Wednesday, February 6, 2013

Business Model and Technology Ideas

As a believer that it’s not about the idea but the execution, and further that even a good idea will really evolve as a team vectors into the right set of features and market opportunity, I thought it would be safe (and fun) to list some of the various ideas I’ve looked at recently. Some of these are based on a need that I have (but not necessarily anyone else). Others are just random ideas. Some just look like fun to build. And some I guess are just downright ridiculous. But in the spirit of brainstorming, where more is better and it’s better to just get some ideas out there to evaluate, reduce and solicit feedback, I include the list below. Feedback welcome:)

I have also experimented with a sortable version of this idealist using Python/Flask/Javascript/tablesorter and hosted on Heroku.

Update: here is a post about why someone will not steal your idea.

Existing Apps
The first category of ideas would be to add features to my existing mobile apps on the Apple app store.

SYOD (Secure Your Own Device) - a best practices security app, I developed at Redspin (with help from our resident, super-hero, Jenn)

The security app parked at Redspin, could be evolved to support various features such as training, phishing, security policy acceptance/update. Mobile security push notifications (phishing, training). This could also evolve, or maybe that would be a unique app, into a scanner to scan for insecurities on your phone.

McRun - a running calculator, I developed in conjunction with my brother, Peter Abraham, and McMillan Running.

adding geolocation and upload to a google map with color coded location marks such that runners could see if runners that run similar: fast vs. slow, long vs. short distance.

Omulator - a meditation timer that graphs the audio output of your AUMs.

add additional sensors (body temp, HR, other biorythmish data that could be correlated with your AUMs). Perhaps leverage the KORE sensor from Kickstarter.

Apps Interacting with the physical world
This entire category is around mobile apps that somehow interact with the physical world around us, with sensors, or remote control

App + Remote control power strip: Could be used as a timer or to control access to anything with power. App could be configured with a timer, points system, or tied into other scoring APIs or websites. Also, when tied into a web app, multiple people could vote to turn on the power.

Exercise to earn credits to watch TV: how about arduino controller for power, then app. so you earn power based on app, then use the app to buy credits. This is essentially a business model wrapped around the previous concept, and is more fully described here.

Remote control pad lock: App controls the opening of the lock. Could be opened remotely. Even if one did not own the lock, they could connect to it (Bluetooth) and then relay the lock control to someone who has control over it. Also, multiple votes could be used such that a lock could only be opened if multiple people approved.

I spent over ten years in the security space, building my security company, while really understanding the needs and psychology of IT departments and enterprise risk management. This is always an interesting space for me and as risk evolves along with the changing nature of technology usage, there is a continuing flow of unmet needs and security risk. This is a ripe area. One draw back for the security space is that much of the risk is based on the actions of users and the IT department, so it tends to be more of a psychology problem than a technical problem.

Crowdsourced pentesting: Moderated group of pentesters. There is a huge body of talent out there that could really help identify risk.

Large scale port scan: I am not sure how big the market is for this, but some of the team at Redspin developed some creative and effective approaches to for some mega network audits that required a creative approach, triage and a boatload of virtual cloud scanner instances to address big network vulnerability scans. The challenge is to quickly isolate areas of critical risk and eliminate false positive. This approach might become more mainstream with IPv6.

Single application vulnerability scanners: Many IT functions exist in a silo, so there is an opportunity to market a point solution that scans security risk for a single application that can be marketed directly to that community. ASafaWeb is an example.

iOS profile checker: A web application to evaluate iOS profils. This would basically benchmark your security policy to best practices. Similar in spirit to MBSA.

Mobile proxy: Anonymous proxy for you mobile device.

Crowdsourced secure app list: Leverage chains of trust and the public to vote for and vouch for mobile apps to develop a blacklist and/or whitelist of apps that are coded and behave securely.

Binary security analysis of mobile apps: I would imagine that someone is working on this already. One issue with widespread usage for apps would be how to handle encrypted binaries. However, this is a big problem, probably worth solving.

Hack lab: interactive security training.

