On Privatizing Intelligence Gathering

Yaacov Apelbaum - F18 Instrument Panel Facebook Twitter and YouTube

Much has been said about the military’s effort to incorporate social media platforms into its arsenal of weapons.

Over the past two years, there have been several detailed reports claiming that the armed forces are engaging in large scale social media manipulation initiatives. In his article, “Military’s ‘persona’ software cost millions, used for ‘classified social media activities’”, Stephen Webster provides details about a contract issued by the USAF to develop software that will allow it to create, manage, and operate an army of sock puppets worldwide. In a different article, US Military Caught Manipulating Social Media, Running Mass Propaganda Accounts” Anthony Gucciardi describes how this is done.

The fact that the military is using SN manipulation tools to fight the war is laudable. It’s about time they started using non conventional solutions to carry the war into the back alley Internet cafes where virtual battlefields of radicalization are raging.

The national defense agencies, which are among the most technical and professional organizations out there, are self conscious about the pros and cons of dabbling with SN. The USAF social media guide illustrates these concerns. It offers a detailed analysis and operational recommendations for engaging in SN activity. for example, the global media information flow is shown through the following diagram:

Yaacov Apelbaum - USAF social media Distribution

In another section, the “guidelines to assist Airmen in engaging online conversations” offers a list of the following dos and don’ts:

No Classified Info
Do not post classified or sensitive information (for example, troop movement, force size, weapons details, etc.). If in doubt, talk to your supervisor or security manager.

Replace Error with fact Not Argument
When you see misrepresentations made about the Air Force in social media, you may certainly use your blog, their’s, or someone else’s to point out the error. Always do so with respect and with the facts. When you speak to someone with an adversarial position, make sure that what you say is factual and is not disparaging. Avoid arguments.

Admit Mistakes
Be the first to respond to your own mistakes. If you make an error, be up front about your mistake and correct it quickly. If you choose to modify an earlier post, make it clear that you have done so (such as by using the strikethrough function).

Use Your Best Judgment
Remember there are always consequences to what you write. If you’re still unsure, and the post is about the Air Force, discuss your proposed post with your supervisor. Ultimately, however, you have sole responsibility for what you choose to post to your blog.

Avoid The Offensive
Do not post any defamatory, libelous, vulgar, obscene, abusive, profane, threatening,
racially and ethnically hateful, or otherwise offensive or illegal information or material.

Avoid Copyright
Do not post any information or other material protected by copyright without the permission of the copyright owner.  Also, consider using a Creative Commons license to protect your own work (see
http://creativecommons.org for details).

Trademarks-  Don’t Breach
Do not use any words, logos or other marks that would infringe upon the trademark, service mark, certification mark, or other intellectual property rights of the owners of such marks without the permission of such owners.

Don’t Violate Privacy
Do not post any information that would infringe upon the proprietary, privacy or personal rights of others.

Avoid Endorsements
Do not use the Air Force name to endorse or promote products, opinions or causes.

No Impersonations
Do not forge or otherwise manipulate identifiers in your post in an attempt to disguise, impersonate or otherwise misrepresent your identity or affiliation with any other person or entity.

Use Disclaimers
Identify to readers of a personal social media site or post that the views you express are yours alone and that they do not necessarily reflect the views of the Air Force. Use a disclaimer such as: “The postings on this site are my own and don’t necessarily represent Air Force positions, strategies or opinions.”

Stay In Your Lane
Discussing issues related to your AFSC or personal experiences is acceptable but do not
discuss areas of expertise for which you have no background or knowledge.

Considering the fact that SN bridges numerous EULA and jurisdictional boundaries, it’s likely that these tools will end up violating some privacy laws. But with that having been said, I also have the utmost faith in the military’s ability to regulate and control itself. Between the office of the inspector general, the Uniform Code of Military Justice, and the clear constitutional limitations imposed on the military’s ability to operate on US soil, I think that there are enough checks and balances to prevent wide scale domestic Orwellian style abuse of this technology.

So, what seems to be the problem? Well, the biggest issue is that parts of the SM intelligence collection, monitoring, and analysis are no longer being carried out by the military/three letter government agencies. Rather, it’s being conducted by a horde of private intelligence firms. Some of these include: Palantir, Stratfor, HBGary Federal, Berico Technologies, Endgame Systems, and Booz Allen Hamilton which recently gained notoriety thanks to Edward Snowden’s mega leaks.

A better insight into the functioning of this rent-an-intelligence world of shadows can be gleaned from the hack by LulzSec. In 2010, the group successfully breached the private intelligence firm HBGary/HBGary Federal. The hack captured over 75,000 e-mails. It revealed the close cooperation between large commercial firms such as Bank of America and various government agencies. For example, it showed that BoA solicited the Department of Justice for help regarding possible disclosure by WikiLeaks. The Department of Justice then referred BoA to the political lobby firm Hunton and Willliams, which in turn connected the bank with a group of information security ‘fixers’ known as Team Themis.

Team Themis—a group made up of HBGary Federal and the intelligence firms Palantir Technologies (named after Saruman’s seeing stone in J. R. Tolkien’s Lord of the Rings), Berico Technologies, and Endgame Systems—was consulted regarding ways to destroy the credibility of WikiLeaks and Glenn Greenwald, a Salon.com reporter who wrote favorably about WikiLeaks. The strategy, sought to “sabotage or discredit the opposing organization” and even included a plan to submit fake leaked documents and then call out the error.

Interestingly, some of the leaked documents contained Palantir’s and HBGary’s PowerPoint decks and e-mails which detailed various Machiavellian schemes. A notable example was the strategy for destroying the credibility of Glenn Greenwald.

Yaacov Apelbaum - Palantir presentation about Glenn Greenwald 1

Yaacov Apelbaum - Palantir presentation about Glenn Greenwald 2

Yaacov Apelbaum - Palantir and WikiLeaks

Even more troubling were plans to use malicious software to hack into computers owned by the opponents and their families. The e-mails show a proposal to develop and use “custom malware” and “zero day” exploits to gain control of a target’s computer network in order to snoop their files, delete content, monitor keystrokes, and manipulate websites.

Yaacov Apelbaum - HBGary Exploit Development Services

In one e-mail, a 27 year old Matthew Steckman, a Palantir employee who was central to the Themis operations, boasted:

We are the best money can buy! Damn it feels good to be a gangsta.

It turns out that Palantir, in addition to living the “gangsta” life style  to the fullest was also shooting ‘sideways’ at it’s competitors by allegedly misappropriating IP by fraudulent means and conducting domestic industrial espionage.

The bizarre story revolves around Shyam Sankar, Palantir’s Director of Forward Deployed Engineering who allegedly represented himself as a principal of SRS Enterprises, a straw company registered under the names of his parents in Florida, he and his brother fraudulently obtained i2 competing software solutions and used them to design Palantir’s products.

Yaacov Apelbaum i2 Palantir lawsuit
Image 1: i2 Civil Action Against Palantir

 

Yaacov Apelbaum- S R S Enterprises Llc

Image 2: Company registration Details for SRS

 

Shyam Sankar 
Image 3: Shyam Sankar

Yaacov Apelbaum - Shyam Sankar Palantir

I don’t know if any of these allegations are true because the case was just settled before going to trail, but if even some of details are correct, this is the stuff that spy novels are made out of.

I’m not sure what I find to be more outrages in this case, Palantir’s complete disregard for the law or their nonchalant gangster attitude.

I have no problem rationalizing the military’s proposal to carefully use software like MetalGear to conduct “classified blogging activities on foreign-language Web sites to enable CENTCOM to counter violent extremist and enemy propaganda outside the U.S.”, but Palantir and HBGary were proposing to use such technologies wholesale on US soil for subversive (and most likely illegal) corporate and financial gain.

