It’s been a few years that this personal blog has been mostly dormant, as I have mainly published content on the Altova Blog, but 2019 seems to be as good a year as any to hit Ctrl-Alt-Del on my XML Aficionado blog and again comment on industry trends, new developments, new technologies, and changes that impact our society in general. As has been the case in the past, there might be a few posts about the Red Sox or Patriots, too…


I have also rebooted the layout and design of the blog, and it has been moved from Blogger to Squarespace, upgraded to SSL, and now features a mobile-friendly responsive design. Hope you like it…

All your base are belong to us

Seeing young people today taking technology for granted that was quite literally the stuff of SciFi stories during my childhood makes me wonder how we're going to get to the next level, if fewer and fewer people get into engineering and science careers now than in the past 50+ years.

Consider for a moment how much computers and their processing power they possess have advanced over the past 24 years: when I started this business in 1992, we were playing video games like Zero Wing ("CATS: All your base are belong to us", released in 1991) and Myst in 1993.

Now we're immersing ourselves in a virtual world like Destiny in 2014 and The Order: 1886 in 2015, and are on the brink of even more immersive experiences with VR goggles such as Oculus Rift and Microsoft HoloLens on the horizon. Yet if you consider the advances from Zero Wing to Destiny you're still only looking at about ⅔ of the progress that I've personally witnessed since I became interested in computers at age 12...

Back then we had a TRS-80 in my middle school and a friend's dad owned a Commodore PET. Later, during my high school career, we had Commodore 8032s to work with, and at my dad's laboratory at the university I had a chance to work with an Apple II (actually, to be more precise, it was a French Apple II clone). It wasn't until my Junior year that I was able to afford my first very own computer, an Apple IIe, and later one of the first IBM PC-XTs and then one of the first Macs during college.

I started programming early on and wrote software for a variety of local small businesses, which allowed me to be an early adopter and buy some pretty neat computers at that time. All of these machines had - by today's standards - extremely slow CPUs and laughably small amounts of RAM (and all, except the PC-XT, didn't even have hard disks!).

In fact, your typical smartphone today has more computing power, memory, disk space, etc. than all of NASA had in their "supercomputers" when they placed a man on the moon.

So why is it then, that we see so few young people interested in anything more than just playing games on their computers, consoles, and phones? Why do we need efforts like to try to encourage more students to explore programming and computer science? Why is the age old question of "how do I program this darn thing" not burning in the minds of more young people?

All I can imagine is that there is, perhaps, a significant difference between then and now due to increasing complexity? Back in the early days, it was maybe a bit easier to be fascinated by computers and to be sucked into wanting to program them, because it was still possible to completely comprehend how a computer worked. Within just a few weeks you could teach yourself a programming language and create your first program. And you could create something cool in just a few months. By contrast, nowadays, to create something "cool" you need almost a movie studio budget and a team of programmers working for several years.

However, the barrier to entry was much higher back then in economic terms: you had to use a computer in a lab, at the school, or in college. Very few people could afford their own computer. By comparison, with a budget of < $80 you can build your own Raspberry Pi today and hook it up to an old monitor and off you go. You get all the programming tools in the world and a platform that is open and invites you to experiment not only with the software, but also with the hardware!

So why are young people today more inclined to play video games (be it on their smartphones, on PCs, or on consoles) than to want to program computers? And is the right approach to get more people interested in computer sciences?

Let's discuss...

Big Data analysis applied to retail shopping behavior

Everybody knows that online retailers like Amazon track customer behavior on their website down to every last click and then analyze it to improve their site. But when it comes to regular retail locations collecting detailed customer data by tracking their every move, people seem to be surprised, and sometimes even outraged…

Tracking Shoppers in Retail

It is somewhat ironic that we are used to being tracked online, but when customer tracking - sometimes even based on the very smartphones we carry in our pockets - hits the real world, privacy concerns abound. Interestingly, the same systems have been used for years to prevent theft, and nobody seems to have a problem with that. But once Big Data gets collected and is analyzed for more than just theft prevention and is utilized to analyze shopping behavior and improve store layouts, things get a bit murky on the privacy implications.

The NY Times has a nice article about this today, including a video that shows some of the systems in action. Very cool technology is being used from video surveillance to WiFi signal tracking, and I guess this is really just the tip of the iceberg.

It will also be interesting to see how the privacy implications around Google Glass play out in the next couple of months. If the government can track and record everybody and if business can track and record their customers, then why shouldn't ordinary people also be allowed to constantly record and analyze everything happening around them?

When George Orwell coined the phrase "Big Brother is watching you" in his Nineteen Eight-Four novel, the dystopian vision of a government watching our every moves seemed to be the epitome of an oppressive evil. Nowadays, privacy concerns have certainly evolved over the past decade to the point where video cameras on street corners are taken for granted in many democracies and I'm sure we'll see a continued evolution of our understanding of privacy in the years to come.

