Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Riddle me this...
Why would American Megatrends partner with Wave to enable secure boot reporting and attestation for Windows 8 if Windows 8 included those features? Answer-Windows 8 obviously does not perform those functions, therefore Wave is needed by Windows 8. Secure boot isn't worth much without the ability to report or attest as to the secure boot, whether to a server which will quarantine the infected machine, or to the cloud.
Prediction- we are going to see more announcements concerning Wave and Microsoft.
Building a "chain of trust" requires the collaboration of multiple partners. AMI provides the first step in the trust chain by assuring that the BIOS components are registered and signed prior to the delivery of the platform. As the computer boots, each component reports its status to the Trusted Platform Module (TPM), which securely records the status measurements. This provides a critical first step that sets the stage for a more trustworthy computing environment.
Wave constitutes the next link in the trust chain with solutions designed to assure that the integrity of the secure boot is reported and attested to the enterprise network or Cloud service. Wave Endpoint Monitor, currently deployed in beta testing, uses the TPM to report on the success of the secure boot and leverages the chip to prove that the process has executed correctly. Endpoint Monitor can then prove to a Cloud service or to an enterprise application that the PC has booted in a known, good state. If a platform is compromised, IT can determine which machine is infected, and take steps to prevent it from accessing sensitive systems to ensure that critical systems and data remain safe.
"Securing the computer from power on is critical to the defense of intellectual property and the corporate infrastructure," remarked S. Shankar, President and CEO of American Megatrends. "AMI is pleased to provide Microsoft with the foundation of security for Windows 8, and to work with Wave to extend security capabilities that wouldn't have been possible in a legacy environment."
Steven Sprague, Wave's CEO, commented, "AMI and PC manufacturers offer great assurance that the UEFI components are trusted when delivered to the customer. Wave provides IT with a greater level of knowledge and trust in the boot process and assurances that only known devices are on the network. Knowing the identity of the machine and assuring the health of its BIOS represent significant strides forward in combating advanced persistent threats."
If they can maintain that degree of pricing power, it will speak volumes as to their position as the only source to make the trust matrix work, and also confirm how necessary trusted computing is to the government. I hope that some of our better accounting minds on the board might be able to ferret out that bit of info. Do you know where I can find a person with that kind of expertise?
Hi Dig
I'm not sure that there will be a rumor run. If the SEDs along with Wave's software are purchased through, say, Dell or HP, then the size of the purchase may not raise too many eyebrows. Dell and HP's numbers are already so large that a 100,000 seat purchase of software and server architecture would not amount to a huge increase in business for them.
What we really need is for someone at Wave to stand up and shout to the world about the impending cash flow that is heading our way. Our relationship with the NSA and the Army should be strong enough for Wave to forecast that we will get their business when it comes to security.
Enough with the below the radar stuff. It's time for Wave to soar where everyone can see them.
Dig Space
The figure of 615k is from me. Tho I am not quite sure why, i typed 615k when I meant 650k, and I think all here realize that the 650k represents a maximum amount. I was simply trying to make a larger point that this contract signals much more substantial purchases are impending, but that unless one reads this board, they think only that Wave has added a maximum of 650K to their coffers-which is not likely to generate any meaningful reaction.
Sorry, Awk
Poorly written on my part. When I referred to the average investor, I meant a non-Wavoid. Someone who has not read this board and has very little knowledge of the workings of Trusted Computing. In fact, unless you either were monitoring this board, or reading the federal database listings every day, you wouldn't even be aware of the Army contract. That's why the price hasn't moved on the good news.
That's why I commented on how much of the price surges in the past must have been wavoid fueled, because if the "market" doesn't get the significance of the Army contract, how much more miniscule was their understanding of the opportunities Wave faced five years ago? Or, ten years ago?
But the change in the market's awareness of Wave is coming-once Wave posts the financials associated with these first big federal deals.
And, FWIW, I expect Wave will net at least $80 per seat for over 100,000 seats in this Army system alone after you add up the ERAS, WEM, and TDM software. The biggest thing that I am interested in at this point is how well will Wave's pricing power hold up in this scenario. If they can get north of $80 per seat, it will signal a gold rush for Wave the equal of the wildest dreams of our long time posters.
Hi Weby
It is both a great benefit and a great curse of this board that we are way ahead of the curve in this new TRusted Computing field when it comes to investing. Why isn't the shareprice responding? Because the average investor has no inkling of what Wave has accomplished with this contract. They won't understand till they see a huge jump in income on a quarterly report. The price will move then-or if a PR comes out with definite revenue numbers attached to it.
The wavoids here are left twisting in anticipation of a shareprice jump on the news of a 615K contract. Won't happen, IMO. I think this shows us just how much of the previous increases in shareprice were jump started by wavoid buying pressure. If I am reading the situation correctly now, many wavoids are just about all in, or have resigned themselves to waiting for real, substantial revenue news. Thus, no buying pressure on this news.
Titlewave
the contract was for engineering services that only Wave could provide-thus, the sole source label. It is possible that the engineering contract would not rise to the level of a PR. The hope is that the Army is using TPMs and the rest of Wave's products and that will make a substantial addition to the bottom line. We may not see the monetary efefcts of this till we see a big uptick in a quarterly report since the Army may be buying the products through a sales channel partner like Dell or HP. Also, don't know that the Army will want to publicly proclaim the architecture of their system security.
OK Mundo and Wavedreamer
I am now just about convinced that Wave will have to be involved in Windows 8 in some way. If they are going to migrate encryption keys, which is suggested by the information posted by WAVE VEGAS, then they will have to use Wave.
We need a wavoid to get their hands on the betas for Windows 8 and give us a report.
Easy Dig
Lets not get crazy now...
Donald Duck, Dig Space, Alea, et. al
This has been a most valuable discussion today. thank you to all for your willingness to share. It is appreciated.
Seems the shorts are in a bit of a trap. Wouldn't it be nice to have a big announcement tomorrow?
