Tumbled Logic

"Over the years Rational has seen and tried a variety of approaches, but they have had limitations...."

Thu, 24 May 2012 13:50:14 +0100

“

Over the years Rational has seen and tried a variety of approaches, but they have had limitations. For instance, if your tools interact through proprietary, language-specific APIs, you end up with an exponential number of APIs and versioning issues. The API approach doesn’t scale. Another approach has been for all tools to converse with a central database. But this usually depends on a schema that is acceptable to all parties, which is more difficult to achieve and proves fragile as needs change.

Though there are supporters of these approaches; IBM was not satisfied. We realized that many characteristics we sought were present in the Internet and Linked Data. We have moved from a “tool-centric” approach to a “data-centric approach” based on Web standards. In this decentralized and scalable model, every piece of information that we have (e.g., a bug report) is addressable with a URI and can be accessed with HTTP.

”

- Interview: IBM on the Linked Data Platform

IE10 will ship with Flash, after all, but...

Wed, 23 May 2012 22:23:19 +0100

IE10 will ship with Flash, after all, but...:

That is, Flash is supported for only those popular but legacy web sites that need it. This feature is not broadly available for all sites.

(Apparently).

RIAA claims Limewire damages should be $72Tn

Wed, 23 May 2012 21:37:00 +0100

RIAA claims Limewire damages should be $72Tn:

That’s more than:

all of the money in the world;
the cumulative sum of money that the entire music industry has made since Edison’s invention of the phonograph in 1877.

A4e mandatory placement in... a strip club

Tue, 22 May 2012 17:00:09 +0100

A4e mandatory placement in... a strip club:

I’m all for strip clubs under the right conditions, but one generally accepts that they’re not going to be everybody’s bag.

Man slashes wrists in JobCentre

Tue, 22 May 2012 16:58:27 +0100

Man slashes wrists in JobCentre

"a political system that values debate-winning over truth-seeking, and openly ridicules anyone who..."

Thu, 17 May 2012 09:13:54 +0100

“a political system that values debate-winning over truth-seeking, and openly ridicules anyone who changes their opinion, isn’t the most natural home for the scientifically-minded”

- Geeks, rise! — Martin Robbins, writing in the Guardian

Man speaks sense.

"The incident at the O2 was eventually resolved after guards called police, who also asked to see the..."

Mon, 16 Apr 2012 18:46:27 +0100

“The incident at the O2 was eventually resolved after guards called police, who also asked to see the video footage, citing the Terrorism Act. The reporter was allowed to leave after neither he nor the police could properly operate the camera to replay the footage.”

- O2 Olympic venue in row over security against legal photography

Clearly a worthwhile invocation of the Terrorism Act and well-reasoned decision not to pursue further, then?

"Monkey is increasingly convinced that Twenty Twelve’s Ian “so that’s all..."

Mon, 16 Apr 2012 07:44:46 +0100

“Monkey is increasingly convinced that Twenty Twelve’s Ian “so that’s all good” Fletcher meets Chris Patten’s criteria far better than the current front-runners, and Hugh Bonneville’s character can now be snapped up at William Hill for a generous 2012-1.”

- Media Monkey’s Diary

Sleeper sleeper sleeper (Taken with instagram)

Thu, 05 Apr 2012 00:11:54 +0100

Sleeper sleeper sleeper (Taken with instagram)

Email and web use 'to be monitored' under new laws

Sun, 01 Apr 2012 16:53:51 +0100

Email and web use 'to be monitored' under new laws:

The government will be able to monitor the calls, emails, texts and website visits of everyone in the UK under new legislation set to be announced soon.

(Not an April Fools’ prank)

"Where April 1st falls on a Saturday, Sunday or Bank Holiday, April Fools Day shall be the first..."

Sun, 01 Apr 2012 09:17:03 +0100

“Where April 1st falls on a Saturday, Sunday or Bank Holiday, April Fools Day shall be the first working day thereafter.”

