BCI
Recruiting and Systems Management Consulting
  • Home
  • Open Positions
  • Partners
  • Contact Us
  • About Us

Writing / Articles

  1. The Myth of Cloud Computing
  2. Politics and the Art of IT Systems Management
  3. Article / Topic for class (Brandeis Masters Degree - Software Engineering) - ​Digital Millennium Copyright Act (DMCA)​

The Myth of Cloud Computing


Picture
I guess I have to vent on the topic of cloud computing. In most cases, cloud computing is a marketing term. During the tech boom, everything was web-based this, internet based that. It was a very cool and life altering step in the online revolution. But then web-based became old news and newly minted marketing MBA's came up with Software as a Service (SaaS). This confused everyone including me. It was never articulated well to either the technical or business communities. SaaS was a complete flop, marketing wise. So what could we change it to, the collective global marketing team asked itself? I suspect that by stroke of luck, someone from network engineering had left a typical network drawing up on the whiteboard. It looked something like this  --------------------------------------------------------------------->>>>

And Cloud Computing was reborn with a new attitude and a shiny brochure.
Let's take e-mail as an example. During the tech boom of the late 90's and early 2000's it was known as web-based mail - yahoo mail, hotmail, etc. Then in the SaaS days, it was "Hosted-Mail" where e-mail clients could now connect over http to hosted e-mail systems. Now those same SaaS systems are "In the Cloud". The fact remains that it is still e-mail over the internet! Not much has changed except some technology improvements, mostly bandwidth, to access those web-based, I’m sorry, cloud services.

This is not to say that there are not true clouds out there. Akamai is a great example. (http://www.akamai.com/). For those of you who do not know, Akamai helps sites like CNN broadcast content around the world. You may even see the Akamai URL in some links on sites like CNN, MSNBC, etc.. What Akamai does, very basically, is takes a bit of data and replicates it around the world to their many individual Points of Presence (POPS) (i.e. datacenters where Akamai servers are located) around the world. That way if a user in Asia looks for the CNN reporter, Anderson Cooper's latest report online, the video and most likely the entire site would be accessed through the local, Hong Kong data center instead of one in Atlanta, CNN's headquarters. Data is stored in multiple locations so it's redundant and therefore accessible even if one or more POPS are down. Example: If the Hong Kong POP is down, the data is accessed via the next closest, let's say, Australia POP. Very slick and Akamai works hard to get this to function properly. And it costs a fortune to use this service.

Think every cloud based application works like this? How can you tell if your information is truly in the cloud or just stored on some server in one data center?
As Microsoft proved here http://gigaom.com/2009/10/10/when-cloud-fails-t-mobile-microsoft-lose-sidekick-customer-data/

And Amazon proved here http://techmento.com/2011/04/28/amazons-ec2-cloud-crash-loses-data-permanently/ 

And "The Linkup" proved here (never heard of The Linkup, here's why) http://www.datacenterknowledge.com/archives/2008/08/12/cloud-storage-service-loses-data-shuts-down/
​

The truth is that their data was not "In the cloud", it was on servers and storage and they FAIL.



Politics and the Art of IT Systems Management

The one thing you do not want to hear at the end of an enterprise systems management project is, “You did a terrific job. The planning and implementation were flawless. Just one problem, nobody is using your tool”. There is only one answer to this question, Politics. Politics plays an important role in the success or failure of any project, but this is especially true for systems management projects. The planning and implementation of a systems management infrastructure will touch a variety of other systems, policies, procedures and thereby, other groups within your company. How you integrate these groups into your plan can mean the success or failure of your project.
 
Political Pre-requisites
Before embarking on any enterprise size systems management project, there is a pre-requisite that needs to be in place. A systems management infrastructure of any consequence within an enterprise should have strong upper management backing. This is a necessity because it provides a pathway to solutions for any political problem that may arise when dealing with other groups within your organization.
 
Planning
Plan. Plan. Plan. Creating an effective and usable systems management infrastructure requires intense planning because it impacts so many other areas within an enterprise. You will need to involve network (LAN/WAN) administrators for bandwidth requirements and systems engineers for the implementation and support of the infrastructure. If you plan to support software distribution, developers will need to be consulted for scripting and packaging standards. However, the technical aspects are actually the easiest part of the whole systems management project. What is the use of a perfectly implemented systems management solution if no one uses it? Politics will play an enormous role in planning of your infrastructure. Planning meetings should include other business units or sub organizations that will have any control over the new infrastructure. You may have to change the infrastructure design to accommodate political concerns. This resolution may not result in a perfect design, but in the end, the degree of acceptance will far outweigh the technical imperfections. Additionally, and most importantly, you should pay special attention to those administrators who will lose some control of their respective environments due to a more centralized infrastructure. Including these groups in your planning sessions will only bolster the acceptance of the new infrastructure and the procedural changes associated with it. Be careful, however, to only include the principal administrators from each of the business units or sub organizations as to not develop a “too many cooks” complex in your planning sessions. These principal administrators should be just that, “principal”. They should be active participants with their managers backing. This is the point where the political pre-requisites come in. Your upper management project sponsor will most likely be the principal’s manager as well so this should help the process along.
 
