Archive for December, 2015

Research Ideas, Inputs, Impacts and Outcomes, Outputs

Saturday, December 26th, 2015

I’ve previously cheered Daniel Mietchen’s efforts to promote open access research proposals. Mietchen, with fellow researcher/OA activist Ross Mounce and ecologist/academic publisher Lyubomir Penev have recently launched Research Ideas and Outcomes (I sometimes misremember the name; title of this post may help others afflicted find RIO), a new open access mega journal that provides a venue for publishing the entire research cycle for almost any field of research.

The Wikidata for Research proposal that Mietchen also spearheaded and I again cheered is one of the first artifacts published in RIO.

I encourage everyone to read RIO’s opening editorial, Publishing the research process. I want to especially highlight the “highlighting social impact” section by making a copy:

Given that much of research is publicly funded and that public funding is limited, there is a growing interest in assessing the impact that research has on society beyond academia and in having this criterion influence decisions on whether and how public funds are to be spent on specific lines or fields of research (Roy 1985, Bornmann 2012, Reich and Myhrvold 2013).

Despite past criticisms of similar initiatives (e.g. Wright 2002), some researchers have called for support from the scientific community for the United Nations’ Sustainable Development Goals, seeing their role in “help[ing] to integrate monitoring and evaluation mechanisms into policy-making at all levels and ensure that information about our planet is easily available to all.” (Lu et al. 2015)

RIO addresses societal impact in several ways: (i) it is free to read, so that anyone interested can actually access it, (ii) it is openly licensed (CC BY 4.0 by default, with an option for CC0/Public Domain), so as to encourage the dissemination and reuse of its materials in other contexts, (iii) it is available in XML, which facilitates reuse by automated tools and integration with other platforms, (iv) it encourages authors to map their research to societal challenges it helps to address (and allows users to search and browse the journal by societal challenges they are interested in).

While the first three of these publishing practices are on the way to becoming standard in a growing range of disciplines, we are not aware of other journals to engage in the fourth one, but we encourage them to do so.

As another way to achieve societal impact, it has been suggested that researchers engage more in writing overview papers that summarize the state of knowledge in their field in a way that is accessible (in multiple senses of the word) to a broader audience, and that research evaluators should take such activities into account (Bornmann and Marx 2013). With that in mind, RIO offers the possibility to publish such overview papers as Policy Briefs.

When thinking of impact outside academia, another useful strategy is to bring research to places where non-academics might look for information. RIO will thus facilitate the creation of Wikipedia articles (Butler 2008, Logan et al. 2010), both on topics that have just been created through advances of scholarship (i.e. new methods or objects of study; e.g. RNA families, as in Daub et al. 2008) or on topics that have been studied for a while but not yet found decent coverage on the English Wikipedia (as pioneered for computational biology; Wodak et al. 2012).

Finally, RIO’s policies have been written with societal benefits in mind: they default to open sharing of all data and code underlying the research reported here and require public justification for exceptions to the open default. The primary effect of such an open default is an increase in the reproducibility and replicability and thus the reliability of research: the more of research workflows is being shared and the earlier the sharing occurs, the harder it will be for mistakes, systematic errors or fraud to go unnoticed. A welcome side effect of this is an increased educational value of the research and its documentation, and over time, we expect learners and educators, practitioners, journalists, artists, makers and others to engage with the research reported in RIO and with the associated data, code and materials.

RIO has a blog post on emphasizing research contribution to, e.g., the UN Sustainable Development Goals. I wholly endorse this emphasis, but the above excerpt is far richer, as it additionally tackles the social impact of academic publishing, which affects the social impact of all research. Not only does the secton cover the (should be) obvious open (free access, free permission, to/for forms suitable for modification) dimensions, but the huge opportunity to make research more accessible through summarization and cooperation with Wikipedians.

The only way the section could be improved would be for it to also mention macro impacts of commoning the knowledge economy, e.g., on equality and security. But I can’t blame the authors as I don’t know of great citations on these topics. I love Copyright and Inequality but it isn’t about research publications. I’ve got nothing on academic publishing and security, though recently widely discussed The Moral Character of Cryptographic Work is related. Please help correct my ignorance by pointing me at more on-point citations for these topics or by creating ones…why not start by publishing a proposal for such research in RIO?

Well, there is one other way the section could be improved: a mention of commoning academic publishing infrastructure. But, the software that runs RIO is not open source. I’d love to see a proposal published in RIO for funding whatever work would be needed to make the RIO platform open source.

If you’re interested in getting involved in RIO, you can apply to be a subject editor or editorial apprentice (see links on the RIO home page). If you’re working on any of the research or proposals mentioned in the two previous paragraphs and there’s any way I might be able to help, feel free to get in touch. I’m not an academic but am very keen to see progress in these areas!

