21 November 2007

Decentralise Your Data - Or Lose It

Aside from the obvious one of not trusting the UK government with personal data, the other lesson to be learned from the catastrophic failure of "security" by the HMG is the obverse to one of free software's key strengths, decentralisation. When you do centralise, you make it easy for some twerp - or criminal - to download all your information onto a couple of discs and then lose them. A decentralised approach is not without its problems, but at least it puts a few barriers in the way of fools and knaves.

Hardware is Like Software? - Ban Hardware Patents

I won't bother demolishing this sad little piece on why software patents are so delicious and yummy, because Mike Masnick has already done that with his customary flair.

But I would like to pick on something purports to be an argument in the former:


One needs to understand that there is fundamentally no difference between software and hardware; each is frequently expressed in terms of the other, interchangeably describing the same thing. For example, many microprocessors are conceptualized as software through the use of hardware description languages (HDL) such as Bluespec System Verilog and VHDL. The resulting HDL software code is downloaded to special microprocessors known as FPGAs (field programmable gate arrays), which can mimic a prospective chip's design and functions for testing. Eventually, the HDL code may be physically etched into silicon. Voilà! The software becomes hardware.

Well, that's jolly interesting, isn't it? Because it means that such hardware is in fact simply an instantiation of algorithms - hard-wired, to be sure, but no different from chiselling those algorithms in granite, say. And as even the most hardened patent fan concedes, pure knowledge such as mathematics is not patentable.

So the logical conclusion of this is not that software is patentable, but that such hardware *shouldn't* be. I'd go further: I suspect that anything formed by instantiating digial information in an analogue form - but which is not essentially analogue - should not be patentable. The only things that might be patentable are purely analogue objects - what most people would recognise as patentable things.

There is an added benefit to taking this approach, since it is also solves all those conundrums about whether virtual objects - in Second Life, for example - should be patentable. Clearly, they should not, because they are simply representations of digital entities. But if you wanted to make an analogue version - and not just a hard-wiring - you could reasonable seek a patent if it fulfilled the usual conditions.

Oh, Tell Me the Truth About...the ODF Bust-Up

The recent decision by the OpenDocument Foundation to shift its energies away from ODF to CDF has naturally provoked a lot of rather exaggerated comment. I wrote a piece for LWN.net (now out from behind the paywall) exploring what exactly was going on, and found out that there are bigger issues than simply document interoperability at play.

It turns out to be all about Microsoft's Sharepoint - software that I am beginning to see as one of the most serious threats to open source today. Read it and be very afraid.

GNU PDF Project

Around ten years ago I fought a fierce battle to get people to use HTML instead of PDF files, which I saw as part of a move to close the Web by making it less transparent.

You may have noticed that I lost.

Now, even the GNU project is joining in:

The goal of the GNU PDF project is to develop and provide a free, high-quality and fully functional set of libraries and programs that implement the PDF file format, and associated technologies.

...

PDF has become the de-facto standard for documentation sharing in the industry.

Almost all enterprises uses PDF documents to communicate all kinds of information: manuals, design documents, presentations, etc, even if it is originally composed with OpenOffice, LaTeX or some other word processor.

Almost all enterprises use proprietary tools to compose, read and manipulate PDF files. Thus, the workers of these enterprises are forced to use proprietary programs.


I still think HTML, suitably developed, would be a better solution. (Via LXer.)

20 November 2007

Actuate's Actual Open Source Snapshot

One of the sure signs that open source is moving into the mainstream is the number of surveys about it that are being conducted. The great thing about these is that while individually they bolster the case for open source in different areas, collectively they are almost overwhelmingly compelling.

The latest such survey comes from Actuate. It's actually an update of an earlier, more circumscribed one, and it ranges far more widely:


Following research first conducted in November 2005, exclusively targeted at financial services companies in the UK and Europe, the 2007 Actuate Open Source Software Survey broadened its scope to include research attitudes to open source systems in both North America and Germany. The 2007 survey also extended beyond financial services to include public services, manufacturing and telecommunications (telco) in the new regions and now uniquely provides a detailed local insight as well as interesting regional comparisons across the geographies and the vertical sectors within them.

