I spend most of my time this year in China – My family has made an important decision to move to China. Things has being crazy for the last couple of months with the logistics but we finally have our first Christmas over here.

The decision is a combination of my work, but more importantly how I see the world developed in the next decade or two. Out of the 4 fastest growing economy — Brazil, Russia, India, China (BRIC), I think I can fit into China.

One thing I have certainly improved is my Chinese since moving over here, or at least my wife (who is a Chinese teacher) say so. Nevertheless, I think the depth of Chinese I can command is still pretty far from norm conversation.

For example, I was having tea in Beijing several weeks ago when a friend asked me why I could not get along with another certain mutual person. I struggled to find the right words to expressed in Chinese. When she got it, she just said “君子合而不同小人同而不合*”.

Just 12 words explained what I tried to do in the last 5 mins. Chinese is an amazing language — it contain far more “information” per word than English if you know how to use it properly.

* “君子合而不同小人同而不合” is a saying by an ancient Chinese philosopher known as Confucius record in the “The Analect”.

Susan Crawford and Kevin Werbach has being appointed to lead Obama Team Review of FCC!

I know both of them; Kevin is an advocate of all things open (open spectrum, open access, net neutrality) and Susan is an advocate of public space online (privacy, online rights :-)

Now, these appointments really mean CHANGE! Wohoo!

Congratulations and I look forward to good things to come :-)

When someone ask you how much it cost to license your technology, the last thing you want to say is “depend how much you value our technology”.

1. You don’t know how much your own technology is worth.

2. You going to charge different people different licensing fee.

Most important of all, you sound like a hawker in some third world country bargaining, not a professional negotiating licensing for a major research lab.

And if you say “If there is no value to you, then don’t license”, I will walk away.

ps: Yes, I walked from the deal. It is just too silly.

In Cairo, waking up at 2am to watch the election on CNN and online and watching the votes come in. I hope I am not disappointed as I did in 2004 tho.

Go Obama Go! I had enough for the last 8 years!

Update: Wohoo!!! I look forward to CHANGE!

Billionaire who wasn’t by Conor O’Clery

A book about Chunk Feeney, the co-founder of Duty Free Shopping, ranked 23rd richest man who gave away all his money, mostly anonymously until people discover he don’t even own a house or a car. (Incidentally, I realized I was an indirect benefactor of Chunk after reading his book :-)

Didn’t blog much lately due to the heavy traveling between China, Hong Kong, United States. Between my travels, I spend less than a total of 10 days in Singapore with my family the last two months.

Oh yea, I finally did my Segway Tour of San Francisco last weekend, thanks to Dewayne Hendrick who spend an afternoon going on the tour with me. Gosh, I got to get one of those Segway soon!

On an unrelated topic, I have accidentally deleted all the comments on the blog over the years as I was trying to get rid of 20,000 spam comments :-(

Instead of trying to recover from backup, I decided it is perhaps time for me to disable the comment totally. Afterall, i am getting more spams than legitimate comments – and for those who wish to, you can also contact me directly.

I had a crazy month traveling across Shanghai, Hong Kong, New York, Chicago, Seattle, Palo Alto, Los Angeles and finally back in Singapore. It was great trip, mostly business but in between some personal stuff, catching up with ex-boss, old friends and making new ones. A great evening with Marc Canter and his family (love the Canter’s song! :-)

It was also a great time traveling in US as a Chinese. Taxi drivers rave non-stop about the amazing Chinese Olympic openings and for the first time, see China differently. (Well, I wasn’t born in China but still I am a Chinese :-)

On my way back to Singapore, AIMS published the recommendation on the changes to media policy in Singapore. I was one of the stakeholder they consulted early in the process so I got swamp by reporters who got an early preview of the document. Unfortunately, I didn’t get to read the final version before them so I couldn’t really answer most of their questions. Anyway, suffice to say, I was happy with the progress. It is a much bigger step in media liberalization that I expected.

So I was back in Singapore and I met a fund manager yesterday. She asked an interesting question:

“Why are there so many P2P companies in China and not in US?”

It is worthy to reflect on that question because in some ways it is true. In US, we have bittorrent.com but other than that, most P2P applications have pretty much gone. Napster, Kazaa, etc, gone.

Wait, what about Skype? Firstly, Skype is not US company. Secondly, Skype P2P is actually very simple – connect A to B, both behind NAT, via a supernode C. In fact, their Kazaa background has more complexity than Skype architecture.

Now compared it to China, the land of P2P Streaming with PPLive, PPStream and UUSee. There are numerous P2P downloads the most famous being Xunlei (backed by Google). And all of them are very successful : PPLive has over 100M installation based, 34M active users monthly.

