Tibet, Cyberattacks and Open Source

There's nothing like a mature response to criticism, and this is nothing like a mature response:

Human rights and pro-democracy groups sympathetic to anti-China demonstrators in Tibet are being targeted by sophisticated cyber attacks designed to disrupt their work and steal information on their members and activities.

But what really caught my attention was the following:

Van Horenbeeck said the danger with the e-mail viruses involved in the attacks is that they are so hand-crafted and new that they usually go undetected by dozens of commercial anti-virus scanners on the market today.

"Last week, I had two of these samples that were detected by two out of 32 different anti-virus scanners, and another that was completely undetected," he said.

The specificity of information sought in the targeted attacks also suggests the attackers are searching for intelligence that might be useful or valuable to a group that wants to keep tabs on human rights groups, said Nathan Dorjee, a graduate student who provides technology support to Students for a Free Tibet.

Dorjee said one recent e-mail attack targeted at the group's members included a virus designed to search victim's computers for encryption keys used to mask online communications. The attackers in this case were searching for PGP keys, a specific technology that group members routinely use to prevent outsiders or eavesdroppers from reading any intercepted messages.

Dorjee said the attacks have been unsettling but ineffective, as the Students for a Free Tibet network mostly operates on more secure platforms, such as Apple computers and machines powered by open source operating systems.

If you're talking viruses, you're essentially talking Windows (at the moment, at least). So as Students for a Free Tibet is finding, open source is doubly your friend: it's low cost and high security in the face of this kind of mature discussion.

Cringely on Open Education

I've always had a rather ambivalent attitude to Robert X. Cringely, not least because I go so far back that I remember all the messy business with Infoworld when he left, and that strange time when there were several Cringelies knocking around simultaneously.

Anyway, his PBS column is always well written and frequently illuminating. His latest is about education - or rather, about open education, since he muses on the changing way people will learn, and that means open education. There's a very nice insight about halfway through:

Andy Hertzfeld said Google is the best tool for an aging programmer because it remembers when we cannot. Dave Winer, back in 1996, came to the conclusion that it was better to bookmark information than to cut and paste it. I'm sure today Dave wouldn't bother with the bookmark and would simply search from scratch to get the most relevant result. Both men point to the idea that we're moving from a knowledge economy to a search economy, from a kingdom of static values to those that are dynamic. Education still seems to define knowing as more important than being able to find, yet which do you do more of in your work?

I remember coming to the same conclusion sometime in the mid-1990s, when I found myself using the Altavista search engine (remember that?) for everything. More importantly, as Cringely notes, I found that remembering how I got to information was the key skill.

Yahoo and MSN Help Root Out Tibetan Rioters

Yahoo China pasted a "most wanted" poster across its homepage today in aid of the police's witch-hunt for 24 Tibetans accused of taking part in the recent riots. MSN China made the same move, although it didn't go as far as publishing the list on its homepage.

With business morals like that, Yahoo and Microsoft are obviously made for each other. (Via RConversation.)

Larry Lessig's Open Congress

I have a lot of time for Larry Lessig. He's a nice bloke, very bright but disarmingly modest. Nonetheless, when I heard about his plans to give up copyfighting and move on to tackling political corruption, I thought he'd lost it. However laudable, the whole project looked utterly hopeless. Much better, it seemed to me, to try to subvert the system indirectly, using technology - that is, the Internet in all its manifestations and ramifications - to peek and poke.

Well, it looks like Larry had the same idea:

Beginning in April, we will launch a second stage to the site: in a Wikipedia-inspired manner, wiki-workers will track the reform-related positions of candidates who have not yet taken a pledge. If a candidate, for example, has endorsed Public Campaign's bill for public financing, we will record that fact on our site. The same with a pledge to forgo money from PACS or lobbyists, or any of the other planks in the Change Congress pledge. And once this wiki-army has tracked the positions of all Members of Congress, we will display a map of reform, circa 2008: Each Congressional district will be colored in either (1) dark red, or dark blue, reflecting Republicans or Democrats who have taken a pledge, (2) light red or light blue, tracking Republicans and Democrats who have not taken our pledge, but who have signaled support for planks in the Change-Congress platform, or (3) for those not taking the pledge and not signaling support for a platform of reform, varying shades of sludge, representing the percentage of the Member's campaign contributions that come from PACs or lobbyists.

What this map will reveal, we believe, is something that not many now actually realize: that the support for fundamental reform is broad and deep. That recognition in turn will encourage more to see both the need for reform, and the opportunity that this election gives us to achieve it. Apathy is driven by the feeling that nothing can be done. This Change Congress map will demonstrate that in fact, something substantial can be done. Now.

One of the most powerful aspects of openness in any field is that it lets people see what is really going on, so that they can make informed decisions. What Larry is trying to do is to open up the engine of Congress to scrutiny. I wish him every success.

FLOSSInclude

FLOSSInclude may sound like a dental hygiene programme, but is in fact yet another heartening exmaple of the EU backing open source:

The FLOSSInclude project aims to strengthen Europe's participation in international research in FLOSS and open standards, by studying what is needed to increase the deployment, development and societal impact of FLOSS in Africa, Asia and Latin America.

The project will result in a sound understanding of the FLOSS-related needs of the target regions. It will federate local and regional development initiatives with the support of cooperation with current EU research. It will also provide a roadmap for future EU research cooperation in this area.

(Via FOSSBazaar.)

Volantis Code Takes Flight with GPLv3

On Open Enterprise blog.

The Ultimate Ultraportable List

I've written a number of times about wannabe Asus EEE PCs, but there are now so many popping up hither and thither (a *very* good sign) that it's getting hard to keep them all straight. Happily, Laptop Magazine has put together a handy cheatsheet that saves us all the effort.

Freiburg Goes Frei

On Open Enterprise blog.

It's Déjà Vu, All Over Again

A few months back, I wrote about a petition calling for ERT, the Greek national broadcaster, to make its content freely available. Now it looks like ERT is following in the misguided footsteps of the BBC in terms of platforms:

Greek Open Source developers are protesting that ERT, Greece's national broadcaster, will make its online archive available only for users of Microsoft Windows and Apple Mac OSX.

The Hellenic Linux User Group six months ago approached ERT, after finding out the public broadcaster was restricting their access to a new archive. ERT is a public organisation, the developers argue, and should not discriminate against users of Open Source.

In some ways, the situation here is even worse than for the BBC:

ERT is developing an archive of its broadcast material, digitising film, video, pictures and hosting them online. The archive is going to be developed in a 1.95 million euro project, the major part of which is funded by the European Union, the Open Source developers say.

Since the money is being paid for by the EU, it follows that access should not be limited to a couple of platforms.

German Constitutional Court Backs Privacy

I always did admire those sensible Teutons:

The Federal Constitutional Court in Germany has ruled that the identities of file-sharers must remain private and can longer be revealed to media companies who accuse them of copyright infringement. In future, only those accused of ‘heavy’ crimes such as murder, child pornography or kidnapping will be revealed.

This is eminentally sensible, but the content industries will doubtless keep trying to equate file-sharing with those "heavy" crimes - with the result that they will make themselves look even more ridiculous.

Open Source White Box Social Networks

On Open Enterprise blog.

£30 Annual Tax Per PC? You Cannot Be Sirius

Sirius has put up another of its excellent interviews, this time with Stephen Lucey, Executive Director (Strategic Technologies) of BECTA.

The killer section is as follows:

This relates to circumstances where schools using Microsoft’s School Agreement licensing model, are required to pay Microsoft licensing fees for computers based on Linux, or using OpenOffice.org. Finding ourselves in a position whereby a school pays (say) £169 for a device only to be faced with for example a £30 per year after year payment to Microsoft, for a system that is not running any of their software would just not be acceptable to Becta. Indeed I don’t think many people would consider that fair.

No, I don't either. Strange, then, that it's still going on.

Microsoft's OOXML Dirty Tricks, Part 78594

Sigh:

We have discovered that Matthew Holloway was badly slurred by a Microsoft employee in an email to one of the bodies advising an overseas standards NB. It is worth noting that our own national body, Standards New Zealand (SNZ), took the claims so seriously that they responded to parties who received this email.

We discovered the slur by chance, similar information may be circulating in other countries. If you are aware of this please point concerned parties to this article. SNZ have given us permission to quote this email. I have removed names to protect the guilty parties.

And Micosoft wonders why it is so hated.... (Via Groklaw.)

Court Backslides on UK Software Patents

On Open Enterprise blog.

Closed Tibet => Boycott Beijing 2008

It's hard to know how to respond to the events unfolding in Tibet. And it's hard on two levels. First, as an outsider anything I do or say is pretty much irrelevant anyway, but that doesn't justify walking on the other side of the street with eyes averted.

But more directly it's hard because of the attempt by the Chinese authorities to lock down every possible information source. It will come as no surprise that I don't think closing Tibet off from the rest of the world is a good idea - or indeed a good sign.

If the Chinese authorities were telling the truth about the violence allegedly carried out by Tibetans, then having external and independent observers is precisely what they would want. The fact that they don't means that their own stories must be viewed with suspicion, especially since they flatly contradict videos and images that have been smuggled out. Moreover, the fact that it won't even trust its own people - who seem inclined to condemn the Tibetans as "ungrateful" anyway - to judge events, and has blocked practically all external news sources, is yet more evidence that there is a massive coverup underway.

The question then is: What can be done? On a personal level, I think the least those of us with bits at our disposal can do is keep spreading the message that all is not as the Chinese authorities would have us believe and that there is likely to be violent repression going on behind that news blackout. The more outlets that point to independent news stories on the subject, and the more blog posts that restate these issues, the greater the likelhood that the Great Firewall of China will just buckle under the strain (or that China will just cut itself off from the rest of the world).

In terms of the bigger picture, I find pleas that the Olympics must go ahead regardless because politics and sport must be kept separate, or that otherwise the poor athletes will be penalised, rather naive. Sport is all about politics - about which nation is "better" than the others. If athletes really cared about sport for sport's sake, for the sake of achieving their best, they wouldn't go to such politicised occasions in the first place, but would be content with the million other sporting opportunities where they could excel.

So the question then becomes what good a boycott would do for Tibet. In direct terms, I think it would do very little, but indirectly it would show one thing above all: that somebody out there cares enough to say "enough is enough, let us at least do something, however symbolic." Maybe the threat of that will help concentrate the minds of the Chinese leadership; maybe it won't. But the more times the phrase "Boycott Beijing 2008" turns up on Google, and the higher in ranking that term occurs in searches for "Beijing 2008", the more they will at least think about it.

Update 1: Shortly after posting this, I've just come across this brilliant analysis of what the Tibetans are fighting for - and why they are fighting, even though it's hopeless.

Update 2: Typically sharp analysis on the same topic from Salon's Andrew Leonard here.

A Sequoia that Hates Sunlight? How Odd

As you have likely read in the news media, certain New Jersey election officials have stated that they plan to send to you one or more Sequoia Advantage voting machines for analysis. I want to make you aware that if the County does so, it violates their established Sequoia licensing Agreement for use of the voting system. Sequoia has also retained counsel to stop any infringement of our intellectual properties, including any non-compliant analysis.

It's not as if they have something to hide, of course....

Time for Sun to Join the Eclipse Empire?

On Open Enterprise blog.

ODC Public Domain Dedication and Licence

One of the themes of this blog is how the ideas behind open source are seeping into many other domains. One of the latest is that of databases. The question of how you make a database open is prickly, not least because in Europe there is a stupid law that grants a “sui generis” database right, whatever that means. This was intended to stimulate investment in databases; but guess what? It has done precisely the opposite, and actually led to *less* investment relative to the US, where there is no such right. The withering power of intellectual monopolies strikes again.

Anyway, in order to deal with databases, a new kind of licence is required that takes into account these kind of problems, and the Open Data Commons has put one together that has just been released as version 1.0:

The Open Data Commons – Public Domain Dedication & Licence is a document intended to allow you to freely share, modify, and use this work for any purpose and without any restrictions. This licence is intended for use on databases or their contents (”data”), either together or individually.

Many databases are covered by copyright. Some jurisdictions, mainly in Europe, have specific special rights that cover databases called the “sui generis” database right. Both of these sets of rights, as well as other legal rights used to protect databases and data, can create uncertainty or practical difficulty for those wishing to share databases and their underlying data but retain a limited amount of rights under a “some rights reserved” approach to licensing as outlined in the Science Commons Protocol for Implementing Open Access Data. As a result, this waiver and licence tries to the fullest extent possible to eliminate or fully license any rights that cover this database and data. Any Community Norms or similar statements of use of the database or data do not form a part of this document, and do not act as a contract for access or other terms of use for the database or data.

Good stuff. (Via Andrew Katz.)

Explaining Open Source's Exponential Growth

On Open Enterprise blog.

The Saga of Open Source in Government

On Open Enterprise blog.

Philip Rosedale Gets a New Life in Second Life

Wow:

Linden Lab Chief Executive Philip Rosedale said on Friday the company he founded has begun a search for a new CEO with more operational and management expertise.

Rosedale will become chairman of the Linden Lab board when his successor is found, replacing Mitch Kapor, who will remain a board member and the company’s largest investor. Rosedale said he will also keep a full-time role at the company working on product development and strategy.

“This is my life’s work,” he told Reuters in an interview. “I’m not going anywhere, and I’m still full-time on this, probably for the rest of my life.”

Second Life’s growth has slowed after a period of rapid expansion. Rosedale’s replacement will face the difficult task of regaining that momentum, working within Linden Lab’s idiosyncratic corporate culture and winning over Second Life’s impassioned users.

Presumably it's the slower growth that has encouraged Rosedale to make this move in the hope that fresh blood can get things moving again.

AGPL Gets OK from OSI

On Open Enterprise blog.

Bristol City Council Saves with ODF

On Open Enterprise blog.

Google Sky: To Freely Go

Robert Scoble cried over Microsoft's upcoming WorldWide Telescope, and he may well not be alone, since I'm sure there will be some proprietary angles that push people towards viewing it under Windows. For the rest of us, Google has created the browser-based Google Sky: maybe not as breathtaking as Microsoft's, but at least it doesn't cost you the earth in terms of your freedom.

Mandriva Goes "Eee"

I've written many times, both on this blog and elsewhere, about the importance of the Asus Eee PC and its ultraportable siblings in terms of defining a new market sector that is deeply problematic for Microsoft. Here's a further sign of that machine's influence: one of the major distros explicitly supporting the Eee out of the box:

We at Mandriva noticed Asus's excellent Eee PC low-cost, miniature notebook taking the world by storm. Thanks to our work on the Intel Classmate PC, we already had extensive experience of working with this type of system, and it was simple to make Mandriva Linux 2008 Spring 100% Eee-friendly. The Eee comes with a capable Linux distribution, but should you reach its limitations or prefer to install your favourite distribution instead, Mandriva Linux 2008 Spring is ready. It supports all the Eee's hardware out of the box, with no configuration required, and the Mandriva configuration tools and applications have been tweaked to be friendly to the Eee's lower resolution screen.

(Via Eee Site.)