Category Archives: Articles

Formal certification for open source projects, is this progress?

By announcing its new certification process for Linux professionals at Linuxcon, The Linux Foundation made their pro-certification stance pretty clear. They’re not the only open source foundation endorsing peer-verified certification as an effective and useful way for those outside a community to place their trust in an individuals community credentials. The Document Foundation also offers a certification scheme, in their case for for LibreOffice migration professionals.

The two qualifications use slightly different procedures to assess candidates, but the outcome is a similar endorsement of community-recognised skills. How many other projects might be a good fit for this sort of certification? Should this become a more widespread practice? There are some obvious benefits to the practice, for a start it creates a concrete parameter for those outside the community to use when making hiring decisions. Both certifications appear to have made an impact in their respective fields, with the TDF certification already a requirement in some recruiting activities and The Linux Foundation’s introductory offer $50 certifications already sold out.

For more details about both certifications as well as more detailed discussion of potential criteria for new qualifications, see Simon’s InfoWorld article.

Is Microsoft To Blame For Malware?

The action law enforcement services have taken against the GameOver-Zeus malware syndicate is great news for a change. In the UK, this was communicated with typical tabloid alarmism, framed as “two weeks to save the world” instead of “unusually effective action by law enforcement”. As a result, UK publications have been posting self-preservation information for their readers.

The BBC’s instructions start with the statement “If your computer does not run Windows, stop right here.” Users of other operating systems like Linux or ChromeOS have nothing to worry about this time, even if they are increasingly likely to be targeted elsewhere. As a result, some have asked whether Microsoft is to blame for all this malware. Continue reading

Heartbleed and Lessons Learned

HeartbleedWe’ve had some time for the shock of the Heartbleed announcement to sink in and there’s a lot to consider. While the first impressions might be about the serious, exploitable bug and the repercussions of its abuse, the incident casts light on both the value and risks of open source. Continue reading

Steering Where You Look

When I learned to drive, my instructor told me “you steer where you look” — in other words, wherever you focus your attention becomes your destination, so keep your eyes on the road ahead and don’t worry about the stores at the roadside (or even too much about the kerb and the parked vehicles).

The same principle seems applicable in other contexts. We’re moving away from a hierarchical, post-industrial society and evolving into a meshed society of peers, interacting in variable roles on their own terms. That’s challenging established institutions, but sadly they have frequently “steered where they looked” and made the wrong choices.

Continue reading

Was OpenSSL’s licensing responsible for the neglect that led to Heartbleed?

Addressing the question of why the OpenSSL project received such low levels of participation pre-Heartbleed, David A. Wheeler, an expert in government use of open source, suggests that it could be down to the choice of license. Within a longer work discussing many of the technical issues involved in addressing Heartbleed, Wheeler wrote:

I suspect that more code review and contributions would occur if OpenSSL used a standard widely used license 

Could it be that potential community members were put off engaging with OpenSSL simply on account of the licensing decision? Continue reading

Data Retention Directive Scrapped

The European Court of Justice (ECJ) decided to scrap the data retention directive on Tuesday, declaring it to be in violation of Europeans rights to a private life and protected personal data. In place since March 2006 the data retention directive required member states to store citizens’ telecommunications data for six months to two years to serve the needs of police and National security agencies.

The ECJ observed that the directive makes possible the discernment of the means, time, place, and frequency of communication between a subscriber or registered user of a site as well as the identity of the person they’re messaging. The ability to collect this information is considered disproportionate to the objectives of the directive and therefore counter to the EU proportionality principle.

The removal of the directive creates it’s own set of issues, questions and grey areas. What will happen to National regulations drafted in accordance with the directive? Can Telecom and Internet Service Providers still store personal data for over six months or is it now to be considered outright illegal? How about ongoing contracts in favour of such data retention? Both governments and the companies involved have got some fast thinking and acting to do. The responses of governments to this move will reveal much about the future of the way European Directives are handled at national scale. Read Simon and Alexandra’s full analysis on ComputerWorldUK.

“… and the filters don’t work/they just make it worse…”

The UK government has pressured ISPs to apply content filters to their customers’ connections, in the name of protecting children from unsuitable content. During 2014, ISPs will be approaching their customers and trying to persuade them to turn on filtering. But this is a mistaken approach arising from magical thinking — “this thing should exist so it must be possible”.

Content filters can’t work, for several reasons. Just a sample: Continue reading

Pirates in Politics

The European Pirate Party launched itself last month to create a common platform for the various Pirate Parties of Europe. With Swedish Pirate MEP Amelia Andersdotter as the chairperson of their first elected board and a manifesto which outlines a raft of ideals ranging from transparent institutions to copyright reform and from defense of civil rights to new opportunities for democratic participation, the European Pirate Party seems well set to make its mark on European politics.

Whilst the Meshed team found the Party launch to be lacking a certain focus and sense of historicity, the fact of the event itself is encouraging. Representing a commitment to organisation and co-operation between the various groups that come under the Pirate banner, the founding of this pan-European body represents the beginning of a new political dynamic for the continent’s geeks. Read Alexandra’s full write up at ComputerWorldUK.

FFII’s April 1st gag takes aim at OIN

In a satire of OIN‘s stated aim “to promote the Linux system by using patents to create a collaborative ecosystem”, the FFII used the opportunity provided by April 1st’s traditional gag pulling to announce two new “initiatives”, labelled “Coin2Patent” and “Offensive Publications”. Directly playing on the names and concepts of two OIN programs “Peer-to-Patent” and “Defensive Publications”, the initiative descriptions closely mirror those of their OIN counterparts but with a hard satirical edge.

The actual Peer-to-Patent program describes itself as a “system that aims to improve the quality of issued patents” and Defensive Publications are called “powerful preemptive disclosure [which] prevents other parties from obtaining a patent on the product, device or method.” The FFII gag paints their alternative projects as crowd funding for patent trolls and “basically the patents themselves” respectively. Read Alexandra’s full write up in the ComputerWorldUK spot.

More cautious excitement as Microsoft opens .Net

The Microsoft news is coming thick and fast. A few days ago we discussed Office for iPad, Microsoft’s confession of unethical behaviour and its release of MS-DOS code under a prohibitive license. This weeks news seems even bigger: open source for .Net and $0 pricing for mobile Windows. There’s cause to be excited, yet as ever caution is required.

The excitement comes from the .Net news. The formation of the .Net Foundation and the hosting of 24 projects within it should liberate developers to innovate in a way that seemed impossible under previous leadership. This move has seemed an obvious one for the open source community for a long time, as it offers a new lease of life for .Net through contributor innovation and should help create a rich, monetisable market.

The caution relates to the news that Windows for mobile will be free of charge. Whilst unarguably a big move, it’s not open source — the license terms still restrict how you can use the software. This is important, as whilst a “first hit is free” approach to getting people using mobile Windows might bring some results, the key to sustained innovation and therefore sustained increase in the user base comes from removing the need to ask for permission before you can innovate.

Read Simon’s full analysis in the InfoWorld article.