The Backpage

The recently released Corruption Perceptions Index from Transparency International has New Zealand and Denmark ranked #1 as the least corrupt nations... So a great work but still room for improvement apparently.

The announcement a few weeks ago about the Elastic/Kibana license change to the SSPL has caused a bit of concern in the community, as such changes do. One response that popped up was from Matt Yonkovit over at Percona who outlines why he thinks open is better. Percona themselves seem to be doing nicely as a database service organisation supporting both open and sspl databases. As Matt says, it's hard but still worth it. 

So Google is having a bit of a fit about a proposed Australian law that would force it to pay journalists for content that it uses to attract people to its website and 'threatens' to disable search in Australia if the law is enacted. Here's a news flash, Google is not the only search engine on the market so good luck with that one lads.

In my search for reference material for a proposal to the NZ Govt I came across this webinar series from the European Opensource and Free Software Law Event (EOLE). A couple of sessions have already run but there are three to go so with the next one being Opensource governance in the public sector... heady stuff!

While the turmoil of the last few weeks in the US might seem like the main event it really is just a sideshow... and the new President is busy naming the people who are going to help him with the main event... including David Recordon as White House Director of Technology.

The term 'globalisation' may have become a euphemism for exploitation of foreign workers at the expense of your own labour force in some ways but once each country gets past that initial colonisation phase and starts developing their own markets you get to see some interesting technologies... in this case open source smartwatches. For those of you with a development bent there is the PineTime SmartWatch dev kit or if you want a ready to wear product you can get a P8 SmartWatch or go in with some friends and/or family members and get a three pack PineTime...

Drum roll please... Continuing on the theme of being asked to pay no attention to the man behind the curtain we have an open source view of the SolarWinds debacle... Yes, the one that appears to have allowed 'state operatives' access to a significant part of the US Government's infrastructure as well as affecting other Fortune 500 companies like Microsoft... you know, the US company that NZ Govt agencies spend so many of our tax dollars on in spite of there being viable alternatives here in New Zealand.

I've long been a fan of Sun Tzu because I believe that knowing how an opponent thinks is crucial to knowing how to deal with them. I've also held the view that a significant part of the security industry that exists today does so solely because of the actions of a single company. The prevailing view in the IT industry has been get to market first at all costs and the ongoing effect of this is that anything that is seen as slowing down the delivery of the next MVP is a problem... so the first things to go in time critical projects are security and testing. Our target market becomes our test bed whether they like it or not.

Actually it is more like businesses in general won't take risks when hiring people... This makes it especially difficult for people entering the industry but also causes issues for more experienced IT professionals who may have a broader range of skills but not the in depth skills the employer is looking for right now. So how can you tilt your job application in your favour? Well, in the same vein as one recruiter said to me, 'you need to be more active online'... and how can new IT professionals do that? By using GitHub and GitLab to document their contributions to open source projects and build an online portfolio of work to show prospective employers.

One of the arguments used against linux and open source in the past by large proprietary OS vendors with significant market share is that of course there are fewer reported security issues with linux when compared with the tsunami of issues with their products because the linux install base is so small... Well linux based server systems now run most of the internet so that statement no longer holds water, and yet the linux and open source community are still better at detecting and correcting security issues than proprietary equivalents. This article by Jack Wallen on TechRepublic outlines some reasons why.