Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Is this a follow on to six month contract last JAN?
http://www.wave.com/news/press_archive/09/090122_8K.asp
If so, is there any results reported on first effort?
BCaSE
Tracking GhostNet
http://www.scribd.com/doc/13731776/Tracking-GhostNet-Investigating-a-Cyber-Espionage-Network
Interesting read relative to need in WAVX market.
BCaSE
Interesting Read - not sure if posted.
Securing Cyberspace for the 44th Presidency (DEC 08)
http://www.csis.org/component/option,com_csis_pubs/task,view/id,5157/
Strategic information forming some vectors that should benefit WAVX.
BCASE
When will the TPM consumer market engage?
If the business market for TPMs is engaging and is growing, does anyone want to discuss when/how consumer PCs will be included. At some point the business adoption of an enterprise solution includes services to consumers or at a minimum allowing employee access to internal networks from personal/home computers. There is also a case to be made for Government pressure to have consumers use e-signature, national ID, e-bidding for contracts, and other electronic productivity initiatives. Also, one suspects there will be increased regulation/control of banking and finance over the next few years and that will included consumer interaction via the internet. An order of magnitude better key management approach will also be needed.
Might be a good question for this afternoon (consumer TPM usage). Assuming Wave survives another year, will they innovate in the consumer market or will the competition beat them to core solutions. At one time (years ago) SKS wanted to be the provider of the many applications enabled by TPM supported security.
Any thoughts. Perhaps there is a survey or two as to when consumers will be included (not sure what the metric is - TPMs on all PCs?) or if WAVE will be able to innovate adequately with finance constrained resources.
BCaSE
TVTonic works great.
I have had it hooked to my HDTV via a media extender for a couple of weeks and have been tickled to death to be able to watch a lot (lot of venues not given prime time) more of the Olympics. I've watched the opening ceremony segments a few times in shear amazement of the pagentry. Quality is great, it is easy to use, and the few glitches appear to be PC or extender related. I find the controls adequate and handy. In any case, I am very impressed and am sure this is part of the future of TV viewing (at least in my house). Having it hooked to the TV is way better than watching TVTonic on a computer screen (which is actually quite nice).
I was looking at SAMSUNG series 8 and 9 LCD TVs. Not sure what the new interfaces (infolink RSS; universal anynet) really do wrt TVTonic, but there is a lot of convergence going on.
Will this help WAVX? I have no clue. Logic says yes, but the (no good term)'s will say no. Watching WAVX is like watching Beach Volley Ball. Someone goes on for the gold and someone is going home. I'm looking to Vegas personally.
BCaSE
Sorry if already posted:
http://keymanagementsummit.com/2008/index.php?option=com_content&task=blogcategory&id=2&Itemid=21
Halfway down summary of Hardjono presentation
BCaSE
PS Other interesting stuff under google for NIST TPM
Bingo!
This exercise is not about my ability to hook up anything. It is about the person who is not technical, but has a HDTV and a computer and wants to know how to watch the Olympics feed via the Internet. NBC says they are going to do it ..... so how does average Joe get it done. Buy and plug! Will anybody at BestBuy, CompUSA, Frys, etc be able to help. MY finding is NO.
This is either a serious setback in hockey stick production or an opportunity for the Olympics to make more people aware of what they need for home entertainment and to make TVTONIC happen.
Homework
Even if you know the answer, go to a local computer/television vendor and explain that you heard that NBC has announced that it will distribute Olympic venues via the Internet using Microsoft and TVTONIC. Ask them what you need to buy to get your Vista computer to work with your HDTV using TVTONIC DVR-like functionality. Ask them what a media extender is. Tell them you heard the XBOX would work as an extender, but you do not know what that means. Then ask again what you need to buy and how you wire it up.
Predicted short term results: blank stares (NBC is doing what!?). Go to TV sales and get sent to computer sales. Go to computer sales and get sent to TV sales. They will likely not have a clue as you will be first on the block to ask the question.
Desired results: Education of vendor/providers on what NBC is doing and that this is a chance to sell stuff prior to the Olympics. Education of vendors what video extenders are, how they work with TVTONIC, etc. Gentle push up the hockey stick of life so that post Olympics more users will sign on for something like World Cup while we wait two years for Winter Olympics.
Possible side effects: You will better understand the slog. You will become depressed. You will become joyful. The world will be better place couch potatoes. WAVX will stay above a dollar. A butterfly in China will cause a hockey stick move on NASDAQ.
Report your experience back to the board.
BCaSE
OT - Snacks, RE Vegas trip
Went to Vegas this last week and checked things out for a WAVX shareholder celebration. Here are a few notes:
Looks like there are a number of places to hold a Waveoid convention and there are adequate hotel rooms for all that will attend. Some of the bigger investors may want to purchase a condo at CITYCENTER ($1200 to $4000 a sq foot). I stopped in and talked it up for everyone and give the sales force a heads up for when all the Wave high rollers come to town. It is a $10 billion project. I am not sure how it is going, but told them if it hits some rough spots they could probably blame it on SKS. They appreciated the tip.
I had a sock full of nickels and dimes to drop in a “Juggler” slot machine. Never got three jugglers and after what seemed to be 12 years found I had sustained a 3 to 1 compression of my funds. I had to back out of my condo purchase, and this being America, I decided to blame my loss on you for suggesting celebration in Las Vegas, making me go, and etc., etc. I know you will understand and I appreciate having an excuse to explain away my actions to my wife.
In any case -
The slog is over, the Vegas party is on track for this millennium, .... life is good.
Let’s party .... I’m ready .... what else needs to happen?
BCaSE
Racheleise (wrt to understanding WAVX performance) – my interpretation of the Spragues is there is a desire to perform some social engineering that gets in the way of business. I think they are technically smart, but may be too optimistic at times. I do not think they are blatantly dishonest. Given that train of thought I believe there were indicators a few years back that TPMs were getting traction and that FDE was just around the corner. Wave Systems had a substantial lead and a lot of TCG experts were surprised at the lack of uptake of the TCG recommendations. Much of what Wave and TCG has done is clearly on the right path, but none of it is an IETF Standard. Given this scenario, it is my perhaps wrong opinion that blowing the predictions for Wave’s future, while sad, was not an unreasonable act by Wave management who was feeling (hoping) the SLOG was over. So give them demerits for management or insight..
NOTE TO GOOD HEARTED HELPERS – I have most of the diatribes memorized so I do not really require more of the same. While I like to see discussion leading to debate, I am not good at either.
I honestly believe the SLOG is over for TPMs and the TCG (maybe not WAVX share price). I believe there have been turn-on of TPMs, but not all or even a majority by Wave. I believe Wave has lost some of its leadership over the last several years, but the real problem is the consolidation of IT into a commodity with the big players now understanding that there is a TPM to turn on and that hardware security is going to be a major factor. Thus you see the IT/IA eco-system munching on their neighbors and almost desperate marketing attempts by software companies with lesser products, but much larger budgets than Wave. Also you have large players like HP throwing their ProCurve market pitch and telling customers they have a full solution (albeit still proprietary). All the potential major customers for Wave already buy IT/IA solutions form Wave’s competitors and now those competitors are touting TPM and FDE solutions as part of their packaged product line. Most IT managers will choose to contract with the promise from their current supplier rather than the promise from little old Wave. Still I don’t think it is doom and gloom, nor is it really a SLOG.
I believe Wave is slowly gaining traction (one small sale at a time) and that there is a tipping point when their capability will be compelling/known to IT/IA managers. I also believe it will happen relatively quick (anything is quick by our current ten+ year experience) when the trigger is reached. I do not expect a magic quarter just now, but expect to see acceleration in sales across their offerings. As long as it goes up we are OK. We may not get rich quick but Wave should stay in business and has some other options if they do stay in business. SKS will continue to do what he does best and will temper what he doesn’t do well. I predict he will make fewer predictions and will probably get dumped on for not telling us more. I assume he will smile to see the symbolic pigeons on his statue at some later date while he remembers the last few years.
BOTTOM LINE: I actually think things make sense in my little world of 80-some shares.
FINAL NOTE: I have never made a correct prediction on this board.
Snackman - not to be picky, but if I think the price would be $1.25, I would have to pick 75 cents from you boolean choices. I'm OK with selecting .75 to make half the people happy, but it may be an incorrect assessment of what people really think. You may want to change your survey ... or not.
Snackman - Excellent analysis.
