Saul Cozens’ Web Technology Blog

I had a great time at geekup Sheffield last night.  The format had changed from a bunch of presentations (mostly by techies about technical issues) to a much more freeform conversation.  This was extremely succesful and looked a lot like what I’ve been trying to do with my Pub2.0 thing.  So well done Geekup!

In order to seed some interesting conversations, the geekup organiser (Jag) asked a few people to ‘host’ some conversation topics.  Jag asked me to try and start up a conversation about the Digital Britain Interim report recently published by Lord Carter.  I was only too happy to oblige.

So I spent a considerable part of the evening talking to a couple of people (namely Chris and John) about what was right and wrong with the report and its proposals.  I was keen to try and steer the conversation away from widely discussed topics of infrastructure (whether it should be the government’s role to fund our new high bandwidth to the home network, or should it be left to the telcos?) and content (are the proposals in DB for the setup of a ‘copyright police’ simply propping up an outdated business model).

Instead I wanted to discuss one area that Lord Carter’s report doesn’t seem to cover at all - digital services.  I wanted to know if there are any digital services that are big enough that only a government could deliver them, but are not so important that we shouldn’t trust a government to provide them.

The obvious candidate is digital identity services, but that kind of falls into the ‘too important to be trusted to government’ category.  Also, as an evangelist for openID (and other distributed service mechanisms), I couldn’t, hand on heart, suggest that the identity management for an entire nation be provided by a central service (government run or not).

This lead to the statement perhaps government should instead concentrate on setting data interchange standards and service provider certification. The obvious application would be to enable the easy transfer of personal health records from one provider to another, not in some invisible way where any backstreet quack (or pharmaceutical company exec) who has got themselves an NHS login can access my records, but instead  in a way where I could be in control of who has access to my records.  Better even, I can also receive notifications when my records are accessed.

Chris mentioned that he didn’t think that current FOI legislation allows someone to ask an organisation WHY they have their personal data, which may become a pertinant question when you see that BigPharma Inc. have recently accessed your GP records.

Of course, this idea is probably past its best as the Nth billion pound of fund is poured into the big centralised NHS health-care record system, but the principle could be applied to many other areas of personal information: credit records, employment/tax history, benefits, pensions, criminal records/driving convictions.

Not only did we think that setting standards is what government is better suited to than providing services (certainly in IT), but it could also allow for innovation and consumer choice to enter the information systems market and allow the public to be able to control their own data.

Of course after this very interesting and inciteful discussion we then went on to talk about how the record industry is trying to prop up an outdated business model and how all the best songs are written by poor starving artists anyway…

I’m now looking forward to GeekUp Sheffield next month!

I signed up to Suw Charman-Anderson’s Ada Lovelace Day pledge quite a while ago and ever since I have been trying to work out who I should blog about.

You see the brief is to pick a woman in technology that I admire and blog about them to try and provide more women with the role-models, the inspirational figures that they are able to related to, that will encourage them to work with and in technology.

While thinking about why it is that I have so few women in my list of technologists I admire, I recalled how I was first introduced to probably the most influential women in technology ever, Ada Lovelace.  During my first year of my Electronic and Control Systems Engineering degree, I took a course on programming.  Early in this course the lecturer was discussing (very briefly) the general concept of strong typing in languages for embedded systems and mentioned ADA, the language developed for the US DoD.  With glee, he told his audience of impressionable young engineers (a small percentage of who were women) that ADA was named after Ada Lovelace, Charles Babbage’s mistress.

And with that dismissal of the significance of inventing the concept of programming, my lecturer gave a slamming indictment of the perception the contribution women have made to our industry.

So I will do all I can do to counter this perception and let women know that our industry welcomes their participation and I look forward to being inspired by them in future.

Now, I know many women technologists, I have worked with some outstanding women over my years and while I have respect for their knowledge, skills and endeavour, I don’t think I can claim any of them to be my heroine.  To admire these women just on the grounds of their gender would be patronising and demeaning.

I also know of a few women who are industry leaders and influencers, but  I have to confess to being more interested in the things that they do rather than who they are.  Among the few women’s names that have been associated with things that have been inspiring enough for me to research the person behind them is Mary Lou Jepsen.

