Tim Bray on the mobile market:
This is the big league; bigger today than the computer industry ever was, and growing fast. This is as fierce a concentration of R&D heat and manufacturing virtuosity and distribution wizardry and marketing mojo as humanity has ever seen.
Anyone who has been the technology game for awhile has seen trends come and go; I am as skeptical as anyone but on this I am with Tim Bray. It looks to me like Mobile and related trends are going to make the PC + Internet era of the 90s look small by comparison.
Some Kleiner Perkins folks discussed interesting data points on Mobile trends:
iPad growth blows away its predecessors iPod and iPhone (and those were not too shabby)
Android coming on strong
Inflection point for Mobile vs PCs is 2011 (i.e.. now), small amount of growth in Laptop Pcs, none in Desktop Pcs, tons in smrtphones etc
Twitter (253M) already has over 1/3 the number of FB users (+662M)
SoLoMo tagline - combines Social Local Mobile
Mixi (Japanese social media site) getting 85% of its page views from Mobile, PC page views are 15% and dropping
Slide 51 provides a handy chart to the numerous technologies that smartphone makes go byebye - GPS, landline, ...
There are major implications to Infosec as a result of these trends.
Mobile is a new architecture. Many times companies start a Mobile project by putting a Mobile client onto the existing list of clients like web apps and web services. But as these projects and deployments scale out, there is generally a specialized middle tier for Mobile that supports ocassionally connected sessions, content caching, and other optimization for Mobile environments.
Mobile needs a new security architecture. Related to the above, we have different deployment types and so need new security protocols - the types of security tokens, the way sessions are managed, and integration with the client all require a new approach from Infosec, its not same old same old web app security.
Focus on Apps and Data. Perimeter? What perimeter? Even the most casual observer knows that Mobile is the final nail in the outmoded "inside the firewall/outside the firewall" mentality. Data and functionality are on the move, and security needs to keep up.
As always, Infosec has three choices - Lead, Follow, or Get out of the way. Too often Infosec has chosen the latter, we are early enough in the development of Mobile for Infosec to get out in front of trends and build security into the Mobile applications.
I am teaching a class on Android application and data security at SecAppDev and will discuss a number of these issues in more detail.
Gunner,
If you wanted proof that mobile is the way things are going have a look at the recent spat between Motorola and Microsoft involving the request via US immigration and customs to have all Microsoft hardware impounded on patent infringement.
Posted by: Clive Robinson | February 18, 2011 at 07:03 AM