5 Gadgets You Should Buy Now Instead Of Later

Everyday we have lots of news about the latest gadgets from Tech blogs and social networks, and everyday we tell ourselves to wait … wait until the reviews are out, wait until the better versions are out or the prices are dropped. Yes, it’s me; but of course, YMMV.

However, there are times that I cannot wait but go ahead to buy the overpriced, not-well-tested gadgets, then find out I should have bought those earlier because the gadgets are soooooo good. And here are 5 gadgets that I think you should buy now, instead of later.

I traveled a lot and really like to have a pair of headphone that can play good music as well as cancel all the background noises. I have other noise cancellation headphones before, but the Bose QuietComfort 20i Acoustic Noise Cancelling Headphone is really the best one. This in-ear headphone is lightweight, delivers excellent sound quality, and extremely comfortable. Many times I would turn on the noise cancellation mode in busy cafe or packed subway train such that I can have some quiet time to read. If you have lots of good songs in your mobile device and like to enjoy those even in a noisy environment, this is for you.

bose headphone

So you have a good pair of headphone with noise cancellation feature, then it’s probably about time you shall get the Kindle Paperwhite (second generation) to restart your book reading project. The screen is simply stunning, and you can read it under bright sunlight or in the dark. Best of all, your eyes will thank you as the other non-ePaper digital readers really will hurt your eyes.

Kindle Paperwhite

Other than a pair of headphone and a good book reader, another essential travel companion for me is a good DSLR camera. I’m never a fan of Canon, Nikon and Sony, but became a big fan of Olympus about 10 years ago (I really love their E-1). So when they released their excellent OMD E-M1 last year, I bought it without skipping a heartbeat (note that I already got the E-M5, ooops). A solid, weather-proof, and responsive camera that will never disappoint you in terms of image quality.

OMD E-M1

Another “gadget” that travel with me all the time is the Macbook Air. It’s my work computer, research tool, programming machine and social networking platform. That’s not much you can complain about the great machine, but for me I want one more USB port – to charge my iDevices and without syncing. Yes, I can get one of those power supply plug charger, but instead of getting extra bulk I bought the Twelve South PlugBug World. It’s an All-in-one MacBook global adapter with 2.1 amp iPhone/iPad charger – perfect. And the bonus is, this world edition comes with different plugs for different countries.

plugbug

The last gadget that I wish I had bought earlier is the MIO Alpha I. It is a watch and it is also a strapless heart rate monitor. Yes, you read it right, it is strapless (!!). In addition, it can synchronise the reading to the RunKeeper app with Bluetooth, such that the app can read out the heart rate to you during your exercise. If you like to track your heart rate while jogging or running. Get one, period.

mio alpha

So, those are my picks, what are your 5 buy-it-now gadgets ?

 

Cloud Security Standards for the rest of us

Couple of weeks ago I presented a session about Cloud Security Standards in the yearly ComputerWorld / KornerStone Cloud Security Forum, and one question kept popping up in the event was – “Why Cloud Computing ?”. That puzzled me a bit as I thought all of us aware of the benefits of Cloud Computing – services on demand, pay as you go, and improve development agility etc. etc. So I answered the question with another question :

Screen Shot 2014-02-16 at 9.28.29 pm

Yes, why not ? As you may expect, the typical answers from the floor were “Poor Security !” and “Concerns in Data Privacy !” … Those are concerns, I agree, but those are not facts. Instead I believe the first few things the business users and CTO / CIOs shall consider are some other psychological barriers.

Screen Shot 2014-02-16 at 9.28.33 pm

Those barriers are very real, because once you performed a proper risk assessment of deploying Cloud into your business, and also tackle those barriers, you will find security and data privacy are not major concerns; but more on something the company and the IT team shall handle and tackle professionally.

Screen Shot 2014-02-16 at 9.29.00 pm

And what I meant by handling professionally is before jumping to the conclusion that Cloud Computing is not secure, first ask yourself questions like when and where to use Cloud; outline the Service Level Objective you need; review the people skill set, process and change management maturity; and then lastly look for technical solutions.

Screen Shot 2014-02-16 at 9.29.08 pm

With all that said, one will still question how one can make sure the cloud services (IaaS, PaaS and SaaS) are secure. And that’s I think where Cloud Security Standards can help. It’s not a secret that we have dozens of Cloud Security Standards in the market, and in fact, all of them are important and relevant.

Screen Shot 2014-02-16 at 9.29.22 pm

With so many standards and guidelines, it is rather difficult to tell, whether a Cloud Services Provider (CSP) is already conform to certain standard(s), if you are now shopping for CSPs. Or hard to convince the customers that your company is conforming to certain standard(s), if you are one CSP. The only way I think, is thru Certification.

Screen Shot 2014-02-16 at 9.29.33 pmI believe with proper certification process, regular review and listings of all certified CSPs, customers can easily find the best CSP they want. With the same token, CSPs can easily prove to their potential customers that they are doing a good job.

So Cloud Security Standards may be not easy to define, complicated to comply with; but with certification process, it is easier to make whole things more fruitful to the standardisation bodies, the CSPs and the Cloud Computing customers.

 

Joni Mitchell and Cloud Computing

It may sound very strange, I mean, how can Joni Mitchell, the Canadian musician, song writer and painter remotely relate to Cloud Computing ? Yes, it’s that strange.

I am not exactly a big fan of Joni Mitchell, but I do love her song “Both Sides Now” a lot. Interestingly, this song is the last one in side B of the album “Clouds” (what a coincidence), released in May 1st, 1969. Yes, it’s almost 45 years ago but the other day when I was preparing a conference keynote about cloud computing, I started iTunes and the first song it played was “Both Sides Now”. Then I found out the relationship …

Let’s check out the lyrics of that beautiful song:

Bows and flows of angel hair
And ice cream castles in the air
And feather canyons everywhere
I’ve looked at clouds that way

As you can see, these four lines kinda described the many shapes of Cloud and Cloud Computing – IaaS, PaaS, SaaS, Public Cloud, Private Cloud, Hybrid and Community Cloud. Then the next four lines:

But now they only block the sun
They rain and snow on everyone
So many things I would have done
But clouds got in my way

That basically apply to all traditional IT teams, Cloud Computing is now impacting their everyday works. Internal users now can bypass IT team to subscribe to various cloud based services, development team can now set up development environments in the cloud in minutes without purchasing any new servers, and one system administrator can manage dozens of servers in the virtualised environment with ease, in effect only small engineering team is needed.

Lastly, the third paragraph:

I’ve looked at clouds from both sides now
From up and down, and still somehow
It’s cloud illusions I recall
I really don’t know clouds at all

Yes, clouds are all just illusions, if one takes Cloud Computing seriously – perform proper risk assessment (check out CSA Cloud Control Matrix), evaluate cloud solutions and cloud services providers systematically. Most important of all, even you host your applications in the cloud, you’re not transferred the security risk to the cloud. Instead, you are still responsible for the security of your IT systems.

Cloud Computing is real, it is not an illusion. [Both sides now - Video]

Joni Mitchell

Olympus OM-D E-M1 in Las Vegas

Even though it’s not my the first time in Vegas, but it’s the very first time to have a chance to visit the museums in Vega – yes, I am not a guy to spend any money in the slot machines. Right after the AWS Re:Invent, I took a cab from the Palazzo Hotel to the Neon Museum. It costed me US$ 20 but well worth the money as it’s really hot to walk miles along the Strip to the museum. In Neon Museum you will find lots of old casino and hotel signs. Thru the guided tour, you will know more about the history of the sin city and those neon sign boards.

Then after that, a casual 15 minutes’ walk will lead you to the Mob Museum. If you are a fan of mafia, organised crime and law enforcements, don’t miss it – all the mob stories are explained in great details with excellent photos, audio and visual effects. Then just opposite the Mob Museum, it’s the Fremont Street Experience – don’t miss the show every evening. So after all, it’s really a good way to spend an afternoon in Vegas, if you don’t like gaming like me, and don’t mind some walks.

But of course, the most important thing is I took my OM-D E-M1 to this short trip and here are the pictures …

Timeline of (my) Olympus cameras

Everyone knows me as an Olympus fan, not because I shoot lots of beautiful photos with Olympus cameras but the fact that I bought many Olympus cameras (Digital SLR and Mirrorless) since they launched the revolutionary E-1 camera in year 2003.

Ten years ago, there was really no original digital SLR (DSLR) camera design in the industry as most of them were just a rehash of the film SLR cameras. On the other hand, Olympus’ E-1 was really a ground breaking DSLR as Olympus designed the camera from ground up with many many new and digital photography specific features. So in the last 10 years, I bought eight (!) DSLR and Mirrorless cameras from Olympus and they are – E-1, E-300, E-510, E-P1, E-5, E-P3, E-M5 and the latest E-M1.

