"Publication - is the Auction Of the Mind of Man" Emily Dickinson
Wednesday, June 30, 2004

One of the recently discovered Internet Explorer bugs allows malicious sites to install key stroke recording code on your system. This certainly has got a lot of press and deservedly so because of the widespread presence of IE as a browser.

Every time this happens I wonder, does open source produce more secure code? Do “more eyeballs” reviewing the code produce better code? Looking over the list of vulnerabilities on the US-Cert Issues Advisory list makes me doubt that this is true.

Based on my experience, too many reviewers often make for poorer reviews. Remember the last time you had to sign off on a document with a long list of reviewers? The early reviewers glance at the document knowing more reviewers will look at it later. The later reviewers assume the early reviewers did most of the work already. The result is a lackadaisical, poor job of reviewing. You cannot tell me that the open source community is immune from the natural tendencies of human nature.

Approval by committee is no different than design by committee. Just because the committee is larger does not automatically make the review better.

6/30/2004 9:14:21 AM (Eastern Standard Time, UTC-05:00) | Comments [0] | All | Software Development#
Monday, June 14, 2004

Driving on the highway around Boston I was wondering about its virtual counterpart, the Information Superhighway. Massachusetts’s accident rate is the highest in the country. People mutter in frustration, “You can’t get there from here” as they navigate streets that look as if cow meanderings determined their path. Yet people and commerce move with an ease and openness that can only imagined on the Information Superhighway.

What makes one so open and the other not? Some might proclaim “Heed the Three Opens of Modern Enterprise Architecture: Open Source, Open Standards, and Open Data.” In my mind I compared the concrete and virtual parallels.

The most obvious analogy is Open Standards. Traffic laws allow for vehicles to travel. Vehicles must be able to signal turns. Vehicles have to stay in lane. They have stop lights and backup lights. In fact any vehicle that follows these standards is allowed on the road. Much to the chagrin of many drivers, following these standards allows bicycles on the road. Standards can even allow for varying defaults. Everywhere but New York City has “right turn on red” as the default. When vehicles arrive at their destination then the work begins.

Vehicles are similar to messages. Open standards define the contents of a message and allow them to get to their proper destination. When the messages arrive at their destination, the actual work begins. Here Web Services standards (SOAP, WSDL, WS-Security, etc.) seem to have reached critical mass. While much more work needs to be done, the industry seems to understand what must be done (routing, federated security, etc.), although in some areas, such as transactions, it is not clear what the right approach is.

Applications create these messages. Viewed in this light, the dispute over Open Source does not seem as important as Open Standards. How the vehicles are built is not as important as their ability to interoperate on the open road. Yes, both the real and virtual counterparts have to be reliable and economic. You have to be able to upgrade and maintain them. But how that is accomplished is not critical to either superhighway. Some drive a BMW, others a Ford Escort. Different cars perform differently, they just have to perform. The success of the Information Superhighway does not depend on the success or failure of Open Source.

What does matter is what happens when the message or vehicle arrives at its destination. This is where commerce, recreation, or whatever occurs. In the real world, human beings can interpret the ambiguity of their interaction. To sign into a building, a security guard can judge whether the picture on your driver’s license (your federated security id) matches the person in front of them. A human can interpret the way you write out your address, or whether you put dashes or dots in your phone number. Data need not be strongly typed in the real world.

The data that moves on the Information Superhighway is different. If two applications have a different way of encoding an address, or a list of drug interactions in a data structure, these applications cannot interoperate even if they can exchange messages. Without Open Data information cannot easily move.

There is much sound and fury over Open Source, much love and singing kumbaya with Open Standards, and confusion over Open Data. Open Source and Open Standards people understand. But what is this “Open Data” concept? Look at one of the great intellectual popularity contests of our generation, Google (6/4/2004) by searching on the terms “open source”, “open standards” and “open data” and see the quality of what comes back, the first two are understood terms, the latter is not.

XML by itself does not help here. A customer record, or an address, or a list of drug interactions can be encoded in any one of several posssible sets of XML elements. Open Data requires XML Schema so that XML can be typed. If organizations can agree on the appropriate schemas they will be able to transform the content of their messages into their applications data structures.

Open Data is the missing link to make the Information Superhighway a reality. How can you integrate business services unless you have Open Data? You can talk about Service Oriented Architecture (SOA) until you are blue in the face, but without Open Data it will all be pointless. SOA is a way to build flexible, evolvable applications, but it is the moving of data that makes the building of services a useful endeavor.

It will take a while before enterprises learn how to achieve Open Data. On the other hand, do not be overly discouraged. Our automotive superhighway was like that once. Imagine what driving across the country in the late 19th or early 20th century was like. There were only 150 miles of paved road in the US in 1903. It was an adventure. Read books such as “Horatio’s Drive: America’s First Road Trip” by Dayton Duncan and Ken Burns, or “Coast to Coast by Automobile” by Curt McConnell and compare those experiences with ours today. We tend to forget how far we came, and how long it took us.

6/14/2004 9:11:38 AM (Eastern Standard Time, UTC-05:00) | Comments [0] | All | Software Development#
Search
Archive
Links
Categories
Admin Login
Sign In
Blogroll
Themes
Pick a theme: