The Backpage

In my search for reference material for a proposal to the NZ Govt I came across this webinar series from the European Opensource and Free Software Law Event (EOLE). A couple of sessions have already run but there are three to go so with the next one being Opensource governance in the public sector... heady stuff!

While the turmoil of the last few weeks in the US might seem like the main event it really is just a sideshow... and the new President is busy naming the people who are going to help him with the main event... including David Recordon as White House Director of Technology.

The term 'globalisation' may have become a euphemism for exploitation of foreign workers at the expense of your own labour force in some ways but once each country gets past that initial colonisation phase and starts developing their own markets you get to see some interesting technologies... in this case open source smartwatches. For those of you with a development bent there is the PineTime SmartWatch dev kit or if you want a ready to wear product you can get a P8 SmartWatch or go in with some friends and/or family members and get a three pack PineTime...

Drum roll please... Continuing on the theme of being asked to pay no attention to the man behind the curtain we have an open source view of the SolarWinds debacle... Yes, the one that appears to have allowed 'state operatives' access to a significant part of the US Government's infrastructure as well as affecting other Fortune 500 companies like Microsoft... you know, the US company that NZ Govt agencies spend so many of our tax dollars on in spite of there being viable alternatives here in New Zealand.

I've long been a fan of Sun Tzu because I believe that knowing how an opponent thinks is crucial to knowing how to deal with them. I've also held the view that a significant part of the security industry that exists today does so solely because of the actions of a single company. The prevailing view in the IT industry has been get to market first at all costs and the ongoing effect of this is that anything that is seen as slowing down the delivery of the next MVP is a problem... so the first things to go in time critical projects are security and testing. Our target market becomes our test bed whether they like it or not.

Actually it is more like businesses in general won't take risks when hiring people... This makes it especially difficult for people entering the industry but also causes issues for more experienced IT professionals who may have a broader range of skills but not the in depth skills the employer is looking for right now. So how can you tilt your job application in your favour? Well, in the same vein as one recruiter said to me, 'you need to be more active online'... and how can new IT professionals do that? By using GitHub and GitLab to document their contributions to open source projects and build an online portfolio of work to show prospective employers.

One of the arguments used against linux and open source in the past by large proprietary OS vendors with significant market share is that of course there are fewer reported security issues with linux when compared with the tsunami of issues with their products because the linux install base is so small... Well linux based server systems now run most of the internet so that statement no longer holds water, and yet the linux and open source community are still better at detecting and correcting security issues than proprietary equivalents. This article by Jack Wallen on TechRepublic outlines some reasons why.

Open source... A short article on a study by the Open Source Security Foundation and a Harvard Innovation Science lab outlines some of the reasons why people work on open source projects. Head of the list is because they enjoy it... so no surprises there. Money also makes the list but is a lot further down.

In a case of the Government meeting its own GOAL the front end and documentation for the NZ COVID Tracer app has been released under the Affero General Public License (AGPL). That's the license that Google doesn't like so we can rest assured that it won't be re-purposed and sold back to us... Anyway, good start and kudos to the Ministry of Health. Now if there was only a way you could be convinced to drop your unhealthy relationship with Microsoft, stop sending so many taxpayer dollars offshore and use them instead to provide health services to New Zealanders by New Zealanders.

I see in Stuff that there are a number of US State and Federal officials going after Facebook for alleged monopolistic behaviour. Colour me surprised. Facebook and other members of the 'Frightful Five' have been accused of a significant amount of this behaviour and there is enough evidence that it has occurred... To date only Microsoft has actually been convicted and were punished by 'a slap on the wrist' according to the plaintiffs. What they were required to do was share their APIs with third parties to allow interoperability but in effect it only allowed people to call windows functions, and couldn't be used to create competing products. Hold that thought as you read on...