Good News/Bad News
Bad news first-we didn't get the bump we hoped for today, but it looks like that is because most are not aware of the contract yet. In fact, it has not yet been awarded, and the announcement is because of the designation of Wave as the sole source of the software needed. So we know two weeks early that Wave has scored a major contract from the Army.
The good news? If Wave gets the sole source designation in all of these upcoming contracts, then we will know two weeks in advance on all of them, which could produce a happy opportunity for us to add shares in advance of the actual awards of the contracts.
Unfortunately, the shorts will get some warning also.
Hi Alea
The non TPM option is necessary because not all of the governments computers have TPMs yet. If you issued a mandate that all BIOS integrity checks were required to use a TPM to safeguard the hash then you would in effect kick a large number of machines off your networks. Wouldn't be too smart to do that, so no absolute TPM requirement yet. But it is coming.
If I remember correctly, all new DoD computers are required to have TPMs in them. IMO, there is very little wiggle room in this new BIOS requirement.
As near as I can see, all signs are pointing to some very good progress this spring-including large government orders of Wave products.
As far as a similar timepine in the U.K. and Israel, I would agree, but don't see the delays that you apparently do. Don't forget to add in the NATO countries among thos who will order at the same time as the U.S./U.K./Israel. We aren't going to secure our secrets, then share them with countries who don't have the same level of security.
What will Google do with NFC?
http://www.theregister.co.uk/2010/11/17/google_nfc/
The Trusted Service Manager (TSM) market:
http://www.tmcnet.com/usubmit/2011/06/14/5571558.htm
This is where Wave appears to be aiming
NEW YORK, June 14, 2011 /PRNewswire via COMTEX/ -- Reportlinker.com announces that a new market research report is available in its catalogue: Trusted Service Manager (TSM) for NFC Market 201 http://www.reportlinker.com/p0553789/Trusted-Service-Manager-TSM-for-NFC-Market-201.html?utm_source=prnewswire&utm_medium=pr&utm_campaign=Phones_and_PDA Executive Summary NFC (Near Field Communication) technology allows to perform secure transactions (typically payments) on a mobile phone benefitting from its user interface (keyboard and display) as well as from its communication capabilities. The industry has been developing NFC technologies for years, and has set up multiple pilot projects around the world.
NFC allows to bring together customer needs in their relation with from Mobile Network Operators (MNO), financial institutions, transport operators, and other Service Providers (SP).
Now, early 2011, all the NFC stakeholders are coming together, evolving from a multiplicity of pilots to the roll out of large-scale multiple-partner nationwide projects. These projects involve many separate entities, thus need a separate entity to manage the user services and rights. This is the role of the Trusted Service Manager (TSM).
Transport is to play a leading role in the adoption of NFC services as transport payments bring frequency of use, along with an infrastructure that generally already accepts contactless transactions. At the same time, banks will develop huge efforts in pushing for the adoption of NFC as it brings a natural extension to their contactless infrastructure development along with the opportunity to propose additional payment-related services.
Trusted Service Managers operate the interface between all stakeholders in a NFC project: they run the technical and commercial relation between Mobile Network Operators, financial institutions, and other Service Providers to download, provision, and maintain applications in the end-user handset.
The secrets (keys, codes, user-related data, ...) necessary to perform secure transactions are kept in a Secure Element in the customer handset. This Secure Element may have different form factors: it may be included in the SIM card, be removable (microSD card), or be embedded in the handset. The Secure Element form factor has important implications in terms of business. The entity controlling the Secure Element is in a prominent position to actually control the customer relation. Secure Elements in the form of SIM cards give Mobile Network Operators a better control on the NFC application, whereas Secure Element in the form of microSD cards give control to their issuer, generally a bank. Also, embedded Secure Elements bring power to the handset manufacturers.
The TSM operator is in charge of downloading application, and all security related data into the Secure Element. For this reason Trusted Service Managers are at the center of the NFC ecosystem. Several entities are vying to become the preferred option for a Trusted Service Manager. In NFC applications, Mobile Network Operators, or MNO groups, often run TSMs, as they are in control of SIM-card based Secure Elements. In some other applications, banks, or bank consortia, run Trusted Service Management operators as they are the major stakeholder in the project,
and control the Secure Element. Trusted Service Managers are also often run by Trusted Third Parties providing technical operation to manage the applications and their security in the Secure Element for each customer as well as ensuring a clear role separation between all stakeholders. In all cases, Trusted Service Management Operators operate platforms delivered by Trusted Service manager platform vendors.
Major TSM players come from a variety of backgrounds: major smart card vendors have developed a TSM offer, as their natural set of customers is composed of MNOs and banks. Mobile network operators, as they manage the customer relationship with their subscribers, are developing a TSM offer. Also payment processors see in the TSM business an opportunity to develop their services. Having developed the right skill combination to serve all stakeholders in the NFC ecosystem, several companies are positioning themselves as TSM specialists.
Smart Insights anticipates a breathtaking development of NFC markets with close to 800 million NFC devices sold in 2015, and about 450 mobile network operators worldwide proposing NFC services. At the same time, more than 4000 Service Providers will be involved in NFC projects.
This fast NFC adoption rate will trigger a EUR 1.83 billion business for TSM platform operators, as most of their revenue will come from per-user fees, which will grow with the general public adoption of the technology. TSM operators will also benefit from fees linked with the number of Service Providers. On the other hand, TSM platform vendors will benefit less from the wide adoption of the technology. Globally, Smart Insights anticipates combined revenue of TSM platform vendors and TSM operators will reach EUR 2 billion by 2015.
No Passwords in the Cloud
http://www.readwriteweb.com/cloud/2010/03/rsa-identity-cloud-kantara.php
Patrick Harding of Ping Identity spoke about his company has learn about cloud computing in this session, "How the Cloud is Changing Federated Identity Requirements". A few of his observations:
•Software is no longer build vs. buy. It now includes subscribe, which by definition is a shorter term relationship.
•Cloud computing is an evolution of architecture. It arrives after Web services, which evolved from Web, client server, and mainframe.
•Complexity of the identity layer is harder than ever for the simple reason that there are more apps per user than ever before.