Security game: Used for security awareness training of employees. Employees represent perhaps the biggest area of security risk. One problem with security awareness training is that is starts to look like a slide deck or web presentation, with a follow-up quiz. Employees can do this mindlessly and often learn nothing. An approach that actually lead to security awareness retention would provide great security value.

Phishing mobile app: My existing app, SYOD, could perhaps evolve into this. The idea is to use the installed app as a platform to send phishing emails and messages to the device for training purposes.

BYOD Tracking: Probably a bad idea from an employee perception standpoint, but web proxies are doing this now. The implementation could be with an app on the phone or perhaps with a gateway on the corporate network. The later is already happening.

Micro audit: Real-time micro sensor (atomic, one issue at a time) to measure/metrics around key areas of security: social eng, patching, % encrypted devices, ports open / total IPs, virus signatures up to date, etc. Use open source sensors, such as ossec.

Port security tools to mobile: There are a myriad of security tools, some of which could still be ported to mobile.

Trust network meets social: Chains-of-trust for companies. yelp for security.

Directional WiFi mobile scanner: Turn your mobile phone into a WiFi directional scanner using hardware in a headphone jack antenna. The idea is to easily detect the location of rogue access points (APs).

Security and the Internet of Things

This is a bit of a crossover category that leverages current models for TCP/IP and enterprise network security, with the unique needs of the Internets connection to the physical world.

MSSP (Managed Security Service Provider) for Things: A popular way to handle enterprise security, particularly for small and mid-sized organizations is the have a service provider manage security. In this model, the MSSP company may provide the company and Internet connection. Then, based on their physical presence on the network link to the Internet, the MSSP could implement services such as email spam/malware filtering, web proxy, firewall services, etc. The Internet of Things version of this would use a single web service as the central link for all of these "things" and then manage the things via a web interface. Ultimately, though, the network of things would need to be secured (physically secured and segregated from the Internet).

Industrial Control System database of hash signatures for software: the idea is to detect changes to firmware and ensure system integrity. Sort of a tripwire for firmware. Or for those familiar with gaming and slot machine environment, this is analogous to the Kobetron chip verification device.

Internet of Things

Bluetooth army: Mobile app scans for Bluetooth devices and logs to cosm (geo, stats, security, etc). Mostly I envision this as a research app to gain data and insight into the extent that your mobile device finds Bluetooth devices as you go about your daily activity.

Concentrator box for things: box to aggregate bluetooth devices and connect them to local internet. Bluetooth is cheap, fairly low energy and will likely evolve to be widely used in home automation. The problem is that your Bluetooth devices need to connect to another device that is connected to the Internet in order to have wider connectivity. A mobile app could achieve this, but for full-time connectivity, you'd need a dedicated box that sits on your home internet connection. This could be an Android OS without a phone. or a rasberry pi in a good enclosure.

Secure remote access for bluetooth: gotomypc for bluetooth.

Ad platform for Internet of Things: This is just a brainstorm idea, without any functional use case.

Generic device controller: App as generic device controller for the myriad of smart devices coming on line. There will be a proliferation problem - how many apps for how many devices do you want to own. Also one app controls another app/phone.

Remote control camera app: a way to take pictures when your camera is at a distance. This has various applications, such as for taking art photography where camera is mounted on high tripod or ceiling mount. Or if you want to take a picture of lightning and need a way to sense the lightning and click the shutter. I cannot believe that all camera manufacturers don't already have this, but I presume its on its way.

Web hub for mobile device sensors: This would be a website with an API that could be programmed with a web interface (think that would allow any individual to connect data collected via their mobile device to a web site (think that would enable tracking, graphing, data logging, GPS mapping, etc. This would be something I could use right now for McRun and this would also be an application for the Nike+ accelerator program, as customer modules could be developed to quickly web-enable Nike+ apps.

Network & RF & Tracking

Faraday clothing for electric sensitivity: OK so call me paranoid, but I do have a distrust of wireless radiation and its health impact. When UV radiation was a new threat new apparel upstarts marketed products with enhanced sunscreening capabilities. My feeling is that awareness of wireless network radiation risk will increase along with the demand for protective garments.

