The Web as we know it is about to fundamentally change, according to one its luminaries.
WordPress may power nearly a quarter of all websites, but Drupal is no slouch, either, running roughly 5% of all websites globally and 12% of the top 100,000 websites. So when Drupal founder Dries Buytaert declares the Web “will go through a massive re-architecture and re-platforming in the next decade,” it’s worth digging in to see what he means.
From Pull To Push
The Web has served us well for over two decades, serving up content that does everything from helping us become better people to teaching us to change diapers. (Hint: If you don’t usually help out around the house, the answer to the former may have much to do with the latter.)
But that content requires us to find it and, frankly, in an instant gratification society, the world of Google-esque searching may be far too hard for us.
At least, that’s the gist of what Buytaert argues:
The current Web is “pull-based,” meaning we visit websites or download mobile applications. The future of the Web is “push-based,” meaning the Web will be coming to us. In the next 10 years, we will witness a transformation from a pull-based Web to a push-based Web. When this “Big Reverse” is complete, the Web will disappear into the background much like our electricity or water supply.
As Facebook, Flipboard, and other modern Web services demonstrate, this “push-based Web” is all about catering to us, rather than waiting for us to search:
In the future, content, products and services will find you, rather than you having to find them. Puma will let us know to replace our shoes and Marriott will automatically present you room options if you missed your connecting flight. Instead of visiting a website, we will proactively be notified of what is relevant and asked to take action. The dominant function of the Web is to let us know what is happening or what is relevant, rather than us having to find out.
Awash In Notifications
Which means, of course, the way we interact with the Web will have to change. And, indeed, we already are. Anyone who’s received a push notification on their smartphone will find the idea of a push-based Web familiar.
This also applies to ad retargeting. While the initial interest is registered based on a Web search, the ongoing attempt to entice us back is all about push. (Someone needs to tell Backcountry.com that I already have alpine touring gear. I was just browsing for a friend!)
If you’re wondering where apps fit into this new Web, well, you should.
I’m not implying that apps aren’t important. Of course they are. But we’re already seeing legitimate questions raised about their utility in some contexts. (Phocuswright offers great insight into the whole “should I build for mobile Web or apps?” question.) And there’s an even larger question looming: if the future of the Web is about push, how do apps serve that purpose?
In a world where notifications are full experiences in and of themselves, the screen of app icons makes less and less sense. Apps as destinations makes less and less sense. Why open the Facebook app when you can get the content as a notification and take action—like something, comment on something—right there at the notification or OS level. I really believe screens of apps won’t exist in a few years, other than buried deep in the device UI as a secondary navigation.
It’s not really that apps aren’t useful. It’s just that they’re incomplete without interaction. Today that push notification depends upon an app installation so that users can grant permission for apps to push message them.
Tomorrow? Well, it’s doubtful that tomorrow’s mobile world will look like today’s.
Pushing And Pulling
Which brings us back to Buytaert’s thesis. The end result of the Web’s “Big Reverse” is a complete reordering of the global economy, Buytaert insists:
We are at the beginning of a transition bridging two distinctly different types of economies. First, a “push economy” that tries to anticipate consumer demand, creates standardized or generic products in large amounts, and “pushes” them into the market via global distribution channels and marketing. Now, a “pull economy” that—rather than creating standardized products—will create highly customized products and services produced on-demand and delivered to consumers through one-on-one relationships and truly personal experiences.
Developers who want to get ahead of the curve should follow Intercom’s advice and build systems, not destinations. If you want users to live in your app, and have that app be an island, separated from their other apps and the Web, your app is unlikely to succeed.
I suspect we’ll learn from the Apple Watch experience. As I’ve written, until the Apple Watch has built-in GPS it’s worse-than-useless for me, and it may not work for you, either.
But what it will do is teach us to think in terms of notifications, not apps. With such minuscule screen real estate, learning to engage users with notifications will become key. And, just as iOS has impacted the Mac OS X experience so, too, will the diminutive Apple Watch experience bleed into smartphone/tablet and even desktop development.
It’s a push-based future, but you can start on it now.
Lead photo by Jason Howie
The massive iCloud hack that exposed photos of female actresses stored in their personal Apple accounts, has left many—including myself—scrambling to change their passwords.
Some speculated that the hack was due to a vulnerability in Apple’s Find My iPhone feature, with which hackers used a “brute force” attack to guess the passwords on celebrities’ accounts, The Next Web reported.
