Okay, stay with me here. Lotta concern about open documents–being able to get content out of old formats no longer supported by vendors. Lotta concern about legacy applications and hardware–some of it mission critical. How are you going to get info off your floppy disk in five years?

The National Archives could have a digital division dedicated to supporting both issues, right? Their website has a section already about electronic records management, saying “The National Archives is looking to improve its processes and procedures with regard to appraisal, selection, transfer, storage, sustainability and delivery. It has instigated a programme of work under the Seamless Flow banner to bring increased automation to these areas.”

Would this be a viable solution to a pressing problem? It’d be nice to be talking about solutions instead of problems for a change.

There’s an interesting discussion going on at Slashdot about this story in the Independent that large ISPs such as Tiscali, BT, and Carphone Warehouse want the BBC to pay up or face traffic shaping to limit the amount of bandwidth consumed by people using the iPlayer to stream video. Of course, network neutrality has already been a big issue in the US, but the issue there has been different for several reasons: 1) instead of one target there are many (Google, AOL, MSN); 2) some of those most in favour of being allowed to create priority traffic and additional charges are aiming to hurt competitors (for telcos, VOIP providers; for Comcast (cable operator supplying both Internet access and TV), other providers of streaming video). In this country, for the moment, we’re looking at a single large target that is not in competition with ISPs.

However, the essential argument remains the same: all users, including the BBC, are already paying for bandwidth. Aren’t we being asked to pay twice? I’m sure ISPs would love to have done this before wrt bandwidth-sapping stuff such as P2P and VOIP (and it seems as though at least some ability to differentiate among services will be built into BT’s 21CN), but there wasn’t a single large target they could shape or bill. My impression from ISPs of my acquaintance is also that much of the industry is in fact built on uneconomic, wafer-thin margins; but whose fault is that? We’ve seen over and over again that “unlimited usage” is not in fact unlimited.

But the bigger issue than money is control. This piece was about coffee machines, but it was a great illustration of network non-neutrality in action (unfortunately, the subs cut the line I originally had in it that “This is a matter of network neutrality” - damn it, because it was the best line I’ve written all year).

I think people will always protest change, no matter what it is, especially if it’s going to cost them money. (Though they often forget afterwards- who remembers now the giant protests when domain names stopped being free?). But network neutrality has done very well as a way of inspiring experimentation and development. The House of Lords report on personal Internet security (which deserves its own post) seems willing to dent network neutrality just a bit if it means greater safety. (Cue Benjamin Franklin.)

wg

Finally posted this. Would appreciate review of the maturity/impact assessment numbers, also I suspect we can do better on quotes and experts.

Meantime, Tom and I began a discussion by email we thought would be better opened up to those assembled here: what will the impact of NGNs be on the Internet?

Tom wrote that he thinks NGNs will either kill or cure the Internet: either it will force the network to grow up and become more mature and reliable (more disciplined) or it will I guess slice stuff up and destroy it. (To me, the first of those options is also a kind of destruction, as having the phone companies control the Internet would turn it into a controlled network like the old telephone networks and unlike the Internet we’ve known so far).

If Tom gives permission, I’ll copy and paste his email in here; there were more thoughts.

I think I’ve been living in the hope that the telephone companies wouldn’t gain total control; I do wonder, though, about the reliability of these NGNs. I remember Matt Blaze saying at a CFP years ago that no computer anywhere was ever engineered to the standard of the old telephone networks. Will we be able to make up for that with massive redundancy?

wg

And then there’s just plain getting the underlying database wrong.

(I note that my own street was placed wrong - and differently wrong - in several older A-Zs, and taxi drivers even now sometimes still go to the wrong place. Contrary to popular belief, I do not live *in* Syon Park.)

wg

I’ll be writing a daily blog from Black Hat and Defcon for the next five days for the Register (Dan Goodin is also writing security news pieces, so I’m not sure what else there’ll be.) This morning I talked to a guy from the Firefox security team. He made the (I thought interesting) point that what concerns the team most (ensuring that updates don’t break anything, so that users don’t turn them off) is not the biggest problem users have, which he says is typically old copies of Java lying around on their machines that they don’t know where they got them. JREs are often installed by software or OEMs; often you have no idea how old they are. Users don’t think to clean them out and you don’t update what you don’t know is there. And they pose significant security risks.

wg

Just as Chris Wren envisaged St Paul’s before a stone had been laid, so John Roese (Nortel CTO, also on the board of OLPC to whom I am listening as I type) sees a hyperconnected world.

[all this E&OE]Networks connect people, but he sees they will connect every thing, and every application. Consumers assume (and not because technologists offered the idea) that broadband will be everywhere. Consumer home IT and phones set the pace now, not work IT.

His word for what is coming is “hyperconnectivity”. We ship 10bns of microprocessors a year, he says, of which maybe 2% are connected to the net. But they’d all be more valuable if they were. The iPhone is not just another phone; it’s the first connected iPod, which is a lot more interesting. Speaking of OLPC he notes that the icon-driven laptop increases literacy far faster than books. So let’s connect kids everywhere.

He asks us how big the UK-wide government and IT comms ecosystem will be in 10 years? Heavens, I have no idea…3-4m nodes? (If there are 5m staff). No - if every application and entity is connected, it’ll be 10s, 100ms, even billions. Hell’s teeth. Imaging the civil service phone directory with an entry for everyone’s every openoffice application. (I cant speak right now but my blog will call you back…)

He says we’ll have to make the online communications experience as rich as the real life one. The 2-3G mobile connection won’t do it, 4g may start to feel more like it. The systems we put in place now will have to scale to accomodate everyone, everything and every application not just workforces. This isnt 10 years away; we’re entering this phase now.

His three tips are:

Simplify the transport (I take this to mean transport layer, not car v bicycles). IP is not the universal solution; it’s a mask to hide complexity. The technology, standards and costs are different. So the user experience cant be the same. Do we mask the complexity, or get rid of it? Using Ethernet-like transport, packet based, flat and hierarchical endpoint. Wifi today is the model for 4G tomorrow. from Sept 2008: 500mb from a mobile phone, and wifi as the primary access network. We think by 2010 wiring the building will be a choice, not a necessity.

All this simplification means a 40, 60, 80% reduction in capital and operating costs. The user sees a “clear pipe” when you cut out all the gateways. We should elimitate components, not add them.
We have to focus on mobilising our enterprises. We create infrastructure for LANs, but that’s not how people will work. Outlook web access is unecessary in the long term - it just dumbs own emai so it oesnt overwhelm the network. Dont optimise them to wo

Today our information and our tools to communicate are in different places. The time taken to go from one to the other is huge, and human capacity is finite capital. So we have to embed communication functioNs where the information lives: “unified communications”. This means comms functions in any appn or ecospace where comms are needed, and a network that can deal with every device, application, interface and place. He evokes the idea of skills-based routing so you only call the someone with the right skills who is actually available. (Imagine health or welfare self-help call services where you dial a number which means I want tospeak to someone who has been through the same experience, and who’s willing to help and who’s available to talk right now…

Take comple functions and make then simple: eg on a complex formula in a spreadsheet or a cluase in a contract “click to collaborate” and set upa conference call.

Our unified workplace comms strategies have to extend home, across boundaries, have to federate. Not just inside hyour organisation, but the peope you need to communicate with across boundaries. This determines the size of your comms ecosystem: not the number of staff, but the number of nodes, consulmers, and all their applications.

On that scale, complexity is our enemy. We cant continue to build disconnected technology that is made whole by human capital. So his prescription is:

Simplify the transport layer

Mobilize the enterprise

Comms-enable your applications

Phew. Why did I never learn shorthand?

We start again with Kable, which reports that CSIA (our sponsor) yesterday published their revision to the National Information Assurance Strategy (NIAS), the first revision since 2003.

Money quote from Sir Richard Mottram, permanent secretary, intelligence, security and resilience:”Individuals and organisations supply information to government which they rightly expect to be safeguarded,” “For government, as for all successful organisations, information assurance is now a key priority and it is important for government to give a lead on the best practice across the economy.”

Also from Kable, in the stating the obvious category, A government minister has said it has to make up ground in helping people with disabilities make proper use of technology. Anne McGuire MP conceded: “We haven’t quite caught up with how we support people with technology through government programmes.” Dear reader, Ms. McGuire just pushed every one of my buttons, and you will see another post from me discussing this at great length.

Department of Carrots: Following a successful trial in which the Department for Work and Pensions, HM Revenue and Customs and North Tyneside MBC streamlined the process through sharing data the departments are planning to roll out the system across a further six local authorities.

During the trial the time taken to pay someone their benefits after they had lost their job was halved, while the payment of tax credit was stopped more quickly, reducing the possibility of overpayments.

JISC: A new report has outlined the next steps for the long term management of data for the Joint Information Systems Committee and other higher education institutions. Dealing with data reviews the variety of data, and arrangements for its accumulation, storage and use, across disciplines. It sets out 10 key recommendations and a further 25 of lesser importance.

Ticking several boxes for us, Police at last week’s Glastonbury Festival have tested out new body worn mobile cameras, which transmitted audio and video images back to the police control room

According to Avon and Somerset Constabulary, it is the first police force in the UK to trial the system. Called the Body Worn Video Wireless system, the technology transmits encrypted digital video from cameras worn on the police officer’s shoulder. It also transmits the officer’s position to the police base via GPS receivers.

I don’t know why John Reid had to go to New York to make this point, but the outgoing home secretary has urged manufacturers of smart phones and other new consumer products to design out crime at the product development stage. Last month, a group of mobile phone manufacturers, academics and law enforcement representatives were invited to the Home Office to discuss areas of product development. Among the issues discussed were:
Is there a simple way for service providers to disable all the functions of the handset, including the camera and mp3 player, when it is reported stolen?
How could a stolen handset communicate its whereabouts to police or other phones?
Is it practical for a snatched phone to automatically shut down?
How can the relative security of different models of mobile phone be highlighted?
Should biometric access restrictions be rolled out to all mobile phones?
What can be done to prevent criminals using phones to facilitate crime?
How can the police maximise the forensic value of the handset?

The Open Rights Group (ORG) has given a vote of no confidence to the recent round of e-voting pilots. It published a report on 20 June 2007 that includes scathing criticisms of the way e-voting and e-counting proceeded at a number of sites during the local government elections last month.

From BCS, a discussion of quantum computing and cryptography (does anyone else agree with me that cryptography has become the sole raison d’etre for continued research into quantum computing?)

In the ‘just because it’s cool’ department, IBM has announced that it has tripled the speed of the world’s fastest computer through the development of a new machine. The Blue Gene/P supercomputer, the next step up from the Blue Gene/L unit, is capable of operating at speeds faster than one petaflop, equivalent to one quadrillion processes a second.

Ben Laurie points us to Stefan Brands writing about the spectrum of uses available when selective disclosure is employed.

Via the Institute For The Future, this report on pervasive computing. It focuses largely on potential impacts on health and the environment, and discusses three scenarios for take-up.

Also from the IFTF, a discussion of cybewar in the New York Times. (They get it wrong right off the bat, assuming that Tickle Me Elmo dolls won’t be turned into unstoppable killers, just because they are not currently hooked into the Internet. Sheesh.)

Light Blue Touchpaper discusses dual use tools that can be hijacked by hackers and the government’s less than delicate approach to them.

And that’s it for today–hope we filled your tea break.

Here’s our preliminary assessment of the main categories of emerging technology issues, along with an impact rating. Each is discussed in more preliminary detail on the Blindside Wiki. We will be reporting to the Cabinet Office in mid-July on those that assessed as having an impact level of 3, and need full expert descriptions by that date.

This is your chance to tell us we’re on the wrong track: to add stuff; to argue that somethings missing, over-rated or under-rated. Don’t miss it!

Category Impact (from 3/high to 1/low)
————————
CCTV 3
Convergence 3
Location-based services 3
Mobile and Pervasive Computing 3
Open Standards 3
Anonymity 3
Data breaches 3
E-Voting 3
Human rights (intersection with emerging technology) 3
Identity management 3
NHS IT 3
Non-bank payment service providers 3
People and IT 3
Mission Critical Legacy Systems 3
Rampancy: AI gone wrong 3
Surveillance society effects 3
Semantic Web 3
Self-reproducing technologies: the “GRINs” 3
- *Geno- 3
- *Robo- 3
- *Info- 3
- *Nano- 3
Social media 3
APIs 2
Bandwidth - massive wireless and cable bandwith to the home 2
Shared Service Management 2
Ultraportable devices 2
Automated number-plate recognition (ANPR) 2
Bad sysadmin procedures 2
Bad procedures - other 2
Changes to daylight saving time in the US 2
Public sector databases on children 2
Keyloggers 2
Phishing 2
Phones as bugs 2
Technologies for Non-Repudiation 2
Underground economy servers 2
Unencrypted email 2
Biometrics - unencrypted 2
Windows Vista and other operating systems 2
Government IT projects 2
DNA terrorism 2
On demand computing (ODC) 2
Grid Computing 2
Quantum Computing 2
plus in the lower impact categories (please use the search box if you want to add to these):
Aeronautical cabin services 1
OpenDocument 1
Service-oriented architecture 1
APIs that change without warning 1
Cybercrime 1
Electronic banking 1
Fraud Websites 1
Search Engine Logs 1
Spam 1
Computing Monoculture 1
DRM and its side-effects 1
Environmental side-effects 1
Exploding Batteries 1
Optical Computing 1
User-generated content 1
Virtualisation 1
Generation C - the knowledge nomads 0

Thank you for any help, comments, suggestions.

According to this blog post by Damien Mulley, IBM announced on Friday that “they’re going all Web 2.0 and social with their Enterprise offerings. Blogs, wikis, collaboration spaces for staff and customers, social bookmarking (called dogears) and a few more bits and pieces. They’ll also be releasing mash-up software for Enterprises.”

And later, “And now for the mashups: IBM is previewing an Info 2.0 suite of integrated products that enables organisations to easily catalogue, combine, transform and remix any type of data and content by drawing on the industry’s widest variety of enterprise data sources and a vast array of Web data and content.”

Do you think IBM’s version will be as free as the stuff the rest of us work with? Or will they use information security to add a few zeros to this?

If you have spent any time at all thinking about the issues we are covering at Blindside, do you start having science fictiony-type thoughts?

Thinking about the information security impacts of genetics, we are now able to encode useful information into the DNA of plants and animals and have that information pass to the next generation. Cool stuff, and it does have implications for IT security and information assurance.

But then I started thinking. You know that everyone was surprised at the signal to noise ratio in human DNA–far fewer genes than we expected, etc. Has anybody thought to check the junk DNA for a signal?