Talk:Project ideas

From CSEP590TU
Jump to: navigation, search

Cybersecurity as a market failure & Does open source incourage innovation

On behalf of cmbenner:

Some things I’d like to hear other opinions on: whether these are fledgling project ideas—or could inspire such—or just non-lecture specific musings, I’m not sure...


1. Provision of cybersecurity as a sort of market failure: how to create consumer demand? To properly give credit, Steve Maurer inspired me to think about this in an email exchange: if consumers can’t judge security for themselves, companies don’t have an incentive to provide it.

So many difficulties here: isn’t it difficult to judge how secure a piece of software is, even for computer scientists? And security depends not only on the software, but on its users as well -- how can you possibly measure that?

How to fix it? Independent labs like the Underwriters Labs if they can come up with ways to measure security may be a good idea, if you can get consumers to value their judgment, and act upon it with their dollars. Certify programmers, make their employment contingent on secure code? Make software companies culpable? A couple of billion-dollar lawsuits for security breaches might do the trick -- of course this could easily slow innovation to a crawl, if not stifle it entirely, if software companies were too scared to be sued for everything.

Another related issue: If Linux had absolutely the same number of vulnerabilities as Windows, which would be more secure? Probably Linux, for the reason that the bad guys get more for spending their time attacking Windows. "Security by obscurity" is not a valid security measure in and of itself, but it doesn't hurt. This seems to be an interesting angle since most of technology works the other way -- the more ubiquitous the technology, the “better” it is (it's much easier to share Word docs than WordPerfect ones).

2. Encouraging innovation: what does the open source model offer? Jumping off from the lectures on how to encourage innovation: It seems it’s often assumed that open source methods of collaborating, whether in software development or other areas, foster innovation. But, as the Economist argued a few months back [1], it’s unclear that open source methods can actually encourage genuine innovation: the article noted that the open source movement in software development hasn’t created anything new but rather equivalents of proprietary software (databases, operating systems…)

I suppose the answer to this question depends on how you define “innovation.”

And related: how might wikis contribute to the innovation process?


[ENJ] I think an evaluation of the pro's con's of open source techniques (legal) would be fascinating. Perhaps using the SCO case in point domestically (Linux IP) and maybe even some discussion of the role (or lack thereof ) of the existing Patent/copyright/IP techniques ion standards formation...or retardation therof....

[TedZ] How about something along the lines of "what are the fundamental IT vulnerabilities of the US?" In other words, if you wanted to really screw up the US, what would be the primary points of failure?

Federal Export Regulation and the IT Industry

[Tolba] It would be interesting to investigate the effect of regulating IT items -which are deemed security sensitive like high performance computing and certain regulations on Encryption- on innovations in their respective fields.

Questions that could be addressed are:


1. Is such regulation meaningful? Take Encryption for instance, for certain implementations, is the secret in the mechanics of producing the code or in deciphering the code? If the later is true then does regulating those specific implementations make sense in the first place?

2. Will the decreased possibility for international marketing discourage industry investment?

3. Is national pride resulting from advancing a commodity only produced and owned by the US and a few countries be a driving factor in researching the regulated items?

Ted Zuvich This one sounds interesting. I remember the story from years ago about the guy who got an encryption algorithm tatooed on his back. One of the governmental agencies ( I believe the Bureau of Tobacco and Firearms )? then banned him from travelling outside the US -- he couldn't export himself. Very humorous. I think that the point of regulating these methods is that if they got exported, then groups outside the US would be able to communicate in a way that not even the US could crack. It is my understanding that certain types of these codes are currently effectively unbreakable. You certainly don't want Al Qaeda getting ahold of that.

[Tolba] This makes a lot of sense, but what is the impact on innovation in this area. Regulation (discouraged industry interested) + Inadequate Government funding might equate to less advancement in such fields.


[ENJ] While gov'ts (ours here in the US] will justify IT/encryption export controls as a means of protecting security. Is this really a rediculous argument given that the US no longer leads in so many IT innovations (Russian, Isreali, Indian, Japanese, Chinese etc.etc.etc. innovations). Are we really just delaying the inevidable while simultaneously putting our own innovators at a disadvantage in participating in what has become an international innovation arena? Is the border control over IP expart and IT innovation reallt just a new form of international warfare?

