The Shape of a Technological Window - Commoncog

About two weeks ago I released an update to the Commoncog case library beta: a new series of cases around a concept called ‘Technological Windows’. This was the name of a thing first articulated by Steve Jobs in a 1992 talk at the MIT Sloan School of Business; I argued that Jobs took the idea very seriously and that he had built much of his career around it. What was interesting to me was that he seemed to have been remarkably deliberate about chasing the concept to its logical ends — many products and strategies that he undertook over the course of NeXT and his second coming at Apple were applications of the concept over the arc of his life.

Because I’m now doomed to think of various contemporary business events as ‘ooh, that’s a nice case study’, I think Microsoft generating hubbub for integrating ChatGPT into Bing is a nice example of ‘if you hang around long enough, sometimes a technological window allows you to become dangerous again’.

Finally did a straight-through read of all these and watched the full Steve commentary too - it’s a little hard to reconcile his description of the computer-driven NeXT manufacturing facility with the subsequent export by Apple of so much manfacturing capacity to Foxconn, but maybe that’s a separate issue?

The “prying a window open” notion stuck with me, and I wonder what windows folks here might see in their business surroundings. I’ve been describing Nvidia Omniverse as a sort-of-window, in that they found a new product that can join and exploit several of their existing programs (and thus is resistant to direct competition, because while Epic Games or Autodesk or other hardware makers have some pieces of the puzzle, they only have a few) (the most credible competitor, actually, might be Apple again, since they have a planetful of mobile sensors already deployed).

Ai as-deployed is drawing a lot of attention now, but I wonder what the windows for even two years ahead might be (and might not involve AI all that much at all, though it seems doubtful)

An interesting bit of context: Jobs hired Cook to take care of manufacturing/supply chain issues in 1998, five years after the talk, and I think he charged Cook to make all of Apple’s manufacturing JIT. So I think it was really Cook’s doing that Apple’s manufacturing became this highly integrated, China-based, low inventory, high turnover machine.

I don’t recall how I got it, but I found a copy of Stuart Kauffman’s 2009 science paper, “Towards a Post Reductionist Science: The Open Universe” on my computer. It’s a paper which discusses, among other things, the concept of “Adjacent Possible” events. You can’t make a computer until some adjacent events occur, and then a computer is possible. He applies this idea to biological evolution etc.

Being a trendy sort of person I fed the PDF into GPT and asked it if there were ways to recognize “adjacent possible” events and if this could be similar to Job’s technological windows. It said yes, in I guess a reasonable way?

Yes, it is similar to Steve Jobs’ comments about “technological windows.” Both refer to the idea that certain situations or opportunities arise that allow for the creation of new products or economic niches.

But it’s not too smart about it, a little vague and even evasive in tone. Just the same, I wonder if a technological window is a recognition that there are multiple adjacencies near an unfilled space.

Maybe I’m getting carried away with this model, but I’ve taken on the dangerous mantle of some long-term planning and… it burns me.

I’ve been thinking about the idea of a technological window as it applies to my work as a PM at a computer security company, since the tech we’re working on feels genuinely new and different (not just taping together existing components).

Some background: confidential computing is a security technology which uses hardware-based trusted execution environments (TEEs) to protect code and data. This has many benefits, like preventing certain forms of attacks - e.g. in the recent CircleCI data breach, the attacker stole encrypted data, and then performed memory scraping to get the decryption keys (apologies for the corporate blog post, but I personally wrote it and it’s the most concise description I know of). There’s also a new capability, remote attestation, which allows you to prove certain code is running in a secure enclave (enabling unforgeable, unstealable application identity).

You’re probably already using confidential computing through implementations like Apple’s Secure Enclave, which protects payments and biometrics on the iPhone. But the technology is not in the mainstream yet, though I believe the window is opening.

A few reasons that the concept of technological window might not be relevant at all:

1. It’s enterprise tech, not consumer-facing
2. It’s security, and no one cares about security until they are forced to

But ignoring that for a moment… the window for confidential computing server-side was closed for a while just because the tech wasn’t there:

• Around the mid-90s, TEEs saw adoption for EMV cards (a.k.a. smart payment cards or chip cards)
• Sround 2004, TEEs began to be used in mobile phones (ARM TrustZone)
• Intel SGX (2015) made TEEs available on the server / in the datacenter
  Once the hardware platform existed, writing applications to run in TEEs was still really difficult and often came with big performance hits, so you would only put in the effort for really valuable narrow applications, and/or if someone forced you (e.g. in 2015 when US payment networks made merchants liable for fraud for non-EMV transactions, or in 2017 when Google required Android devices with fingerprints to use TEEs).

The window is beginning to open for the following reasons:

• Increased availability of the needed hardware from cloud providers: in 2017 only Microsoft Azure had Intel SGX processors available. In 2023, AWS, Google Cloud, Microsoft Azure, and the long tail of smaller clouds like Oracle Cloud, IBM Cloud, etc. all support some variant of TEEs.
• Improved usability driven by software providers like my company, reducing the cost to adopt TEEs
• (Coming very soon) improved usability and performance driven by hardware providers (AMD SEV, Intel TDX, ARM Realms), also reducing the cost to adopt TEEs

Other competitors in the space were too ambitious / early and hit walls, e.g. Profian/Enarx (now shut down, WebAssembly was a technical dependency for them that was not quite ready yet) and R3’s Conclave (pivoted away to focus on a different product).

So if there really is a technological window opening, my company could exploit it since we are prying open the window via usability. It also implies that since the hardware providers are also improving usability, that advantage will be eroded and we’ll need to provide value in other ways - perhaps by integrating with other rising technologies like generative AI or addressing emerging regulations in data security, privacy, and sovereignty.

But coming back to the two reasons the window might not be relevant at all (1: enterprise; 2: security), it’s not enough to be better. I’ve been trying to find relevant past cases where new security technology was adopted for enterprise use, and they all include one or few powerful actors making the change by fiat - for example:

1. As mentioned above, the small set of EMV companies forced adoption by shifting liability to merchants
2. As mentioned above, Google and Apple respectively mandated use of TEEs
3. Widespread HTTPS adoption is driven by Google search ranking signal from around 2013
4. Use of hardware security modules (HSMs) and tokenization in payments is driven by the PCI-DSS group

I’m tempted to conclude that no security benefits are compelling enough to adopt any new security technology; only some outsider can force the adoption of security technology by making it prohibitively expensive to not comply. So maybe the tech window is irrelevant without this event.

Is anyone aware of relevant cases here?