Why Open WiFi Security Isn't a Problem

In a study of almost 2,500 access points in Indianapolis, presented at the Workshop on the Economics of Information Security at the University of Cambridge on Monday, researchers found that 46 percent were not running any form of encryption.

But the article this comes from goes on to quote several sensible comments on this fact, including one from the ever-dependable Bruce:

security expert Bruce Schneier argued that as long as people's devices were secure, having a secured network was unnecessary.

"I have a completely open Wi-Fi network," Schneier told ZDNet UK. "Firstly, I don't care if my neighbors are using my network. Secondly, I've protected my computers. Thirdly, it's polite. When people come over they can use it."

There are also wise words from Microsoft's chief privacy adviser for Europe, Caspar Bowden:

"If you do want to secure your network, look at end-to-end solutions rather than some of the dodgy crypto around like WEP," Bowden said. "There's only one thing worse than no security, and that's a false sense of security," he added.

Amen to that.

More Kudos to Auntie

Another sign that at least some people at the BBC get it.

There's a good post by Paul Mason about user-generated versions of sporting events (I gather there's something of the kind going on somewhere at the moment). He points out that all sorts of content are starting to turn up on YouTube. I was particularly struck by this paragraph:

Other spin-off coverage is the rise of the montage-to-music genre of football imagery to make a point. This excellent lament by a S Korea fan of their trouncing by Switzerland is a case in point....though because it is composed of copyright images you will have to click thru to it rather than running it on this site...

This treads a fine line: it doesn't directly take on the copyright thugs, but it certainly doesn't condemn what's going on either. Obviously, a high-profile institution like the BBC has to be careful, but this sensible, moderate approach augurs well for the future. (Via TechDirt.)

Welcome to the CodePlex

Talking of chasing tail-lights, I see that Microsoft has followed up shared source, its not-quite-open-source initiative with the CodePlex, a kind of milk-and-water SourceForge. (Via Matthew Aslett.)

Horror vs. Horror: A Study in Contrasts

As TechDirt notes, it's rather curious that not one but two articles about Nathan Myhrvold's Intellectual Ventures should appear almost simultaneously. One is in BusinessWeek Online, and the other in Fortune.

Both tell the frightening story of Intellectual Ventures (IV) that I've commented on before. What's interesting here is the study in contrasts that the two features offer. It's worth reading both, just to make your flesh creep.

The Fortune piece is better, because it has a real nugget:

Microsoft confirms to FORTUNE that it is putting $76 million into IV: $36 million as an equity investment and $40 million for the right to use IV's inventions, with an option to invest an additional $40 million later.

This is an important fact, because it shows why Intellectual Ventures is likely to become the twofold bane of the open source world - because patents are problematic in general, and because it will be convenient for Myhrvold's ex-boss.

Any Port in a Hurricane

Microsoft has a guilty secret: Windows runs on very hardware platforms. GNU/Linux, by contrast, is a port monster: if it's digital, someone, somewhere, has probably done a port. But even I was impressed to find that GNU/Linux has been ported to a hurricane simulator....

SuSE on a Stick

Computer Weekly (disclaimer: in a parallel universe, I used to write for this a lot) reports on a SUSE Linux Enterprise training course contained on a portable USB drive.

What's most interesting about this is that it presages a future when everything is on a stick - Knoppix DVDs, the complete works of Telemann, everything that we now buy on CDs and transfer to a hard disc. In fact, one day, people will laugh at the idea of putting valuable data on thin discs coated in magnetic powder spinning at high speeds - rather as we do at the idea of mercury delay lines. (via LWN.net.)

Taiwan Gets Ready

Here's an interesting twist on government requirements:

The Central Trust of China, Taiwan's government procurement agency, has commissioned the Taipei Computer Association (TCA) to ensure that bids from PC vendors include equipment that are compatible with Linux.

Now, at the moment this only requires hardware to be certified as compatible; but there's little point mandating this particular kind of hardware if you're never going to use it....