What I know about Mary Lou Jepsen can be found out from her page on Wikipedia, but her dedication to a project such as One Laptop Per Child, must surely deserve admiration.  The OLPC vision is:

To create educational opportunities for the world’s poorest children by providing each child with a rugged, low-cost, low-power, connected laptop with content and software designed for collaborative, joyful, self-empowered learning. When children have access to this type of tool they get engaged in their own education. They learn, share, create, and collaborate. They become connected to each other, to the world and to a brighter future.

This must be one of the most important technology projects that could be undertaken in a World where the divide between the connected and the non-connected is widening and being connected brings both the opportunity for self-fulfilment and economic independence.  Access to information allows people to educate themselves in the absence of anybody to teach themselves, to trade in a renewable resource that they have in abundance, their intelligence, and to add their contribution to the entire world of understanding and knowledge.

Mary Lou Jepsen, was the Chief Architect and driving force behind the OLPC project and was pivotal in getting numerous large corporates to participate in it.  Without her, the World would be a poorer and less equal one.

It’s actually been over  a year since I attempted to get loads of Sheffield web people together to chat about web stuff.  So, after numerous proddings by Chris, I have set a date for the first one of 2009.

The format is simple, there is no format.

It’s a completely unstructured social event.  Turn up, eat, drink and talk to people.  Talk to people you know and to people you don’t.  Talk about the web, talk about the weather.  Whatever.  I’d really like it if you’d blog/tweet/email what you talked about (or what you can remember).  But whatever.

Rather than being the rather elitist and snobbish affair that it has been previous (yeah, right!) I decided this time to make it an all comers event.  If you know of anyone who’d like to meet up for a drink and a chat about web stuff, please point them at upcoming.org.

After checking for conflicts with other local web events, I’ve set the date for March the 26th, and I see no reason not to meet-up at the Devonshire Cat again.

Please use upcoming.org to state whether you’re likely to attend as, if the numbers go crazy, I might have to warn them we’re coming.

I just thought I share something with you…

Have you ever noticed that if you fold a sheet of A3 paper in half it is the same size as a sheet of A4.  This fact is what implies the aspect ratio of ISO standard paper (A3, A4, A5, etc).

If a piece of A4 has long and short sides sides of a and b respectively and a sheet of A3 has long and short sides c and d respectively, and the aspect ratio of A4 and A4 is the same, then:

a/b = c/d

and the long side of A4 is the same as the short side of A3:

a = d

and the short side of an A4 is half the long side of and A3:

b = c/2

so, substituting:

d/(c/2) = c/d

(d^2)/(c/2) = c

(d^2)/(c^2) = 1/2

d/c = 1/√2

so the ratio of d/c (the short to long side) of A3 (and therefore any ISO paper size) is 1/√2 or approximately 0.707

I don’t know why I find this interesting, but I thought you might too.

FOWA Dublin 2009

This is a shameless plug for FOWA Dublin 2009.  By putting this logo on my blog, Carsonified say they might give me free tickets.

It’s shameless because I have no shame in promoting the FOWA events after attending and really enjoying FOWA London 2008.

This crazy train of thought started after our company had a Christmas outing to the local Laser Quest.  As a bunch of geeks, plenty of people were working out the technology and one person, Pip, just said in passing ’surely we could make it better by applying some new technology’.

That was enough to set my brain working.  Being a web-ish person, I immediately starting thinking about how to extend the Laser Quest experience online.  To me half the fun of the event is reliving the game in the pub afterwards.  Working out who shot who and boasting about the excellent move you made on the opposition base that no-one saw.

So why not fit each and every player with a accurate location sensor, track their movements throughout the game and upload the data to the game computer with the shot/hit data.  This means that you could replay the entire game, who was where and where shot where made.  the game can then be replayed online in the pub (who doesn’t have a smart phone) or in the office the next day!

What technology needs to be in place to achieve this:

• First, the existing gun/vest packs need to record the time of kill shots not just the shooter and count.  I’ve no idea whether different system do this or not.
• next we need some kind of location tracking technology.  It needs to work in an enclosed spaces (with lots of walls), be lightweight and low power and be able to track to an accuracy of about 1m at a rate of perhaps 1 sample/second.