I reckon the best way to illustrate this crazy history is through the use of “timeline”. Unlike typical static WordPress timeline plug-ins, I use the interactive timeline script from timeline.knightlab.com. It lets you move along the timeline and click the image thumbnail to launch the blog post I wrote about the camera. Neat …

New Olympus OM-D E-M1

iPad Keyboard Case – The Final Episode

Yes, it’s going to be the final episode of the “iPad Keyboard Case” as I believe I have bought way too many iPad keyboards. In addition, I believe the new iPad 5 will be thinner than iPad 4 and so it is pointless to buy any new keyboards that may or may not fit the future iPads.

So, the latest keyboard I got after months of waiting is the Belkin Ultimate Keyboard Case for iPad. Is it good ? A resounding yes. Is it much better than many others’ favorite – Logitech Ultrathin iPad Keyboard Cover ? Well well …

First of all, the new Belkin keyboard is about US$ 25 more expensive than the Logitech one (as of end August 2013). And it is heavier, thicker, with softer keys and not as sturdy as the competitor (because of the multi-angle design, see below). However, it is really good in a few other areas:

  1. It protects the back of your iPad;
  2. It is heavier than the Logitech, but still lighter than others like ZaggFolio;
  3. It supports multiple-angle viewing (watch the video below);
  4. It can fold flat to become a tablet again (Logitech and others cannot do that), and it is particularly useful when reading ebooks in public transport, without looking like an idiot;
  5. The cover is special designed to enhance the sound flow towards you, it makes the audio sounds a little bit better;
  6. It’s more stylish (I bought the white color version, to fit my black iPad).

All in all, I am happy with the new member of my iPad keyboard family, and will use it for a while … before the next keyboard comes out. And here is a video to see how the keyboard case works with multiple angle set up.

Unlearn, relearn and the AWS Summit

The American futurist Alvin Toffler once said – “The illiterates of the 21st century will not be those who cannot read and write but those who cannot learn, unlearn, and relearn”. I think it is particularly true to those of us working in the Information Technology industry, as every two three years we need to unlearn some buzzwords, and relearn some buzzwords.

However, Cloud Computing are not buzzwords. Therefore, it is important for us to unlearn the previous know-how and relearn the new new things – the new way to design, implement, test, operate and monitor Cloud based IT systems. And one of the best ways to go thru this unlearn and relearn this cycle is to attend the Amazon’s AWS Summit.

One of the key learnings of in the Summit is you can auto-scale the IT systems. In the past few years, no matter who you talked to – salesperson, developers, architects etc., they would all tell you how great it was that you could easily scale up your Cloud based IT system when the system was under heavy loadings (for example, in peak hours of sales period, or festive seasons). Seems to me all they need is to scale up, all of them are very optimistic about their businesses !!

However, the true beauty of the Cloud system is in fact the ability of scaling down, not up, the Cloud based IT system. In other words, we shall design our system that based on certain business and technical criteria, the system can scale up to cater for the extra loading, and scale down to save cost.

In other words, the Cloud system is no longer a fixed architecture, but it will grow or shrink the computing power in line with the businesses. And it will cost more when the business is good, and less when the business is slow. Finally IT becomes part of the business.

Another key learning is the product life cycle that encourages innovation and idea trial. Unlike previous IT set up, now you can implement a basic computing architecture in the cloud in minutes. And you can close down that same architecture in seconds. That flexibility helps us to test drive any idea with ease, and with low cost barrier.

Amazon proposes a life cycle of :

Idea -> MVP -> Scale -> Profitability

(where MVP stands for Minimum Viable Product)

In other words, start with your brilliant but untested idea, build a MVP with minimal computing architecture. When it is a good idea to pursuit further, scale up quickly. Then reap the profit with as little computing power you need as possible.

So, if you missed the AWS Summit 2013 Singapore, and want to unlearn quicker and relearn more … Don’t miss the next AWS re:Invent 2013.

Singapore

Kindle Price Disparity

We all hate price disparity. No matter it’s a scoop of ice cream, a can of soda or a set of computer, you sure want a good price. So what if you can get a brand new, legitimate Kindle Paperwhite much cheaper than in US ? Yes, not same price as in US, but in fact US$ 65 cheaper.  It’s due to the fact that Japanese Yen dropped (and still dropping) like a stone in the past few months. And of course in Japan, Amazon needs to compete with good Sony Reader and others.

