OtaSoft

Last year in Boston I gave a presentation titled
“Open Standards and Security”, explaining why
open standards are needed for security;
here is

“Open Standards and Security” as a PDF.
You can also get it in
OpenDocument format
(for the OpenDocument version, make sure you
have the fonts you need).
I

had earlier posted a blog entry about it, and

Newsforge had some very nice things to say about my talk.
I used several stories in my talk, which the reporter called “parables”.
I didn’t use that word, but I wish I had, because that’s exactly
what those stories were.

Many people never got to hear it, so I’ve finally made
an audio version of it and posted it here in several formats:
[OGG (Vorbis)],
[MP3], and
[FLAC].
Download and enjoy!
You should be able to understand the talk just from listening to the
audio, but if you listen to the audio while reading the slides, all the
better!

Of course, having to post multiple audio formats shows how immature the
audio standards area is.
While ISO has a standard (MP3),

MP3 is not an open standard because it’s patent-encumbered.
I recommend using the Ogg Vorbis format instead - it’s the smallest file, and
it has very good quality.
Ogg Vorbis produces smaller files with better
sound than MP3, so the only real reason to use MP3s is because your equipment
can’t handle anything else.
The FLAC format is lossless, and is useful for recoding later
(it’s much smaller than a WAV or AIFF while still being lossless).

The solution to this nonsense is not to have no standards.
The solution is to either (1) get countries to stop permitting software patents
(the best solution), or at least (2) get standards organizations to stop
publishing closed standards like MP3 for software.
I think the tide has already started turning for option 2.
After all,
when MP3 was created, many still thought that patents in IT standards
were okay, and relatively few understood the problems that patents could cause.
Fundamentally, of course, this made no sense; the whole point of a patent is to
create temporary monopolies, while the whole point of an open standard is
to enable competition (the opposite of monopolies).
People have tried to make compromises that don’t really work, such
as having so-called RAND policies.
But I think these are clear failures; all royalty-bearing patents
discriminate (for example, they prevent open source and
no-cost implementations).
The point of patents is to prevent competition, and thus they have
no place in software standards.
Now that software patents have been shown to be
a “Wild West” where anyone can be sued for billions,
the need for unencumbered standards should be quite clear.
The W3C has already changed its policies to make it very hard to publish
patent-encumbered standards, and the IETF has already thrown out several
proposals specifically because they were encumbered by patents.

One of the people at my talk made the claim that, “today, every successful
open standard is implemented by FLOSS.” That should be easy to disprove — all
I need is a counter-example. Except that counter-examples seem to be hard to
find; I can’t find even one, and even if I eventually find one, this
difficulty suggests that there’s something deeper going on.
So as a result of thinking about this mystery, I wrote a new essay, titled

Open Standards, Open Source.
It discusses how open standards aid free-libre /
open source software (FLOSS) projects, how FLOSS aids open standards, and then
examines this mystery. It appears that it is true — today, essentially every
successful open standard really is implemented by FLOSS. I consider why that
is, and what it means if this is predictive. In particular, this observation
suggests that an open standard without a FLOSS implementation is probably too
risky for users to require, and that developers of open standards should
encourage the development of at least one FLOSS implementation.
The point of the “Open Standards and Security” talk was on open standards, not
on FLOSS, but there’s much to be learned from their
inter-relationships.

Original post by David A. Wheeler’s Blog and software by Elliott Back