Thejesh GN

A Blog, A Website and A container for all my views with excerpts from technology, travel, films, india, photography, kannada, friends and other interests. I am Thejesh GN. Friends call me Thej

Bureau of Indian Standards and Open Access

Posted by Thejesh GN On August - 6 - 20142 COMMENTS

Lets say you want to buy a bicycle tube. How do you know which one is the best? how do you know which cycle tube is made as per specification prescribed by Govt for safety? You go by ISI mark right? How do you know what that standard means? How do you know what you get when some says it’s an ISI marked tube? The obvious answer for most of us is to validate it against the checklist provided by ISI. But where do I get that checklist? Well you need to buy it. Soft copy costs Rs.180 for Indians and more for foreigners.

is2415

Now I wouldn’t be very surprised if this standard’s body was a private company whose main goal was profit-making. Nothing wrong with it. But this standard’s body is BSI. Bureau of Indian Standards which mostly known for ISI marking the products in India, is the national standards body which comes under GoI. Its established by Bureau of Indian Standards Act, 1986. Its public funded organization. Its main purpose is [CHAPTER IV, 10. (1) a. ]

(a) establish, publish and promote in such manner as may be prescribed the Indian Standard in relation to any article to process;

Now that sounds very illogical right? Why would you pay for something which is funded with public money. More than that why would someone put the checklists meant for public safety behind pay-wall? I could understand if they charged for hard-copy of the documents. But there is no excuse for charging for a soft copy of document. In fact it should be available freely, in readable, accessible format. Its time they do it.

But for some reason BSI wouldn’t do it. In the mean-time public.resource.org bought all those documents and made them public. All 19,200 standards documents are available in both pdf and text formats on their website for free. Public.resource.org not only makes the documents available, but also makes them accessible. They have converted about 192 documents into clean HTML and SVG, the open formats required to improve those documents. One such example is Indian Standard CYCLES—RUBBER TUBES—SPECIFICATION IS 2415 : 2004. The effort which is not just commendable but needs supports from all of us including BIS.

At least that’s what they expected when they wrote a letter letting them know about the work and thanking them. But they got this letter as response.
notice
It’s just sad and completely wrong. I am really happy that Carl Malamud replied to this notice explaining the purpose and reasons behind making the standards document open. It’s a must read for everyone interested in Open Access.

As someone who supports open access and open data, I am very thankful to public.resource.org for making these documents openly available to all. I hope BIS becomes collaborator in this effort than antagonist. If not we have to fight this battle for open access, public safety and innovation.

Disclosure: I was one of the kick-starter backer of resources.org’s campaign called Public Safety Codes of the World: Stand Up For Safety! which wasn’t successful :(

1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 5.00 out of 5)
Loading ... Loading ...

Triggering Innovation by Opening up Govt Data

Posted by Thejesh GN On August - 4 - 20142 COMMENTS

I was at Takshashila’s Shaping India’s Growth Agenda: Implications for the World conference listening to Innovation panel. The main debate revolved around what should Government do to catalyze the innovation in India. There were obvious suggestions like funding, policy support, taxation and not being a hindrance to business etc to increase the innovation.

shaping_india

I didn’t get to talk during the discussion but I just had one point which was opening up some of the institutions funded by public as a platform. Some of the institutions which I can readily think of are ISRO, IMD, National Archives of India,Survey of India, BSI etc. Just by opening the data they have collected for ages can spur the innovation.

I will give you a semi-concrete example, lets say ISRO, IMD and SoI had data API’s which was free or give a data dump which others can build an API (that itself is some innovation right?) for public consumption.

Now imagine if I was part of one of those organizations (Business or Not) which works with farmers to increase the productivity. If I could use my data analytical skills along with other info to suggest or recommend the crops that can be grown or alert to be ready for drought etc. Isn’t it a great innovation that can happen outside the Government just by opening up the treasure trove of data?

data_govThis was an example that I made up in five minutes. I am sure there are thousands of smart people who will innovate and bring out better products.

I am talking of services like the way USA Govt opened GPS satellite services for public use across the world. The amount of innovation that brought in GIS world. Its a huge data service. Its beyond regular APIs. Its exposing core services. Though data.gov.in has improved a lot in couple of years. It can’t be the end point for such services. though it can be a catalog for such services. This itself gives us plenty of opportunities to innovate.

Can all these be done without any policy change? Yes it can be. We have Bhuvan by ISRO available to public. Its a web map service provided by ISRO. But the quality and execution leaves something to be desired. So its not just about opening the data but also maintaining the quality of service. So its important for us to not just talk about the opening of data but also the quality of service along with other parameters with makes them usable. That said a decent policy which makes every government agency to open up the knowledge along with the promise of good QoS can act as a kick-start.

For us the data enthusiasts, now is the time to start rallying for the importance of such services and policy to support that.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

HappyTuesday Week 4 – TI EZ430 Chronos Watch Setup

Posted by Thejesh GN On July - 26 - 20142 COMMENTS

Last week was little crazy. I actually couldn’t find time to do the things that I would like to do on a Tuesday But met couple of interesting people from the internet. I must say the open data scene in India is opening up. BTW if you are interested in Open Data Scene in India. I run a weekly blog series called Open Data India Watch, subscribe to it :)

Tuesdays are my 20% project days. Even though sometimes I may not do things on Tuesday and do it on other days. Its still a HappyTuesday project.

I found time to explore my new watch TI EZ430. It’s not very powerful in terms of cpu or memory. It’s an advantage as much as it’s a challenge. It has a good battery life, it runs on a commonly availabe coin cell lithiumb battery – CR2032. It’s Based on the CC430F6137 <1 GHz RF SoC, with 96 segment LCD display and has integrated pressure, temparature, battery sensor and 3-axis accelerometer for motion sensitive control. It has 8kB of internal flash memory for data logging and about 5kb for user programs.

I just booted the watch this week, synced the time and tested the accelerometer this week. I have listed the details about installation and running below for starters.

You can download the drivers and software required for linux. Follow the steps below to install on 64bit computer.

sudo apt-get install libc6-i386 libx11-6:i386 libasound2:i386 libatk1.0-0:i386 libcairo2:i386 libcups2:i386 libdbus-glib-1-2:i386 libgconf-2-4:i386 libgdk-pixbuf2.0-0:i386 libgtk-3-0:i386 libice6:i386 libncurses5:i386 libsm6:i386 liborbit2:i386 libudev1:i386 libusb-0.1-4:i386 libstdc++6:i386 libxt6:i386 libxtst6:i386 libgnomeui-0:i386 libusb-1.0-0-dev:i386 libcanberra-gtk-module:i386

sudo apt-get install tcl8.5 tk8.5 xdotool

#Extract the zip
#Make the Chronos-setup executable
chmod +x Chronos-Setup
#run it as sudo, it should extract into your home folder
sudo Chronos-Setup

Once the installation is complete. Attach the RF transmitter to your computer USB and check if everything is fine.

$lsmod | grep acm

cdc_acm                28754  0 


$dmesg | grep cdc_acm

[34759.130002] cdc_acm 3-1:1.0: This device cannot do calls on its own. It is not a modem.
[34759.130029] cdc_acm 3-1:1.0: ttyACM0: USB ACM device
[34759.130442] usbcore: registered new interface driver cdc_acm
[34759.130445] cdc_acm: USB Abstract Control Model driver for USB modems and ISDN adapters
[34970.865223] cdc_acm 3-1:1.0: This device cannot do calls on its own. It is not a modem.
[34970.865242] cdc_acm 3-1:1.0: ttyACM0: USB ACM device
[35024.205471] cdc_acm 3-1:1.0: This device cannot do calls on its own. It is not a modem.
[35024.205552] cdc_acm 3-1:1.0: ttyACM0: USB ACM device
[35026.172880] cdc_acm 3-1:1.0: This device cannot do calls on its own. It is not a modem.
[35026.172964] cdc_acm 3-1:1.0: ttyACM0: USB ACM device

$ls -l /dev/ttyACM0
crw-rw---- 1 root dialout 166, 0 Jul 23 21:11 /dev/ttyACM0

The code above shows that device is running at “/dev/ttyACM0″. If you see that the RF Access Point gets assigned to a different device (e.g. ttyACM1), either remove the serial device that occupy this slot (e.g. a modem), or change the script file variable “com”.

