Countries voting positive with no comments: Australia, Bulgaria, China, Japan, Poland, South Africa, Spain, Sweden, Ukraine. (9) Countries voting positive with comments: UK (13), USA (125), Germany (11), Switzerland (19). (4) Countries voting negative with comments: France (37). (1) Countries abstaining: Italy, Russia (2)
Total votes cast 14. 2/3's majority is required to pass so it was a large margin of victory (93%). For more information on the latest developments, check on this page:
(full story at http://technoracle.blogspot.com/2007/08/has-wikipedia-been-hijacked_16.html)
There are numerous web based services (You Tube, BrightCove, etc) that convert to, host, deliver Flash Video without requiring the purchase or use of any commercial or proprietary technology.
Now, all that said, the Flash Player as a whole is not open source. There are a number of reasons for this, at least as of today. 2 primary reasons come to mind right now, but these are not immutable:
i. The desire to avoid bifurcation. Right now one can produce a SWF from any one of many tools/servers/services from many vendors and be 100% confident it will run across platform and across browsers. We experienced the impact of multiple slightly (or largely) incompatible implementations of HTML/JS browsers and of JVMs and both had a major impact to slow innovation and usage. One of the things our customers (developers/desginers/publishers) have told is us not to screw up the compatibility and ubiquity that have been the hallmark of Flash since day 1. ii. There are technologies in the Flash Player for which we do not own the IP or the rights to open source it, for example, we have licensed our MP3 codec.
There is one more area where we are arguably not "open". This relates to our licensing strategy on non-PC devices (eg Cell Phones). On these devices, we do license the Flash Player for a royalty to device manufacturers and telco operators. It is still free from an end-user and developer perspective, but there are a lot of costs associated with these integrations.
(...)
My experience is that when people say they want "open", there are usually 3 or 4 things they really want or need:
* No lock in. They don't want adopt a technology that they may get "blackmailed" to pay money for in the future. I think we have addressed this fairly well by making the Flash Player and SDK free.
* Integration. They want the technology stack they work with to work with the rest of their stack and tool chain. This requires appropriate use of standards (eg. we support XML over HTTP, Web Services, ECMAScript, CSS, integration with multiple IDE and Source Code management systems, etc) and well crafted and well documented APIs. I think we have this area covered too, but I'd like to hear about concerns.
* Leverage existing skills. By using standards, one does not get locked into skills that can not be found generally in the market and that will be obsolete in the near term. This is why we standardized on ECMAScript. This is why we have an Eclipse based tool. This is why we enable development with a purely ASCII text format to fit into other systems. This is why we leveraged CSS in the Flex framework, etc. I think we have this covered too, but I'd love to hear your thoughts.
* Ability to fix bugs/issues without depending on a vendor. From a tool chain perspective, one can choose to work in an entirely open source toolchain for the creation of SWFs, so this is covered. From the runtime perspective, this is arguably a barrier. That said, I don't hear a lot of folks who have actual concerns about our "stewardship" of the Flash Player in this regard. I'd love to have your perspecitve.
Questions for the public:
* What does "Open Flash" actually mean to you? Have we done a good job of balancing the interests of implementers and developers without hindering innovation?
* What specific problem(s) does "Open Flash" solve that are not addressed by our current "openness"
For those of you who love a challenge, Adobe has sponsored a whopper. The Semaphore art project in San Jose is where art meets technology. Four large round glyphs rotate their position every 7.2 seconds while a simultaneous low power radio broadcast emits a coded message. Artist Ben Rubin's mind shred's message seems to follow a pattern. Each broadcast segment contains an audible analog tone, an audible analog pattern, followed by a string-integer hash. Several items vary during the broadcast including the tone of the woman's voice as she speaks the integers. The tones also change.
Here is a pattern:
Tone, dot pattern, click(ping), string, integer, ping
Here are some general observations that might help those trying to decode it. I also want to state that while I do work for Adobe, I have in no way had any internal knowledge of this project nor do I have any keys to the answer.
Background:
Semaphore is an ancient flag based signaling system. A person holds two flags and uses one rotational angle to act as a key while using a second flag to indicate a specific value. The comparison to the rotating glyphs cannot be ignored.
1. What is the significance of the glyphs changing position every 7.2 seconds? This could be a key or it could be incidental to the entire exercise. I would suspect that due to its' precise timing, it is a key.
2. Ben Rubin's education should probably be factored in. There are no details of him ever studying cryptographic techniques. Accordingly, I would presume the cypher's key to be less complex than Rinjdael's (AES) et al. I did find his master's thesis entitled "Constraint based cinematic editing" which may be a clue into his mind.
3.What possible significance does the tone of the woman's voice have? It seems to speak in two tones - one about one octave higher than the other. It this significant of some kind of logic gate?
