Cybersecurity is an increasingly frequent topic in the news, and this week brought word of the indictment of someone who must be the leading contender for the title, Master Cybercriminal of All Time (Payment Card Fraud Division): Albert Gonzalez. More recent press reports point to additional conspirators who Gonzalez's attorney contends were there real masterminds. Top honors aside, government prosecutors contend that the team are responsible for all of the most high profile data breaches publicized to date: Heartland, Hannaford, TJX, and more - gaining access to information relating to an astonishing 130 million credit and debit cards or more.
With so many breaches in the news, you might understandably be wondering how safe your own financial information is, and whether anyone is doing anything to protect you. Happily, the answer is "yes," and as it happens, the organization that has been tackling this problem is a client of mine, PCI Security Standards Council, which creates and enables a global, end to end ecosystem of standards, certifications, auditors and more to secure payment card data from the moment that your card gets swiped on a reader to the time it reaches its ultimate destination.
In 2001, I took a one month solo cross country trip, driving from Massachusetts across the Northeast, the Midwest, and then the prairie states, until I reached what we generally think of as “the West” – the land of canyons and buttes, deserts and mesas. Once there, I spent the rest of the time backpacking in the canyonlands of Utah, and then meandering North on dirt roads until I reached Glacier National Park, in the Northwest corner of Montana. After that, I zigzagged back East until I reached the Mississippi. Then, it was just a straight highway shot till I arrived back home once again. It was during that trip that I began writing in earnest, although I haven’t (yet) posted anything from that journey to the Web.
Last week, Microsoft and the European Commission each announced that Microsoft had proposed certain concessions in response to a "Statement of Objections" sent to Microsoft by the EC on January 15 of this year relating to Microsoft's bundling of Internet Explorer with Windows. If you've been reading the reams of articles that have been written since then, you may have noticed that the vast majority of the virtual ink spent on the story has been directed at the terms relating to browser choice. Typically, and as an afterthought, most of these stories have added a brief mention that Microsoft also proposed commitments relating to "another" dispute, this one relating to interoperability.
While the browser question is certainly important, in many ways it is far less important than the interoperability issue. After all - the primary benefit for consumers under the browser settlement is that they can choose their favorite browser when they first boot up their new computer, as compared to investing a few extra clicks to download it from the site of its developer - as they can already do now. Interoperability, of course, goes far deeper. There's no way that you can make one program work the way you really want it to with another unless it comes out of the box that way, or unless you have not only the ability, but also the proprietary information, to hack it yourself. And if both programs don't support the same standards, well, good luck with that.
So what exactly did Microsoft promise to the EC, regarding interoperability? Let's use ODF as a reference point and see.
I'm pleased to report this morning on the formation of a new advocacy group for the use of free and open source software in the U.S. Government. I'm also pleased to have been asked to serve on its Board of Advisors, along other proponents of free and open source software, such as Roger Burkhard, Dawn Meyerriecks, Eben Moglen, Tim O'Reilly, Simon Phipps, Mark Shuttleworth, Michael Tiemann, Bill Vass, and Jim Zemlin.
The new organization is called Open Source for America (OSA), and you can find its Web site here. Tim O'Reilly will officially announce OAS at OSCON later today, and you can find the launch press release here, as well as pasted in at the end of this blog post for archival purposes. I'm sure that you'll also see quite a few articles blossom across the Web today relating to its announcement, but having been in on the planning, here's what it's all about.
The dominance of Microsoft's Office in the marketplace would be logical (if frustrating, to those that think that competition breeds better products), if it was simply a matter of developer seats. After all, Microsoft deployed hundreds, and then thousands of engineers to develop and evolve its flagship app over the last 25 years. How could anyone expect a less well funded commercial competitor, much less an open source project, to equal Office for features, performance and interoperability with other office suites?
At the same time, people keep trying - a lot of them. Not just long-established competitors, like Corel, with the venerable and estimable WordPerfect office suite it bought from Novell, open source projects like OpenOffice and KOffice, as well as projects launched by much larger players, such as IBM (Lotus Symphony) and Google (Docs).
WordPerfect aside, most of these offerings disappoint when it comes to round tripping documents with Office users, although many provide perfectly fine alternatives for stand-alone use, particularly by those that don't need to create the most complex business document.
The funny thing is, though, that the quality of the result, and even the ability to interoperate in a world dominated by Microsoft's Office, doesn't necessarily equate to the depth of the resources of the developer. Now isn't that an interesting observation?
Why did perennial litigant Rambus, Inc. settle with the European Commission?
Certainly the most watched standards-related legal conflict of the decade involves the participation of memory technology vendor Rambus, Inc. in a working group hosted by standards developer Joint Electron Device Engineering Council (JEDEC) in the early 1990s. The fame (or notoriety) of the conflict arises in part from the importance of the conduct at issue (did Rambus set a "patent trap" for implementers of the standard that emerged from the working group?), and in part from the seemingly endless string of law suits that resulted from that conduct some fifteen years ago.
Most of these suits were brought by Rambus against vendors that refused to pay royalties when they implemented the standard, but these suits almost always resulted in vigorous counterclaims against Rambus, brought by those same implementers. And investigations into Rambus's conduct were also brought by both the Federal Trade Commission (FTC) in the United States, and by the European Commission in Europe. A separate string of cases related to alleged price fixing and other improper conduct by other vendors that participated in the same working group, which ended in record settlement amounts being paid by those vendors to the regulators.
If you haven't heard the words "smart grid" before, that's likely to change soon. That's especially so if you live in the U.S., where billions of dollars in incentive spending is pouring into making the smart grid a reality. As you might expect, since I'm talking about it here, the smart grid will rely on standards to become real. A whole lot of standards, in fact, and that's a problem
Those of you who are subscribers to my free standards eJournal Standards Today know that I've dedicated each of the last several issues to one of the many multi-billion dollar initiatives that the Obama Administration has launched that are heavily dependent on standards - which in many cases do not yet exist. Each initiative is also of great complexity, and will need to rely on a level of cooperation and collaboration that does not natively exist in the marketplace. That's certainly the case with the Smart Grid challenge, and that's what the latest issue of Standards Today is all about.
Throughout the 20th century, the U.S. electric power delivery infrastructure served our nation well,… This once state-of-the-art system brought a level of prosperity to the United States unmatched by any other nation in the world. But a 21st-century U.S. economy cannot be built on a 20th-century electric grid. A Vision for the Modern Grid, National Energy Technology Laboratory, for the DOE, March 2007
For decades utility companies and environmentalists alike have known that more dramatic and economical advances in energy policy could be achieved through energy conservation than by any other means. By utilizing techniques as simple as buying more efficient appliances and better insulating our homes we can lower our dependence on foreign oil, release fewer greenhouse gases, and savemoney as well, all at the same time. For almost as long, utilities have promoted the concept of “demand side management,” and sought to enlist the aid of consumers and businesses to shift electricity usage to low-demand times of the day, with the potential benefit of avoiding the need to build expensive new power plants.
I am an avid, lifelong, reader of newspapers in general, and of the New York Times in particular. And I'm a staunch believer in the essential role of an independent press in a modern democracy. I’m also the owner of a Web site that serves over a million page views a month, some of which display short extracts of news articles, with links back to the full text. On occasion those links lead back to stories appearing at the Web site of the Times.
So why am I trying to kill my beloved Times and its worthy brethren?
Before Linux.com went dark late last year, it was one of the most visited open source news aggregation and discussion sites. As you may recall, word got this March that the Linux Foundation had taken Linux.com over, and was committed to making it bigger, better and richer than before. Further to that goal, it set up "Ideaforge," to tap the developer and user communities to learn what they in an on-line resource to make the Linux ecosystem more successful and satisfying for all involved.
After months of effort behind the scenes, and some pretty impressive Web design, the Linux Foundation delivered on that promise last night. What you'll find there is something that's different from anything that's ever existed before - an interactive, growing, feature and content rich resource that can help you hone your skills, find a job, assemble a Linux-based system, and, of course, access the most up to date news, blogs and ideas about open source software in general, and Linux in particular. What it's all about can be summed up in just six words: For the community, by the community. And if you read this blog, that includes you.
Quote of the Day
“For the first time ever there is a default open format for Government documents”
-OpenForum Europe U.K. chapter celebrating the annointment of ODF by the U.K. Cabinet Office
“The document format world has just been turned upside down”
IEEE forms group to address 25 Gb/s Ethernet standard for cloud datacentres Staff Business Cloud News July 29, 2014 - The IEEE has formed a working group to explore the market opportunities and needs for a single-lane 25 Gb/s speed for server interconnects for Ethernet. The formation of the 25 Gb/s Ethernet Study Group comes shortly after Google, Arista, and Microsoft, operating as part of the recently formed 25G Ethernet Consortium released a specification enabling single-lane 25 Gb/s Ethernet and dual-lane 50 Gbps Ethernet links.