- Banking and Financial Dealings Act 1971 (dated December 1971, before you ask)

Alice and Bob and Linked Data

Thu, 29 Mar 2012 20:48:46 +0100

Alice: Hi, I’m Alice. You might remember me from danbri’s post to public-lod.

Bob: Hello again.

Alice: So, you want to share your in-house thesaurus in the Web as ‘Linked Data’ in SKOS?

Bob: Let’s just assume you’ve handed over the data stick and we’ve got as far as confirming that it’s well-formed RDF/XML, shall we?

Alice: Sure thing.

Bob: Okay, now what?

Alice: okay, so “linked data” is about putting pieces of information about things on the Web in a form that software can understand — like your RDF/XML here — and then joining it together with links, just like we join HTML web pages together with links.

Bob: Right. Er. How do I do that, then?

Alice: first of all, you’ll find it easiest if you break it up into chunks — one file for each of your terms. but to do that, you’ll need to figure out how to name them, and so we need to think about your URIs.

Bob: I have URIs? What are URIs?

Alice: they’re like the “generic” form of web addresses, only instead of just being used to refer to things you can actually get on the web, you can use them to refer to anything at all — you, me, this street, the abstract concept of “happiness” — whatever you like. Linked data works when people publishing information about those things give them URIs which you can plug into some software, and it can fetch the information at those URIs to find the description of the things.

Bob: Um…

Alice: okay, if you name something with a URI starting with ‘http:’, it tells any software coming across it that it could try fetching whatever’s at that HTTP URI (pretty much exactly the same way your browser knows to try to fetch stuff when you type a URL into the address bar or click on a link).

Bob: Oh-kay…

Alice: so, if you publish some data at the place on the web server you’ve referred to in your URI, that software can retrieve it and interpret it… and if it contains references to other things also identified by URIs it can try to do the same with them, and so on, and so on.

Bob: oh right, like a web… of data.

Alice: ’sactly.

Bob: right. so where were we?

Alice: so you need to come up with a pattern for your thesaurus entries which means you can publish the data at those locations.

Bob: a pattern?

Alice: yeah — you want something that’s predictable, not likely to change, and on a server you control (otherwise you can’t publish the data there…). you want something that isn’t likely to change because changing the URIs causes lots of hassle for you and all of the people who might come along and do interesting things with your data.

Bob: so, like, http://bobsthesaurus.com/entries/blah ?

Alice: that’s a good start. but I’d make that ‘blah’ some kind of unique identifier for the entry — don’t try to base it on the name or anything else which might change in the future — something like a sequence number would do.

Bob: okay, so http://bobsthesaurus.com/entries/1234 ?

Alice: yes, except…

Bob: what?

Alice: well, these are URIs for the actual concepts in your thesaurus, not for the pages or data files that describe them — it just happens that we’re building it in a way which means you can still use those URIs to get at the data using HTTP.

Bob: and…?

Alice: so we need to distinguish between “URLs for files on your web server” and “URIs for the concepts”.

Bob: we do?

Alice: well, you may not need to right now, but it will make other people’s lives easier, and make your life easier if ever need to make that distinction. say, for example, you want to give the file about a concept a title, and one that’s different to the name of the concept itself — so “Information about the concept ‘Fishing’” as compared to just “Fishing”. Or perhaps you want to state the name of the person who created the entry — it’s not the same as the name of the person who created the concept being described.

Bob: Okay… so there are different URIs for the concept and the files?

Alice: pretty much, but we want to make sure that whichever you use, you still get the file which contains the description of the concept. when linked data clients fetch that file, they’ll look for information about the URI that you started with.

Bob: so we want two URIs, but one of them is the concept, and one is the file? how does that work?

Alice: okay, so there are two ways of doing this, one’s a bit complicated to configure but some people prefer it, the other’s simpler. it’s probably best if we talk about the simpler one.

Bob: definitely.

Alice: so what we do is add a fragment to the URI for the document in order to make the URI for the concept. that’s the bit after a “#” in a URI.

Bob: oh, like an anchor?

Alice: kinda, yeah. in traditional web pages you use the fragment identifier to refer to a specific point in the document — an anchor, but in linked data you can use it to refer to something described by the document. the fragment isn’t sent to the web server as part of an HTTP request, so it sends back the document exactly as though you’d started off with the URI without it on the end… and the linked data client picks through the document you get back to find the information about the thing with the URI that you started with…

Bob: the one with the fragment?

Alice: bingo.

Bob: so I could use http://bobsthesaurus.com/entries/1234#thing for the actual concept, which gives the same document as http://bobsthesaurus.com/entries/1234

Alice: that’s more or less it, yeah. although you might make it easier for humans dealing with it if you choose something more descriptive than ‘thing’ — maybe ‘entry’?

Bob: okay. now what?

Alice: now we can talk about actually publishing it.

Bob: go on…

Alice: well, HTTP has a useful feature, called Content Negotiation, which means a client tells a server as part of its request what kinds of file it understands, and the server — if it can — picks the best match out of those it has available, all at the same URL.

Bob: sounds neat. what does it mean?

Alice: it means you can serve HTML web pages to people with ordinary browsers, RDF/XML to software which understands that, JSON to software which understands that, and so on…

Bob: oh, cool! how?

Alice: it varies by web server a little bit, but with something like Apache, you create the different versions with a different file extension (like “.html”, “.rdf”, “.json” and so on) and then tell the server that you want it to do content negotiation. part of the server configuration — and it will probably already be there, as it’s how it tells browsers that web pages are web pages and, say, images are images — maps those file extensions to what are called “MIME types”, which is what browsers and servers use to indicate what file format something is using.

Bob: if I’ve got these files, say, 1234.html and 1234.json, can I use those URIs too?

Alice: sure. these are what’s called different representations of the same document. the server — unless you go out of your way to tell it not to — will even include that URL with the file extension in the response headers, so that clients can know exactly what they’ve got back.

Bob: let me get this straight. I’ve got /entries/1234 which is my document, /entries/1234.html which is my HTML “representation”, and they describe /entries/1234#entry which is the actual concept?

Alice: spot on.

Bob: and I can, in my RDF or whatever, refer to all three of those separately, with different information about each, and a client could if it wanted to interpret that information?

Alice: assuming that’s how you do it and you’re consistent and configure everything properly, sure.

Bob: so how do I configure everything properly?

Alice: well, with Apache, the quickest way to get up and running is to use mod_negotiation and add the MultiViews option in your .htaccess or server config.

Bob: And that’s it?

Alice: well, that’s “it” provided you can actually do that. you might be running a different web server, or not be able to alter its configuration, which would complicate things, but in principle… yeah.

Bob: what about actually linking them together? or putting this data in to the HTML itself so browser add-ons and search engines can do stuff with it?

Alice: you did read danbri’s post, right?

Bob: ah, yes. of course.

"Mowat told MediaGuardian: “There is no evidence that anything illegal went on of course but it..."

Mon, 26 Mar 2012 10:39:26 +0100

“

Mowat told MediaGuardian: “There is no evidence that anything illegal went on of course but it does leave a bad taste. Tax is of course like that, and it is complicated. But one would hope that people working with public money should be paying tax at source, especially when the sums are so large.

“But it seems the BBC think they are above this – they would not even reveal which of their on screen talent use this system of using personal service companies. It seems unfair really – unfair on people like you and me who pay their tax at source in the usual way.”

”

- From BBC pays 3,000 freelancers through personal service companies.

Here’s the rub: the BBC, like most other large corporations, takes people on for short periods under temporary contracts through service companies. This should be no surprise whatsoever to anybody who’s worked… at all. The BBC Careers site includes a handy guide to the different types of contract the BBC uses for staff.