Here is a picture from a Hong Kong online retail store, selling Kindle Paperwhite 3G + Wifi, and Paperwhite Wifi. It’s about US$ 268 and US$ 191 respectively.

Hong Kong

OLYMPUS DIGITAL CAMERA

And here are the same two models from US Amazon store – US$ 179 and US$ 119, note that you need to add another US 20 (i.e. without special sponsors screens) and shipping cost.

USA

OLYMPUS DIGITAL CAMERA

And lastly, here are the same two models in Japan Amazon store. Again you will need to add in the shipping cost, but as of today’s exchange ratio (May 1st), the prices are just US$ 133.5 and US$ 82 (before shipping) !! No Kidding !!

Japan

OLYMPUS DIGITAL CAMERA

So, if you have an Japan Amazon account or friends from Japan, it’s time to buy the beautiful Kindle Paperwhite. It’s simply irresistible.

 

In Search of the next iPad Keyboard

The more I use my iPad (1, 2 and now 4), the more I think I need a keyboard. With a decent keyboard I can essentially leave the laptop computer at home, even though the laptop is already a very lightweight one. With a decent keyboard, I can browse the web, jot notes, tweet, update Facebook / Linkedin / Google+ status and compose / reply emails easily … and that’s pretty much all the things I do day in, day out.

So it’s like a mission to find the best keyboard for iPad. First, the original Zagg Solo – it’s a good one but not that protective. Then the updated Zagg ZAGGFolio – stylish, solid but heavy. Then I found a really good one – the Logitech Ultrathin Keyboard. It’s beautiful, lightweight, and with a comfortable keyboard. The only down side is that it cannot protect the iPad very well.

That is the reason why I backed the Brydge + project in Kickstarter. From the project page, the keyboard certainly looks like the perfect keyboard – rock solid, good keyboard, and come with a speaker. 9 months (!) after the project get funded, I finally received the keyboard – it’s heavy, thick, and with sticky keys. You can check out the project comment page on how upset all the other backers are, in fact many still have not received their keyboards.

I am still using this keyboard every single day, while waiting for the next one – Belkin Ultimate Keyboard for iPad or Logitech Folio Keyboard.

Yes, the more I use my iPad, the more I think I need a keyboard.

Keyboard_x

Happy Chinese New Year – The Year of Snake

According to the world famous astrologer (i.e. Mr. Internet the Great), this year of Snake is meant for steady progress and attention to detail. Focus and discipline will be necessary for one to achieve what set out to create. In addition, the year has ability to read complicated situation quickly in a controlled manner which is good for business.

Wish you all happiness and prosperity in the Year of Snake !

image002

AWS Cloud Security

Going to Vegas for the Amazon Re:Invent event is one of the best ways to learn about Cloud Computing and Cloud security. And the second best of course is to just browsing the slide decks or videos of the event, from your office or home. So here you go, fresh from the Internet, the course 206 of the security track – “Security of the AWS Cloud”.

And don’t forget to follow up with the slide decks of “AWS Cloud Security” and “Security and Compliance”



To cloud or not to cloud ?

If you ask the above question to the various cloud services providers, I am sure their answers are “Definite yes”.

If you ask the same question to end users, their answers may end up like “I really don’t care.”. And for the question again to business owners, their answers will probably are “May-be’s” because seriously no one really reveals all the cloud benefits, implementation pros and cons to them.

To IT professionals, however, we will probably provide a vague answer – “It depends.”. The long form of the answer is – “It depends on the maturity of the cloud market, technology and whether the solution available today can match your budget, quality requirements, and expected service level. More importantly, whether cloud technology and solutions can help your company to improve competitive advantage.”

That’s exactly what Cloud Security Alliance (CSA) and Information Systems Audit and Control Association (ISACA) did in a recent survey to answer part of the question – what is the maturity of the cloud technology and market, now ? A collaborative project by CSA and ISACA , the Cloud Market Maturity study provides business and IT leaders with insight into the maturity of cloud computing.

The study also reveals that cloud users in 50 countries were least confident about the following issues (ranked from least confident to most confident):

  1. Government regulations keeping pace with the market (1.80)
  2. Exit strategies (1.88)
  3. International data privacy (1.90)
  4. Legal issues (2.15)
  5. Contract lock in (2.18)
  6. Data ownership and custodian responsibilities (2.18)
  7. Longevity of suppliers (2.20)
  8. Integration of cloud with internal systems (2.23)
  9. Credibility of suppliers (2.30)
  10. Testing and assurance (2.30)

None of these findings are really a surprise, I suppose, however it is important to conduct such project because it helps us to understand how the cloud market will change over time, and how it advances from infancy to full maturity.