Several months after the attack against HBGary Federal, Anonymous hacked into another private intelligence firm Stratfor. They released a stash of about five million e-mails which provided deep insight into how the private security/intelligence companies view themselves vis-a-vis government agencies like the C.I.A. and F.B.I.

In one e-mail to his employees, Stratfor chairman arrogantly dismisses the C.I.A.’s capabilities.  He writes:

From: George Friedman [mailto:gfriedman@stratfor.com]
Sent: Wednesday, December 29, 2004 9:13 AM
To: analysts@stratfor.com; exec@stratfor.com
Subject: CIA head of analysis fired

Jamie Miscik, Deputy Director of Intelligence at the CIA was fired today. As
DDI, she ran the analytic shop. According to media reports, she was fired
for squandering resources on day to day reports while ignoring the broad
trends. In other words, she was fired for looking at the trees and being
unable to see the forest. She was also accused of spending too much time
updating policy makers and too little time trying to grasp the broad
trends–giving customers what they wanted instead of what they needed. In
the end, it was her customers that turned on her.
My charge against her was and remains that she took no pride in her craft
and turned intelligence into PR and shoddy process. She and her gang are now
history.

This gives Stratfor an enormous, historic opportunity. The CIA model of
analysis has been invalidated. The ponderous, process driven machine that
could only manage the small things now needs to be replaced by a robust,
visionary, courageous analytic system. Stratfor has the opportunity to show
the way. In fact, we are showing the way. Everyone in Langley knows that we
do things they have never been able to do with a small fraction of their
resources. They have always asked how we did it. We can now show them and
maybe they can learn.

Reading this statement makes you wonder how the C.I.A has ever managed all of these years without Strafor’s robust, visionary, and courageous guidance.

Stratfor Also illustrated their ability to collect deep intelligence by performing private surveillance activities on US soil of protestors in Occupy Austin movement. To achieve this, one of their agents went undercover and joined an Occupy Austin meeting in order to gain insight into how the group operated.

Yet, in another e-mail reveals their ability to gain access to secret government documents. Fred Burton, the Stratfor vice president for Intelligence told one corporate client: “The F.B.I. has a classified investigation [that may be of interest and]…I’ll see what I can uncover.” in similar e-mail, he claims to have access to top secret materials captured during the raid on the OBL [Osama Bin Laden] compound and goes as far as offering a Q&A session regarding it’s content:

From: Fred Burton
To: Secure List
Subject: OBL take — quick response needed
Sent: May 12, 2011 15:25

I can get access to the materials seized from the OBL safe house.
What are the top (not 45) questions we want addressed?

Sean Noonan
Tactical Analyst
Office: +1 512-279-9479
Mobile: +1 512-758-5967
Strategic Forecasting, Inc.
www.stratfor.com

Now, I could understand if Strafor was offering supplementary intel to various government agencies, but the ironic implication here is that they are syphoning classified information from the government and handing it over to their corporate clients.

Indeed, as Morpheus stated, “Fate, it seems, is not without its sense of irony”, Stratfor, the organization that prided itself on teaching the C.I.A a thing or two about security and intelligence gathering got Pwnd through the most benign means.

When you read the details of the Stratfor and HBGary exploits, you can’t help but scratch your head in amazement. For example:

HBGary website failed through a simple SQL injection. The site didn’t scrub nor sanitize any requests. This allowed the attackers to quickly retrieve the site’s User IDs and Passwords.

With a User ID and Password in their possession, they download the entire user database. Next, they proceeded to crack it. If the password database was properly protected, they would have gotten nowhere, but again, poor security design enabled them to retrieve all the passwords. It turns out that the HBGary Federal database stored passwords in simple MD5 hashes. To overcome this, the attackers used readily available rainbow tables.

After getting the passwords of two of HBGary’s executives, Aaron Barr and Ted Vera, they discovered that the passwords only consisted of eight characters: six lower-case letters and two numbers. With the User ID and Password details of the two executives, the attackers found out that this pair reused their passwords in multiple applicaitons, including: e-mail accounts, LinkedIn (see bellow), Twitter and a customer facing server. So now Anonymous was able to access their e-mails too.

