Mark Shuttleworth | here be dragons

…to Debian on the release of Etch!

There are some ideas that are broken, but attractive enough to some people that they are doomed to be tried again and again.

DRM is one of them.

I was thrilled to see recently that the processing key for *all* HD discs produced to date has been discovered and published. I expect this to lead to the complete unraveling of the Blu-Ray and HD-DVD content protection schemes before even 1% of the potential market for those players has been reached. Good news indeed, because it may inspire the people who setup such schemes to reconsider.

We’ve been here before. The DVD-CSS encryption system was cracked very quickly - stylishly and legally so. Content owners - Hollywood Inc - were outraged and pursued anybody who even referred to the free software which could perform the trivial decryption process. They used the DMCA as a way to extend the laws of copyright well beyond their original intent. They behaved like a deer in the headlights - blinded by the perceived oncoming doom of a world where their content flows quickly and efficiently, unable to see potential routes to safety while those headlights approach. Their market was changing, facing new opportunities and new threats, and they wanted to slow down the pace of change.
Content owners think that DRM can slow down the natural evolution of a marketplace.

In the case of movies, a big driver of DRM adoption was the unwillingness of the industry to get out of the analog era. Movies are typically distributed to theaters on celluloid film, great big reels of it. It costs a lot to print and distribute those films to the cinemas who will display it. So the realities of real-world distribution have come to define the release strategy of most movies. Companies print a certain number of films, and ship those to cinemas in a few countries. When the movie run is finished there, those same films are shipped to new countries. This is why a movie is typically released at different times in different countries. It’s purely a physical constraint on the logistics of moving chunks of celluloid, and has no place in today’s era of instant, global, digital distribution.

Of course, when DVD’s came along, content owners did not want people to buy the DVD in the USA, then ship that to Australia before the film was showing in cinemas there. Hence the brain damage that we call region encoding - the content owners designed DVD-CSS so that it was not only encrypted, but contained a region marker that is supposed to prevent it from being played anywhere other than the market for which it was released. If you live outside the US, and have ever tried to buy a small-run por^W documentary movie from the US you’ll know what I mean by brain damage: it doesn’t play outside the US, and the demand in your region is not sufficient to justify a print run in your region-coding, so sorry for you.

The truth is that survival in any market depends on your ability to keep up with what is possible. The movie owners need to push hard for global digital distribution - that will let them get movies out on cinema globally on the same day (modulo translation), the same way that you and I can see everything on YouTube the day it is uploaded.

The truth is also that, as the landscape changes, different business models come and go in their viability. Those folks who try to impose analog rules on digital content will find themselves on the wrong side of the tidal wave. Sorry for you. It’s necessary to innovate (again, sometimes!) and stay ahead of the curve, perhaps even being willing to cannibalize your own existing business - though to be honest cannibalizing someone else’s is so much more appealing.

Right now the content owners need to be thinking about how they turn this networked world to their advantage, not fight the tide, and also how to restructure the costs inherent in their own businesses to make them more in line with the sorts of revenues that are possible in a totally digital world.

Here are some reality bites:

• Any DRM that involves offline key storage will be broken. It doesn’t matter if that key is mostly stored on protected hardware, either, because sooner or later one of those gets broken too. And if you want your content to be viewable on most PC’s you will have software viewers. They get broken even faster. So, even if you try to protect every single analog pathway (my favourite is the push for encrypted channels between the hifi and the speakers!) someone, somewhere will get raw access to your content. All you are doing is driving up the cost of your infrastructure - I wonder what the cost of all the crypto associated with HD DVD/BluRay is, when you factor in the complexity, the design, and the incremental cost of IP, hardware and software for every single HD-capable device out there.
• The alternative to offline key storage is streaming-only access, and that is equally unprotectable. The classic streaming system, TV broadcast, was hacked when the VCR came out, and that was blessed as fair use. Today we see one of the digital satellite radio companies (Sirius or XM, I think) being sued by content owners for their support of a device which records their CD-quality broadcasts to MP3 players. Web content streaming services that don’t allow you to save the content locally are a very useless form of protection, easily and regularly subverted. And of course not everyone wants to be online when they are watching your content.
• It only takes one crack. For any given piece of content, all it takes is one unprotected copy, and you have to assume that anyone who wants it will get it. Whether it is software off a warez site, or music from an MP3 download service in Russia, or a file sharing system, you cannot plug all the holes. Face it, people either want to pay you for your content, or they don’t, and your best strategy is to make it as easy as possible for people who want to comply with the law to do so. That does not translate into suing grannies and schoolkids, it translates into effective delivery systems that allow everyone to do the right thing, easily.
• Someone will find a business model that doesn’t depend on the old way of thinking, and if it is not you, then they will eat you alive. You will probably sue them, but this will be nothing but a defensive action as the industry reforms around their new business model, without you. And by the industry I don’t mean your competitors - they will likely be in the same hole - but your suppliers and your customers. The distributors of content are the ones at risk here, not the creators or the consumers.

