Sunday, 13 February 2011

Hackers , democracy and Middle east politics

The recent events in including wikileaks and events around the Arab world has shown a new side of hackers. Mostly classified as "hacktivism" confined to the corners of the virtual world has entered the main stream.
 The case of Julian Assange is interesting, he is a "convicted" hacker. He has the driving force behind Wikileaks. He showed that the days when large organisation or organisations could prevent anyone from sharing information or airing their views.
 When Egyptian government turned off the internet, the hackers who worked for large organisations to get work around. Allowing people to communicate from within the barrier that government have created. Now that we have moved on from Egypt to Yemen. I happen to know a "hacker" if I may call him so, someone who understood the power of technology and what it could do help democracy in middle east. His name is Walid Al Saqqaf he was given the TED fellowship last year. I do admit he is among the new breed of hackers who have come in from other domains, in this case journalism who understood the power that technology could provide to folks in countries where there are oppressive regimes. Walid runs Yemen Portal, in addition he understood the power of social media/ internet. The power which allows users to read and air their opinion  or organise movements without being prevented by doing so by authorities, this case he created Alkasir. This piece of software like Tor would allow users to circumvent firewalls and proxies ( and other controls that are put in place) to prevent users from accessing  sites which authorities dont want them to access.
   For democracy to flourish in middle east we would need more of Walid's, the ones who understand technology and go a greater extend understand social implication of it.

Sunday, 27 June 2010

Why open source security projects tend to fail..

After having used an open source project for security for a short while, one of the questions which i have asked myself for a while came to forefront. Why does open source project fail ?

I have realised over the past few months a start up has taken up the challenge of supporting an open source package for Identity Management. Some of the real challenges which they seem to be facing include the question of survivaiblity. Something which a startup would find hard to give any assurance to a third party. To thier credit they have tying up with a service provider who are willing to cover this risk.
In spite of all this when it comes to product selection, quit a few of the architects involved seem to think this is high risk. This makes me wonder if there is a better way of handling this risk. In general you try to reduce, transfer or decide to live with the risk. The path of reduction of risk in Open Source projects by allowing some of your team members who work hand's on with the project doesnt seem to be a very acceptable pattern for most entities involved.
The alternative model that has been slightly more successful is the one I came across in US where the government is stepping in to provide some level of support. An example of this is OISF ( Open Information Security Foundation). I am yet to see a similiar intiative in Europe, which is traditionally the home for most of the Open Source projects. I wonder if the trend would catch up, given the economic conditions is this realistic expectations....