The only thing I can add is I have heard rumors over and over that Steven is preparing falsehoods for next week. It is my conclusion that this takes time and it is time taken away from sales. Thus, the income is likely to be even worse than projected. I may be selling my 86 shares before I lose my whole retirement. At this rate I can probably buy back in for 100 shares and really go to Vegas in style. Actually I'm going to Vegas in a few weeks - got tired of waiting for the WAVX party. Soooo ... I can take my WAVX money, double it on nickle slots, move to dime slots and double again, then buy may 156 to 183 shares.
I'll let you now how this works out for me.
BCaSE
OT Helpfulbac - Agree with problem.
I will think about it. First thoughts are:
Could sign up for IHub premium for free two weeks and send private message. Too easy and may be ethic violation.
Could both send email to third party who would cross connect them as a one time favor. We could ask SKS since I've heard he is not busy or at least not doing enough for members of this board. He owes us.
Could try something fun ala Thomas J. Beale (or was it Edgar Allen Poe having fun?).
We have time - I am bring the Grandkids back to Kerrville area in late July or August.
BCaSE
OT Then you will relate relative to owning WAVX:
"Truth is preeminently to be tested by the practical consequences of belief".
Hero ... goat ... hero .... goat.
The rest of my philosophy comes from YODA:
May the force be with you and stay away from the dark side.
BCaSE
PS If I come to Texas this summer, might I buy you lunch (assuming I can afford gas to get to where you are at from San Antonio). I appreciate your DD and it might be a good time to celebrate.
Abductive Logic?!
Maybe HP finds they are the homely girl in the fancy clothes that wants to dance too?!?!
BCaSE
I think it is great news. I think the business posturing marks the end of the SLOG. If they're are coming out of the woodwork to make a market, then there is finally interest in buying what WAVX has to sell. This is way more important than the share price today.
Now we will see if WAVX's years of ground work will pay off or if it is "so easy" to do what Wave does, that any big name competitor can jump on the band wagon and beat WAVX out with their well known name. For years we have listened to opinions on both sides of this subject. Now, at least, one side or the other will win and I find that to be a relief after 10 years.
The next six to twelve months will not be easy on any of us, but it will be way more exciting to sail to the edge of the earth rather than sit in the doldrums for years. Arrrrg, bring on destiny .... it is a time that has been a long time coming.
BCaSE,
Disclaimer: I have never been right on any prediction I made in the last 10 years! If you have any concerns about the stock or its management, please get to safety now. Sailing to the edge is dangerous. However, if like me you have a Viking Berserker heritage, enjoy the ride to the end of the earth as we know it. Business majors and Accountants man your puke bags, the sailing will be rough. Sorry for any mixed metaphors - I'm just so excited to be under sail, riding this horse to victory, and watching the train come out of the tunnel.
Player - can we say the SLOG is over?
TV-Tonic
http://www.tvtonic.com/news/?p=128
As an aside, I got a new PC with Vista/Media Center and TV Tonic is impressive IMHO. There's a pony here somewhere (see bull mention below).
PS Save your fingers re-telling me how the concept is a loser, it's a drag on resources, and/or the Spragues are inept, greedy or whatever you feel they achieved on their road to Hades. Feel free to write it, just don't do it just for me. I learned all that stuff years ago along with Y2K and the demise of Al Gore's internet. I am also aware that everything that is too hard for Wave to do is easy for (your company here) to do. I must say I know nothing about sales, my Dad knew nothing about sales, but how hard can it be. It is like bull riding ... 8 seconds .... how hard can it be. Speaking of bull ... I got to go watch my computer.
Fratto on TNC adoption - sorry if posted
http://www.networkcomputing.com/blog/dailyblog/archives/2007/12/the_trusted_com.html
December 21, 2007
The Trusted Computing Group's New Blog
By Mike Fratto
The Trusted Computing Group, a consortium of vendors that are driving standardized APIs and specifications for secure computing, is perhaps opening up a bit with its recently announced blog. The TCG has been a very opaque organization for those folks who aren't willing to pony up the $1,000-per-year minimum membership dues, and I think the opacity has hurt its efforts to educate the ultimate consumer of its technology, the enterprise. Hopefully, the new blog signals a change within the TCG to be more open.
I am going to limit the rest of my comments to the Trusted Network Connect (TNC) working group, since I am more familiar with its activities than the TCG as a whole. The TNC has an ongoing image problem that it's trying to improve; namely, few people even know what it is. For the past few years, we have conducted reader surveys on network access control, and the number of respondents who even aware of the TNC never got much above 20%. More in-depth knowledge pushed that percentage down further.
