In San Francisco this week, Cloudflare held its fourth Internet Summit to discuss the state of the industry, in keeping with the norms of navel gazing and self-fascination that afflicts Silicon Valley.
The topics of concern recalled other events with the words “internet” and “summit” that have occurred over the past two decades in the Bay Area: how should companies think about digital transformation, is there enough oxygen among the internet giants for further innovation, and what kind of regulation is appropriate, to name a few.
Missing the wave
Jeff Immelt, chairman of Athenahealth and former chairman and CEO of General Electric, touched on his old firm’s digital awakening, noting that around 2010, sensors and analytics began to change the way GE interfaced with customers. The first wave of the internet, he said, more or less passed GE by.
“You used to sell jet engines,” he said in a conversation with Michelle Zatlyn, Cloudflare’s co-founder and COO. “…Now you sell outcomes.”
For GE, he said, one of the core decisions involved deciding what the company would build, like analytics, and what it would buy, like security.
It used to be that a vendor like Oracle would come in, consult, and sell you an ERP solution and you didn’t have to know much about it, he said. It was a compliance tool, he explained, but now the focus is on results.
“The next wave of IT tools are practitioner-based,” he said, adding that the metrics and talent required to operate these systems are different.
To be a smart buyer of technology, he said, you have good practitioners. And that requires talent.
“The only way to get talent is actually to demonstrate that you’re in it to win it,” Immelt said.
The hardest aspect of managing digital transformation is how you handle legacy systems and the people who tend those systems, he said. You have to bring people with you, but you also have to embrace change, he explained.
Immelt also scolded Silicon Valley for its lone wolf attitude. “You can’t just give Washington the finger,” he said. “The government always wins.”
He added, “You’re not trained to play well together as an industry. You flunked kindergarten or something.”
Don’t count on the FCC over neutrality
Julius Genachowski, managing director The Carlyle Group and former chairman of the FCC, predictably expressed skepticism about the Trump administration’s stance on net neutrality.
Genachowski, speaking with Cloudflare general counsel Doug Kramer, characterized himself as an optimist, though he said he had become less so given the recent goings-on in government. He said it’s an interesting time in history due to the emergence of several large, well-capitalized tech companies – Amazon, Apple, Facebook, Google, Microsoft – each of which has some form of competitive advantage and is increasingly competing with the others.
“Is it getting harder for new entrepreneurs to enter and compete with the digital giants?” he mused. “Yes, I think it is.”
At the same time, he said, there’s a sense regulators don’t know what to do.
“What you’re seeing in Washington is frustration about size and power but not a lot of good ideas about how to handle it,” he said.
Genachowski, however, expressed dissatisfaction with shifting net neutrality rules.
“I think the pendulum is mostly awful because it does not allow companies to plan as effectively as they should,” he said.
Asked by Mark Seiden, security advisor for the Internet Archive, when the FCC will step up and take some responsibility establishing standards for device security and resilience, Genachowski acknowledged the issue is an important one.
“If I were at the FCC now, I would press the authority the FCC has to try to so something about that,” he said.
Security v usability
A security panel followed, during which Cloudflare CTO John Graham-Cumming chatted about how to make security usable with Adrienne Porter Felt, engineering manager for Google Chrome, and Roselle Safran, president of Rosint Labs and former cybersecurity operations branch chief at the White House (2013-2014).
FCC boss slams new Californian net neutrality law, brands it illegal
“You can’t make billions of people all happy at once,” said Felt, a sentiment perhaps informed by Google’s recent short-lived change to the way Chrome displays URLs.
Safran stressed the importance of user education, noting that while you don’t have to convince business owners to lock their stores in the evening, internet users aren’t uniformly convinced that they should guard their data.
Advice was dispensed, much of which anyone with even a passing interest in security will have heard elsewhere. For example, Safran warned against inserting unknown thumb drives in computers.
“There are some threat actors who will just drop thumb drives in parking lots because they know someone will plug it in and then you have an infected network,” she said.
She also suggested those with security concerns should consider whether relatives might become a weak link, noting that sophisticated attackers have been known to go after unsuspecting friends or family members to get to an associated target.
Felt pitched password managers. “For the longest time, I was too prideful to use a password manager,” she said. “Then I got locked out of basically every account.”
The morning concluded with Graham-Cumming interviewing Dan Boneh, professor of computer science in the Applied Cryptography Group at Stanford University.
Aware of the avid promotion of all things blockchain in Silicon Valley, Boneh stressed that crypto means cryptography rather than Bitcoin or the like, a sentiment that brought applause from an audience evidently weary of cryptocurrency pitches.
“Blockchains is an area that’s just a little bit over hyped,” he said. “I think it’s causing damage to the field.”
But if you ignore the hype, he said, there are a lot of legitimately interesting computer science questions tied to blockchains and cryptography. He pointed to zero-knowledge proofs, by which data can be verified without being revealed, as an example, and to a Stanford research project called Prio, for aggregating data while maintaining privacy. He also expressed enthusiasm for hardware enclaves as a way to protect data in the cloud.
Asked about homomorphic encryption, which allows computation on encrypted data, he said, “Homomorphic encryption is still too slow for real world.”
Maybe next year. ®