The top-line result?
Half the organizations surveyed stated that open source is either the preferred option or is explicitly considered in the software procurement process. One surprising note is that one-third of the organizations surveyed are now likely to consider open source business intelligence in their evaluations. This is a huge shift from just a few years ago.

The survey is available free of charge, but registration is required.

UK Government Loses 15 Million Bank Details

This has to be about the most stupid security lapse in the history of computing:

Confidential details of 15 million child benefit recipients are on a computer disc lost by HM Revenue and Customs, the BBC understands.

Insult is added to injury:

Revenue and Customs says it does not believe the records - names, addresses and bank accounts - have fallen into the wrong hands.

Yeah? And they know that precisely how - because they're psychic, perhaps?

And then the UK government wants us to trust them with our IDs, too? If we did, how long before the odd 60 million IDs get "lost"? At least you can change your bank details - you don't have that option with your identity.

Update 1: What's really heartening is that a surprisingly large proportion of those commenting here on the BBC story spot the ID card connection....

Update 2: Better make that 25 million bank details, plus key data on all children in the UK.

Free Software and the Categorical Imperative

The Web could have been invented for butterfly minds like mine. For example, in one of Stephen O'Grady's hallmark Q&As (this one on Red Hat's cloud computing announcement) I came across a link that took me to the Wikipedia page about Immanuel Kant's categorical imperative.

I first encountered Kant when I was in my late teens - the perfect age for grappling with those big questions that look too big and daunting when we are older and more sensible. I thought then, and still think now, that his Critique of Pure Reason represents the acme of modern philosophical thought - the Choral Symphony of metaphysics.

I was therefore already familiar with the categorical imperative, not least in Auden's rather fine clerihew:


When the young Kant
Was told to kiss his aunt,
He obeyed the Categorical Must,
But only just.

But reading the excellent Wikipedia entry, with its formulation:

"Act only according to that maxim whereby you can at the same time will that it should become a universal law."

brought home to me something that - stupidly - I hadn't really grasped before about Kant's idea: its essential symmetry. Of course, it's there implicitly in the other version, which I knew:

"Act in such a way that you treat humanity, whether in your own person or in the person of any other, always at the same time as an end and never merely as a means"

but the second form lacks the extra precision of the first.

What struck me is that this is the driving force behind free software - Stallman's belief that we must share software that we find interesting or useful. And more generally, it lies at the heart of all the kinds of openness that are starting to blossom: they are all predicated on this symmetry, on the giving back as well as the taking.

So there we have it: Immanuel Kant - philosopher and proto-hacker.

Larry Sanger's Question

Larry Sanger has a question about Citizendium:

Suppose we grow to Wikipedian size. This is possible, however probable you think it might be.

Suppose, also, that, because we are of that size, we have the participation of a sizable portion of all the leading intellectuals of the world, in every field–and so, there are hundreds of thousands, if not millions, of approved articles. These are all long, complete with many links, bibliography, etc., etc.–all the subpage stuff. It’s reference utopia. Far better than Wikipedia has any hope of becoming.

Here’s the question, then. If we use a license that permits commercial reuse–CC-by-sa or GFDL–then every major media company in the world could, and probably would, use CZ content. Do you favor a license that allows CBS, Fox, the New York Times, English tabloids, Chinese propaganda sheets, Yahoo!, Google, and all sorts of giant new media companies to come, to use our content? Without compensation?

That's the question that Linus faced over a decade ago when he decided to adopt the GNU GPL instead of the earlier one that forbade any kind of money changing hands. And as Linus has said many times, choosing the GNU GPL was one of the best decisions he ever made, because it has widened support for Linux enormously, and as a result has driven its development even faster.

There's your answer, Larry....

What Can You Protect in Open Source?

Marc Fleury is a Frenchman who famously made lots of dosh when he sold his open source company JBoss to Red Hat. That puts him in a strong permission to pontificate about what does and what doesn't work in the world of businesses based around free software. Try this wit and wisdom, for example:

B.D asks: "marcf, my open source project is starting to enjoy a measure of success, I am thinking of going professional with it, I am thinking about business models. How much thought should I put in protecting my Intellectual Property?"