4. What are the string-integer pairs. Here is an example:
India 02
Kilo 08
Echo 06
Delta 01
Charlie 05
Mike 03
Mike 14
Echo 06
Delta 04
Delta 04 (note repeat)
India 02
Kilo 08
Echo 06
Delta 01
Charlie 05
Mike 03
India 02
Delta 15
Delta 04
Mike 14
Alpha 10
Delta 04
Delta 04
Alpha 10
Charlie 16
Delta 15
India 02
Delta 15
Delta 04
Mike 14
Alpha 10
Delta 04
Delta 04
Alpha 10
Charlie 16
Delta 15
Delta 01
Pumpkin 02 ??
Kilo 03
November 04
Charlie 11
Charlie 16
Lima 03
Echo 06
.....
Note the pattern repeats certain characters (Delta 04's seem popular). There are alsio patterns of repetition that seem to repeat above a statistically normal basis. Based on this I would aver that the answer is a value of text. The same values suggest double letter combinations in the resulting text (example = Challenge has two "ll"'s)
While the Semaphore Flag code uses only 9 positions, note that the numeric values scale much higher. Could this be a revision of the code based on some key (7.2) to reflect the glyphs ability to provide a more precise rotational index? I did not encounter any numeric value over 16 while listening.
The Semaphore art uses the NATO phonetic alphabet.
A: Alpha
B: Bravo
C: Charlie
D: Delta
E: Echo
F: Foxtrot
G: Golf
H: Hotel
I: India
J: Juliet
K: Kilo
L: Lima
M: Mike
N: November
O: Oscar
P: Papa
Q: Quebec
R: Romeo
S: Sierra
T: Tango
U: Uniform
V: Victor
W: Whiskey
X: X-ray
Y: Yankee
Z: Zulu
Note that "Pumpkin" is not actually part of the phonetic alphabet. Perhaps I heard it wrong.
Good luck - anyone with Theories, please post them back to this blog. Maybe we can get lucky....
SOA 2.0 Ignorance: http://markclittle.blogspot.com/2006/05/soa-20-ignorance.html
What are they smoking and where can I buy some: http://www.mac-kenzie.net/blog/2006/05/24/soa-20-what-are-they-smoking/
SOA 2.0 - stop the madness: http://www.mwdadvisors.com/blog/2006/05/soa-20-stop-madness.html
OH NO - SOA 2.0: http://jroller.com/page/dancres?entry=oh_no_soa_2_0
http://sw.deri.org/~juan/weblog/?p=242
http://mult.ifario.us/articles/2006/05/24/soa-2-0-mud-in-the-mud-puddle h
http://www.thedatafarm.com/blog/PermaLink.aspx?guid=cfb38e60-5c9c-4670-8c36-ae36f114e075
IT folks out of control: http://voelterblog.blogspot.com/2006/05/it-folks-out-of-control.html
http://data-entry-business.blograzor.com/52352/
I can only summarize the term "SOA 2.0" like this - "The fan just got hit big time"!
I cannot believe this is happening. I met up with Mark Little at Java One and he told me some people are actually starting to talk about "SOA 2.0". The German language has the only words for this - "einfach unglaublich". Roughly translated it means "utterly unbelievable".
Now Mark is a very smart guy - I work with him on many Web Services standards bodies where he provides great value. I have never seen him get really upset about anything before I saw this blog entry. This should be a testament to how absurd the concept of SOA 2.0 is.
As Mark correctly points out, you cannot take some half baked marketing term and milk it for another few miles by sticking a version number at the end of it. This appears to be nothing more than a scam to keep people coming back for more information. People - they are making it up!!! You are being lead down the wrong path. I can see it in my head:
Analyst: "SOA is the answer to anything. Even if you don't know the question. Too bad I can't tell you what it is exactly but if you listen to me, maybe you can do it someday."
Customer: "Actually, I think I figured it out. It is a model for software architecture."
Analyst: (Thinks silently - "Dang - they're on to me. What should I do??")
Analyst: " Very well, I think now you are ready for SOA 2.0".
Please note I am not just picking on analysts - they are just the easiest target in this case
On Mark's blog, he notes that Steve says Web 2.0 it is a mix of EDA and SOA. Bullocks! All SOA is event driven. How can you have a service that does something if there is no notion of an event (trigger) in the architecture? I suppose if you just built it and it sat there doing absolutely nothing but even then it would be event driven since doing nothing is what it should do in the absence of any events. Can anyone provide an example of SOA that is NOT event driven?
A group of people (over 200 members and observers to be precise) got together out of disgust for lack of clarity around SOA and put together a Reference Model to clarify what is meant by the term. Being largely end users, they asked all the right questions. If SOA is architecture, as the name implies, how do we express it as architecture or some architectural artifact? How is it different from other interface based designs? Does it have a right to exist as a term (*read - does it have any substance or is it pure marketing hype)?