Echoing the 25G Ethernet Consortium, which is composed mainly of networking technology developers and cloud service providers, the IEEE said the reuse of serial lane 25 Gb/s signaling technology, developed to support 100 Gb/s Ethernet, optimises the cost of traffic per GB in datacentres built primarily for cloud – allowing these providers to send more data over the same links.... ...Full Story
Moving to LibreOffice saves Toulouse 1 million Submitted Gijs Hillenius EU Joinup July 29, 2014 - Toulouse, France's fourth largest city, has saved 1 million euro by migrating all its desktops to LibreOffice, an open source suite of office productivity tools. "Free software and open source in general is now an established part of the city’s comprehensive digital policy, and the open model promotes economic development and employment in the region", according to a study published by the Open Source Observatory and Repository today....Currently several thousand people out of the 10,000 who work for the city and Toulouse Métropole use LibreOffice daily. The migration started in 2012, following the political decision in 2011. The switch took a year and a half, and 90 per cent of the desktops now run LibreOffice...."Software licenses for productivity suites cost Toulouse 1.8 million euro every three years. Migration cost us about 800,000 euro, due partly to some development. One million euro has actually been saved in the first three years. It is a compelling proof in the actual context of local public finance",... ...Full Story
What the UK Government’s adoption of ODF really means Charles-H Schultz Moved by Freedom- Powered by Standards July 28, 2014 - On Tuesday the news that the UK Government had decided to use ODF as its official and default file format started to spread....This decision is a landmark for several reasons. First, it is not every day that you see an entire government migrate to a standardized file format. You may hear about government branches using this or that solution, but nothing that is so “abstract” than a file format. This time the UK Government has made the conscious decision to define a coherent policy in handling its digital documents, from the stage where they are created, edited and circulated all the way to the archival phase....
Most of the migrations from one office suite to another tend to happen without any coherent document management policy. Many organizations moving from, say, Microsoft Office to LibreOffice do not necessarily adopt ODF as their default format and will carry on supporting whatever version of the MS Office file format internally. This usually leads to frustrations and compatibility problems. This time, the UK Government decision takes a different approach. By deciding about the formats first, the UK creates the conditions necessary to have real choices for its government and its citizens, thus setting a level playing field for everyone....While reading among the tea leaves is not my favourite past time, it is relevant to assume that this decision may change a few things around the IT industry as well. By way of an example, I have always been amazed at Apple’s clean support of ODF inside Mac OS X but its constant absence across the iWork editions. Perhaps Apple will feel compelled to introduce ODF files in iWork now? Only time will tell. Cloud solutions will also have to improve or implement ODF and in some cases PDF support in a proper way.
The decision might also have consequences for other European countries and perhaps for the European institutions themselves, as the UK will now be an actual example of a country that has migrated to ODF, and not just one of the countries that made the choice of Free and Open Source Software.... But the whole point is that in 2014, trying to extract revenue by creating lock-in on office files is no longer acceptable. That, I think, is what the UK Government decision really means. And if I’m right, it’s only the beginning.... ...Full Story
Report: US needs to adopt minimal national security standard for cybersecurity Dibya Sarkar Fierce Homeland Security July 28, 2014 - The United States cannot allow cyber insecurity in information systems to reach a point where weaknesses would result in leaders "unwilling to make a decision or unable to act on a decision fundamental to our national security," said a new think tank report, suggesting a new national security standard for what's important to protect in cyberspace....Danzig said that because IT dependency and accompanying insecurities have come so rapidly evolved, the U.S. doesn't really understand what is acceptable and unacceptable risk let alone what the government's and the private sector's roles are in this area....He also said that the U.S. may need to adopt a strategy that "self-consciously" gives up some cyber benefits in exchange for greater security on key systems.
This might involve "stripping down systems so they do less but have fewer vulnerabilities" and less reliance on digital systems and more on humans, among other recommendations.
