04 August 2011

One Thing We Know about the Shady Rats

The news about "Operation Shady Rat" has naturally provoked much interest (as it was intended to....) After all, who could not fail to be impressed by claims like this?


I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact. In fact, I divide the entire set of Fortune Global 2000 firms into two categories: those that know they’ve been compromised and those that don’t yet know.

Ouch.

You can read the rest of the McAfee post for more details - but not for an answer to the key question: who is doing this? You don't have to be a genius to work out that it's probably one of two large, countries situated in Asia, and personally I'd guess it's the one with lots of people in it, FWIW.

But that's not really what interests me here. Instead, I'd like to focus on this final part of the post:

Although Shady RAT’s scope and duration may shock those who have not been as intimately involved in the investigations into these targeted espionage operations as we have been, I would like to caution you that what I have described here has been one specific operation conducted by a single actor/group. We know of many other successful targeted intrusions (not counting cybercrime-related ones) that we are called in to investigate almost weekly, which impact other companies and industries. This is a problem of massive scale that affects nearly every industry and sector of the economies of numerous countries, and the only organizations that are exempt from this threat are those that don’t have anything valuable or interesting worth stealing.

It's a nice ending to a fascinating piece, but in one respect it's almost certainly not true.

That's because, like just about every similar piece describing massive intrustions of this kind, the McAfee doesn't actually say anything about the platforms that were affected, simply noting:

The compromises themselves were standard procedure for these types of targeted intrusions: a spear-phishing email containing an exploit is sent to an individual with the right level of access at the company, and the exploit when opened on an unpatched system will trigger a download of the implant malware. That malware will execute and initiate a backdoor communication channel to the Command & Control web server and interpret the instructions encoded in the hidden comments embedded in the webpage code. This will be quickly followed by live intruders jumping on to the infected machine and proceeding to quickly escalate privileges and move laterally within the organization to establish new persistent footholds via additional compromised machines running implant malware, as well as targeting for quick exfiltration the key data they came for.

But somebody in the comments asked the obvious question: "Were the initial intrusions all on Microsoft OS machines? Also, was a particular browser targeted?" To which the answer came:

All the malware we’ve seen was Windows-based. There were a variety of vulnerabilities used

Think about that. This massive breach of security, and loss of possibly highly-sensitive information, was all down to two things: the abiding thoughtlessness of people opening attachments, and a range of flaws in Microsoft's software.

So the statement that "the only organizations that are exempt from this threat are those that don’t have anything valuable or interesting worth stealing" is not true; another class would be those wise enough not to allow any of their personnel to use Microsoft products. We may not know definitively who the Shady Rats are, but we certainly know what they *really* love.

Follow me @glynmoody on Twitter and identi.ca, or on Google+

Hey, BPI, Meet the New Rule: Show Evidence

After the UK Government unveiled its pretty reasonable response to the Hargreaves Report (analysed by me yesterday), the lobbying begins:

Leading trade bodies for the film and music industries have warned the government that it must move quickly to implement an effective system to crack down on pirate websites, after Vince Cable announced that plans to block illegal file-sharing websites have been scrapped.

Geoff Taylor, chief executive of music industry body the BPI, said the government must urgently broker a deal between internet companies and rights holders to implement a fast-track procedure to crackdown on piracy or "a failure to do so will see some of this country's world-leading industries irreparably damaged on this government's watch".

"Every day blatantly illegal foreign sites flout our laws, rip off consumers and musicians and wreak huge damage on our creative sector," he said. "Government must now act urgently to put in place effective means to protect consumers, creators and UK jobs from the impact of illegal foreign sites".

Geoff, I think you missed this bit in the Government's response:

the Government will in future give limited weight in IP policy-making to evidence that is not sufficiently open and transparent in its approach and methodology, and we will make it clear where we are taking this view. IPO will set out guidance in Autumn 2011 on what constitutes open and transparent evidence, in line with professional practice.

So, you say "illegal foreign sites...damage our creative sector": let's see your evidence, including full data and details of its methodology. So far, I've not found a single, independent report that shows this - indeed, the Hargreaves team specifically lamented the lack of this kind of objective research into the effects of file sharing in their report.

You see, the interesting thing is that there is an increasing number of studies - some anecdotal, some more rigorous - that show exactly the opposite: that piracy actually drives more sales (I include links to a few of them in my submission to the Hargreaves enquiry.)