Ain't That the Trout

A lovely story told by Solveig Haugland that provides insight into the real reason people don't all switch from Microsoft Office to OpenOffice.org, and how to overcome it. (Fab artwork, too.)

RMS on DRM

Groklaw has a short interview with RMS. Nothing really new, but the following is well put:

this is an interesting example of the difference between Free Software and Open Source. Some people promote what they call "Open Source DRM". Now, recall the difference in fundamental values between Free Software and Open Source. In Free Software, our values are freedom and community. We want to be part of a community of free people. Whereas, in Open Source, they talk about making powerful, reliable software and they promote a development model. Now, for us, the question of how a program is developed is a secondary issue. I mean, if some models work better than others, fine -- use them. But that's not what's really important to Free Software, to people who value -- who support the Free Software movement and value freedom.

So, there are people who say that they could apply that development model to developing software designed to restrict us. And maybe it's true; maybe if people study and share and collaborate in developing software designed to take away our freedom, it might become more powerful and reliable in taking away our freedom. But that's a bad thing. That's evil. It's -- in spirit, it's similar to collaborative development of a virus. If something is evil, we don't want it to be done well. We want it to be done as badly as possible.

(Via Slashdot.)

Microsoft's WinFS: Not Pining for the Fjords

"Chasing tail-lights": that's all free software ever does, according to Microsoftie Jim Allchin. Open source never innovates, you see, it only copies. Unlike Microsoft, the paradigmatic Great Innovator.

Take WinFS. A truly interesting idea, for reasons this Microsoft introduction makes plain (no, really). It was announced as part of the great, innovative vision for Longhorn/Vista, but as the note at the top of the page in the previous link warns:

UPDATE: In spite of what may be stated in this content, "WinFS" is not a feature that will come with the Longhorn operating system. However, "WinFS" will be available on the Windows platform at some future date, which is why this article continues to be provided for your information.

Ah, well, never mind. At least that innovative feature will be available on the Windows platform at some future date.

Or maybe not. This blog posting by the WinFS team essentially says WinFS is not deceased, it is merely pining for the fjords. Most of those commenting are unimpressed by this innovative way of looking at things.

This one is representative:

Wow. Talk about spin.

I'm normally a pretty strong supporter of MS, but I don't hesitate to lay into them when they deserves it. This blog posting is pure spin. WinFS is dead.

Or to put it another way:

This WinFS is no more! It has ceased to be! It's expired and gone to meet its maker! This is a late WinFS. It's a stiff. Bereft of life, it rests in peace, if you hadn't nailed it to the perch it would be pushing up the daisies! It's rung down the curtain and joined the choir invisible! This is an ex-WinFS!

Maybe Microsoft could chase open source's tail-lights instead - if it bought some binoculars....

Update: Jack Schofield has written a good history of the rise and fall of WinFS.

Not With a Bang But a Whimper

Could Paul Maritz be the emblematic man of early 21st century computing? I know, I know, it seems unlikely at first sight, but remember that Maritz was one of the archetypal Mr Microsofts during the latter's heyday. He was also part of a vast wave of defections as it became clear which way the wind was blowing.

Which is what makes his new company, PI Corporation, particularly interesting. Its premise?

The PC and the "GUI" interface of the 1980’s and 1990’s made it possible for tens of millions of people to author and manage documents. But with the spread of the Internet, the number of items of information users need to deal with has increased dramatically. The established metaphors and tools for dealing with this mass of information are starting to creak and groan. Just look at the average persons “inbox”.

We're routinely dealing with thousands of items of personal information - documents, email messages, web pages, calendar items, contacts, pictures, etc. The folder, desktop and drag-and-drop metaphors are no longer up to the task.

and

we believe that users should have their PI always available to them, wherever they are and whatever device they are using.

PI accomplishes this allowing information to be replicated across machines and devices, freeing the user from being dependent on a single device.

