And, increasingly, Whitfield now also finds himself in the public eye. Distressingly so, in fact. Incyte Genomics has become one of the most visible players in a pitched debate between academics and entrepreneurs over how to share the knowledge that’s rapidly being gained into the workings of the human genome. Now, as a rough draft of the complete Human Genome Project appears likely to be released in just a matter of weeks, the voices of dissent have become shriller than ever. Even heads of state have felt moved to make their views known.

And at much of this, Whitfield can only shake his head in wonder.

When President Clinton and British Prime Minister Tony Blair recently took the position that genome data should be made freely available to scientists everywhere, people holding biotech stocks stampeded to the exits. You were quoted at the time as saying the panic owed largely to a failure to distinguish between genome sequences and gene sequences. What distinction should investors be making?

What Clinton and Blair were talking about was genomic data — the raw code. When you have that, you actually don’t have any genes at all. The genes have to be predicted from the raw code. And so what Incyte and other companies in the genomics field have been doing for the past five to six years is sequencing the genes themselves. And we’ve managed to compile an almost complete list of those genes. What Clinton and Blair were talking about was making the genomic sequence freely available. And that’s been happening right along. But that’s quite different from the genes themselves, which is where all the commercial utility lies.

For example, when Chromosome 22 was published last December, the Human Genome Project scientists predicted we’d find 545 genes on that chromosome. But because we’d actually sequenced the genes at Incyte, we knew that over 1,000 of our genes would match that chromosome. So they missed nearly half of them. Don’t laugh. They admit it. It’s not like they don’t know about this problem. In fact, they said in their paper that they wished they had a transcribed gene sequence database, which is exactly what we have. And that, of course, is why almost all the major drug and biotechnology companies subscribe to our database.

Now, there’s a lot of academic value in the genome. It gives you things like the gene structure, the promoter regions and all that. It really is the crowning glory from a scientific point of view. But there’s not a lot of commercial value in that. Still, for most people, you say “human genome” and they automatically think you’re talking about all the genes. But that’s not the case. To find all the genes requires a database like ours. And another thing: Once you’ve found the genes, what you then want are physical copies, or clones. And we’ve archived all those so we can make them available to medical researchers worldwide.

In the last few weeks, Tony Blair has come out to say that public opinion should be weighed heavily in the ongoing debate over biotech regulatory policies. That means Britain now joins Switzerland and Iceland, two other countries that have insisted the public’s voice be heard. Do you feel the general public should be part of that discussion?

Absolutely. And the fact of the matter is that they’re involved already. I’m on the board of directors for the Biotechnology Industry Organization, which works all the time with various government agencies on issues surrounding biotechnology. This sounds like an exhortation to do something that’s already happening.

But what that really signifies is growing public awareness. People suddenly want to know what it means to have a copy of every human gene. What does it mean to have genetically modified foods? And these are all legitimate questions, right? So I see these as promising developments — much better, certainly, than people making ill-advised comments or policy decisions based on ignorance.

Incyte describes itself as the leading genomic information company, and, indeed, a recent article in the Wall Street Journal indicates that you hold over 375 U.S. patents on human genomic structures (essentially three times as many as any other organization) and that you have another 6,500 patent applications pending. Are those numbers accurate? And do you plan to make all that information publicly available?

Let me just clarify: What you’re talking about are full-length gene patents, where the medical use of the gene has been described as part of the patent application. As for making that information publicly available, your question actually is a classic example of the general misunderstanding I was just talking about.

What do you suppose happens when a patent issues? Just by virtue of being patented, the information is put into the public domain. So the patents that have already been issued — and we now have 400, by the way — are all, by definition, in the public domain right now. And it’s actually even broader than that, since we’re releasing more than just gene sequence databases; there also are other types of information that are even more valuable. And all that will be put online before the end of the year.

That will solve a huge problem, since, until now, a customer pretty much had to sink $1 million into computer hardware just to be able to run the Incyte database. But by putting all that data on the Internet, everybody will be able to come and use our computer power to perform their searches. So even though the information has been publicly available right along, there was a barrier in terms of computer power. That’s why, historically, it’s only been the drug companies that have been able to work with us. But now we can finally eliminate that last barrier.

But if the information is patented, isn’t there still a cost barrier?

No. That’s another great misconception about gene patents. What the debate is really about is licensing strategy. It’s not about patents at all. When people get upset about a patent, it’s usually because they think they’re going to be barred from using the information. But that only rarely happens. If you look at companies like Intel and Motorola, you’ll find they have thousands of patents. But you very rarely hear anyone complain that they’ve been barred from doing something — and that’s because the high-tech companies generally just cross-license each other. They look at the patent system as a way of getting a financial return on their R&D. And that’s exactly our approach. We license our patents broadly, not exclusively. And so far, drug companies have taken out over 30,000 licenses to our intellectual property.

What about academics and nonprofits? As I understand it, Celera Genomics has announced its intent to make its human genome sequence information freely available to academics without any restrictions whatsoever. Is that your intent as well?