So before you start calling for piracy to be curbed, it might be a good idea to sort out the evidence you will be submitting in support of that: rhetoric on its own is no longer enough. After all, if you find the studies I cite are confirmed by others conducted elsewhere, perhaps on a larger scale, you should actually be calling for *more* piracy, not less....

Follow me @glynmoody on Twitter and identi.ca, or on Google+

03 August 2011

Reviewing the UK Government Response to the Hargreaves Review

I've written a number of columns about the Hargreaves Review, and its generally sensible ideas. But, ultimately, those proposals mean nothing if they are not accepted by the UK government and implemented. That makes today's official response particularly important.

On Open Enterprise blog.

02 August 2011

Time to Adopt the Brazilian Model of Public Software?

A couple of weeks ago, the innocuously-named “Public Administration Committee” of the House of Commons published a rather more surprisingly-named report entitled “Government and IT- "A Recipe For Rip-Offs": Time For A New Approach”. That's pretty much all you need to know - it basically says most of the things many of us have been moaning about in the field of UK IT procurement for years, but with rather more authority.

On Open Enterprise blog.

01 August 2011

Why the UK Cover-up of ISP Spying Proposal?

The documents obtained by FoI requests that I referred to in an earlier post today have proved richer than we expected:

Previously confidential documents detailing Universal Music’s meetings with the former UK government over the Digital Economy Act are revealing a whole lot more than the pair intended. Blacked-out sections now uncovered show that Universal believed that ISPs could spy on their users and hand over information to rightsholders in order for them to sue.

Here's the relevant paragraph that was blacked out in the supplied PDF:

LG: Universal have entered into an arrangement with the Internet Service Provider (ISP) Virgin to target legitimate broadband users with a £10 "all you can eat" offer. There is a commercial risk with this strategy, which could be like "putting a Coca Cola pipe in your house which would then supply the whole street". In return for a fixed fee revenue share Virgin have agreed to anti-piracy measures, including pop-up warnings on screens. As ISPs can monitor the amount of power used by specific users and the sites connected to, it is possible for ISPs to pass on any details to owners of particular rights, who could then get take legal action.

"LG" is Lucian Grainge (CEO, Universal Music Group International).

Now, the idea that he wanted ISPs to spy on users as a matter of course (using Deep Packet Inspection, presumably) is extraordinary, and I'm sure we'll be seeing some interesting legal analyses of that. But I want to consider another question here. By what right did the UK Government try to censor that embarrassing admission?

The FoI covering letter lists various possibilities for such censorship:

Please note that some material has been considered against the following exemptions:

Section 35 (1a) Formulation of government policy
Section 35 (1b) Ministerial communications
Section 40 Personal information
Section 43 Commercial interests

I presume that it was under the last of these that the material was redacted. Looking more closely at the conditions, as explained in the letter:

Section 43 sets out that information is exempted from the right to know if:

The information is a trade secret, or
Release of the information is likely to prejudice the commercial interest of any person (A person may be an individual, a company, the public authority itself, or any other legal entity

Moreover:

This is a qualified exemption. A public authority can only refuse to provide the information if it believes that the public interest in withholding disclosure, outweighs the public interest in disclosing it.

The public interest in knowing about plans to spy on its Internet connection certainly outweighs the public interest in not disclosing (which is zero).

So is this just another case of the UK Government taking the side of the recording industries again, and to hell with the public and their rights, including the right to know what is happening in meetings with their government?

Follow me @glynmoody on Twitter and identi.ca, or on Google+

Something Rotten in the State of...Brazil?

For many years, Brazil has been a shining beacon of how to do it right when it came to openness and sharing. For example, in the field of open source:


Em 2005, entretanto, o Governo Federal licenciou a solução de inventário de hardware e software CACIC (Configurador Automático e Coletor de Informações Computacionais), desenvolvida pela Dataprev, sob a segunda versão da licença GPL em português. Em pouco tempo, uma extensa comunidade de usuários, desenvolvedores e prestadores de serviço formou-se em torno da solução, o que assentou as bases para a definição do conceito de Software Público e para a sua materialização com o Portal do Software Público Brasileiro (SPB). Seis anos depois, a publicação da Instrução Normativa no 01, em 17/01/2011, dispõe sobre os procedimentos para o desenvolvimento, a disponibilização e o uso do SPB. Hoje, mais de 50 soluções já foram disponibilizadas no Portal, há mais de 100 mil usuários cadastrados nele, bem como uma grande quantidade de empresas cadastradas como prestadores de serviços para essas soluções – para algumas delas, são quase 200, espalhadas por todo o território nacional!