Now the TNC has been much more proactive in attending trade shows and reaching out to enterprises in other venues. Steve Hanna, distinguished engineer for Juniper Networks and co-chair of the IETF NEA and Trusted Computing Group's Trusted Network Connect working groups, has been hitting the road, evangelizing the work of the TNC to vendors, analysts, and the press. The impact of the TNC outreach has yet to be realized.
As an organization, the TCG can be described as "for vendors, by vendors." The membership roster is a who's who of high-tech security firms that pay big money, as much as $55,000 per year, to sit in on meetings, hammer out specifications, and gain access to early drafts of specifications to jump-start product development. However, when I talk with vendors who are TCG members interested in TNC, few of them will say they are active in the working group and are adopting a wait-and-see attitude to TNC specification adoption.
The reason is clear. Vendors won't adopt TNC specifications until they hear customer demand. Customers won't demand TNC support if they don't know about it. Vendors won't bring up TNC specifications because they don't want to jeopardize a sale by clouding the issues. Everyone is waiting for what, I don't know. But let me take a guess.
Nearly all of the vendors I have spoken with secretly want to do away with their client software. It's an albatross around their necks. They would rather not touch the desktop and use something that already exists, like Microsoft's NAP. Alan Shimel of StillSecure was quite excited that Windows XP Service Pack 3 Release Candidate was available; he started downloading it as soon as he got home from his last trip. I bet he didn't even wait to unpack. I don't know StillSecure's client plans, but I'll bet he was excited because the TNC adopted Microsoft's Statement of Health (SoH) protocol as one of the methods for a client to inform a policy server of its condition. Alan laments that without Windows Server 2008 or Policy Server, the NAP client isn't much use. There is nothing stopping NAC vendors from becoming the policy server, and that probably makes the most sense. Host assessment is low-hanging fruit. The difficult parts are policy development, enforcement, and integration with existing infrastructure.
So maybe what happens next is that vendors will begin to actually integrate the TNC SoH specifications by the time enterprises start to deploy Service Pack 3 and Vista. Then they can talk about support for the TNC specifications, which gives enterprises a warm-fuzzy because they don't have to manage yet another piece of client software. That in turn raises visibility of the TNC, which may create demand for TNC conformance.
It's not enough to just get vendors to talk about the TNC work. Companies making technology decisions want to know they're betting on a winning horse. Without joining the TCG, the parsimonious announcements from the TCG haven't shed much light on the goings on and haven't done much to bolster consumer confidence in the work they're doing. Remember the circle: 1) Vendors build it when there is customer demand. 2) Customers demand when they trust the technology is good. 3) The first step to trusting the technology is good is knowledge about the standards and the future directions.
OT but interesting
BofA partners with MIT on Center for Future Banking
http://baltimore.bizjournals.com/baltimore/stories/2008/03/31/daily1.html?ana=yfcpc
Trusted Computing at MIT
http://projects.csail.mit.edu/tc/
OT I would like to thank everyone for contributions to the board. The board often is a source of much good information and moments of great entertainment.
I am of course partial to the optomists and technology bent individuals. As we once again approach the edge of the earth let us continue to sail into the eye of the storm and hope for land fall soon.
I have great empathy for the tired and frustrated. It is one of my choices, but I don't see any good way off the great ship WAVX, so I turn to one of the great philosophers of my childhood and quote "What me worry". I expect to take a hit for this attitude, but .... well, what me worry.
I am truly impressed by the rigor and fortitude of the folk who take a genuine interest in my well being and day after day after day .... try to help me see the errors of my ways and the dangers of the path I am on. To be honest I do not have the intellect to understand some of your arguments, so I often skip over the better parts. That said, keep up the good work. Lord knows the world and I need your help.
Finally, I wish the chiken throwers well. I don't have a clue who you are, but apparently you are needed in the scheme of things. (refers to James Bond on an island surrounded by hungry frustrated alligators and somebody is chucking chicken parts to create havoc amongst the alligators.) I apologize for mixed metaphors (ship, swamp, James Bond) but I alrady made an intellect disclaimer.
Happy Easter if you celebrate it and/or Happy day off from the market.