Well, let’s just step back and talk about Celera for a moment. Celera made that statement over two years ago, when they first started, and, as far as I know, they’ve still not put a single bit of human data in the public domain. So I think we should have these debates once people have actually done what they said they were going to do. But as to your question: We absolutely mean to make our information freely available for academic and nonprofit researchers. For us, it’s really just a matter of getting the Web-based distribution mechanisms in place.

What exactly is the basis for asserting patent protection over a gene sequence, since what we’re talking about here is something discovered, as opposed to something invented or created?

Well, now that’s a loaded question. So let’s step back just a bit. Gene patents have been around for 20 years. They’re the whole basis of today’s biotech industry.

Incyte is getting quite a number of gene patents now and, all of a sudden, people are paying attention — and somehow forgetting that this is something that’s actually been of great benefit to the economy for the past two decades. That’s point No. 1. Then all this business about discovery vs. invention — are you familiar with taxol, the breast cancer drug that comes from the yew tree? Well, there again, you have something that’s out there in nature, but has to be purified and isolated before you can make it usable.

If you look at all the genes in the human body, they’ve been around for — what? — 200,000 years. Yet only in the last couple of years have the technologies been developed to purify and isolate those genes for the good of mankind. You saw a trickle of that with Genentech and Amgen, and now you’re seeing much more of it from Incyte and all the other genomics companies. And that’s revolutionizing medical research.

You just look at all the things that are happening today. Doing 100,000 gene scans of patient samples, new ion channels — all that. And it’s just great for the human race. So to imply that these things were just lying around out there for somebody to come along and pick up — well, that’s just a complete mischaracterization of what’s actually happened. People have put a huge amount of capital at risk to purify and isolate all these genes so they can be used for medical research. That’s great for the economy. And that’s just exactly what the patent system was designed to encourage.

Getting more specific, though, my question has to do with how broad the definition of use is. The U.S. Patent and Trademark Office says now that it will grant patents for genes wherever applicants can describe a plausible function. But often those explanations are broad and sketchy. In fact, a highly publicized controversy currently swirls around the development of CCR5 drugs designed to inhibit the transmission of AIDS. While Human Genome Sciences currently holds the patent on the gene that CCR5 targets, the HGS patent application made no mention of the potential HIV connection. And four other research teams, meanwhile, have since filed patents on the same gene that make far more specific claims about the gene’s potential role in the fight to stop AIDS. Under these kinds of circumstances, who should properly be able to claim royalties from the sale of CCR5 drugs? That’s the kind of dilemma I’m looking at.

Again, part of the problem with this debate is that people want to make sweeping generalizations. But every gene patent that’s filed is totally different — different genes, different information, different arguments, different competitors, different research, different methodologies, different patent examiners, the works.

So to make a generalization from the CCR5 matter would not necessarily do the biotech industry any service. That patent has got to have its day in court. It can be challenged just like any other patent.

But one thing I will say about gene patents from Incyte’s perspective is that our customers aren’t expressing any of these concerns. And that’s true throughout the biotech industry. So that means the very people who have to pay these royalties aren’t complaining. And people who wouldn’t have to pay any royalties in any event — which generally are the academics — seem to be the ones who have a problem. So it’s a bit strange, if you don’t mind my saying so. A big part of the problem here is that people’s knowledge of genes is pretty dim. And their knowledge of patents is even dimmer. You put the two together and you get plenty of confusion.

It seems to me that the debate, from a public policy point of view, should turn on questions like: What evidence do we have that these patents are good for the economy? What evidence do we have that they’re bad for the economy? And, as I’ve just told you, the evidence that they’re good for the economy is pretty compelling. You’ve got this biotechnology industry which is growing extremely fast and creating lots of jobs. There are a number of products — human growth hormone, insulin, you name it — that are already out there. And huge pipelines of new products are lining up at all the drug companies. We’re making quantum leaps in medical research.

Now, on the negative side, I say to people: Name an example of how one of these patents has restricted research or led to some negative result. Or make me an argument for why it’s been bad for the economy. And, you know, I’m still waiting.

Princeton molecular biology professor Lee Silver wrote recently in a New York Times Op-Ed piece that the debate over gene patents should be “focused on fair business practices and regulatory issues, not on ethics.” Is that consistent with your view?

Yes. But I wouldn’t phrase it that way. I think the real issues here are about licensing. These are not patent issues, for all the reasons I’ve indicated. From our perspective, the patent system is fundamental to the well-being of the global economy. Issues about any patent, really, always come down to licensing anyway. I think there’s a statute that says if you’ve got a patent on something and you can’t produce it, you have to license it. I’m just using that as an example of the sort of remedies out there to ensure the patent system works for the public good. And it’s an example of how you can fix patent issues through licensing policy. I think we’re looking at all the same issues when it comes to gene patents.

In the Incyte database, for example, there are many new and exciting targets for fighting Alzheimer’s, cancer and the like. But we don’t develop those drugs ourselves. Our policy is to license the patents broadly for a low, single-digit royalty to drug companies — which turns out to be great for them. The genes have already been discovered, purified and isolated, so they save years in drug development. We collect a small royalty and license our information broadly. It’s a win-win all the way around. And that’s the way the system should work. Let’s say Incyte didn’t do that and wanted a 50 percent royalty off every drug, or would only allow its own researchers to work on a particular gene. Then, maybe some public policy issues would need to be discussed. But again, there’s nothing different between that scenario and any other type of licensing arrangement.