RF Scanning App: The Oscium spectrum analyzer is something that is on the way to achieving that, for an albeit technical audience.

RFID-ish easter eggs: Tagging devices for retail stores. find in store -> get prize.

Railroad Tracker: Wouldn’t it be nice to know what train is where? (well maybe not) But it would be interesting to have some insight as to the cargo and volumes heading between major nodes. And actually, I think it would be fun to see where trains are. From a pure tracking perspective, is analogous to the thinking here.

The Chip: Sensor for tracking kids, luggage, pets, laptops, cars, bikes, boats, employees, fleets, biker racers, theft bait (a physical honeypot). The sensor could use different communication technology, depending on the use case: satellite, cellular, WiFi, Bluetooth, RFID. All this is already probably on the way and will be a function of the hardware cost of the sensors, which is on the way down. Check out FedEx SenseAware for their shipment tracking implementation.

Mobile Tracking and Deployment Platform: Make it easy to deploy custom tracking solutions. This could include a wireless chipset, GPS, API, middleware along with a message or usage-based subscription plan.

How could you use Google Earth to find something? More of a problem to solve than a business strategy, but answering this question could yield some interesting applications.

RFID Checksum / Signature: This would create a database of RFID item numbers, associated with devices, that would allow the positive identification of devices using RFID. These mini-devices would be able to be embedded into other devices which would verify their authenticity.

Fitness & Sports

I am really into all things outdoors. I'm not sure why this list is so short. 

Street skating app: App to share locations, meetup and share exploits. Strava for street skaters.

Grudge match: 1 on 1 challenges for charity implemented as either a mobile app or web application. I am not sure of the practicality of this and it might exist already. I grew up skiing competitively and we had grudge matches at contests so I see this as a sport challenge, but really it could be anything - Whoever grows the biggest tomato plant by fall, donates $100 to charity.

The Pro-Bike Rider's Doper Assistant: Basically, this is a humorous app targeting pro bike racers in Europe that want to manage their use of performance enhancing drugs. This app would really just be for fun and would implement the steps defined by Daniel Coyle in his book Lance Armstrong's War that riders use to avoid the doping authorities. This would include timers and blackout period for the use of various drugs and a group messaging app, so when the authorities show up at the door of one racer, that racer can quickly warn the rest of the riders.

Avalanche Risk Assessment App: This would implement a quick set of questions to help determine avalanche risk for back-country skiers and alpinists. If you've ever stared down at 1000 vertical feet of untracked powder with a group of other skiers, you know that group think tends to summarize the risk as "looks like it's stable, let's make some turns." This app would objectify the analysis. This might be another dichotomous key implementation.

Avalanche Balloon Tether: Perhaps this is obvious - or proven to not work:) - but why can't you ski with a balloon tethered on a 10-20 foot cord, so in event of being covered by an avalanche, the balloon would float in the air above you.

Personal Buoy: This is a buoy deployed in the ocean that is anywhere the size of a baseball to a basketball. The buoy could be deployed with various sensors: temperature, swell period, visibility, fish, drug smugglers, oil spills, lobster trap monitoring, etc.


Business Idea Portal: Basically, I am thinking of this list, but implemented as a database, so users could add their own ideas, vote on ideas, add comments and also link ideas to existing companies that already have technology that could be quickly transferred into a given product or market opportunity.

Meeting clock: So my friend Joe and I have been talking about this for 10+ years now. There are some meeting timers in existence now, but this would leverage the voice capability of mobile devices to track who did how much talking. The idea is to make everyone aware of how much they are dominating the meeting, costing the company and participating.

Fisherman market maker: Market making app to help fishermen get the best price for their catch. The problem is that the fishermen unload fish at dock and there is often limited opportunity to find the best price/market for the fish. Inspiration can be found in Open Ocean Trading and South Shore Seafood Exchange.

Location Scout Directory: This is a database of facilities that are available for film locations. However, this is supply-side driven so that private individuals and other organizations that have locations available can upload their location, rental price, pictures, etc. Think of VRBO or AIRBNB for locations.

