If Wikileaks doesn’t make you uncomfortable, you probably don’t understand what’s at stake.
The recent fights of the music industry remind me a lot about the early days of the personal computer industry. While I was still a kid then, it seems the software industry went through a similar experience in terms of trying to figure out how to deal with piracy. In this entry, I examine what I consider to be the four stages of dealing with piracy of digital assets. I believe that any industry that is seeing a move of their intellectual assets to a digital medium will go through four basic stages: ignorance, panic, protection and litigation, quiet acceptance. This was the case with software in the 80s and 90s, is currently the case with music, and will soon be the case with movies. I suspect that other industries like the professional photography market are facing similar issues currently or have in the past. Stage 1: Ignorance During this stage, an industry ignores the problem, either because it is seen as the domain of fringe elements or doesn’t seem like it could possibly have a huge impact. Consider this the ostrich strategy. Executives downplay the importance of a new culture (software crackers in the 80s, file-sharing in the mid-90s)…Read More
The leading contender for the communications protocol that facilitates the world’s business transactions is designed to transmit data over HTTP, in the clear. Although some of the creators of Simple Object Access Protocol (SOAP) have expressed concern, the consortium responsible for redrafting SOAP into the new Extensible Markup Language (XML) Protocol is nearing agreement that security is, simply put, not their problem. In the meantime — and possibly as a result– Microsoft and Verisign have just announced a new security procedure for person-to-person SOAP transactions, but a workable mechanism for securing Internet transactions between software and software may be years away. Some of SOAP’s architects contend that building security into their protocol would only sacrifice its simplicity, and that the HTTP sessions that SOAP transactions rely on can already be secured at the session level, with protocols such as SSL. Moreover, securing sessions from outside interception, security experts believe, cannot protect transactions from two other perceived threats: interception from the inside and bad programming. With a protocol extension to SOAP for message attachments in the works, a third possible threat emerges — one that too many have become familiar with: malicious scripts. Chris Dix, a SOAP programmer with FMStrategies, sides…Read More