So what happened?

I think it has to go back to the early 2000 when music industry decided to clamp down Napster. The defining moment was when Napster was shutdown by the court after years of lawsuit. Since then, anyone with a bizplan that even has the word “P2P” is unlikely to get funded. Innovation in P2P basically stop dead, with the exception of bittorrent and Skype, but both become relatively successful without VC backings.

On the other hand, P2P has no such stigma in China. Investments in P2P continues to flourish and today China can claim to have one of the most advance P2P technology in the world. To the extend that when people are finally trying to do video these days, people are looking towards China and see how video are being delivered in the number 1 broadband country in the world by number of subscribers but probably one of the worst by quality.

Look at the Olympics numbers. PPLive alone has more peak concurrent viewers (1.6M) than NBC (600k) and BBC (200k) add together.

There is a lesson to be learned: The unintended consequences of slapping a “evil” label on a technology where in reality, technology is neither good or evil, but rather the use of it.

Disclosure: I am associated with PPLive.

On the left is Pindar Wong, one of the pioneer of Internet in Hong Kong in the late 80s. When I first met Pindar in 1992, I was still merely a student whereas Pindar just sold his company, HKNet. Anyway had lunch with him two days ago. I couldn’t believe my eye when he hold up his mobile phone, an ancient Nokia phone (Nokia 3310) which does nothing else but just makes phone calls and maybe SMS.

And he is extremely proud of it :-) “It works!”, said Pindar, “it is the best phone made by Nokia”.

Which brings me to one of the latest Nokia, Nokia N810. The PR guys for Nokia offered a set for me to play with 2 months ago just before my crazy trip. Half way through the trip, my macbook dead which force me to really use the N810.

N810 isn’t really a phone. It is more an ultra-portable Internet tablet (Linux). It makes phone calls, yes, but via Skype but it is mostly a browser, IM and email device.

What I likes about the N810,

1. The form factor is perfect. It is a tablet and it has a slide out full keyboard. It is big enough to type with thumb yet small enough to fit into my pocket.

2. The concept, of browser, IM, email and skype all in one small device. If I don’t have a laptop (which I don’t have half way through my trip), those are the stuff I cannot live without.

3. There is an eco-system of developers porting other Linux applications onto N810.

But these are nothing new. I had it 3 years ago on my Zaurus, except N810 has a bigger screen.

Onto the bad stuff about N810,

1. The touch screen is horrible. I don’t need multi-touch but when I click on something, I expect it to click, and I expect the UI to indicate I click. Very often, I find myself tap…tap tap…tap tap tap…and still no respond.

There is a reason interface designers allocate the highest CPU priority to interface since the beginning of computing.

2. Installation of apps is complicated. There are probably like 3-4 ways I can get apps onto the device. Each of them involve multiple steps like, visit a website, click on the download, which will fire up installer, which would ask me if I want to install a repository, which would take a while, and then a confirmation of the application I wanted, which is likely to promote another warning that it is unsigned, and finally I get to download it…and no, one more click to install.

I just want an app onto the device. I want to click that app, please do the rest.

3. The touch screen is horrible (did I mention that?). It is a small screen so the the icons are already very small. If I click one icon, i get the one next to it. argh. back/cancel, reload, click, wrong again. arghh.

You either figure out a way to make the button bigger or you make a more fine-resolution touch screen. You don’t make a device which has small button and lousy resolution touch screen, without providing alternative.

iPhone touch screen is also at the bad resolution level but it works. It works because very often it makes the button big, or it allows you to zoom it to be big, and if it is not zoomable, you can hold it down, move it a bit until you get the right one.

I could go on more (out of memory, slow apps respond, the keyboard layout, camera for video conferencing that skype don’t support etc) but here is the one and one reason that I leave N810 at home these days.

4. The web browser do not work with Gmail.

“Wait, it works”, you said. Yes, go to gmail.com, and it load up fine. It even render gmail as you expected. Now, try using it.

Not the UAT of “does the browser render gmail.com?” but really use it for your daily use. Try using it for an hour. I did. Within 5 mins, the browser slow down. Any clicks would take ages to register. Even scrolling up and down is retarded.

But no, thats not the worst; wait till you try to compose/reply. As you type your email, the letters you type appears 30-60sec after you press it. So yep, you could either press a letter, wait 60 sec, and then type another. Or you could just type it blindly and …. until you made a typo then god help you.

Yes, it renders fine but no, it does not work. Any Internet tablet that does not work with one of the most popular web email today is not acceptable. Asking me to use the native Email application is not an option. You are out of your mind when you ask me if I would switch to another web email. I like gmail and I had everything setup there. I am not going to switch web email just to use N810. If N810 don’t work with Gmail, it stays at home with the pile of other gadgets I had but no longer use.