Sounds to me like Paul has rather gone off Windows and PCs. Instead, he seems to like Net-based distributed architectures. Note, too, how Windows and GNU/Linux are mentioned in the same breath, as are IE and Firefox - because the end-user platform doesn't really matter anymore.

Maybe he's on to something.

Publishing in the Age of Openness

OpenBusiness has an interesting interview with one of the Economist's technology corresponents. He has some sensible things to say, for example on copyright:

What is needed is balance, and clearly we need to redraw the scales in favor of encouraging the new creativity that technology enables — with an open-business approach in mind. Only a fool would stand against the crashing tides. It’s hard to see the protections granted to incumbent content industries as anything other than anachronistic privileges and economic protectionism. It certainly doesn’t help matters that they’re suing everyone and lobbying legislatures to strengthen their rights, even though it holds back incredible public creativity.

and on peer production:

Online, with no physical space constraints, entries can expand indefinitely. Take that, and add to it that peer-production tends to be cumulative, and the result is there is a tendency for things to grow, but little editing function to condense it into a more useful form. There is a great value not just in completeness but being concise — maps are drawn at scale rather than actual size for a reason.

Self, note: be concise.

Openness and Randomness

A wonderful dotty Tory story.

The Conservatives in the European Parliament are worried about the INSPIRE directive. As you may recall, this will allow public access to geospatical data.

Good thing, you might say. Not according to the Euro-Tory Geoffrey Van Orden:

I am very concerned that, in spite of Conservative opposition (not supported by the wider EPP-ED Group), the Parliament has passed amendments that allow for unlimited public access to certain spatial data including oceanographic survey data.

From this it would be possible to identify trends in sea areas that are being surveyed and the timescales involved. Analysis of such information over time could lead to conclusions about naval patrol routes. This has clear implications for the safety of Royal Navy vessels, including the nuclear deterrent force.

So from this we may deduce that naval patrol routes are completely predictable - if they were random, they'd be no problem. But since there are plenty of people who already have access to geospatial mapping data - the Americans,the Russians, the Chinese (presumably) - this also means that they know exactly where Her Majesty's Ships are (including the nuclear deterrent force.)

So, Geoff, rather than complaining about the openness of this geospatial data, wouldn't it be better to campaign for the Royal Navy to introduce a little randomness into its routes?

Genome, Transcriptome, Proteome...Variome?

It's early days yet, but somebody's hoping to put together a database of all human gene variations, dubbed the "Human Variome Project". One intriguing comment:

The HVP also needs an estimated US$60 million over five years - and it is not yet clear where that money will come from, though web giant Google has said it is interested in providing some funds

Whoops, there's that Googling the genome meme again....

Uncommon Nonsense on the iCommons

Originally I was going to leave this article on iCommons and the global digital commons alone, since it doesn't really deserve Margaret's "oxygen of publicity", but upon re-reading parts of it, I feel that some of the crasser assertions shouldn't go unchallenged.

For example:

The Creative Commons project is a curiously inverted attempt to use a private property regime to reproduce a "common" (understood, for me at least, as a non-owned culturally shared space of culture, knowledge or ideas). Put another way, Creative Commons seems to be attempting to create a shared public resource through a clever bit of tweaking of copyright, without the messy and difficult problems of educating citizens to the important of a public domain (or "common" good).

Well, actually it's just doing what Stallman did with the GNU GPL 20 years ago: if you understand the GPL, you understand what the Creative Commons is trying to do, and how.

Or:

In one way this raises questions about to what extent national states' sovereign control of their intellectual property law can be transcended in this way. It raises important questions about how this project might be perceived as a threat to the national interest of any single state. Will governments be happy to watch their cultural products seep away into an American founded "common" or will they legislate to make Creative Commons type projects illegal or regulated?

The idea of the commons is well-nigh universal concept that has only been lost in recent years; moreover, by definition, it's for everyone: it doesn't take away, it gives. "[I]ntellectual property law", on the other hand, of whatever "sovereign nation", nearly always takes away, because it simply defines the intellectual monopolies it grants.

Or even:

There may also be concern from a western perspective about the leaking out of protective national spheres of certain technologies and knowledges (issues raised by encryption software or GNU /Linux giving a technological boon to software development skills in China, for example).

I'm speechless: so we're worried about all those nasty furriners getting all this dangerous high-techy stuff like encryption (which they have already) or even - Heaven forfend! - that these Chinese devils might learn to program.

There, I knew I shouldn't have given it that blast of oxygen.

ODF: the Belgian Domino Falls

And another one:

The OpenDocument Format (ODF) is to be the standard format for exchanging documents within the government, according to a proposal that is expected to be approved by Belgium's Council of Ministers on Friday. The plan increases the pressure from governments worldwide on Microsoft to embrace open standards.

Update: And maybe India too, one day?

Open Source History and Wikipedia

At times it seems that discussions about Wikipedia generate more heat than light. Even the supposedly objective comparison of Wikipedia and Encyclopedia Britannica made by Nature has descended into an ugly scholars' brawl. So it is something of a surprise - and a blissfully pleasant one at that - to come across a discussion of Wikipedia that is insightful, fair, well-written and downright fascinating.

The essay in question is called "Can History be Open Source? Wikipedia and the Future of the Past", and it's written by Roy Rosenzweig, Professor of History and New Media at George Mason University.

The essay is long, but it is well-worth reading all the way through its detailed comparison of Wikipedia and conventional reference works (there's a fine summary at the The Institute for the Future of the Book if you really need it). One of its shrewdest observations is the following:

Overall, writing is the Achilles’ heel of Wikipedia. Committees rarely write well, and Wikipedia entries often have a choppy quality that results from the stringing together of sentences or paragraphs written by different people. Some Wikipedians contribute their services as editors and polish the prose of different articles. But they seem less numerous than other types of volunteers. Few truly gifted writers volunteer for Wikipedia.

This piece stands as simply the best writing on Wikipedia yet. (Via Openpedia.org.)

Just Do It, Larry

Larry Ellison has been teasing about coming out with his own GNU/Linux distribution for a while, and he's at it again. This time, he makes a good point:

Observing that Linux is free to anybody and that the current Linux distributions don't own their IP, Oracle CEO Larry Ellison said that Oracle could just go and take Linux, and support it better than anyone else and become the "number one distributor."

Do it, Larry, just do it: at best, you might just succeed; at worst, it will be an educational process for you.

The Case of Felten's Felt Collar

Ed Felten is one of the original geek heroes, for reasons this TechDirt post explains. Such a hero, it seems, that he's high on the content industry's hit-list as the Man Who Knew Too Much. Now they are trying to re-write history and cast him in a different light, as Tim Lee has spotted.

The revisionism comes from one of those institutes whose name is entirely made up of misleadingly neutral terms - "Policy Innovation", in this case. This is generally a clear sign that it is anything but neutral, and usually funded by those with vested interests in the field it covers.

I can't find any information on the site about where the money comes from: maybe it's done out of pure love of intellectual monopolies and unbridled capitalism.

The Geek God Who Didn't Matter

Some nicely provocative journalism from Business 2.0. Alongside the dull and entirely predictable list of "50 people who matter" is the infinitely more interesting "10 people who don't matter". And who should we find amongst them but that nice Mr. Torvalds.

And in a way, it's true. As I wrote in Rebel Code five years ago:

Linus is unique because he was able to serve as a focal point for ... advances to come together to create a complete methodology that is now central to the continuing success of the open source movement and that offers the first plausible alternative to the current - and creaking model of software development. But Linus is also replaceable because of this methodology, which allows programming and architectural decisions to be relegated to specialised circles of experts; and thanks to this methodology even his leadership style - that of power wielded in subservience to the user base - can be distributed more widely.

Why the Open Management Consortium Matters

You wouldn't expect something with as grey a name as the Open Management Consortium (OMC) to be hugely important. True, it deals with a crucial area, that of systems and network management. But the real interest lies elsewhere.