BCaSE
Maybe OT older (2005) article that still seems relevant to me. It is not too tough a read and talks to what is going on with the big guys (IBM, HP, Oracle, Microsoft) and where the little innovators will try to fit in. I believe it clarifies some of the ongoing churn in the security market and eco-system which we see a a slog. I included the link and the introduction. If interested you can download a pdf.
BCaSE
http://www.accenture.com/Global/Services/By_Industry/Electronics_and_High_Tech/R_and_I/enterprise_software_pov.htm
"Just as the Internet was responsible for the last explosion of growth in the software industry in the past decade, it is now laying the groundwork for dramatic change that will sweep across the industry in the coming years.
To shed light on the nature and extent of these changes and how they will affect the industry, Accenture recently conducted comprehensive research involving software company executives, venture capitalists, CIOs and other technology leaders in major corporations, and Accenture’s own experts.
We believe our findings and analyses will provide software company executives with valuable insights that they can use as they shape their strategies for achieving high performance and market leadership in the dynamic and uncertain years to come"
With ten or twelve years of owning WAVX stock under my belt, I offer the following to the tired, weary and frustrated:
If you think WAVX is an investment, you may want to read up on what Warren Buffett buys and see if he bought any WAVX in the last ten years.
If you think WAVX is a risk/reward play, you may want to read up on the economic concepts of “sunk costs”. The down side is your money is gone and nobody owes you anything, but the upside is if you think WAVX has a future, you can forget your previous stock purchases and buy some more. NOTE: Before purchasing WAVX, I suggest you do an analysis to determine what type of money you are throwing in the pot. If it is the rent money, don’t. If it is investment money, don’t. If it is money you can afford to take to Vegas, maybe.
Observation: SKS is a person with strengths and weaknesses. Most of us agree his predictions have a poor track record, but his perseverance is awesome. If you are into investments, he is not your man. If you are into risk/reward, he may be the long term “hero” albeit a short term “goat”. In any case, don’t say he should never make predictions and then demand that he tell you what he thinks will happen.
If you think WAVX is a linear build on with historical foundation, you might want to read up on disruptive innovation – it usually follows an unpredictable path and then a sector of major players goes out of business. With the trust eco-system vendors of castle mentality Information Assurance running around frantically trying to preserve their market share, something major is afoot. I’m hoping it is good for WAVX. What was that other “no chance” company – oh, yeah …. Qualcom – like they were going to make money and survive against the big guys and embedded infrastructure!
Got to go check how my low ball bid id doing. More sunk costs that SKS will "owe" me. Hang in there Steven.
BCaSE
"The Universe is unfolding as it should" - Desiderata
I believe this is a good/adequate solution if you want to control a FDE drive on a computer without a TPM (non-enterprise computers still lack a TPM). In a sense it is competiton to WAVX since it is another player taking up slack in the evolving market place.
There is still a lot of infrastructure to build out to support TPMs for the masses. If and when that happens, WAVX will likely have both products and competition, but their enterprise base should cement their right to market share as this gets bigger and bigger and bigger.
My guess volunteered for further analysis by our resident technical experts.
BCaSE
It’s like circling the “little train that could” full of turkeys, on a ship stuck in the doldrums of a desert waiting for a tsunami after drinking too much Kool-Aid while the fine wine ages in the darkness of a damp cellar listening to a man’s voice echoing over and over “so at the end of the day”, while your wife asks ….. so what’s happening with WAVX?
Raised from this reverie, Happy Holidays all. It will all be OK!
BCaSE
Cosign - With a big snails it takes time for policy to become a mandate and to translate into purchasing TPMs which we have to assume will get used (but maybe not). The Army and AF are in sync and I believe the Navy is or will follow (especially since the boss said it).
John Grimes (DOD CIO)will have impact on Army, Navy, AF, USMC JCS, and defense agencies such as DISA. All should start buying assets with TPMs. If DISA does as told then the GIG (Global information Grid), for instance, will be populated with TPM assets over time (can not happen overnight). This bodes well for network access, crypto key management, single sign on, SOA security protocols, and etc. using a TPM. This is a big deal over time and shows the huge DOD snail is slowly wallowing forward with respect to TPMs
The Intellignece Community (IC)is made up of 16 Agencies, nine of which are DOD related. If you look on the memo distribution you will not see nine intelligence agencies getting the memo. I see the NRO. Mr. Dale Meyerrose servies as the CIO for the US Intelligence Community (it is not clear to me that he talks for all 16 Agencies or just trys to get them to play together nicely). He spoke at a conference a few months ago alnog with Mr. Grimes. They claimed to be in lock step on needed security changes and policy reforms. I assume he supports the TPM usage, but maybe not. Did he put out an IC policy statement - we may never know.
