0:00:09.000,0:00:11.045
How is that, can you hear me?
0:00:11.045,0:00:13.953
Can I ask for everybody on the end
0:00:13.953,0:00:17.014
who has a seat next to them to move a little bit in
0:00:17.014,0:00:19.988
so that latecomers have a place to sit?
0:00:19.988,0:00:21.979
Just move in one seat.
0:00:21.979,0:00:25.373
As a latecomer often myself, it's a huge gift
0:00:25.373,0:00:28.208
if you walk in and there's a place to sit.
0:00:34.030,0:00:35.158
But not too much,
0:00:35.158,0:00:38.040
because I think they've shut the side doors too, so…
0:00:38.040,0:00:40.000
You're good, you're good.
0:00:41.040,0:00:42.070
OK.
0:00:43.020,0:00:45.481
I am really, really happy to be here.
0:00:47.010,0:00:51.000
My talk is entitled Freedom in my heart and everywhere.
0:00:52.020,0:00:54.879
As just said, I've been involved
0:00:54.879,0:00:57.000
in the Free and Open Source community for a while
0:00:57.000,0:01:00.000
I am the executive director of the GNOME Foundation
0:01:00.000,0:01:02.020
and we'll get to some of that a little bit later
0:01:02.020,0:01:03.692
which is really cool.
0:01:03.692,0:01:08.205
And I, for a long time, was a lawyer at the Software Freedom Law Center.
0:01:09.000,0:01:11.020
Resulting in eventually becoming general council.
0:01:11.020,0:01:13.631
So I had this really lucky opportunity
0:01:13.631,0:01:15.577
to get to know a lot of folks
0:01:15.577,0:01:16.969
in the Free and Open Source software community
0:01:16.969,0:01:18.508
by helping them with all of the crap
0:01:18.508,0:01:20.046
that they didn't want to deal with.
0:01:20.046,0:01:21.403
Really really fun!
0:01:21.403,0:01:24.527
I've been a Free and Open Source enthusiast,
0:01:24.527,0:01:26.388
I'd say, since the nineties
0:01:26.758,0:01:30.169
And I am also a patient
0:01:31.050,0:01:34.000
I have a really, really big heart
0:01:34.785,0:01:36.710
I actually have a huge heart.
0:01:36.710,0:01:38.388
So you think I work for non-profit
0:01:38.388,0:01:41.049
but I actually an enlarged heart
0:01:41.049,0:01:45.000
I have a condition called hypertrophic cardiomyopathy.
0:01:45.000,0:01:46.931
I always get a little bit nervous when I talk about that
0:01:46.931,0:01:48.000
because that sort of say
0:01:48.000,0:01:50.100
my heart is a little broken.
0:01:50.100,0:01:53.000
But it means that I have…
0:01:53.000,0:01:57.000
it's not actual. My heart is very thick
0:01:57.000,0:02:00.154
and that means that it has a hard time beating.
0:02:00.154,0:02:01.169
It's a little bit stiff.
0:02:01.169,0:02:03.115
And it's actually pretty fine.
0:02:03.115,0:02:05.062
I don't have any symptoms yet.
0:02:05.062,0:02:10.000
I just have a very high risk of suddenly dying.
0:02:11.000,0:02:13.462
The term is actually sudden death.
0:02:13.462,0:02:17.123
That's what the doctors tell you when you have HCM
0:02:17.123,0:02:21.000
and you need to enter in this life-long treatment.
0:02:21.000,0:02:24.000
They say you have a high risk of sudden death.
0:02:24.000,0:02:26.023
Which is really terrifying as a patient.
0:02:26.023,0:02:31.000
I have about a two to three chances per year of suddenly dying
0:02:31.000,0:02:36.000
and that compounds, so I've found out about this at age 31
0:02:36.000,0:02:42.000
and over the next decade it was sort of 20 to 30% risk of sudden death.
0:02:43.246,0:02:48.146
Really, really, just a scary thing to hear…
0:02:48.146,0:02:50.769
but there is a solution right now!
0:02:50.769,0:02:53.041
which is to get a defibrillator.
0:02:53.041,0:02:58.020
And what a defibrillator does is it's in your body
0:02:58.030,0:03:01.000
I actually did get one, it's right here.
0:03:01.000,0:03:02.223
It looks really huge there,
0:03:02.223,0:03:04.000
but it's about like this big
0:03:04.000,0:03:06.038
and it's right here.
0:03:06.592,0:03:07.817
It has wires that
0:03:07.817,0:03:09.765
sneak through my blood vessels
0:03:09.765,0:03:11.000
and scour into my heart
0:03:11.000,0:03:14.077
and it basically constantly monitors me
0:03:14.077,0:03:15.469
and it's like having people
0:03:15.469,0:03:16.862
following you around with paddles
0:03:16.862,0:03:20.000
and if I go into a sudden death,
0:03:20.000,0:03:23.000
it will shock me, and I'll be great!
0:03:23.000,0:03:27.231
And I won't die! it's very exciting!
0:03:28.030,0:03:32.000
So, all that is pretty well and good.
0:03:32.000,0:03:37.010
The electro-physiologist that I saw when I told this
0:03:37.010,0:03:39.245
has a bunch of these in his desk drawer,
0:03:39.245,0:03:42.250
just so he can pass it to every patient
0:03:42.250,0:03:45.363
because I think when you see how little this device is,
0:03:45.363,0:03:47.508
it doesn't feel so scary.
0:03:47.508,0:03:49.085
He pushed it over the desk at me,
0:03:49.085,0:03:50.938
I was sitting here with my mother. I pick it up…
0:03:50.938,0:03:52.506
He's like: "Pick it up, see how light it is!"
0:03:52.506,0:03:55.588
So I pick it up and I say "Cool, what does it run?"
0:03:55.588,0:03:58.000
Laughs
0:03:58.000,0:04:05.831
applause
0:04:05.831,0:04:08.077
To which I got a blank look.
0:04:08.825,0:04:11.000
My mother gave my a blank look.
0:04:11.738,0:04:14.200
Surgeon said "What are you talking about?"
0:04:14.200,0:04:16.692
and I said "Well obviously, "
0:04:16.692,0:04:20.000
"this piece of equipment is only as good as its software"
0:04:20.000,0:04:22.050
I mean, it relies on its software to know
0:04:22.050,0:04:24.040
when it is that I'm going to have a sudden death
0:04:24.040,0:04:26.381
whether it is that I run across the street
0:04:26.381,0:04:27.307
when I shouldn't have
0:04:27.307,0:04:29.000
or I decided to run a marathon
0:04:29.040,0:04:31.020
or for no reason at all.
0:04:31.952,0:04:34.295
I'm totally relying on this software to know
0:04:34.295,0:04:36.555
when is the appropriate time to give me a shock
0:04:36.555,0:04:37.393
and when it's not.
0:04:37.393,0:04:41.010
When I need pacing, maybe, or when I don't.
0:04:41.010,0:04:45.080
And the electro-physiologist, of course had no answer at all.
0:04:45.080,0:04:48.000
He said "nobody ever asked me this."
0:04:48.000,0:04:50.020
"I never thought about the software on this device."
0:04:50.020,0:04:53.718
"Hang on, there is a representative from Medtronic"
0:04:53.718,0:04:55.938
"here in our office today."
0:04:55.938,0:04:59.050
"I will get to him, because he is the manufacturer"
0:04:59.050,0:05:02.000
"and surely they have thought about this."
0:05:02.000,0:05:05.050
So, in walks this representative
0:05:05.050,0:05:07.000
and I sort of explain
0:05:07.000,0:05:09.070
"I'm a lawyer at the Software Freedom Law Center"
0:05:09.070,0:05:12.000
"I care about the software on my device"
0:05:12.000,0:05:13.000
"I just want to know: "
0:05:13.000,0:05:14.080
"how does it works? what does it run?"
0:05:14.080,0:05:16.000
"Can you tell me?"
0:05:16.000,0:05:19.000
And he said "Nobody's ever asked me that before".
0:05:19.677,0:05:22.995
So, we had this really interesting conversation and he said:
0:05:23.000,0:05:25.040
"I see that this is a very serious issue"
0:05:25.040,0:05:27.000
"Here is my number."
0:05:27.275,0:05:29.196
"Call me and I'll put you through"
0:05:29.196,0:05:30.947
"to people to talk about this."
0:05:33.030,0:05:38.050
Bolded by this, I called him at Medtronic
0:05:38.050,0:05:40.050
and he gave me the tech line
0:05:40.050,0:05:42.040
and so I kept leaving messages…
0:05:42.040,0:05:45.030
eventually, I kept being bounced around.
0:05:45.030,0:05:48.010
Nobody would talk to me about this.
0:05:48.010,0:05:53.027
I called the other two major medical device manufacturers:
0:05:53.030,0:05:55.000
Boston Scientific and St. Jude
0:05:55.000,0:05:57.992
and neither of them could give me a real answer either.
0:05:58.000,0:06:00.010
Eventually, I started calling and saying
0:06:00.010,0:06:02.000
"Look if someone would let me look at the software,"
0:06:02.000,0:06:06.000
"I'll sign an NDA", You know, really against my principles
0:06:06.000,0:06:10.040
Because, I'm a non-profit activist in the technology world
0:06:10.040,0:06:13.040
I don't want to sign any NDA which would prevent me
0:06:13.040,0:06:15.013
from sharing what I find with somebody else.
0:06:15.013,0:06:15.742
But I though:
0:06:15.742,0:06:18.455
"At least, I'll be able to see the source code"
0:06:18.455,0:06:21.060
"and I'll feel comfortable about what's put in my body"
0:06:21.783,0:06:27.000
But, unfortunately, I was brushed off. I was told no.
0:06:27.000,0:06:31.040
I talked with some people at Medtronic that were sympathetic
0:06:31.040,0:06:33.972
I had access to good doctors
0:06:33.972,0:06:37.010
People said: "Oh, you know, we're Medtronic"
0:06:37.010,0:06:39.030
We care deeply about making sure
0:06:39.030,0:06:41.992
that there are no bugs in the software that we put on these devices.
0:06:42.000,0:06:46.000
Obviously, we wouldn't release it if we didn't think it was safe.
0:06:46.000,0:06:47.000
All these things
0:06:47.000,0:06:49.000
You must trust us.
0:06:49.000,0:06:52.708
Doctor say, the Food and Drugs Administration,
0:06:52.708,0:06:54.035
the FDA in the United States,
0:06:54.035,0:06:55.285
approves these devices
0:06:55.285,0:06:58.846
So clearly, you're over reacting.
0:06:58.846,0:07:03.070
And when I was talking to that same electro-physiologist on the phone
0:07:03.070,0:07:05.871
and said I'm really troubled by this, because
0:07:05.871,0:07:09.030
I think about all the people that have these devices.
0:07:09.030,0:07:11.000
Some of them are quite powerful
0:07:11.000,0:07:13.000
Dick Cheney had one at the time.
0:07:13.000,0:07:15.874
He has a more impressive device now,
0:07:15.874,0:07:18.354
that continually circulate his blood
0:07:18.354,0:07:20.646
so he has no pulse.
0:07:20.646,0:07:25.169
It's a fascinating, fascinating device, yeah!
0:07:28.000,0:07:30.000
There are a lot of prominent people that…
0:07:30.000,0:07:32.525
the demographic that get this devices
0:07:32.525,0:07:35.373
are often in some powerful positions
0:07:35.373,0:07:38.010
So you can easily imagine a situation where
0:07:38.010,0:07:40.080
someone would be wanting to shut down these devices.
0:07:40.080,0:07:40.080
And the electro-physiologist that I spoked to on the phone[br]someone would be wanting to shut down these devices.