Apple has since denied those reports, instead claiming it was a “very targeted attack” on usernames, passwords, and security questions—the keys to nearly any online account.
If celebrities can be attacked, so can you. So what can you do?
Understand The Cloud
Strong passwords are just one way Internet users can protect themselves from having their data stolen by malicious attackers. And photos aren’t the only things we have to worry about. Everyone tut-tutting actresses for taking risqué photos should think twice about where their personal data is stored. Oh, that’s right—it’s in the cloud, too.
The thing about “the cloud,” is that no one really understands it. It’s a deliberately vague term for computer servers you access over the Internet.
Remember the scene from Zoolander when Owen Wilson’s character suddenly has an epiphany that “the files are in the computer”—and then tears open the machine looking for them? When it comes to the cloud, our understanding hasn’t improved much.
Even CNN doesn’t know how to explain the cloud to viewers. It ran a story with the lower third “Leaked Nude Pics May Be From The Cloud.”
Cloud servers are like any computer: You can put files on them, and access them later. Since they’re on the cloud, you don’t have to have access to a physical device, or worry about how much space your laptop’s hard drive has, since cloud servers typically have far more space than our own personal machines do.
The tradeoff for this convenience is security. If you can access your files using a username and password, so can anyone else who gets ahold of your credentials. And you have to rely on those companies to implement smart versions of the latest security protocols.
Cloud storage service likes Dropbox, Box and Google Drive make it simple to save and share files. iCloud, Apple’s cloud storage, automatically backs up your information like photos and documents, in case your phone or laptop needs to be replaced.
We have a fundamental expectation of privacy and security when using these services, especially when a company is automatically backing up the information to its servers. But that expectation can fail us.
Find The Right Cloud Storage
It’s hard to completely secure your cloud storage without jumping through a lot of hoops, which we’ll get to shortly. But the first step is figuring out where you want your documents to be stored.
Don’t sign up for new cloud services without researching it. That includes reading the privacy policies of any company you agree to give your data to. Do they have encryption built in? Do they give your data to governments when requested? Do they control their own servers, or do they rent out servers from other companies? (Dropbox and Apple, for example, both use Amazon’s servers for a portion of their online services.)
If security is your top priority, you might consider services like SpiderOak, which automatically encrypts all your data and prevents even the company from knowing what you’re uploading. But that means giving up the ease of sharing files with friends through Dropbox or collaborating with colleagues using Google Drive.
For most of us, convenience usually wins out. You should at least know that you’re making that tradeoff, however.
Use Secure Passwords
According to Apple, the hackers targeted usernames, passwords and security questions, which are the first lines of defense for users.
Simply changing an “S” to a “$” does not make your password secure—especially if you recycle that password from site to site. Hackers attack less secure services and harvest usernames and passwords—and then try them on other services.
Adding unique characters along with letters and numbers is smart, but so is using passwords that are hard, if not impossible, to guess. The best passwords are a collection of random letters, numbers and punctuation, without any words you’d find in the dictionary. And each online account should have a different, complex password.
Does that sound impossible to keep track of? It pretty much is, unless you get some computerized assistance. Password managers like 1Password andLastPass provide a way to save and manage passwords, and you can carry and access your data on multiple devices.
Enable Two-Step Verification
If someone is trying to illegally access your personal information from the cloud by using your password, you might not realize it—unless you have two-step verification enabled.
With two-step verification, it’s necessary for you to input two different pieces of data in order to access your personal information. Typically, that’s your password and a different code sent as a text or generated by an app on your mobile device. The code will change each time you log in.
Two-step verification can be frustrating and time-consuming, which is why many consumers elect to ignore it. But it saves you from having to clean up the potential mess a hacker could make with your credit card information or naked pictures stolen from the cloud.
Encrypt Your Files
If you’re not using a service that automatically encrypts your files, like SpiderOak or Mega, you may want to encrypt them yourself.
Google, Dropbox and Microsoft don’t offer file encryption as a built-in feature. While they may encrypt your transmissions between data centers, once you’re logged in, the files are available in unencrypted form. Most consumers don’t request it, because it can be difficult to use, and encryption can be complicated for companies to enable, according to Wired.
Imagine Google Drive with no search capabilities, or Dropbox with no preview. None of those features would work with encrypted files, because they’d be unreadable by Google and Dropbox’s server software. And if Google doesn’t have the encryption keys it can’t help you out if you lose a password.
Boxcrytor and Viivo both offer DIY cloud encryption, which means you can encrypt all your files before uploading them to the cloud. These companies won’t have access to your secret keys to decrypt files, which means your data is safe from prying eyes that don’t have access to your unique key.
Ultimately, we’ll need better forms of protection. Apple’s TouchID fingerprint sensor is an interesting example of authentication using biometrics, or physical aspects of our bodies. PayPal’s Braintree aims to detect fraud by looking at information about how we’re using our mobile phones at the time we make a transaction. Companies are using sophisticated behavioral modeling to detect hackers on their networks: Perhaps one day, we’ll be protected by similar technology that can tell through the way we tap on our phone’s keyboards or the time of day we access our devices that we are who we say we are.
Until then, we’re left changing our passwords, enabling two-factor verification, and hoping for the best.
One of Google’s primary goals is to spread its Android operating system to any device that you may touch, and that’s going to be a major theme this week at Google’s I/O 2014 developer conference. Android Wear smartwatch development will be front and center. Android TV—a rumored entertainment service from Google—may make an appearance. Android is the prime delivery mechanism for Google’s advanced search product, Google Now.
Former Microsoft CEO Steve Ballmer once infamously chanted “developers, developers, developers!” at a Microsoft event. (A developer event, naturally.) Google’s head of platforms Sundar Pichai might as well come on stage at I/O 2014 and chant, “Android, Android, ANDROID!”
If Android is central to Google’s overall mission, Android Intents—a developer feature that lets Android apps interact with one another—is core to what makes Android unique. As mobile devices have proliferated, the basic infrastructure of how we access information on the Web—namely, websites connected by links—is being supplanted by apps that frequently just don’t talk to one another well, if at all.
That change hasn’t been to Google’s liking, both because it cuts against its long-held mission of indexing the world’s information and because it undermines its core search-advertising business model. So it has quietly built out an infrastructure based on Intents that in some ways replicates the functionality of hyperlinks in the world of apps.
In fact, Google embedded Intents in Android at its inception. They’re easily overlooked, but if you want to get a sense of how our access to the world’s online information will evolve over the next few years, Intents are a pretty good place to start.
What Are Android Intents?
Android Intents are a developer-level technology let apps “shake hands” with one another to help a user complete an action—opening a map, say, or sharing a photo. Unlike similar capabilities in Apple’s iOS and Windows Phone, Intents allow developers to easily create features that connect multiple apps together without having to build each integration separately. (They also make it possible for Android users to choose alternatives to various default apps such as the browser, the mapping application, or the interface theme.)
Example of Android Intents with Link Bubble browser
Intents is used by over 90 percent of Android apps in the Google Play app store. They allow developers to share data between apps without having to hard-code that behavior into the apps themselves. Intents live deep within Android and serve as a kind of plumbing system that shuttles all manner of media and other data into and out of apps in a consistent and universal way.
Have you ever clicked on a link or a video in an app in Android and had a screen pop up asking you which app you would like to use to complete that actions? For instance, if I clicked on a video in an email, a box pops up and asks, “Complete this action using …” and then lists a series of apps such as YouTube or Chrome.
That’s what users experience from Intents. It’s less cumbersome than it might sound, as you can choose a default option and then never see the dialog box again unless you clear the default in settings. The important thing is that the system provides the choice in the first place.
For developers, Intents means that they don’t need to get the cooperation of every other app maker in order to make a feature work across apps. The Intents system includes a long list of actions it can complete; developers simply register a new app with the appropriate capabilities in the Intents system. If an action doesn’t exist in the Intents directory, it’s possible to define it and build it into Intents so any other app developer can use it.
For the last several years, Android Intents was pretty much a unique developer feature. None of the other major mobile operating systems had anything quite like it.
Apple’s own home-grown apps could communicate with each other, but third-party apps were largely left out in the cold. Apple’s control over iOS gave consumers few options beyond Apple’s default apps. Microsoft’s Windows Phone also doesn’t have many developer hooks for cross-app communication and functionality, letting apps live in their own hubs and tiles on the home screen.
Android has never been the easiest operating system to develop on—oddly, the consensus among developers I have asked is that Windows Phone is the easiest on which to code. But Android-first developers and designers have embraced and evangelized features such as Intents as important and unique aspects of the operating system. The fact that nine out of ten apps in the Google Play store have adopted Intents is a good indication of just how deeply ingrained they are in the Android app development experience.
Apple has belatedly recognized the value of letting apps communicate among themselves. One of the biggest new features in its forthcoming iOS 8 operating system is what Apple calls “extensibility.” This is a feature that allows apps to share data and communicate with each other despite being isolated in “sandboxes” for security.