It turns out, actually, that one suggestion put forth by a legal scholar at the University of Michigan would have the Patent Office issue “cross-licensing arrangements” in lieu of broad gene ownership patents. Are you comfortable with the Patent Office exploring alternatives like that?

Again, if it ain’t broke, why fix it? I really think the lack of empiricism here is quite appalling. Where is the problem? We are licensing these things nonexclusively anyway. I just wish people would take an intellectually honest view of what’s actually going on instead of projecting problems before they occur. I mean, I keep on hearing academics say, “This is bad because it’ll inhibit research.” But I’m still waiting to see the examples. Where is research being stopped? The fact is, through access to our data, researchers now have thousands more genes to work with than ever before.

So, basically, the great debate amounts to a lot of hand-wringing over nothing?

Yes. At this point, that is empirically the case.

But instead of cutting at this point to the seedy Hell’s Kitchen walk-up of some aging, tough-as-nails gumshoe, we find ourselves in the bright, cheery offices of AntiOnline.com, an Internet security consultancy that tracks hackers and monitors their activities from smack-dab in the middle of Beaver, Pa. And the P.I. the feds are pinning their hopes on? Why he’s no more than some fresh-faced kid in his early 20s named John Vranesevich, a guy who looks like he could just as easily be working the counter at Baskin-Robbins.

But that very same fresh face also graced “Wanted” posters circulating at last July’s Defcon Convention in Las Vegas — the most celebrated hacker gathering anywhere. And it’s Vranesevich’s AntiOnline.com Web site that hackers love to attack above all others. By Vranesevich’s own count, hundreds of hack attacks daily are pretty much the norm.

Why? Vranesevich markets his services not just to the authorities but also to companies looking to protect their systems from hackers — which hardly seems extraordinary. And the site itself simply contains news and information for security professionals, interspersed with ads from big technology players like Microsoft and Verisign. That, too, seems benign enough. But what’s not immediately apparent is that this all represents quite a shift from the site’s earlier roots — stemming from its launch while Vranesevich was still in junior high. For years, the site chiefly trumpeted hacker exploits and provided a channel for hackers to explain their actions and voice their opinions.

All that changed a couple of years back, when Vranesevich stopped praising hackers and started pursuing them. Hackers say it’s because he saw an opportunity to cash in on his inside knowledge. He says it’s because he came to see most hack attacks not as the heroic challenges to authority their perpetrators purport them to be but, instead, as indulgent, self-serving acts of malice. Either way, he declared war on his former comrades in arms. And the skirmishes continue to this day.

Hackers mount assaults on your Web site so relentlessly that you’ve included a feature visitors can use to see who’s attacking at that particular moment. Does all that enmity serve as one of your best security credentials?

Perhaps to some degree. It certainly removes any doubt about whether we’re in cahoots with any of these individuals.

Has anybody ever managed to get through?

As a matter of fact, yes. Just a few weeks ago, somebody got into AntiCode.com, which is our security file library where we archive some 140,000 security sites. One part of that is a community area where people are encouraged to post security information. And the software enabling that is a third-party package. Now, we went through that pretty thoroughly and we did a lot of updates, but apparently we missed one file. And some guy found a way to exploit that to upload files to the home directory — which is how he managed to deface the site.

Did he compromise any data?

No. It was just a matter of defacing, but it was a pretty creative attack. It looked like somebody invested a good deal of time.

What I find so curious is that after struggling so hard to get into your system, some guy chooses to do nothing more than leave his mark, which seems innocuous enough.

But just because I don’t lock my door doesn’t mean you can come into my house and leave a note that says: “Hi, I was here.”

Still, you’ve got to admit these people have a sense of humor. And it seems they’re primarily interested in demonstrating their technical prowess.

Well, that depends. One of the things we do here is break down hacker motivations. And what you’re talking about is what we call the “social motivation,” which almost always revolves around peer acceptance. Generally speaking, the guys we’re talking about would be out tagging their initials on shiny buildings were it not for the fact that they’re already essentially doing the same thing online.

And is this the sort of motivation you suggested when you developed a perp profile for the FBI after last month’s spate of denial-of-service attacks?

Profile? We did better than that. We turned over actual names.

How long a list are we talking about?

Three people. But the profile we initially produced suggested the attacks had been mounted by three to six people.

What else did your profile say?

We said the majority, if not all, of these attackers were operating in the United States. We said 35 to 100 computers had been used in the attacks. We said these people were socially motivated, since we never bought into all the speculation that this was the act of a group looking to manipulate market behavior. And we also said we thought the attackers were in their late teens or early 20s.

What told you that?

Well, for one thing, these denial-of-service attacks haven’t really been around for all that long. The utilities the attackers used didn’t even become publicly available until the latter part of last year. So there really wasn’t a whole lot of time for these people to install their software on all these hacked computers. Imagine installing software on 100 computers. It’s a time-consuming process. It’s also boring and repetitive.