Answer: B.D. protecting IP in OSS is extremelly important. The only "private" property that exists in OSS are 1- brand 2- URL. Both are obviously related but really you need to protect your brand name, in other words REGISTER your trademarks, use them, declare they are yours and enforce the trademark, meaning protect against infringement. Other products, specifically based on your product should not include your name. Consultancies will be able to say they know and work with your "product name" but they cannot ship products using your trademark. Educate yourselves on brand IP, that is a big asset in OSS.

The URL deserves the same treatment. A successful website with traffic is a source of revenue in this day and age, either directly through ad placement or indirectly by lead generation.

It's interesting that Fleury concentrates on trademarks, rather than copyright or patents (of the latter he says: "you will have little protection against thieves that want to copy what you have done without letting you know and put it under different licenses, I have seen it done, such is the nature of the beast.") I think this indicates that trademarks can be useful, even with open source, just as copyright is necessary for licences to work. It's patents that remain the problem.

Of "IP", "Piracy" and China

As readers of this blog will know, I don't use the terms "intellectual property" or "piracy", since both are profoundly misleading and hopelessly skew the discussion. Nonetheless I can recommend a paper entitled "Intellectual Property Piracy: Perception and Reality in China, the United States, and Elsewhere", since it presents a cool analysis of the reality behind the terms, as well as some surprises.

Here's a sample of the former:

Free-rider downloading also serves an advertising function that may actually benefit music-copyright owners: Some free-rider downloaders may like “Sci-Fi Wasabi” enough to go out and spend 99¢ per song for other Cibo Matto tunes from iTunes, or even $11 for the album Stereo Type A or $19 for Pom Pom: The Essential Cibo Matto. If the downloader (or another who hears the downloaded copy) becomes a fan, hundreds of dollars in sales may result; if no download takes place, all of these potential future sales would be lost. Even if the total number of such sales represents only a tiny portion of downloads, it still exceeds the number of sales in the absence of downloading, which would be zero.


And one of the surprises is as follows:

Of the supposed $6.1 billion in losses to U.S. studios, 2.3 billion, or 38%, were lost to Internet piracy, while 3.8 billion, or 62%, were lost to hard-goods piracy. The three countries in which the losses to U.S. studios were highest were not East Asian countries, and two of them were not developing countries: Mexico, the United Kingdom, and France accounted for over $1.2 billion in lost revenues, or 25% of the non-U.S. total – and slightly less than the U.S. total of $1.3 billion. The three countries have a combined population of about 225 million, somewhat less than the United States’ 293 million, giving them a slightly higher per capita piracy rate.

(Via Salon.)

Will WIPO Wipe the Slate Clean?

So the sorry saga at WIPO is coming to an end, with the controversial Director leaving early (although I was disappointed that this was not "to spend more time with his family.") The question now, is who will take over, and what new direction will WIPO take?

This handover comes at a time when many (including me) are questioning what the role of an organisation nominally about so-called "intellectual property" should be in a world increasingly looking to move on to a less proprietorial approach to knowledge. The appointment of a new head would a good time to re-evaluate WIPO's role - and maybe even change its name.

Dealing with Disabilities

One of the problems raised with the use of ODF in Massachusetts was its lack of support for people with disabilities. That has now been sorted out, but it's probably generally true that open source has not addressed this issue as well as it could, not least because hackers tend to be young and hale, and therefore less aware of the problems faced by those who are not, for example.

So it's good to hear that some work is being done on precisely this area:

IBM and the researchers at the University of Dundee School of Computing (UK) and the University of Miami's Miller School of Medicine are collaborating to develop open source software technology tools to accommodate the needs of older workers to help them adapt to and remain productive in the changing workplace of the 21st century.

...

One way to support maturing workers who have age-related disabilities is to find new ways to increase their comfort level and ability to use technology.

(Via Daniweb.)

I've Got a Little List

On the basis that you just can't have enough lists of open source software, here's another one.

19 November 2007

OpenSolaris CIFS Server: Colour Me Confused

The goal of this project is to provide a native, integrated CIFS implementation to support OpenSolaris as a storage operating system. The OpenSolaris CIFS Server provides support for the CIFS/SMB LM 0.12 protocol and MSRPC services in workgroup and domain mode. Substantial work has already gone into modifying and adapting the existing OpenSolaris file system interfaces, services and commands to accommodate Windows attributes and file sharing semantics. The intent is to provide ubiquitous, cross-protocol file sharing in Windows and/or Solaris environments.

Now, I may be wrong, but this all sounds very similar to Samba. So the question is, how did Sun manage to emulate the protocols? And does the agreement between Microsoft and the EU over interoperability have any bearing on this? Yours, confused of London.

Google Desperately Seeking Picasa

What on earth took them so long?

Finally, Google has integrated Picasa Web Albums into Google Image Search. Public albums can be enabled for a public search option, meaning your images will be more likely to come up in Google image results. And that’s a huge improvement, because previously images on Picasa (and Blogger, and Google Docs) were not searchable at all. The other Google applications are still missing out on all the fun, but Picasa images are now searchable. This is limited, however, to a Google image search.

What's the point of having masses of open content if you can't find it? (Via Searchblog.)

Die, TinyURL, Die!

A couple of years ago, I wrote about TinyURLs, noting:

they are a great idea: too many Internet addresses have become long snaking strings of apparently random text. But the solution - to replace this with a unique but shorter URL beginning http://tinyurl.com commits the sin of obscuring the address, an essential component of the open Web.

Well, I don't want to say "I told you so", but "I told you so":

The link shortening and redirection service TinyURL went down apparently for hours last night, rendering countless links broken across the web. Complaints have been particularly loud on Twitter, where long links are automatically turned to TinyURLs and complaining is easy to do, but the service is widely used in emails and web pages as well. The site claims to service 1.6 billion hits each month.

That post worries about having a single point of failure for the Web; that's certainly valid, but for me the malaise is deeper. Even if there were hundreds of TinyURL-like services, it wouldn't solve the problem that they subvert the open nature of the Web.

Far better for the Web to wean itself off TinyURL now and get back to proper addressing. Interestingly, blogging URLs often do that, with nicely descriptive URLs that let you form a rough idea of what you're going to view before you get there.

When the Microsoft Train hits the Brooksian Wall

For a long time enthusiasts of the open source development methodology have predicted that the traditional method will sink in the sand sooner or later. And since, as far as we can tell, Microsoft still employs such methods, the expectation is that one day its operating system upgrade would be a downgrade.

It's hard to tell from all the noise in the comments, but preliminary results seem to suggest Vista is that downgrade:

Extensive testing by the exo.performance.network (www.xpnet.com) research staff shows that SP1 provides no measurable relief to users saddled with sub-par performance under Vista.

And here's some corroboration that people are beginning to realise that the Microsoft train has hit the Brooksian wall:

Ninety percent of 961 IT professionals surveyed said they have concerns about migrating to Vista and more than half said they have no plans to deploy Vista.

What's a Paglo?

That was my first question to Brian de Haaff, CEO of the eponymous company. This is what he said, (more or less):

Francisco Paglo was a virtually unknown Italian explorer who first set sail as a lookout on Cadamosto's expedition to the Gambia River in 1455. Upon completion of a distance learning course in creative writing, he published a stirring account of the exploration from his viewpoint in the crow's nest, which was widely published throughout Europe. It ultimately caught the eye of Prince Henry the Navigator who was a Portuguese royal prince, soldier, and patron of explorers. Prince Henry summoned Paglo, and thanks to his generous funding, sent him on an expedition around Africa's Cape of Good Hope in 1460 to trade for spices in India. A storm pushed him off his target, and he finally dropped anchor in what is now known as New Zealand.