Additional Coverage: Techmeme, Marketing Land, iMore, Business Insider, The Verge

Zero-day exploits, spies, and the predictive power of Sci-Fi

Reading the NY Times over coffee this morning, I noticed the article "Nations Buying as Hackers Sell Flaws in Computer Code" which details how nations (and, in particular, their secrete service organizations) are now bidding for and buying zero-day exploits from hackers and security experts worldwide.

Certainly a very timely article, as the world still comes to grips with the evolving role of the NSA and what we've learned in the aftermath of the Snowden leaks. It also reminded me of a Science Fiction series I read in the late Nineties and turn of the century: Tom Clancy's Net Force.

TomClancy's Net Force

Set in 2010 this was a gripping story about a new fictitious FBI division created to combat threats in cyberspace. The storyline quickly evolved from criminal investigations into cyber espionage and cyber warfare. These were the days of the early web and people still used AltaVista as a search engine - so a lot of the ideas in Net Force seemed pretty far out back then.

Interestingly, in the real world, in 2010 the US Army activated their Cyber Command.

And when people talk about Cyberspace in the media today, let's not forget that that term, too, was coined by Sci-Fi authors such as Vernor Vinge and William Gibson in the early Eighties. Like many other geeks of my generation, I devoured those books back then.

Musing about these things over coffee on a beautiful Sunday morning reminded me of an interview I gave to Erin Underwood at the Underwords blog a year ago, in which we talked about the importance of Sci-Fi for young adults and the oftentimes predictive powers of Sci-Fi literature…

The end of an era: PCWorld magazine stops print circulation

It seems logical that computer magazines would be the first to go. After all, computer geeks are the proverbial early adopters and have long since moved on to consuming news in a more timely fashion: online magazines, technology blogs, and up-to-the-minute real-time news on Twitter. Personally, I stopped reading print magazines and newspapers over three years ago. In an always-on always-connected world, where your smartphone provides you with instant access to everything, a daily print publication brings you yesterday's news. And let's not even talk about weekly or monthly print publications.


Over the past decade I've seen countless tech publications get thinner and thinner from issue to issue and then just disappear. Some of them make a successful transition to an online magazine, and some don't. Interestingly, however, there is one computer-focused print publication in Germany that has managed to still stay relevant: c't Magazin. For some reason they've been able to keep and even grow their readership well into the 21st century.

Don't get me wrong, I still like journalistic excellence and that's why I subscribe to several online news sources that provide more of a well-researched and insightful commentary on the news:

I read these on whichever device I'm currently working on, be it the laptop, tablet, or smartphone - usually over a cup of coffee in the morning or while munching on a sandwich for lunch - and I intentionally include UK and German publications as well as AlJazeera to get a more balanced global view.

But for up-to-the-minute news I rely on Twitter as well as news alerts from Reuters, the Associated Press, and intelligence alerts from Stratfor, plus the usual geek-focused blogs, such as Engadget, Gizmodo, etc. and Techmeme as a blog aggregator.

One could, of course, argue that the era of computer magazines had ended much earlier already, when BYTE ended circulation in July 1998. But that would be dating myself…

Additional coverage: Techmeme, The Verge, TIME, ZDNet

Password Security and Keeping your Data Safe

If you are using a password that is 8 characters in length (or shorter) you just lost the game. And I'm not talking about well-known passwords, such as "password", "monkey", "qwerty", or "12345678". This machine here is part of a cluster of 25 GPUs (Graphic Processing Units) and can crack any 8 character password of any complexity in less than 6 hours:

GPU Cluster

As reported on the Ars Technica blog today, researchers have built a Linux-based GPU cluster that can do a brute-force attack on the NTLM cryptographic algorithm at the heart of the Windows login authentication that can try and astounding 958 combinations in just 5.5 hours. At a speed of 350 billion guesses per second, it can crack any password of 8 characters or less in length without resorting to dictionary-based attacks.

Combining such power with existing dictionary based cracking algorithms can possibly crack even longer passwords in a similar time.

The machine was unveiled by Jeremi Gosney at the Passwords^12 conference in Oslo, Norway, last week. The same machine can make 63 billion guesses per second against password hashes computed using SHA1 - a very widely used hashing algorithm.

How secure is your password?

The reality is that most people still use incredibly weak passwords. The 25 Most Popular Passwords of 2012 are well-documented, as are the 10,000 Top Passwords of 2011. If your password is on either of those lists, you should stop what you are doing right now and go change it. Seriously. All of these well-known passwords as well as any word that appears in a dictionary is highly susceptible to hacking.