Now further imagine that before you install all that software, you first must break into each computer, and once you’re done loading the goods you have to erase any evidence that you were ever there. That just makes an already time-consuming process a lot longer. So we believe it has to be a group of people who worked together to break into all those sites, install the software and then combine their lists into some master list.

For psychological reasons, these groups tend to always include three people or more, but almost never more than six. Because the hacker culture tends to be rather volatile and very ego-driven, groups of more than six are inherently unstable. In any event, had this group included more than six people, leaks would surely have begun to appear long before now. As for why we focused right from the start on hackers in their late teens and early 20s, that was mostly because people older than that typically won’t run these sorts of risks purely for peer acceptance. That’s just one of those things most people grow out of as they mature. We’re also fairly certain they couldn’t be any younger than their late teens simply because they’ve been mature enough to keep quiet.

Be that as it may, do you think they’re going to get nabbed?

Well, like I said, we turned over three names and explained to the FBI why we think these are the responsible parties. But one of the things that’s hurt this case has been all the publicity seekers. Here you have all these security companies that came out and did investigations, only to announce their findings to the press before going to the FBI. So, in the course of monitoring hacker postings to the IRC [Internet Relay Chat], we came across someone in the security industry posing as mafiaboy, obviously in hopes of finding [someone] who would try to contact him. But while he was trying to figure out who mafiaboy’s friends were, some other security companies were posing as mafiaboy’s buddies to see if they could get in touch with him directly. So these two security companies ended up having several interesting conversations with each other. It was really funny, actually. I spent many a night watching the IRC space, just howling. But, unfortunately, this also helped to create a very confusing picture for the FBI.

Is there anything that could be done to stop distributed denial-of-service attacks?

Not really. That’s what’s so funny about all this.

Don’t you think the recent attacks may have raised awareness enough to encourage people to start thinking about plugging the holes hackers can use to hijack their computers?

That’s never going to happen. Honestly. There’s always going to be someone like my mother who doesn’t know about the latest Windows 98 service package she needs to install. There are so many people online anymore that that’s become unrealistic.

So that leaves you to lurk in the dark recesses of the IRC in hopes of gathering all the hacker intelligence you can?

I wouldn’t use the word “lurk.” We simply monitor public IRC space — about 142,000 forums at present. That includes Web pages, forums, IRC channel newsgroups, mail lists — you name it.

On your Web site, you talk about how the intelligence you gather can be used to stop attacks before they start. Walk us through how that works.

That can happen in many different ways. One obvious example came about when we could see that a group was planning to attack the FAA’s [Federal Aviation Administration's] Web site and we had a good idea of how they meant to go about it. So we simply called the FAA and said, “We know of a hacker group that in 15 minutes plans to break into your site using this vulnerability. You might want to patch it.” That was pretty straightforward. At other times, we’ve obtained more subtle clues. One individual’s motivations, for example, might tell us what sort of targets they’re likely to go after.

You’ve also advocated that your clients, and I quote, “turn the hacker culture against itself to eliminate the threat once and for all.” That sounds deliciously intriguing. But is it legal?

Sure, it’s legal. Why wouldn’t it be? You have these people who are hiding their true identities while they’re getting ready to commit felonies against you. So if you can assume your own hidden identity and somehow convince them not to proceed, I don’t see what the problem is. This may come as a shock, but if I were to represent myself as being from AntiOnline.com, there aren’t a whole lot of people who would want to talk to me about what they’re doing. So what we try to do is simply play the culture against itself. The culture inherently is built upon people seeking to protect their anonymity. But what that means is that disguises are the norm. So when yours is convincing enough, you can fit right in.

But when operating under this assumed identity, I take it you’re not only gathering intelligence but also fomenting dissent.

Why not? A perfect example was when we were trying to break the CD Universe case. What we managed to do was invent people who were part of the scam. And we invented people who could make buys as well as people who could sell, and the whole nine yards. That gave us a way to monitor potential suspects for a while until we could find out what they liked, what they disliked, what their political beliefs were, what sort of jargon they used and all the rest of it. Then, using that, we were able to create a best friend for them who believed the same things, talked the same way and could quickly gain acceptance.

These sound like classic police techniques, only applied in cyberspace.

Absolutely. Basically, we caught the guy who did the CD Universe hack [in which 350,000 credit card numbers were made public] in much the same way an FBI agent would bring down a drug ring. The techniques are classic, but they’re not used very often in the digital realm. There are a lot of adaptations that need to be made, of course. And you really need to understand the culture — just like the people who do undercover work for the FBI need to know a lot about the gangs they intend to infiltrate.

And clearly most cops don’t have a clue when it comes to the Internet — which leads me to wonder what’s going to happen once somebody begins to engage in some real cyberterrorism. Is our so-called New Economy ready for that?

