In a rush order move that the bill’s principal author, Sen. Joseph Lieberman (I – Conn.) called “not rushing,” the Senate majority leader will bring to the floor a critical, completely revised cybersecurity bill for a full vote. The move would skip any markup and debate sessions in such committees as the Homeland Security Committee which Sen. Lieberman chairs, and whose ranking Republican – Sen. Susan Collins (R – Maine) – is a co-sponsor. This news was first reported early this morning by The Hill‘s Brendon Sasso.
A draft of the mostly revised Cybersecurity Act of 2012 was released late Tuesday. The new language now omits the most controversial element of the 2011 bill – one which would have granted government authorities oversight rights over any data center housing government data, in the event of a national cybersecurity emergency.
In place of that language are terms which may be considered much friendlier to the private industries upon which more and more government agencies rely. Drastic cost-cutting measures in order to meet lower deficit spending targets have compelled agencies to expedite their transition to cloud-based architectures that pool compute, storage, and network power along with private providers.
Cloud Seizure Averted
The fear had been that government data housed on private systems would become more susceptible to attacks. The 2011 bill would have designated an authority to take control in the event of a cyber-emergency – control that would have placed private systems temporarily under government administrative authority. Remedial measures would have then been determined by that authority.
But as many industry experts have argued and even testified since this whole debate began, private industry may have a far deeper and more viable plan for how to respond in a cyber-emergency, than government may ever hope to duplicate.
The 2012 bill’s language instead does not designate what happens in a cyber-emergency – at least, not at this time. Instead, it would launch a process for assembling a public/private sector partnership, under the direction of the Secretary of Homeland Security, for consultation and formulation of more realistic measures for securing critical infrastructure.
The new bill now relies on existing law – specifically, the Patriot Act – to define what “critical infrastructure” means. That may be a concession to skeptics who perceived the 2011 bill as extending the blanket of government control to any device that has a government-owned bit stored on it. However, the 2012 bill’s language continues to define a “cyber risk” as something that poses a risk. That language may not have an opportunity to be refined before the bill comes to the Senate floor for a vote.
Not Another PIPA
According to The Hill‘s reporting, the rush order was made by Majority Leader Harry Reid (D – Nev.), in a move which may be interpreted as an overt attempt to avoid “another PIPA” – a repeat of the fate of the SOPA/PIPA bills. Extended markup sessions and subcommittee debates gave public advocacy groups ample time to mount one of the most effective opposition campaigns in U.S. history.
After those bills’ monumental defeat, legislators appear to perceive the public as willing to actively campaign against any legislation whatsoever that would strengthen government oversight of the Internet – even if that oversight is in the public interest, or a matter of national security.
In a statement issued Tuesday, Sen. Lieberman said his new cybersecurity bill should not be confused with SOPA/PIPA in any way – one is about piracy, and the other about national security. (In other words, please put down the protest signs.) But the omission of the cybersecurity authority provision, and striking the entire section creating what would have been a federal cybersecurity administrator reporting directly to the President, were done “to move the legislative process forward,” Lieberman’s office said.
That excuse wasn’t good enough for the ranking Republican members of five committees, who are not buying Lieberman’s argument that the remaining language was composited from bills that have already passed committee markup in recent years. Those senators, who included John McCain (R – Ariz.) and Kay Bailey Hutchison (R – Tex.), were among seven who signed a letter to Sen. Reid on Tuesday insisting on committee debates. The letter argued that, while Reid established bipartisan working groups to discuss cybersecurity legislation perhaps to meet some artificial quota for bipartisanship, schedulers made certain those groups never actually met.
“While some committees have held hearing and executive business meetings on other cyber-related bills within their jurisdiction,” the letter reads, “the relevant committees have not had the opportunity to weigh in on this measure even though it cuts across committee jurisdictions. We call upon our Senate Leadership to allow the committees of jurisdiction to convene hearings and conduct executive business meetings on this new bill so that Senators can be properly educated on this complicated measure and the committees of jurisdiction can provide their necessary perspective before any measure is brought to the Senate floor for consideration.”
Although Sen. Lieberman is officially an independent, he was formerly a Democrat and continues to caucus with Senate Democrats. His chairmanship of the Homeland Security Committee was worked out through a deal with the Democratic leadership. However, Lieberman and Sen. McCain have previously been partners in homeland security-related legislation.
The conference is organized by RedMonk, an unusual analyst firm. Their conferences, reflecting the analysts at RedMonk, are unusual as well. The Portland, Maine event was primarily organized by RedMonk co-founder Stephen O’Grady, who resides in Maine. This time around, the event was primarily organized by RedMonk co-founder James Governor.
Conference as a Joke
Some industry events have a very serious air about them. Things like VMworld or the Open Source Business Conference (OSBC) have a very button-down feel about them, and tend to be highly skewed towards sponsor-driven content. Read: sponsors get speaking slots, and it shows. Many of the talks are little more than extended commercials, and tend to be about as interesting and informative as reading sales brochures.
James Governor paces the stage at Monki Gras
The RedMonk conferences, on the other hand, started as a joke. When the RedMonk folks joked about combining a beer and developer conference, though, they found that people weren’t laughing. They were asking “when,” “where” and “how much”?
The price for a two-day conference, which included catered lunch and dinner with a generous and interesting selection of beer? The tickets ranged from £99 to £140, depending on when you purchased the tickets. (Disclaimer: As a speaker, I did not pay for a ticket for the event. I did pay my own travel.)
Diversity and Expanded Agenda
Some of the speaking line-up was carried over from Monktoberfest, which is OK since few of the attendees who attended Monktoberfest were likely to attend Monki Gras. Matt LeMay reprised his talk on “kitteh vs. chikin”, Greg Avola of Untappd was back (though with a different talk) and Donnie Berkholz (now a RedMonk analyst) gave his “Assholes are Ruining Your Project” talk.
But there quite a few new talks as well, especially since the agenda was expanded to two days at popular demand. I particularly enjoyed the CTO vs. vice-president of engineering talk between Jason Hoffman and Bryan Cantrill of Joyent. It was not your typical, dry and dull conference fare.
Which brings me to an important point. The RedMonk conferences are a bit more rowdy than other conferences. Nobody had a “perform like a pr0n star” moment, and none of the talks were offensive at all. However, speakers did drop some f-bombs and were generally much more casual than other shows.
One of the things I dinged Monktoberfest on was the lack of diversity. The speaking line up had no women, and there were few women in attendance as well. I spoke to Governor and O’Grady about the line-up and their response was that they were aware of the problem, but had invited a few women to speak but they were not available on the date for Monktoberfest. They did assure me that they’d make an effort to have a diverse line-up for the next event, and were good at their word.
Laura Merling of Alcatel-Lucent, UX guru Leisa Riechelt, and Bocoup’s Irene Ros were all on the agenda. Was it equal time? Not quite, with two days of talks Monki Gras had a lot of speakers and most were men. However, it’s notoriously difficult to recruit women to speak at tech conferences. I spotted a lot more women in attendance at Monki Gras, as well, so I think that the organizers are doing what they can to provide a solid set of talks with a diverse set of speakers.
Kohsuke Kawaguchi of CloudBees had a short slot to talk about building a community around an open source project, based on his experience with Jenkins. Stop me if you’ve heard this before: A lone developer starts working on something as a hobby, and ultimately creates a project that’s used by a huge community. Jenkins may not be quite as ubiquitous as Linux, but for a project that started as a one-man show in 2004, it’s grown impressively.
How do you get contributors to your FOSS project? Kawaguchi suggests that developers “think about the conversion funnel.” Usually reserved for marketers and sales folks, Kawaguchi reminded the audience that “every developer starts as a visitor.” Visitors have to be able to find the resources they need to become users, before they become developers.
Kawaguchi also asks developers to make sure their code is modularized. It’s easier for people to hack small pieces than one big blob. Some developers may only care about a small part of a project. And “it’s good software engineering anyway.” The division of labor is greater than collaboration, says Kawaguchi.
The PhoneGap talk by Andre Charland and Dave Johnson was also interesting. Charland and Johnson went through the history of PhoneGap through its purchase by Adobe. The lesson they learned around PhoneGap? You don’t need sales people, you don’t need marketing. If you have a really strong FOSS project like PhoneGap “people just start calling you.”
If you remember the Apache considered harmful post and O’Grady’s “you won’t get fired for using Apache” post, then Mike Milinkovich of Eclipse had a talk that was a must-see. Not surprisingly, Milinkovich wasn’t in agreement with the anti-foundational messaging in the Apache post, or O’Grady’s somewhat weak defense of foundations. He made a pretty strong case for foundations as a vendor neutral place for development that provides governance, IP management, project lifecycles, community oversight and norms, etc. Unfortunately, due to the nature of Monki Gras, a lot of talks were very short. This is good in that it’s hard to have a terribly boring talk in 20 minutes. It’s bad, though, when someone like Milinkovich probably could have gone longer and had more interesting things to say. All good things come to an end, though.
Day two at Monki Gras
After day one’s programming came to an end, the attendees were treated to a catered dinner and a beer tasting contest led by beer expert Melissa Cole. Each table was designated a “team captain” and attendees were taught a bit about beer and then led through a practice round of tasting and trying to identify beers.