Yaacov Apelbaum - HBGary's Aaron Barr Hacked Linkedin
Image 4: Aaron Barr’s 2013 defaced LinkedIn page

Yaacov Apelbaum - HBGary's Aaron Barr Hacked Linkedin-After
Image 5: Aaron Barr’s 2014 updated LinkedIn pages (note the striped personal details and the recommendation by Pulkit Kapila, from Bozz Allen Hamilton

Aaron Barr LinkedIn Page 2018
Image 6: Aaron Barr’s 2018 LinkedIn page

The accounts on the support server belonged to ordinary users but the system wasn’t patched against a privilege elevation attack. Now, with administrative access and due to the fact that one of the executives was also the administrator of the entire e-mail system, Anonymous gained full control of all HBGary Federal e-mail accounts. Using this vulnerability, they gained access to the account of another executive, Greg Hoglund, where they found an e-mail containing the root password for the entire site.

Anonymous had a root password, but couldn’t access the site server from outside of the firewall. They needed to login as a standard user and then switch to root.

To achieve this, they utilized a simple social engineering exploit. Using Greg Hoglund’s account, they contacted an administrator who had root access to the server. Through an e-mail exchange, they said that they had a problem logging in to the server and convinced the root admin to reset Greg’s password and also reveal his username–the two pieces of information they needed to complete their exploit and gain access to the Stratfor list of customers and their credit card files, which interestingly enough, were kept in a plane text file.

This wasn’t unique to HBGary or Strafor. In all hacking cases involving private security or intelligence companies, the analysis of the attack shows that it was executed via the most rudimentary methods. No mission impossible scenarios took place, the root cause was just your common run of the mill information security negligence and incompetence.

Time and time again, these von Wallenstein style wannabe spies have proven themselves to be a legal and an ethical liability. Case in point is that regardless of their patriotic pitch and public assertions of lofty ideals such as “solve the most important problems for the world’s most important institutions”, most of these individuals and companies are bottom feeders who are in it just for a fistful of dollars and narcissistic bragging rights. From the various e-mails disclosed, its obvious that they have no qualms conducting criminal influence operations against their customer’s political opponents and their families on US soil.

image Aaron Barr the Man with the thousand faces
Image 6: Aaron Barr as a Secret Service Agent and other personas

The complete lack of moral scruples from guns for hire, like Aaron Barr, who engaged in the worst type of for-pay defamation doesn’t seem to change with time. Barr—after scrubbing his on-line persona several times—resurfaces in 2015 as a progressive, environmentally friendly activist this time dedicated to promoting Russian collusion theories, climate change awareness, and bemoaning the loss of on-line privacy.

Aaron Barr Promoting Russian Collusion 
image
Image 7: Aaron Barr the champion of transparency and a crusader against Wikileaks

Regardless of how attractive privatizing national security may seem at the moment, ultimately national intelligence should be managed by military and career civil servants that should report to elected officials who in turn should have specific term limits. True, this may not be the best way; after all, J Edgar Hoover managed to abuse the process throughout the terms of six different presidents. But in the end, the system does self-correct. It has been doing that now for over two hundred years.

© Copyright 2013 Yaacov Apelbaum. All Rights Reserved.

Driving the Message

Yaacov Apelbaum - Driving the Message

In his post: The bandwidth-sync correlation that’s worth thinking about, Seth Godin argues that in terms of messaging media (movies, TV, books, IM, smoke signals, etc.):

“movies take a long time to make, but they’re high impact. Twitter takes a second to do, but there’s not a lot of info there. One on one coaching is high enough bandwidth that it can change your life and make you cry, in real time, and the Mona Lisa, while less bits per second than a TV show, has enough emotional bandwidth to matter, even if it’s 400 years old.”

