Oracle encryption: Ouch

From this article:

The standard encryption mechanism used by Oracle’s (Profile, Products, Articles) database products can be easily circumvented, according to a German security researcher who last week published details on a number of unpatched security”

Ouch. Not what you want to see, bad for Oracle, bad for customers. Not strictly an ELN issue, but it is a good example of one of the reasons why I think you want a very simple, very boring, stand alone PECP (Patent Evidence Creation & Preservation) system:

  • Simple systems are easy to see if they’re working OK, so if there’s a problem you can see it quickly – and less specialist skills are involved.
  • There’s less to go wrong with a simple system.
  • Because the system is standalone and not used for other purposes, there’s less chance that unrelated “events” will compromised your patent evidence.

The business requirements of PECP systems are comparatively simple. The hard part is developing & deploying systems which are robust in the real world. That’s much harder, and it is much less of an IT problem than people think. In fact, a reliable PECP system will probably violate a whole load of “IT best practice”.


In the latest of a number of moves by governments to remove the stranglehold that proprietary file formats have on their infrastructure, the Norwegian Minister of Modernization has said “Proprietary formats will no longer be acceptable in communication between citizens and government”.

How long will it be before industry also wakes up to the problem? There’s no need for proprietary file formats, all it does is increase user lock-in to that specific vendor.

Shirky on “Ontology is overrated”

I’ve had this article in my “must post to blog someday” for quite a while. It is a long, thoughtful look on where Ontologies work and where they don’t.

I have a sense that the world of “managing large amounts of information to the benefit of lots of people” is rapidly changing. There are some traditional approaches which people are trying to implement in the ELN world which aren’t getting much leverage, and there are some newer (whackier) approaches coming from the Internet world which might prove to be very powerful in certain ELN applications.

What I do know is that users instinctively rebel against categorising their “stuff” too finely, so a lot of well-intentioned systems aren’t working as intended – not because they’re badly implemented, but because users don’t think like that (The “Toaster” problem rears it’s ugly head). At the same time, simple collaborative tools like and clones, together with the “Tagging” meme that’s going around at the moment, seem to be effortlessly sorting out something as messy as the Internet.

If you want to know more about then this screencast is a great introduction and is what gave me my “Ah hah!” moment.

Interestingly, I had written this entry and just went to John Udell’s blog to find the correct link to the screencast. Turns out his most recent entry is about Connotea, a service for the scientific community.

Notes from IVT’s ELN Conference in Philadelphia

Last week’s ELN Conference in Philadelphia (run by IVT) was absolutely excellent. You can tell it was a good conference because it brought together a different mix of speakers who themselves learnt a lot from the talks. From talking to the delegates I think they found it very helpful too.

My “ELN Integration Techniques” presentation from the main sessions is now up on the main Amphora web site for your downloading pleasure. If you attended the workshops and want electronic copies of the material used, drop my colleagues an email and we’ll sort out access to the private area of our web site we use to make this available.

I’m spending the weekend in Boston waiting for the IQPC ELN conference which starts Monday. This one is a little more “and here’s some presentations from our sponsors” but giving the workshop is always enjoyable.