•Services are becoming any-to-any, where internal (employee) and external (customer) classifications don't matter nearly as much as before. Because of this firewalls are losing their usefulness.•Audit is no longer an afterthought. Auditors don't care how or where applications hosted, but hey do need their reports! This includes Sarbanes-Oxley, HIPAA, Gramm-Leach, Bliley, and more.
A core theme of this session was how the consumer mindset is driving requirements for application experience. Consumers expect it to work on any device, be secure, and be portable. To deliver on this, it must be easy to use. At the same time, password risk must be reduced.
A key trend that Harding pointed out is moving identity systems from "push" models into "pull" models. Instead of updating partners and directories by batch services, companies need to be building real-time identity resolution in applications.
We asked Harding if he had any predictions for where that type of service will come from. His response led us to the conclusion that the leader will be a brand and service that people trust and understand the motivations of. It will likely enter the market from a higher realm of credentials than Twitter or Facebook - perhaps from financial services.
Hi Alea
I am of the opinion that all of the companies in the Defense Industrial Base are strong candidates for near term adoption of Wave's technology. The DoD has telegraphed their intentions regarding trusted computing pretty clearly. I would expect that those companies will begin to place some orders fairly quickly-in fact, I would expect that those companies are the ones running pilots that SKS mentioned on the call.
Hi Mjan and Alea
45 to 50 million would be puzzling at this point. SKS has been hiring new people at a fast pace. This suggests that he knows something more is coming. Dig accurately pointed out that the so called "guidance" of 45 to 50 million for next year was actually not an idea advanced by SKS, and instead just his confirmation that we should be able to cover our current burn rate in the next year.
The large, quick increase in employees and the reports from New Wave from the NSA convention leave me fairly convinced that a large domino is teetering and about to crash down in our favor.
SKS words are one thing, but this time he is spending money as if he believes we are ready to fly.
CC Transcript, part 2
Operator: Our next question comes from the line of Ronald Meier with R.E.M. Financial. Please go ahead Mr. Meier.
<Q – Ronald Meier>: Hi, Stephen, I have a few questions for you. Guess somewhat on the line of your last question. I hope to get a little more guidance regarding potential revenues for 2012 and just based on third-quarter revenues at 9.5 million, which is a nice increase by the way, and extrapolating those in the quarter for and just for purposes of discussion, I’m just going to be guessing it’s from a revenues to be around probably 37 billion for 2000 level unless we get a couple of big deals in the fourth quarter that even though the buyer at Safend in my opinion which was a prudent acquisition as you outlined earlier it still not immediately increased to the bottom line of that is probably going to happen in the near future, with the cross-selling opportunity that my concern is having gone from 130 to 250 and a little over the year, I don’t see us corresponding sales growth necessarily to keep that pace with the increase in personnel and that leads me to believe you really must be expecting some significant revenue growth in 2012 as it looks like the expenses based on today’s numbers are going to be somewhere around 45 million or more in 2012 and then in the first and second quarters of 2012 we’re facing roughly a $10 million hold from the winding down of revenues from our last two large deals, so we have to replace that revenue as well. I know we got 7 million in cash but it still looks tight to me. Is it reasonable to expect Wave’s increase in 2012 revenue from roughly my I guess of 37 in 2011 to probably down here 45 to 50 million range to cover our costs. And if so, what parts of your business lines do you see expanding that quickly to meet that kind of revenue target?
<A>: So I think there are two things that drive the revenue growth solidly over the course of the next 12 months. And they are the enterprise sales around self encrypting drives and the engagement of the enterprise sales around turning TPM on for known devices. And so one is the growth that we’ve been on the drive business and I think the – every time we do another transaction it makes the next transaction easier and the result of the last couple of large transactions has really put much more pipeline on the table for us. As potential deals that are named accounts, we know how many seat, we know that when they are buying PCs, we are working with our channel partners in both Dell’s and HP to go after those accounts and so I would say we’re very bullish on 2012 in the adoption of these technologies.
And I think that over the course of the last couple of years, we’ve gotten better at having better predictability in our forecasting, its never an exact science, but I think we are set up to have a sales year in 2012 within 45 to $50 million range if not north of that. I think its hard for us to judge where the adoption rate of our Wave’s encryption management products is, its very early on, but there is very strong demand in that space and it represents a different play than the drive business because its turning on TPM’s which everybody owns. So I have to wait for a hardware refresh cycle, its something that an organization can go deploy in scale today.
We have a couple of really good accounts, one we’ve closed already, one we’re hoping to close before the end of Q4 and there is a pretty good list of them after that. So I need to show some experience in that products, so that we can demonstrate to the customers that drove value on the ground as opposed to just in PowerPoint and demonstrations and I think that we’ll see good growth in that as well. So those two lines of business really drive the growth of business.
I think on the other side the potential that’s represented in the growth of trusted computing and mobile probably is not a huge revenue generator in the course of 2012 but lays a very solid foundation for growth in 2013. So again, it’s early on in that process. But I think those are the things that continue to propel and accelerate the growth for the company over the course of the next couple of years. So we’re at the beginning of really engagement of the trusted computing market. It’s very clear from the market momentum today that the conversation has changed over the last six months. And that helps the process. It’s a little less scary for people to jump into it.
And they are having today real challenge in the cyber security space, the things that we’ve been investing in have not been working and that’s creating this market opportunity that has tremendous scale to it. I think the other piece that that will enter into the fray, that is not to be underestimated is Microsoft’s entrance with Windows 8, hinted around the edges of what they are doing with trusted computing in it, it will be a broad story, it doesn’t flow backwards into Windows 7 or Windows Vista or Windows XP. We provide that infrastructure and so in a mixed environment infrastructure we really have a tremendous foundation to address some of the capabilities that Microsoft is already beginning to talk about and we play a very important role in partnership with the Windows 8 play as well.
So overall I think we see good momentum building in 2012. We see a very strong pipeline and I think these are the things that make us feel comfortable that we will continue to see a growing market in 2012.