I had a bit of a look around at some tracking technologies, but found none that fit:

• rfid is very low power, but I believe that it is also very short range.  I’m not sure if that is true of active RFID as well as passive.
• GPS doesn’t work well indoors, particularly in basements with no windows
• Wifi based tracking looks promising, particularly as wifi transponders are pretty cheap.  However, they work on signal strength difference to mulitple wifi beacons.  This might mean it works less well on a small area.
• Bluetooth seems to be based around proximity location rather than triangulation of actual position.
• RF fingerprinting, which infers position from the the pattern of RF signal received by multiple beacons.  It requires that the system ‘learns’ room before it can determine position.  I’m not sure how well this would cope with multiple sensors and a complex layout of perpendicular walls (with windows).

Of course, any solution must be cheap enough for the Laser Quest arena operators to invest in.  By the look of Sheffield’s Laser Quest arena, this price threshold is pretty damn low.  I’m thinking open source software and hacked consumer hardware will be the way to go.

Anyone else got any thoughts?

I just joined the OpenID foundation in order to take part in the current board elections.

I’m reading the mailing list traffic with interest trying to figure out which candidates I should support, which ones are going to provide the OpenID with the right mix of skills and experience to make it have even greater success in 2009.

For me there are a couple of obvious choices, Chris Messina is an incredibly smart guy.  As well as already taking several projects to widespread success (BarCamp, Firefox), he also has the right UX focus that I think OpenID desperately needs.

David Recordon is another obvious choice for me.  Having seen him speak at FOWA London, I found him smart and articulate, this is added to his obvious commitment to OpenID (and the rest of the open stack).

As for for my other 5 votes, well, I’ve got to the 24th of December to decide, so I’ll carry on lurking on the mailing lists.

If you too are interested in having a say in how one of the most important elements of the open web will be driven in the coming months, then et yourself over to openid.net and pay just $25 to beome a foundation member.  Worth every cent

Gregg Fraley, the author of Jack’s Notebook, is looking to build a panel of 1,000 consumers/owners to provide lightening fast market research.  He’s currently up to 86 members.

If you’re a consumer (who isn’t?), creative in thinking and able to express an opinion in under 140 characters, then follow greggfraley2 on twitter or read Gregg’s blog post for more info.

This weekend at Sheffield BarCamp I saw a presentation by Tim Nash about how some SEO providers are achieving high rankings using web spam.

He explained, quite eloquently, how a technique called Markov Chains is used to create alternative copies of some source content that, to a search engine, has the same keyword profile, but cannot be linked back to the original content or to any of the other Markov derived versions.

Of course to a human reader the Markov derived versions are absolute nonsense, but to a search engine, they look like legitimate pages of human created content.  So when sprinkled liberally with links to the spammer’s target URL, the search engine rank that URL higher as a popular destination.

Now, I have no problem with people who use ingenuity to find kinks in the systems to bend to their own advantage, but it seems to me that it is not the (big nasty corporate) search engines who are being conned here, and it’s not just the users or the people who just want to create interesting and useful content but it’s the whole community that eventually loses out.

As the spam-arms-race spirals it becomes harder for us to find useful content or to get our useful content found.

While writing this I found that Seth Godin (unsurprisingly) put it much better..

Recently, while making an online purchase, I was asked by a online store to opt-in to the Verified by Visa anti-fraud mechanism.  On face value this seemed like a very sensible thing to join up to.  All I have to do is provide a password of my choosing that I re-enter each time I make a purchase online using my Visa card.

The structure of the Verified by Visa (and its Mastercard equivalent, 3D-secure) means that an online seller will not be able to keep my credit card details and re-use them later (for nefarious purposes) as I only provide my password directly to Visa NOT to the seller themselves.

Great, I thought!  Until I noticed that the site that was asking me to setup my password (and I would presumably have to re-enter my password at a later date) did not identify itself in any meaningful way. Check it out for yourself https://www.securesuite.co.uk.  Notice that the ’site owner’ does not appear in the Firefox/MSIE7 location bar and even if you examine the SSL certificate it seems to be registered to a company called CYOTA Inc. The only mention of ‘Verified by Visa’ is buried in the Organisational Unit entry in the certificate.

Now we can obviously google our way to finding out that CYOTA Inc are owned by RSA who probably provide the systems for Verified by Visa, but really…

The whole process is predicated on the buyer knowing that they are providing their password to Visa and no-one else so I find it incredible that Visa, CYOTA and the issuing banks are not addressing the confusion they are causing.

Worse still they aren’t just confusing the public about Verified by Visa, they are also positively ENCOURAGING user to ignore the warning signs of phishing attacks.