David A. Wheeler's Blog

Tue, 20 Mar 2007

Audio for “Open Standards and Security” online

Last year in Boston I gave a presentation titled “Open Standards and Security”, explaining why open standards are needed for security; here is “Open Standards and Security” as a PDF. You can also get it in OpenDocument format (for the OpenDocument version, make sure you have the fonts you need). I had earlier posted a blog entry about it, and Newsforge had some very nice things to say about my talk. I used several stories in my talk, which the reporter called “parables”. I didn’t use that word, but I wish I had, because that’s exactly what those stories were.

Many people never got to hear it, so I’ve finally made an audio version of it and posted it here in several formats: [OGG (Vorbis)], [MP3], and [FLAC]. Download and enjoy! You should be able to understand the talk just from listening to the audio, but if you listen to the audio while reading the slides, all the better!

Of course, having to post multiple audio formats shows how immature the audio standards area is. While ISO has a standard (MP3), MP3 is not an open standard because it’s patent-encumbered. I recommend using the Ogg Vorbis format instead - it’s the smallest file, and it has very good quality. Ogg Vorbis produces smaller files with better sound than MP3, so the only real reason to use MP3s is because your equipment can’t handle anything else. The FLAC format is lossless, and is useful for recoding later (it’s much smaller than a WAV or AIFF while still being lossless).

The solution to this nonsense is not to have no standards. The solution is to either (1) get countries to stop permitting software patents (the best solution), or at least (2) get standards organizations to stop publishing closed standards like MP3 for software. I think the tide has already started turning for option 2. After all, when MP3 was created, many still thought that patents in IT standards were okay, and relatively few understood the problems that patents could cause. Fundamentally, of course, this made no sense; the whole point of a patent is to create temporary monopolies, while the whole point of an open standard is to enable competition (the opposite of monopolies). People have tried to make compromises that don’t really work, such as having so-called RAND policies. But I think these are clear failures; all royalty-bearing patents discriminate (for example, they prevent open source and no-cost implementations). The point of patents is to prevent competition, and thus they have no place in software standards. Now that software patents have been shown to be a “Wild West” where anyone can be sued for billions, the need for unencumbered standards should be quite clear. The W3C has already changed its policies to make it very hard to publish patent-encumbered standards, and the IETF has already thrown out several proposals specifically because they were encumbered by patents.

One of the people at my talk made the claim that, “today, every successful open standard is implemented by FLOSS.” That should be easy to disprove — all I need is a counter-example. Except that counter-examples seem to be hard to find; I can’t find even one, and even if I eventually find one, this difficulty suggests that there’s something deeper going on. So as a result of thinking about this mystery, I wrote a new essay, titled Open Standards, Open Source. It discusses how open standards aid free-libre / open source software (FLOSS) projects, how FLOSS aids open standards, and then examines this mystery. It appears that it is true — today, essentially every successful open standard really is implemented by FLOSS. I consider why that is, and what it means if this is predictive. In particular, this observation suggests that an open standard without a FLOSS implementation is probably too risky for users to require, and that developers of open standards should encourage the development of at least one FLOSS implementation. The point of the “Open Standards and Security” talk was on open standards, not on FLOSS, but there’s much to be learned from their inter-relationships.

path: /security | Current Weblog | permanent link to this entry

Presentation and audio of “Open Source Software” online

Earlier this month I gave a presentation about open source software (aka OSS, Free Software, or FLOSS) at a conference near Washington, DC. You can now download the March 2007 presentation “Open Source Software” in PDF format; you can also get it in OpenDocument format. For the OpenDocument version, make sure you have the fonts you need. Those are just the slides; I’ve separately made the audio available in several formats: [OGG (Vorbis)], [MP3], and [FLAC]. You should be able to understand the presentation just from the audio, but looking at the slides while listening to the audio is even better. For the audio, I recommend using the Ogg Vorbis format - it’s the smallest file, and it has very good quality. The FLAC format is lossless, and is useful for recoding later (it’s much smaller than WAV or AIFF while still not losing anything). The MP3 format is useful if your player can’t handle Ogg Vorbis yet (complain to your manufacturer!) - while MP3 is an ISO standard, MP3 isn’t an open standard because it’s patent-encumbered.

The conference was titled “Open Source - Open Standards - Open Architecture”, and was put on by the non-profit Association for Enterprise Integration (AFEI) (a member of the NDIA family of associations). A lot of people were particularly surprised to learn that essentially all open source software (FLOSS) are commercial off-the-shelf (COTS) software, a point I make in more detail in my essay ‘Commercial’ is not the opposite of Free-Libre / Open Source Software (FLOSS). Basically, the U.S. government’s own laws (particularly Title 10 section 101) and regulations (particularly the Federal Acquisition Regulation) make it clear that nearly all open source software is commercial off-the-shelf (COTS). There are two kinds of COTS software products: proprietary software and open source software.

path: /oss | Current Weblog | permanent link to this entry