This year linux.conf.au was in the sunny and very hot city of Perth, Western Australia. The conference itself was held at the University of Western Australia. My first impressions were positive ones. Accommodation this year was a choice of Trinity College or St George’s College, independently run but very close to the University. I chose Trinity so that I could have a (hopefully more comfortable) double bed and a private bathroom. It was a good choice; the room was cool, comfortable and clean.
UWA is an older university and the most prestigious in Western Australia; its eastern seaboard counterparts would be the University of Melbourne, University of Sydney or University of Queensland. The campus buildings harkened back to a more glorious era of higher education where learning was revered rather than distilled into neat packages, sold as stepping stones to a rewarding career. The sandstone campus evoked much character; peacocks were found in one quadrangle and the tropical sunken garden was an oasis in the unrelenting heat. The Undercroft and reflection pool stood almost as a monument to brighter times for higher education; strangely still in the midday swelter. Internally, the facilities themselves were somewhat dated. One lecture theatre, while equipped with good audiovisual, had 70s-era bench desks and swing-out chairs; not comfortable for someone of my girth. Other lecture theatres were more modern, and two had videoconferencing facilities, evidenced by the PTZ cameras nestled in the roof. The Reid Library on campus was lovely and cool, and also followed the coffee-with-a-book trend by having a downstairs coffee shop. Power points were reasonably plentiful; located strategically in the upper and side locations of lecture theatres.
Interestingly, UWA had a number of digital signage screens on campus. They varied in size, and the images and text on display showed little in common. Underneath I suspect they were using disparate systems. I did have an opportunity to talk to one of UWA’s Audio Visual Team, Mark, and he walked me through the digital signage product called Concerto. It’s open source and used in a number of universities, and is a product I’d like to explore further.
It’s traditional for the last year’s conference team to play host to previous organisers in an event called ‘Ghosts’ – this year held at the Raffles Hotel. We weren’t disappointed; cider by the pint and delicious gourmet pizzas got us talking. It was a fantastic opportunity to catch up with people who are considered royalty in our community.
Monday was the first day of the conference proper, and started with the first keynote.
Dr Suelette Dreyfus on the Surveillance state
Suelette’s keynote was particularly intriguing, and delved into the current hot topic of surveillance in a post-Snowden world. Her speech started with an excellent quote;
“In every community, there is a necessary balance between the rights of the citizen and the powers of the state – ours is out of balance”
She highlighted the incredible power of surveillance technology and just how far the balance has shifted, noting the rise in growth of corporate espionage and corporate hacking, leading the the era of the whistleblower. She demonstrated how the conceptualisation of what it is to be a whistleblower is changing and walked through academic definitions of whistleblowing. From being seen as a ‘rat’ or a ‘turncoat’, the perception of a whistleblower has changed from that of a misfit or villain to become more of a hero (or anti-hero), based on the data of the survey her research team are working on. This shows a large public support for whistleblowers and whistleblower protection, including the ability to reach out to the media to have their story told. Part of this swing is due to the public losing faith in the parliamentary political system.She quoted Orwell;
“in a time of universal deceit, telling the truth is a revolutionary act”
and noted the similarity with the open source world and how the models it uses are also revolutionary. Dreyfuss went on to note how whistleblowers and journalists are treated in today’s world, facing pejorative action such as being detained and searched at airports and surveilled. She quoted several players from the military industrial complex in their responses to Bradley Manning and Edward Snowden and contrasted this with their public support.She went on to describe how taxpayers’ funds are being used to fund surveillance activities, such as the infiltration of WoW and online gaming communities – the infiltration of which was seen as an NSA ‘opportunity’.Dreyfuss articulated the concept of security saturation, where there is so much money going into the surveillance system that they can’t spend it all – it’s so big that it’s not possible to reveal it all. She questioned the benefit of additional spending on surveillance, drawing a blank as to what societal benefit it could yield.She described how the surveillance state grows in seemingly benign ways, giving the example of the ‘Insight Platform’ for tracking educational progress of children through a one-stop-shop model. The tender document for the platform was analysed and she drew threads from this to show how a child could be tracked from maternal and child health centres right through to year 12, questioning what sort of data would be stored such as religious data, and how long that data would be retained for and who would have access to the data. When questioned on the data protections for the Insight Platform, many of these implementation details were left to the vendor – even when the government was keen to engage with overseas vendors!She noted some of the technical developments and the increasing sophistication of surveillance and surveillance tools. She then used a ‘Report Card’ on building the total surveillance state to show just how ubiquitous surveillance is, showing how data is cross matched across different government departments and how co-option of big data players is occurring.To wrap up, she articulated a number of actions people could take to do to prevent the surveillance state, such as
- getting political
- writing privacy enhancing software
- writing detection software
- get involved in not for profits and NGOs that give tech support to journalists and average citizens
- if you work for government, use your voice
Pia Waugh and Open Government
My other pick for Monday was Pia Waugh’s Open Government miniconf, given that one of the things I’m hoping to do is have the higher education system open up some more of their data sources. Some of the key questions discussed at the miniconf include how to get more people talking about open data. The concept of the data journalist was also discussed – noting that this role is focussed on analysis, seeking, visualisation, reporting and use of data – ie storytelling through data.
One of the highlights here for me was learning that data.gov.au is using IdeaScale for logging, rating and improving innovation ideas. I grabbed the opportunity and logged an idea to get eTax opened up;
Kate Chapman (@wonderchook) on Open Street Map
Kate Chapman’s keynote on Open Street Map and the HOT project was inspirational. It covered how HOT is responding ti disasters with open street maps, using open mapping data. She started her presentation by outlining that most maps are not released under an open source license – you cannot reuse the data that they use. This makes it particularly difficult for humanitarian teams who may need a detailed map of an area in a hurry. They are using the HOT project to do mapping in advance.
She went on to explain that it was first activated in 2009 for the Gaza troubles, using iterative level of detailing – so that a basic map can be first produced, and then higher levels of resolution iteration after iteration. It was also used in the 2010 Haiti earthquake, particularly as the staff from the aid agency in Haiti died in the initial earthquake.
Tim Serong noted after the talk that it would be good to have plugin for Ingress which mapped out OpenStreetMap data as you hunted down portals – a great idea.
Darcy Laycock @sutto
Darcy’s talk was a great one – on how to make APIs that developers love using. Most of it was common sense, but it was distilled in a very structured and meaningful way. Some of the key tips included using HTTP status codes for errors – as people are familiar with how the HTTP status codes work.
His comment that HTTP is for everything was accurate; HTTP is the protocol of the future and this is going to have major implications for technology such as the internet of things.
He also cautioned to make your API easy to explore – for coders, it’s another system to try and break, so make it easy for people to explore. They’re going to try and subvert it anyway, so encourage people to do so. He also encouraged developers to make the API ReSTful, as this is the generally accepted API standard, and is much nicer to use than XML-RPC or SOAP.
He also stated that change is inevitable, and that how you handle change is a sign of a good API. It’s much easier to introduce features than remove them. In particular, he spoke about versioning data versus versioning semantics – ie what does the endpoint do when you change the API. Data is much easier for people to deal with, however if you change the semantics it’s much more difficult to deal with. He also advised to use content type negotiation as another change handling technique.
He also noted that authorisation and authentication are hard problems to solve – so when building open APIs, don’t reinvent the wheel. People have generally through through the approach previously. OAUTH and OAUTH2 need special attention – you have to avoid developers having to write custom code to use your API. Keep the API simple and easy to understand so others can just ‘drop something in’.
On API design approaches, he gave a brief history such as JSON RPC, XML-RPC and SOAP, but SOAP doesn’t understand HTTP. He advocated the use of resource-based APIs and acknowledged the rise of ReST based APIs over the last few years, which leverage structs and paths. He cautioned to make a good API language agnostic so more people can use it, and noted the rise of graph-based APIs – with Facebook being the biggest and easiest.
He was a strong believer that APIs are for real people and should use user-centred design. At the end of the day,
“All the good APIs have something in common – the people who wrote it actually use it”
He also touched on the dangers of outsourcing APIs, which platforms shutting down, and the dependency that building off another API creates. He cautioned that you need to understand that the API can go away – you need to flag this from a risk analysis perspective.
Reflecting on this talk, the thought struck me that what Sutto was really getting at was an API maturity model, with best practices at the high end of maturity and worse practices at the low end. I’d really like to see him extend his talk toward this goal.
Alice Boxhall (@sundress) on Accessibility for Developers
Alice is a great presenter, and one of the things I liked most about her talk was that she wore a Google tshirt – in braille – to present. Her talk was pretty basic on accessibility but was of a lot of use to developers who don’t necessarily think about the WCAG accessibility guidelines during development.
She showcased the ChromeVox screenreader, a Chrome extension, and spoke about the semantics of your interface.
There is an emerging standard in this space called WAI-ARIA. Although I’m pretty experienced with accessibility, I wasn’t aware of this development. From the site itself;
WAI-ARIA uses a number of roles that can be defined for a widget to give it meaning for someone with disabilities. This allows the screenreader to interpret the function of the widget more clearly – such as button, tree, dropdown etc. You then need to ensure you handle keyboard events such as onKeyPress and tabIndex appropriately.
She then explained how native HTML5 objects are turned into accessibility objects which are then ‘rendered’ by a screen reader using the aria-role attribute.
She gave some excellent tips for testing accessibility such as killing the mouse for starters, trying a screenreader such as ChromeVoc, Orca or Talkback, professional testing and talking to your users. She also cautioned to make your feedback mechanisms accessible – so that they can actually be used!
She cautioned that automated testing only catches low hanging fruit, and would like to see increased visibility of accessibility as a concern for developers. Accessibility testing should be performed regularly to prevent regression. She also cautioned that it won’t catch all possible tools, and that testing doesn’t negate the need to understand accessibility issues. The results then need to be acted upon in a cyclic fashion.
She then gave an example of how accessibility testing could be incorporated into workflow using the Capybara suite of tools; suitable for continuous integration.
There are many more talks that I went to, but unfortunately my netbook was playing up so I didn’t take a lot of notes. Mark Nottingham’s talk on the HTTP 2.0 protocol was another standout, and I also very much enjoyed Jon Oxer’s ArduSat keynote – about reducing the price it takes to to excellent science. Both inspirational. Again, a great conference, a great community and I can’t wait for linux.conf.au 2015 in Auckland, New Zealand.
On a closing note, because it sums up the conference so well, is Jenna Drawing’s take on the conference t-shirt – amazing as always.