0:07:40.080,0:07:43.629
And the electro-physiologist that I spoked to on the phone
0:07:43.629,0:07:46.010
got so upset, he got so upset…
0:07:46.010,0:07:48.000
that he hang up on me.
0:07:48.030,0:07:52.000
He said "I think you're up to something"
0:07:52.000,0:07:53.192
"I don't understand"
0:07:53.192,0:07:55.000
"I don't know why you're so upset about this."
0:07:55.000,0:07:57.000
"If you want to get a device, I'll help you"
0:07:57.000,0:08:02.020
"But I think, I just don't, I think you're… you're…"
0:08:02.020,0:08:03.000
Hang up.
0:08:03.000,0:08:05.010
and I think it was really scary
0:08:05.010,0:08:07.070
because he told me at the beginning of talking to him
0:08:07.070,0:08:10.000
that he installed these devices all the time
0:08:10.000,0:08:13.020
He installs sometime several devices a day.
0:08:13.020,0:08:16.491
So the idea that he could be
0:08:16.491,0:08:17.732
not even asking questions
0:08:17.732,0:08:19.542
about the software that runs on these devices
0:08:19.542,0:08:21.000
was pretty terrifying to him.
0:08:21.000,0:08:23.000
So I put the whole thing off.
0:08:23.000,0:08:24.297
And I just said, you know,
0:08:24.297,0:08:25.465
I can't think about this.
0:08:25.465,0:08:26.846
It's so terrifying.
0:08:26.846,0:08:27.841
Am I really going to get
0:08:27.841,0:08:29.158
proprietary software in my body?
0:08:29.158,0:08:30.020
I don't know
0:08:30.020,0:08:34.000
Plus the whole "mortality thing"
0:08:34.000,0:08:36.000
and getting a piece of equipment
0:08:36.000,0:08:38.000
sewn into your body.
0:08:38.000,0:08:40.000
It's really a lot to deal with
0:08:40.000,0:08:41.050
So I kept putting it off
0:08:41.050,0:08:43.030
and eventually I couldn't anymore
0:08:43.030,0:08:48.000
because friends and family kept asking me about it
0:08:48.000,0:08:52.000
and saying "We're so worried about you"
0:08:52.000,0:08:53.649
"We know that you can die at anytime"
0:08:53.649,0:08:56.647
My mother, you know, off course don't have a land line
0:08:56.647,0:08:59.055
and I don't have a great mobile reception in my apartment
0:08:59.055,0:09:01.070
and my mother, if I didn't called her back within a hour
0:09:01.070,0:09:02.998
would start calling all my friends
0:09:02.998,0:09:04.853
saying "Have you speak to Karen today?"
0:09:04.853,0:09:06.046
"Do you know if she's OK?"
0:09:06.046,0:09:08.908
I went to brunch with a friend, and she asked me
0:09:08.908,0:09:10.716
how this process was going.
0:09:10.716,0:09:14.000
And I said "Well nobody from medical companies are calling me back,"
0:09:14.000,0:09:16.060
"and you know, I'm sure I'll work it out."
0:09:16.060,0:09:18.070
And she just burst into tears and she said
0:09:18.070,0:09:22.020
"You know, you could die. Today."
0:09:22.020,0:09:25.020
"and I just can't deal with that"
0:09:25.020,0:09:26.040
"If you don't take care of this,"
0:09:26.040,0:09:27.850
"I don't know if I can be friend with you"
0:09:27.850,0:09:30.165
"because this is a serious thing"
0:09:30.165,0:09:31.404
"and you're ignoring it for…"
0:09:31.404,0:09:34.000
what she considered to be an esoteric issue.
0:09:34.000,0:09:38.000
I really understood that and I really didn't have a choice
0:09:38.000,0:09:40.000
So I got a device
0:09:40.000,0:09:41.666
I got it implanted
0:09:41.666,0:09:44.218
and it took sometime to…
0:09:51.080,0:09:54.398
It took some time to recover from the surgery
0:09:54.398,0:09:59.409
and also to really think about
0:09:59.409,0:10:01.189
my own situation in a more abstract way
0:10:01.189,0:10:02.154
to do some research.
0:10:02.154,0:10:03.542
But I swore that if I got the device
0:10:03.542,0:10:06.362
I would do some research and I would write a paper
0:10:06.362,0:10:10.230
and I would talk about the issues that came up
0:10:10.230,0:10:12.030
that the medical profession
0:10:12.030,0:10:15.020
or at least the medical professionals that I dealt with
0:10:15.020,0:10:17.020
had no answer for.
0:10:17.020,0:10:22.000
So, the things that I found out when I wrote my paper were
0:10:22.000,0:10:25.389
things that would surprise you and things that would not surprise you.
0:10:26.020,0:10:27.404
Software has bugs.
0:10:27.404,0:10:29.588
I really wanted a picture of the crickets
0:10:29.588,0:10:31.738
that were in my room last night
0:10:31.738,0:10:33.030
that fellow keynoters…
0:10:33.030,0:10:34.060
*they are cockroaches*
0:10:34.070,0:10:36.000
They are cockroaches?
0:10:36.000,0:10:38.000
These are cockroaches.
0:10:38.000,0:10:40.000
*So where are they?*
0:10:40.000,0:10:43.000
But Paul and Jake got them out of my room.
0:10:43.000,0:10:45.000
So that was really exciting.
0:10:45.000,0:10:47.010
We were joking that I was going to talk about real bugs
0:10:47.010,0:10:48.040
instead of software bugs.
0:10:48.040,0:10:51.010
But, so, software has bugs.
0:10:51.010,0:10:57.000
And medical devices as like as Matthew Garrett said
0:10:57.010,0:10:58.030
will have bugs
0:10:58.030,0:11:01.010
because the software engineering institute estimates that
0:11:01.010,0:11:04.010
there is about one defect for every one hundred lines of code.
