Archive for April 2009
If the Obama administration is going to be serious about raising the level of transparency at the federal level I think they have some challenges. One challenge might be that the the media and the public can’t handle it. Take the reaction to Melissa Hathaway’s recent speech:
On Feb 9th Melissa Hathaway was given the role of Cybersecurity Chief and instructed to perform a 60 day review of all existing federal cybersecurity projects and strategies.
On April 22nd she presented an summary of the review at the RSA conference recently. I thought the points in her speech were very good:
- Private sector, education, public sector, government, and military all rely on shared digital infrastructure for communications. That infrastructure is primarily owned and operated by the private sector.
- Security of the digital infrastructure is strategic to the US
- The federal government has a fundamental responsibility to address strategic vulnerabilities .
- No single agency has a broad enough perspective to address these challenges.
- The US government cannot address any strategic issues if they act alone.
- Governments and private sector in multiple countries must work together and much research and development is needed.
- This is a long term initiative that the federal government is not well-structured to handle.
- The full report is going under review and will be released shortly.
Note that she was not presenting the report, just an update of the progress. My summary of her summary is that the initial conclusions high-level but well-balanced and rational, and that there is a lot more to do.
The reaction to her speech? Pieces like Hathaway Speech Lacks Substance by Tom Field, and Obama Cyber-Security Czar Melissa Hathaway Says Little on Federal Strategy by Hilton Collins. These people either don’t understand transparency, don’t want it, or can’t handle it.
My fear is that this administration, in the name of increasing transparency, will release information as it is available -> They will get slammed by the media for releasing statements that ‘lack substance’ -> They will become motivated to delay announcements until there is more substance -> Tansparency will be lowered back to where it was.
In a recent post – The Economic Case Against the GPL Eric Raymond contents that the GPL is either futile or unnecessary. Here are my thoughts.
The core of the GPL is very simple and elegant. It is a work of art in licensing terms. Put simply it says “I am making my work available to you with a wide set of freedoms, and I only ask that these same freedoms are given to anyone you distribute your work to.” This creates an intellectualy property ‘lock-out’ (as opposed to a lock-in). It does not stop you from selling your work, but it does stop you from keeping your intellectual property to yourself.
So the first question is – is this futile? I think the answer to this is no. The lock-out is effective. In fact many commercial open source businesses use a dual – license strategy : they offering technology under a GPL license for no cost and selling the same technology under a commercial license. This would not be a viable model if the GPL was futile or inaffective.
The second question – is this unnecessary? Can software that is open and transparent with similar freedoms, but without the intellectual property lock-out be successful? The Apache Foundation, the Eclipse Foundation, and JBoss are certainly successful. So maybe this is the case.
As Raymond says the GPL is effective for community forming and as a ‘badge’. But the Apache license is just as effective at this in my mind.
The GPL is certainly not futile, but there is a case for saying it is unnecessary. As always, we will have to wait and see what plays out in the long term.
Every year at the annual MySQL conference there has been a slight, but noticable, shift in the overall audience from the year before. Comparing this year’s attendees with the ones from 3 or 4 years ago the differences are more significant. 4 years ago the attendee’s coming to the Pentaho booth understood databases and open source, but did not necessarily understand business intelligence. This year, for the first time, I encountered people who understood databases and business intelligence, but did not understand anything about open source.
This is progress. If the MySQL conference has graduated from an ‘open source database conference’ to a ‘database conference’ it implies that MySQL is now not an ‘open source database’, but a ‘database’. Whilst, yes, it is still open source, the interesting thing here is the view point of the mainstream market. That is, MySQL is a mainstream product who’s differentiating factor is not the manner in which it is created.
Congrats, MySQL, on making it to the other side.
Maybe this isn’t news to anyone but I think I finally understand Microsoft’s strategy when it comes to open source. If I’m right, I’m quite impressed (with them, not me). The net of this is that Microsoft would like you to (in order of preference):
- Pay for and use Microsoft software
- Use open source software and have a Microsoft licensing agreement (e.g. Linux under the Novell deal)
- Use open source software that violates Microsoft patents so they can force you to make license payments (e.g. TomTom)
- Use their competitor’s software
- Use open source that does not violate their patents
For #4 and #5, I think they would prefer you pay for competitor software than use unencumbered open source because you are still in the world of vendor lock-in, where traditional marketing and sales tactics are effective. If you are using unencumbered open source software you are below their radar and you are difficult for them to reach.
I patched this together from these isolated facts and incidents:
Halloween Emails – 1998
In 1998 a series of internal emails were leaked from Microsoft (the Halloween emails). It is clear from these emails that Microsoft understood how open source worked, that it was a threat, and that attempts to market against it were counter-productive. In the next few years Microsoft does little or nothing to fight against open source.
Lack of Patents < 2001
Microsoft did not make a lot of patent applications prior to 2001. It ended up making a lot of payments to other software companies to resolve IP claims because of this. Bill Gates resolves to remedy this.
Strategy Revealed – 2002
From an internal memo at HP:
“Basically, Microsoft is going to use the legal system to shut down open-source software. Microsoft could attack open-source software for patent infringements against (computer makers), Linux distributors, and, least likely, open-source developers,” Gary Campbell, vice president of strategic architecture.