HMRC’s IR35 rules specifically target anybody who is employed through a service company to ensure that they pay tax and NICs just like anybody else. While there are — as with any tax regime — ways of avoiding this if you’re particularly determined, by far the most common route is to sign up with a service company who takes you on as a normal employee, and who deducts PAYE and NICs from you as well as a service charge to cover administrative overheads. This is really quite far removed from the “being paid to your own limited company of which you’re a director of and draw a minimum wage from” scenario which used to be common, as implied by the words “personal service company” in the headline.

In other words, “not having tax deducted at source” is an indicator of not very much at all. And, a good many of the contractors employed this way will take home less than if they’d been employed directly.

On Friday, David Smith, Head of Employment Tax at the BBC published a blog post about how the BBC pays contractors.

European Parliament Blocks Copyright Reform With 113% Voter Turnout

Fri, 16 Mar 2012 21:12:20 +0000

European Parliament Blocks Copyright Reform With 113% Voter Turnout:

WTF

International Teletext Art Festival

Fri, 16 Mar 2012 10:07:12 +0000

International Teletext Art Festival:

Excellent.

Anatomical Cross-Sections Made with Quilled Paper by Lisa...

Fri, 16 Mar 2012 10:00:00 +0000

Anatomical Cross-Sections Made with Quilled Paper by Lisa Nilsson

Provisioning keys and provenance

Fri, 16 Mar 2012 09:21:23 +0000

This one’s been bugging me for a while.

One of the issues which has caused issues for the adoption of standardised PKI in serious applications (such as banking) has been that of provisioning: you don’t want your customers storing the keys to your particular castle in a software keystore because the risk of compromise is too great.

The traditional approaches to this have either been to provision the keys on behalf of the customer and then send them out, or to use non-standard PKI setups which talk specifically to certain types of hardware token.

I’m wondering if there’s merit to another approach, permitting remote provisioning in an open fashion.

The issue with remote provisioning is knowing where the key is being stored, so why not just have the hardware token capable of signing a blob with its own key? That is:

Provisioning causes a new key to be generated and stored by the token
The token then signs the newly-generated public key with its own key, which is itself part of a normal certificate chain rooted at a CA managed by the token manufacturer.
Thus, you have a “certificate of provenance” attesting to the fact that the new key was provisioned on the token and the private portion cannot be extracted, with a chain leading back to the manufacturer (possibly through an intermediate “device class” CA to allow differentiation between different types of token from the same manufacturer).

Given this, and the modest protocol changes required to support it, you would be able to provision keys remotely, having a whitelist of acceptable token models which you have tested. Indeed, this list could conceivably be maintained by some industry sector body to ensure some consistency.

As an — entirely hypothetical example — example, you could end up with a chain which looked like:

[new key] → [per-card certificate] → Gemalto .NET Card → Gemalto Smartcards → Gemalto NV

As an institution, you have a list which either includes one of the entries in the chain (Gemalto .NET Card, all Gemalto Smartcards, or everything from Gemalto NV), or it doesn’t. Straightforward.

Now, what are the great big gotchas that I’ve missed here (besides the difficulty in bringing about change to TLS, and bits of the PKCS family…)?

Academy row school governors sacked by Michael Gove

Thu, 15 Mar 2012 16:58:22 +0000

Academy row school governors sacked by Michael Gove:

What the hell?

"Meanwhile, in partnership with the BBC, Arts Council England is launching The Space – an entirely..."

Thu, 15 Mar 2012 09:41:19 +0000

“Meanwhile, in partnership with the BBC, Arts Council England is launching The Space – an entirely new digital environment which aims to connect artists and artworks of every kind with the public. It’s part of a wider collaboration with the Arts Council to leverage the BBC’s critical mass of expertise in technology – and our access to mass audiences – to build digital capacity and impact across the cultural sector.”

- Mark Thompson’s speech to the Royal Television Society on March 14th 2012.

Nice to get a plug. Ithankyew.

Fired For Using Birth Control? It Could Be Possible In Arizona

Wed, 14 Mar 2012 12:30:55 +0000

Fired For Using Birth Control? It Could Be Possible In Arizona:

Insane.