IT Outsourcing

[Damon May] Along the lines of a blurb I just wrote on the main discussion page, I think it'd be interesting to do a project on the current state of outsourcing in the IT industry, projections for the future, and the things that government and industry can and/or should do to stem the trend.

SMM: Hint: If you aren't already familiar with them, you should brush up on the economic argument that free trade always makes society richer -- the buzzwords are "comparative advantage" and "returns to trade." The material is not hard: Any intro econ book should have it. Of course, we've never taken free trade to the extreme of letting human beings flow freely back and forth across borders. Outsourcing blurs that distinction.

James Welle: I am interested in this as well. It would be interesting to look at history in other industries ( the auto industry for example ) and try to predict what may or may not happen to the US technology workforce due to outsourcing. It would like to look at other related issues such as unions as well and do an analysis of how this could benefit or harm the industry.

James Welle: I moved this discussion to the specific outsourcing page.

Universities and Cyberinfrastructure

[Joanna] As we are experiencing in this class, developments in IT can significantly alter how both education and research are carried out in universities. But significant hurdles exist in adopting new technologies in the university environment including financial limitations, resistance to change and a decentralized organizational model. I think an interesting project would be to look at how IT can change education and research, what has worked so far and what are the challenges of bringing new technologies into the university environment.

SMM: There's also the question of whether distance learning is a threat to traditional universities, whether they can compete if their professors put all their old lectures on the Web for free, etc.

Joanna: Brief look at the literature and this is an active area of publication. The topic of supporting IT within universities has its own ACM SIG: http://www.acm.org/sigs/siguccs/.

Lecture 3 discussion: ELectronic voting for a billion people

http://slate.msn.com/id/2107388/

TedZ: good article. I wonder if the machines (as described) would be useful in the US? I think (hope) that we would have fewer problems with holding polling places hostage. I think the main barrier would be the technological hubris of the US; the knee-jerk response would almost always be (as discussed in the article), "why would we want to import technology from India?" I think the idea of having to have the vote tally machine physically carried to a counting station removes a lot of vectors for corruption. On the other hand, it leaves you vulnerable to outright theft/mugging/loss.

IT projects that span countries with different policies?

How about a topic about the issues you run into with having IT projects that cross global markets? For instance, Yahoo was strongly encouraged by France to stop selling Nazi goods ( http://news.bbc.co.uk/1/hi/world/americas/1098466.stm ), and Google is constantly in the news about the filtering the Chinese government is supposedly doing to remove information that isn't acceptable, like on the Falun Dafa ( http://www.opennetinitiative.net/bulletins/006/ ). There's a ton of stuff in this area, including things you might not think of like the need to name certain countries "correctly", not draw borders in "contentious" ways, and to ship multiple language versions because certain countries don't allow, say, just an English version and no French version.

SMM: Good topic. You might want to take a look at Larry Lessig's book "CODE," which lays out the basics. Note that this is a traditional problem in the physical world -- think about how we supported Radio Free Europe to annoy the Russians and all the choice-of-law cases where a California consumers sue Pennsylvania manufacturers. One good way to think about the Web is to ask what, if anything, is different from physical space and whether the rules need to be different as a result.

ENJ: This is very interesting stuff -- the web seems to assume flat access and cultural norms -- but life and the world is anything but. Like the eBay/Nazi/France issues discussed above. Plus if Mainland China (PRC) has their way (meaning the market planners/dynamics there) just as they have largely created their own videoCD standards, so they will develop a new (separate) web sphere and control/drive the toll their own way/preference. Amidst all of this, archaic intellectual property rules/enforcement try to incentivize inoovators/ It is really a huge gap of process!

More international topics

Walker Under the "North-South" topic fall many interesting subtopics concerning IT in an international context, but there are some that fall a bit outside the "developed world -- developing world" dichotomy that are also of interest...