DOD and the IC are just one of may Federal Agencies and Bureaus falling under the President. Department of Homeland Security (DHS) is a large group of agencies that may not care what DOD does (but I bet they do). DHS (USCG), DOS, DOT, DOE, etc get tied into the mix by their IC components, but not to DOD directly. Mr. Grime's policy may not be adopted in this community.
Then there are the Congressional Agencies such as GAO, OMB, ??? (ICC, NIST, ???). What will be their policy contributions. We know it includes ID cards, biometrics, cross agency orchestration of business and policy, privacy/health laws, etc. Smacks of TPMs to me.
I believe the government snails are moving towards TPMs at "full speed" (painfully, painfully, painfully slow) and this will drag along State. local amd commercial enterprises. The only significant questions remaining is if a world is full of TPMs, can WAVE make enough money so WAVOIDS can afford a trip to LV? ...and will it happen in my time on earth My logic would say yes, but after ten years of WAVE-logic results I'm very, very, very cautious with my hopes.
Not trying to be negative, just trying to visualize all the players and steps in mass adoption. Snails start your engines and take a pace lap. I thinkwe are close to seeing what WAVX can really do.
BCaSE
I understand a DOD CIO memo of 03 JUL 2007 states as policy that new computer assets (server, desktop, labtop, and PDAs) procured to support the DoD enterprise must include a TPM version 1.2 or higher. A waiver may be requested, but must be justified if equivalent product with a TPM is available.
I do not have a link (so feel free to treat it as hearsay)
BCaSE
TPM Hack - my hearsay:
One expert told me it could be hacked. He was knowledgeable. However the hack required hardware access and manipulating bits on busses/registers. You might be able to hack your own TPM to make your edge computer look like something it is not. I do not know how this might be used in the spy versus spy Mad Magazine scenario.
Another "expert" told me it could easily be hacked and in many wasys. No details and did not seem knowledgeable. I decided the hack was not performed against a locked down system and I discounted the whole story. My theory is if it was so easy everybody would be talking about it.
I talked to NSA reps at a recent conference. They knew about TPMs and are working up IA solutions. The guy was upbeat about them having a future including FDE. His time frame was a year or two (very, very, very soon) They did not mention hacks being a concern when I asked him.
I talked to a senior Microsoft architect for virtulization and he was hot on TPMs as part of the hardware solution. He was working to instantiate software TPMs in the MS OS for the new Intel architecture. Obviously not the same as a hardware TPM, but one can see the need if you create virtual CPUs and there is no good way to hook them directly to one hardware TPM in near real time. In any case all the TPMs in the world and any other TCG peripherals will need key management.
Bottom line: They probably will be hacked under certain circumstances and the TPM trust strategy will change, which will cause a different hack, etc. So far I am feeling OK about it. A larger problem will probably be the human in the loop for key distribution (errors, poor choices, etc.).
BCASE
GreenWavx,
Same for me at AFCEA the other day. Dell rep did not know what I was talking about (TPM). Looked it up on spec sheet and WOW, there it was on all his enterprise portables. I asked about key management software .... uhhh what .... Looked on portable computer menu and saw Embassy ... asked if I could see the software .... uhhhh Oh sure. He did not know it was there and then told me he liked to keep security simple (I was tempted to say Good Luck). Anyway he let me poke away and then stepped across the aisle to take a phone call. Another Rep asked what I was doing. I told him I was checking out the key management software .... I was told it was not a demo computer, rather a personal computer of the REP. I allowed as how he had told me I could check the software. The REP waved and nodded from ten feet away. The new REP considered the situation and took the computer away from me (he was polite and pointed me to another demo unit - guess he realized security was more complicated and just because I was not wearing a trench coat ....).
Talked to several vendors about FDE and TPM. No awareness. They did think the concept was interresting and a few made a note to check it out. I asked the SUN Rep if he knew about a TPM. He did not. He was a data/database guy so I asked him if they were going to use the FDE. After I explained what it and the TPM did, he appeared interested from a technical side and we got into a conversation about other technical constraints and some of Sun's solutions that already did what I was talking about (well sort of, he had to admit). He was definitely interested and probably will do some research on TCG and TPMs.