<Q – Ronald Meier>: Okay. Regarding LCDs as you mentioned, did you see any OEM adopting LCDs or are they standard on laptops and making an announcement say by the end of 2012?
<A>: Hard to tell. I see a couple of very influencing customers that are standardizing now and I think those are the trends that move in that direction. We know that Microsoft has shown support for LCDs and Windows 8 and so that will make it easier for the OEMs to go down that path.
I think if you listen to where we are for example our Financial Conference last week and Micron presented their support for the Opel drives and it’s very clear that every solid-state drive should have encryption built into it and I think they’re clearly signaling those kinds of directions but it’s not – it’s on the roadmap today are still both encrypting and non-encrypting drives from all the drive manufacturer. So we are probably still yet another year away before the non-encrypting version start to fall off the roadmap.
<Q – Ronald Meier>: Okay.
<A>: Having said that, the challenge of course in this space is we are still only at a couple percent adoption of Opel drives. So the hockey stick curve of adoption of this technology by the OEM industry is still to happen. And it has not happened yet. We’ve been waiting for it. It’s been slower than what we would expect in a world where it’s clearly a better technology, it’s cheaper to operate, it’s cheaper to acquire, it’s cheaper to deploy and yet the enterprises seem to have lots of extra cash to spend on buying slower more complicated software encryption solutions.
<Q – Ronald Meier>: I understand that Wave’s end point monitor is not commercially available until some time towards the end of the year, but could you give us an early indication of how Wave’s launch it’s end point monitor is being accepted by the industry and do you see this product really making a significant contribution to Wave’s revenue in 2012?
<A>: So unfortunately, I would say I’m a little bit too close to it to be as objective as perhaps you would like. We have been very influential in driving support for Bio’s integrity management and booting the computer safely before you hand control over to Windows. And so we are a significant part of the market generation side as well as the fulfillment side of it and for some time I think you have to be a little bit cautious on believing what we say.
This is where I think the key point is, let’s go ship a few customers, let’s clearly demonstrate the value on the ground that this provides. The numbers are very compelling and the protection that it provides is very compelling.
Premises about how do I assume that I’m going to have machines that get hacked et cetera. How do I at least start by getting to a point where I have only my devices on a network and not everybody else’s devices on the planet. And so it gives me the beginning of a completely different array of control over how you construct an enterprise. And I think they play an incredibly important role in the cloud computing model going forward, in assuring that virtualization is running on the machines, in assuring that the BIOS hasn’t been tampered with. We are moving to a much more flexible BIOS with something call UEFI in the future. And so are going to be more susceptible to attack, because we’ve introduced more flexibility into BIOS, and so it makes us even more important to have management of my BIOS correctly in my PC.
And by the way this is critical whether if BIOS in the PC or BIOS in the boot process in a mobile phone or a tablet. It’s very important that we know that the right baseline software is running on the machine. And so I would say we’re pleased to see the enthusiasm that’s been generated so far, people are talking about them in the right way, everyone seems to believe it’s a very strong and good idea. Not a lot of people have any experience with what it means to actually have it deployed. So we get some deployment experience under our belt and I think that will be much easier for me to answer that question in six months time.
It is nice to see that we can take a brand new product and we’ll be looking at, if we close our second transaction, we’ll be looking almost a $1 million with the business in the first quarter of availability of the product. And that’s a huge step from where we have in the past with just computing.
<Q – Ronald Meier>: That’s sounds encouraging. You mentioned -- last question, you mentioned Micron and regarding the recent PR with micron that stated Micron C400 SED solution, are you still in partnership with Wave? Does Wave benefit by getting a piece of each dry cell or did Wave just do it in exchange for Micron promoting Wave’s management product?
<A – Steven Sprague>: We did a non-recurring engineering project with them. We got paid for some of the testing and development that we did. But fundamentally we make our money by selling the management software, they make their money by selling drives. So, we are doing some joint offers together to customers, we’re doing some joint marketing efforts and demonstrations, and I think we’re very pleased with that. It’s been a great partnership so far, so we’re very pleased with that.
<Q – Ronald Meier>: To scratch your back those kind of things.
<A – Steven Sprague>: Absolutely
<Q – Ronald Meier>: Yeah. Okay. Thanks very much, Steven.
<A – Steven Sprague>: Thank you.
Operator: [Operator Instructions] Our next question from the line Robert McNamara [ph], who is a Private Investor. Please go ahead.
<Q>: Hey, Steven, thanks for taking my call. A question about the government. I know of course they move so slow, but it seems like we’ve got lot of traction last year, the NSA conferences and whatnot but. I mean where do you really see the government in the first quarter and second quarter as opposed to where we are right now?
<A – Steven Sprague>: I would say the major events we are looking for, there are a variety of ones that are working through the system. But the standardization of trusted computing is part of the acquisition plans. We see in the first half of next yea. We won’t really know until the paperwork comes out. But we would certainly like to see BIOS integrity as a requirement in the marketplace for DoD and for the broader federal government, as opposed to just as a piece of advise maybe you can go turn it on and see how it works. And I think the jury is still out and that we’ll see how that ultimately comes out but that should be in the first half of next year and I think we are seeing a lot of interest in standardizing stop encrypting drives and all of their laptops they recognize it as a preferred solution for data encryption that you have to buy the laptop with the drive built-in and think we have seen very strong progress within the procurement side of government to require drive, secure drives as part of the minimum configuration of their machines.
And then ultimately, certainly there is a whole legislative process around cyber security that we continue to watch. We would strongly support the concept of in any of the regulatory space and the concept that only known devices are connected to sensitive networks and data you should not be allowed to hug your kids laptop to the nuclear power plant.
<Q>: Exactly. And a follow-up question there, are you pleased with the progress in Europe and would you say the Europeans now that they get it more than the U.S. government but would you say that it might be a little bit quicker? At the end of the day just because of the size and maybe their understanding of it?