Real cyberterrorism? No way. We’re not ready for that. And I think the best evidence of that came from something called Project Eligible Receiver, which was sponsored by the DOD [Department of Defense] and carried out by the NSA [National Security Agency]. The NSA hackers managed to gain access to systems which they could have used to shut down the entire Pacific command fleet, shut down a significant portion of the nation’s power grid and basically send the whole country into a spin. So I think that shows pretty conclusively that we’re vulnerable. But at least we recognize that and are taking steps to try to mitigate that vulnerability.

And what do those steps entail?

You know, the No. 1 thing is education. With any given network, the weakest security link is always the end-user. So when the Melissa virus was making the rounds, the word went out telling people not to open up e-mail attachments. And that stopped the spread of the virus cold in its tracks. Some people still have to be told not to give out their password when somebody calls, no matter who they represent themselves to be. In the DOD, one of the biggest security concerns has to do with what we call “slippage,” which happens whenever data coming from a secured, classified network finds its way onto an unclassified network.

So data slips really do sink ships?

Yeah. Write that one down. As you know, a certain former CIA director has already been called on the carpet for that very thing.

But in any event, isn’t network security something of an oxymoron?

Yes. We live in extraordinary times. Security right now is a folk art. It really is. If you hired four different security firms today and asked them to secure the same network, each would come back with a different solution. And probably a year from now, each would be compromised in a different way.

Does that mean we’re just a bunch of e-commerce lemmings about to take the plunge?

Yes, I’m afraid so. E-commerce right now is a very dangerous thing. After reading recently about online voting in Arizona, I’ve had recurring nightmares about electing President [Kevin] Mitnick. I mean, if everything else can be hacked, surely a voting system can be broken into. I think, in general, we’re rushing forward much too fast. The Internet was originally designed for the free exchange of information between a large number of people — scientists and researchers, mostly. Now, all of a sudden, the Internet has become commercialized. But it’s still a long way from being industrial strength. So should you be nervous? Yes, very nervous.

The conglomeration process picked up a whole lot of steam in December with the finalization of the company’s merger with Sandpiper Networks, which served to fuse Sandpiper’s content-delivery capabilities with Digital Island’s data delivery and hosting services — as well as its global string of data centers. That was enough to encourage Sun Microsystems and Inktomi to jump on board not just as technology partners but also as significant investors, no doubt with an eye to building the world’s dominant infrastructure for interactive e-business. Real Networks had already announced it would work with Digital Island and Inktomi to enable advanced media streaming across the network and, in January, Digital Island managed to expand on this by acquiring Live On Line, a leading supplier of live multicast and on-demand streaming media services.

Ruann Ernst, Digital Island’s hard-charging chairman and CEO, is at the helm — living life on fast-forward and developing a real taste for the rough-and-tumble.

Digital Island is one of the better company names I’ve come across — it sounds more like prime-time programming than high-speed networking. Still, given all the strategic partnerships you’ve entered into over the past few months, wouldn’t “Let’s Make a Deal” be more apt?

Yeah. Why didn’t we think of that? The thing is, we’re looking to provide the most robust global e-business infrastructure possible. No one company can do it all. It requires selective strategic partnerships to deliver what enterprises need. And those partnerships have to be executed in Internet time. So yes, strategic deals are important to us, and we’ll continue to aggressively pursue those that we think are beneficial to our customers.

Improving performance at the edges of the network has been a big story for you right along, but does the strength of that story get diluted as the pipes and switches of the public Internet continue to get bigger and faster?

Well, actually, what we’ve promised all along is faster, better, guaranteed and richer end-user experiences. That’s really what’s most important. And we’ve always made the trade-offs that were necessary between bandwidth and storage at the edge of the network or at the heart of the network, for that matter, to enhance that experience. Our job is to use the best technology available at any point in time. Part of that, of course, has to do with being the leader at pushing content to the edges, but it’s just as important to be able to guarantee the round-trip response. For example, it doesn’t do E-Trade much good to be able to stream a video clip providing vital background on a company if potential traders don’t have enough bandwidth to be able to respond immediately with orders.

As to whether we’ll ever get to the point where bandwidth is free, I have to say I doubt it. Ultimately, there will always be some trade-off between where to put computer power and storage power and where to use bandwidth in a truly intelligent, distributed network. It’s not just about the size of your pipes. It also has to do with where the content is hosted and many other issues.

You’ve made the claim that your proprietary Footprint technology makes it possible to deliver content more efficiently while dramatically improving overall Web site performance. How will you be able to make good on that?

The Footprint technology, which is patent-pending, contains very sophisticated algorithms that allow us to keep a monitor on the Internet so we know where the congestion points are and how to navigate around those so as to get content to end users as fast as possible. And by “content,” I’m really referring to large software files or streaming media things that are quite large and complex. Footprint also determines the best routing for the user’s response.

In terms of helping clients strengthen their e-business offerings, you also claim to imbue content delivery with “geographic intelligence.” What exactly does that mean? And how does that contribute to improved e-commerce?