Software Freedom Conservancy 2015

Thursday, December 24th, 2015

Software Freedom Conservancy is running its 2nd annual (last year) individual supporter campaign. We need 750 supporters (at US$120 each) to keep the lights on (continue serving as a non-profit charitable home for free/open source software projects…assuming we manage to stay alive, some exciting new member projects will be joining in 2016) and 2500 to take on new GPL enforcement work. See the Conservancy news item and blog post announcing the campaign last month.

Conservancy supporter Sumana Harihareswara made a great video explaining why you should also support Conservancy. [Added 20151228: blog post with transcript]

The news item above includes a list of 2015 accomplishments. My second favorite is Outreachy (“helps people from groups underrepresented in free and open source software get involved”) joining as the first member project that isn’t strictly a software development project. My favorite is a link away from the main list. The list notes that Conservancy joined a one-page comment urging the FCC to not restrict wireless devices to manufacturer-provided software. That’s good, but the blog post about the comment notes that Conservancy leaders Karen Sandler and Bradley Kuhn also signed a much more interesting and extensive comment proposing an alternate regulatory regime of requiring fully auditable software and ongoing security updates, almost mandating supported free software (but not quite, for the comment doesn’t call for mandating free copyright licensing) for approved devices. This is by far the most important document on software freedom produced this year and I urge everyone to read it. I’ve copied most of the alternative proposal below (it starts on page 12, and is followed by many pages of endorsers):

In place of these regulations, we suggest that the Commission adopt rules to foster innovation and improve security and usage of the Wi-Fi spectrum for everybody.

Specifically, we advocate that rather than denying users the ability to make any changes to the router whatsoever, router vendors be required to open access to their code (especially code that controls RF parameters) to describe and document the safe operating bounds for the software defined radios within the Wi-Fi router.

In this alternative approach, the FCC could mandate that:

  1. Any vendor of SDR, wireless, or Wi-Fi radio must make public the full and maintained source code for the device driver and radio firmware in order to maintain FCC compliance. The source code should be in a buildable, change controlled source code repository on the Internet, available for review and improvement by all.
  2. The vendor must assure that secure update of firmware be working at shipment, and that update streams be under ultimate control of the owner of the equipment. Problems with compliance can then be fixed going forward by the person legally responsible for the router being in compliance.
  3. The vendor must supply a continuous stream of source and binary updates that must respond to regulatory transgressions and Common Vulnerability and Exposure reports (CVEs) within 45 days of disclosure, for the warranted lifetime of the product, the business lifetime of the vendor, or until five years after the last customer shipment, whichever is longer.
  4. Failure to comply with these regulations should result in FCC decertification of the existing product and, in severe cases, bar new products from that vendor from being considered for certification.
  5. Additionally, we ask the FCC to review and rescind any rules for anything that conflict with open source best practices, produce unmaintainable hardware, or cause vendors to believe they must only shipundocumented “binary blobs” of compiled code or use lockdown mechanisms that forbid user patching. This is an ongoing problem for the Internet community committed to best practice change control and error correction on safety-critical systems.

This path has the following advantages:

  • Inspectability – Skilled developers can verify the correctness of software drivers that are now hidden in binary “blobs”.
  • Opportunity for innovation – Many experiments can be performed to make the network “work better” without affecting compliance.
  • Improved spectrum utilization – A number of techniques to improve the use of Wi-Fi bands remain theoretical possibilities. Field trials with these proposed algorithms could prove (or disprove) their utility, and advance the science of networking.
  • Fulfillment of legal (GPL) obligations -Allowing router vendors to publish their RF-controlling source code in compliance with the license under which they obtained it will free them from the legal risk of being forced to cease shipping code for which they no longer have a license.

Requiring all manufacturers of Wi-Fi devices to make their source code publicly available and regularly maintained, levels the playing field as no one can behave badly. The recent Volkswagen scandal with uninspected computer code that cheated emissions testing demonstrates that this is a real concern.

Why is this so important?

  • It isn’t purely a rear-guard action aiming to stop a bad regulation.
  • It proposes a commons-favoring regulatory regime.
  • It does so in an extremely powerful public regulatory context.
  • It makes a coherent argument for the advantages of its approach; it tries to win a policy argument.
  • The advantages are compelling.

Yes, the last three points are in contrast with relying on an extremely weak and resource poor private regulatory hack which substitutes developer caprice for a public policy argument. But not entirely: the last advantage mentions this hack. I doubt we’ll reach the 2500 supporters required to pursue new hack (GPL) enforcement, but please prove me wrong. Whether you love, hate, or exploit the GPL, enforcement works for you.

Please join Sumana Harihareswara, me, and a who’s who of free/open source software in supporting Conservancy’s work. The next $50,000 in donations are being matched by Private Internet Access.