Implementation
During the implementation phase of your project, politics will again come into play. Do not implement in a bubble. You should include other business units or sub organizations in the implementation phase of your project. Most likely, other organizations must be involved to some extent because your plan already calls for implementation in their environment and some sort of change management system will have to be adhered to. This is where having the other business units involved in the project from the beginning will pay off. You will already have a relationship with them. You may even want to have the administrators from the other business units implementing the infrastructure on their own. If this is the case, documentation is key and critical to keeping the project together. As with any project, documentation will communicate whether you have your act together or not.
 
Maintenance and Support
How you support and maintain your environment will depend on which systems management model you choose. The three models are centralized, distributed or a mix of the two. In the centralized control model, everything relating to the infrastructure is controlled by a central organization. The local administrators can see informational data at the very least and at most are able to distribute readymade packages. In the distributed control model, the power lies with the individual administrators. The central organization defines policies and procedures for the environment, while the local administrators are masters of their own domain. A popular model is a mixture of the two. A central organization defines policies and procedures as well as software and inventory packages common to all environments while the local administrators are responsible for anything unique to their environment. Politics will play a role in which model you choose. By now you will have had ample opportunity to interact with the other business units involved and should be able to assess their commitment to the project. In the real world, other organizations may be apprehensive about the possibility of losing some or all control over their environment. In this case, it would be best to solidify the support and maintenance model during the planning phase. Remember, a systems management infrastructure will never get to a point where you will be able to “Set It and Forget It” as if it were a fax machine you only support when it breaks. The infrastructure will need constant administrating and maintenance. How much administration and maintenance depends on how you use the infrastructure. Inventory and reporting will require the least amount of administrator time, while software distribution will require the most amount of time. In fact, software distribution often requires a separate team for the packaging of applications and the creation for desktop and server builds. All of this will all depend on the size of your environment.
 
Conclusion
Creating a enterprise systems management infrastructure is a tremendous undertaking. You will be creating and eliminating jobs as well as changing roles and responsibilities. As a result, you are undoubtedly going to ruffle a few feathers. Remember, the purpose of a systems management infrastructure is to save time and therefore TOC. However, it is important to realize that you may save 100,000 hours in systems administrator’s time, but you will have to put up 20,000 hours to get there. How painful or productive those 20,000 hours are depends on your political savvy.

Article / Topic for class (Brandeis Masters Degree - Software Engineering) - ​Digital Millennium Copyright Act (DMCA)

 Table of Contents
History. 3
Digital Millennium Copyright Act (DMCA). 3
Arguments for. 4
Arguments against. 5
ISP Limited Liability. 5
Security Testing and Evaluation. 5
Other Observations. 5
References. 6
 
History
From the onset of academic and general use, digital technologies have been the source of much controversy relating to copyright law. These copyright issues are compounded when the global nature of the problem is taken into account. Digital content may reside on disparate systems located in various countries, each with very different copyright law. Take, for example, a software developer that creates an application and uploads it to the download site cnet.com (http://download.cnet.com). Now let’s assume that CNet uses a service like Akami (http://www.akamai.com/ - Nasdaq: AKAM).  Akami replicates content to its servers all over the world to ensure that all data and websites are local to the respective user. This example begs the question, “Does the server you download the content from dictate the copyright laws one would need to follow?”  Another issue facing digital copyright is decryption and or other software “cracking” tools used to circumvent security measures within the digital media. In response to these and other issues, the United States Congress debated, some would say not enough, the complicated set of copyright issues facing an increasingly digital world. The result, The Digital Millennium Copyright Act (DMCA), was signed into law by the 105th congress in October 1998 and was a source of much controversy even before it was signed.

​Digital Millennium Copyright Act (DMCA)
The Digital Millennium Copyright Act (DMCA) was intended to defend copyright protected content owners from forms of Copyright infringement. Its major provisions concern:
  1. Security Circumvention – Makes illegal the development and/or use of tools to bypass or negate security protections within the digital medium
  2. ISP Limited Liability – Internet Service providers, provided that they follow the rules set out by the DMCA, cannot be held liable for customer copyright violations that occur within its environment
  3. Digital Media Backup and Copy – Individuals or Businesses with proper license to digital content can create a copy of the content for backup purposes only. Likewise, during maintenance to a system such as a computer, a technician can temporarily backup software and content in order to migrate to another device. However, the technician must destroy the content  after migration is complete
  4. Non-Commercial Use - Libraries and Education – provides royalty guideline provisions for academic and non-commercial use
 
Arguments forThe digital age has brought upon a myriad of challenges relating to copyright law. Lawmakers knew that something had to be done to protect the copyright of content owners.  Proponents of the Digital Millennium Copyright Act (DMCA) can point to a number of provisions within the act that protect businesses and individuals from copyright infringement.
  1. Acknowledges copyright protection for digital works globally – The DMCA is partially based on two treaties that the United States signed which provide reciprocal copyright protection.
                Included in the Government’s DMCA Summary:
                “The WIPO Copyright Treaty (WCT) and the WIPO Performances and
                Phonograms Treaty (WPPT) each requires member countries to provide protection to certain      works from other member countries or created by nationals of other member countries. That         protection must be no less favorable than that accorded to domestic works”.  (1)

