Constantin wrote a nice article on high-resolution audio, that I would really recommend to audio fans. I especially like the section on the shortcomings of CDs and some of the psychoacoustics behind it.

Just adding a few things:

• DVD-Audio discs are also found on the DVD layer of DualDiscs. The beasts are two-sided media, that have a Red Book CD side and a DVD side. If you own e.g. some of the re-releases of the Talking Heads (the Brick), you have DualDiscs with high-resolution (96 kHZ/24 bit - 5.1 and Stereo) audio. There are two major caveats with the DualDiscs: some do not feature DVD-A content, but rather a DVD-Video version, some interviews or live concert video coverage. The other problem is that a few CD players have reported issues when playing back the CD side, it is not 100% conformant to the physical characteristics of Red Book discs. I have yet to see a player where is would be the case.
  One of my favorite DualDiscs (beside the Talking Heads) is the 20th anniversary release of "Brothers in Arms" from the Dire Straights in DVD-A.
  
• To make all things codec even more complicated, starting with the new HD video media there are now also new HD audio codecs:
  
• Dolby TrueHD: Finally a code from Dolby that does not take away half the audio information, TrueHD is a 14 discrete channel container using MLP compression.
  
• DTS HD Master Audio: Another lossless HD contender, this time from DTS, with not logical limit on the number of discrete channels.
  
• It was quite obvious that the content mafia industry would insist on delivering broken products for high-definition reproduction: thus was born the completely useless HDCP scheme, that damages the HDMI (and DVI) transport beyond repair. Unless your system is blessed with the right keys for decrypting HDCP-scrambled packages, you will not see any HD content on your system. Microsoft is deeply in cahoots with these dubious characters businessmen and intentionally damaged Vista to not properly display movies or High Resolution audio, as Peter Gutmann recently explained.
  
• There is at least one more source for high-resolution audio links - and it is even free: check out the Internet Archive, music section. A lot of band allow fans to publish bootlegged versions of their concerts in any format, resulting in (sometime) really nice quality recordings at high bitrates.
  

tag: DVD-Audio, DRM, High-Definition, Audio

Today's announcement that Universal has finally decided to come to senses is quite encouraging. In this, they join the ranks of EMI that reported very positive revenue figures for their DRM free music. These are certainly encouraging signs that the music industry is finally recognizing that times have changed and that the People are not their enemy, but instead potential customers.

I would like to take this occasion to point to a record company that should be regognized for their groundbreaking approach to music distribution: Linn Records, subsidy of the well-regarded Linn audio products. Not only have they been selling DRM-free MP3s for quite some time now, but much more important, they are offering for a large part of their selection CD quality and - even better - studio master quality downloads. Note that these are not merely high bitrate MP3s, but in the case of the CD quality downloads they ship 44.1 kHz/16 bit resolution, for High Resolution it is mostly in 88.2 kHz or 96 kHz and 24 bit quantization. To make this even better, the files formats are either WAV (uncompressed) or the free lossless compression format FLAC. Burning the bit to CD or DVD-A is actually encouraged.

Currently these downloads are all in stereo only. But upon request, a spokesperson told me that they are actively looking into the possibility to releasing some of their 5.1 music in high resolution.

If that got you interested, you might also want to take a look at their physical products: many of their releases are available in SACD and/or HDCD, and the artistic quality is - from what I heard so far - pretty good.

tag: DVD-Audio, SACD, High-Definition, Audio, DRM

This is the taping of the full lecture - highly recommended:

tag: science, evolution

With this article I will try to clean up a little bit of the confusion that I help to create over the past few days. You might want to ask "WHY?" The answer to this is quite obvious: the medium is the message: the content of a message and how it is received depends strongly on the form it is presented in.

This will be my last post on the subject of "meta"-ness. At least for the time being.

It seems to me that there is a fundamental disconnect about what a system differentiates from a meta-system. For myself^[1] (and it seems also for Paul and Robin), a system is a set of rules, protocols, profiles, etc. that are to be implemented. For example, there is a system in place that governs the quality of gasoline and automobile motors, and its standard ways of distribution. This system consists of rules, regulations, engineering practices etc.

From what I gathered in the recent discussion with Bob and Pamela, it seems that they would call these rule-sets a meta-system (please correct me, if I am wrong). If I understand them correctly, the individual gasstations, car manufacturers, refineries, etc. would be called systems.

So far this comparative example held up well, therefore I will be trying to overstrech it now: To me, a meta-system would govern how e.g. different car fuel systems (such as hydrogen, electricity, natural gas) could be made to work together. Examples of this would be creating user devices cars or identity/service providers gas stations that can consume or dispense different types of fuels.

I am not quite sure what the right term for this would be, but the dreaded meta-meta-system certainly comes to mind. That is why I suggested (only half-jokingly) the term aleph 0 system^[2]since it would equalize the different 'starting points'.

---

Now, applying these thoughts to the identity world, I come to the following conclusions:

• Of the three contenders (Liberty, CardSpace, OpenID) for identity systems Liberty was the first identity meta-system.
  
• Concordia will hopefully serve us to arrive at an identity meta-system (better: an aleph 0 identity system).
  
• OSIS has so far tested implementations of identity systems (i.e. identity meta-systems), and will hopefully expand to use cases for identity meta-systems.
  

tag: identity, meta-system, meta-meta system

[1] In this article I will mark the terms system and meta-system either in blue or in orange, depending on whether I use them in my way or with the meaning that Bob and Pam have in mind.

[2] Ok, anybody with a better term?

There seems to be a little confusion over the differences between identity systems and meta identity systems. Some identirati are of the opinion that in order to qualify for the "meta" tag it suffices to support a single family of protocols and multiple token formats, while others are convinced that a "meta" system should also support multiple protocols.

Since this seems confusing to me, I implicitly suggested to call the later an "identity meta-meta-system". Opening this can of worms, you can easily derive at an "identity meta-meta-meta-system" etc. to include other staggering advances in interoperability such as semantics.

To prevent this kind of meta proliferation, I am now convinced that we should define the goal of "getting-these-pesky-identity-thingies-to-work-with-each-other": Aleph₀ Identity System (AIS) [1]. The AIS can - by definition - not be implemented, but describes the elysian state, where all identity systems that would like to be interoperable or interchangeable, are interoperable or interchangeable with all others participating in the Aleph₀ Identity System.

tag: identity, meta-system, meta-meta system, humor

[1] This is motivated by the notion that the cardinality of a countable set (in this case the meta's) is commonly denoted by Aleph 0:

Both Paul and Robin beat me to this ...

The recently published report by Burton's Bob Blakley summarizes the result of an interoperability testing fest at the Burton Catalyst conference earlier this year. This venue was a great success for the Windows CardSpace identity system, since it was the second OSIS event where a variety of open source projects and closed source commercial products demonstrated a significant level of interoperability. Given the early and evolving state of the InfoCard system, this is a great success for all parties involved.

However, Bob is somewhat mistaken in parts of his article:

"The interop participants accomplished in two months of concentrated effort what it would probably have taken them a year to do working independently without the looming deadline provided by the Catalyst demo."

This is not quite correct - the Catalyst interop fest was the second such event organized by OSIS. The first one was held earlier at the Internet Identity Workshop 2007. Results and blog reports on this can be found all over. Having been a member of OSIS for some time now, I find it a little unfair that this interesting (un)organization - that certainly had its ups and downs - is not given the credit it deserves.

"While it is still fair to say that user-centric identity technology is in its infancy, if progress continues at this rate the technology should be ready for enterprise adoption within a year."