One consequence of extensibility is that iOS apps will, for the first time, be able to receive and handle data that would normally be the province of a designated default app—such as, say, the iOS keyboard. If the popularity of Android Intents is any indication, extensibility is likely to be a big hit among iOS developers.
Cross-Linking For Android Apps
On the Web, the link is king. Site addresses in the form of uniform resource locators (URLs) have long been the standard for how users navigate the Web, clicking through from one page to another.
Smartphones and tablets are beginning to change that basic paradigm. On mobile devices, the app is king—and that means URL-based links often just won’t work for many purposes. Google built Android Intents to offer an app-based alternative that offers something like the universal access to information we normally associate with the Web.
Android Intents may not even register in the mind of the average smartphone user. They are just bopping between apps, reading a Tweet and sharing a picture and reading an article and watching a video and sending an email. But the app-to-app sharing is taking place nonetheless.
One good example of Intents user interaction is seen in an app called Link Bubble, built by independent developer Chris Lacy out of Australia. Link Bubble is essentially a mobile browser, reimagined for the modern smartphone users.
Link Bubble essentially “grabs” links that users click in various apps. Instead of then opening a browser and forcing the user to wait while a page loads, it loads pages in the background, showing the link as a bubble—something like a Facebook Messenger chat head—right there on top of the app user interface.
Users can tab on a bubble to expand it immediately, or share the link by flicking it across the screen (to the right for Facebook, to the left for the read-it-later app Pocket, for instance).
Link Bubble will also automatically open apps from links you click on in other apps. For instance, if you click an Instagram photo on Twitter, normally you’d be redirected to the Instagram website before going into the Instagram app itself. With Link Bubble, you’d click from Twitter and be taken straight to the Instagram Android app.
The ReadWrite team will be at Google I/O this week, bringing you all the news and analysis that you will need from Google’s biggest week of the year.
Dropbox now has 275 million users, most of them consumers who use the service to store their personal files and images. But it’s precisely its popularity at home that could help Dropbox at work, as the company pushes out its latest Dropbox for Business update on Wednesday.
All Work And All Play
Last November, Dropbox announced some long-awaited updates to Dropbox for Business. The most crucial one was a tweak to Dropbox’s familiar, simple interface: In place of the single desktop file folder labeled “Dropbox,” business users would find two folders, one labeled “Personal” and one named after their employer.
Those updates are now live. Dropbox users whose workplace has paid for the service can share pictures, videos, documents and other files, switching between work and personal files without having to juggle two accounts. At the same time, their employers can manage their work files without touching their personal files.
In the past, Dropbox customers had to switch accounts, use kludges like Chrome’s incognito browsing mode, or just mix together personal and business files. While it seems obvious that people might want to share all kinds of files with Dropbox, accommodating this scenario was actually quite a technical problem for the company. It required a full-scale rebuild, according to Ilya Fushman, head of Dropbox for Business.
That rebuild frees up Dropbox to build new features, while keeping most of the simplicity Dropbox is known for. In the place of one folder for all your files, there are now two.
Its rollout comes at a critical time. While Dropbox retails storage services to consumers and businesses, Google, Amazon, and Microsoft are slashing prices for wholesale storage. In the short term, this seems like it should be good for Dropbox, dropping the price it must pay Amazon and other service providers for storage and bandwidth. In the long run, though, it seems inevitable that those savings will get passed on to consumers, challenging Dropbox’s pricing.
Box, a Dropbox competitor who recently filed to go public, is emphasizing its collaboration features and industry-specific apps built on its platform. Meanwhile, Google and Microsoft have their own Dropbox competitors, Google Drive and OneDrive, which they are weaving closely into their own suites of online apps.
Dropbox’s account-linking strategy takes full advantage of its biggest asset—its 275 million users, whose ubiquity is a big reason why it’s worked its way into businesses in the first place. People use the tool they’re familiar with in the workplace, and when they need to share with contractors, partners, or other outsiders, the odds are good that they, too, have a Dropbox account.
All those consumer accounts—most of them free—still have value for Dropbox. They are word-of-mouth marketing for the brand and built-in leads for its salesforce. That’s why Dropbox is a prime example of how a consumer-friendly tool can work its way into businesses.
Still, some workplaces ban Dropbox, fear that files will leak out through it. Can Dropbox find its way into these locked-down environments with complex security requirements?