0:11:04.010,0:11:08.330
So even if a majority of the bugs are caught in testing,
0:11:08.440,0:11:11.018
even if three quarters of the bugs are caught in testing,
0:11:11.018,0:11:13.000
that's still a lot of bugs.
0:11:13.000,0:11:19.000
There's a study that I read that looked at
0:11:19.583,0:11:24.000
recalls of devices that were published by the FDA.
0:11:25.455,0:11:30.430
Basically, the study looked at all of the recalls
0:11:30.440,0:11:34.200
and determined which ones they can tell were from software failures
0:11:34.200,0:11:35.750
and then they evaluated those
0:11:35.760,0:11:39.160
and the ones that they could tell enough
0:11:39.170,0:11:41.610
about what the problem was from the software
0:11:41.610,0:11:44.710
ninety-eight percent of them would have been detected
0:11:44.710,0:11:47.000
with simple all-pairs testing.
0:11:47.650,0:11:51.490
So, basic testing that you would expect
0:11:51.490,0:11:54.920
for any kind of technical piece of equipment.
0:11:54.920,0:11:59.280
So yes, the FDA has some review over these devices
0:11:59.290,0:12:03.620
but if the companies aren't doing basic testing
0:12:03.630,0:12:05.370
what are we doing?
0:12:05.380,0:12:08.000
So, software has bugs.
0:12:08.000,0:12:10.000
We know this, here in this room.
0:12:10.000,0:12:13.000
Another thing that most of us here know is
0:12:13.000,0:12:15.500
that security through obscurity doesn't work.
0:12:15.705,0:12:19.170
And this is something that seems very counter intuitive
0:12:19.170,0:12:21.640
for the folks that are not in this room.
0:12:21.650,0:12:26.770
Every person who I started to about this in the medical profession said:
0:12:26.770,0:12:28.160
"But I don't understand:"
0:12:28.160,0:12:31.040
"Why would you want people to be able to see the software?"
0:12:31.050,0:12:33.450
"If people can see the source code,"
0:12:33.450,0:12:36.450
"it will be that much easier to break into it."
0:12:36.450,0:12:39.440
But as we all know, that's not quite true.
0:12:39.460,0:12:41.960
And in fact, by publishing the source code,
0:12:41.970,0:12:44.000
everybody can see it, it will be a lot safer.
0:12:44.000,0:12:46.380
But this is a major point that actually
0:12:46.400,0:12:49.000
I address in my paper Killed By Code
0:12:49.000,0:12:53.120
which go systematically through a lot of the research
0:12:53.130,0:12:57.000
that shows how security professionals agree with that assertion.
0:12:57.200,0:13:02.680
So, what we have is actually the worst of both worlds.
0:13:02.680,0:13:07.110
We have closed code, so it doesn't have the safety
0:13:07.110,0:13:09.010
of having a lot of people reviewing it.
0:13:09.102,0:13:12.480
But we also have no security on these devices.
0:13:12.490,0:13:15.000
A lot of these devices are broadcasting wirelessly.
0:13:15.000,0:13:16.590
That's the standard right now.
0:13:16.620,0:13:20.740
When I found out about that, I was totally freaked out.
0:13:20.760,0:13:23.235
What do you mean,
0:13:23.235,0:13:26.084
my heart device is going to be continuously broadcasting?
0:13:28.040,0:13:30.240
Thinking the conferences that I go to,
0:13:30.250,0:13:31.260
the people I hang out with,
0:13:31.260,0:13:31.280
I don't want my information being broadcasted.[br]the people I hang out with,
0:13:31.280,0:13:35.000
I don't want my information being broadcasted.
0:13:35.000,0:13:37.829
So this is one of the things I brought up with
0:13:37.829,0:13:39.230
the different doctors that I spoke to.
0:13:39.250,0:13:41.530
I actually, as you might imagine,
0:13:41.550,0:13:44.610
I got rid of that electro-physiologist that hang up on me.
0:13:44.630,0:13:47.070
And I went from cardiologist to cardiologist
0:13:47.070,0:13:50.170
to find someone who really understood these problems
0:13:50.170,0:13:52.730
or at least why I was so worried about them.
0:13:52.740,0:13:56.000
And I finally found a great cardiologist
0:13:56.000,0:13:57.860
and a great electro-physiologist.
0:13:57.880,0:14:02.940
Who said "I have never thought about this issue"
0:14:02.950,0:14:05.560
"but I understand why it could be a problem."
0:14:05.570,0:14:08.820
"You need this device. You can't wait another day."
0:14:08.820,0:14:11.410
"But I'm going to work with you and see ways"
0:14:11.410,0:14:14.470
"that we can at least address some of the things that you're worried about."
0:14:14.480,0:14:19.000
So, one of the things that my electro-physiologist did
0:14:19.000,0:14:22.000
was that he called around from hospital to hospital
0:14:22.000,0:14:24.510
until he found an old device.
0:14:24.510,0:14:28.900
So he said that I've got a simple heart condition.
0:14:28.930,0:14:31.220
All that I need to do is to have a device that's going to
0:14:31.220,0:14:33.900
be monitoring for a dangerous rhythm
0:14:33.900,0:14:36.400
and if I get a dangerous rhythm, it will shock me.
0:14:36.410,0:14:40.190
It's a much more simple algorithm than what the newer devices do.
0:14:40.190,0:14:42.000
So a lot of the newer devices have this
0:14:42.000,0:14:45.010
complex pacing algorithm for people who have a wide variety of problems.
0:14:45.010,0:14:47.710
You'd understand why the medical companies do this.
0:14:47.750,0:14:52.220
They do it because these devices are very difficult to make.
0:14:52.220,0:14:53.790
They're precision manufacturers.
0:14:53.820,0:14:57.300
And if they can get these devices that work for a broader range of cases
0:14:57.300,0:14:59.000
then that's all the better.