The music industry’s fear of Napster led them down the DRM rabbit-hole. Microsoft, Apple, SONY and others all developed DRM systems and pitched those to the music industry as a “sane ” approach to online music distribution. It was a nice pitch: “All the distribution benefits of download, all the economic benefits of vinyl”, in a nutshell.

Of these contenders, SONY was clearly ruled out because they are a content owner and there’s no way the rest of the industry would pay a technology tax to a competitor (much as Nokia’s Symbian never gained much traction with the other biggies, because it was too tied to Nokia). Microsoft was a non-starter, because they are too obviously powerful and the music industry could see a hostile takeover coming a mile away. But cute, cuddly Apple wouldn’t harm anyone! So iTunes and AAC were roundly and widely embraced, and Apple succeeded in turning the distribution and playing of legal digital music into a virtual monopoly. Apple played a masterful game, and took full advantage of the music industry’s fear.

The joyful irony in this of course is Steve Jobs recent call for the music industry to adopt DRM-free distribution, giving Apple the moral high ground. Very, very nicely played indeed!

A few years back I was in Davos, at the World Economic Forum. It was perhaps 2002 or 2003, a few years after the dot-com bust. It was the early days of the iPaq, everyone at the conference had been loaned one. I remember clearly sitting in on a session that was more or less a CEO confessional, a sort of absolution-by-admission-of-stupidity gig. One by one, some well known figures stood up and told horror stories about how they’d let the inmates run the asylum, and allowed twenty-something year olds to tell them how to spend their shareholder capital on dot-com projects. This was really interesting to me, as I’d spent the dot-com period telling big companies NOT to over-invest, and to focus on improving their relationships with existing customers and partners using the net, not taking over the world overnight.

But the real kicker came at the very end, when the head of SONY USA, also responsible for its music division, Sir Stringer, stood up to make his peace. He gloated on at length about how SONY had NOT invested in the dot-com, and thus how he felt he must be the only person in the room who had not been taken in by the kids. It was a very funny, very witty speech that earned a round of applause and laughter. I was left wondering whether he had any clue whatsoever how many songs would fit on the iPaq in his pocket, or how long it would take to download them. I suspected not. Of all the CEO’s who had spoken that day, I thought he was the one most likely to be hit hard, and soon, by the digital train.

Sir Stringer is now CEO of SONY worldwide. Funny, then, that the SONY PS3 should have been delayed so that work could be completed on its DRM system.

Some bad ideas are just too attractive to die, once and for all.

Well done to the guys working on Bazaar, the distributed version control system, for their work on the latest release. This one includes a new working tree format that radically cut the time of “bzr status” for larger trees. After installing the release I was prompted to type “bzr upgrade” whenever I used a tree in the old format, and the upgrade was smooth (glad for the backup it makes, but I’ve started deleting those since it all seems rock solid).

There’s a page which shows the relative performance of different releases of Bazaar since 0.8, and I’m impressed that they have cut the time of “bzr status” by 2/3rds since 0.8 which I think was about a year ago.

We picked Bazaar for Launchpad because of it’s excellent cross-platform support and robust handling of renames (even in extreme cases - renaming files inside directories that other people renamed and merging frequently between branches of people who are radically restructuring a big tree). It’s never lost data for me, or blown up in a surprising way, and we use it heavily in a team of about 20 developers.
For the past year I’ve been urging the team to focus on performance and these numbers suggest good results. Robert Collins tells me there’s about another 40% of low hanging fruit on “bzr status”, but for 0.16 Martin Pool says the focus is almost entirely on the smart server so that network operations (push to a remote repo, or merge from a remote branch, or commit to a remote branch) are much more efficient, especially for people on high-latency links. Looking forward to it!

Congratulations to the Launchpad team on today’s public beta!

Launchpad is built for Ubuntu, but it’s great to see other projects adopting it too, most notably in recent weeks Zope and Silva. I hope those projects find it much easier to collaborate with one another, and with other projects too.