Do check out the press release and the full report to understand more about the findings, or you can check out the following infographics – the whole report in one picture.

4 key questions about your security programme

If you are the CISO of your organization and implementing a security programme, what questions shall you ask yourself to help realizing a successful programme rollout ? No, it is not about what software to use, what hardware to install, what process to put in place or even what vulnerabilities you are going to remediate or mitigate. In fact, they are:

  1. Are we doing the right things ?
  2. Are we doing them the right way ?
  3. Are we getting them done well ?
  4. Are we getting the benefits ?

Four simple questions about your security programme, all about the business results – but not technology, schedule, and resources. Four questions about the reality such that your company can make informed decision. In addition, each of the four questions can be further elaborated, for examples:

Are we doing the right things ?

  1. What technology, processes are proposed ?
  2. For what business outcome ?
  3. How do the deliverables within the programme contribute ?

Are we doing them the right way ?

  1. How will it be done ?
  2. What is being done to ensure that it will fit with other current or future capabilities ? (e.g. Business / Operational / Technical capabilities)

Are we getting them done well ?

  1. What is the plan for doing the work ?
  2. What resources and funds are needed ?

Are we getting the benefits ?

  1. How will the benefits be delivered ?
  2. What is the value of the security programme ?

You shall answer all the questions based on relevant, current accurate business-focussed information. By that time, I am sure, you will find that to have a successful security programme, it is no longer depending on the technology, process and policy only, but also an investment that has an enormous impact on creating and sustain business value.

Log My Life

Back in the early 1980s’ when I was a Fortran programmer, it’s a doctrine to document every programs with very detailed comments. Roll forward 15 years, then when I developed the very first homepage of my own in year 1995, I started to log down the changes of my own website and showed those in the front page, with an aim to inform my site visitors the details of the website changes. And gradually, the “logs” included not only website changes, but also news, jokes, events, photos, videos and opinions.

As you may all know, these change logs (Web Logs) later was named as Blog (coined by Peter Merholz, who jokingly broke the word “weblog” into the phrase “we blog”) in year 1999.

And now I no longer develop programs (except some twists on scripts and PHP programs), but more and more, I am logging my life within the Internet … like a lifelogger but without those geeky devices.

Like it or not, every single day we are logging our lives with dozens of modern day Internet tools and social networks. I did a check lately and found that indeed I am sharing bits and pieces of my life one way or the other, every single day. And treating myself as a use case, here are the tools and services you can use to log your life if you want to, insanely …

  1. Start your usual day with the app Zite (or Flipboard) for iPad and start sharing your selected Internet, eCommerce, Media and Security news to Buffer (Buffer is a service to schedule your social sharings, highly recommended).
  2. For some more important news that shall not be “buffer-ed”, immediately share to social networks like Facebook, Twitter, Linkedin and Google+.
  3. Throughout the day, browse your Facebook wall and Twitter tweets (with TweetDeck) to see what news you can further share to your friends and followers.
  4. For each place you visit in the day, check-in to FourSquare and take a photo with an aim to share it later to social networks, with or without touch-ups by Instagram. If time permits, record this in the beautiful app Path. In case you will forget where you’ve been, say two years later, you can subscribe to Memolane service to remind you.
  5. Whenever you see some good photos (food, pet, fashion, scenery etc. etc.), “pin” it with Pinterest tool. And for good articles and slides, save it to Dropbox for future reference.
  6. What about books ? Read your ebooks with Kindle and whenever you encounter a good line, share it to Facebook and Twitter again. Of course, don’t forget to tell your Linkedin connections what book you’re reading with the Amazon module.
  7. Then for the slides created in public speeches or presentations, share those though Slideshare. In addition, publish your own “social newspaper” thru Glos.si. And if you want your friends to get a printed copy of your sharings in Facebook, publish it through Yearlyleaf.
  8. With all these social interactions, closely monitor your Klout score to see whether your shall share, tweet and “like” even more …
  9. And about your work, document your career history in Linkedin, VisualCV and Vizify.
  10. Last but not least, keep your views and master pieces in your blog like this tiny little one

So, are you ready to log your life ?

Log your life