[Google Translate: In 2005, however, the Federal Government has licensed the solution for hardware inventory and software CACIC (Auto Configurator and Collector Information Computer), developed by Dataprev under the second version of the GPL in Portuguese. Soon, a large community of users, developers and service providers formed around the solution, which became the basis for the definition of Public Software and its realization with the Public Software Portal (SPB ). Six years later, the publication of the Instruction No 01, on 17/01/2011, sets forth the procedures for the development, provision and use of the SPB. Today, more than 50 solutions have been available in the portal, there are over 100,000 registered users in it, as well as a large number of companies registered as service providers for these solutions - some of them are about 200, scattered throughout the nationwide!]

Brazil was also very forward-thinking when it came to CC-licensed content:

Creative Commons has become a popular word and a media phenomenon in Brazil. The project was not only extremely well received, but enthusiastically embraced by a huge community of artists, starting with Minister Gilberto Gil. And artists are not the only users. Side by side with them, stands the civil society represented by all sorts of NGO´s. And even more surprisingly, the government itself has adopted several initiatives using the Creative Commons model. The website of the Ministry of Culture is entirely CC licensed. Two other important examples include the Ministry of Education creating a portal named “publicdomain.gov” inspired by and using the CC licenses. Also, the largest supporter of the arts in Brazil, the oil company Petrobras, included in its yearly call for proposals a clause recommending works supported by Petrobras to be licensed under a Creative Commons license.

All that happened under the presidency of "Lula". Alas, it's becoming clear that his successor has rather different ideas.

First we had this:

The Brazilian Ministry of Culture has removed the logo of the Creative Commons license from its website. Since Gilberto Gil was ahead of the Ministry (2003-2008), all the content of the website has been licensed in Creative Commons.

The removal has been interpreted by the Brazilian civil society as a sign of the Minister's inflexibility. The removal came right after the publicization of an open letter, asking for the continuation of the policies that were adopted or were under discussion during the government of Lula. Minister Ana de Hollanda has criticized the proposal for copyright reform, which would, among of things, introduce important exceptions and limitations in Brazilian law.

And now this:

Cadeia para quem compartilhar sua rede de banda larga de internet wi-fi com os vizinhos, compartilhar músicas pelo bluetooth do aparelho celular ou usar softwares para desbloquear mídias de DVDs e assisti-las no computador. É isso o que pode acontecer caso seja aprovado na Câmara o Projeto de Lei 84/99 (conhecido como PL Azeredo) que tramita em caráter de urgência e pode ser votado a partir da terça-feira.

...

O PL é bastante polêmico ao limitar a disseminação de informações na rede. A proposta trata de crimes cibernéticos e criminaliza práticas comuns de internautas como digitalizar e guardar suas músicas num MP3 player ou computador – mesmo que o consumidor tenha passado para computador as músicas de um CD que comprou.

“Além disso, seria considerado criminoso o consumidor que compartilhasse com seus vizinhos seu acesso à internet através de redes Wi-Fi ou que utilizasse plenamente serviços de voz sobre IP na rede, como o Skype”, diz Varella.

[Google Translate: Jail for those who share your network's broadband wi-fi with neighbors, share music by bluetooth from mobile phone or use software to unlock media from DVDs and watch them on your computer. That's what can happen if the House approved the bill 84/99 (known as Azeredo PL) which is being processed on an urgent basis and may be voted from Tuesday.

...

The bill is controversial enough to limit the dissemination of information on the network. The proposal deals with cyber crime and criminalizes ordinary Internet users to scan and store your music on an MP3 player or computer - even if the consumer has gone to computer music from a CD you bought.

"In addition, the consumer would be considered criminal to share with your neighbors access the Internet via Wi-Fi or make full use of voice over IP network, such as Skype," says Varella.]

Although this kind of stuff is becoming standard for copyright maximalists to demand from governments around the world, it's particularly sad to see Brazil regress in this way. It emphasises that freedom can never be taken for granted, and must be fought for continuously.

Follow me @glynmoody on Twitter and identi.ca, or on Google+

It's Good to Share

The passing of the Digital Economy Act remains one of the worst blots on the British political system in recent years. As anyone who had the misfortune to witness the final hours of the previous government, the way in which the act was pushed through Parliament by a handful of (mostly) indifferent politicians (with a few honourable exceptions - step forward, Tom Watson...) was a real slap in the face of the British public - and democracy.

We've always known that Peter Mandelson was the driving force behind the legislation, but we now have some of the appalling details of how and why it happened thanks to excellent work by Phil Bradley using the WhatDotheyKnow.com website to submit Freedom of Information requests on the subject. Basically, the whole public consultation being conducted at the time was a cynical sham, since Mandelson had already made up his mind, and wanted to move on to disconnection of alleged filesharers immediately.

Since there are now two excellent analyses of the documents released, one on TorrentFreak, and one on Mark's Musings", I won't repeat the exercise here - I'll just urge you to visit those sites and experience the full arrogant high-handedness of the Dark Lord.

However, I'd like to mention two positive aspects of this sorry tale.

First, the importance of sharing information gleaned through FoI requests. The ability to find out what really happened is great, but not much use unless people can see it and build on it. The WhatDotheyKnow site allows just that.

Secondly, it's great to see yet another fine post from Mark Goodge, who writes the blog "Mark's Musings. I've only just come across this, and I'm impressed by the depth of analysis he offers on a range of subjects that are dear to my heart - for example, this fine discussion of the Meltwater judgment.

Not that I can always fully agree with his viewpoint. For example, as a follow-up to the Mandelson post mentioned above, he has written one called "A balanced approach to copyright", with a list of "things that have to be accepted". Mostly good stuff, but inevitably the following sticks in my craw:

Intellectual property rights do have a solid justification for their existence. It’s their implementation which is the issue.

Well, no - more details to follow later this week.

Still, it's great to have Mark as another voice exploring these key issues for the digital world with such intelligence. It's good to share...*roughly* the same general viewpoint.

Follow me @glynmoody on Twitter and identi.ca, or on Google+

30 July 2011

Revolutions

On the first LP I ever owned was Tchaikovsky's Serenade, Ravel's Bolero and Smetana's "Bartered Bride" Overture. It was soon joined by many more vinyl discs, but the problem of storing these 12" leviathans soon became a limiting factor. Things grew rapidly worse when I discovered the wonderful if even bulkier Vox Boxes, with their irresistible promise of "complete X", where X might be Bach flute sonatas or Mozart piano variations.

Fortunately, as the floor of my flat was in serious danger of ceding under the weight of hundreds of boxes and LPs, the CD came along. For reasons that escape me, my first CD was Virgil Thomson's "The Plow that broke the Plains", but this was soon joined by hundreds and then thousands of others.

Once again storage - and organisation - became a crucial issue, and once again, I was saved by technology, this time in the shape of the MP3 file. I bought one of the earliest MP3 players, the Diamond RIO PMP300. This came with a massive 32Mbytes of RAM, allowing up to an hour of listening (albeit at lower quality).

It was an important moment not just for me, but also for the industry, as Wikipedia explains:

On October 8, 1998, the American recording industry group, the Recording Industry Association of America, filed an application for a Temporary Restraining Order to prevent the sale of the Rio player in the Central District Court of California, claiming the player violated the 1992 Audio Home Recording Act.

Judge Andrea Collins issued the temporary order on October 16, but required the RIAA to post a $500,000 bond that would be used to compensate Diamond for damages incurred in the delay if Diamond eventually prevailed in court. Diamond then announced that it would temporarily delay shipment of the Rio.

On October 26, Judge Collins denied the RIAA's application. After the lawsuit ended, Diamond sold 200,000 players.

This was one of the earliest attempts by the RIAA to derail the future of music, and luckily on this occasion it lost.

Of course, once music became digital, Moore's Law ensured that things kept on scaling. Silicon storage capacities went up, and prices went down, until today I have dozens of Gbytes of MP3 files of music stored on various media.

And yet I rarely listen to them, because streaming in the shape of Spotify came along a couple of years ago. Although I understand the issues about not owning the music you listen to, I'm lucky enough to have vast amounts of the music that is most important to me available in multiple backup formats - LPs, CDs and MP3s. If Spotify disappears tomorrow - say, as a result of being destroyed by a patent troll - I can just go back to listening to these. In addition, I feel increasingly guilty about owning anything in a depleted world drowning in stuff, so streaming seems like a good idea anyway.

It's of course regrettable that Spotify isn't open source, but it has certainly taken my experience of listening to music to a new level. The ability to leave the complete works of Mozart, say, running in the background for days, or to hear the same movement of a Beethoven symphony played by 35 different orchestras has never been so easy; both change how you regard well-loved pieces because they provide new contexts that allow you to listen to them more deeply.

Moreover, Spotify gives me the unprecedented capability of listening to something - now matter how obscure (well, almost) - the moment I come across even the merest reference to it. It really is like having practically all music instantly on tap, anywhere there is an Internet connection.

As such, it's a foretaste of how things will soon be for all digital artefacts, when every text, image, sound and video ever created will be just as instantly and effortlessly available. The only thing standing between us and that amazing, mind-expanding world of digital abundance is an 18th-century law that replaced earlier censorship with a framework for the "encouragement of learning" in an age of analogue scarcity. Once anachronistic copyright has been abolished, my journey from LPs through CDs and MP3s will be complete, and the ultimate knowledge revolution can begin.

Follow me @glynmoody on Twitter or identi.ca, Google+

Mozilla's Next Firefox Moment?

Last year, there was a lot of handwringing about Firefox's continuing loss of market share. This was only by relatively small amounts, but people wondered whether Firefox had peaked and was in trouble.

On The H Open.

29 July 2011

Why Defensive Patents are a Contradiction in Terms

I've been writing about why software patents are bad from every viewpoint for far too long, but I'm heartened by the recent upswing in interest by others, less obsessed than I am, which has resulted in a sudden flood of really intelligent reporting on the subject (this, for example).

Usually those pieces are just catching up with what has been said by many of us for a while. Occasionally, though, you come across a post that is genuinely original in its insights, and makes you exclaim: "now, why didn't I think of that?" This is just such a post:

A patent that is truly so original that somebody else wouldn’t arrive at the same solution by applying normal engineering skill is useless as a defensive patent. You can’t threaten someone with a countersuit if your idea is so brilliant that your opponents—because they didn’t think of it—haven’t incorporated it in their technology. The ideal defensive patent, by contrast, is the most obvious one you can get the U.S. Patent Office to sign off on—one that competitors are likely to unwittingly “infringe,” not realizing they’ve made themselves vulnerable to legal counterattack, because it’s simply the solution a good, smart engineer trying to solve a particular problem would naturally come up with.

Of course - it's obvious when you think about it. And it means that these so-called "defensive patents" are a contradiction in terms: if ideas are useful as a defence, they don't deserve a patent, and if they truly do deserve a patent (in theory, at least), they will be useless for defensive purpose.

What a fab insight - one that takes another huge chunk out of the arguments in favour of patents.

Follow me @glynmoody on Twitter and identi.ca, or on Google+

28 July 2011

Not So Fast, FAST

FAST - "Federation Against Software Theft" - is manifestly one of the more risible copyright organisations, since it doesn't even know the law (it's not "theft", it's "copyright infringement" - quite different, because nothing is stolen in these cases.)

Since that is what they are paid to do, its PR company keeps sending me FAST's press releases, which I studiously ignore since they are uniformly ridiculous. But its latest missive is so indicative of what the problem is with the copyright industries, I feel obliged to share part of it (sadly, it's not yet online - I'll add it if and when it appears.)

It's about Newzbin 2, which it inaccurately claims

aggregates a large amount of the illegally copied material found on Usenet discussion forums.

Of course, there's no aggregation whatsoever, just links: Newzbin 2 is a search engine, like Google. Clearly FAST has the same problems understanding that distinction as it does with the difference between theft and copyright infringement.

But the best bit comes towards the end:

Our stance has always been one of carrot and stick – ensuring that customers are educated on the economic impact of piracy as well as advocating compliance with the law protecting creators.

Except, of course, there is no carrot there, just propaganda and threats. And the propaganda is wrong: as I - and others - have noted, there's growing evidence to show that piracy actually boosts sales.

This neatly sums up the problem with the copyright maximalists. Rather than focussing on giving customers what they want - easy access to digital products at reasonable prices - they spend all their time focussing on the stick. Little wonder, then, that the current "victory" in the courts will prove as hollow as all the others, because there is still no "carrot" being offered as an alternative...

Follow me @glynmoody on Twitter or identi.ca, Google+

27 July 2011

The Art of Sharing Online

As has been noted many times before, the Internet is essentially a global, digital copier. Anything that is placed online is, by definition, copied as it is accessed. This means that every site must think about how it would like its content to be shared. That wish may or may not be respected, but if it's not articulated, it certainly won't be.

For "ordinary" creations like text of images, the licensing situation is pretty well-defined. Basically, you can either put things into the public domain, claim maximal, "ordinary", copyright, or something in-between, using Creative Commons licences. But for less common kinds of material, things may not be so obvious.

That seems to be the case with an interesting new site called CircuitBee. Here's the background:

We love making electronics projects, we've not worked on many but we've enjoyed it as a hobby for some time. The one thing we have a problem with however is how to get help with our schematics, how to talk about them and how to show them off to other people.

During our last big electronics project we got really stuck with our design, it mostly worked but we weren't sure how stable it was or how reliable our circuit would be. We went online to look for help and see if anybody would look over our schematics and give us any tips. We found people willing to help easily enough but providing them with our circuit became a real headache.

First we posted a copy of the project files, that didn't help since the some of people helping us used a different version of the software and some of them only used a different schematics package.

Next we decided to post a screenshot of the schematic but our schematic software would only let us capture the current screenshot of the schematic, which wasn't zoomed in enough to be able to make it readable!

Finally we used a PDF print out of the schematic and had to upload it to some hosting online and give the people in the forum a link to the PDF.

After all this messing around just to show someone our schematic we thought that there had to be a better way. We looked around, but didn't find anything that solved this problem, so we set out to create CircuitBee.

CircuitBee takes your schematic project files, converts them into its own internal format and then provides you with an embeddable version of the circuit, similar to Google Maps but for electronics schematics.

You can pan, zoom, go fullscreen, mouse over components to see what they are and we have plans for lots more features yet.

Currently we only support KiCad schematics since we couldn't find good documentation on the file formats used by other software. We intend to expand to other popular schematic capture software like Eagle and Fritzing in the near future.

That sounds like a really good idea. The problem with the site at the moment is that these schematics come with no information about what you can do with them. Are they freely available, available for non-commercial use, subject to the maximal copyright restrictions, etc?

The obvious solution would be allow people who upload their schematics to choose from the full range of Creative Commons licences at that time. These could then be displayed alongside circuit online so that visitors know what the legal situation is.

However, there is one other aspect that could be usefully clarified. As the quoted text explains, "CircuitBee takes your schematic project files, converts them into its own internal format and then provides you with an embeddable version of the circuit, similar to Google Maps but for electronics schematics." The status of that format is not clear. Ideally, it would be released as an open format for all to use - after all, doing so is likely to increase its uptake, for example in other software. Making it a fully open format will also allow others to help improve it.

And that, really, is the art of sharing stuff online: the more freely it is done, the greater the benefits for everyone.

Follow me @glynmoody on Twitter and identi.ca, or on Google+

What's the Father of the Wiki Doing at Nike?

The idea of the wiki is now so pervasive that we rather take it for granted - "oh, let's just use a wiki" is a typical cry these days. But it's important to remember that for all its simplicity, it took someone to come up with the idea (just as it did for the "simple" idea of a hyperlinked Web.)

That person was Ward Cunningham, who has led a colourful professional life, as his Wikipedia entry (oh look, a wiki...) makes clear:


He is a founder of Cunningham & Cunningham, Inc. He has also served as Director of R&D at Wyatt Software and as Principal Engineer in the Tektronix Computer Research Laboratory. He is founder of the Hillside Group and has served as program chair of the Pattern Languages of Programming conference which it sponsors. Cunningham was part of the Smalltalk community. From December 2003 until October 2005, he worked for Microsoft Corporation in the "patterns & practices" group. From October 2005 to May 2007, he held the position of Director of Committer Community Development at the Eclipse Foundation.

In May 2007, Cunningham joined AboutUs as its chief technology officer.[2][3][4] On March 24, 2011 The Oregonian reported that Cunningham had quietly departed AboutUs to join Venice-based CitizenGlobal, a startup working on crowd-sourced video content, as their Chief Technology Officer. He remains "an adviser" with AboutUs.

Well, he is moving again, to fill this rather interesting, if horribly-named, post at Nike:

At Nike we know tomorrow's world will be radically different from today's. To thrive in a world where resources are constrained, where people and governments and systems are fully connected, where sustainability is an imperative, not a choice, where transparency is requisite, we believe we need innovation. Disruptive, radical, jaw-dropping innovation. Innovation we cannot imagine. That kind of innovation is not going to come only from within. It will require the best of what we've got, along with unlikely partnerships, collaborations and open innovation.

We believe that data and technology will be key to unleashing new innovations.

Nike is looking for a person with the skills, passion and know-how to use data and technology to solve problems standing between business-as-usual and a sustainable future. We're looking for a creative visionary who also has both feet firmly on the ground — one in Nike and one in the open data world, ready to run. We're looking for a Code for a Better World Fellow.

The fellow will help Nike determine the steps needed to open our sustainability data to communities of data-obsessed programmers, visual designers and researchers.