Up until a little while ago the common recommendation was to add a few numerical digits and maybe a special character or two to the mix and that would usually result in a pretty safe password. Most sites also require users to pick a password of 8 characters of length (or more) and people usually stick with 8. But that is simply no longer sufficient, as any password 8 characters in length can now be hacked within 6 hours with a brute-force attack.

However, the solution is fairly simple: just by doubling the password length from 8 to at least 16, the duration required to crack the password by the new GPU cluster or similar machines increases from 6 hours to 138 billion years. Even assuming reasonable advances in processor power over the next couple of years, that should make the password pretty safe for the foreseeable future.

If you want to see how (in)secure your old password was, you can use this service. But please make sure you change your password afterwards!

In addition to these thoughts about password length and complexity, it is also important to realize that sooner or later most online websites end up being hacked and all their passwords being stolen (see, for example, the LinkedIn Password Hack in June 2012). Therefore, it is vitally important to minimize the damage and not reuse your passwords on multiple sites.

Ultimately, however, a password alone cannot ever be 100% secure. In addition to hacking in its various forms, any password is also susceptible to phishing attempts, trojans, key-loggers, and other approaches that compromise its security. The only proven approach to really keep a system secure is based on a technology called 2-factor authentication where you need to provide at least two pieces of information to access a system: for example, something that you know (password) and something that you have (secure token).

A lot of these topics have also been discussed in various newspaper articles and blog posts recently and I have provided links to the most useful articles at the bottom of this blog post.


Here is my own personal list of measures that help me keep my passwords and data more secure - these are based on my own approach that I've developed over time, so feel free to adopt any of those for your needs as you see fit:

  1. If an online service offers 2-factor authentication, I always take advantage of that - especially for sensitive information, such as online banking, investments, etc. but I also use it for DropBox, my Google account, or even for Facebook.
  2. All passwords need to be 16-20 characters length at a minimum and include at least 6 numeric or special characters. This makes them relatively uncrackable, provided that one doesn't include any common words from the dictionary. I try to stay away from common recommendations and password-generation patterns, such as taking the first character of each word in your favorite song lyrics or similar approaches. If a pattern has been described somewhere you can rest assured that hackers know about that pattern and can tweak their algorithm to crack it.
  3. I use different passwords for all sites - not a single password shared amongst multiple sites.
  4. For all online services I use computer-generated random passwords with a length of 16-20 characters or longer - depending on what the website allows - and these passwords use at least six numeric or special characters. For example, such a password might look like this: [mLzJKf1j7cP3n|B!8@WJw
  5. I use a password-management application to generate and keep track of all these random passwords. There are many popular such applications on the market and after some research and testing I found 1Password to be the right solution for me, since it is available for Windows, Mac, iOS, and Android.
  6. My master password for the password-management software is somewhere between 25-35 characters in length and uses more than eight numeric and special characters. Nothing in this password is susceptible to a dictionary-based attack, so it should withstand all current cracking capabilities.
  7. I store all my sensitive information and financial data in an encrypted file and keep it safe by storing that file on a USB drive. I use a href="">TrueCrypt as the encryption software of choice, because it is again available on multiple platforms. The password for my encrypted data is again highly complex and fulfills all of the requirements outlined above.
  8. To guard against catastrophic failure of the password-management software, a printout of all passwords is stored in my safe.

With this approach I feel that I have done a pretty good job of making a hackers' life rather difficult. Is it 100% secure? Probably not, and I constantly tweak my system as new information surfaces and we learn about new improvements in processing speed or cryptography advances.

What is your strategy? Let me know your thoughts here on the blog or via Twitter or Facebook comments…

Further reading:

Tools I use:

Ingress - an AR-MMOG created by Niantic Labs at Google

I don't often write about games on my blog, but this one deserves an exception, because it is extremely innovative, unique, and a harbinger of things to come. On November 15 Google launched a closed beta of Ingress, a sci-fi themed game currently available only on the Android platform.

Ingress defines a new category of game that could probably be best described as AR-MMOG (Augmented Reality - Massively Multiplayer Online Game). The basic premise is that an alien influence called Shapers are trying to control human thought and are entering the world through portals that are often associated with historically significant locations, statues, or public displays of arts. These portals are associated with Exotic Matter (called XM in the game) that needs to be collected to energize the player as well as the portals.

Players must move through the real world and visit these portals with their GPS-equipped Android smartphones to play the game.

The objective is to hack the portals, link different portals, and create so-called control fields by forming triangles of linked portals. After completing a few training missions, players must choose a faction and either side with the Resistance, who are trying to protect mankind and prevent further Shaper influence, or side with the Enlightened, who consider Shaper influence to be beneficial and usher in the next logical step in the evolution of mankind.

Enlightened vs. Resistance

I was very happy to receive my invite to the closed beta on November 21 and found some time on the morning of Thanksgiving Day as well as on Black Friday to play the game on my Galaxy SIII. Doing so allowed me to take some extensive walks on both days and burn off a lot of the food calories that would have accumulated otherwise.