Our geographic intelligence is enabled by a capability we call TraceWare. This, too, is patent-pending, and it contains very sophisticated algorithms and a master database that essentially informs an application about where in the world the user is located, with 96 percent accuracy. That may not seem terribly important. But on the Internet, you can’t always even tell what country a user is coming from. So let’s say you’re in the business of marketing music around the world — selling CDs — and that as part of your program you offer visitors to your Web site samples from that week’s top 10 CDs in hopes that they’ll hit the “buy” button while listening to one of them. But if someone signs on in Brazil, my guess is that the top 10 CDs there will be different from the top 10 in Sweden.

What TraceWare does is let you know right off what language the interface should use and which top 10 clips to present. It also helps you determine delivery time, the right payment method to use and much, much more — all without putting the customer through very much. The point is that this can have great value for any international e-business effort. Net Gravity, in fact, takes advantage of TraceWare to determine what ads it can place on a country-by-country basis. After all, why place ads for products that can’t be sold? You can’t pump an ad for Viagra into Singapore, for example, because it’s illegal there.

Since you’ve raised the issue of advertising, let’s slide right over into the media world for a bit. AOL’s recently announced intentions to acquire Time Warner have largely been characterized as a broadband play. Given that AOL already is a customer of your content delivery service and that you’ve already announced plans to integrate those same services into the Road Runner broadband cable network (in which Time Warner has a huge interest), how is the AOL Time Warner deal likely to affect you?

Let me add just one more piece to that: Warner Brothers is also a customer of ours, which does create an interesting scenario. We, of course, are very interested in the proposed acquisition and believe that, if anything, it will just increase our opportunities, since we already have established relationships with so many of the involved parties. But even beyond the synergies that come out of the acquisition itself, we feel we’re well aligned with the goals the combined companies will ultimately pursue.

What are the strategic implications?

Whether you’re talking about AOL or Road Runner, their content distribution focus so far has revolved around the last mile. And AOL Time Warner is certainly going to have plenty of content to move around. Put those two points together and I think you can see that this is likely to create some significant global infrastructure opportunities that we’ll be more than ready to satisfy. What could be better? We’re not in the local access business or the content business. They, on the other hand, aren’t in the global infrastructure business.

Another merger I’d like to focus on is your own with Sandpiper Networks. Looking back just a few months, you’d have to say that what amounted at the time to a $630 million acquisition looks very much like a steal today especially given that Sandpiper’s principal competitor, Akamai, currently enjoys a market valuation somewhere in the $20 billion neighborhood. That’s the good news. The bad news is that, with all that money flowing in, Akamai is beginning to look like the 900-pound gorilla of content delivery. Does that keep you up at night?

One certainly has to recognize that a player like that is on the horizon. But it doesn’t keep me awake at night because the market is so huge. No matter how fast Akamai moves, there are plenty of customers that need the sort of e-commerce service we offer. Also, while both companies provide for content delivery, I happen to think our technology is much better. And what’s even more important is that we also provide the ability to handle the round trip to complete the transaction. And that’s something Akamai doesn’t do. So I think they have a piece of the solution, but not the total solution. And we believe corporations moving to e-business will want a better integrated approach.

So you’re saying that Akamai is a content pusher while you’re an e-business solution?

An e-business delivery network, actually. We’ll be happy to have other people handle the applications. We just want to be the carrier.

Twenty years later, Basu was heading up HP’s 1,400-person e-business software department when she called it quits to join a new start-up. Basu plans to shake up the way companies think about their customer support. And it’s a field where she thinks women have an edge.

The number of senior women executives certainly has increased significantly in recent years, along with the growth of e-commerce. Do you see a relationship?

I certainly do. I think the Internet is a medium that rectifies a lot of inequities. You have 22-year-olds launching companies, you have women achieving very senior positions in a short period of time. And that’s all quite different from the more entrenched brick-and-mortar world.

Do you think that’s because Internet companies tend to be run by younger executives?

That’s part of it, but what I think is even more important is that the whole Internet phenomenon is very customer-focused. And one of the things about women is that we’re able to look at customer needs, be appreciative of them and develop cooperative, win-win relationships.

What do you see as your most immediate challenge?

Today, what I really lose sleep over has to do with building the company from a scalability point of view. That may not sound very sexy, but I believe if you want to be involved in the Internet infrastructure for the long term, you have to make the necessary investments to scale your operations and ensure the reliability and predictability of your services.

That sounds suspiciously like corporate IT thinking. Is that your principal focus at the moment?

Well, corporate tech support is an important market. But you also have to bear in mind what e-support means to our customers — and the relationships they have with their customers. Often the only contact point the customer has with the vendor is the “support analyst.” And that’s especially true if you sell on the Web.

So I believe you’re going to find that support becomes an increasingly important area in terms of helping our customers differentiate themselves from the competition. We can’t think of customer support as just being technical support, because it’s also becoming the focal point for interacting with customers.

You’ve said your goal is to make Support.com the Inktomi of support sites. Can you explain what you mean by that?

After leaving H.P., I consulted with Inktomi for a while and I really admire the company. They provide the infrastructure behind most of the successful destination portals. They’re the traffic cops and it’s their search engine and caching technology that makes that whole thing go. So in the same way, I’d like Support.com to become the infrastructure behind every Internet support portal, every intranet support portal, and every extranet support portal.

What do you offer to help make that happen?

