Archive for February, 2007

Reporting on UK university open source engagement

Published by Randy Metcalfe on February 14, 2007 in Development, Legal and Strategy and Policy. Comments

Oxford University Computing Services (OUCS) recently published its Annual Report 2005-2006. Normally this might be a non-event, despite the great work that the staff at OUCS do (I kid you not, this building is packed with absolutely brilliant folks). But I think this annual report is worth special note because of one small section at the end of the main service reports.

3.27. Report on open source involvement at OUCS

OUCS staff make extensive use of open source software to deliver services, and take advantage of the freedom to examine the source code, fix it, and enhance it. The department recognizes that participation in community open source development is valuable for both staff development and enhancement of the University’s reputation, as well as improving the software itself for the benefit of all. However, the copyright in code created during this process by University staff typically belongs to the University, and is not distributed outside the institution without due permission.

Staff who wish to contribute to open source projects seek the permission of the Director before doing so. Requests are normally approved if the software is relevant to departmental work, and the Director is satisfied that the University is free to contribute the software in question. A catalogue of open source involvement approved in 2005-2006 is listed below.

Date Staff Member Description
April 2006 Ray Miller Perl scripts for configuration management, configtool and rb3.
April 2006 Oliver Gorwits Net::MAC - Perl extension for representing and manipulating MAC addresses.
July 2006 Barry Cornelius Meeting Room Booking System (MRBS).
August 2006 Oliver Gorwits Net::Appliance::Session - interactive (SSH) session to network appliance.
September 2006 Barry Cornelius MoinMoin wiki software.
September 2006 Barry Cornelius WebCalendar application used to maintain calendars.
November 2006 Oliver Gorwits Development of our wireless services, including OWL-VISITOR

Many universities across the UK use open source software on a daily basis. For some idea of just how many (and how much) it is worth taking another look at the OSS Watch Survey 2006. use is the key word there. They use open source software, but do they engage with it?

It is virtually inevitable that infrastructure use of software at universities and colleges will throw up use cases that have not been anticipated by the software developers. Call it a feature or call it a bug, the truth is that occasions regularly arise in which staff need to write patches to fix some software for the local deployment (obviously I’m talking about open source software here; fixing proprietary software is a whole different ball game). Sometimes this really is a completely local fix, a workaround for some quirk in the way the local infrastructure was set up in the first place. But just as often a staff member is writing a patch that would be a genuine improvement to the software being used. The question you want to ask is just how hard is it for a IT staff member to contribute code to an open source project as normal part of their work?

The answer, of course, is that it varies from institution to institution. At the University of Oxford, the Computing Services took the view that this process needed to be regularized, simplified, and most important, made clear to staff members. Reporting on progress in the OUCS annual report brings us full circle.

Is OUCS unusual in getting its engagement with open source sorted? Perhaps not. What would be great though is if I had two dozen more examples of sensible practices at universities and colleges across the UK. If you know of one, do let me know.

Microsoft, Verisign and Partners to Collaborate with OpenID

Published by Ross Gardler on February 7, 2007 in Development, e-Administration, Software, Access Management, Standards and Community. Comments

OpenID is an open, decentralised, free framework for user-centric digital identity. The goal is to release every part of this work under the most liberal licences possible, so there’s no money or licensing or registering required to play. It benefits the community as a whole if something like this exists, and we’re all a part of the community.

Microsoft and VeriSign, along with other partners, have announced that they “will collaborate on interoperability between OpenID and Windows CardSpace(TM) to make the Internet safer and easier to use. “

What interests me in this announcement is the word “collaborate”. I can almost hear the MS sceptics groaning, but is this announcement different?

OpenID was originally specified without any specific authentication method in mind. Brad Fitzpatrick, the original creator of OpenID, said, “Now people ask me what I think about Microsoft supporting it, using their InfoCards as the method of authentication…. I think it’s great! So far I’ve seen Kerberos integration for OpenID, voiceprint biometric auth (call a number and read some words), Jabber JID-Ping auth, etc…. all have different trade-offs between convenience and security. But as more people have CardSpace on their machines, users should get both convenience and security.”

CardSpace is claimed to provide significant anti-phishing, privacy, and convenience benefits to users. Scott Kveton, CEO of JanRain (another of the partners in this agreement), says, “Windows CardSpace is shipping with Vista today and is a well thought-out technology that helps address many of the privacy and security concerns that people have had with OpenID. OpenID helps users describe their identity across many sites in a public fashion. The two together are very complimentary products and each has its strength.”

This looks like a true collaboration between the OpenID community, Microsoft and others. From what I have seen All parties are happy with the deal and there appears to be no evidence of one “side” having to compromise. A true victory for open development? I think so, only time will tell us for certain.

Claiming the muddle ground

Published by Randy Metcalfe on February 5, 2007 in Discussion. Comments

A muddle is a state of confusion. You can find yourself in a muddle. And one of the causes of muddles is unclear writing that blurs or jumbles things that ought to be distinct. Muddles are ever so hard to avoid creating when you try to explain difficult, complex or subtle concepts.

Would you be surprised to learn that a lot of writing out there falls into the muddle category? Indeed, much as we try within OSS Watch, I would even guess we inadvertently generate our fair share. Of course we try to prevent this through careful editing of our documents. And we also review our documents on a regular basis to see, as with fresh eyes, whether we have overlooked a muddle. It’s an ongoing process and we appreciate it when someone reading one of our documents spots a muddle and let’s us know.

The key feature of these muddles, however, is that they are inadvertent.

What if your intent was to create a muddle perhaps in an attempt to manipulate a market space? Although such a malicious action might involve outright lies, there is necessity for that. A little understatement. Damning with faint praise. A few real cases where something has gone wrong for the other guy. And you are in. Because the object is not to get you to believe a falsehood, only to prevent you from learning and believing the truth. The deliberate intent to create a muddle for some other ends is sometimes called FUD; the sowing of fear, uncertainty, and doubt by one competitor or its proxies in an attempt to a manipulate a market space.

I honestly don’t know how much FUD happens. But I do know a muddle when I see one. And since most people do not wish to inadvertently perpetuate a muddle, a tell-tale sign of whether you are dealing with FUD or merely a benign muddle is how the author responds to having the muddle pointed out to him or her.

So this is a plea for everyone to claim the muddle ground. And we’ll work together to clear it up.