Playing the game is extremely addictive. I decided to join the Resistance and explored the available portals in and around Marblehead on the first day. Capturing my first few portals was fairly easy, but then I encountered some Enlightened portals that gave me a good challenge right away. Most of the portals are directly taken from the Historical Marker Database, so you learn a lot more about the history while playing the game. I also found that having a car to drive to neighboring towns and some remote portal locations is a huge bonus - especially when you get to deploy higher-level portals that have a range of several kilometers available for linking.

For example, on one of my excursions I took a stroll through downtown Salem in my quest to capture more portals and found one above the statue of Roger Conant:

Approaching a portal in Salem

By hacking and capturing one portal after the other, I was able to not only collect the required items for linking portals together, but also the necessary weapons for attacking portals of the opposing faction. And it didn't take long for me to eliminate all of the Enlightened influence in my area and connect several of the portals in Marblehead to create the necessary control fields that are then shown on the display of the Ingress app:

Control Fields in Marblehead

As I leveled up, I was able to create more powerful portals that allowed linkages over several kilometers distance and so I used Black Friday for some further excursions into Salem as well as trips to Swampscott and Nahant that allowed me to create a much larger field to protect all the inhabitants in my immediate vicinity:

Larger area control fields

Now it is only a matter of time until the Enlightened students at MIT try to increase their influence further north and will begin their attack on the North Shore. I am sure a battle of epic proportions will ensue in the days to come:

Larger Boston Area Intel

Ingress is extremely well done for a beta version of a game. I can only assume that Google has done some extensive internal testing before opening up the beta to people outside. And the combination of GPS, mapping, the historical marker database, and the many different web properties (see list below) combine to provide a truly addictive game-playing experience.

Even before you get immersed in the actual gameplay - and while you anxiously await the arrival of your invitation to participate in the beta - there are several websites that provide hints at the background story, videos, and artwork by fictions characters that appear to exhibit signs of Shaper influence.

One can easily see how Google's Project Glass will be used in a future version of this game that takes augmented reality game-play to a whole new level…

Obviously, there are also some privacy implications in such kind of gameplay and several bloggers have already questioned Google's motives in creating this game. Allegations range from creating an optimized database of walking paths for further enhancing Google Maps to more sinister data collection for advertising purposes.

Be that as it may, for the time being I will continue participating in the beta for a very simple reason: the game is actually a lot of fun to play!

Further information on Ingress can be found here:

Also see blog posts on AllThingsD, Engadget, pandodaily, The Verge, TechCrunch, and others…

P.S. Don't ask me for an invite, as I don't have any to give away, sorry!

A life-changing software called “Lose It!”

It is not often that I would give a piece of software the attribute “life-changing”. Certainly, XMLSpy and it’s huge success has changed my life and that of many people at Altova. And others have called DiffDog a life-saver before:

"DiffDog saved my life! Recordare developed MusicXML as an Internet-friendly format for publishing and sharing digital sheet music. As MusicXML became more popular, we needed a truly XML-aware differencing program to evaluate the XML files created by our Dolet plug-ins. DiffDog gives us the high quality regression testing tool that we had long sought for our MusicXML projects."
- Michael Good, CEO, Recordare

But the software I discovered on January 1st this year is the one that best deserves this label. Like so many other years before, my New Year’s resolution this year was to finally lose some weight. And most every year that resolution didn’t last very long. In fact, over the past 17 years I had managed to gain just a few lbs every year – but those added up and ultimately got me from 200 lbs to about 291 lbs in over a decade. Not good.

But this year it was different. This year I discovered Lose It! – a nifty little iPhone app plus website – and started on a real weight-loss program (in combination with a consultation with my doctor). What Lose It! does is deceivingly simple: it helps you track your calories – both those taken in as food and those expended in the form of exercise.

But it doesn’t restrict you in your choices of what foods you can eat. Due to the tracking you quickly learn what is good for you and what isn’t, so you end up making healthy food choices automatically.

And over time your actual habits start changing. For example, when I now know that I have a big dinner with friends ahead of me, I always make sure to exercise right after work and build up a calorie-deficit going into the dinner. And the fact that you are counting calories with the iPhone app right at the dinner table helps you learn portion control and get back to eating in moderation.

As a result of that, Lose It! has enabled me to lose 25.2 lbs in the past 9 weeks. That’s just a little over 2.5 lbs per week, so it is a very healthy rate of weight-loss.


I still have a long way ahead of me and only time will tell if I can reach my goal on time. But I already feel a lot better and have a lot more energy. And it feels truly empowering and liberating to finally see those extra pounds disappear.