0:14:59.000,0:15:01.590
And then you never know what kind of additional complications
0:15:01.600,0:15:03.465
that people are going to be developing.
0:15:03.465,0:15:05.620
So, I don't have any symptoms now
0:15:05.620,0:15:07.000
but I might develop them
0:15:07.000,0:15:08.770
and it's great to have the pacing technology.
0:15:08.790,0:15:11.170
But my electro-physiologist, my cardiologist said
0:15:11.318,0:15:15.838
"Great, I now that you have a simple need here"
0:15:15.838,0:15:17.610
"so why don't I find you an old device?"
0:15:17.620,0:15:19.360
So I actually have an older device
0:15:19.360,0:15:21.750
that communicate using magnetic coupling
0:15:21.750,0:15:24.259
and not through wireless technology
0:15:24.259,0:15:28.970
but my father has a wireless enabled pacemaker
0:15:28.980,0:15:31.600
and when he walks into a room in the technician's office
0:15:31.630,0:15:32.910
they just change his pulse.
0:15:33.128,0:15:36.480
So, before he even sits down
0:15:36.490,0:15:38.350
they know so much about him
0:15:38.350,0:15:40.770
and they have the ability to really affect him.
0:15:40.858,0:15:42.330
It's incredible.
0:15:43.590,0:15:47.220
But as you can see at the last point on this slide
0:15:47.220,0:15:48.720
these devices have been hacked.
0:15:48.740,0:15:51.800
A university think-tank…
0:15:51.820,0:15:55.460
actually a think-tank of a couple of universities worked together
0:15:55.460,0:15:59.540
and showed that using just commercially available equipment
0:15:59.550,0:16:02.010
you can hack into these devices and take control of them.
0:16:02.351,0:16:05.920
They were able to not only deliver shocks,
0:16:06.010,0:16:07.150
which is terrifying.
0:16:07.150,0:16:07.170
I once had my device shock me in error[br]which is terrifying.
0:16:07.170,0:16:09.200
I once had my device shock me in error
0:16:09.200,0:16:12.600
and I can tell you it's like being kicked in the chest.
0:16:12.950,0:16:16.820
You are basically out of commission
0:16:16.830,0:16:17.830
at least for a few minutes
0:16:17.840,0:16:20.180
I had to sit down and it was so exhausting
0:16:20.190,0:16:23.000
just the surprise of it and the worry
0:16:23.000,0:16:25.310
that I went to sleep for a few hours afterwards.
0:16:25.310,0:16:29.190
It's pretty enduring.
0:16:29.190,0:16:32.200
So not only that.
0:16:32.290,0:16:33.650
They were able to deliver the shock,
0:16:33.670,0:16:38.000
but they were also able to stop the delivering treatment.
0:16:38.000,0:16:40.840
If the device was pacing, they could stop the pacing
0:16:40.840,0:16:42.980
and a lot of people require their pacing
0:16:42.980,0:16:42.990
in order to just live.[br]and a lot of people require their pacing
0:16:42.990,0:16:44.290
in order to just live.
0:16:44.760,0:16:46.460
A lot of people can't walk up a flight of stairs.
0:16:46.470,0:16:49.227
My father is of these, if his pacing is disrupted.
0:16:49.520,0:16:53.910
They were also able to get key information off
0:16:53.910,0:16:54.780
of these devices.
0:16:54.780,0:16:59.538
Like medical ID numbers, doctor's names,
0:17:00.412,0:17:04.630
serial numbers… a lot of personal information that's broadcasting
0:17:04.640,0:17:07.950
and there's no encryption of any kind on these devices.
0:17:07.960,0:17:10.060
It's pretty scary.
0:17:10.070,0:17:12.540
They were also able to put these devices into test mode.
0:17:12.720,0:17:14.600
And what that does is it slowly runs on the battery
0:17:14.600,0:17:16.980
Err… runs down the battery at a much faster rate
0:17:17.000,0:17:20.000
than in normal circumstances
0:17:20.000,0:17:22.410
and these devices are only as good as their batteries.
0:17:22.770,0:17:25.378
So if my battery runs out on my device
0:17:25.805,0:17:28.000
I need a new device, which means surgery.
0:17:28.000,0:17:30.158
So, these devices have be hacked.
0:17:30.158,0:17:33.077
It was after I was diagnosed that that happened
0:17:33.077,0:17:36.138
but then I called up the doctor and said: "See?!"
0:17:36.138,0:17:43.000
Clapping
0:17:43.000,0:17:45.860
So the doctor really relies on the fact that
0:17:45.870,0:17:47.850
these devices are approved by the FDA
0:17:47.850,0:17:50.946
in the United States, and similar regulatory bodies elsewhere.
0:17:51.808,0:17:55.966
So, as a good lawyer, I went and researched the FDA
0:17:55.966,0:17:57.790
mechanism for approval of software
0:17:57.810,0:18:00.082
And what I found, is that the FDA
0:18:00.082,0:18:02.860
doesn't even typically review the source code on these devices
0:18:02.860,0:18:06.280
Unless there is something obviously wrong with the software
0:18:06.280,0:18:08.995
they generally don't even ask to see it
0:18:11.645,0:18:14.860
There isn't actually a clear set of requirements for the software even
0:18:14.950,0:18:19.350
and there are reasons for all these decisions of the FDA
0:18:19.360,0:18:23.700
but we think the FDA is doing a lot more than it turns out that they are.
0:18:23.710,0:18:26.175
The fact that they don't have a clear set of requirements
0:18:26.175,0:18:28.171
is connected to the fact that
0:18:28.171,0:18:31.790
they say that the companies that design these devices
0:18:31.930,0:18:33.640
because they are so specialty
0:18:33.640,0:18:36.460
and because they are so particular to each manufacturer
0:18:36.470,0:18:40.000
There are probably tests that are specific to those devices
0:18:40.010,0:18:43.460
and the people who know these devices best are the manufacturer
0:18:43.583,0:18:46.769
and therefore they are the ones that need to design what the tests are.