Our DNA Probe [technology] lets us provide technical support to any computer user anywhere on the network. Since desktop systems and the applications they run can be configured in many different ways, it’s vital that the help desk be able to look at how a system has been put together before it tries to troubleshoot. The DNA Probe makes that possible by going out to discover the application’s state, the way that state is managed and the configuration dependencies that have to be accounted for. That’s the first step. And on the basis of that, the DNA Probe creates a real-time map of the system. That means that at any time, on any trigger, we can go out and create that map. Then we can use it to diagnose the problem.

And once we’ve got that handled, there’s a healing component within the DNA Probe that automatically fixes problems. So that gives you automated discovery, diagnosis and healing — and all of it over the Web.

“Healing” sounds like a great idea, and it’s a term that PC manufacturers are throwing around a lot these days. But exactly what does it mean?

I think what’s happening is that PCs aren’t even commodities anymore. They’re getting dangerously close to being giveaways. So now PC manufacturers are getting into the business of offering managed PC services. Micron is one example. In fact, their managed PC service is called Connectedsupport.com. And they use our technology to deliver that. For them, it’s a means of survival. And self-healing in that case means that customers are able to help themselves to the information and support services they need.

I believe that for subscription computing [where hardware is sold for a monthly fee] to be successful, support has to be an integral part of the offering. I cannot believe that any consumer would sign up unless they could be assured of good, solid e-support as part of the deal.

Given the accelerated depreciation cycles for computers, I wonder if it even makes sense to buy hardware anymore.

I agree. Certainly, I don’t want to buy hardware. I just want to get the service I need — with the knowledge that in six months, if the hardware needs to be upgraded, the vendor will go ahead and handle that for me.

For now, though, the vendors that have embraced the subscription model seem to be targeting small businesses. Why not larger organizations as well?

Actually, I think we’re already beginning to see some evidence of that. Some of our larger customers — companies like Computer Sciences Corporation and Compaq — are becoming service providers not just to small and medium-sized businesses, but to large corporations as well. And within those corporations, I think you’ll soon see that their IT departments start to use the service-provider model to improve the delivery of internal support.

Do you see Support.com doing some evangelizing?

Yes. We’ve worked enough with the earliest ITSPs [information technology service providers] to know what’s required there. And I expect we’ll continue to be one of the leading enablers in that space. But we’re very clear that our job is to provide Internet infrastructure for support. So we’re not just about to eat our own children by setting up destination portals and acting as a service provider ourselves. I know that it’s sexy to be in the destination portal business and to be branded. But I think that competing with your own customers is not the way to build long-term, stable growth.

Word has it that you decided to leave your 20-year career at H.P. while trekking in the Himalayas. Looking back, would you say the higher elevation allowed you to see more clearly? Or were you just oxygen-deprived?

I’d like to believe it was the pull of the mountains — being able to step back and look at things in a spiritual context. But maybe the lack of oxygen helped, too.

And play he did, while his small company, Unwired Planet, evolved into Phone.com — now generally recognized as a major player in the boundless space between computing and telecommunications. It’s a position the company has earned by developing and promulgating the Wireless Application Protocol (WAP), the software layer that enables Web browsing on wireless phones in spite of the limited screen size, spotty connections, thin bandwidth and low processing power. Together with telecom heavyweights Ericsson, Motorola and Nokia — the holy trinity of the wireless world — Phone.com helped to form the WAP Forum a little over two years ago. And since then, just about every big name in telecommunications and computing has hurried to get on board. All of which means that nobody wonders anymore about whether the French engineer is off his nut. They just want to know what he’s thinking about now.

The WAP club now includes over 150 members, representing some 95 percent of the world market for wireless handsets. That has to be gratifying. But does that mean you’ve won the standards war? Or just the first battle?

One correction: The club now includes 250 members. It’s growing extremely fast. The number you’re quoting is based on a snapshot taken back in September or October, which just goes to show how tremendous the momentum really is. There’s no doubt in my mind we’ve won the standards war. When you have that many companies with that much power representing that much of the world market all agreeing on one way of doing things, that way is the way.

There are some people up in Redmond who continue to hold out hope that some permutation of Windows CE will become a contender.

Fine. Let them hang on to that hope. I would say the likelihood of that is very, very, very low. No single company in a carrier-dominated world is going to be able to dictate the standards. The reason 250 companies have lined up behind WAP is because it’s a standard that belongs to everyone. Of course, we’re center stage, which is a good place to be. It’s always good to be the company that invents something everybody else adopts. But what we did was relinquish control so the standard could gain general acceptance. That’s the kind of trade-off that businesses are faced with each and every day on the Internet. And making that decision is what propelled us to where we are today.

By extension, I take it you’re saying you don’t believe Microsoft would make a similar trade-off?

That’s not what they do for a living. And there are other factors as well. One of the things that has made WAP so vibrant is that we’ve targeted the mass-market wireless phone — a very unlikely device, frankly. Coming from a PC perspective, it looks like an extremely limited device. On the other hand, it’s a magical device that over 1 billion people will carry two years from now. It also knows how to do voice — and there’s a lot of work being done to expand the voice capabilities WAP supports. What’s more, it’s a device that knows where it is — with the network tracking you as you move around.