<A>: So I would say we have extremely good progress within the U.K. government. I think the U.K. government gets it pretty strongly at this point and have been abdicating and talking about trusted computing, some more work still to be done in the broader EU. Having said that, we’ve invested a lot over the course of the last really two quarters and building out our European team we have moved from a few guys doing business development in the marketplace to a proper full of sale marketing team and we’ve had some really great hires and some really strong people who have joined the organization and they’re just getting their feet wet and I think we will see good results out of that.
So we’re pleased with how the European market is moving at this point in time and do they get it more or less than the U.S. market? I think that is hard to say. Sometimes it is a mixture of what they are willing to say versus what they’re actually doing on the ground but there is strong support in this. We have been apart of a bunch of folks within the aerospace industry for the last couple of years and I would say aerospace worldwide has latched onto the concepts of trusted computing is part of their standards and plans to think it is about driving these investor groups forward from a standards perspective so everyone is doing it. We have had early outreach in oil and gas industry for standardization, everybody is – functioning with the same problem which is we don’t know how to combat these advanced persistent threats within machine in a manner that gives us the tools to really defend the network and trusted computing plays an enormous role in helping this problem.
But it is a big change for how people have been thinking. Most organizations don’t believe their device is important. And I think one of the things that we are seeing is that the conversation around everybody bringing every miscellaneous mobile device to work is starting to educate people and the fact that it does make a difference what device you bring. Your Blackberry is much more secure than her Android or iPhone because it has an embedded hardware security chip in it and that is not lost on the broader enterprise. So when you walk in and prove to them that they already have a 100% saturation enterprise with a hardware security element on the PC, if we could show interoperability to that to the rest of the mobile space you are really beginning to wake them up on to a common strategy they can latch a hold, invest and defend and deploy. And I think that is really driving the marketplace. There was a lot of plumbing to still be done.
<Q>: Okay. Great. Thanks so much.
<A>: Thank you.
Operator: Our next question is from the line of [indiscernible] Singh who is a private investor. Please go ahead Mr. Singh.
<Q>: Hey, Steven. This is [indiscernible]. Nice quarter. I’ve got two quick questions. One revolves around a government sector and the other one is the enterprise arena. On the government side, are we at this stage in Q1 and Q2 -- and this similar to what the last questioner asked, are we at this stage right now that we are going to see initial deployment rather than simply pilots?
<A>: Yes, what we are deploying are not 50 seats, these are thousand seats or more. The question is, is it 1,000 seats and a 7 million enterprise pilot? Whom I would argue, yes, still to a certain extent, but they are not research projects. They are deployment for the sake of understanding scale deployment. I mean, in some cases they’re more like 25, 30,000 seats. So its not, let’s go buy 1 million seats and deploy it across the network, that is still to come, but getting some scale experience is really the next step.
<Q>: So are these agreements being done on independent departments independently or is there a central command that is actually giving you these purchase orders on a variety of different departments, but is being controlled by a central location?
<A>: So it’s a mixture of both, depends on the different groups. We have a number of department groups that are -- that manage and deploy their own infrastructure and you get into places like U.S. Army its part of the consolidated hardware programmer they would have to standardize pieces. Eventually, at the scale that this is being looked at, you probably do end up with some form of enterprise type agreement. I would say we are not there yet.
We had discussions around it, but I am not sitting here hoping it to arrive next month. It is still a ways away and a ways away means I can’t tell you whether its six months away or two years away. We will see department level deployments first before it drives the demand for a government either DOD or federal wide procurement vehicle, which is typical for what they do. They don’t do a ton of them, but this is technology that lends itself to that direction.
<Q>: So when you are were talking about 20,000 and 25,000 volumes is that significant releasing 8-K, does that effect at the time that happens or is this going to be something under the...
<A>: It depends on how the order is structured. We certainly have large organizations today that we have not 8-Ked, because they’ve just continued to buy units on a few hundred units here, a few hundred units there basis. Even though they might be 150,000 seat enterprise. Were we have announced the transactions is when somebody has placed an order for a bulk of seats across their enterprise. So I don’t know if we have a specific threshold today, but north of the $1 million transaction is a transaction that should have been 8-K.
<Q>: Okay. The other question that I had relates to comments that you’ve made in the past starting last, I think last Q4 you had said something -- I think last Q3 conference call -- fourth quarter last year. you had said something like five to 10 deals in the pipeline, significant deals that could close within the short period of time. And then later on earlier this year you had made mention of 10 of 15 or 10 to 20 deals in the pipelines. So far we have a doubling of the GM deal we have the BASF coming online, we have Price Waterhouse, the TPMs and we have this potential European deal. What’s taking that...?
<A – Steven Sprague>: Yeah. And there are a couple of other, what I would consider, high brand value transactions that are in the market. They have chosen not to give us orders that are – let me buy my 100,000 seats upfront. And so I’m not allowed to use their names, because they haven’t given me permission to do that, and I have no assurance that next quarter they’ll continue to buy seats.
But we have had a significant execution of nice brand accounts in the marketplace, that are substantial skill corporations, where they are buying technology standardized for the organization. But does it rise to the material event? The answer really is no.
So, it just puts us in an interesting position where these are significant brands. They are household names. You’d know who they are. But I can’t articulate to what you – what their security strategies are they’re not placing a transaction with me in a manner that enables me to put out a disclosure statement because there’s no assurance.
All I can say is XYZ Corp. has bought $50,000 worth of software and might buy some more in the future. And the probability that they might more in the future, very high because they’ve told us they’re standardizing their product. I just don’t have an agreement that says that. They can change their mind at will whenever they feel like it, right?
<Q>: Yeah. Are these SEDs or are these TPM’s that were...?
<A – Steven Sprague>: These are all primarily SEDs.
<Q>: Okay. At what point...?
<A – Steven Sprague>: I think what we’ve seen in the TPM market is that we needed a new catalyst to drive the adoption of TPM and we’re seeing the BIOS integrity work as that catalyst today. The fact that Microsoft has made that part of Windows 8 software boot, the fact that the U.S. government has mandated a NIST 800-147, the requirements for bio security on these are all really healthy things to drive the world’s attention to the fact that we have absolutely no idea what’s running underneath our PCs and this is where Stuxnet can get you and turn off your water supply, your electrical supply, affect your aviation industry, etcetera. And maybe we should get that under control.
