company employees.
NPR recently published the story at http://www.npr.org/templates/story/story.php?storyId=122774614
"They [phone company employees] worked in the FBI building, and agents would do what they called "sneak peeks" — basically, looking over a phone company employee's shoulder to get information from the computer screen without going through any formal channels."
The questions around this report go far and wide. What I wonder is: did everyone know what was going on? I doubt it. I suspect there were some phone co execs who were aware and felt it was the right thing to do, but there were others who would not have been ok with it. Phone companies are big and complicated, and it would be hard for anyone to know what everyone else was up to. Let's just say the guys who were sure it was the right thing to do probably gravitated to a position where they could enable that information sharing.
What really struck me about the report was the realization that we (Oculis) could have stopped these leaks. This "social hack" of letting FBI read the data over the shoulders was used because it was an easy way of subverting the security and audit controls without notice. The info security industry has good solutions for securing data in electronic form, but when it gets to the computer display it's simply broadcast out there for anyone to see.
Oculis is all about solving this problem. We're protecting that last 2 feet in the chain - from the screen to you. With PrivateEye running on those machines it would not have been possible for FBI to simply shoulder-surf the information. There would have been an audit trail, there would have been physical evidence that someone else was looking at company confidential material.
PrivateEye would have stopped the shoulder surfing. The rule-breakers would have had to find another way around, and they probably could, but each additional step increases the chance of detection. At a certain point the rule-breakers would have weighed the risks and decided it would be better to just follow the rules.
If you build a security system for the purpose of protecting information then do it right - don't stop 2 feet short of the goal.
Bill
Thursday, January 28, 2010
Wednesday, January 27, 2010
Finding a great niche
There's a great big buzz about tablets computers, fanned in particular by the announcement of Apple's iPad today. The idea of a tablet computer is that it does not have a keyboard, or any other peripherals. You simply touch the screen with your finger to point, click, gesture and type. Think of an iPhone, but with a much bigger screen.
I absolutely love them, by the way ... but that is not the point of this post. Oh, and they are great for some kinds of computing, like web browsing and casual note taking and, ... anyway, not the point of the post. What is the relevant is that they have been around for a while and there are several major PC makers already selling them, like Lenovo and HP. They are turning up in places like hospitals for use by professionals there.
Last week I met with executives at one of these bit PC makers to talk about PrivateEye. They are looking at integrating the product right into the platform, which would be great. That's when I found out about the perfect niche for us: You can't put a 3M privacy filter on a tablet. The plastic interferes with the touch screen.
So I am now an even bigger fan of tablets. And touchscreens in general. We learned something really useful in that meeting: There is a whole segment of new systems out there where we can go and the competition can not. Our next task is to start making connections and finding ways to tell buyers that they can still have privacy with that shiny new gizmo.
And maybe I'll need one myself... for testing purposes.
Bill
I absolutely love them, by the way ... but that is not the point of this post. Oh, and they are great for some kinds of computing, like web browsing and casual note taking and, ... anyway, not the point of the post. What is the relevant is that they have been around for a while and there are several major PC makers already selling them, like Lenovo and HP. They are turning up in places like hospitals for use by professionals there.
Last week I met with executives at one of these bit PC makers to talk about PrivateEye. They are looking at integrating the product right into the platform, which would be great. That's when I found out about the perfect niche for us: You can't put a 3M privacy filter on a tablet. The plastic interferes with the touch screen.
So I am now an even bigger fan of tablets. And touchscreens in general. We learned something really useful in that meeting: There is a whole segment of new systems out there where we can go and the competition can not. Our next task is to start making connections and finding ways to tell buyers that they can still have privacy with that shiny new gizmo.
And maybe I'll need one myself... for testing purposes.
Bill
Tuesday, January 26, 2010
Loving the competition
We plan to be big at Oculis Labs. Our PrivateEye product solves a major computer privacy problem that just about everyone who works with proprietary or personal information has felt: is someone looking over my shoulder at my screen right now?
You've probably felt that sense of unease yourself. If so, you're part of that great big market we think will use PrivateEye. Given that you're reading this blog, there's a good chance you are technically interested enough to be an early adopter too. You could go over to the oculislabs.com website right now and download the product (go ahead, I'll wait here...)
The trouble is, not everyone is like you. Many people are happily not reading a tech blog right now. Most have no idea that they could solve the problem with a cool new software application. What they would think about is what you are probably thinking right now: 3M privacy filters.