But what really makes a wireless phone interesting is that it’s much more personal than your PC. It’s with you and it’s on all the time. It’s in your pocket. And this world of very personal, very small devices is one that’s foreign to Microsoft. Part of their difficulty is that Windows CD and CE are targeted at devices that are less constrained. And that just goes to show how difficult it is for Microsoft to shed its PC heritage.

Bringing Microsoft into the WAP fold was quite the coup for you. Still, being in bed with the praying mantis of the software industry must make for some sleepless nights.

Well, WAP is open. So anybody who agrees to abide by its bylaws is welcome. But that includes opening any patents you have, agreeing to never block the standard and doing a lot of things that can’t be easy for Microsoft. Still, if you agree to all this — which Microsoft has — you’re part of the club. And we’re delighted because, frankly, it’s better for Microsoft to be inside than for us to have to fight them.

Reports indicate that you expect to derive most of your revenue this year from the sale of WAP servers. But, with Nokia and Ericsson planning to roll out WAP servers of their own, do you foresee your emphasis shifting more to application development?

Yes. Today, we actually sell three types of products. We sell WAP servers, of course. More competition is coming, to be sure, but you’re looking at a global marketplace that’s so large that no single company could ever hope to own the whole of it. We’re also successfully selling a service platform on top of WAP which delivers all the real-world features that carriers need. And then above that, we started supplying WAP applications about a year ago. We definitely believe that represents one of our greatest opportunities for the future. In fact, we’re already enjoying a fair amount of success in Japan. We’re one of only a handful of companies that have ever managed to sell big applications into the telecom space there. Hundreds of thousands of users are already using our personal information management calendar and address book.

And we’re going to continue pursuing other such application opportunities aggressively. You may have heard that we just recently acquired a voice portal company. The main purpose is to enhance our application base with voice. One of the ways your phone is different from your PC is that your phone is primarily a voice device. And we actually see voice and WAP as flip sides of the same coin. Sometimes you want to hear about your calendar and sometimes you want to see it. So we’re adding the voice dimension to an offering that’s already proving very popular. And this again shows how the Net world is different from the PC world. There simply is no equivalent for this on the PC side.

Although, of course, voice capabilities are being added to PCs as well.

Naturally. But it’s not the primary mode of operation. What I’m talking about is a little pocket device that you have in your hands when you’re driving and you want to use voice commands to get at your Web data. The technology we’ve developed to help you do that is very impressive. You can do marvelous things by combining WAP and voice.

When do you think it will be possible to make the transition to more transaction-oriented applications that people can use to execute stock trades, pay bills and transfer funds?

We’re actually seeing the first signs of that right now. Pricewaterhouse is shipping a full stock-trading application on WAP. And Amazon has a WAP-compliant order interface that costs me a lot of money already because every time I demo it, I end up buying a book. But I love that app because it embodies our vision for “m-commerce,” which is what we call mobile commerce. Think of all the potential in that — if you have an Amazon account, you’re now able to buy a book with just two clicks on your phone.

Are there impediments in the current wireless infrastructure to deploying these kinds of applications?

You know, I wondered myself. But so far, Amazon hasn’t hit any bumps in the road — none whatsoever.

What do you see as being the killer app that will make WAP “must have” technology for the long haul?

You know, one of the things I learned about the Internet early on is that it doesn’t really revolve around any single killer app. It’s more like 100 killer apps. And that varies from one person to the next. I’m sure that for some portion of the population, Salon.com is a killer app. But then there are other people who are more focused on stocks. The Internet is more personal, and the contact points with individuals are constantly shifting.

What we’ve found is that e-mail and person-to-person messaging are by far the most popular apps in Japan, which is presently the most advanced market for our technology — easily one and a half years ahead of the U.S. They’re sending each other messages and replying PC-to-phone, phone-to-PC, phone-to-phone  you name it. The traffic is so heavy that we’ve had to aggressively upgrade all our servers over there to handle it all. In other parts of the world, we’re finding that stocks and sports apps are what people are most attracted to. Some people would tell you that the ability to rebook flights and change itineraries is what’s most important. And we’re finding in Japan that games are also a very big deal.

What happens with the addition of GPS capabilities?

That’s still about a year or two away, but it’s going to be very big. Right now, the network knows where you are — or at least what cell site you’re in. So we already can create applications that leverage the fact that we know where you are within a half-mile radius. We know what city you’re in and maybe even what block you’re in. But with GPS, the phones will know exactly where you are. And that will revolutionize the types of applications we can deploy on a phone. Getting an exact location is an unbelievably powerful function. And I think we’re just beginning to understand how you leverage that. But I assure you there’s a lot more to it than simply delivering driving directions. We’re already doing that.

The recurring theme in what you’re saying seems to be that this technology is so fundamental that you really have no earthly idea of what people are going to do with it. People continue to surprise you.

Actually, I told my guys early in the life of the company that if we’re not surprised by what we create, we’re selling the company. Guess what? We’re not selling.