Juniper network REP did not know about TPMs on the edge of his networks. Got into a conversation about TCG standard they supported and another REP allowed as how I might be talking about an initiative he had heard about, but it was not available yet. He assured me they were working hard to be on top of evolving security issues. I felt good that he was on the job.
The above was a little disappointing, but in the context of the event I find it understandable. The government sector is very slow moving and budgets are depleted by the war. It is unfortunate, but it is what it is. It will change and I believe WAVX is going to benefit.
BCaSE
R..X It seems clear to me.
Sometime next year or later, something may happen and many hope it is good. It will be similar to some things, but different from others. Cisco is working to make something happen, Juniper is working to make something happen. Microsoft, TCG, others are working to make something happen. It is needed now, but nobody wants to rush something this important. It could be good for WAVX or maybe not.
This is just an opinion and should not be used as investment advice.
BCaSE
12/14/2006 0618 = 6:18 AM
Sorry if already posted
ORCs on the move
http://biz.yahoo.com/iw/061108/0181784.html
I think your analysis is good wrt availability of TPM enabled computers. However, I believe the importance of the WAVX/ORC announcement is in the process automation (cheaper, secure, less impact on users) that direct distribution of certs and keys to TPMs offers.
The HSPD-12 edict is slow to come along and there is only one certified solution because it is not easy to implement. It is not easy to administer, update, change business policy, cancel certs, distribute PKI keys etc. in an operational environment. Certification and accreditation (C&A) of a TPM solution would hold promise of being easier (cheaper) than an equivalent software only solution over the life of the product. The reasoning being once a core set of TPM functions/services are vetted, they will not change much over the life of the system, making C&A easier (software changes usually require more C&A activity (labor = cost)).
So, the probable outcome is the "automated" TPM solution will be phased in as TPM enabled computers come into the work place. This would be a reasonable business case that includes Wave over time. ... and we will see a lot of this happening in the next few years.
Opinion - FWIW,
BCaSE
Another thought is PKI scalability still has to be supported by universal key distribution. I think of the TPM as an infrastructure component that will automate and enhance what is done and how it is done for PKI. Thus the move to create the keys in the TPM based on the TPM root of trust is significant (to me).
It is also interesting that Wave pops up in so many parts of the security/trust ecosystem. Please mark it down to hearsay, but I was in a meeting where CAC card and user authentication was discussed for NMCI. Someone asked why the CAC card was not used on the SIPRNET and after listing some of the problems with using the CAC in that security environment to get NSA certification, the speaker mentioned that a "small comapnaay, WAVE Systems" was currently working to demonstrate how to do it. It is not clear that Wave succeeded or if it means any money for the company.
On another "reach", I personally think Wave's ID/authentication work for the French financial institutions a few years back is slowly being adopted as the hardware becomes available. We never see a clear win, but a lot of undercurrent action. Still the news gets grander with each month. Hopefully revenues follow.
Hanging in there and waiting for Vegas.
BCaSE
Helpful - Is this another head fake?
After 8+ years of owning the stock, I finally came around to the understanding that the stock went up and I should bail because a good move by the stock was really a indicator of how bad things were. So here I am ready to sell all my shares on Monday and you come up with this information that adds some cogent information to the mix. I almost bought a positive indicator from you hook. line and sinker, but after some wine, realized it's another "good" indicator of how bad things really are. Folding this concept over and analyzing it closely, I realized I need to reread Alice in Wonderland.
I believe, but cannot prove that the white rabbit bought all the Wave shares today and took them down a rabbit hole. This puts the shares in jeopardy of being short or long depending on what pill Alice takes.
I realize this is questionable DD, but believe my post competes nicely with much of what I read until I got to your post.
Keep up the good work until Monday when I am sure you will now see the logic of dumping all your WAVX stock. This security, trust. TPM stuff will never make it into computers!
You'll have to trust me on all of this.
BCASE
Sorry if posted
Defense unit, IT federation collaborate on identity system
By Doug Beizer
Contributing Staff Writer
The Defense Department has signed an agreement with a federation of IT companies to connect identity systems and establish an interoperable authentication network.
The agreement formalizes the relationship between the Defense Manpower Data Center (DMDC) and the Federation for Identity and Cross-Credentialing Systems Inc. (FiXs), which have been working together since 2003 to develop a secure means of authenticating employees while protecting their personal information.
