Defining Success as a CTO

Previous page
Table of content
Next page

Ultimately to be a success as a CTO, you have to make the company successful by aiming it in a direction that will be fruitful for the development of technologies that customers will want to pay for. At the end of the day, I work for a company, so I work for shareholders, and it's my job to help make the company successful. But that task is really one of choosing main directions and grand themes, to seek out the right path for a time two or three years down the road, rather than next quarter.

To do this successfully, CTOs of the major technology companies have a responsibility greater than to their own companies. That responsibility is to help the industry, the governments that regulate it, and all the other components that are associated with that enterprise aim in the right direction and think of things in the right way.

For instance, we're all now very interested in what we generically call "security issues" on the Internet. But I think that largely we worry about the wrong things. Encryption technology - the worry about whether your credit card number gets stolen - that's really not as big a problem as people generally think. The SSL link - you don't even need to know what that is, but it's basically secure server technology for transmitting your credit card number, for instance - is sufficient for most purposes. I'm not worried about handing my credit card to Amazon.com over an SSL link. I'd be a lot more worried about handing my actual credit card to the 18-year-old kid who just graduated from high school who's the waiter at the restaurant I went to last night. He can take my card to the back of the kitchen and make a rubbing of the number a lot more easily than anyone can pick it off from Internet traffic.

The real issue to consider in Internet security, for everything we do, in commerce and in the very important things that are emerging in health care and government use of records, is the privacy of those transactions and records once they are securely transmitted. Privacy is really about the management of a trade-off between the risk of giving others information about yourself so you can make things you want to do easier to do, and the risk that the information you supply in this way will be misused or abused in a way you don't want, by someone you don't intend to have it or isn't authorized to use it. This privacy issue is much more of a boogeyman than what we call the security issue.

A year-and-a-half or so ago, someone in the press found out and revealed that some Internet sites were parking special kinds of cookies on your disk. Cookies are small collections of information that are stored on your disk to remember certain things about you to make it easier to navigate and transact on the Net; they overcome the limitation of the fact that your transactions on the Net are stateless - every page, every hit is new news to the site you're on, unless there is a way to remember something about who you are, what you have done there in the past, and where you came from. Cookies are very intrusive in and of themselves, but the penalty for not permitting them is that you really can't use the Internet for most useful kinds of commerce, and even having your machine warn you when they are being parked on your disk is an unacceptable annoyance, especially when most people don't even know what cookies do or understand what accepting them means. Go look on your browser at the file that contains your cookies; you'll likely be stunned at how many are there and where they came from.

But some sites were doing worse than just putting cookies on your machine: They were also watching what you did while you were out at other sites on the Internet, collecting that information, and sending it back the next time you landed on the cookie's originating site. Horrible! They were spying on you, and they were using your own PC to do it to you, without your consent, without even your knowledge. And they were both using the knowledge about where you went for their own purposes and also selling that information to people and businesses whose sites you probably would never have visited. It was intrusion of the worst possible sort, invasion of privacy that is wholly and entirely unacceptable. Now, these companies, when caught, promised they wouldn't do that anymore, and I hope and expect that these particular sites do not. But others might, and do.

The real issue with this is that there are ways to intrude on your privacy that you would neither tolerate nor permit, if you knew about them, which can be hidden by the technology, and they are still being exploited on the Net. We have to be very vigilant about these kinds of intrusion and ensure that people are made fully aware of what is at stake.

And there are other kinds of intrusion that are, if not as explicitly unethical, at least as objectionable. There are sites that force what are called pop-ups, or, worse, pop-unders. These are windows that are spawned by an originating window you've opened, either on purpose or accidentally, and parked either on top of the original window or underneath the one you're looking at, and which may continue to generate a storm of other windows being opened, essentially taking over your machine by launching windows faster than you can close them. This technique is like nothing so much as a door-to-door salesman who not only knocks on your door to sell you something, but kicks in the door, forces his way in to your house, and trashes the furniture, even when you've told him no. The industry has to drive this kind of behavior out of existence. It's one of the few places where technology needs the government to protect users from the abuse by its misapplication.

Even the issue of "opt-in/opt-out" I find infuriating. These terms refer to the two ways that have been proposed to handle the most common of the intrusions computer technology enable, the creation of mailing lists that can be used to solicit us with e-mail. The worst offence is spamming, the widespread practice of sending out thousands, even millions, of e-mails to a long list of addresses, to solicit something, but even more targeted mailings can be objectionable. Opt-in means that you get such e-mails only if you explicitly request them; opt-out means you get them unless you explicitly tell them not to e-mail you. In my view, the opt-out approach is hideously burdensome. It's like saying anyone can force you to waste your time figuring out how to get off unwanted mailing lists. The advocates for the opt-out make the argument that opt-out is the better technology because it is better for business and is closer to the laws that permit junk mail. But, of course, consumers hate junk mail, and the analogy is flawed because there is at least a barrier to junk mail in that it is costly to produce and deliver, much costlier than the e-mail equivalent. Almost all consumers would prefer opt-in, getting advertising materials, e-mails, solicitations, information, only from sites and about subjects they are interested in and have requested. I don't mind having Mountain Tools or Black Diamond Equipment send me information on their products because I'm an avid mountain climber, and I like receiving information from them. I sign up for their catalogs; I shop at their sites; I give them certain information about myself because I want to. But I don't want to be inundated by information about insurance, how to make a million dollars at home stuffing envelopes, chain letters, and worse. That stuff is just infuriating. And it's hard, and time-consuming, to figure out how to get off their lists, and sometimes it's essentially impossible - just sending them an e-mail telling them to quit it is difficult to do and may even generate even more unwanted e-mail because sending a reply, even if it's to say Stop! has the unintended effect of confirming that the e-mail address is a legitimate one that can be sold to others. The only acceptable technology is to require opt-ins, rather than permitting opt-outs, but I predict it will be a long battle. These junk e-mails, and spamming in general, ought to be prohibited by law and excluded by technological means when possible.

Those are the kinds of issues we need to be worried about. CTOs in the industry need to make sure we're talking about them in ways that will help the government and members of society who are not technologically inclined understand what is at stake, so they can make the right choices and force the right legislation.



Previous page
Table of content
Next page
The CTO Handbook. The Indispensable Technology Leadership Resource for Chief Technology Officers
The CTO Handbook/Job Manual: A Wealth of Reference Material and Thought Leadership on What Every Manager Needs to Know to Lead Their Technology Team
ISBN: 1587623676
EAN: 2147483647
Year: 2003
Pages: 213
Authors: Mark D. Minevich
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
Visual C# 2005 How to Program (2nd Edition)
Junos Cookbook (Cookbooks (OReilly))
Cultural Imperative: Global Trends in the 21st Century
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy