Germany recently changed their copyright and intellectual property laws, with a devastating effect on science and research: Going forward, libraries will only under very limited circumstances have the right to send out digital copies of a scientific article. There are many other new and significant changes - most of the times to the benefit of the "Content Community" (aka content mafia).

Maybe you are directly impacted, or maybe only tangentially. But ultimately, this kind of advantage for the content creator will continue is nibbling away from our rights to private copies, fair use, and - eventually - free speech. And since we do live in a fairly globalized world (at least as far as lobbying by the content mafia goes), this will effect all of us. Therefore, I ask you to consider signing the "Göttingen Declaration", asking for a reform of the latest changes in one of the biggest economies in the world.

tag: Copyright, FairUse

Here is a short little article by the German news magazine DER SPIEGEL on green datacenters. Interestingly enough, one of the biggest German hosting companies (1&1) has decided to go with the SunFire systems with the Niagara processor (8 core SPARC). Econony and ecology go hand in had into the mainstream...

The MPAA has finally proved to the world what they really are: a criminal cartel that does not stop short of illegal means to advance their interest. CNET reports that TorrentSpy has filed a complaint against the MPAA, accusing them of hiring a professional data thief and anarchist (a.k.a. hacker) to steal private communication and trade secrets from TorrentSpy.

Protecting intellectual property and prespecting copyrights? Yeah, sure...

Today, our OpenID provider finaly went into production. As some may have noticed, http://openid.sun.com/ has been live for some time now, and the team has been playing around with it. As of last night, we (or more precisely: Hubert) flipped the switch and we are officially live.

tag: OpenID, identity, opensource, sunopenid

No, this post is entirely unrelated to LAMP or even technology. This is only about a bird nest in the lamp over our main entry door at home. The are two chicks in that nest that really make a lot of noise ...

And here is a closeup:

Anyone an idea what birds these are?

tag: Nature, Birds

This is quite astonishing: I am sitting in a public elementary school in Massachusetts, happily booting my laptop to finish reading some PDF document. After logging in I suddenly notice that my wireless adapter picks up a network: 'linksys'. Amazed that some neighboring home reached into the school building with their WiFi access point, I only quickly check the nameserver to see which ISP that access point is connected to: (name of town).mec.edu. What??? I am in the school network? No WAP/WEP, firewalls, proxy or anything.

Given the fact that the calendar shows the year 2007, I am now really astonished and shocked, that the IT environment of an entire school system is exposed to the world through an unprotected WiFi AP.

The security, privacy, and potential ID theft implications are huge: I assume (though I cannot speak for certain, since I did not even try to touch any of the systems) that some of the systems in this infrastructure contain personally identifyable information about the school staff, teacher and even students. Even a well patched and maintained system that is monitored by advanced intrusion detection software can not necessarily replace a firewall that blocks in-coming traffic. I just hope that - going forward - things like this will never happen again.

tag: security, schools

In order to go through some exercise here, I recently needed to create a few Java classes from XSD schema. "Well," I thought, "JAXB with its integrated XJC is your friend!" And so it is, but you might have to dig a little deeper.

The problem I was facing was a schema that had references to WS-Security, XML Encryption and XML Signature. As such, it imported all these schemas from the web using <xsd:import namespace="..." schemaLocation="http://..." />. Since xjc is pretty flexible, accessing these schemas on the web was a charm, even through the firewall. After all, this is much better than downloading all the referenced schemas (and all schemas they reference) and edit the imports to point to the right location in the file system.

Well, not so quick. In their infinite wisdom and foresight, the schema developers at OASIS and W3C decided to use different schema locations for XML Dsig. They reference the same schema (with identical namespace, obviously), but import through different schemaLocation URIs. That confuses xjc to no end, since it detects a re-definition of the same object and gives up.

In order to resolve this problem, you can create an XML Catalog, that allows you to rewrite (or redefine) URLs referenced in you schema. Here is an example:

<?xml version="1.0"?>
<catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog">
  <system
      systemId="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"
      uri="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd" />
</catalog>

This simple catalog redefines the URI used by the XML encryption schema to point to the one used by OASIS. The XML Catalog specification provides many more options, and it is good to know that xjc supports this.

While this is quite simple, I found it relatively hard to find concrete examples on how to use this mechanism.

tag: XML Catalog, XML Schema, XSD, JAXB, XJC, Data Binding

... software, that is here the question.

There have been quite a few comments for the leadership of my employer lately (GregP, JonathanS), and now Mark Shuttleworth of Ubuntu chimes in.

His argument goes as follows: Microsoft (and in extension most, if not all major corporate software player) really do not have an interest in software patents. Why? Simply because they are obviously the most juicy target a patent troll can hope for: deep pockets, big software products that cover vast areas of intellectual property. Examples of this can be found at Mike Dillon's blog.

In the light of these developments, Non-assertion covenants such as Sun's for OpenID are of crucial interest to the developer community and the public as a whole. These initiatives truly create a "patent cold war" in a good sense, at least within the software industry.

What remains is the patent-troll industry, and here is where regulatory bodies are required to evolve the current patent and copyright legislation ^[1] to a model where inventors and practitioners (like developers or artists) are rewarded, while parasites (like patent trolls and ...) have their air supply cut for good.

I am wondering one thing (and maybe there is a legal expert/lawyer out there who could clarify this): Can I license e.g. software in a way that would revoke license rights from potential patent plaintiffs?  So that any software license has a 'nuclear' provision, that renders the entire license provision null and void, if the licensee (i.e. user of the software) uses software patents for the sole purpose of suing without practicing such patents in a meaningful way. Note that this provision should not be directional, but cover any suit based on horded patents.

If the open source community and the commercial software community adopted a model like this, the patent trolls would at least be relegated to using paper and pen for all of their fillings.

tag: patents, IPR, intellectual property, NAC

[1] absolutely including the completely brainless DMCA and its WIPO relatives

UPDATE: After talking to a few folks (that are quite cynical at times ), I guess my license idea would not work: It would be quite easy for a troll to setup a front and 'outsource' business activities ...