“Over the last two years, the Department of Defense has worked aggressively on policies, processes and technologies to substantively raise the bar on force protection,” said Mary Dixon, Defense manpower deputy director.
“To do this effectively, we must ensure that the person coming through our gates or in our doors has been given access, that we can confirm that person’s identity, and when that person’s affiliation or trustworthiness changes, you know that in as near real-time as possible,” she said.
To accomplish that goal, the groups are moving toward federated agreements and solutions that allow members to trust each other’s credentials.
The network established by connecting the DOD and FiXs systems verifies an employee’s identity by relying on a federated approach, whereby each employee’s personal information is maintained by his or her employer. The system is based on the model of commercial automated teller machine networks, in which each customer uses his or her bank’s card, and each bank retains its customers’ account information and relationship.
DMDC and all private-sector federation members retain their own employees’ information, for there is no central database. To ensure trust and interoperability, federation members adhere to a common set of operating rules and a uniform trust model.
The founding members are:
BearingPoint Inc.
Data Systems Analysts Inc.
EDS Corp.
Lockheed Martin Corp.
NACHA - The Electronic Payments Association
Saflink Corp.
SRA International Inc.
SRP Consulting Group LLC
3Factor
Unlimited New Dimensions LLC
Wave Systems Corp.
AsUSeeIt,
This depends on the type of work that can be done on the contract (see request for proposal - usually posted on a web site for the procuring activity or commerce business daily). Usually the contract fixes bid rates for various categories of a work force. If the Government then writes a task order it may be for any service from engineering/building a system to writing a risk analysis or doing an Analysis of Alternatives. The task order may be sole source or multi-award. Usually it is multi-award if it is not for commodities. Thus there is a mini/limited competition between the winners who each propose how they will accomplish the task and what it will cost. The Government chooses which proposal is best for each task. Thus winning equates to a hunting license to some day get a task. Tasks can be any size within limits of the contract. Other agencies can usually use the contract if there is ceiling (money remaining) and the owning agency permits such use. Any contract can be modified within limits (increased, extended, etc.)
BCaSE
HJ 0 Contract is a "task order" contract awarded to three companies and their respective teams. This gives the "teams" a "hunting license" to go after any tasks put out for bid. Since it is a Government wide contract, in theory any agency can use it. However it is an Army contract so a lot of the work should be Army related. Much of it will be in the IT arena. You can read the RFP on the Army USAISEC site (I saw it, but did not write down the URL).
What does Wave get? Well, they are a sub, so it depends on the honesty and morality of the prime. Many times a company wants the work for themselves and gets a team together that will win the contract and then they are stingy with sharing the work. There are also "games" based on working with small business (extra points, etc.). Will it be good or bad ... I am sure you will get both sides on this one from the board.
My take is it is good that a team with Wave won. I imagine Wave was a key component (even if they get short changed on the future work). Chances are all the winners are aware of the Wave products and will license them. IT professionals will see something that works and the monkey see ... monkey do factor takes over. More work for Wave.
The other interesting point is this was a contract that was started in mid to late 2004 and was expected to be let in early 2005 (maybe Steve doesn't have a crystal ball, but it does not look like he was lying - the Government delayed the contract for some reason). It will be seveal months before the tasks let are billed and the Government pays (supposed to be 30 days, but can be much worse). If Wave stays in business (which I believe they will), they will make money and "friends".
The second interesting thing is timing. The contract was let in November (I believe there are news releases without Wave mentioned). Maybe Wave just got a subcontract signed although this is strange because most companies will not be "teaming" without a non-disclousre agreement and a teaming agreement - which are "contracts" (probably in the small sense).
Finally, I suspect there are a lot of these activities/opportunities going on and a percentage will be successful. This is conjecture so don't go buying stock on my account. According to my analysis, the "may be money" is months away. However, I personally believe the Wave management is playing a razor sharp game with a lot of nerve and way more good planning then people know. IF it works, I will be happy. If not .... well .... I will be happy for some other reason.
Happy Holidays - Hope that helps.
BCaSE
Mr. H B. Teria (aka Bill Evans),
He could be a professional stock analyst doing the best he can. They put their pants on one leg at a time like everyone else - perhaps backwards from time to time. Of course then there are the missed belt loops to consider.
Nah ... you're right
Does this mean I can't get a copy of your new CD?
BCaSE