This post may sound like a commercial for the latest weight-loss fad, but it isn’t. In fact, I have no financial interest in the company behind Lose It! or their products. And the iPhone app is free. The only reason for me to blog about this is to (a) give a tip of the hat to the people who created Lose It! and (b) hopefully help a few other people get started on their way to a healthier weight.

Watson 9000

I’ve been watching Jeopardy – The IBM Challenge for the last two evenings and the Nova documentary “Smartest Machine on Earth” the week before. What the folks at the IBM Watson team have pulled together is really quite impressive. Not only is Watson in the lead so far – and by a huge margin – it has also taken a giant leap forward for natural language processing in computers.

From the early days of the Eliza program by Joseph Weizenbaum it has always been a challenge for computers to recognize and process human language (click here for a JavaScript version of Eliza that you can interact with). While we’ve made remarkable progress in speech recognition in the past couple of years, the actual ability to understand and interpret language has eluded even the most sophisticated computer systems.

Humans just have a tendency to use colorful phrases, idioms, pop-culture references, and mix it all with humor in a way that is difficult to grasp for a machine. Nevertheless the Watson team seems to have made great strides in tackling these difficult problems.

It was immediately obvious that Watson did best when the question was directly related to an encyclopedic fact, such as the various illnesses in the “Don’t worry about it” category tonight. But even with humorous categories like “Church & State”, Watson did fine. In fact, Watson didn’t just do fine tonight: he (it?) dominated this second day of the Jeopardy challenge finishing with a crazy lead of $36,881, to $5,400 for Rutter and $2,400 for Jennings before going into Final Jeopardy.

The big surprise, however, came in the Final Jeopardy round tonight, when the category was “U.S. Cities”. In response to the answer “This city’s largest airport is named for a World War II hero, and its second largest airport is named for a World War II battle”, Watson came up with “What is Toronto”, which is clearly not a US city, while the two human contestants both responded with the correct answer (What is Chicago? The airports are O’Hare and Midway). However, Watson was reasonably unsure about its answer and only wagered $749, so his loss was kept nicely under control. Clearly, there is something amiss in the interpretation of categories in Watson’s algorithms. It could potentially be as simple as a missing entry in a synonym table that equates “U.S.” with “US” and “USA”…

But we’ve seen that same weakness in the category interpretation also in various rounds of test games that we saw in the Nova documentary.

It remains to be seen how Watson fares tomorrow in the final round of Jeopardy. I will definitely be watching…

In any case, now it is just a simple matter of time until IBM shifts its company name one letter to the left and comes out with the next release of Watson, which will probably be called version 9000:

HAL 9000 responding to Dave Bowman in “2001: A Space Odyssey”


More commentary on Watson can be found on Techmeme, and in particular I recommend this article All Things Digital.

UPDATE: For an explanation of the “Toronto” incident by David Ferrucci, project manager for Watson, please see “The Confusion over an Airport Clue” on the IBM Smarter Planet blog.

Communicating more efficiently with E-mail and Social Media

Every now and then – sometimes in response to one of my jubilant “inbox zero” tweets – people ask me for tips on how to communicate more efficiently using E-Mail as well as various social networks. For a long time I have resisted their questions or occasionally simply given people the link to the “Inbox Zero” video by Merlin Mann.

However, over the past year I gradually came to realize that while I initially started out just following the Inbox Zero paradigm in the spring of 2008, my system of dealing with E-Mail and social media interactions has evolved considerably since then.


I am not going to repeat any of the Inbox Zero principles here – for those I recommend the above-mentioned video or getting Merlin’s upcoming book on the subject – but instead will focus on what I do differently and in addition to his principles.


Inbox Zero2

Clearly zero2 is still zero, so take the topic with a grain of salt. My approach to keeping my E-mail inbox cleaned up and down to zero focuses much more on prevention than just managing the incoming flow of E-mail. An E-Mail that you don’t even receive in the first place immediately translates to less work spent on dealing with it.

Step 1

Get the best spam filter you can afford. Some come bundled with anti-virus and security software and those work well. Others are stand-alone products and that is fine, too. The most important thing is to configure it correctly so that all your contacts are white-listed and the spam settings are updated constantly via subscription service. If tuned correctly, a spam filter will virtually eliminate 98% of spam while yielding very little if not even zero false-positives.

Step 2

Once your spam filter is running smoothly, modify the Inbox Zero rules that you are using so that the most desirable action is no longer to delete an e-mail.  Instead, the most desirable action is now to mark an e-mail as junk and block the sender from ever sending you e-mail again. This sounds incredibly brutal, but just think of the countless newsletters, cartoons of the day, or other useless noise you’ve subscribed to at some point in time in the past and then think about how often you actually read them today. Instead of deleting them – which forces to delete them again and again and again week after week – unsubscribe from them if there is a legit unsubscribe-link at the bottom or mark them as junk so that the spam-filter will automatically delete them for you. The one exception is, of course, the Altova Developer Newsletter – that is the one newsletter you should indeed read every month.