For probably the first time, an extensive group of open source companies are consciously joining together to address a new market. To the six original members of the group, many others are being added. Most of these, it is true, are quite small, but some are increasingly well-known names in their own right - for example, Hyperic, which only recently converted to open source.

These moves matter because they suggest that open source is passing to the next level, where individual companies stop acting alone and start working together to offer complete solutions that are otherwise only available from established proprietary behemoths. I predict that this "OMC model" will become increasingly widespread in the world of open source enterprise software.

Redeeming Flash with Fjax

I hate Flash. But just suppose it were possible to use it for something else, other than mindless, TV-style animations.

Enter Fjax. Ignore the buzzword overload - "Fjax is the lightweight, cross-browser, rapid-development methodology for Ajax-style web 2.0 development" - and you find its real purpose is to redeem Flash:

Fjax, short for Flash/JavaScript/and Asynchronous XML, is about using Flash as an invisible parsing engine to seamlessly deliver XML-based pure (x)HTML content interactively to browsers, all on the client-side. The kicker is that Fjax typically weighs in at a tenth of the size of normal Ajax solutions.

Keeping it simple (the http://www.fjax.net website runs on less than 65 lines of Fjax code - weighing only 4 total kilobytes!) means quick, light-weight code that is easily editable. Since the XML parsing happens in Flash, 90% of the redundant browser-specific code in a typical Ajax application completely disappears! And unlike the other Flash and Ajax integration projects out there, the outcome of Fjax is not Flash and (x)HTML, but a pure (x)HTML experience (which could contain an integrated visual Flash experience, but that isn’t required).

Using Flash to produce ordinary, non-Flash Web content more efficiently: utterly brilliant. God knows what their business model is, though. (Via eHub.)

PLoS Blog Blogs on Bloggers

I was giving the PLoS bloggers some grief over the absence of any postings about the financial situation there - not so much because I think the latter is serious (I don't - I'm with Jan Velterop on this), more that one of the great things about blogs is that they permit very rapid responses.

Chris Surridge Mark Patterson has now addressed this issue. Several other posts show that he his colleague, Chris Surridge, is keeping a close eye on the blogosphere, and beginning to respond more quickly to comments on other blogs. Given the path that PLoS ONE seems to be taking, this kind of awareness and interaction will be absolutely crucial to its success.

It's also good to see some technical details of PLoS ONE emerging - and that everything is resolutely open source.

Novell in Trobell

As Oscar Wilde might have said, "To lose one CxO may be regarded as a misfortune; to lose two looks like carelessness."

The news that both the CEO and CFO have been booted out at Novell is a Bad Sign. Much as I cheered Novell's decision to jump on the open source bandwagon, in my heart of hearts, I feared that it was going to end in tears.

Remember, Novell refused to adopt TCP/IP for many years, as it tried to defend its proprietary IPX/SPX. Just how wrong can you be?

Stolen's a Strong Word, a Wrong Word

Interesting point in this Computerworld blog posting:

If you read way down to the bottom of a Wall Street Journal interview with Bill Gates that ran yesterday, you'll discover that the Microsoft executive admitted to watching pirated movies on the Internet.

Unfortunately, Wall Street Journal is subscribers only. But the key exchange was the following:

WSJ: But those were stolen, correct?

Gates: Stolen's a strong word. It's copyrighted content that the owner wasn't paid for. So yes.

Yes, stolen is a strong word - and the wrong word. Nobody lost anything when Gates viewed those YouTube videos. On the contrary, those who produced that content gained something hugely valuable: the attention of the richest man in the world. Gates was actually giving, not taking, and he was right not to accept the WSJ's simplistic description.

This exchange alone shows why most thinking about copyright and its so-called infringement is wrong-headed, and why this whole area needs to be re-thought in the light for the digital age. Alas, the blog posting's analysis gets it completely the wrong way round. (Via Digg.)