0:18:46.769,0:18:47.983
And there is some back and forth
0:18:47.983,0:18:49.610
about whether they've done the right tests or not,
0:18:49.610,0:18:51.607
but the truth of matter is that at the end of the day,
0:18:51.607,0:18:54.400
there's nobody at the FDA that even sees the source code.
0:18:54.615,0:18:56.850
Because they are not requesting the source code
0:18:56.950,0:18:59.400
they don't even have a repository of it.
0:18:59.648,0:19:03.850
So if there is catastrophic failure at Medtronic for example
0:19:04.010,0:19:07.320
I don't know that there is a canonical repository
0:19:07.330,0:19:09.220
for the software that I would have access to
0:19:09.250,0:19:13.310
and without being able to update the software on my device
0:19:13.320,0:19:15.340
I may get surgery to get a new one.
0:19:15.500,0:19:18.440
So, if there is a problem
0:19:18.550,0:19:26.129
my doctor, or truthfully some programming-savvy doctor
0:19:26.129,0:19:29.470
I can find or would be able to work with
0:19:29.510,0:19:33.230
to write a patch for my device, should there be a bug
0:19:33.260,0:19:34.320
or should we find it out
0:19:35.920,0:19:38.950
I actually spoke on a panel, with a guy
0:19:38.960,0:19:40.650
in cyber-security at the FDA
0:19:40.650,0:19:42.260
and I was really, really nervous
0:19:42.270,0:19:44.670
because I did as much as I could as a lawyer
0:19:44.670,0:19:46.370
I did all the research I could about the FDA
0:19:46.370,0:19:49.920
but I was not sure if this was actually
0:19:49.920,0:19:52.260
the case in practice so I put up the slide and I said
0:19:52.270,0:19:55.937
John, tell me if I am wrong, but this is what I think it is.
0:19:55.937,0:19:57.788
This is the way I think it is!
0:19:57.788,0:20:00.490
And I followed with a slide about Free and Open Source Software
0:20:00.490,0:20:02.930
and why is it so much better, and so much safer
0:20:02.950,0:20:06.160
and as soon as he came up to speak he said:
0:20:06.233,0:20:10.610
"Everybody thinks that the FDA should do this, the FDA should do that"
0:20:10.620,0:20:12.840
"but we just don't have the resources"
0:20:13.013,0:20:16.470
"and that is not what the FDA is set up to do"
0:20:16.470,0:20:18.230
and he paused, and looked at me
0:20:18.230,0:20:19.954
and just as I was about to… you know.
0:20:19.954,0:20:22.953
And he said: "But you are saying something different"
0:20:22.953,0:20:27.000
"You are saying, we let everybody else review the source code"
0:20:27.005,0:20:29.141
"That is something very interesting!"
0:20:36.246,0:20:42.220
So, making sure that our devices have software published
0:20:42.220,0:20:43.320
means that anyone can review it
0:20:43.340,0:20:47.000
My dad, who has that pacemaker is also an engineer
0:20:47.000,0:20:48.800
and a fortunate programmer.
0:20:48.800,0:20:50.260
He probably would have looked over it.
0:20:50.290,0:20:52.451
Many of us know people with pacemaker.
0:20:52.451,0:20:54.610
we would scour that code, for sure!
0:20:57.680,0:20:59.330
One other thing that I found out
0:20:59.330,0:21:00.680
which is a little bit weird
0:21:00.920,0:21:04.020
is that because these devices in the United States
0:21:04.020,0:21:07.050
are approved by a federal agency
0:21:07.560,0:21:11.009
patients are preempted from suing under State True Law.
0:21:11.009,0:21:13.790
So there is a whole avenue of remedy that patients
0:21:13.800,0:21:16.808
normally get, which the medical manufacturers
0:21:16.808,0:21:17.936
don't even have to worry about.
0:21:17.936,0:21:20.810
So now, I mean, I am not saying that the medical device companies
0:21:20.810,0:21:23.170
don't care if their patients die, obviously they do.
0:21:23.190,0:21:27.940
But there is a whole part of legal remedies that aren't even available
0:21:30.460,0:21:33.140
Really amazing, this research, and I have all of this set out
0:21:33.140,0:21:35.128
in this paper I wrote that is available on
0:21:35.128,0:21:37.548
the Software Freedom Law Center's website.
0:21:38.030,0:21:43.123
All this results in the fact that I don't have freedom in my own body.
0:21:43.427,0:21:47.440
I am not allowed to review the software that is implanted in it.
0:21:47.572,0:21:50.500
It's literally connected in and screwed into my heart
0:21:50.500,0:21:51.740
and I can't take a look at it.
0:21:51.928,0:21:53.992
it's unbelievable to me.
0:21:55.392,0:21:58.760
My mind is blown at the fact that the situation happened to me
0:21:58.770,0:22:00.810
It is a little bit freakish that I was a lawyer
0:22:00.810,0:22:01.950
at the Software Freedom Law Center
0:22:01.960,0:22:04.640
and I happened to have this weird heart condition, I admit.
0:22:04.660,0:22:08.030
but still just mind-blowing.
0:22:08.163,0:22:09.940
I didn't even had a choice.
0:22:10.113,0:22:13.636
The choice was either, you're extremely likely to die,
0:22:13.636,0:22:15.670
or you can get this device in your body
0:22:15.880,0:22:20.030
I hope that nobody in this room has to face that choice, but it was
0:22:20.040,0:22:22.110
really, really scary.
0:22:23.522,0:22:25.627
And then I started thinking about it,
0:22:25.872,0:22:29.330
and you know, it's not just the heart devices.
0:22:29.656,0:22:33.185
It's anything that our lives in our society rely on.
0:22:33.835,0:22:38.750
And as I thought about it, I realized that this actually touches on
0:22:38.770,0:22:43.428
a lot more areas of our lives than I thought it was.