Step 3

Whenever you are filling out a web form, placing an order, or requesting a white-paper, take great care in reading all the options and making sure to uncheck the “send me a monthly e-mail” check-box.

Step 4

Don’t hesitate to use the mark e-mail as junk and block the sender function on unsolicited sales messages, out-sourcing offers to India, or uninteresting and irrelevant business-development requests. This may feel a bit impolite at first, but remember: these messages came unsolicited, so there is no need to be polite or even respond at all.

Step 5

If there are annoying e-mails that you must receive as part of company-internal policies or correspondence that you cannot simply mark as junk e-mail, you may want to consider setting up a special folder for them and using a rule to automatically have those e-mails delivered into that folder. Then you simply make time once a week to read those internal e-mails and scan them for important information before you archive them.

Step 6

Last, but not least, observe your own e-mail behavior and realize that a lot of the e-mail you receive probably is in response to a question you sent. In essence, you are generating your own inbound e-mail flood. Now adjust your own behavior by determining which questions can be better and more efficiently dealt with in a phone call, an IM conversation, a Skype call, or even via social networking tools, like Twitter. You will find that as a result of adjusting your outgoing e-mail practices, your inflow will adjust in a similar fashion.

By adopting these steps and following all the other best practices from Inbox Zero you can develop a habit of reducing the amount of e-mail you have to deal with and keeping your inbox empty, your stress-levels low, and your to-do list nicely organized.


Be Smart. Get a Smartphone.

The second most important productivity increasing tool is the use of a smartphone. I personally prefer to use an iPhone, 4 but it doesn’t really make a difference if you use Android, Windows Phone 7, or the iPhone. The key is to set up your e-mail account in such a way that you can not only read your e-mail on your smartphone, but also process it according to Inbox Zero principles. This means you need to be able to (a) delegate e-mail via forwarding; (b) reply to e-mail quickly; (c) archive it after reading; and (d) delete it if it wasn’t important.

If your smartphone only allows you to read your e-mail, but doesn’t allow for the above processing, it is entirely useless, because now you are wasting time on reading an e-mail which you will have to later read again. If that is the case, you may need to get a better e-mail provider, better smartphone, or just figure out how to use it properly.

In my case we use a Microsoft Exchange server as our e-mail back-end system in the office, and I use an iPhone 4 as my smartphone – and it works like a charm and lets me do all the processing I need to do.

Now why is that important? The answer is quite simple: there are uncountable minutes of “dead time” during a day that you don’t even realize you have or that you are currently wasting. Anything from waiting at a Dr.’s office to an unproductive meeting and from waiting in front of the school to pick up your kids to standing in line at the post office. There are always unused periods of 3-4 minutes each – sometimes even 5-10 minutes – that you can use for reading and processing e-mail.

The Inbox Zero video teaches you to not have Outlook (or your preferred e-mail client) open all the time and instead dedicated specific periods of time during the day for dealing with e-mail. By using a smartphone and processing e-mail during otherwise dead periods of time, you can easily reduce the duration and frequency of your e-mail processing times during your work day and thus gain more productivity.

Once you get good at this, it will also no longer be necessary for you to set up “Out of Office” notifications when you are on a business trip. Instead you will find that you can easily deal with the normal e-mail inflow by using your smartphone during the day and perhaps spending one hour per day on dedicated e-mail processing on your laptop in the morning or evening in your hotel room, during which you reply to those e-mails that cannot be answered with a simple 1-line reply from the smartphone.


Social Media

We’ve already discussed that the Inbox Zero approach teaches us to not have the e-mail client running all day long so that it doesn’t interrupt our work constantly. The same is true – perhaps even more so – for social media. If you keep Facebook open in your browser the entire day, don’t be surprised if you can’t get anything done. The social life of our friends is guaranteed to always be more interesting than your current job or assignment.

I am by no means saying that social media are useless. But you can easily waste a lot of time, if you don’t deal with social media in a carefully measured approach.

My recommendation is to only open Facebook or other social media sites from your computer at home, but not use it at all from your work environment. If you have to check Facebook during the day, do it in your lunch break using your smartphone.

Last, but not least, think about your approach to social media. If you are primarily a consumer and reading what other people post, you are probably wasting a lot of time. Try a different approach and think of social media as your personal broadcasting tool to spread your ideas, amplify your blog, increase interest in your product – and you will find that a lot more productive interactions and real conversations will happen as a result.

At the same time, be careful that you are not getting sucked into over-sharing


Becoming even more efficient

Clearly, this blog post is already way too long. Which brings me to the one problem I haven’t mastered yet in my own communication: to try to keep all e-mail, messages, blog posts, etc. short and sweet. Ideally, I would want to aim at having all my e-mail be less than five sentences. But that is really hard to do…

Using the iPhone to pay at Starbucks

There is no use denying: I've been a big fan of Starbucks' coffees for many years and have had a Starbucks Gold card ever since it came out. But I was intrigued to learn a few weeks ago that Starbucks announced Starbucks Card Mobile - an iPhone app that lets you enter your Starbucks card# on the iPhone and you can then use that app to not only check your card balance, but also to pay at certain select Starbucks locations. These test locations are currently only in the Seattle and Silicon Valley areas, and since I am staying in San Francisco for Oracle World this week and met with some friends in the Valley for brunch yesterday, I headed to a Starbucks in Mountain View before driving back to the city.
The iPhone app has a nicely designed user interface and is extremely easy to use. When you are ready to pay, you start the app, enter a PIN code and hit the "Touch to Pay" button. Then you wave your iPhone in front of the scanner of the register at the checkout while it displays this screen.

Once you are done, you hit the "Touch when done" button and the app returns to the balance screen, where you can immediately see the balance after your payment has been processed.

And you can also get a journal of all recent transactions on your card - both those done via the iPhone app and does that were completed using the regular Gold Card in stores that don't yet accept the iPhone app.

All I can say is that this app makes total sense. No more digging for your wallet and fidgeting with the plastic card. Instead - since I use the iPhone all the time when standing in line - I just open the app and wave my iPhone at the scanner to pay. Very cool. I hope Starbucks rolls this out in stores all across the country soon....

Sign of the times: different media used to relay birthday wishes

It is perhaps a sign of these times that birthday wishes are being relayed through different media than before and social media is clearly the winner in this. I did indeed celebrate my 42nd birthday yesterday, and just for fun I kept track of how the birthday wishes arrived:

  • 19th century technology (and earlier)
    • Postal mail: 1
    • Telephone: 3
  • 20th century technology
    • E-Mail: 14
  • 21st century technology (mostly social media)

What I find interesting about this is the huge difference between Twitter and Facebook – especially since I have 3,310 followers on Twitter vs. “only” 583 friends on Facebook. So on Twitter a total of 0.2% of my followers sent birthday wishes, whereas 9.3% of my friends on Facebook did. I guess the terms “follower” vs. “friend” are indeed quite accurate in describing the actual relationship on these two sites. Oh, and it does, of course, help that Facebook has this birthday reminder feature built-in…

While Twitter is getting a lot of buzz these days in the media, and while I really like it for news information, rapid dissemination of important links, and other trending topics, there is no doubt that the real winner in terms of where the actual social interactions are happening is Facebook.

In either case, if you are not yet on Twitter or Facebook, I highly recommend that you try and use both. And when you do, feel free to connect with me: afalk on Facebook / @afalk on Twitter.

New Microsoft 2D barcode released at CES

In a surprise move Microsoft released a new 2-dimensional barcode format today at CES. Yes, a barcode. The lines that are on the bottom of your milk carton, when you scan it at the supermarket checkout. And no, today is not April Fool's.

Two-dimensional barcodes are nothing new, and are most often seen on attendee badges at conferences or trade shows, but Microsoft's format is the first to use color and to be aimed at a specific reader device that most people already own: a cell phone with built-in camera.

The system is called Microsoft Tag and the idea is that you can encode URLs, vCards, phone numbers, or any arbitrary text in such a tag. The user then needs a reader application on their cell phone - and those are available already for all major cell phone platforms, including Symbian, iPhone, Windows Mobile, Android, and Blackberry - and once they scan the barcode, they get the encoded contact, are redirected to the website with the specified URL, or can call the encoded telephone number, without having to enter that number or URL or contact info into their cell phone manually.

MissionKitBarCodeFor a quick demonstration, download the beta version of the reader from and install it on your cell phone, then use it to snap a picture of this barcode on the left and it will take your mobile browser to retrieve product information about the Altova MissionKit for Software Architects from our website. Clearly, it doesn't make sense to use these in a blog, but imagine reading an article about the software in a developer publication and being able to go directly to the website without having to type in a URL...

Btw, if you are using an iPhone, you can get the reader application through the familiar AppStore on your iPhone by searching for "Microsoft".

Microsoft envisions that such tags could in the future be printed on business cards, shown in print ads,XMLAficionadoBarCode on billboards, or even shown on TV, and the system is supposedly so flexible that it can deal even with out-of-focus or tiny versions of these barcodes. Hmm, so I created a new tag already for the URL of this XML Aficionado blog, and now I need to think where I should affix this to - maybe I'll print a T-Shirt with this new design and will wear it at the next conference I go to...

Further information and other blog reactions can be found on TechMeme.