There, I said it. We have competition, and they are big and well known. It's ok. This proves a $100m annual market for what they are selling. In other words, there's $100m worth of caring-about-that-problem-and-solving-it-with-a-primitive-piece-of-plastic in the world today.
It gets better: how many people have rejected the plastic filter because it is too cumbersome, or not effective, or too expensive? A lot of people have. There's the really big opportunity: finding ways to reach the 120 million new laptops that will ship this year.
Next time I'll tell you about one great niche we've found where we can go.
You've probably felt that sense of unease yourself. If so, you're part of that great big market we think will use PrivateEye. Given that you're reading this blog, there's a good chance you are technically interested enough to be an early adopter too. You could go over to the oculislabs.com website right now and download the product (go ahead, I'll wait here...)
The trouble is, not everyone is like you. Many people are happily not reading a tech blog right now. Most have no idea that they could solve the problem with a cool new software application. What they would think about is what you are probably thinking right now: 3M privacy filters.
There, I said it. We have competition, and they are big and well known. It's ok. This proves a $100m annual market for what they are selling. In other words, there's $100m worth of caring-about-that-problem-and-solving-it-with-a-primitive-piece-of-plastic in the world today.
It gets better: how many people have rejected the plastic filter because it is too cumbersome, or not effective, or too expensive? A lot of people have. There's the really big opportunity: finding ways to reach the 120 million new laptops that will ship this year.
Next time I'll tell you about one great niche we've found where we can go.
Monday, January 25, 2010
Thoughts on growth
Oculis Labs is now entering our third year in operation. It's been a good ride so far, and no-one wants to get off. In fact, we have more people jumping on. I should explain.
When I started the company in 2007 it was just me, some ideas, and the initial investment. I got to work prototyping the ideas, developing patents and making connections with partners and customers.
In 2008 we started getting attention from potential customers and press, but we were still in the development phase as we were trying to get the first product, Chameleon, working and stable. We had 4 engineers and other staff working at that point. Getting Chameleon working was a major effort - no-one had ever tried to combine gazetracking, with vision/cognition research, and Windows OS to make a radical new security application for protecting computer displays against eavesdroppers. In the end, we got it working and it is very impressive.
One thing we learned along the way was that selling to government was going to take a while, so in 2009 we started working on PrivateEye, a privacy application for consumers and enterprise (although it turns out government likes it too). By summer 2009 we had our first commercial release, and got a significant amount of press and customer enthusiasm.
It's one thing to have a good product idea, it is quite another to be in the market and selling it. We are there now, and while we have lots of work to do to make it big, we are on the right track and we're getting deals in both the government space Chameleon, as well as consumer and commercial with PrivateEye.
As we start 2010 we're are planning for more growth. Despite the poor economy for raising venture investment, Oculis has gained the confidence of enough groups to close our Series B round. That puts us into a rare group of small technology companies that has received funding in the past year.
It feels really good. It feels like growth.
Bill
When I started the company in 2007 it was just me, some ideas, and the initial investment. I got to work prototyping the ideas, developing patents and making connections with partners and customers.
In 2008 we started getting attention from potential customers and press, but we were still in the development phase as we were trying to get the first product, Chameleon, working and stable. We had 4 engineers and other staff working at that point. Getting Chameleon working was a major effort - no-one had ever tried to combine gazetracking, with vision/cognition research, and Windows OS to make a radical new security application for protecting computer displays against eavesdroppers. In the end, we got it working and it is very impressive.
One thing we learned along the way was that selling to government was going to take a while, so in 2009 we started working on PrivateEye, a privacy application for consumers and enterprise (although it turns out government likes it too). By summer 2009 we had our first commercial release, and got a significant amount of press and customer enthusiasm.
It's one thing to have a good product idea, it is quite another to be in the market and selling it. We are there now, and while we have lots of work to do to make it big, we are on the right track and we're getting deals in both the government space Chameleon, as well as consumer and commercial with PrivateEye.
As we start 2010 we're are planning for more growth. Despite the poor economy for raising venture investment, Oculis has gained the confidence of enough groups to close our Series B round. That puts us into a rare group of small technology companies that has received funding in the past year.
It feels really good. It feels like growth.
Bill
Subscribe to:
Posts (Atom)
