CV List View
From Dan Shearer CV
Here is a list view of some work I have done. There is also the CV Category View.
Open Source
Most of this is related to security, or infrastructure to enable data access.
- LumoSQL - A relatively tiny but novel twist on embedded database software, adding features of privacy and security. With up to many dozens of copies of SQLite maintaining many hundreds of databases on an average phone, SQLite is the world's most-used software.
- Sweet Lies - The source code of the Signal secure communications app has been validated by many people around the world, and it is the most-trustworthy way for two people with an ordinary phone to communicate. For all its good qualities, Signal depends on the use of non-essential cloud services from Google and Amazon. Sweet Lies addresses these problems, and also makes it possible for anyone to build their own Signal server clone.
- Not Forking - This tool addresses a difficult area in software reproducibility and reliability. It is common to duplicate the source code of one project within another project, where the projects are external to each other, and where the use of libraries or other techniques may lead to even more problems. Not-forking largely automates change management in ways that version control systems such as Git, Fossil or GitHub cannot.
- Reversible Computers - still one of the greatest promises in Cybersecurity, and despite some progress still one of my greatest disappointments. Today in 2021 it is possible to rewind applications and entire systems backwards, and then trace them forwards again to find complicated bugs and security problems. But it is not mainstream.
- Samba - Samba implements the Microsoft SMB protocol for sharing files and printers across networks. Samba now also includes Active Directory, the complicated user authentication system Microsoft developed. I co-founded Samba and was a Samba Team member for twenty years.
Legal
These are various answers to the question How do laws about Privacy and Intellectual Property affect Computer Science? What does this mean for society?
- My Analysis of GDPR Article 28 reveals how the legal language describes precise Computer Science. This Computer Science requires a kind of blockchain. GDPR enforcement is intended to get tougher each you, which means there is a need for a new kind of cloud business.
- This Analysis of EU-US Privacy Shield documents how and why US Cloud companies such as Amazon and Google are being ruled illegal in Europe, and why that is an opportunity.
- There are Human Rights, Maths and Computer Science in 6 EU Laws. This family of laws comprises the GDPR and its five siblings and are all about security and privacy.
- Automating Facts in EU Privacy and Security Legislation is possible, because the 6 relevant EU laws define measurable items such as IP addresses and acceptable versions of network languages. It is possible to detect and enforce safer behaviours if we automate the requirements of legislation.
- I have done a lot of work on Software Patents, which remain a potential problem that software developers need to defend against in their work.
- Data Mobility Post-Brexit
General Technology, Medical and BioTech
- Not Before Time assembles existing technologies to create a universal way to time-lock information using everyday software tools.
- An IT-mediated Medical Snapshot System is based on principles of timeshifting as applied to medical testing in order to improve health and reduce costs. This concept has had some degree of theoretical validation.
- Technology developments 2010-2021 make a commercial case for Renewable Energy Consumed to Excess
- I went to the Neuroscience Institute in Trondheim to propose a technological and empirical approach to the fundamental problem of Brain Capacity per Cubic Centimetre.
Achievements Along The Way
- I developed a concise Code of Conduct for Open Source projects after witnessing repeated serious incidents of aggression and intimidation. I started from the Mozilla Participation Guidelines, which were written using community participation and expert legal review. I shrunk them down to the bare essentials suitable for ordinary open source projects a lot smaller than Mozilla.
- How do Security Standards and Certifications relate to each other? This is the results of my investigations into the are about the practical application in UK industry of ISO27001, CyberEssentials Plus and GDPR compliance.
- Fossil - Git is ubiquitous but with some difficult-to-fix design flaws that hold back development for most projects. Fossil is very mature but needed to be easier to access, and to have a technical strategy for avoiding Git-type lockin. I contributed to these improvements so my projects could abandon Git/GitHub for Fossil.
- I have created some Teaching Exercises in the areas of CyberSecurity/CompSci and Technology.
- The short VM Creation script is my best way of explaining how VM orchestration is fragile, heavyweight and clumsy for small deployments. A Cybersecurity team, students or a developer on a laptop all need something lightweight and with fewer things to go wrong.
Lectures and Talks
These are my current topics in 2021 that are about the future. My older lectures and topics, no matter how barnstorming, by definition are overtaken by time.
- Fine-grained data control - it is not just innovations like row-level RBAC in SQL that matter. We have existing tech that lets us know where every bit of data under management has come from and gone to, but so far is rarely built in to modern architectures.
- Reversible Computers - How does it work practically in 2021, and what is the future for both infrastructure and debugging? How does this affect reliability and complexity issues?
- Complexity creeps up imperceptibly, and covers much more than gigantic numbers of lines of code. Even the best of decomposed design and service architectures are fragile. Engineering Cybernetics helps identify the problems. I propose then inverting the logic and keeping just those parts which evidence suggests are both essential and correct.
- Privacy law - combining human rights with CompSci and mathematics, privacy law appears to be turning the first twenty years of giant Internet cloud services upside-down, starting in Europe. This improves services for individual users, and reduces barriers to new cloud entrants and culture-specific solutions.
- IP law and 21st Century Knowledge - combatting climate change requires scientific output to be increased, free-flowing and perhaps above all reproducible. There are several strategies that combat the artificial IP wall that prevent reproducibility, which ones are most likely to work?