CV List View

Here is a list view of some work I have done. There is also the CV Category View.

Open Source

Most of this is related to security, or infrastructure to enable data access.

• LumoSQL - A relatively tiny but novel twist on embedded database software, adding features of privacy and security. With up to many dozens of copies of SQLite maintaining many hundreds of databases on an average phone, SQLite is the world's most-used software.
• Sweet Lies - The source code of the Signal secure communications app has been validated by many people around the world, and it is the most-trustworthy way for two people with an ordinary phone to communicate. For all its good qualities, Signal depends on the use of non-essential cloud services from Google and Amazon. Sweet Lies addresses these problems, and also makes it possible for anyone to build their own Signal server clone.
• Not Forking - This tool addresses a difficult area in software reproducibility and reliability. It is common to duplicate the source code of one project within another project, where the projects are external to each other, and where the use of libraries or other techniques may lead to even more problems. Not-forking largely automates change management in ways that version control systems such as Git, Fossil or GitHub cannot.
• Reversible Computers - still one of the greatest promises in Cybersecurity, and despite some progress still one of my greatest disappointments. Today in 2021 it is possible to rewind applications and entire systems backwards, and then trace them forwards again to find complicated bugs and security problems. But it is not mainstream.
• Samba - Samba implements the Microsoft SMB protocol for sharing files and printers across networks. Samba now also includes Active Directory, the complicated user authentication system Microsoft developed. I co-founded Samba and was a Samba Team member for twenty years.

Legal

These are various answers to the question How do laws about Privacy and Intellectual Property affect Computer Science? What does this mean for society?

• My Analysis of GDPR Article 28 reveals how the legal language describes precise Computer Science. This Computer Science requires a kind of blockchain. GDPR enforcement is intended to get tougher each you, which means there is a need for a new kind of cloud business.
• This Analysis of EU-US Privacy Shield documents how and why US Cloud companies such as Amazon and Google are being ruled illegal in Europe, and why that is an opportunity.
• There are Human Rights, Maths and Computer Science in 6 EU Laws. This family of laws comprises the GDPR and its five siblings and are all about security and privacy.
• Automating Facts in EU Privacy and Security Legislation is possible, because the 6 relevant EU laws define measurable items such as IP addresses and acceptable versions of network languages. It is possible to detect and enforce safer behaviours if we automate the requirements of legislation.
• I have done a lot of work on Software Patents, which remain a potential problem that software developers need to defend against in their work.
• Data Mobility Post-Brexit

Technology

• Technology developments 2010-2021 make a commercial case for Renewable Energy Consumed to Excess
• Not Before Time assembles existing technologies to create a universal way to time-lock information using everyday software tools.

Medical/BioTech

• An IT-mediated Medical Snapshot System is not entirely new, where medical results are ethically hidden until enough time has passed to limit their potential damage. I have never convinced a hospital or health board to try it, but it has had quite a lot of theoretical validation.
• I went to the Neuroscience Institute in Trondheim to propose a technological and empirical approach to the fundamental problem of Brain Capacity per Cubic Centimetre

Achievements Along The Way

• I developed a concise Code of Conduct for Open Source projects after witnessing repeated serious incidents, and constant background noise of aggressions. I started from the Mozilla Participation Guidelines, which were written using community participation and expert legal review - but they are huge and repetitive.
• Security Standards and Certifications are about the practical application in industry of all the exciting CompSci related to CyberSecurity. With care and imagination, implementations of ISO27001, CyberEssentials Plus and GDPR compliance need not turn staff off and be regarded as "boring paperwork".
• Fossil - Git is ubiquitous but with some difficult-to-fix design flaws that hold back development for most projects. Fossil is very mature but needed to be easier to access, and to have a technical strategy for avoiding Git-type lockin.
• I have some Teaching Exercises in the areas of CyberSecurity/CompSci and Technology.
• VM Creation is my answer to the problem of VM orchestration being fragile, heavyweight and clumsy for small deployments, such as needed by a Cybersecurity team, students or a developer on a laptop
• Speculative: A proportion of XX chromosome carriers have four kinds of colour-detecting cells in their eyes, rather than the usual three. This suggests that Tetrachromacy and Information Density are related, with tetrachromats able to understand and process more information from the same number of square centimeters of 2D information, useful in many contexts. There are not many tetrachromacy researchers, and some of them really do not like to discuss information management theory.

Lectures and Talks

These are my current topics in 2021 that are about the future. My older lectures and topics, no matter how barnstorming, by definition are overtaken by time.

• Fine-grained data control - it is not just innovations like row-level RBAC in SQL that matter. We have existing tech that lets us know where every bit of data under management has come from and gone to, but so far is rarely built in to modern architectures.
• Reversible Computers - How does it work practically in 2021, and what is the future for both infrastructure and debugging? How does this affect reliability and complexity issues?
• Complexity creeps up imperceptibly, and covers much more than gigantic numbers of lines of code. Even the best of decomposed design and service architectures are fragile. Engineering Cybernetics helps identify the problems. I propose then inverting the logic and keeping just those parts which evidence suggests are both essential and correct.
• Privacy law - combining human rights with CompSci and mathematics, privacy law appears to be turning the first twenty years of giant Internet cloud services upside-down, starting in Europe. This improves services for individual users, and reduces barriers to new cloud entrants and culture-specific solutions.
• IP law and 21st Century Knowledge - combatting climate change requires scientific output to be increased, free-flowing and perhaps above all reproducible. There are several strategies that combat the artificial IP wall that prevent reproducibility, which ones are most likely to work?