This is a great observation. Clearly, bandwidth and synchronicity matter.  But what about the relationship between messaging media cost, the time needed to develop it, and its ability to effectively saturate a large population? Is it possible to create effective memes and circulate them widely through 140 character messages? And what about the impact of all of these factors on future social media functionality? Is social media headed towards platform convergence or towards divergence?

Messaging Cost, Development Time, and Outreach Potential
Consider a typical Hollywood mega blockbuster like the Pirates of the Caribbean: At World’s End. This 169-minute long meme bomb carries an enormous amount of content. Every scene was carefully designed to keep audiences glued to their seats. Its production took two years, it required the creative talents of hundreds of individuals, and it cost about $300 million dollars to make (roughly $30K per second of movie). It grossed over $963 million in revenue, which amounts to 320% return rate—not pocket change by any means. The movie messaging medium is so well optimized that it is capable of generating a significant amount of secondary revenue and reach worldwide audiences by sheer inertia. Just think about all the spinoff industries that spring into life when a major movie like this comes out: toys, music, party accessories, food, costumes, books, etc.

If you follow a reasonably well proven formula, (standard plot, big name actors, expensive sets, and lots of special effects), you are almost guaranteed at least a 2:1 ROI ratio and a good chance of producing a number of sequels to your masterpiece.

So it does seem that there is a correlation between how much content is packed into the message and its memetic effectiveness. The movie messaging model (see quadrant 1 in the graph below), is based on a tremendous investment of time and resources. The strategy is to build the best product possible, market it well, and then fire-and-forget it. The forget part has to do with the passive nature of this medium; the audience has no interaction with the content and consumes the messaging passively.

Yaacov Apelbaum - Message Bandwidth Sync Cost Correlation

On the other hand, social media messaging like blogs, e-mails, Twitter, etc., (see quadrant 3 in the graph above), can be produced instantly and with little investment or skill. But it’s also difficult to get a quantifiable ROI from it, (ergo, the raise of snake oil salesmen social media marketing gurus). Another observation is that synchronous social media messaging depends on an interactive and free feedback loop. Users demand the ability to interact in near-real time with their network, but they refuse to pay for the privilege.

From an evolutionary point of view, it seems that the quadrant 1 and 3 messaging mediums represent a form of r/K selection classification. Each trades between quantity and quality. The focus in quadrant 1 is to increase the quality of the content with higher expense per message. The focus in quadrant 3 is to increase the quantity of the content with a corresponding reduction in quality and lower expense per message.

Content Developers and Messaging Strategy
The chart data suggests that there is an inverse relationship between the effectiveness of content distribution and the viewer’s exposure time to the message. It seems that quadrant 1 messaging mediums are the most effective in terms of meme creation, distribution speed, and outreach.

Content developers are aware of the limitations of each medium and have developed interesting coping strategies (sometimes reversing r/K selection) in order to leverage various messaging toolsets to promote their content.

Yaacov Apelbaum - Great BobinskyFor example, the K-selected movie, television, theater production, and book publishing industries leverage social media primarily to get a short term engagement with potential audiences. The ultimate objective is not to create a long term social community, but instead to lure users in to consume their product.  Once the product is out on the market, most of the related social media interaction around it stops.

A good illustration of this was evident for the movie Coroline.  Eight weeks before the movie release date, one of the characters, the Great Bobinsky, created a blog and started posting on a weekly basis, clearly so as to create a groundswell and buzz. Three weeks after the movie went live, official posting to the blog stopped—to the great dismay of its myriad followers—and Mr. Bobinsky announced:

Thank you for being friends of Bobinsky…Have beet and think of me.  Until we meet again. Mr B. signing off.

In complete opposition to movie producers, the r-selected social media authors use content and platforms like Picasa and YouTube to build long term relationships.  Their strategy is to create an intimate family environment that will foster a long term engagement with the target audience.

Social Media Box of the Future
In terms of future direction, there is strong indication that just like Apple successfully consolidated GPS, MP3, gaming console, and phone into a single device, so too the social network platforms of the near future will converge on traditional services.

Yaacov Apelbaum - Pandora's Social Media Box

The future social network platforms will yield a service that offers a suite of products like IM, voice and video chat, conferencing, on-line collaboration, e-commerce, content subscription, and personal reputation management, sort of a LinkedIn/Facebook/Pandora service with hybrid Skype and PayPal/Google wallet-like capability. And all of this optimized and available on a mobile device.

The only question that remains is will this future platform be built on top of one of the current products or will it be mashed and/or assembled from existing services.

© Copyright 2011 Yaacov Apelbaum. All Rights Reserved.

Social Networks vs. the Enterprise

Yaacov Apelbaum-My Mama

Cicero decreed “fame is the thirst of youth”. Nowhere is this mantra more pronounced than in Hollywood’s superlebrity industry.  It may come as a surprise but this same thirst is also the main force behind social network’s rapid rise to stardom.

In a similar fashion to the celebrity business, many of the leading social platforms have developed a following totaling hundred of millions of users (more than all the traditional commercial on-line services combined!).  But contrary to the entertainment industry that only parades the rich and famous in static fashion, the social networks provide an effective array of tools to help users realize and enhance their on-line digital personas.  Some of the current sampling includes effective mechanisms for self promotion (such as LinkedIn and Facebook) and platforms that foster collaborative efforts on an unprecedented scale (such as Wikipedia).  To all but a few New-Luddites, these applications are ushering in the age of technological utopia.

But alas, every garden has its resident snake, and such is the grade A serpent found in Social Network’s Garden of Eden.  What many of us don’t realize is that the same characteristics that make the social networks so attractive are also their greatest limitations.  As the size and proliferation of these applications continue to increase, so will the pressures on traditional technology organizations to incorporate similar functionality into their line of business enterprise products. So where is the problem you say? Well, incorporating this technology into the old enterprise will most likely be done via acquisition of existing products (like the News Corp purchase of MySpace) which ultimately results in the conversion of free and cool applications to full fledged (and dull!) commercial advertising platforms.  Either way it will have certain predictable side effects on the user population not dissimilar to mixing alcohol with sleeping pills. Flanders and Swann have captured the essence of this conflict in their famous song “Have Some Madeira, M’Dear“:

She was young,

she was pure, she was new, she was nice,
She was fair, she was sweet seventeen.
He was old, he was vile and no stranger to vice,
He was base, he was bad, he was mean.
He had slyly inveigled her up to his flat,
To view his collection of stamps.
And he said as he hastened to put out the cat,
The wine, his cigar and the lamps,

Have some Madeira, M’Dear!”

If you are wondering what this witty Edwardian ditty has to do with the subject of social networks vs. the enterprise, wonder no more.

Over the last decade we have become accustomed to the sweet tasting fruits of strict SLAs, strong security and customer service.  Most users now instinctively expect a high degree of 24x7x365 enterprise software availability (which includes corporate email systems). Unfortunately, this is exactly what the social networks cannot deliver (recall Gmail outages). Very much like red carpet celebrities, they look great but when it comes to actual long term commitment and performance they’ll break your heart.

A quick glance at the most common error messages found on any social network (1-6 below) reveals that availability and up-time are their Achilles heel.  This in itself is a clear indication that these platforms are not enterprise ready. Their business models are based on casual and non-contractual usage and their applications should not be relied upon to provide any sort of SLA.  The error messages we get from our favorite social networks may be adorable, but the causes for these messages are hardly cute and cuddly.

Yaacov Apelbaum-Errors
Social Errors

Any enterprise architect worth his weight in salt would immediately identify such error messages as show stoppers for the enterprise product. Big commercial software—suffering from no shortage of good software architects—is fully aware of such system limitations.  The real paradox is that even though big soft and media companies would love to exploit the cool and trendy social networks (for commercial purposes of course), they can’t because for the last 20 years they have been preaching the message that any product that cannot be governed by a strict SLA has no place in an enterprise data center.