These people wrote a Reference Model which defines an architectural paradigm for organizing and using resources under different domains. The Reference Model is not architecture per se, it merely notes the main concepts, at a completely abstract level, for the entities which consistently appear within service oriented domains.
SOA Definitions - There's enough for one per person.
Given the current Wikipedia definition and the OASIS Reference Model for SOA, it appears that SOA is something we all have probably been doing for a long time. Even Starbucks implements the OASIS Model. Service provides for their Services (they provide caffienated beverages to customers) use visibility (signs, advertising) to let others know the services are available. There is an interaction model (money for coffee) that uses a behavior model (pay first, coffee later) to provide the service. There is a service description (like WSDL for customers) and a fabric they attach to to allow service consumers to interact with the service. WS-* is the same. This really makes me wonder when I see quotes stating things like "over 60% of all companies hope to be doing SOA by 2007". Even some smart IBM'ers have been skeptical of peoples claims to be "doing SOA". Given they also have at least established a metric for SOA, they are IMO entitled to talk about it. For someone who starts this sort of a conversation without using a *useful and measure-able" definition of SOA is, cannot be held in high esteem.
The OASIS Reference Model for SOA does not purport to be the one and only true definition of SOA. It is simply a model that is a stick in the mud (or FUD in this case). Even if you do not agree with it, it represents a non-proprietary definition which you can use as a point of reference to state where your definition differs. Someone can easily state "When I say SOA, I differ from the OASIS Reference Model in the following ways..... [insert your POV here]".
Summary
Mark is a smart guy, beware of people selling anything undefined with a 2.0 extension and if your "doing SOA", be careful and don't forget to use Starbucks products.
In general, if you do not want someone other than the intended recipient to view a PDF, you should encrypt it. By default, the encryption level for compatibility with Acrobat 5.0 and later is 128bit RC4. Encryptinng the contents of a PDF with a strong key results in a situation where there is no way gmail or any other application can crack it open by brute force. The PDF is turned into cipher text that is completely incomprehensible to anyone without the key to open it. I am so certain of this that I will provide $500 USD to the first person who can open this document within one year.
A person encrypting a PDF document has several options. First, you can determine the compatibility for earlier versions of Acrobat (5 , 6) or jump straight to Acrobat 7.0 and higher. If you select to encrypt it for Acrobat 7, the default level encryption method is AES, much harder (read = impossible) to crack using brute force.
You can also opt to encrypt all the document contents, or leave the metadata unencrypted. This is useful should you want to be able to have the document searchable in real time based on the metadata. Note the lower section of the screenshot above - by default, the box is checked to allow text access to the document. If you leave this selected, some PDF applications can access the text. If you don't want this, please de-select this option. After setting all of the options and pressing next, you will still be given a generic warning that certain non-Adobe products might not enforce this document's policies. Note that if you do not select "require a password to open the document", the usefulness of encrypting it is moot. Others will still not be able to copy the document by using the text copy tool or Control-C, but other means can be employed.
To summarize so far, Acrobat has DRM capabilities to limit the following interactions with documents
A person must comprehend the frame and scope of the intended use of each of these and their built in restrictions. PDF's are like music - if you can render it once, it is possible to capture it and render it again. Even if we figured out a way to prevent all third party screen scraping software from capturing what you see on a computer screen, someone who both has access to the document for a single view AND intent to distribute it further can simply take adigital photo of their computer screen to circumvent all of these. There is simply no way to stop someone who is intent on doing this using 1-6 above.
Another methodology is available to place a dynamic watermark on the page, perhaps stating the users name and address in bold gray text across the document. This too can be defeated if one took a screen shot of the document and used a great tool like
So how can you protect a PDF? If you really want to make it secure and also track the users interaction with it, you would be wise to use Adobe Policy Server. The policy server uses a model of persistent DRM that follows the document everywhere it goes. If you feel the document is out of control and you want to stop it, you can simply "destroy" the document which will cause it to fail to un-encrypt itself when someone opens it. Is there a way around that? Sure - sneak into the office of the person who made the policy, install a tiny pinhole camera near their desk and capture their authentication.
See what I am getting at, no matter what you do, there is a way around it if someone is really intent. The easier method is "social engineering" rather than brute force.
So here is a challenge. Take this document here (link to APS protected document) and try to render it with gmail (or any other method). I will pay $500 USD to the first person who can show me the un-encrypted content of this document within one year of this.
How I would do it? I would probably try to lure myself into providing a password to a site that offered me some form of membership and hope that I was rather lazy and used the same password for this document. D'oh!! Not gonna work - I typed a random phrase of about 13 characters to encrypt this using AES.
Good luck!
Kleeneness is next to Godelness.