Lenovo CTO on the future of security, PCs, and the ‘identity blob’

Image courtesy of Lenovo.

From a team of eleven engineers in China three decades ago, Lenovo has grown into the world’s largest PC vendor. We sat down with Lenovo’s Global Commercial CTO Thorsten Stremlau to discuss Moore’s Law of productivity, the password-less future, the tension between the edge and the cloud, and how working on Stephen Hawking’s IT team inspired in him the passion for inclusive technology design.

How do you see the PC or Laptop market evolve in the next 10-15 years for a general enterprise user or consumer?

A lot of that is defined by ergonomics. Even for Gen Z, the idea that one can do everything on a mobile phone is not true. Yes they’re growing up with tablets and online connectivity, but in order to really create content you have to go to an ergonomic form factor that’s suited for what you’re trying to do now.

It does involve, for example, making sure that you enable your form factors with new types of input methods. For example, pen input is something that’s coming a lot more, voice input, gaze interaction and so on. There will still be a large screen, large keyboard kind of environment.

One of the things that’s going to change is how the traditional operating system model of this machine containing my data and my phone are disconnected, with no real synergy between the two.

The question is — how do you then present the data and where does the data reside?

In the future, you may have two identities, you may have a personal identity, and you may have an identity as your business. They might cross, they might also be separate, but you’re going to have an identity and that identity is primarily defined in the cloud. My content, my data, my identity are transferred from device to device in a completely seamless way, depending on where the computational power is.

That’s moving more and more to the edge as we speak?

That’s one of the scary parts; I can’t make that prognosis yet. On the one hand we have technologies like Google Stadia — that’s a game streaming tech – where I can play a high FPS video game on a very low-capability system because it’s mainly doing video streaming across the Internet. Introduce 5G, now I can have full computational power output on the cloud and it’s giving me high resolution, high quality images: it’s all about user experience, right?

However, it seems that our computational power is always one step ahead of where the cloud wants us to be.

We always find more and more things that we can do with the edge that helps user experience. So that’s the difficulty we have right now: where’s the crossover between cloud and edge, and when does the power of the edge fade to the cloud and the other way around?

I don’t think that’s going to be very clean cut. I think we’ll always require some computational power at the edge, and maybe, at some stage, the edge and the cloud will collaborate. I’m thinking about a container that is like a blob that transfers computational power to the cloud, and locally, equally, depending on what the capabilities are. That might be the model of the future, where your identity and your data, your content, is a blob that is load-balanced across the edge and the cloud.

You had previously talked about how computing has obeyed Moore’s Laws, but productivity has not. How does this relate to security?

So the thought behind ThinkShield is to enable new technologies that enable productivity in an easy way. By the way, I can implement technologies that make my life more productive very easily. I can put video cam surveillance in my house that tells me when the milk arrives in the morning, and very quickly get more information out of that that makes me more productive. Or for example, I can dictate to a system – Cortana, Alexa, etc – and it writes all my news articles for me, all by itself.

Those are technologies that are available to make my life more productive, but where’s the security behind it? Especially for large corporations, pharmaceuticals, regulated industries: now Google, Microsoft, Amazon, Apple, have a transcript of what you talked about for the next 6 months!

So when we integrated ThinkShield, a lot of the tech was there to help customers implement security while they’re going through a productivity increase — while they’re enabling a new platform for example to use a fingerprint reader or facial recognition to log on using FIDO technology.

The security versus expedience debate: does there have to be a compromise?

No, there doesn’t — this is something I’m adamant about. The boot performance of a full blown, fully secure windows 10 system is now equal to a system that is completely locked down, and there shouldn’t be a performance impact at all.

Now the problem that the customers have, however, is that enterprises typically have between 5-7 different security solutions implemented on a platform at any given moment from different vendors that don’t talk to one another.

And because they don’t talk to one another, they sometimes fail. Or sometimes it’s the user that disables something, going “oh the antivirus, I think that’s slowing down my system, so I’m going to disable it as an admin.”

One of the things that we drove that’s very important is the ability to give information to the corporate customer about their systems, and the status of the security systems on the platform, that we are able to identify.

Do you guys work with security vendors – for example by having partners in that space – or do you develop everything from the ground up?

We have a strategy which I call “embrace and extend”. There are leaders in this segment, Microsoft, Intel, and a few other ones that own their markets. We’re not going to put out something as Lenovo that tries to compete against that, because that would be proprietary, and that’s going to fail. Our approach is to take leaders in the industry that already work together as much as they possibly can and then extend their capabilities.

For example, Windows has Windows Hello — we embrace that, and we have a solution that we implement on top of that using that same technology, the same camera, called Glance. If someone’s behind you it just shuts off, or when it doesn’t see me, anymore, within 5 seconds, the screen will automatically lock.

We add tech to existing standard solutions to make our devices a little bit better in that industry and make them talk to each other. We try to make it as open and compatible as possible.

Does that work on the level of APIs?

Or, just on the level of partnerships. Lenovo owns a third of every corporate device that’s out there.

30% market share is a pretty strong statement – that gives us a certain leverage with partners to say, “You know what: you guys should really be talking to one another. Can you please make it work together?”

One example of this is FIDO technology — fast identity online. We were one of the three founding members of the FIDO Alliance. Now FIDO is in Windows, in Android, in Chrome, and completely surprisingly it’s even in Apple. It’s password-less authentication at its best; today 81% of breaches are still caused by bad passwords.

Google – as the company, not as the provider — incorporated FIDO and use 2nd factor authentication with a FIDO token. And they have had zero phishing attacks in their organisation since implementing it.

What assurance can the big tech giants give the consumer to assure them that privacy won’t be compromised?

I don’t think it’s the tech companies that are doing [the assuring], I think it’s legislation that is doing that. I think we’re going to see a lot more legislation to ensure that the privacy models are followed — just like traffic regulation is required to make sure that people don’t do stupid things with cars.

Data privacy is also something that I see is a very big threat to everyone because you don’t want to be the transparent citizen that everybody knows everything about. I also want to be able to control what you see based on your preparations for an interview with me, and be in charge of that!

What is the most exciting stuff you’re working on in Lenovo right now?

One of the earliest project teams I was a part of looked after Stephen Hawking’s IT. I helped with the setup and the environment for the wheelchair and laptop that Stephen Hawking had in place. So, helping people with disabilities is something that is very important to me.

I want to make the most accessible technology for whatever sex is using it. Today the camera recognition doesn’t work well for long hair so it’s actually biased towards males. Why should the tech be biased in that particular case? Asians, in particular, have less bifurcations and less fingerprint minutiae. Therefore, fingerprints work less well with Asians. Why am I putting a tech in place that is treating a particular race, sex, age, disability differently to all the others?

I’m excited about driving a lot of innovation into the platform to make sure that we’re not biased, that we embrace diversity. [We’re] looking to incorporate braille technology into the device, looking to enable voice interaction, better feedback on the device, sensor technology, all those different types of things.

We’re working with a lot of very cool people: people who are leaders in diversity and leaders in disability rights in order to make sure this is not just the best laptop in the world but the best device for all diverse and inclusive environments.