At that time the open source projects specifically mentioned were: Samba, Apache HTTP, and Sendmail.
Cross Licensing Initiative – 2004
In order to meet its patent portfolio goals Microsoft embarks on a cross-licensing initiative.
“If we are able to strike cross-licensing deals with the top 30 technology companies, that alone would provide us access to a vast majority of the patents in areas we care about”, David Kaefer, Microsoft’s director of intellectual property licensing.
This was done to protect Microsoft from IP claims made against it by proprietary companies, but it plays into their open source strategy.
Microsoft Shared Source – 2005
Around 2005 Microsoft started to make some of it’s source code available under a ‘shared source’ program. Jason Matusow (director of the program) claimed this was to try to replicate the advantages of open source. It sounds good but under this program you are allowed to view their source, but you are not allowed to use the source. This text is from Microsoft’s Developer Center is rather ominous:
You are warned that when you build a run-time image based on an OS design that contains shared source code, your run-time image might contain private code that cannot be released in a product under the terms of the Microsoft EULA
So by making their source code available they make it very tempting for developers to use it as a source of code samples. But doing so leaves you open to legal problems that are best resolved by making license payments to Microsoft.
Codeplex – 2006
In order to encourage developers to inadvertently full into the shared source trap, Microsoft launches Codeplex.
Microsoft Novell Partnership – 2006
This agreement is particularly interesting. The deal protects Novell’s customers from legal action by Microsoft for any IP infringements that exist in Linux. Effectively Novell customers are pay Microsoft (through Novell) for the right to use software that includes functionality covered by Microsoft’s patents.
The Linux Attack – 2007
Microsoft claims that Linux violates 235 of its patents. However Microsoft won’t reveal which of it’s thousands of patents at the problematic ones.
Many open source participants ask Microsoft for the list, saying that they will re-write the offending code so that the violate is removed. They miss the point. Microsoft wants the violations to remain in place. Microsoft wants users of Linux to pay a license fee to Microsoft to cover the use of their patents. That is, everyone except Novell’s customers, who have pre-paid for that same license (they pay Novell, Novell pays Microsoft).
The TomTom Takedown – 2009
The recent TomTom case is a good example of the patent attack. Microsoft revealed two of its patent cards – #5,579,517 and #5,758,352 around the FAT filesystem – and slapped it on TomTom for using a Linux distribution that includes FAT-based code. The result of this case is that TomTom now pays license fees to Microsoft for the use of that code.
So now we know 2 of Microsoft’s alleged 235 Linux-related patents. Now that Microsoft has revealed these patent cards it would clearly be in the interests of the open source movement for all the code that could violate the FAT patents to be removed or re-written in such a way as to avoid the IP issue (if possible). Long-time open source advocate Larry Augustin takes this position also.
Since identifying open source as a threat 10 years ago Microsoft has consistently done two things: increased its patent portfolio, and gained revenue from licensing that portfolio to others.
Microsoft has clearly decided that it cannot directly fight or defeat open source. But it can further increase license revenue by attacking users of open source with claims of IP infringement.
Individual open source developers are too small to target with attacks such as this. But any large company using open source internally or in a product or service should be concerned by this. The open source movement as a whole needs to pay attention to IP issues.
There are many people in the open source movement who hold a “we don’t believe in intellectual property” stance. They may, one day, find themselves sending a monthly payment to Microsoft for privilege of continuing to hold that belief.
Watch the video and read the comments: http://www.youtube.com/watch?v=9lp0IWv8QZY
Makes me think maybe the internet is good for more than booking flights, checking the weather forecast, distributing open source, and emailing the boss.
I just added a little pro-open source movie to youtube: http://www.youtube.com/watch?v=X0R0toLhmwk
You can get higher resolution files:
There are many advantages to embedding business intelligence into applications.
I just added a short movie to youtube about some of them: http://www.youtube.com/watch?v=uMyR-In5nKE
The advantages of embedding BI include:
- You get to re-use the security, context, and business rules of the application.
- The user gets a more seamless and integrated experience
- Easier installation and upgrade paths (for packaged applications)
The Pentaho BI platform was designed from the start to be embeddable. This entails architecting the entire platform so that it can be consumed as a set of libraries. This is not easy to achieve and is almost impossible to retro-fit into an architecture that was not designed to support it.
In a few lines of Java (10-20 lines) you can initialize the platform and execute reports and ETL processes etc. The advantage of doing BI at this level is no request gets to the BI libraries, and no content gets back to users, without coming through the application’s security, context, and business rules etc.
Another advantage of embedding BI is that it enables a level of integration that is not possible any other way. For example when providing the data that is used to populate a report you have many options:
- The application calls the BI platform to execute a report, and the data source and the query are defined in the report itself.
- The application creates a query and passes it to the report before execution.
- The application creates and executes the query, and passes a live database cursor to the BI platform for the report engine to use.
It is this last option that is impossible to implement using any kind of web service or RPC-level integration between an application and a BI server. Only a fully-embedded BI solution can provide this level of integration.