On the other hand, anybody who has listened to me talk, says, yep, there is a sure possibility that this thing may not really take off until we have a “major event” and frankly we’d all prefer not to do that.
<Q>: One more thing, Steven, can you give us an update regarding Price Waterhouse? As far as I know that they have been buying our software for the TPM. Have they gotten to the next phase of their deployments that they were thinking about? And normally that was put out my Price Waterhouse a number of months ago. They talked about the possibility of upgrading into an SED format, and have they made any progress on that front?
<A – Steven Sprague>: They made progress. They’ve not placed an order yet. So, they’re engaged there, very pleased with what we’ve provided. They gave a fantastic presentation at both NSA and in our London conference. They’re very actively involved in a variety of other projects not directly involved with Wave around the Trusted Computing space. So we see a I think a very healthy level of involvement Pricewaterhouse has security adviser and to a certain extent systems integrator in the front or systems designer and so they have become a very strong component of Trusted Computing in the marketplace and they have been very helpful to us.
<Q>: Okay. I appreciate that. Thank you.
<A>: Thank you.
Operator: Our next question is from the line of Jason Miller [ph] who is private investor. Please go ahead Mr. Miller.
<Q>: Hi, Steve, and I have one question for you. The June conference in New York you had talked about a European company having an order done by the end of Q3 beginning Q4, is that the same company you are talking about in regards to north of $1 million on this call?
<A>: Yes.
<Q>: Okay. That is my question.
<A>: So it has been an interesting process. Its been on track and I would say they are pretty comfortable with what we are doing. We are actively working on stuff on a daily basis and we’re enthusiastic about both of them as a customer and what we can do together in the future as well.
<Q>: Thank you.
Operator: And our last question is from the line of Donald Lee [ph] who is private investor. Please go ahead Mr. Lee.
<Q>: Yes. My question has been answered. So thanks.
Gerard T. Feeney, Chief Financial Officer and Senior Vice President, Finance and Administration
Well, thank you very much. And thank you everybody for your attention today and your interest and I think in the course of the next couple of quarters will be interesting for folks. We really – we are excited about the progress we are making and the things that we are doing today and we look forward to it. And so I look forward to talking to you in the spring. Thanks. Bye, bye.
Guys, the Air Force
Is a part of the DoD. Wave is about to sign the entire DoD to a contract this spring- therefore, Wave is about to sign the Air Force. I'm mildly curious as to what you think the DoD is. It is the Army, Airforce, Navy, Marines, Coast Guard, and a few smaller specialty services like cyber command, etc.
Can anyone explain what Wave might gain by pursuing the RFI under debate here- in addition to that which Wave has already attained in their impending signing of the entire DoD?
Hi Taxi Vader
It didn't look as if we are taking much of a hit regarding volume discounting. What do you see regarding discounting as volumes go up?
Have some Pepto,
You'll feel much better. Meanwhile, unless you are willing to show me your badge as the Chief of the Thought Police, I will conceive of the opportunities that lie in front of Wave in my own way. You'll just have to swallow hard and look past it.
Until we have a historical baseline for penetration rates and price per seat to Wave, any estimate is just a guess, including using a percentage of the total outlay. If you want my WAG on that it is 75%. BTW, the total outlay is 3.2 bln, but my WAG is focused on the 2bln PKI part of that- so maybe 1.5bln to Wave when all is said and done.
Hi Alea
Our messages crossed in the ether, as it were, or I would have explained myself after seeing your list of DOD personnel. There are many more nodes on the DOD network than just people in the Armed Services. For example, each weapons system that is computer controlled will need to be locked down. Thus, each tank, airplane, helicopter, artillery system, air defense system, ship, drone etc. will be a "seat" of ERAS. They may also choose to lock down any computer controlled base infrastructure such as power supply, water supply, etc. Basically, any point of entry for a hacker will be walled off- and we know that things like printers have been used as points from which to spoof defenses to gain entry to networks.
Additionally, your DOD list leaves off the ranks of the reserves, who will have to be equipped with the same systems as the current active duty troops (and their systems also). Finally, the DOD has many individual civilian contractors working for it at the Pentagon and in many other locations.
Hi Alea
I think Dig's post was experimentally provocative.
Lets limit ourselves to just the Defense Industrial Base as we play with these numbers. The DOD will be on the order of 4-7 million seats. The 100,000 contractors will be required to lock down their systems every bit as much as the DOD. Lets say they average 150 seats. That's 15 million seats. So, conservatively estimate 20 million seats of ERAS, TDM, and WEM. You can do the math. Even if Wave only averages $50 a seat it will result in a billion dollars of revenue with a recurring maintenance stream of at least 10%, as well.
This might be spread over 3-5 years.
These numbers are without phones, NATO, state level govts., other car/petroleum companies, other pizza companies, XBOX ,the Bluefang regret elimination system (BRES- pronounced breeze), etc, etc..
2-3 orders of magnitude sounds right for now. The addition of phones to the mix will send it to 4 orders of magnitude. If Wave manages to get in at the transactional layer providing applets then we will be a new tech giant. I personally won't sell till I know how that shakes out. (I know where you stand)
Ball Bearings? What Wave will provide in the Govt. PKI deal is equivalent to the engine, control and weapons systems of the ship. Yes, one-half is appropriate for those components. Might there be a discount given to the Government? Sure. But, once the system is in place, the real opportunity will be in front of us, as 100,000 Defense contractors will be required to adopt the same system. 20 million? You've lost a "B." Follow some of the links in the article from Fierce Government IT that Alea posted. The money that is about to be thrown at this problem is astounding, and Wave is poised as the key technological component to enable most of the effort to safeguard our data.
Remember, once the Government and the Department of Defense adopt this system whole-heartedly, it will lead to many other companies adopting it, as well. While we're at it, don't forget NATO, and the other 27 associated Departments of Defense from member countries-and the same rolling adoption effects from their defense industrial bases.