It already has in some cases. Here are some of the features Dropbox has rolled out, in the hope of getting a slice of the IT budgets currently going to giants like IBM and Microsoft:
- Remote wipe: Systems administrators can automatically wipe a business account if they think the account may be compromised—just the business files, leaving personal files untouched.
- Downloadable audit logs: Customers can have more visibility into who is sharing which documents. Those logs can then be put into an analytics system like Splunk for deeper probing.
- Account transfer: Turnover is a fact of business. Account transfer—a feature already seen in Google Drive—moves files from an ex-employee to a current employee.
Even with these new features, Dropbox faces an uphill battle in courting businesses against Box and Microsoft, which have more feet on the street calling on large businesses.
Microsoft is the real power when it comes to documents, thanks to its Office suite, where so many work documents begin. Office is increasingly tied into OneDrive, the company’s file-sharing and -storage service.
It seems unlikely that Dropbox will hire a large army of salespeople to respond. It still has more jobs listed for engineers than for salespeople—and its sales openings include titles like “sales engineer” and “solutions architect.” While others sell, sell, sell their products, the updates to Dropbox for Business represents a bet that the company can engineer its way to customers’ hearts—at home, and at the office.
Really terrible Photoshop, for which he apologizes, by Owen Thomas for ReadWrite
The Internet of Things is real and growing, but the money will come neither from Internet nor the Things. Instead, the big money will derive from business services that pull data from those IoT networks.
Unfortunately, a lack of standards threatens to slow the market’s maturation as vendors are forced to build the devices, sensor networks and services that run on top of them.
Lots Of Sensors, Lots Of Standards
According to Gartner, the Internet of Things will balloon to 26 billion devices by 2020. If we add in smartphones and tablets, that number grows to more than 33 billion devices. There’s big money in these little devices: Gartner projects IoT will result in $1.9 trillion in global economic “value-add”—the combined benefits that businesses derive through the sale and usage of IoT technology.
The question is how to make the Internet of Things even bigger. As is often the case in tech, the answer seems to be standards. The Internet of Things has standards today—it has too many, in fact, which is roughly the same as having none at all.
The lack of standardization can’t entirely be blamed on greedy vendors hoping to lock out competitors and lock in customers. As ARM’s Bill Curtis noted at a recent MIT conference, “Because most Internet standards are too complex for the constrained devices in the IoT, these devices tend to run proprietary protocols, creating data silos.” In other words, the proprietary protocols aren’t an end in themselves, but rather a means to an end (getting a network of sensors to talk to each other in order to provide a business service).
Unfortunately, this complexity issue with the Internet isn’t getting any better. As my ReadWrite colleague Brian Proffitt recalled, “unlike the early Internet, where the military and university complexes were working towards a common cause, today it’s every company for itself.”
There is no forcing function for these individual companies to collaborate. But that may be about to change.
Services, Not Sensors
Gartner expects Internet of Things vendors to top $309 billion in direct revenue by 2020, with most of that money deriving from services.
Companies like Bosch are building out services like fleet management that currently depend upon them building the sensors and services, but building sensors today is merely a means to the end of providing the service. The real money is in the services, not the sensors/devices.
Hence, the answer to O’Reilly’s Andy Oram question about standards may simply be “wait and see”:
How do we persuade manufacturers to build standard communication protocols into everyday objects? For those manufacturers using proprietary protocols and keeping the data generated by the objects on private servers, how can we offer them business models that makes sharing data more appealing than hoarding it?
Where there’s money to be made, standards will emerge—likely driven by vendors, as has been the case with the AllSeen Alliance. Bosch, for example, is already building out services based its own sensors but also those from rival sensor manufacturers. It’s why the company spends so much time talking about business models, not merely machines, calling itself “development consultant for new business models.”
No hardware company can depend on its sensors alone. Even a massively successful hardware company like Apple ultimately gives way to an open, services-based alternative like Google’s Android.
With the Internet of Things, we’re still in the early days of the market. Following Clayton Christensen’s pattern for how markets develop, it’s natural that vertical integration of sensors and business services would dominate IoT. But this isn’t how things will end. As sensors proliferate, each of them speaking to different “standards,” services vendors will arise to ingest and interpret disparate data, and will drive standards to ensure they can.
The trick will be whether hardware companies will push hard enough for standardization so they can capitalize on services revenue. Companies that see themselves as pure hardware manufacturers are likely doomed, but those that see beyond the “things” to instead focus on the services built on the “Internet,” the future is very bright.