Obviously the Monki Gras attendees were enthusiastic about beer, but are they knowledgeable? Well, certainly moreso now than before. I think we found that a lot of beer fans are experts on what they like, but not necessarily at identifying types of beers.
The selection of beers during dinner was interesting, and featured six British and three Belgian beers. This includes treats like Thornbridge Jaipur, Freedom Pilsner, Oakham JHB and Trappistes Rochefort 8. Note that attendees were served amounts appropriate to tasting during dinner, not nine full pints of beer. After dinner, attendees may have consumed that or more, as the beer was flowing pretty freely and there was apparently an after-party that went until past 4 a.m. In the interests of being prepared and awake for my talk the following day, I didn’t make it to that one.
Day two featured a slightly smaller crowd, slightly the worse for wear, at a different venue across town.
Day two’s content was just as strong as day one. In fact, I think that Why Most UX is Shite by Reichelt was probably my favorite talk. Why does most UX suck? According to Reichelt:
- Organizations don’t make decisions. Users have to make them instead. (Too much fear in deciding.)
- You think your opinion counts. Reichelt makes the point that all too often designers are influenced too strongly by the people they work closely with, instead of the people they’re designing for. (But don’t interact with as often.)
- You don’t measure it. Reichelt says that “companies don’t have good acquisition metrics or retention metrics or engagement metrics, let alone cohort analysis.” The things they track are not ideal for actually making good products.
- You don’t really care. Companies talk a good game, but they’re not designed around user experience.
- UI is a symptom of organizational culture. “All of these things are hard and most of them start much higher up in the organization than the average UX designer ever gets to. Good UX is cultural. If you want to hire a freelancer to ‘do UX’ , it’s like putting a plaster on gangrenous leg.”
Worth the Trip?
Following the shorter agenda on the second day, the attendees adjourned to the bar next to the venue to continue talking and trying beers. It’s a testament to the strength of the conference that so many folks hung around to talk to one another afterwards.
As I’ve said before, the most significant track for any event is the “hallway track,” and the RedMonk team have generated a really strong one. Software developers and people that need to work well with developers should seriously consider attending the next event, if it’s feasible. Monki Gras is easily one of the best events I’ve been to for actually connecting with other folks and learning about what’s going on in the rest of the industry. Cap that off with good beer and food, and what else could you want from a conference?
Source: What You Missed at Monki Gras
The RedMonk folks are getting ready to close the door on signups for The Monki Gras. The conference is scheduled for February 1st and 2nd in London, and features a delightful pairing of industry experts and beer. If you want to attend, you need to speak up today – the organizers are closing ticket sales on January 25th.
The Monki Gras is a follow-on conference to Monktoberfest, which took place last October in Portland, Maine. (As some would have it, “the Real Portland.”)
What’s It About?
The Monktoberfest conference was the first time RedMonk went about organizing a conference. As RedMonk’s Stephen O’Grady likes to note, the conference started as a joke. What if they threw a conference that focused on beer as well as an agenda for developers?
Here’s what happens: People show up. Also? They have a pretty good time while also learning quite a bit and sharing with other conference attendees. The “hallway track” is often the best track of any technical conference, and Monktoberfest put the hallway track front and center by arranging fantastic food and beer for the breaks and dinners. Oh, and the talks were quite good too.
One More Round
Monktoberfest was a resounding success, so they said that they’d do it again. This time, they’re doing it in London a few days before another (slightly larger) developer-oriented conference: the Free and Open Source Software Developers’ European Meeting (FOSDEM).
Once again, the focus is on tech and craft beer. This time, the beer focus is on the UK’s “burgeoning craft beer startup scene” and one or two Belgian beers, perhaps. The talk focus has been expanded a bit, though. Many of the folks at Monktoberfest complained that the event was great, but there wasn’t enough of it. This time around, the RedMonk crew is adding a half-day of talks on day two starting at 10 a.m. (not too early).
Some of the speakers you don’t want to miss: Bit.ly’s Matt LeMay will be doing the “Kitteh vs Chikin” talk again, Kohsuke Kawaguchi from CloudBees will be talking about Jenkins and building an OSS community. Mike Milinkovich of Eclipse will be discussing open source foundations, and Laura Merling of Alcatel-Lucent will speak on “how telcos got API religion and what comes next.”
The Monki Gras will also feature folks from Lanyrd, Zendesk, Adobe PhoneGap, Joyent and others. I’ll also be doing a talk on day two on how developers can “bootstrap” coverage for their projects.
Tickets for the event are £140.00 and registration closes tomorrow. See you in London!