He never did set foot in India, but in New Zealand he remains a hero for bringing the country its first sheep, and his birthday (April 1) is celebrated every year with giant mutton pies. A growing movement has petitioned the government to officially establish the day as a national holiday — Dandy Mutton Day, in reverent appreciation for Paglo. On the eve of March 31 each year, children leave tiny bales of hay in their family rooms, hoping for the safe return of his ghost to their home and a flock of sheep for their family. Those who have been good the preceding year and have prepared fresh bales receive a bowl of lamb stew and freshly-knit wool socks and sweaters from their parents. But poor behavior and unkempt bales is frowned upon as a sign of disrespect, and these unfortunate kids receive a clump of manure.

And this is what the company does:

Paglo is a search engine for IT that specializes in searching the complex and varied data of IT networks, and in returning rich data reports in table and chart formats, as well as simple text hit lists.

As someone who was smitten with search engines ever since the early days of Lycos, WWWW and Inktomi, I was naturally highly receptive to this approach. Search has become the optic through which we see the digital world; applying it not just to traditional information, but also to corporate IT data is eminently sensible.

Things only got better when I found out that the search engine crawler was open source (GNU GPL to be precise). This makes a lot of sense. It means that people can add extra features to it to allow discovery of all kinds of new and whacky hardware and software through the use of plugins; it also means that people are more likely to trust it to wander around their intranets, gathering a lot of extremely sensitive information.

That information is sent back to Paglo, encrypted, where it is stored on their servers as a searchable index of your IT assets that can be interrogated. Now, obviously security is paramount here. I also worry about people turning up with a sub poena: after all, those search indexes will provide extremely useful information about unlicensed copies of software etc.; Paglo, not surprisingly, doesn't think this will be a problem.

There are other interesting aspects of Paglo, including its use of what it calls "social solving":

We do this by allowing all users to save their search queries and publish them for anyone’s use. The elegance here is that you can immediately access any query that’s been saved and made public, and run it against your own data. (Only the query syntax is published. The data itself, of course, is private to each user.) This is especially helpful when you need a query that searches out a complex relationship – such as between users and the applications they have installed on their desktops – and you do not know where to start. The permutations are endless, but since the core concept is the same, any saved query can be used against any set of network data.

But in many ways, the most interesting aspect of Paglo is its business model:

We are maniacally focused on delivering the most value, for the most users, as quickly as possible. To achieve this, we are removing barriers to getting started (like complex installation and cost) and making the service convenient to use. Our experience and the history of the Internet tells us that lots and lots of thrilled users of a free service are much more valuable than a handful of paying customers. If we are successful, you will love Paglo, use it daily, and tell your colleagues and friends.

Yup, that means that they don't have one, but they're really, really sure that if everyone uses them, they can find one. Of course, that's precisely what Google did, so there are precedents - but no guarantees. Let's hope the final business plan proves more credible than the explanation of the company name.

When Oink Went to Piggy Heaven

Here's a wise post on why it is utterly pointless pursuing P2P services and their associated tracker aggregation sites:


What effect has this attack on tracker sites had? Well, to use the example of Oink, it has been entirely negative for the mafiaa. I didn't know what Oink was, as I had never heard of it, until it was busted. I now do know the names of the two successor sites now based on news reports of what happened after Oink went to piggy heaven. Should I ever care, I now know where to go for illegal torrents. I suspect there are several million more like me who were handed a roadmap by just about every IT news site out there, along with the news that absolutely zero people using the site were busted along with the ops. Can you say own goal?

Interestingly, what this comes down to is access to information: thanks to the Internet you and I have as much - often more - clue as to what's going on everywhere than the traditional news gatekeepers.

GNU Affero GPL: Second Draft

One of the vexed questions in the free software world is what should be done about software as a service, when the service is based on free software:

All versions of the GPL allow people to use modified version of the software privately without being obliged to make their modified source code available to anyone. When people put software on a public server, the question is less clear: is that private use or public use? This was called the "software as a service" issue, or "SaaS".

The FSF's answer is a special licence, known as the GNU Affero GPL, which is now in its second draft.

Modular Magazines

After modular books, now this:

Google may soon begin to offer users the ability to create customized, printed magazines from Internet content. And print ads included in the magazine would be customized, too.

The future is modular.

