✈ Old Vienna Reflected In New Vienna

☞ Not Wild Just Alive

  • Excellent article.

    The internet does not exist as untouchable. Morality and the rule of law do apply to the actions people do there. The question is whether those laws are appropriate. … And the proper response, if there is “unsuitable” (unsuitable to whom, by the way?) content is to go after those who produced and distributed it. Not to seek to block access and sweep it under the rug. That’s denial. Let’s live in reality.

    Time to reject the frame, I’d say.

  • Roberto’s review of OSI’s governance reforms correctly points out that individuals are very important to OSI. I hope the new governance will grealy expand the number of individuals able to contribute significantly and directly to OSI’s mission to advance open source and unite its communities.
  • CIX is still the hosting provider for the static parts of my web site, just as it has been ever since they introduced those novel “web page” things a couple of decades ago. I too still have my CIX “sphipps” ID and mail to it still works fine.
  • I wish I’d had the conceptual overview of Asterisk in AOSA when I first encountered Asterisk. Explaining the concepts clearly like that should be a mandatory part of every open source application’s documentation.

☞ No Respect

☝ eG8, Control Points and NameCoin

As the pressure on and from political leaders to “regulate” the internet mounts, the need for basic infrastructure to switch from hierarchical to distributed control is becoming more urgent. The week has seen a number of developments that highlight the growing conflict between those with vested interests in centralised control of the web and those who believe control points are a form of defect. Read about it on ComputerWorldUK.

☞ Future-proofing

  • With internet-control-freak politics everywhere now – just look at eG8 and PROTECTIP for example – the need for distributed infrastructure beyond the control of any entity is getting stronger and stronger. This new project uses the same approach (same code, in fact) as BitCoin and creates a distributed DNS where everyone gets to be their own domain registrar in a safe way. It’s a very young project, but I am certain we need something like this soon. Otherwise the lobbyist-driven actions of our political leadership will soon render citizen-empowered innovation impossible.
  • This clear explanation of the hole UK schools have got themselves in with ICT rings true for me. I remember around 5 years ago explaining very clearly to the headmaster of a local school why the new infrastructure he was creating in his new school buildings needed to use virtualisation, thin clients and open source software for as much as possible, and then watching him install Windows PCs everywhere. I bet that school has the mother of all legacy issues today.
  • I like the story at the start of this, but it’s mainly notable for the insight in the comments that Matthew Aslett is not a fan of open core.

☞ 500th Post

This is the 500th posting on Webmink.Com, and it’s taken about a year to get here. Thanks to all my readers for supporting me this far in my post-corporate adventure!

☞ From Around The World

  • Interested by how few European participants there are in GSoC. Does this reflect poor support for FOSS or a reluctance to sign on to a programme that’s widely seen as a disguised graduate recruiting activity?
  • Strong statement here from TDF shows they have the support needed to take the former promise of OpenOffice forward. They have multiple, participating vendors operating as equals in their Engineering Steering Committee. They have a global community of localisers. They have a roadmap that’s driving ongoing releases. They have the organisational backing to keep them going and a pot of money to spend. Fine work – I hope the remaining hold-outs can sink their differences and join in with TDF to make LibreOffice the revitalised success that the world needs it to be. Indeed, that’s what TDF leader Florian Effenberger says himself.
  • Product Notification: Skype for Asterisk – end of sale – July 26, 2011
    Unless Microsoft are going to surprise us all by releasing the Asterisk modules as open source, this is a depressing indication of Microsoft’s true intentions with Skype, as well as a wake-up call to all the FOSS people who have been “sleeping with the enemy” and treating Skype as excusably closed.

☝ A liberating betrayal?

Having suspended disbelief for as long as I could, my ability to take Microsoft at their word over Skype was shattered today by the announcement by Digium, sponsors of the Asterisk project, that they have been told they can no longer sell their Asterisk-Skype interaction module after July 26. In one move, we have illustrated the risk of a hybrid open source model, the danger of dependency on a proprietary system, a proof that Microsoft still can’t be trusted with open source and an impetus to open source innovation.

All in one announcement.  Read all about it on ComputerWorldUK.

☞ Openish and Open

  • I’m delighted to see these plans finally formalised – they have been around ever since Sun as proposals, but the acquisition got in the way. All the same, what matters is not the rules themselves so much as whether Oracle will actually stick to them when faced with a serious competitor or disruptor using them disruptively. Apache Harmony remains the elephant in the room, dismissed as history by apparatchiks but still large as life to the rest of us.
  • Another marketplace to add to your Android phone, alongside the ones from Google and Amazon. This one only offers Free software.
  • Good to see such a diverse and experienced group of people stepping forward.

☆ GagaGate, DRM and How To Cripple The Cloud

I’ve been watching the music marketing stunt that Amazon have pulled today with some interest. The story is that Amazon US are selling the new Lady Gaga album Born This Way in digital-only form for $0.99 today only – the whole album for the price of a track (no luck in the UK where the album is £3.99). As the news has spread, it’s obviously being bought in huge quantities – it’s currently the #1 purchase – and transferred straight to Cloud Drive, Amazon’s new online music locker and player.

Except it’s not. Customers have now been reporting for several hours that it’s not showing up in their accounts – only the digital booklet and in some cases one or two tracks are showing up. Amazon admits there’s a problem – their PR folk are churning out responses (clearly cut and paste from Twitter) to press inquiries saying

We’re experiencing high volume and downloads are delayed. If customers order today, they will get the full @ladygaga album for $0.99. Thanks for your patience.

That text has also replaced the bold claims about being able to listen to the album straight away on the product page. What could possibly be going wrong? After all, it’s very straightforward to add a pointer to a shared file into a directory, and I think that’s all Cloud Drive does with purchased music (which is why storing it there is free – symbolic links are virtually free). Amazon is clearly embarrassed by it – they are busily deleting customer comments from the product if they even mention the outage, regardless of the star rating.

One clue is the product details of the album. They include the text “Record Company Required Metadata: Music file contains unique purchase identifier. Learn more.”  Follow the link and you’ll find:

Embedded in the metadata of each purchased MP3 from this record company are a random number Amazon assigns to your order, the Amazon store name, the purchase date and time, codes that identify the album and song (the UPC and ISRC), Amazon’s digital signature, and an identifier that can be used to determine whether the audio has been modified.  In addition, Amazon inserts the first part of the email address associated with your Amazon.com account

I think that’s the answer. My hunch is that the GagaGate meltdown is all the fault of DRM. Rather than just adding a pointer to a shared file to the Cloud Drive, Amazon are required by the record company to create a unique copy of the file for every customer, watermarked digitally signed to show who bought it. What’s more, the unique copy includes at least one MD5 hash that has to be computed on a per-file basis. So Amazon has both an enormous computing task and potentially an enormous storage bill (assuming it doesn’t just compute the watermark signature on the fly at download, which is possible but doesn’t help with the compute bill).

All for what? Removing the metadata is unlikely to be massively challenging (albeit illegal under the DMCA). This means the record label is crippling their retailer’s business just so it can express its mistrust and low esteem for its paying customers while doing pretty much nothing to actually protect revenues –  that it already knows will be enormous – from serious criminals. Congratulations to the label, you’ve managed to turn a great example of how to compete with “free” into a bad experience for your customers.

One more observation: The Amazon UK digital download does not mention watermarking/signing. I wonder whether it’s because the record label trusts the British, or whether it’s just not disclosed?

[Updated to reflect information I received that the file has a uniquely-computed digital signature added, rather than a watermark. Lower (still significant) compute burden but even easier to remove]

%d bloggers like this: