Difference between revisions of "CV List View"

From Dan Shearer CV
 
(34 intermediate revisions by the same user not shown)
Line 1: Line 1:
  +
__TOC__
Here is a list view of some work I have done. There is also the [[CV Category View]].
 
  +
 
This is a list of topics I'm really passionate about. There is also the [[CV Category View]] of the same information.
   
 
== Open Source ==
 
== Open Source ==
Line 5: Line 7:
 
Most of this is related to security, or infrastructure to enable data access.
 
Most of this is related to security, or infrastructure to enable data access.
   
* [[LumoSQL]] - A relatively tiny but novel twist on the world's most-used software.
+
* [[LumoSQL]] - A relatively tiny but novel twist on embedded database software, adding features of privacy and security. With an average mobile phone having many dozens of copies of SQLite maintaining many hundreds of databases, SQLite is the world's most-used software.
  +
* [[Sweet Lies]] - The source code of the Signal secure chat app has been validated by many people around the world, and it is the most trustworthy way for two people with an ordinary phone to communicate. Despite its good qualities, Signal depends on cloud services from Google and Amazon, and stores metadata (not message content) in ways that other people can detect. Sweet Lies addresses these privacy problems, while at the same time adding some cool features and making it it possible for anyone to run their own equivalent to the Signal service.
* [[Sweet Lies]] - The Signal secure communications app is validated, but needs to be reproducible and split from US Cloud.
 
 
* [[Not Before Time]] assembles existing technologies to create a universal way to time-lock information using everyday software tools. The biggest task is [[wikipedia:Cryptanalysis|cryptanalysis for the system]], compared to which the software is straightforward.
  +
* [[Samba]] - Adversarial Interoperability is how open source protected the rights of individuals and everyone else against enormous technology companies before the era of Big Tech, and I co-founded the [https://samba.org Samba project] in the early 1990s and it is still the foremost example. [https://www.sitepoint.com/adversarial-interoperability Adversarial Interoperability] stopped Microsoft and the US Government from being the only store for everyone's files, as [[Samba-history.txt | documented in the official history]]. I noticed early on that Microsoft was abusing its monopoly position via a public protocol called SMB for sharing files and printers, which later grew to include storage of usernames and passwords. Samba was successful beyond my wildest dreams and I was a Samba Team member for twenty years, including after the [https://en.wikipedia.org/wiki/Microsoft_Corp._v._Commission extraordinary 13-0 victory in the EU Court of First Instance]. Samba also completely failed to meet its goal, and I [[Samba| explain here]] together with the [[Samba-history.txt | official Samba history]] how in 2024 Samba is largely irrelevant to data rights protection while also being used by billions worldwide. Samba taught me that technical leadership is insufficient, and that EU institutions and law are pretty much the only hope the world has of combatting Big Tech.
 
* [[Reversible Computers]] - still one of the greatest promises in Cybersecurity, and despite some progress still one of my greatest disappointments. Today in 2024 it is possible to rewind applications and entire systems backwards, and then trace them forwards again to find complicated bugs and security problems. But it is not mainstream.
 
* [[Not Forking]] - This tool addresses a difficult area in software reproducibility and reliability. It is common to duplicate the source code of one project within another project, where the projects are external to each other, and where the use of libraries or other techniques may lead to even more problems. Not-forking largely automates change management in ways that version control systems such as Git, Fossil or GitHub cannot.
 
* [[Not Forking]] - This tool addresses a difficult area in software reproducibility and reliability. It is common to duplicate the source code of one project within another project, where the projects are external to each other, and where the use of libraries or other techniques may lead to even more problems. Not-forking largely automates change management in ways that version control systems such as Git, Fossil or GitHub cannot.
  +
* [[Open Source to Chemical Rockets]] explains how I first found open source concepts.
* [[Reversible Computers]] - still one of the greatest promises in Cybersecurity, and despite some progress still one of my greatest disappointments.
 
* [[Samba]] - Samba implements the Microsoft SMB protocol, including Active Directory. I co-founded Samba and was a Samba Team member for twenty years.
 
   
 
== Legal ==
 
== Legal ==
   
  +
I explore the question '''How do laws about Privacy and Intellectual Property affect Computer Science? What does this mean for society?'''
These are generally about the practical meaning for compsci and society from privacy and IP law.
 
 
* My [[Analysis of GDPR Article 28]] shows how CompSci says that a new blockchain-type cloud business will soon be mandatory.
 
* This [[Analysis of EU-US Privacy Shield]] documents how US Cloud in Europe is being ruled illegal, and where the opportunities are in all this. From one point of view the EU is a kind of race to the top, from another, each country's intelligence services are trying to break the end-to-end security the EU requires.
 
* Human Rights, Maths and [[Computer Science in 6 EU Laws]]. This family of laws comprises the GDPR and its five siblings.
 
* [[Automating Facts in EU Privacy and Security Legislation]]
 
* [[Data Mobility Post-Brexit]]
 
* I have done a lot of work on [[Software Patents]]
 
 
== Technology ==
 
   
  +
* My [[Analysis of GDPR Article 28]] reveals how the legal language describes precise Computer Science. This Computer Science requires something after the style of a blockchain. GDPR enforcement is intended to get tougher each year, which means there is a need for a new kind of cloud business implementing this blockchain.
* Technology developments 2010-2021 make a commercial case for [[Renewable Energy Consumed to Excess]]
 
  +
* This [[Analysis of EU-US Privacy Shield]] documents how and why US cloud companies such as Amazon and Google are being ruled illegal to use for some purposes in Europe, and why that is an opportunity. There is nothing new here - I have been consulting on this since 2017, but now in 2024 we can see that even the giant marketing budgets of US cloud companies cannot obscure the facts. As of March 2023 I counted 50 or so court decisions at various levels in Europe that are forcing this matter.
* [[Not Before Time]] assembles existing technologies to create a universal way to time-lock information using everyday software tools.
 
 
* There are embedded Human Rights, Maths and [[Computer Science in 6 EU Laws]]. This family of laws comprises the GDPR and its now more than five siblings, and are all about security and privacy.
  +
* [[Automating Facts in EU Privacy and Security Legislation]] is possible, because the 6 relevant EU laws define measurable items such as IP addresses and acceptable versions of network languages. It is possible to detect and enforce safer behaviours if we automate the requirements of legislation.
  +
* I have done a lot of work on [[Software Patents]], which remain a problem software developers need to defend against in their work. The risk is less than it was prior to 2019, but is still changing at regular intervals.
  +
* I have been employed to look at [[Data Mobility Post-Brexit]]. The options are becoming clearer, although the legislative and political situation is still very fluid.
   
== Medical/BioTech ==
+
== General Technology, Medical and BioTech ==
   
* An IT-mediated [[Medical Snapshot System]] is not entirely new, where medical results are ethically hidden until enough time has passed to limit their potential damage. I have never convinced a hospital or health board to try it, but it has had quite a lot of theoretical validation.
+
* An IT-mediated [[Medical Snapshot System]] is based on principles of timeshifting as applied to medical testing in order to improve health and reduce costs. This concept has had some degree of theoretical validation.
 
*Technology developments from 2010 make a commercial case for [[Renewable Energy Consumed to Excess]]
* I went to the Neuroscience Institute in Trondheim to propose a technological and empirical approach to the fundamental problem of [[Brain Capacity per Cubic Centimetre]]
+
* I went to the Neuroscience Institute in Trondheim to propose a technological and empirical approach to the fundamental problem of [[Brain Capacity per Cubic Centimetre]].
  +
*I had some energy consulting in practical CNG and H2 in 2021 and 2022. If you know what these are, let's talk.
   
== Achievements Along The Way ==
+
== Along The Way... ==
   
* I developed a concise [[Code of Conduct]] for Open Source projects after witnessing repeated serious incidents, and constant background noise of aggressions. I started from the Mozilla Participation Guidelines, which were written using community participation and expert legal review - but they are huge and repetitive.
+
* I developed a concise [[Code of Conduct]] for Open Source projects after witnessing repeated serious incidents of aggression and intimidation. I started from the Mozilla Participation Guidelines, which were written using community participation and expert legal review. I shrunk them down to the bare essentials suitable for ordinary open source projects a lot smaller than Mozilla.
* [[Security Standards and Certifications]] are about the practical application in industry of all the exciting CompSci related to CyberSecurity. With care and imagination, implementations of ISO27001, CyberEssentials Plus and GDPR compliance need not turn staff off and be regarded as "boring paperwork".
+
* How do [[Security Standards and Certifications]] relate to each other? This is the results of my investigations into the are about the practical application in UK industry of ISO27001, CyberEssentials Plus and GDPR compliance.
* [[Fossil]] - Git is ubiquitous but with some difficult-to-fix design flaws that hold back development for most projects. Fossil is very mature but needed to be easier to access, and to have a technical strategy for avoiding Git-type lockin.
+
* [[Fossil]] - Git is ubiquitous but with some difficult-to-fix design flaws that hold back development for most projects. Fossil is very mature but needed to be easier to access, and to have a technical strategy for avoiding Git-type lockin. I contributed to these improvements so my projects could abandon Git/GitHub for Fossil.
* I have some [[Teaching Exercises]] in the areas of CyberSecurity/CompSci and Technology.
+
* I have created some [[Teaching Exercises]] in the areas of CyberSecurity/CompSci and Technology.
* [[VM Creation]] is my answer to the problem of VM orchestration being fragile, heavyweight and clumsy for small deployments, such as needed by a Cybersecurity team, students or a developer on a laptop
+
* The short [[VM Creation]] script is my best way of explaining how VM orchestration is fragile, heavyweight and clumsy for small deployments. A Cybersecurity team, students or a developer on a laptop all need something lightweight and with fewer things to go wrong.
* Speculative: A proportion of XX chromosome carriers have four kinds of colour-detecting cells in their eyes, rather than the usual three. This suggests that [[Tetrachromacy and Information Density]] are related, with tetrachromats able to understand and process more information from the same number of square centimeters of 2D information, useful in many contexts. There are not many tetrachromacy researchers, and some of them really do not like to discuss information management theory.
 
* Macadamia nuts are expensive to produce because they are so very hard. I perform a variety of tests to see if [[Macadamia Nuts Resist Vacuum]], but sadly they do. They remain delicious.
 
   
 
== Lectures and Talks ==
 
== Lectures and Talks ==
   
These are my current topics in 2021 that are about the future. My older lectures and topics, no matter how barnstorming, by definition are overtaken by time.
+
These are my current topics in 2024 that are about the future. Older lectures and topics by definition are overtaken by time and so are not listed here.
   
 
* Fine-grained data control - it is not just innovations like [[LumoSQL|row-level RBAC in SQL]] that matter. We have existing tech that lets us know where every bit of data under management has come from and gone to, but so far is rarely built in to modern architectures.
 
* Fine-grained data control - it is not just innovations like [[LumoSQL|row-level RBAC in SQL]] that matter. We have existing tech that lets us know where every bit of data under management has come from and gone to, but so far is rarely built in to modern architectures.
* [[Reversible Computers]] - How does it work practically in 2021, and what is the future for both infrastructure and debugging? How does this affect reliability and complexity issues?
+
* [[Reversible Computers]] - How does it work practically in 2023, and what is the future for both infrastructure and debugging? How does this affect reliability and complexity issues?
 
* [[:Category:Complexity|Complexity]] creeps up imperceptibly, and covers much more than gigantic numbers of lines of code. Even the best of decomposed design and service architectures are fragile. [[:wikipedia:Engineering_cybernetics#See_also|Engineering Cybernetics]] helps identify the problems. I propose then inverting the logic and keeping just those parts which evidence suggests are both essential and correct.
 
* [[:Category:Complexity|Complexity]] creeps up imperceptibly, and covers much more than gigantic numbers of lines of code. Even the best of decomposed design and service architectures are fragile. [[:wikipedia:Engineering_cybernetics#See_also|Engineering Cybernetics]] helps identify the problems. I propose then inverting the logic and keeping just those parts which evidence suggests are both essential and correct.
 
* Privacy law - combining human rights with CompSci and mathematics, privacy law appears to be turning the first twenty years of giant Internet cloud services upside-down, starting in Europe. This improves services for individual users, and reduces barriers to new cloud entrants and culture-specific solutions.
 
