Entries by David Short

After a hard day's work at Broadsight Towers, some of the team decided to let our hair down last might by attending a lecture on Web Oriented Architectures at the Institute for Engineering and Technology (IET) in London. It was given by Mark Edgington. Here’s our quick précis, with apologies to Mark!....

The basic premise was that Service Oriented Architecture (SOA) is a heavyweight architecture that is required for enterprise solutions whereas web oriented architecture (WOA) is a lighter weight solution that covers most of the use cases. Although web based architecture is not a formal specification, there is a significant amount of custom and practice. Because of this popularity and also because it’s a simple architecture, it has good inter-operability. Think of all the bots and clients talking to Twitter!

SOA is appropriate for applications that need security, transactional integrity and all those good enterprise grade things. They tend to be internal to an organization and this is just as well, because components from different vendors are often not interoperable.

Don't be religious! The SOA and WOA approaches both have pros and cons. Choose the one that is fit for your purpose. This might mean using both approaches on the same project for different users or purposes

It seems to us that many complex standards emerge, then after a while the community realize that they can get 80% of the benefit from 20% of the complexity and invent a cut down standard for "everyday" use – X.500 and LDAP, X.400 and SMTP, ATM and TCP/IP.

Our only quibble with the lecture was that SOA was presented as synonymous with the SOAP/WDSL family of standards and WOA with REST. We find that the usage tends to refer to the business and technical model at an abstract level.

The IET are running another series next year, starting in September 2009. Have a look at IET Events if you are in London.”

So, Broadsight are spread thinly this week. While Alan is sunning himself at the Telco 2.0 Conference in Nice, the rest of the team were at the Digital Britain Unconference at the ICA in London.

It was an interesting and worthwhile event, set up as a reaction to the lack of consultation during the preparation of the official Digital Britain Report. As many readers will know, the official interim report leaves a lot to be desired. Without wanting to rehash all the arguments, the government seems to be perpetuating vested interests (e.g. traditional content owners) at the expense of, well, everything else! There is a nod to inclusion with a 2Mbps universal service obligation, but that seems inadequate and the thinking is confused.

The Unconference was a useful "mass brainstorm" and the crowd sourced some interesting points that were missing for the report e.g. enforceable privacy, building an innovation culture, user generated content from individuals and communities. Many people were concerned and rather cynical about the approach to copyright, of course.

I know that the organisers (that includes us btw) are going to write this up and present it to Stephen Carter as part of the consultation before the final report is written and we should be grateful to them for doing this, as a necessary process.

However, my overriding thought is that this is all so important for everyone that it shouldn't be left to a small group with a special interest in the technology. We wouldn't leave civil engineers as the only people to respond to proposals to build new roads, but "digital" is still seen as a ghetto and not the infrastructure of everyday life.

Here's an interesting post on Bruce Schneier's blog. It talks about the growing trend of governments and corporations to store almost all on-line and telecommunication information indefinitely. Given that so much of our lives and business is moving on line, this leaves little space for the "ephemeral" conversations, which are not intended to be "on the record".

Unless you buy the "nothing to hide, nothing to fear" argument, this is a worrying trend.
It is hard to see how to role back this tide of surveillance and perhaps the way to deal with it is to change the way we think about what can be considered binding and "incriminating" (in the widest sense). The ability to be untraceable or unrecorded does "oil the wheels" of society and business. Many people do things that are quite legal, but would not like them to be generally known for all sorts of legitimate reasons. There are also plenty of "grey areas" where people do things that are on the margins or beyond the margins of legality. We may find many unintended consequences if ever-increasing surveillance technology stamps out these practices.

It's good to see Alan and everyone else is having fun at SXSW. Back in Broadsight Towers we continue with the detailed analysis of trends and careful consideration of complex arguments and try to rise above the superficial and febrile stream of tweets

I noticed that Alan's earlier post is recommending that all the SXSW'ers get off the net and go and talk to each other. I should think so, given how much CO2 they have all emitted to be in close physical proximity! It reminded me of the 'Analysis' podcast from the BBC that I listen to on Friday. This was about the way that the Web is 're-wiring' our brains so we depend on 'fixes' of rapid, bit size info-chunks. I am happy to report that I was able to concentrate on this podcast and give it my total attention for the full 30 minute running time, so clearly I have not been re-wired yet!

The basic argument was that the constant flow of and easy access to, information prevents children from developing the capacity to recognise and evaluate structured and authoritative sources, or put together their own complex and structured arguments.

I think that this is an area for concern, but taking a "snapshot" now is misleading as the technology and social structures around it are far from mature. My gut feeling (very reasoned and structured, natch!) is that we will find ways to use address this issue as the web develops.

Anyway, 'Analysis' gives some food for thought and is always worth a listen.

This is a sad story as many of us in the UK have fond memories of Woolworths. Of course, it's very sad for all those staff who are losing their jobs just before Christmas and our hearts go out to them.

I mention "fond memories" of Woolworths as it was an interesting shop to visit for me as a child. There were all sorts of unexpected things that you could not buy elsewhere (or at least, not on the average high street.) Reading the press coverage of the last sale at Woolworths, it occurred to me that Woolworths was an aggregator of "miscellaneous stuff". In the age of the WWW (and eBay in particular) it's just not efficient to try to do this through "bricks and mortar" outlets. So perhaps this was inevitable.

Other businesses that rely on physical aggregation should find new business models.

Richard Stallman of GNU fame is the latest luminary to cast doubt on the idea of cloud computing. His point is that it's unwise to hand over your data. I do agree with him and worry about the way that our privacy is being undermined. On the other hand, many of the cloud services do offer great utility and when users have to choose between utility and security.......

Broadstuff is here, in a rather wet Amsterdam, to attend the IBC show. This is the International Broadcasting Convention and is the show for TV technology in Europe. It fills the RAI exhibition centre here in Amsterdam as well as all the hotels and taxis in the city.

Just to prove how wet it is here, here's a photo of the (empty) "IBC Beech". In previous years, with better weather, many TV technology types could be seen "working" here during IBC!



Now that everyone in the TV industry has got over the excitement of IPTV and High Definition from two or three years ago, IBC more about lots of small, incremental improvements everywhere, but no "wow" factor so far. We have been told that the mobile section has some surprises, so will will check those out over the weekend and report back.

A few things caught our eye, while walking around the show.......

Demo of rain proof TV lights with indoor rain (which was bit ironic considering the weather outside!)



The dancing girls at the FOR-A virtual studio demo.....



And finally, we couldn't leave you without a 2D picture of a 3D TV! I can't actually see the 3D myself, although my colleague can, but he tells me that it gives him a headache if he watches for too long.

I've just noticed that a small milestone has been passed in our household. That is, that for most "public service" TV content, we now have three ways of watching it "on demand". We are in the UK and so public service content comes from the BBC, ITV, Channel 4 and 5.

We can now watch recorded programmes on the BSkyB Sky+ PVR (satellite), we can watch the Virgin Media "On Demand" VOD service (cable) or we can stream video from the broadcasters' websites over the Internet. The BBC, in particular, has quite advanced solutions for cable and the internet, branded as "iPlayer". The other broadcasters are not far behind, but iPlayer is more comprehensive and consistent to use.

The BBC is interesting to watch as it shows what is technically possible. (The BBC has a mission to provide content to licence fee payers and is funded by the licence fee, so they don't have to worry about getting revenue from a new service.) It's clearly getting very easy to package and move content around, but is it commercially sustainable? I have been following the saga of ITV in the UK, who are funded almost entirely by advertising and they are seeing a steady decline in that revenue as advertising spend moves to the Internet and PVR's undermine TV ad spots.

So how do the three platforms measure up?

On an Standard Definition TV, I usually can't tell the difference between the Sky+ PVR and Virgin Media on demand. I have seen a few MPEG artefacts on the Virgin Media on demand service, but that might have been because I was looking for them! Over the internet (as you would expect) the picture resolution is noticeably lower and the frame rate also appears to be lower (giving a jerky picture, especially on slow panning shots.)

How about navigation? The most obvious point is that a PVR has to be programmed before the show is broadcast, although series linking mitigates this. (Some people would say that PVR isn't really "on demand", although it does give a similar user experience.) I have to say that the time/channel grid is still a very intuitive way of finding a show that I want to watch, but that might be because I am old fashioned

The navigation of a VOD catalogue on a TV does have a fundamental navigation problem as catalogues are large and TV screens are small. The early versions of the Virgin Media (then NTL) VOD were very cumbersome and slow to navigate, but Virgin and their VOD/middleware supplier SeaChange, have made many improvements and it is now quite usable. In particular the BBC iPlayer application, which is overlaid on the SeaChange platform, is very easy to navigate and even has a free text search option. It is still not a quick and simple as a Sky+ PVR, but that's because it is giving access to a much bigger library of content.

Navigation on a PC is better that the two TV based alternatives, but it would be, wouldn't it? There's more screen space and the computer has more processing power to keep the GUI running quickly. Of, course, we get into the "lean forwards / lean back" debate i.e. computers are for working on and TV's are for relaxing. Again, I might have an old fashioned view on this. Once I have done the hard work of finding the content, I always find that my children are happy to relax and watch the content on a computer

We've been checking our DNS servers at Broadsight in view of the recent vulnerability to the DNS system found by Dan Kaminsky. In a nut shell, the vulnerability means that unpatched DNS caches can be "poisoned" into remembering the wrong IP address for a server. If a person, company or their ISP is affected, any or all Internet applications can be redirected to a malicious server. This means that email, web, IM or even software updates could be subverted. For more info, see Bruce Schneier's Blog

This issue set us off thinking about trust and identity on the net, which is something we keep coming back to. The interesting thing about the DNS problem is that the DNS system is not meant to be very secure. If you want to check who you are talking to on the Internet (or any untrusted network) there are perfectly good technologies to do just that e.g. X.509 certificates, SSL, SSH, etc. The problem is that people are not very good at using them. For example, there are plenty of phishing scams that obscure the real server identity, simply by showing a "fake" address in the visible part of the hyperlink. Many people have revealed their banking passwords in spite of the fact that the certificate must have been invalid or missing. Of course, it's not all the fault of the users. Many websites that handle sensitive data don't use SSL (LinkedIn is an honourable exception, by the way). I guess this is partly cost and partly ease of use. Security always takes some time and effort.

So, supposing that your DNS is working properly, all that it tells you is that you are connected to a server that is registered with the name it's registered with. You don't really know who runs it or whether they can be trusted. Obviously, many user stick to well known brands like Google and Amazon for this reason. They may trust recommendations via word of mouth (off net or on discussion boards.) There are also some sites that rate other sites, but who guards the guardians? We can see scope for a system of federated delegation of trust, so trust can be securely passed on via social networks. Of course, there are sites that do this internally (notably eBay) and that has been very successful, but is limited to the site in question. It's also quite one dimensional. Trust should be a richer concept than that. For example, I might trust my accountant to do my taxes and my doctor to diagnose an illness, but not the other way round.

As more of life is conducted on the net, it will more and more become important to present identity and trust in ways that users can understand and use appropriately for the task at hand, from reading wibble on a discussion board right the way up to eCommerce and banking. I think it will be the mid-range activities that will be hardest to get right. Already, the banks are locking down their security, so criminals will be looking for softer targets e.g. pump and dump. Think how effective that would be if someone had subverted the website at the Financial Times?

What's the story here? That the government lost a couple of disks in the post? NO!!!! Things do get lost in the post!

The story is that unencrypted data was put in the post! Unbelievable! How many times have similar disks been intercepted, copied and then sent on their way? How would we ever know?

The other alarming thing to come out is that, according to news reports, a "junior official" prepared and sent the disks. Why do junior officials have this level of access?

This must be a big nail in the coffin for the UK Government's plan for a national identify register, which would have much more detailed information about everyone in the land. Does anyone believe that the government can keep such a valuable prize safe?