Such is the sting of irony.

© Copyright 2009 Yaacov Apelbaum All Rights Reserved.

The Anti Socials

Yaacov Apelbaum-Anti Socials

I recently had an opportunity to discuss the question of social networks vs. commercial software at great length with a fellow airplane passenger who happened to be a SVP of technology in a fortune 500 company (which will remain unnamed here).

As we were preparing for takeoff on a cramped CRJ50, I took out my current reading assignment: The Emerging Science of Spontaneous Order. My neighbor sitting in 1D inquired about the subject of my book and during the course of the bumpy flight and the conversation that ensued, he bemoaned his inability to understand how relatively young startups the likes of Facebook, Twitter and Linkedin were so rapidly able to develop so much rich functionality and capture such a large market share, while other much more mature organizations with much bigger budgets and talent pools were failing to make any such inroads.

His frustration is by no means unique. It is a shared by many large technology companies such as IBM and Microsoft which at present are still scratching their head trying to figure out if this social networks thing is for real and does providing a communication platform for income-challenged teenagers makes any commercial sense. To see just how hesitant the traditional software cartels are to dip their toe in the chilly and profitless waters of the social media, examine the social network landscape. I challenge you to identify even one significant, viral product developed by any of the major software vendors.

One example that illustrates this failure to improvise, adapt and overcome is Microsoft’s difficulty in harnessing the emergence of blogging and SMS as commercially viable services. In 2004, after some soul searching, they concluded that it was unlikely that products like LinkedIn would be commercially viable because—they guessed—few professionals would agree to pay a monthly subscription for them. In 2005 even after it became clear that users were indeed moving en masse to open and free social platforms, Microsoft continued to insist that this was just a fad and what these users really needed in terms of social networking were minor improvements to the MSN subscription service, Office Live, and Windows live platforms.

For Microsoft and other leading commercial software vendors, social networking has to be a subscription based because their entire operating model is based on reoccurring revenue (either via subscription or licensing).

Yes siree, for big soft, it’s one of those ‘damned if you do and damned if you don’t’ scenarios. You may find it hard to believe, but the same organizations that made their fortunes outdoing each other with applications like the spreadsheet are now missing the train big time on what is clearly the next killer platform. In what appears to be a blockbuster sequel to Oedipus Rex, they are powerless to leverage this newfangled phenomenon to make any money or capture market share.

Microsoft is certainly not unique with regard to this model. AOL with its Messenger product is another good example of how to squander your entire user base. Following a slightly different tactic, they offered a “free messaging service” with the small caveat that the user would need to install a fat and intrusive client that would quickly pay for itself by monitoring all of your Internet (and network) traffic all the while serving up unwanted advertisements.

If you think that this form of myopathy affects the big software companies, think again. Traditional communications organizations Nortel which should know better (because of their proximity to the social segments) are still trying to survive the proverbial 7 lean years in the hopes that the public social network phenomenon is just a fleeting narcissistic fad fueled solely by generation X’s and Y’s fascination with exhibitionism. In their vision of market paradise, all future social networks will once again go back to being routed and controlled through their proprietary appliances and just like in the good old days they will once again skim the fat profits on a per-server\user license basis.

Whether you like it or not, the social networks are here to stay. They provide meaningful social interaction, are fun to use, and ultimately do what good software is supposed to do: connect people and give them more control over their lives.

My advice to big software is to heed Dylan’s words: “The Times They Are a-Changin”. Don’t wait any longer; jump in now and contribute to the social networks development effort by providing free and open source applications (Seadragon and Wave would be two great candidates). As contrary as it may seem to your operational philosophy, disregard the immediate profitability question and do it because of the tremendous social benefit these products could offer. I have no doubt that in due time, the money, champagne, and caviar will follow as well.

© Copyright 2009 Yaacov Apelbaum All Rights Reserved.