Inbox Zero

This is a bit off-topic and might even be old news for some, but I recently stumbled across this video of a great e-mail productivity enhancing talk titled "Inbox Zero" by Merlin Mann. For further information, see his series of blog postings on the same topic on

This very closely reflects my personal policy of dealing with e-mail, with the main difference being that once I'm done processing a message, I archive my e-mail into a variety of hierarchical folders instead of just one big archive folder - primarily for easier retrieval from a mobile device.

Another productivity tip for e-mail: keep your replies short and sweet. Maybe as short as I haven't managed to adopt that one yet...

Fifth undersea cable cut: Coincidence?

When I received an e-mail from my father a couple of weeks ago that a ship off the coast of Egypt had severed a fiber-optic undersea cable that carried Internet traffic between Europe, Africa, and Asia, I was, of course, curious to learn that it actually was the second cable being damaged in the area and that it already had a measurable effect on Internet traffic for some organizations: my father is editor-in-chief for Monatshefte Chemie (Chemical Monthly), and he told me that he had already noticed that Chemical Monthly was no longer receiving articles, submissions, or reviews from China, India, Iran, and Egypt.

Imagine my surprise, when I learned last week that a third cable was affected in the region. I was not the only one starting to think that a pattern might emerge here - especially after it became clear that no ships were in the area, which is clearly marked on charts as being a no-anchoring zone.

Even with three cables damaged there is still some value in applying reasonable doubt, and assuming that a natural phenomenon, increased dragging of anchors due to storms in the area, or other accidents might have been contributing factors.
Today, however, the count increased again, as we are learning that a fourth and fifth cable in the region have been damaged. The Khaleej Times has reported the following summary of all the cables involved in the outage:

"A total of five cables being operated by two submarine cable operators have been damaged with a fault in each.

These are SeaMeWe-4 (South East Asia-Middle East-Western Europe-4) near Penang, Malaysia, the FLAG Europe-Asia near Alexandria, FLAG near the Dubai coast, FALCON near Bandar Abbas in Iran and SeaMeWe-4, also near Alexandria."

For the locations of these undersea cables please see the map on the Engadget blog today, which also lists the date of the respective cuts that range from January 23 until today. FLAG also has an update on the status of their two cables on their website and a map showing the FALCON cable locations.

However, it appears that initial reports on Slashdot today that these outages have cut Iran entirely off the Internet are exaggerated and do not appear to be true.

So where does that leave us: the loss of five cables in just two weeks is an awful lot to be a coincidence. As a result, there is an explosion of conspiracy theories trying to explain this, and you can find some of them in the comments on Bruce Schneier's blog. However, as Robert Graham points out in the Errata Security blog today, there isn't necessarily a pattern here, because normally undersea cable outages are not reported widely, so what we are seeing might still be a normal statistical fluke.

So it remains to be seen over the next several days what is behind these cable failures, as we learn more about the repair of these cuts and get reports on what factors might have been contributed to the damage in the first place. Stay tuned to your favorite blog, news website, or check out TechMeme.

One thing is clear, however: the undersea cables are an important part of our global Internet infrastructure, as we are carrying about 90% of the international traffic over these fiber-optic submarine routes, whereas satellites account for just 10%. Nonetheless, traffic is presently being rerouted around those damaged areas and frequently has to take longer routes - sometimes via the US - resulting in lower connectivity ratings on the Internet Traffic Report.

Interesting, but of no commercial value

JP Rangaswami has written a really beautiful posting with the title “Interesting, but of no commercial value”: The problem with emerging social media tools on his confused of calcutta blog today.
The article is a well written tour through the history of computing and the resistance being put up against new and innovative technologies that have the potential to change the way we work, communicate, or do business.
I'll quote just the first few introductory paragraphs here:

I can remember a time when people thought e-mail was a complete waste of time. I can remember a time when spreadsheets and storyboarding software were similarly disdained. In fact, I can even remember a time when no senior executive would be seen dead near a computer. You know something? It wasn’t that long ago, maybe 20 years ago?

I can remember a time when people thought the internet was a complete waste of time. When browsers had no future, when search engines were nothing more than toys. It wasn’t that long ago that Google was something that a few people played with, and the rest thought…. that they were wasting time. I can remember a time when people thought eBay was a plaything, someplace
that people went….to waste time. I can even remember a time when packages marked
Amazon or Fedex were unheard-of in enterprise mail trolleys. You know something? It wasn’t that long ago, maybe 10 years ago.

I can remember a time when people thought social media, software
and networks were a complete waste of time.
Facebookers were fools, Twitterers were twits, when even blogs and wikis and IM were viewed with deep suspicion, when everyone thought that the people who were using them…..were wasting time. You know something? It wasn’t that long ago. Maybe it’s still happening now.

I've been in software since 1983 and always was an early adopter, using "stuff" at the bleeding edge of technology. JP is absolutely spot on: at first these new technologies are being ridiculed by "the establishment" - and then they take over the world.
Read the full article on JP's blog.