Team dispatch: group messaging (group text & walkie-talkie)

Crowdsourced stock footage aggregator: This would implement technology to acquire stock footage from cameramen for resale as stock footage. Because stock footage can be shot any time, such as when a cameraman is already on location for another shoot, this could provide features such as communicating with cameramen, scheduling, sharing revenue, accounting, etc.

Lease-option database: market for lease-option opportunities in real estate. (also apps based on open source gov data. Lots of great data is being made available by the federal government.

Groundwater depletion & data: Using data from satellite Grace ideas from Dr. famiglietti.

Cookie share: submit your info, get paid (rather than some other company making money off it). Many ideas around this are already floating around out there.

Who lives there: I am often intrigued by the individual stories I hear about people and there lives. Sometimes when I see a house, I wonder "who lives there.... and what is their story?" I envision a picture of a house, and a single paragraph story about people that are shown on a map.

Environment & Clean Energy

How green is my product: Mobile app that can scan a product bar code (or logo?) to determine if the product is green, perhaps GMO free. Output would be logo and scale 1-10. The calculation might require some insight into supply chain.

Solar Calculator: This is a mobile app that quickly calculates the potential savings for implementing residential soloar power. Because much of the calculation is based on your location (fog, amount of sun, current rates etc.) a mobile app would be able to automatically solve for much of this. Also, in a more sophisticated implementation you could determine how much energy you currently use (smart grid tie in) and also the amount of space available for solar: take a picture of your roof to determine size and compass direction of roof.

Personal WiFi/Cellular/EMF Meter: As people become aware of EMF radiation dangers, more people may care to quantify their exposure: do you live/sleep in direct line of sight to a nearby cell tower? Is there a lot of WiFi energy in your home or office? This would be an App (perhaps with an antenna) or perhaps a dedicated device.

Measuring power line sag to determine line load: Power lines sag based on temperature and load. With camera monitors on the physical wires, temperature and an algorithm, you could estimate load on the wires. This data could be sold to financial firms, regulatory agencies and others that are interested in estimating load on the power grid.


Brainstorm app: app in which you document keywords and the app provides related pictures, associations and questions to help determine other ideas.

Dichotomous key: Any subject that has been documented with a dichotomous key could be effectively implemented in an app: trees, birds, hunting, fish, sharks, security threaths, security training...

Michael Polen app: I am a big Michael Pollen fan 0 turn his Food Rules book into an app. Its a great quick reference book that would translate well into an app.

Graffiti Grapher: pp to take a picture of graffiti, log coordinates, upload to a map and try to trend incidents. Goal to reduce graffiti and catch culprits

College finder: help high school kids find a college.

School donation by class meter: Mobile app or embedded web widget. More people will donate if motivated by a public notice that shows the percentage and amount of class participation.

Remote camera monitor: Micro camera that can be viewed via app for quick scan of, for example, who is at front door.

Health Insurance Card App: Really just a micro app that would solve a tiny problem. My issue is that when I go to the doctor, I need to produce an insurance card, which i never have. With 3 kids, I find myself looking for my insurance info periodically. I solved this problem by scanning my insurance card and mailing it to myself. Really, I'd like an app that would allow me to take a picture of both sides of my card and then put them together in a single image. When I open the app, the card shows and allows me to mail it or otherwise send it to the provider if necessary. Downside: solves a tiny problem. Upside: easy to implement. Another related feature would be to calculate the amount of your annual deductible that you have used to date.

Tip Jar Voting App: Mobile app to allow you to vote for who gets your tip. Don't you hate it when the service is bad at a restaurant of coffee shop. but you see someone in the back really working hard. Wouldn't it be great to be able to direct your tip to them.

Automobile Holographic Bumper Guard: Ever wonder how close you are to another car when you are parking your car. The audio beeps on many bumpers help, but sometimes it's great to have a visual.

As I document these ideas, one common trait emerges: accountability affects behaviour. Of course no one likes the 1984, Big Brother, scenario, but people do seem to behave better when there is some sense that they will be called out for their action. I guess the mobile world might create more accountability, for better or for worse.

No comments:

Post a Comment