* Privacy law - combining human rights with CompSci and mathematics, privacy law appears to be turning the first twenty years of giant Internet cloud services upside-down, starting in Europe. This improves services for individual users, and reduces barriers to new cloud entrants and culture-specific solutions.
* IP law and 21st Century Knowledge - combatting climate change requires scientific output to be increased, free-flowing and perhaps above all reproducible. There are several strategies that combat the artificial IP wall that prevent reproducibility, which ones are most likely to work?
+
* IP law and 21st Century Knowledge - combatting climate change requires scientific output to be increased, free-flowing and perhaps above all reproducible. There are several strategies that combat the artificial IP wall that prevent reproducibility (which is not the same as reusability) - which ones are most likely to work?
  +
* Physical hardware and IP rights - this is a special case of the previous point. There are IP experts who focus on the theory of this topic, while I am more interested in the practical day-to-day applications of keeping IP available to all with its integrity intact, where the potential is for it to be overwhelmed with poor quality or dangerous knockoffs in a way that does not apply to software-only IP.
   
   

Latest revision as of 13:17, 5 August 2024

This is a list of topics I'm really passionate about. There is also the CV Category View of the same information.

Open Source

Most of this is related to security, or infrastructure to enable data access.

  • LumoSQL - A relatively tiny but novel twist on embedded database software, adding features of privacy and security. With an average mobile phone having many dozens of copies of SQLite maintaining many hundreds of databases, SQLite is the world's most-used software.
  • Sweet Lies - The source code of the Signal secure chat app has been validated by many people around the world, and it is the most trustworthy way for two people with an ordinary phone to communicate. Despite its good qualities, Signal depends on cloud services from Google and Amazon, and stores metadata (not message content) in ways that other people can detect. Sweet Lies addresses these privacy problems, while at the same time adding some cool features and making it it possible for anyone to run their own equivalent to the Signal service.
  • Not Before Time assembles existing technologies to create a universal way to time-lock information using everyday software tools. The biggest task is cryptanalysis for the system, compared to which the software is straightforward.
  • Samba - Adversarial Interoperability is how open source protected the rights of individuals and everyone else against enormous technology companies before the era of Big Tech, and I co-founded the Samba project in the early 1990s and it is still the foremost example. Adversarial Interoperability stopped Microsoft and the US Government from being the only store for everyone's files, as documented in the official history. I noticed early on that Microsoft was abusing its monopoly position via a public protocol called SMB for sharing files and printers, which later grew to include storage of usernames and passwords. Samba was successful beyond my wildest dreams and I was a Samba Team member for twenty years, including after the extraordinary 13-0 victory in the EU Court of First Instance. Samba also completely failed to meet its goal, and I explain here together with the official Samba history how in 2024 Samba is largely irrelevant to data rights protection while also being used by billions worldwide. Samba taught me that technical leadership is insufficient, and that EU institutions and law are pretty much the only hope the world has of combatting Big Tech.
  • Reversible Computers - still one of the greatest promises in Cybersecurity, and despite some progress still one of my greatest disappointments. Today in 2024 it is possible to rewind applications and entire systems backwards, and then trace them forwards again to find complicated bugs and security problems. But it is not mainstream.
  • Not Forking - This tool addresses a difficult area in software reproducibility and reliability. It is common to duplicate the source code of one project within another project, where the projects are external to each other, and where the use of libraries or other techniques may lead to even more problems. Not-forking largely automates change management in ways that version control systems such as Git, Fossil or GitHub cannot.
  • Open Source to Chemical Rockets explains how I first found open source concepts.

Legal

I explore the question How do laws about Privacy and Intellectual Property affect Computer Science? What does this mean for society?

  • My Analysis of GDPR Article 28 reveals how the legal language describes precise Computer Science. This Computer Science requires something after the style of a blockchain. GDPR enforcement is intended to get tougher each year, which means there is a need for a new kind of cloud business implementing this blockchain.
  • This Analysis of EU-US Privacy Shield documents how and why US cloud companies such as Amazon and Google are being ruled illegal to use for some purposes in Europe, and why that is an opportunity. There is nothing new here - I have been consulting on this since 2017, but now in 2024 we can see that even the giant marketing budgets of US cloud companies cannot obscure the facts. As of March 2023 I counted 50 or so court decisions at various levels in Europe that are forcing this matter.
  • There are embedded Human Rights, Maths and Computer Science in 6 EU Laws. This family of laws comprises the GDPR and its now more than five siblings, and are all about security and privacy.
  • Automating Facts in EU Privacy and Security Legislation is possible, because the 6 relevant EU laws define measurable items such as IP addresses and acceptable versions of network languages. It is possible to detect and enforce safer behaviours if we automate the requirements of legislation.
  • I have done a lot of work on Software Patents, which remain a problem software developers need to defend against in their work. The risk is less than it was prior to 2019, but is still changing at regular intervals.
  • I have been employed to look at Data Mobility Post-Brexit. The options are becoming clearer, although the legislative and political situation is still very fluid.

General Technology, Medical and BioTech

  • An IT-mediated Medical Snapshot System is based on principles of timeshifting as applied to medical testing in order to improve health and reduce costs. This concept has had some degree of theoretical validation.
  • Technology developments from 2010 make a commercial case for Renewable Energy Consumed to Excess
  • I went to the Neuroscience Institute in Trondheim to propose a technological and empirical approach to the fundamental problem of Brain Capacity per Cubic Centimetre.
  • I had some energy consulting in practical CNG and H2 in 2021 and 2022. If you know what these are, let's talk.

Along The Way...

  • I developed a concise Code of Conduct for Open Source projects after witnessing repeated serious incidents of aggression and intimidation. I started from the Mozilla Participation Guidelines, which were written using community participation and expert legal review. I shrunk them down to the bare essentials suitable for ordinary open source projects a lot smaller than Mozilla.
  • How do Security Standards and Certifications relate to each other? This is the results of my investigations into the are about the practical application in UK industry of ISO27001, CyberEssentials Plus and GDPR compliance.
  • Fossil - Git is ubiquitous but with some difficult-to-fix design flaws that hold back development for most projects. Fossil is very mature but needed to be easier to access, and to have a technical strategy for avoiding Git-type lockin. I contributed to these improvements so my projects could abandon Git/GitHub for Fossil.
  • I have created some Teaching Exercises in the areas of CyberSecurity/CompSci and Technology.
  • The short VM Creation script is my best way of explaining how VM orchestration is fragile, heavyweight and clumsy for small deployments. A Cybersecurity team, students or a developer on a laptop all need something lightweight and with fewer things to go wrong.

Lectures and Talks

These are my current topics in 2024 that are about the future. Older lectures and topics by definition are overtaken by time and so are not listed here.

  • Fine-grained data control - it is not just innovations like row-level RBAC in SQL that matter. We have existing tech that lets us know where every bit of data under management has come from and gone to, but so far is rarely built in to modern architectures.
  • Reversible Computers - How does it work practically in 2023, and what is the future for both infrastructure and debugging? How does this affect reliability and complexity issues?
  • Complexity creeps up imperceptibly, and covers much more than gigantic numbers of lines of code. Even the best of decomposed design and service architectures are fragile. Engineering Cybernetics helps identify the problems. I propose then inverting the logic and keeping just those parts which evidence suggests are both essential and correct.
  • Privacy law - combining human rights with CompSci and mathematics, privacy law appears to be turning the first twenty years of giant Internet cloud services upside-down, starting in Europe. This improves services for individual users, and reduces barriers to new cloud entrants and culture-specific solutions.
  • IP law and 21st Century Knowledge - combatting climate change requires scientific output to be increased, free-flowing and perhaps above all reproducible. There are several strategies that combat the artificial IP wall that prevent reproducibility (which is not the same as reusability) - which ones are most likely to work?
  • Physical hardware and IP rights - this is a special case of the previous point. There are IP experts who focus on the theory of this topic, while I am more interested in the practical day-to-day applications of keeping IP available to all with its integrity intact, where the potential is for it to be overwhelmed with poor quality or dangerous knockoffs in a way that does not apply to software-only IP.