Cybersecurity runs deep in fiscal 2012 budget request
Read more: Cybersecurity runs deep in fiscal 2012 budget request - FierceGovernmentIT http://www.fiercegovernmentit.com/story/cybersecurity-runs-deep-fiscal-2012-budget-request/2011-02-16#ixzz1aVUxrm55
Hi Alea
You point to the complexity of the landscape as a reason for Wave having an exceedingly difficult time becoming established as the defacto solution for the NFC payment/service model. Yet, I would argue that the landscape is not so complex. All of the solutions are based upon encryption, right? What does Wave really do? It has the only method for differing encrypted outputs to be used interoperably.
That is the "key" to understanding this particular situation. In that way, the landscape isnt complex at all, is it? The complexity comes from several providers who want to use encryption to offer services to their customers. This makes Wave more useful, not less. Wave will be needed because those very providers demand their own chips and outputs, while consumers will need interoperability to operate within several different systems. This is why ARM included Wave in their design of Trustzone.
I think sometimes folks here forget that what lies at the foundation of every Wave product is the "smoothing" algorythmn that makes encrypted outputs readable by other encryption devices.
Source for electronic payment numbers
http://www.frbservices.org/files/communications/pdf/press/040111_2010_payments_study_press_release.pdf
Hi Dig
I suppose there is interoperability of managing individual machines, and there is interoperability of managing networks of TPMed machines. If Microsoft can interact with any TPM thru the TSS stack, then interoperability of managing individual machines never was much of an advantage for Wave. They have lost little of value, which is why Wave has gotten only small royalties for this type of software.
Wave is shooting for managing networks of encryption devices, and for getting micro payments for each transaction on those networks. There were 89 billion electronic payments made in 2009. Estimate another 50 billion interactions in which consumers check account balances, or healthcare records, or any other type of transaction which needs security, and you get 140 billion electronic interactions which need to be secured in 2009. If Wave got half a cent for each, we will be a company with a multi-billion dollar cap in the next ten years.
What Microsoft is doing with Windows 8 is helping Wave get closer to that goal.
This slide confirms no interoperability
From Awk's post
http://investorshub.advfn.com/boards/read_msg.aspx?message_id=67183439
The slide shows that Microsoft will need a key management provider. (Wave)
Hi Alea
I get a bit lost in all of the acronyms and layers of software myself.
Hi Dig
It seems to me that all Microsoft has done is create a way in which Windows 8 can leverage the existing TPM management software for use on that discrete machine with that same TPM. Thus, Windows 8 on a machine with an Infineon TPM will use the included Infineon software to produce the keys and hashes needed to perform operations like a secure boot,.. but only on that machine. The keys are backed up on a USB drive that is used for that machine only. Likewise for an Broadcom TPM which uses the Wave management software.
Unless I have missed something, (and that is entirely possible)Windows 8 cannot enable secure communications such as reading encryption keys between the Broadcom TPM machines and Infineon machines without Wave's software. This is the valuable part of "interoperability." It is this capability, enabled by Wave's encryption "smoothing" algorithm that will make key migration possible with all of the benefits that accompany, like a bank being able to read encryption keys from both Infineon and Broadcom machines-as well as keys from all other types of trusted modules, like from "Trustzone."
Awk, please correct me if I am wrong.
Dig Space/Awk
Could you kindly point me to the statements or features that exist regarding Windows 8 that leads you to conclude that Wave has lost the interoperability "shim?"
Microsoft could very well be just using each individual TPM manufacturer's management software to manage the TPM on that individual machine. I have not seen any evidence as to where Microsoft is migrating keys or other encrypted output from a TPM to other platforms. Have you?
Isn't migration of encrypted output from a TPM where interoperability matters?
Workingcapital you might consider another scenario
We have won the contract as Steven publicly stated in the CC. The only question now is the size of the deployment. That is the reason for the "north of two million" statement. It is very likely that we are doing the data center work as a bit of an extended sales call to show them both the full compatibility of our ERAS with their current network- in a "mixed environment" as Steven said. Thus, while it may seem odd to start work without a signed contract, there is a very powerful carrot dangling for Wave to do just that. If that is the reason for the delay in getting a signed contract then I am in full agreement with Steven in this action.
Have you ever thought that some BP employees might read this thread and that your statements about Steven as if he is dishonest could also have a bad effect on this process?
Boeing has been working since 2007 to patch it's security with FDE
http://investorshub.advfn.com/boards/read_msg.aspx?message_id=16211261
BOEING is adopting FDE on all laptops
Found the following on Bruce Schneier's blog:
(Scroll down-fifth post from the bottom)
I work for a major manufacturer of commercial and millitary aircraft. We have had a couple laptop thefts make the news over the last few years and we are switching to whole disk encryption on all of our laptops.
The key is assigned by company security so no token is required. Although the laptop will boot without any need to enter or have a key, you still need a domain or local account to log in. If you use a program like Norton Commander or some Linux boot CD, you cannot use the utilities to change the passwords or view the files on the drive because the drive is encrypted and therefore unreadable without booting from the drive first.
Posted by: Ron at January 7, 2007 10:27 PM
http://www.schneier.com/blog/archives/2007/01/us_government_t.html
*********************************
I followed the link in the post by "Ron" on the Schneier Blog page, and found out that the post was written by Ron Hagerman, and that he is a Boeing employee.
http://www.rons-sandbox.com/?page_id=26
May 17, 2005
About Me
Filed under: Misc Crap — Ron @ 3:06 pm
My name is Ron Hagerman. I was born May 27th, 1968 in Stillwater Minnesota.
I have an Associates degree in Electronics Engineering Technology from ITT Technical Institute in Seattle Washington and a BS degree in Computer Science emphasizing in networking from City University
I am currently a Systems Design and Integration Specialist for The Boeing Company and have been doing that for 8 years. Before that, I fixed in flight phone systems for AT&T. I spend a good portion of my time developing databases in both SQL Server and Oracle. I also write scripts that monitor all aspects of the Boeing Enterprise using the HP OpenView Operations product.