From Remix to Re-enactment

I wrote recently about the remix and it's relevance to an open content world. Here's an interesting exploration of remix's sibling, re-enactment:

Once you start thinking about the idea of re-enactment, you start seeing it everywhere. Maybe the argument could be made that we're in a cultural moment devoted to re-enactment. Much of what we write off as novelty can be put into this category. The Internet recently was excited about old people re-enacting iconic photos of the twentieth century; see also choirs of old people performing Sonic Youth's "Schizophrenia". Or choirs of small children doing much the same. But less ironic presentations abound: off the top of my head, Japancakes just released a note-for-note country-inflected cover of Loveless, My Bloody Valentine's seminal drone-rock record. Going further, German new music ensemble Zeitkratzer has played and recorded Lou Reed's Metal Machine Music. Tom McCarthy's excellent recent novel Remainder concerns a wealthy man who maniacally reenacts scenes; McCarthy springs from the art world, which has been interested in re-enactment for a while. Examples spiral on ad infinitum. But there seems to be something in us that wants to see or hear what we've seen or heard before again.

These are quickly composed thoughts, and I'm ignoring a great deal; parsing the difference between re-enactment and adaptation could be fiendishly complicated, as might be the role of copyright in all of this, etc. I'll simply tie this back to the Communist Manifesto problem. I think it's become apparent that we're no longer reading texts in isolation: now when we read Hamlet, digital media has made it possible to read any number of possible versions at the same time. The archive presents us with an embarrassment of riches, though I suspect that we still lack the tools to let us make sense of the pile: both to make sense of the growing number of versions of texts and to usefully compare versions. The Wooster Group's Hamlet can be seen as a close reading of the 1964 Hamlet. But such a one-to-one reading might just be the tip of the iceberg.

What made this particularly apposite for me is that I've been watching Kenneth Branagh's film version of Hamlet, and the sense of hearing a hundred other uses of Shakespeare's famous lines is very strong, and makes the film feel, indeed, like a re-enactment rather than a performance, brilliant as it is.

Asking Ashley

For those following the iPlayer debate, Groklaw has put up perhaps the best interview with Ashley Highfield so far:

the long-term alternative solution is a world beyond DRM and how we can work together, particularly with our rights holders, to get to a world beyond DRM.

Das ist Ja Doof!

Many years ago the last major British computer manufacturer ICL launched One Per Desk, one of the craziest early computers ever. It was based on the famous Sinclair QL - as used by one Linus Torvalds - and had small tapes instead of disc drives (no, they never worked). But what was most striking about this misbegotten device, was the name of one of the rebadged versions, which came from BT. It was called Tonto - Italian and Spanish for "stupid."

Well, the meme lives on:

Doof, a new London-based startup went into public beta at the beginning of October offering casual gaming wrapped-up with social networking in a good-looking package.

"Doof" is German for "stupid"....

Kindling a Conflagration

There's one of Steven Levy's finer big pieces in Newsweek about Amazon's new Kindle e-book device. It all sounds pretty cool, but for me the real showstopper is the following:


Publishers are resisting the idea of charging less for e-books. "I'm not going along with it," says Penguin's Peter Shanks of Amazon's low price for best sellers. (He seemed startled when I told him that the Alan Greenspan book he publishes is for sale at that price, since he offered no special discount.) Amazon is clearly taking a loss on such books. But Bezos says that he can sustain this scheme indefinitely. "We have a lot of experience in low-margin and high-volume sale—you just have to make sure the mix [between discounted and higher-priced items] works." Nonetheless the major publishers (all of whom are on the Kindle bandwagon) should loosen up. If you're about to get on a plane, you may buy the new Eric Clapton biography on a whim for $10—certainly for $5!—but if it costs more than $20, you may wind up scanning the magazine racks.

What planet are these people on? Amazon is shipping electrons - well known for being rather cheap (here, take a few trillion for free). When you buy a book, you're buying mashed-up trees that cost something (which in fact cost rather more than you pay). E-books will never take off until publishers are prepared to throw their analogue business models on the fire.

Update: Almost needless to say, Kindle is powered by GNU/Linux.