If you’re curious about Launchpad, this new guide to Launchpad’s feature highlights is a quick read (with pictures :-)) and gives you a good sense of how best to use it. It covers all the major applications that make up the service - translation, community support, planning, bug tracking, code hosting and team management.

And if you’re keen to test new features and willing to file bugs, you can join the Launchpad Beta Tester’s team, and live on the bleeding edge with nightly builds of the system. We’ll reopen the beta server (beta.launchpad.net) later in the week to test some additional new functionality.

My latest (small) contribution to the code was to help Salgado with the system that lets you set a custom logo for every page in the system that belongs to you or your project. Have fun decorating! Here’s the official announcement of the beta.

I was thrilled to see a slew of new Beryl packages land in Ubuntu yesterday.

There’s been a furious amount of activity from the MOTU and Beryl upstreams to get these packages ready for Feisty inclusion - cleaning up copyright issues as well as getting the packages themselves into first class order. Now the rest of us can test Beryl simply by:

- enabling universe in /etc/apt/sources.list (or, in Ubuntu, just use System->Administration->Software sources)

-  installing Beryl (”sudo apt-get install beryl”)

After I’d done this, I could get Beryl up pretty much immediately by just running “beryl-manager” at the command prompt.

A huge thank you to the folks who worked so hard to get this done in time for Feisty - lupine_85, racarr, imbrandon, pricechild, and others! The MOTU team’s response to this challenge was awesome.

SUN’s free software credentials took a big step forward today with Ian Murdock’s decision to join the company. Congratulations all round. Now we have to find a new CTO at the Linux Foundation, and one with big shoes to fill. Hopefully, Ian’s experience will lead to something ISV’s very dearly want - commonality and standardisation across their non-Windows target platforms. Here’s to an interesting year!

There’s been a tremendous level of interest in the fact that pre-installed Linux (in the form of Ubuntu | Fedora | OpenSuSE) is the #1 rated suggestion on Dell’s IdeaStorm. On the face of it, there is little question that Linux pre-installation is popular with customers. Why, then, is it so difficult to buy a PC in the US or Europe that has Linux (and ideally Linux alone) on the hard drive?

The devil, as always, lies in the details.

First, margins on PC’s are razor-thin.

This has two significant consequences. Most importantly, it means that Microsoft co-marketing funds are a substantial portion of the profit margins for many large PC retailers. Tweaking the nose of the giant might be fun but it’s risky. If Microsoft reduces the per-PC marketing contribution it makes for a particular reseller, that puts them at a huge financial disadvantage relative to their competitors. This means that one of the biggest issues a computer manufacturer or reseller faces in considering Linux pre-installations is the impact it will have on the Microsoft relationship, and hence bottom line.

Also, thin margins mean that any customer interaction or support call can blow away the profit not just on that sale, but on many others as well. The worst-case scenario is a customer who buys a computer at the lowest price off your website, assuming it’s a Windows machine, and then calls, infuriated, because it “won’t work with the game they are trying to install”. One customer who accidentally gets Linux without knowing what that means is an expensive proposition for a company that makes relatively little on the low-end product range. For this reason, I don’t think it makes any sense for Walmart to sell low-cost Linux PC’s, and we’ve never pushed US / European retailers to try pre-installing Ubuntu unless we think they can segment out the market which genuinely WANTS Linux from those that are just looking for a great deal on “a [windows] computer”.

Second, we free software fans are a fussy crowd, and very hard to please. You know what you are like - you sit and configure that Dell system down to the finest detail, you want a specific model of HP laptop, you want the one that has the Intel graphics chipset not the other chipset because you prefer the free driver approach from Intel… you are in short an expert, demanding customer. This means, that in order to reach us with Linux, a reseller has to offer Linux EVERYWHERE, not just on a few select models.

Worse, we are not “Linux” users, we are users who want version 6.06.1 of Ubuntu, or 10.2 of SuSE, or Fedora 6. We want a specific distro, and in many cases also a specific VERSION of that distro. In order to please us, the vendor has to offer an enormous matrix of possibilities - machine and distro/version.

This is an expensive proposition.

So, what can we do to help address the need?

First, we can help the vendors get more detailed insight into the real nature of demand. For example, here’s a survey being run by Dell that will I’m sure help inform their decisions about how they help you get Linux on Dell:

http://www.dell.com/linuxsurvey/

It would be great, of course, if those sorts of surveys were less vendor-specific, so that we could express our opinions once and have that counted across the whole industry, but there you have it. (It would also be great if Dell would consider Ubuntu to be both community- and commercially-supported, but that’s a different story ;-)).