To run

#Make sure that the script file is executable
  
$chmod u+x ./eZ430-Chronos_CC_1_2.tcl 

#Now start the script by simply executing 
#it as root user from a terminal window, e.g.
  
 $ ./eZ430-Chronos_CC_1_2.tcl

Now go to accelerometer tab, start it and shake the watch to see if ts working fine.

ez_430_accl

Next I will try to write some python code to send & receive data from the watch. Also want to try a new firmware, but may be later.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

HappyTuesday Week 3 – CitizenMatters

Posted by Thejesh GN On July - 15 - 20141 COMMENT

oorvani_cm I have never written about CitizenMatters before, it seems very strange. CitizenMatters as they define is a Bangalore focused, citizen-oriented news-magazine, covering city public affairs, community and culture. They do a great job of it. Its run by Oorvani Foundation which is also behind IndiaTogether. They have been a great supporter of Open Data movement and have helped me and DataMeet in organizing OpenDataCamp – Bangalore.

Okay coming back to my HappyTuesdays. Its been one of the lowest productive tuesdays. I started with scraper for BBMP financial data. This request came from CitizenMatters. I am half done and I should be able to complete this week. This week I also completed the actual scraping of Coimbatore Property Tax and uploaded it to Internet Archive

It looks like I am going to do lot of web scraping in future too. I have a pattern for all my scraping projects. It’s a waste of time to create that project structure every time and hence I created a bare bone project structure called scraping that I can fork for every new scraping project.

On a side note, Community funding is the only way to build a truly public media to produce consistent and quality journalism. I can’t think of any better candidate than CitizenMatters. So please do contribute to Oorvani foundation. Nothing is small.

Update 18/July/2014:
Citizen matters is running this quote on their website. Thanks for thinking my views are valuable. You can click on it to visit their support page.
quotes_thejesh

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

Indian CA – NIC issues fake Google SSL certificates

Posted by Thejesh GN On July - 11 - 20143 COMMENTS

I was listening to the latest episode of Security Now this morning. I came to know that an Indian CA was issuing a fake SSL certificates for Google subdoamins.

Later got to know that it was NIC as per Google’s blog post

The certificates were issued by the National Informatics Centre (NIC) of India, which holds several intermediate CA certificates trusted by the Indian Controller of Certifying Authorities (India CCA).
The India CCA certificates are included in the Microsoft Root Store and thus are trusted by the vast majority of programs running on Windows, including Internet Explorer and Chrome. Firefox is not affected because it uses its own root store that doesn’t include these certificates.

Its scary because NIC is owned by Govt. of India. As far I know the main use of faked certificates is to do man in the middle attacks. Basically fake the end users that they are Google and read that content. Though the Google blog post doesn’t say which subdomains were faked. Google’s subdomains include Gmail, Drive etc (mail.google.com is Gmail). Which makes it very scary.

At this time, India CCA is still investigating this incident. This event also highlights, again, that our Certificate Transparency project is critical for protecting the security of certificates in the future.

Update Jul 9: India CCA informed us of the results of their investigation on July 8. They reported that NIC’s issuance process was compromised and that only four certificates were misissued; the first on June 25. The four certificates provided included three for Google domains (one of which we were previously aware of) and one for Yahoo domains. However, we are also aware of misissued certificates not included in that set of four and can only conclude that the scope of the breach is unknown.

The intermediate CA certificates held by NIC were revoked on July 3, as noted above. But a root CA is responsible for all certificates issued under its authority. In light of this, in a future Chrome release, we will limit the India CCA root certificate to the following domains and subdomains thereof in order to protect users:
gov.in
nic.in
ac.in
rbi.org.in
bankofindia.co.in
ncode.in
tcs.co.in

Chrome has been updated and I am sure Microsoft also has taken measures. Firefox is clean as they maintain their own root certificates and doesnt include these.

Not sure what else users can do as of now. Try and use Firefox as much as possible.

Also its not a bad idea to access your internet through OpenVPN in a different country. Make sure DNS pings also go through the VPN.

Good work Google Security team.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

Get in touch