Another interesting initiative is to "map the adversarial ecosystem of cyberspace in anthropological detail" as a way to better understand enemies, our own incentives and operational methods, he wrote.... ...Full Story
The Document Foundation congratulates the UK government for their revolutionary and historical choice of open document standards Press Release The Document Foundation July 25, 0214 - The Document Foundation (TDF) congratulates the UK government for the selection of the Open Document Format (ODF), in addition to Portable Document Format (PDF), to meet user needs. LibreOffice, the free office suite developed by TDF, supports both ODF – the native document format – and PDF (including PDF/A)....“TDF has always been a strong supporter of ODF, and a believer in open document standards”, says Thorsten Behrens, TDF Chairman. “July 22 will be a date to remember, as the culmination of a dream inaugurated when ODF become a ISO standard on November 30, 2006. By standardizing on ODF and PDF, the UK government is showing the world that it is entirely possible to find a way out of proprietary formats to enhance user freedom”....Complementing ODF, LibreOffice manages Hybrid PDF files, which combine the advantages of PDF and ODF by embedding a fully editable ODF document into a PDF without breaking any of the standard characteristics of both formats. ...Full Story
We're living in a post-open source world Matt Asay InfoWorld July 25, 0214 - After years of bitter feuds between free software and open source advocates, open source won. But it was a temporary victory. While proponents of Apache-style licensing had a brief period to gloat, the GitHub generation seems determined to take open source to its logical conclusion: releasing most software under no license at all.
Are developers simply too careless to bother with a license, or is something bigger under way?... ...Full Story
Groundbreaking Operating System Is Named an IEEE Milestone David Laws IEEE The Institute July 25, 0214 - The greatest technological innovations often happen in the most modest of places. In his backyard toolshed in Pacific Grove, Calif., computer programmer Gary Kildall built an operating system in 1974 that, along with the microprocessor and disk drive, would become one of the three fundamental building blocks of the personal computer revolution. His OS, Control Program for Microprocessors (CP/M), was the first commercial system to allow a microprocessor-based computer to interface with a disk storage unit. It paved the way for low-cost computers to be used in business, industry, academia and, eventually, the home.
To recognize the breakthrough, Kildall’s invention was named an IEEE Milestone in Electrical Engineering and Computing.... ...Full Story
EU tenders for Open Data platform Written Ian Murphy Business Cloud.com July 24, 0214 - The European Commission has launched a formal tender for SMART 2014/1072 - Deployment of an EU Open Data core platform: implementation of the pan-European Open Data Portal and related services. This promises to be the worlds biggest open data project to data, eclipsing the UK Data.Gov.UK and the US Data.Gov which currently deliver approximately 15,000 and 111,000 data sets respectively.
This is not just about making data available for third party developers and those with the knowledge and skills to extract, sort, curate and import data into their own systems. The EU wants visualisation tools delivered as part of the project. This will make it possible for users of the European Open Data Portal to do their own analytics and create visualisations of the data on the platform itself.... ...Full Story
Microsoft attacks UK government decision to adopt ODF for document formats Bryan Glick ComputerWeekly.com July 24, 0214 - Microsoft has attacked the UK government’s decision to adopt ODF as its standard document format, saying it is “unclear” how UK citizens will benefit....Microsoft has heavily lobbied the government throughout the three-year process that led to its decision to adopt ODF. The company has never suggested OOXML should be the only standard, but has recommended that government adopt both ODF and OOXML.
Minutes of meetings of the Technical Standards Panel that advised the Cabinet Office were also published yesterday, showing that OOXML was discussed as a possible standard, but was rejected because ODF better met the criteria for open standards as defined by the UK government....
“The chair asked LH [Linda Humphries, open standards lead at the Government Digital Service] to explain why ODF was chosen rather than another format such as Office Open XML, also known as OOXML,” said the minutes.
“LH explained that the decision was based on the Open Standards Principles and the UK government definition of an open standard. Both ODF and OOXML, were considered but ODF better met the criteria.
“For OOXML, there were concerns relating to the vendor independence and market support criteria - particularly with differences between transitional OOXML and strict OOXML conformity".....
The panel also discussed whether it would be feasible to choose two standards for sharing documents, as it has done with viewing documents, but this was also rejected because of the difficulties ensuring interoperability.
“The chair asked the Panel to consider whether multiple standards would be appropriate for document formats. Following discussion, the panel reached consensus that one standard is important to ensure interoperability and to allow users to collaborate effectively on the same document,” said the minutes.... ...Full Story
Huge Win for ODF in UK: Let's Not Mess it up Glyn Moody ComputerWorld.uk July 23, 0214 - Back in January, I alerted people to a hugely-significant consultation being run by the Cabinet Office on the subject of document standards. This was so critical, that I banged on about several times more, urging readers to submit their comments. I must confess that I was not optimistic: we have been through this exercise so many times, and been so close to obtaining support for open formats, only to be thwarted by machinations, that I assumed the same would happen here....Yesterday's news is truly a unique opportunity to show the power of open standards, to promote the benefits of open source, and to bring about its wider dissemination both in government, and among home users. The price of failure here would be extremely high: yet more years in the wilderness, as happened after the Massachusetts ODF fiasco a decade ago. So let's not mess it up. ...Full Story