Second, we can start looking at ways to change the model so that there’s a better fit between customer expectations and the economics of the industry. For example, if you’re one of the people who voted for Linux pre-installation on Dell IdeaStorm, would you be happy to receive a Dell box with no OS and with an Ubuntu disk in the box, which you yourself installed, with no support from Dell? What if it came with an assurance that the set of components you had configured *should* work, but no guarantee? Can we tweak the parameters to get to the point where you would be satisfied, and Dell could make a reasonable profit with only reasonable risk? Solve that, and I think we could all get one step closer to fixing Bug #1.

Addendum:

Of course, some resellers specialise in Linux pre-installations. My favourite of them is System76, who do a great range of laptops and desktops with, amongst others, Ubuntu preinstalled. Kudos to them for spotting the market and making the most of it.

I’m very impressed with the results of the early work being done at the new Linux Foundation, which is OSDL+FSG with a leaner focus on getting things done.

Working in civil society, quango’s, non-profits or consortia is extremely difficult - money is always tight, it’s not as clear what the metrics of success should be, and it’s often hard to get consensus from a critical mass of players on what needs to be done. So I think it’s a credit to the folks who setup the new entity that they have been able to narrow the focus substantially and get buy-in from all the major players on the goals for 2007.

I’ve been nominated for and elected to, and have accepted, a seat on the board of the Linux Foundation, not in my capacity as founder of Ubuntu or via Canonical, but as an independent representative of the free software and Linux community. I’ll endeavor to wear that hat as effectively as possible in the role!

I’m not a great fan of consortia - they are always at risk of being divided by their own membership, but I agreed to take on this role because I think the management have a mandate from the funders to deliver something that’s really important for free software - an open process of standardisation that delivers results in competitive time frames. I’ll do my best to help them achieve that.

Just landed in Bzr trunk for 0.15:

peregrine% bzr help tag

usage: bzr tag TAG_NAME
Create a tag naming a revision.  Tags give human-meaningful names to
revisions. Commands that take a -r  (--revision) option can be given
-rtag:X, where X is any previously created tag.

Tags are stored in the branch.  Tags are copied from one branch to
another when you branch, push, pull or merge.

It is an error to give a tag name that already exists unless you pass
--force, in which case the tag is moved to point to the new revision.

options:
-d ARG, --directory=ARG
Branch in which to place the tag.
-r ARG, --revision=ARG
See 'help revisionspec' for details
--force               Replace existing tags
-h, --help            show help message
--delete              Delete this tag rather than placing it.

Looooovely :-). Can’t wait for 0.15!

One of the experiments I was a guinea-pig for on the space station was a study into the correlation of heart rate and metabolism (energy expenditure) in space.

I didn’t have to do much - drink some amazingly expensive water (isotopically distinctive so it would make a good marker) and keep track of everything I ate. And wear a heart monitor, which recorded every beat for much of the flight. Apart from the irritation associated with the wiring of the heart monitor it was straightforward, all the hard work was done on the ground at the Sports Science Institute of South Africa, at UCT.

This was an extension of research they had been doing into the correlation of heart rate and metabolic activity in athletes, and they wanted to see if the same rules apply to astronauts in flight. Conclusions:

1. Yes, they do.
2. Astronauts don’t burn a lot of energy in space. Floating around is the ultimate couch potato profession, except for interesting events like EVA’s and decompression scenarios where every movement is against the pressurization of your suit.

I was reminded of all of this yesterday when I took a look at the readings of my heart rate monitor - just a low-end Polar heart strap and watch that I’ve been wearing out on the slopes for interest’s sake. The dear thing thinks I’ve been doing AMAZING amounts of exercise while snowboarding. In one day, apparently, I burned off 6,000 kcal, which is hardly likely given my very relaxed (”Sunday tripper”) approach to exercise in general.

I think the issue is that my heart rate is generally elevated when at altitude. The watch doesn’t know anything about altitude, though, so it thinks that I’m tearing up some imaginary track when really I’m enjoying a cup of vin chaud ^* at 3,000m.

So, does anybody know how to recalibrate one of these things, for a more realistic result? I’m guessing somebody has a data set which would allow one to normalize heart rate for altitude and body mass, and get better results. Or is there a monitor out there which senses altitude and takes it into account automatically?

^* thanks to Pierre for pointing out that I’m not, in fact, drinking “lime wine”. What a limey I am.