  • Profile of <nation>'s IT ecosystem: How does culture, level of development, political structure, broader industrial policy affect <nation>'s IT ecosystem. Of particular interest are the ways in which <nation>'s policies and practices differ from the United States, and if there is anything that can be learned or applied from <nation>'s model. Also of interest is <nation>'s ecosystem in relation to the broader global community(this aspect was partly touched upon in a post above "IT projects that span countries with different policies?" ). I am thinking that <nation> might be India or China, but also could be Germany, Japan, Britain, etc.
  • IT in East Asia / IT in the EU / etc.: Similar to the subtopic above, but with a focus on the relationship between regional blocks of nations. The wars over standards and IP, for example, often break along regional lines. With respect to East Asia, there looks to be an interesting story to tell regarding the growing ties between China, Japan, and South Korea in IT... IPV6, mobiles, Linux; what are the implications for Open Source, and the broader structure of the software industry?
Iking Another idea in the international realm: should an emerging nation, still learning to feed, clothe and educate its citizens, focus significant resources on IT? The underlying question is how IT can benefit an emerging nation, as distinct from how we perceive its impact in developed nations, and whether the return - short and long term - justifies the expenditure of resources in the short term (considering that housing, education, health care, etc. all compete for those same resources).

Walker 18:45, 18 Oct 2004 (PDT) moving discussion to "IT Abroad" topic discussion page

Sources of additional project ideas

It would be good to see a bit more action on the course project wiki!

Here are some places to troll for ideas:

1. The USACM website: USACM (see the left-hand column)

2. The Aspray text

3. The course syllabus (note, for example, some topics at the bottom we're not getting to, or some topics we're including but giving short shrift to)

4. The ideas we have posted

5. The EFF web (see list on left): EFF web

Multiple Nets?

[RLM] Wasn't sure where to place this possible project idea so anyone do feel free to move it elsewhere. I read a small blurb about PlanetLab in this month's PCMAG and thought it could make for a good project or lead to more discussion on related themes:

"While many executives at the Intel Developer Forum waxed postive about the wireless future, others sounded warnings about the Internet. Intel CTO Pat Gelsinger cautioned that the Internet's growth is leading to "architectural limitations" as computer users from developing nations join the fray. Gelsinger called for a new network to run on top of the Internet and handle Web services, traffic congestion, and more. Intel has been funding a prototype, dubbed PlanetLab, with over 190 global sites. Now HP is joining forces with Intel to grow and commercialize PlanetLab."

A number of questions come to mind, which might make for an interesting project, on how we envision the Net and the "space" it occupies, especially in relation to Lessig's CODE: What are these "architectural limitations" and how are developing nations (vs developed nations) pushing these limits (the source of the problem)? What kinds of changes to the architecture of the Net is evisioned by PlanetLab, given its development as a commercial project? Who would be excluded/included (though I just recently discovered PlanetLab, from my understanding, PlanetLab is an exclusive community)? What are the (policy) implications of having multiple Nets (Internet2) and/or commercial-oriented Nets?

Those are some questions that come to mind; my interests come more from the IT and Development angle. I want to brainstorm with others with similar interests and I've posted comments in the North-South and IT Abroad issues.

[ENJ] While there are lots of technical reasons one might advacne to favor IPV6 and other enhanced perfromance nets, are they really no more than a repeat of the "better netowrking protocola" vs. The evergreen Ethernet; better user input I/O vs. QWERTY, etc. That is, technical innovation vs. the investment ($$$, favorite skillsets/habits/aversion to change) in existing status quo? How does a mega market like China (where standards prefere to arise from within despite the lag vs. the western world) present a diferent picture for new standards? Could a single multinational copr be a player in mmultiple standards i.e. western world AND Eastern world? How do different languages and cultural norms dictate different design priorities?

a profile of Iran's IT ecosystem

[EIMANZ] I'm very interested in doing research on finding out what Iran's IT environment is. Being under sanctions from the U.S., yet having relations with European contries, makes researching Iran's particular situation very interesting.

I'm thinking of focusing on: Iran's Computer Software and Hardware Indsutries Software Imports and the 'Piracy' Iranian Government laws on IP and research funding. Iran's export of IT goods. Iran's movie/music/entertainment industry and their battles with IT.

[ENJ]Not specifically to Iran, I think the barriers presented by gov'ts are a very interesting thing to look at as they enhance, stifle or segregate (isolate) innovation progress and market development. This discussion very quickly thrusts one into looking at the Intellectual Property treatment/process/enforcement and the way different regions/gov't's manage it. Very interesting. Is it a US vs. European Union issue or do mega-markets like China force their ownm dominion (over a billion consumers)

[ENJ] Also, would be interesting to see how outsourcing impacts the differences of IP treatment and respect locally.


What about the future of e-voting as a project topic?

E-voting project?

What about e-voting as a project topic?