I am surprised to see such a bold statement, especially since even some of the core developers and architects not quite happy with the term "user-centric identity". Let's just step back and start to count how many glossaries, lexicons, and lists-of-used-terms define digital identity, identity system, user, and user-centric in different ways with sometimes completely different semantics. Predicting enterprise adoption within a year seems a little overly optimistic to me, especially if we consider that there are still a number of significant issues even within the reference implementation of the InfoCard identity system.

As Mark Wahl has pointed out earlier, most of the issues encountered during the second OSIS interoperability fest are related to the lack of proper schema management for attributes and their semantics [1]. The only project in the Infocard system currently working on these issues is Higgins, with their use of OWL (although some people might argue that this is technological overkill).

Outside of the InfoCard system, there have been other efforts to get to at least some standardization of attribute interpretation (SAML attribute profiles, which work nicely with LDAP/X.500 and XACML and other likely sources) and work is being taken up by Liberty to standardize identity attribute sharing rules (e.g. the IGF/IDG work, based on CARML/AAPML).

At the end of the day (closing the loop and coming back to Paul's and Robin's point): Even though there have been a number of different products and projects that successfully worked together, this technology is a far cry from being an identity meta-system. Multiple-protocol interop on the wire would be a true metasystem, and is a goal that various systems -- Liberty, OpenID, and Windows CardSpace included -- would need to work on together. Concordia is (probably more than) a first step towards this goal.

tag: identity, IIW2007, interoperability, InfoCard, WCS
 
[1] Obviously a lesson well learned through the LDAP and - even worse - LDUP discussions.

Here is a thought on privacy in Germany: it often appears that privacy protection is taken very seriously in Germany and citizens have decent control over who gets access to their personally identifiable information. I was under that impression myself for a long time, until a discussion with a friend prompted me to take a closer look at the situation.

I was extremely surprised to see how little privacy protection actually exists in Germany - with respect to the government. It is true that the federal data protection act ("Bundesdatenschutzgesetz") puts a lid on obtaining, storing, evaluating, and disseminating personal data, especially for the private sector. In general, the "opt-in" principle is followed, where the data subject must give express permission to collect or store PII, and has the right to recall such permission at any time. However, this federal law also makes it clear that some or all of these provisions can be lifted by specialized laws.

One set of these laws limiting the federal data protection act are the laws requiring every person living in Germany to register with city hall when taking residence ("Meldegesetze"). These laws actually precede the data protection laws and allow the registration agency ("Einwohnermeldeamt") to collect and store the following attributes:

1. all names (including former names, pseudonyms, etc.) and academic titles

2. DOB, place of birth, sex

3. addresses (all current and former), including the dates when they changed

4. legal guardian(s), including addresses, DOB, date of death, titles, etc.

5. all citizenships

6. religious affiliation

7. marital status, including dates and reasons for changes

8. spouse (including names, titles, DOB, date of death, all current and former addresses)

9. underage children (again, names, titles, DOB, ... you get the idea)

10. date and place of death

11. restrictions for releasing this data

12. eligibility to vote in national or European elections

13. tax relevant data (including religious affiliation of spouse)

14. unique tax ID (as soon as its issued)

15. weapon permits, demolition permits

All this data is - more or less - freely accessible to any government agency, including the German internal revenue department and federal tax agencies, welfare offices, motor vehicle registries and licensed religious institutions.

In addition, the registration agencies will release your core data (names, titles, addresses) to any thrid party that asks without notifying you. If said third party has a reasonable interest (e.g. they claim you owe them money) the authorities will release pretty much all the information about you with the exception of 6, 9 and 11-15.

Other government agencies (besides the registration authorities) may collect, store, and use more data from you. An interesting example are the tax agencies, who can automatically obtain your records at any financial institution - without a warrant (they police themselves) or telling you or the banks.

At the end of the day you have almost as little privacy and freedom from government (and private sector) intrusion in the "holy land" of data protection rights, as you have here in database country. To some extend you might even have more freedom in the U.S., which has not only a very vocal privacy advocacy community, but has also already gone through the disaster of raging ID theft.

tag: identity, privacy, policy