The fellow will work with Nike's data managers to landscape current data and craft a desired future state; manage the formatting and release of data to the open data community; curate use of the data within the community; bring knowledge from the open data community back to Nike as actionable steps; attend conferences related to open data to grow Nike's network and profile in this space; and ultimately create/steward the creation of prototypes that demonstrate how opening Nike's sustainability data can be a force to drive change.

What's particularly interesting here is the emphasis on open data. So far, we have seen mainly governments opening up their data stores, but there are many benefits for companies, to do so too, as this article points out (it was also the source of the news that Cunningham was moving.) It also points out that Nike has been in the forefront of innovative business practices in this area for a while:

Nike have a surprisingly long history of releasing data. Back in 2000, they started publishing a list of all their contracted factories (scraped list by Selena Deckelmann) and related audit information. The aim? To improve their factory working conditions, both by improved scrutiny of Nike’s own measurement systems, and by enabling direct on the ground inspection and campaigning by activists.

Employing the Father of the Wiki is another smart move, and I can't wait to see what he does there.

Follow me @glynmoody on Twitter and identi.ca, or on Google+

26 July 2011

Why We Should - and Can - Abolish All Patents

As long-suffering readers will know, I've been warning about the growing problem of patent thickets in the field of software for some time now. Until relatively recently, I and a few others have been voices crying in the wilderness: the general consensus has been that patents are good, and more patents are better. But in the last few weeks, the first hopeful signs have appeared that at least some people are beginning to realise that software patents not only do not promote innovation, they actually throttle it.

On Open Enterprise blog.

25 July 2011

Time to Break up Big, Bad Apple?

One of the unusual characteristics of the computer industry in recent years is the rapid rise of companies to almost complete market dominance of their respective sectors.

Things began with Microsoft, whose Windows operating system is still unchallenged on the desktop. Then came Google, which more or less owns the online search world (with the notable exception of the important Chinese market), and after that Facebook, which is probably hurtling towards 800 million users at the moment. What this means is that it is almost impossible for other companies to enter those particular markets and compete against the incumbent.

On Open Enterprise blog.

22 July 2011

Why Are Hackers Becoming So Angry?

You may have noticed a bit of a trend recently. Groups of hackers are getting hold of stuff that has hitherto been kept locked up, and making it freely available online, much to the annoyance and embarrassment of those involved.

Well-known examples include Wikileaks, Anonymous and LulzSec, but we now have a new name to add to the list. Step forward (the possibly pseudonymous) Greg Maxwell, who has been provoked by the Aaron Swartz saga, which I wrote about earlier this week, to release some files of his own:

On Open Enterprise blog.

21 July 2011

An Open Government Data Licence for the World?

As I've noted before, the UK government is now arguably the leader when it comes to open data. Of course, that's not really the point: this isn't a competition with winners and losers, but a global effort to open things up. As such, it would be nice if there were more collaboration between the different governments - things like this, for example:

On Open Enterprise blog.

20 July 2011

Myhrvold Hoist By His Own (Patented) Petard

There's a column doing the rounds at the moment that is generating some interest. It comes from the King of the Patent Trolls, Nathan Myhrvold. I urge you to read it - not so much for what he wants to point out, as for what he inadvertently reveals. Here's the key passage:

Most big tech companies inhabit winner-take-most markets, in which any company that gets out in front can develop an enormous lead. This is how Microsoft came to dominate in software, Intel Corp. in processors, Google Inc. (GOOG) in web search, Oracle Corp. in databases, Amazon.com Inc. in web retail, and so on.

As a result, the tech world has seen a series of mad scrambles by companies wanting to be king of the hill. In the late 1980s, the battle was for dominance of spreadsheet and word-processing software. In the late 1990s, it was about e- commerce on the emerging Internet. The latest whatever-it-takes struggle has been over social networks, with enough drama to script a Hollywood movie.

In each case, the recipe for success was to bring to market, at a furious pace, products that incorporate new features. Along the way, inconvenient intellectual property rights were ignored.

I think he's absolutely spot on. In the 1980s and 1990s, companies successively carved out dominant shares in emerging markets, often becoming vastly profitable in the process. And how did they do that? Well, as Myhrvold says, "the recipe for success was to bring to market, at a furious pace, products that incorporate new features." Their rise and huge success was almost entirely down to the fact that they innovated at a "furious pace", which led to market success.

They did not, that is, innovate in order to gain patents, but in order to succeed. They did not even bother taking out patents, so busy were they innovating and succeeding. Indeed, Myhrvold himself says: "Along the way, inconvenient intellectual property rights were ignored." They were ignored by everyone, and the most innovative companies thrived as a direct result, because only innovation mattered.