  1. Makes illegal tools for decrypting or otherwise “circumventing“[1]digital media’s security measures. The global nature of this document is a real benefit here as tool for circumventing security cannot be imported for overseas in order to bypass the Act’s provisions
  2. Provides necessary exceptions for non-harmful: [9]
    1. Exemption for Nonprofit Libraries, Archives, and Educational Institutions - These institutions may use a copyrighted work in order to determine if the institution would want to add a legal copy of the work to its collection
    2. Exemption for Security testing by government agencies- Agencies such as the NSA, FBI and CIA are exempt from not being able to use circumvention tools such as hacking utilities or vulnerably exploits, ONLY if the purpose of the exercise is for vulnerability detection.
    3. Exemption for Encryption research – This exception deals with the enabling of Academic institutions to research, develop and test new encryption technologies
    4. Exemption for Reverse engineering – This exemption relates to the interoperability of computer software and allows an exception for reverse engineering a legally obtained piece of software ONLY for the purpose of creating an application that integrates with
  
Arguments againstAlthough there were many broad strokes accomplished when creating the DMCA, the Law has fallen short in a number of circumstances and has also presented a number of Unintended Consequences [6] as the result of vague language and fear of legal action by government and corporate entities.
The Electronic Frontier Foundation (EFF) has gone so far as to say,
“Since they were enacted in 1998, the "anti-circumvention" provisions of the Digital Millennium Copyright Act ("DMCA") have not been used as Congress envisioned. Congress meant to stop copyright pirates from defeating DRM restrictions (aka content or copy protections) added to copyrighted works and to ban the "black box" devices intended for that purpose. In practice, the DMCA and DRM have done nothing to stop "Internet piracy." Yet the DMCA has become a serious threat that jeopardizes fair use, impedes competition and innovation, chills free expression and scientific research, and interferes with computer intrusion laws. If you circumvent DRM locks for non infringing fair uses or create the tools to do so, you might be on the receiving end of a lawsuit.” [4]
ISP Limited LiabilityThere has also been a multitude of evidence that the DMCA has been used as a tactic against competitors and researchers. When Google announced the purchase of You Tube in late 2006, many noted that this could present a real problem with copyright and most notability DMCA infringement. Sure enough, Viacom sued for 1 billion under 6 months later without consideration of the ISP Limited Liability exception. [13]
Companies have been shown to threaten law suits even when those that they are suing easily fit any number of exceptions laid out in the exception section of the DMCA. Most notability is Princeton professor, Edward Felten’s work in examining vulnerabilities within Digital Rights Management (DRM) protected content.[12] The Recording Industry Association of America was not very happy and pursued an injunction to stop him from presenting his work.
Security Testing and EvaluationAnother complaint about the DMCA is the lack of support for private cyber security personnel. Federal government agencies are explicitly permitted but I did not see any mention of a non-governmental cyber security professional. [15]
Other ObservationsThe DMCA is Not exactly Global. The DMCA is based on the WIPO Copyright Treaty (WCT) and the WIPO Performances and Phonograms Treaty (WPPT), and therefore, only signatories of the treaty are legally bound to comply with the law. Those countries that have not signed these treaties have NO legal obligation to follow the law. China signed the treaty in 2007, but does not have a great track record of observing copyright law, so this means 1/6 of the world’s population may not observe the treaty. And unfortunately, some of the other non-signatories, Iran for example, are not on the friendliest of terms with the United States. [11]
References[1] http://www.copyright.gov/legislation/dmca.pdf
[2] http://en.wikipedia.org/wiki/Digital_Millennium_Copyright_Act
[3] http://www.gseis.ucla.edu/iclp/dmca1.htm
[4] http://www.google.com/dmca.html
[5] http://www.eff.org/issues/dmca
[6] http://www.eff.org/wp/unintended-consequences-ten-years-under-dmca
[7] http://www.law.cornell.edu/uscode/17/117.html
[8] http://www.law.cornell.edu/uscode/17/usc_sec_17_00000118----000-.html
[9] http://www.copyright.gov/title17/92chap12.html#1201
[10] http://www.akamai.com/
[11] http://www.wipo.int/treaties/en/summary.jsp
[12] http://news.cnet.com/2100-1023-271631.html&tag=mncol%3btxt
[13] http://news.cnet.com/YouTube-may-add-to-Googles-copyright-worries/2100-1030_3-6124149.html?
[14] http://news.cnet.com/Google-denies-Viacom-copyright-charges/2100-1026_3-6180387.html?tag=lia;rcol
[15] http://news.cnet.com/Researchers-weigh-publication%2C-prosecution/2100-1023_3-271712.html
 
 
 
 
 
 

stpats_2016.ics
File Size: 39 kb
File Type: ics
Download File

stpats_2017a.ics
File Size: 19 kb
File Type: ics
Download File

Powered by Create your own unique website with customizable templates.