I feel really sad for the problems I have with N810. Nokia is famous for its UI engineering. People like Pindar and myself like buy those early Nokia phones because “it works!”. I was a loyal Nokia phone users for nearly 8 years, including the failed N-Gage. These UI problems I have with N810 is not something I expected from Nokia.

Maybe Pindar is right. The best Nokia phone is the Nokia 3650. My favorite Nokia phone is still the 88X0 (I bought at least 5×8850 and 2×8890). It is downhill since then.

Planning for a short trip to Hong Kong tomorrow reminded me of Jonathan Shea, something I want to blog about but was waiting for the hype around the new generic TLDs to cool down. Jonathan Shea is an old friend who is in-charge of “.hk”. I have the pleasure to catch up with him in Paris ICANN meeting.

Before Jonathan, let me talk about something related that happened in Paris. At the Cross Constituency Meeting, there is a presentation by the Anti-Phishing Working Group (APWG). In summary, they were proposing working with registries to take down domain names that is suspected to be involved in phishing.

Now, I am as anti-phishing as any other reasonable person, that we should do our best to combat the scamming on the Internet. But what they are proposing raised scare the hell out of me: Take down domain names for suspected of phishing?

What happened to the legal maxim, “Innocent Until Proven Guilty”.

Now, I could hear some objections; these phishers are sneaky bastards who adopted the “hit-and-run” tactics. The entire phishing attack could be done within 24 hours or less and thus we need to react before they got more innocents victims.

That’s true but this is not an excuse to override the basic principle of legal enforcement. Just because a thief could commit their crime within less than 5min does not mean we don’t treat the suspect as innocent until proven guilty. Neither do we lock down the house or the store while we investigate, which is in a way, what was proposed.

After Wendy Seltzer raised some concerns, I stood up and asked two questions:

(1) how does APWG determine if one is a phishing domain for take down?

All I got is a a hand-waving answer that it is complicated and there is no time to go into details. I am not sure if they differentiate between an intentional phishing vs a site/domain which was hack or hijacked. I am not even sure how they determine if the site is indeed phishing. If I put up a spoof making fun of the bank’s bad service, would I be target of a take down?

(2) how effective is the domain name take down the phishers could easily use IP address instead of domain names?

Once again, he dodge the question without giving any data but at least his answer is more plausible: one should make use of all mechanism available to fight the problem. Nevertheless, i remain unconvinced that taking down domain names would deter the phishers as they could easily use IP address instead. Do we then go to RIR and ISPs to blackhole the routing for an attack that might last merely hours?

I might be more open if the takedown is temporary, as an emergency one-off measure if it significantly threaten the general public or the normal operation of the Internet. And we can proof that the best way to stop that specific attack is in the DNS.

However, I am not convince ICANN and registries is the best way to deal with the problem on the long term continuous basis. I think this is a classic case of “if we have a hammer (ie. ICANN), everything looks like a nail”.

This is not to say I don’t think registries don’t play a part in the anti-phishing. This is where I go back to Jonathan and HKIRC (.hk).

McAfee published a report on Mapping the Mal Web Revisited in May. This report said “Hong Kong (.HK) soared in 2008 to become the most risky country TLD”.

Obviously, this report upset quite a few people, including Hong Kong Internet veterans like Charles Mok and Pindar Wong (see IT360). Jonathan contested that the report is unfair because the data point for the report is based on 2007 whereas the problem have being substantially improved in early 2008.

What have being done by HKIRC is a model of what I think the registries should adopt.

1. In March 2007, HKIRC working with HKCERT and the HK Police Force on a procedures to verify whether a .hk domain name has been used for phishing. They also work with OFTA, the local regulatory body, who will provide a definite list of .hk domain names that is involved in spamvertising in Jul 2008.

2. In July 2007, HKIRC tighten their online payment (HKIRC is also the registrar) so that stolen cards and lost credit cards cannot be used. In early 2008, they also developed an internal auditing system where they would flag suspicious registrations, which would then be process manually for additional documentary proof from registrant.

An example which would trigger the flagging is when a domain name is known to be phishing site from a definite list by OFTA, the other domain names registered by the same registrants would be considered suspicious.

What was done by HKIRC is non-intrusive, nor disruptive to the registrants. Neither do they presume guilty before innocent, and take down domain names on suspicion notes. They work with regulators and polices to make sure they got the right person. They let judges do their job, of determine one guilty or innocent.

Most importantly, these have being effectively in curbing the problem.

Awesome!

via Marc