Fast forward to today. Now even the most innovative company has to spend millions of dollars fighting lawsuits over alleged patent infringement. Often these come from companies that don't actually innovate in any way - they just happen to own a patent that may or may not read on real products that genuine innovators have produced.

So by Myhrvold's own admission, ignoring "inconvenient intellectual property rights", companies innovated fiercely, created now market segments, and were rewarded for their innovation by market dominance and profits. Why then is he and others extolling the virtue of those same, inconvenient patent rights that did nothing for two decades?

The answer, of course, is obvious: because he and the other patent trolls (and burnt-out companies like Microsoft that are becoming a new kind of patent troll by default) have realised that it is not actual, on-the-ground, expensive innovation that counts, but the piece of paper from the USPTO assigning nominal "ownership" of that innovation.

He and his company have learned how to game the system and thus destroy the conditions that led to over two decades of uninterrupted and unprecedented innovation and wealth creation thanks to a level playing field offered by the absence of distorting intellectual monopolies - not their presence, as his column illogically tries to suggest at one point. This U-turn is doubly ironic given his unexpectedly candid opening analysis describes so well why we do not need patents at all.

Follow me @glynmoody on Twitter or identi.ca.

How Should We Liberate Knowledge?

Here's an interesting situation at the online academic repository JSTOR:

Last fall and winter, JSTOR experienced a significant misuse of our database. A substantial portion of our publisher partners’ content was downloaded in an unauthorized fashion using the network at the Massachusetts Institute of Technology, one of our participating institutions. The content taken was systematically downloaded using an approach designed to avoid detection by our monitoring systems.

On Open Enterprise blog.

How Should We Liberate Knowledge?

Here's an interesting situation at the online academic repository JSTOR:

Last fall and winter, JSTOR experienced a significant misuse of our database. A substantial portion of our publisher partners’ content was downloaded in an unauthorized fashion using the network at the Massachusetts Institute of Technology, one of our participating institutions. The content taken was systematically downloaded using an approach designed to avoid detection by our monitoring systems.

On Open Enterprise blog.

11 July 2011

To Defend Android Google Must Attack Software Patents

Android is under serious threat. Not so much commercially, where it continues to trounce its rivals and take an ever-larger market share around the world, but through legal threats. Of course, that's not just a problem for Google: as Techdirt's handy diagram illustrates, practically everyone in the smartphone space is suing everyone else. But the big difference is how the others are addressing this.

On The H Open blog.

07 July 2011

Open Season on Open Data

Well, it seems to be Open Data week here on Computerworld UK. After my report on the Open Knowledge Conference in Berlin, one of whose principal themes was open data, and my post about proposals for a data.gov.eu portal, this morning we have the following major announcement by the UK Prime Minister:

On Open Enterprise blog.

05 July 2011

Data Portals Become Fashionable: Time to Worry?

Yesterday I mentioned Nigel Shadbolt, who has played a leading role in the opening up of government data in the UK. By chance, I've just come across a report [.pdf] he wrote for the EU about doing much the same, but on a larger scale. Curiously, this is dated 15 December 2010, but this is the first I've seen it. Either it's been buried deep within the Brussels system, or I've been remiss in catching it. Either way, it's still well worth reading.

On Open Enterprise blog.

04 July 2011

The Open Knowledge Foundation Comes of Age

The Open Knowledge Foundation (OKF) was launched just over seven years ago:

May 24th 2004: The Open Knowledge Foundation was launched today with explicit objectives to promote the openness of all forms of knowledge where knowledge is taken to include information, data and all other synonymous terms. In particular

To promote freedom of access, creation and dissemination of knowledge.

To develop, support and promote projects, communities and tools that foster and facilitate the creation, access to and dissemination of knowledge.

To campaign against restrictions both legal and non-legal on the creation, access to and dissemination of knowledge.

On Open Enterprise blog.

02 July 2011

The Rise and Fall and Rise of HTML

HTML began life as a clever hack of a pre-existing approach. As Tim Berners-Lee explains in his book, “Weaving the Web”:

Since I knew it would be difficult to encourage the whole world to use a new global information system, I wanted to bring on board every group I could. There was a family of markup languages, the standard generalised markup language (SGML), already preferred by some of the world's top documentation community and at the time considered the only potential document standard among the hypertext community. I developed HTML to look like a member of that family.

On The H Open.