*************************
Boeing has about 155,000 employees
Boeing has had years of problems
Hopefully this is not the amount of time it will take most companies to get their act together
http://investorshub.advfn.com/boards/read_msg.aspx?message_id=25900562
http://blog.wired.com/27bstroke6/2007/10/boeing-employee.html
By Kim Zetter October 01, 2007
Boeing has fired an employee for speaking to the Seattle Post-Intelligencer after the newspaper published a story in July saying that Boeing couldn't properly protect data in its computer systems from theft, manipulation and fraud. The story also suggested that the company may have misrepresented the security of its data in filings to the Securities and Exchange Commission.
The fired employee says he was trying to save the company but was treated badly after he raised ethical concerns internally about how the company was conducting security audits of its systems. He then spoke with a reporter as well as the SEC about his concerns. Now he says the company is retaliating against him, instead of trying to fix its problems. An anonymous e-mail sent to the Seattle P-I also disclosed that Boeing is spying on other employees to ferret out whistleblowers by videotaping workers and reading their e-mail.
The Seattle P-I's July story about Boeing's alleged security problems revealed that the company had failed repeatedly to comply with the Sarbanes-Oxley Act -- a law that requires companies to prove that they have internal control of their data to prevent anyone from manipulating financial numbers and deceiving stockholders. The law requires companies to, among many other things, implement controls that restrict access to data and computer systems to only those people who need it, and that access and changes to systems -- including code changes -- are well documented.
Companies have complained that the SOX Act is poorly written and places vague and expensive burdens on them to implement -- especially for companies the size of Boeing. Documents that the Seattle P-I obtained discussing internal and external audits of Boeing show that the company struggled to meet the law's requirements but could never quite get it together, and that the IT division had failed year after year to demonstrate that it had "a robust control environment."
Among the problems the Seattle paper found were:
Boeing's internal audit findings were so poor -- meaning that so many computer system controls were failing or evidence was missing -- that external auditor Deloitte & Touche decided not to rely on the results for three consecutive years.
Boeing exposed sensitive information about computer systems' holes to employees who did not need access to all of the data, according to e-mails and interviews.
An internal complaint was filed with the company's ethics board that audit results had been manipulated. The company decided last September that the allegation was unsubstantiated.
Some employees involved in the compliance process perceived a threatening culture. A late 2006 internal report said that employees felt they were being told that their jobs and salaries were "on the line," and they were being pressured to produce evidence for audits "ahead of events occurring normally."
In July this year, another Boeing whistleblower was charged with 16 counts of computer tresspass for allegedly stealing 320,000 company files and giving some of them to the Seattle Times to document flaws in the company's inspection process for one of its new planes. Police say they discovered password-cracking tools on the employee's computer. The company estimated that the stolen data could have cost the company between $5 billion and $15 billion if the information got into the wrong hands -- presumably meaning the hands of competitors.
Boeing also recently suffered three separate cases of data theft in which the personal information of more than 400,000 employees was stolen by thieves who made off with company laptops containing unencrypted data.
Hi Alea
Constellations change based upon your point of view, but the stars themselves do not change position or course. Unfortunately, while you can chart the course of a star in the sky, one cannot chart the movements of Wave’s fortunes, yet. There is simply not enough information at this point to be able to point to the key forces controlling Wave’s trajectory.
Why is there not enough information? Because the scope of the field of opportunity is so enormous that it overwhelms the information available to divine the key forces at work. We need a Newton to show us the guiding principles to understanding the movements of the celestial body called Wave.
I remain invested because of the enormity of the opportunity, not because of the first few glimmers of light in the evening sky. Wave is a moon-shot investment to me. Here’s to hoping for a safe landing in the Sea of Tranquility.
Stick around Ramsey
I always read what you have to say. You are probably the best at explaining the technology in a plain spoken way that I can understand. I should take this opportunity to say thanks, as well, for the time that you take to do so.
I like today's action
To see us bounce back like we did today, while still trading 1.3 million shares is encouraging. While there was a sell off from the mid four dollar range, the money hasn't left the vicinity.
What could be causing this run-up? I know that in my case, I did some dot connecting of the HAP conference approaching with a couple of presentations to investor conferences, and hoped this would be a perfect time to announce real progress with the government- as in a signed deal. Yet,as I think about it, we may not get a signed deal out of the government. Dell carries everything the government needs, including ERAS, and the government money may just flow to Dell, and then to us. There may be no requirement to PR it if it goes through Dell, and the government may also want to keep it quiet. So, while I will be ecstatic to see a government PR, we may just see a sudden surge in Dell numbers.
The thing that I think is causing the run-up is that a deal has been signed somewhere- maybe the government did order a bunch of Wave product through Dell, and the employees at places like General Dynamics, Northrup Grumman, Dell, government IT people, and others may be hurrying to buy before the news becomes more public. We haven't seen a large enough increase in institutional ownership to account for the increase in volume, and I think most institutions will not buy large amounts, yet anyway. Maybe GM employees are buying in. Those kinds of companies have enough high level executives who would be in the know and have the money to buy 50,000 shares. So that is my call on the increased volume, and why it has remained above a million shares despite no news and a sell-off. If this is the case, that is good news, because these folks will be around for a good long while, whether they trade in and out or hold long.
It's not just Wavoids- the Wavoid pattern is to buy in expectation of news, then if news doesn't happen, to sell off and then the volume dries up-and that is the tell, the volume hasn't dried up. I do think that some of the sell off came from Wavoids who margined during the spike and then got forced to sell to cover, which accelerated the fall in price. I don't think traders would have let the price fall so fast if they were the only ones trying to sell.
There was some news
We may have 7 million in billings for Q 4, which might put us at breakeven.
SKS targets HP for next bundling deal- imagine what that would do to the share price
Target of doubling of billings y/y would put us at 40 million billings next year
Mazda is a customer
SED volumes are doubling every quarter
30% attach rate of ERAS to SEDs from Dell
If that is the case, I would like to know how solid StephenDice is about GM adopting Wave, too.
Check slides 16, 19 and 20