BRB: Brett Roberts' Blog

Earlier this week my colleague Stuart McKee sent through an email highlighting a Microsoft Research project called MAVIS (Microsoft Audio Video Indexing System) which is designed to “index the spoken content of recorded conversations, whether they are from meetings, conference calls, voice mails, presentations, online lectures, or even Internet video”.

Stuart has been working with the Washington State Digital Archives people to build a system to archive tens of thousands of hours of audio records and now, via MAVIS, provide the public with the ability to search those audio archives quickly and accurately.  The really cool thing is that this isn’t a vapourware announcement – the search capability is up and running right now on the WSDA website. Below is a of snippet from a Washington State press release on the project:

“The Washington Digital Archives is the first government program in the country to offer Microsoft Research’s Audio Search technology, which takes record keeping to the next level: it doesn’t just preserve audio recordings – it gives people an innovative way to search through them.

The partnership grew from an ambitious project undertaken three years ago by the Washington State House of Representatives and the Washington State Archives to save over 30,000 cassette tapes of committee hearings.”

Try it out for yourself. All you have to do is click on the “Search” link, select “audio recordings” from the Record Series dropdown list and enter the word(s) you’re looking for in the keywords field. I searched on “New Zealand” and found multiple references each of which was returned as a link which, when clicked, started playing the audio stream from the point at which the search term was found.

 

This is a very cool and extraordinarily useful piece of technology and it’s a great example of Microsoft Research making good on their goal of “turning ideas into reality”.

The fifth volume of the Microsoft Security Intelligence Report (SIR) has just been published and it provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. Using data derived from hundreds of millions of Windows users, and some of the busiest online services on the Internet, the report also provides a detailed analysis of the threat landscape and the changing face of threats and countermeasures and includes updated data on privacy and breach notifications.

There are two versions of the report available - the full report and and “key findings summary” and both are available from here. There is a huge amount of information to digest but, for what it’s worth, here’s a few snippets which I found interesting during my first read-through of the full report:

1. Vulnerability disclosures in Microsoft’s software in 1H08 continued a multi-period downward trend, both in terms of all disclosures and relative to total industry disclosures.

2. For browser-based attacks on Windows XP–based machines, Microsoft vulnerabilities accounted for 42% of the total. On Windows Vista–based machines, however, the proportion of vulnerabilities attacked in Microsoft software was much smaller, accounting for just 6% of the total.

 

3. The top reason reported for data loss through a security breach in 1H08 continued to be stolen equipment such as laptop computers (37.2% of all data-loss incidents reported). Those people in the 37.2% might be interested in this.

4. When it comes to malware infection rates, New Zealand is 6th from bottom at 0.6% (hence the title of this blog post). The worst country is Afghanistan at 7.64%.

Update 07Nov08: thank you to my colleague Waldo Kuipers for pointing out that the unit measurement in the table below is actually “CCM” i.e. number of machines cleaned per 1000 machines the Malicious Software Removal Tool was run against. The numbers in the paragraph above have been amended accordingly.

5. And I guess if there was just one part of the report that you should read and take notice of it’s the graph which shows categorically that the best way to dramatically increase resilience to attacks is to adopt newer OS versions as they ship and keep them up-to-date with Service Packs as they’re released.

Two or three years ago I was asked to give a presentation on ‘the future of technology’ to a local community group. In the presentation I included a prediction that the day would come where people would have a 3D printer on their desk and would routinely “print” things ranging from household items to sculptures, toys and game characters. I also predicted that a business would evolve providing templates and designs etc for those printers.

I was careful at the time not to try and predict exactly when this would happen (predicting the future is much easier that way) but I did make the comment that just as laser printers had evolved from hugely expensive devices which only companies and bureaus could afford that the same would happen to 3D printers. And I was right. This excerpt is from a recent post on the always-interesting Ponoko blog:

“When the The Apple LaserWriter first hit the mass market in 1985, the desktop publishing revolution was born. With a starting price of $6995 the unit weighed a hefty 77 lb (35kg) and was 11.5 x 18.5 x 16.2 inches the first desktop printer was not the lightweight, disposable peripheral printers have become today, in every classroom, business and home. 23 years later and Desktop Factory, (previously mentioned on Ponoko Blog) are about to launch us into the 3rd dimension of desktop printing with their 125ci 3D Printer for under U$5000. The unit weighing around 90 lb (40kg) and 25 x 20 x 20 is only marginally bigger than the first Apple LaserWriter, and allowing for inflation, considerably cheaper”

This technology has been around for a long time but it only now starting to make its way towards the desktop and the way in which the machines work means that it’s just as easy to create a moving object as it is a static one. These videos show this in action: video 1 , video 2

No discussion on 3D printing or replication can go by without mentioning the open source RepRap project. One of the leaders of the project is New Zealand’s Vik Olliver and when I talked to him about it a while back he mentioned that one of the mind-bending (for me) goals of the project was for the RepRap to be able to make copies of itself. Imagine a device which can make copies of itself, that’s about as futuristic as it gets, right ? Well it turns out they achieved that goal on May 29th of this year.

It doesn’t take a rocket scientist to work out that this technology will change the world. As a simple example, imagine the personal, business and environmental implications of being able to “print” a child’s toy instead of driving the the local toy store to purchase something made of plastic, packaged in plastic and shipped from somewhere in China. There’s a great quote from Google’s Chris DiBona on the RepRap site:

“Think of RepRap as a China on your desktop”

Personally I think one of the biggest benefits will be never having to read the phrase “some assembly required” again :-)

Update 03Nov08: a recent blog post with some great examples of 10 Things 3D Printers Can Do Now!

The Samba team’s Andrew Bartlett has an interesting post here regarding a couple of Microsoft interoperability events he attended recently. He does a good job of painting a picture of the changes happening within Microsoft with regard to engaging with the FOSS community and while I’ve seen these changes unfolding over the last four or five years it’s nice to see them being acknowledged by somebody in Andrew’s position. I would recommend you read the complete article however these snippets will hopefully give you an idea of the overall tone of his post:

“This has been an amazing year of changes for those of us with an interest in interoperability with Microsoft, and these two events are an excellent example of the change in practice.”

“… we have a beachhead at Redmond, and a department committed to providing the Free Software community with answers or clarification on any reasonable interoperability question”

“The Free Software community still does not have perfect interoperability with Microsoft's products - far from it - but the bottleneck is our own pace of implementation and comprehension, not missing documentation or the difficult task of network analysis so often required in the past”

“We were very surprised by the extraordinary degree of effort that Microsoft put into this single vendor plug fest. We were given direct access to the Active Directory product team in Microsoft, plus we had a team of 6 Microsoft engineers working with us full time for the whole week of the plug fest, and were able to call upon additional Microsoft engineers with specialist knowledge in specific areas as needed.”

“However, the WSPP program and Microsoft's new protocol documentation is not just about 'Samba' things - the protocols covered are any that a windows client uses to talk to a windows server. Many other Free Software projects can and should take advantage of the new documentation and clarification process.”

Andrew also references Microsoft’s Protocol Programs which, as he notes in that last quote above, are something I believe many FOSS projects could and should take advantage of.

This week I have taken part in two executive roundtable discussions on cloud computing. The sessions were hosted by Fronde and myself and Google’s Richard Suhr were the speakers. Steve Graham and Rob Old from Fronde opened the sessions with a YouTube clip of a full-on ice hockey fight implying to the audience that they were about to witness an epic slug-fest. Fortunately for the attendees (and my delicate disposition) nothing of the sort eventuated and the reason for that is that it turns out the respective visions Microsoft and Google have for cloud computing are more closely aligned that you might expect (OK, I will admit I was kind of surprised too).

I made the point at both sessions that I think “cloud computing” is like “interoperability” in that it’s a very top-of-mind topic at the moment but there are widely varying views on what the terms actually mean. The fact that Richard and I spent 90 minutes or so per session discussing our respective viewpoints, highlighting the commonalities between them and answering a wide range of really good questions and comments (rather than having the aforementioned slug-fest) went, I believe, a long way towards helping the attendees understand things a more clearly and, hopefully, provoking them into learning more and starting to look at how the technology might be applied to their businesses and agencies.

We only had 15 minutes each in which to present because what we were really there to do was provoke questions and conversation among the audience (which I think we did a pretty good job of). The key points that I made were something like this:

#1: ‘Cloud computing’ or ‘software as a service’ is an option which is rapidly becoming viable for a wide variety of customers.

• It is an “and” technology rather than an “or” technology in that it’s an additional option and it’s not going to wipe out existing options any time soon

#2: ‘Cloud computing’ is a broad term which encapsulates a number of components including:

• finished services e.g. Exchange Online, Office Live Small Business, Windows Live
• attached services e.g. Xbox Live, Exchange Hosted Services, Windows Live OneCare
• vendor building blocks e.g. Live Mesh, Silverlight Streaming, Virtual Earth
• “raw”, scalable infrastructure e.g. Amazon EC2 and, perhaps, others 

#3: Microsoft’s vision is one of “software plus services” (S+S) i.e. a customer-determined and changeable combination of customer premises hardware/software and cloud-based services

• the example I used for this was Microsoft Exchange where customers can choose from hosting the servers themselves, outsourcing to a local hoster, outsourcing to an overseas hoster, outsourcing the hosting to Microsoft or a combination thereof (see below)

#4: One of the key benefits of S+S is that it provides customers with choice and it enables them to move their infrastructure into the cloud and back again as and when required

• a great real-world example of this is a global customer I have been talking to this week who are interested in outsourcing their email infrastructure. Having it hosted in the cloud makes a lot of sense for many of their subsidiaries however there are some which don’t have access to the requisite bandwidth etc. For those offices it makes more sense for them to host their own Exchange servers. This ‘mix and match’ approach provides the customer with the best of both worlds while leaving the door open to changes (in either direction) in the future

#5: Many vendors are already utilising this model

• the example I used was Apple who have done an amazing job of combining hardware (an iPod or iPhone), client-side software (the software running on those devices) and a service (iTunes) to provide an incredibly popular and customisable user experience. Apple regularly update their client software (a little too regularly at times if you ask me) and there’s no technical reason they couldn’t make iTunes available in Apple-owned datacentres in NZ or even on servers owned by large local companies (e.g. Telecom or Vodafone or TradeMe). I’m not saying they’re going to do that (but if they do head down that path remember that you read it here first) however the S+S concept is a powerful one which offers new choices for customers and new opportunities for vendors.

So why are Microsoft and Google so much in alignment on this ? I think there’s three fundamental reasons. Firstly the S+S approach makes logical sense. The customers we talked to this week understood the vision and the options it offered them. Secondly, there are very few companies on the planet who have the expertise and deep pockets needed to build out the infrastructure required to realise the S+S vision. Microsoft and Google are definitely two of the biggest and there’s only so many ways to build highly-efficient, scalable and ultra-reliable datacentres and infrastructure. Lastly, there is a market share play underway here. It is increasingly clear that the software marketplace of tomorrow will include a combination of local compute power supported by a huge cloud based infrastructure. You’re going to see an increasing number of companies position themselves to deliver against this broad spectrum of users requirements.

The reality is that Microsoft and Google will be battling it out at a product level for years to come however I believe the way in which we jointly see the move to cloud computing is a lot closer than most people may realise. The fact that the two biggest players in this space are heading in a similar direction while competing vigorously around innovation and service offerings is an incredibly good thing for customers in general. When it comes to cloud computing we’re at the beginning of the beginning and interesting times lie ahead. For those of you interested in this space I would recommend you keep an eye out for some BIG announcements at Microsoft’s Professional Developers Conference next week. While you’re at it, have a read of this State Services Commission document which does a good job of identifying some of the issues you need to start thinking about when it comes to dealing with 'offshore ICT service providers’ such as cloud computing vendors.

And, finally, this post from Jim Donovan on cloud computing is worth a read too. Coincidentally, he used to be CEO of Fronde.

During the Open XML standardisation process there was a lot of discussion about the adoption rates of Open XML and ODF. On Gray Knowlton’s blog today there is an interesting “then and now” post which is worth a read if you’re interested in such things. He also makes a very good point that the main goal is interoperability between the formats and, over time, making a dent in the numbers of binary documents out there.

Yesterday the State Services Commission published a draft advice document describing how government agencies should work through the pros and cons of using offshore ICT service providers. In it, the author(s) have done a great job of identifying potential risks and mitigations and explaining these in a clear, concise manner. While the document is intended for consumption by public sector organisations I would highly recommend it to anybody considering using offshore providers and I will be pointing customers to it in the future, especially when the subject of ‘cloud computing’ comes up. Highly-recommended reading.

Now there’s a headline that I’m not sure has been written before. An article in the Guardian caught my eye today. In it Richard Stallman (aka ‘RMS’) makes his opinion on ‘cloud computing’ very clear in his own, inimitable, manner.

Normally I take an RMS interview with the proverbial grain of salt, he has a strong, non-negotiable viewpoint on the commercial and proprietary software models which doesn’t align particularly closely with mine but I completely respect his right to an opinion. While I may not agree with his viewpoints I often enjoy the passion and conviction with which he delivers them  :-)

Anyway, the reason I was interested in the Guardian interview was that a couple of the points he makes are not completely out of alignment with Microsoft’s view on ‘cloud computing’.

In a nutshell, Microsoft’s view is that while some software and services will end up ‘in the cloud’ customers should have the choice about whether or not they want to head down that path and, importantly, have the choice to move in the opposite direction (i.e. move from the cloud to partner-hosted or self-hosted solutions) if they choose to do so. A great example of this in action is Microsoft Exchange.

Customers can host their own Exchange servers, outsource that hosting to a local hoster or they can have Microsoft do the hosting for them. When it comes to the client end of the equation, customers can choose from Microsoft Outlook or they can use a browser and access their Exchange-hosted email via Outlook Web Access. A Windows Mobile device is also an option. That implementation matrix provides customers with a lot of choices while preserving their ability to change their mind further down the track. We call this approach Software + Services (S+S).

Back to the interview. This quote from RMS was interesting:

"Somebody is saying [cloud computing] is inevitable – and whenever you hear somebody saying that, it's very likely to be a set of businesses campaigning to make it true"

Hallelujah ! I once sat in on a panel discussion which included a Software as a Service (SaaS) vendor who spent much of their time telling the audience how the concept of locally-hosted software was dead and that everything would eventually live in the cloud. In other words it was supposedly inevitable. As I’ve said before, saying something over and over again doesn’t make it true and I think Richard hit the nail on the head with that quote. Microsoft’s view is that S+S is an addition to the traditional software delivery models not a replacement. Choice is good and cloud computing is simply another choice.

So, onto the next quote:

"One reason you should not use web applications to do your computing is that you lose control," he said. "It's just as bad as using a proprietary program. Do your own computing on your own computer with your copy of a freedom-respecting program. If you use a proprietary program or somebody else's web server, you're defenceless. You're putty in the hands of whoever developed that software"

Personally, this how I would have phrased it:

"One reason you should not use think carefully before you decide to use web applications to do your computing is that you may lose some control," he said. "It's just as bad as using a proprietary program. Do your own computing on your own computer with your copy of a freedom-respecting program. If you use a proprietary program or somebody else's web server, you're defenceless. You're putty in the hands of whoever developed that software."

That last bit is classic Stallman and there are many thousands of software developers, companies and individuals (including me) who would strongly disagree with him but, again, he’s got an opinion and has every right to communicate it. That first sentence however, when modified slightly, is pretty close to a conversation I’ve had recently with a couple of customers who are convinced that SaaS is the way, the truth and the light. Many of them have not fully considered the implications of such a move – especially with regard to the privacy and security implications of moving commercially-sensitive information or customer information off-premises or off-shore – and it worries me that departments in some companies may be racing ahead with a SaaS decision without engaging with their IT and legal departments to work through potential risk and mitigation strategies.

I will admit I’ve drawn a bit of a long bow with this post. RMS is pretty clear he’s anti cloud computing while my view (and that of my employer) is that it constitutes a valid choice for customers. I did like the headline though.

I was fortunate enough to attend last night’s TVNZ7 Internet debate. The participants were Labour’s Minister of Communications Hon David Cunliffe, National ICT Spokesperson Hon Maurice Williamson, ACT Leader Rodney Hide and Greens ICT Spokesperson Metiria Turei. The session was hosted by Damien Christie who was assisted by journalists Fran O’Sullivan and Russell Brown. The main topics up for debate were broadband, convergence, copyright, cyber safety and the digital divide. Unfortunately, due to time constraints, the latter topic received very little airtime however the topics that did get covered made for a lively, interesting and entertaining debate.

Rather than go through the debate point-by-point there’s a couple of key takeaways I’d like to focus on. Firstly, I think all of the parties understand that ICT has the potential to help make NZ a better place in a number of different ways and, while they all have slightly different viewpoints on how it can make a difference, I am encouraged by the level of understanding they have of the topic in general and the resources they appear to be dedicating to writing (or at least thinking about writing) applicable policy.

Secondly, and, for me, the really interesting point was this… I believe NZ’s political parties now see the Technology Advocacy Constituency (“TAC’s” – you read it here first folks) as a unique and addressable political group and they are starting to think about how they should go about appealing to them. At the last election the digital natives, FOSS advocates, GenY’s and broadband-starved-and-vocal-about-it’s etc were all hidden amongst the normal demographic groups but I believe those sub-groups are starting to be viewed collectively by politicians as a new individual constituency (a bit like “soccer moms” were when Clinton was first elected). The reverse is true too, that same group now understands that they possess a collective political force of some sort and are beginning to use it to push politicians to implement change where they see it is needed in the technology arena.

This latter part has actually been happening for a while – the ongoing public discussion about NZ’s broadband situation is a perfect example – and I think we will see this phenomenon develop over time. I also wouldn’t be surprised to see parties start tweaking their policy to appeal to specific sub-groups within the TAC and, in fact, I believe the Greens are already doing this – portions of their ICT policy are clearly designed to win the hearts and minds of the FOSS community. While I might not agree 100% with all of the FOSS community’s viewpoints (or those of the Greens for that matter) this is a smart move and one which I suspect the other parties will analyse and learn from. I’m not saying that every party is going to specifically target the FOSS community but I do think we’ll see efforts to fine-tune ICT policy to appeal to specific voter sub-groups (e.g. very high bandwidth users, those who make a living from writing software, those who invest in ICT startups, the ICT R&D community etc).

Finally, throughout the debate TVNZ were running a text-based poll which asked the question: “which party's ICT policies most appeal to you?” and these were the results:

My interpretation is that no one party stands out above the rest as a clear leader in the area of ICT (Hmmm… maybe some policy fine-tuning is needed….). Having said that, it would appear that the one party who have done some fine-tuning (i.e. the Greens) have not seen that translate into increased support for the intended audience. Of course, if that’s the case then most of what I have written above has just been rendered completely incorrect.

For that reason I shall use the oldest of political tricks and state that the poll is obviously flawed  :-)

Becta is the UK government agency “leading the national drive to ensure the effective and innovative use of technology throughout learning”. Those of you who have been following the discussions regarding ISO/IEC29500 (i.e. “Office Open XML File Formats”) will probably have seen a number of references to a Becta report in which they called out perceived issues with regard to OOXML interoperability. That report was used by OOXML opponents in a number of meetings I personally attended (at times, I suspected, by people who had possibly not heard of Becta prior to then).

I was please to see today that Microsoft UK and Becta have been working since then to address the issues raised and that a Becta press release on those discussions, titled “Becta welcomes substantial progress in discussions with Microsoft” has been posted here. One quote in particular stands out for me:

“In Becta's view, Microsoft's clear commitment to effective interoperability and to the introduction of a pilot licensing programme is excellent news for schools”

The reason I liked it is that it indicates to me that not only is only is Microsoft making progress on interoperability (I knew that already) but that the progress is visible, impactful and recognised.