0:22:46.750,0:22:48.770
For example, cars.
0:22:51.476,0:22:57.870
Like the university think tank that worked on those medical devices
0:22:57.870,0:23:02.070
and I would say, if you have time in our board, you should totally read that study.
0:23:02.080,0:23:08.000
It's fascinating, they implanted that device into a bag of bacon or meat of some kind
0:23:08.000,0:23:12.000
to stimulate it and they show all the equipment that you can find anywhere
0:23:12.745,0:23:15.350
that they used to hack into it.
0:23:15.821,0:23:18.870
But the same process as done with cars.
0:23:19.090,0:23:23.040
And a different think tank showed that they were able
0:23:23.060,0:23:25.880
to hack into two different brands,
0:23:25.910,0:23:28.000
two different manufacturer cars.
0:23:29.940,0:23:33.650
So the IEEE says that a premium class car
0:23:33.680,0:23:35.510
has close to 100 million lines of code.
0:23:35.580,0:23:39.610
So if we think back to what the Software Engineering Institute said
0:23:39.630,0:23:42.390
about one bug for every 100 lines of code
0:23:42.390,0:23:46.250
that's a lot of bugs, just in your car.
0:23:49.570,0:23:51.640
And what this think tank was able to do,
0:23:51.640,0:23:53.950
was all the things you might expect.
0:23:53.960,0:23:57.610
They are able to cause the car to accelerate, to brake.
0:23:57.880,0:24:02.645
They were able to control each wheel of a car individually.
0:24:02.852,0:24:05.662
And my favorite part, just for kicks,
0:24:05.662,0:24:08.455
I don't know if you can see, but
0:24:08.455,0:24:11.249
they're able to put a message on the dash
0:24:11.490,0:24:15.000
and so, they said pwnd and there is a little
0:24:15.000,0:24:19.020
x-eyed emoticon there.
0:24:19.692,0:24:23.093
The idea that they are able to take control over
0:24:23.093,0:24:25.255
two different brands of premium class cars
0:24:25.255,0:24:28.508
is really amazing to me.
0:24:30.510,0:24:34.700
Voting machines is another area that is super critical
0:24:34.700,0:24:36.180
and we've actually been talking about.
0:24:36.200,0:24:38.389
A lot of security experts have been talking about.
0:24:38.389,0:24:40.520
the problems with their voting machines.
0:24:40.520,0:24:45.070
In the United States, we rely on Diebold
0:24:45.070,0:24:49.000
and a lot of private manufacturers.
0:24:51.600,0:24:54.190
We have had problems with calibration.
0:24:54.200,0:24:58.040
I don't know if you've seen, but there is this hilarious cartoons
0:24:58.060,0:25:00.628
of people trying to vote for the right candidate
0:25:00.628,0:25:03.240
and the name of the candidate they want to vote for
0:25:03.270,0:25:06.560
moving around the screen, you sort of trying to poke after it
0:25:06.570,0:25:08.470
and eventually, whatever you wanted to do it says:
0:25:08.480,0:25:12.920
"You wanted to vote for the opposite candidate, right? right?"
0:25:13.020,0:25:16.260
And it's very difficult to know because we sometimes
0:25:16.290,0:25:18.390
don't have a verification of paper receipt
0:25:18.420,0:25:21.790
we don't even know that our vote was counted properly
0:25:21.800,0:25:25.020
and we were able to vote candidate in the end.
0:25:26.238,0:25:29.800
Really weird, as this is the basis of our society
0:25:29.820,0:25:32.094
and the backbone of our democracy.
0:25:33.308,0:25:35.020
I love what they did in Brazil.
0:25:35.210,0:25:38.408
I don't know if you guys heard about this, but Brazil said:
0:25:38.408,0:25:42.846
"We know that software has vulnerabilities and software has bugs."
0:25:42.846,0:25:46.027
"So we're gonna invite teams of hackers to come in,"
0:25:46.027,0:25:47.948
"we're gonna give you the source code"
0:25:47.948,0:25:49.985
"and we're gonna give a prize"
0:25:49.990,0:25:52.414
"to anybody who find a way to…"
0:25:52.414,0:25:55.000
"who finds a vulnerability to get into the system"
0:25:55.000,0:25:59.959
All those teams, two of them were able to find bugs.
0:25:59.959,0:26:03.550
They say that neither of them would have affected
0:26:03.570,0:26:08.600
an election, but they were able to fix those bugs.
0:26:08.792,0:26:10.930
And those hackers got a prize.
0:26:10.930,0:26:12.960
Democracy is safer.
0:26:12.970,0:26:14.970
Security through obscurity doesn't work.
0:26:14.970,0:26:17.330
I don't know when we're going to figure this out,
0:26:17.340,0:26:20.790
but Brazil has got it done. So it's possible.
0:26:21.700,0:26:24.250
Our financial institutions, yeah, it's exciting!
0:26:24.270,0:26:27.430
Financial institutions are an other area we've seen recently
0:26:27.430,0:26:31.910
how bad it can be when our trusted institutions fail.
0:26:32.330,0:26:35.555
A lot of these institutions are running software
0:26:35.555,0:26:37.464
and our stock markets
0:26:37.464,0:26:39.250
and the operations of our banks.
0:26:39.250,0:26:43.010
These are all things that are critical
0:26:43.010,0:26:45.944
to just the way we live our lives.
0:26:45.944,0:26:50.078
It's more of a societal thing but we've already seen
0:26:50.078,0:26:51.966
that there are vulnerabilities there.
0:26:52.440,0:26:57.240
So, all this to say, it sounds heavy-handed
0:26:57.250,0:27:01.040
but my medical device can be controlled!
0:27:01.488,0:27:04.010
Our cars can be controlled and interfered with
0:27:04.014,0:27:06.420
and our financial institutions can be compromised.
0:27:07.850,0:27:13.260
I think we can all agree that our society and life-critical software must be safe.
0:27:13.810,0:27:16.250
But we're in a really interesting time right now.
0:27:16.498,0:27:22.150
Because how do we know what software that we use is life and society-critical?
0:27:22.720,0:27:25.224
The way that we use computers has totally changed
0:27:25.224,0:27:27.520
very very rapidly and very recently.
0:27:29.160,0:27:33.330
I've been astounded how people of all ages have started using computers
0:27:33.350,0:27:35.510
in a way that they never have before.
0:27:36.400,0:27:40.530
It's no longer specific tech-savvy people that are computing.
0:27:40.530,0:27:44.620
It's everybody, it's our grandparents, it's everyone.
0:27:44.621,0:27:47.290
And we're using our software for everything,
0:27:48.160,0:27:52.000
it's become how we do everything
0:27:52.159,0:27:54.017
How we communicate with each other.
0:27:54.345,0:27:56.620
How we talk on the phone
0:27:56.798,0:28:00.170
How we write, how we create art
0:28:00.310,0:28:04.000
How we handle our educational institutions
0:28:04.010,0:28:05.620
and how we manage our lives
0:28:06.300,0:28:08.080
We're building this infrastructure
0:28:08.110,0:28:10.823
and we're not really even thinking about it
0:28:11.862,0:28:15.876
A lot of people are using their phones to monitor things like their
0:28:16.715,0:28:19.290
exercise schedules and their diet
0:28:20.042,0:28:24.280
it's very convenient because you're keeping track of what you've eaten
0:28:24.300,0:28:27.380
as you go, or what you do
0:28:27.420,0:28:32.920
Some phone have pedometers, functionality built-in
0:28:33.140,0:28:35.506
and that's kind of basic and fundamental
0:28:35.506,0:28:38.710
but there is already software for the iPhone
0:28:39.160,0:28:42.050
that can talk to an implanted insulin pump
0:28:42.670,0:28:48.300
and compare your exercise and your diet information
0:28:48.300,0:28:51.792
with your blood sugar levels on your insulin pump
0:28:52.105,0:28:56.065
So now, suddenly, we're back to were I was with my medical device.
0:28:56.065,0:28:59.191
You got an iPhone that you're relying on for your life.
0:28:59.450,0:29:03.997
So, we're building all this infrastructure,
0:29:03.997,0:29:05.795
and we're willing to think about it
0:29:06.720,0:29:08.850
which is why the desktop is so important
0:29:09.030,0:29:11.700
This is where sort of all this all fits in to
0:29:11.820,0:29:15.570
my personal story and why I left the Freedom Software Law Center
0:29:15.580,0:29:18.000
which I loved and felt like the luckiest lawyer in the world
0:29:18.030,0:29:21.200
for being able to work there and been to the Gnome Foundation
0:29:21.220,0:29:22.795
which I also left.
0:29:24.390,0:29:27.570
And I say the desktop in quotes because I am talking about
0:29:27.570,0:29:29.580
these ways that we interact with our computing
0:29:29.590,0:29:32.030
in the ways that we manage our lives through software
0:29:33.145,0:29:36.235
We've reached the point where software must be usable by everyone.
0:29:36.235,0:29:38.620
I think everybody here
0:29:38.630,0:29:42.520
probably knows an older person, who as of a few years ago
0:29:42.520,0:29:44.728
probably never did anything with their computer.
0:29:44.728,0:29:46.901
My mother was one of these people.
0:29:47.512,0:29:51.150
I remember when I was a kid I kept saying
0:29:51.160,0:29:53.200
"but mom look at these cool games!"
0:29:53.242,0:29:54.310
"Not interested"
0:29:54.340,0:29:57.010
And I remember when I was in college and I said:
0:29:57.030,0:30:00.170
"Mom if we could talk by email, it could be so much better!"
0:30:00.340,0:30:01.190
Nothing…
0:30:01.370,0:30:04.060
I remember in Law School, I was saying
0:30:04.080,0:30:07.100
"Mom I can do all this great research using my computer,"
0:30:07.110,0:30:09.300
"I don't have to sit all day in a library, it's awesome"
0:30:09.300,0:30:10.000
Nothing…
0:30:10.990,0:30:15.450
Later I tried to say "mom I'm going to organize my travel using the computer!"
0:30:15.610,0:30:18.100
Suddenly, she was slightly interested
0:30:18.350,0:30:22.680
and now, with everything that has come to pass
0:30:22.690,0:30:24.624
she can't do anything without her computer now
0:30:24.624,0:30:26.386
Now, her computer has become…
0:30:26.540,0:30:30.349
The first thing that she does, she emails and text to her friends
0:30:30.349,0:30:33.910
she does her travels, she manages her finances
0:30:33.920,0:30:36.120
it's spectacular to me because
0:30:36.150,0:30:38.735
I didn't use my father because he was an engineer
0:30:39.090,0:30:41.900
but my mother was really a bit of a technophobe
0:30:41.930,0:30:44.250
And now she loves Apple
0:30:44.470,0:30:45.540
LOVES APPLE
0:30:45.560,0:30:48.310
She can use her computer to do… She doesn't have to think about it
0:30:48.320,0:30:52.457
It's great, and it's very frustrating to me
0:30:54.250,0:30:57.660
But I'm excited for her because she now can use a computer
0:30:57.660,0:31:00.150
and it's something she owns now
0:31:00.160,0:31:03.950
She doesn't ask me a question, well she does…
0:31:03.980,0:31:08.000
But she doesn't think that there is any reason why
0:31:08.000,0:31:11.761
these devices are not targeted at her
0:31:11.761,0:31:17.578
and she is very much a representative of the majority of our society.
0:31:17.578,0:31:20.810
And these are people, only a few years ago, would not have been
0:31:20.810,0:31:23.900
that able to do very much with their computer.
0:31:24.945,0:31:28.848
We need to appeal to these people because they are the ones
0:31:28.848,0:31:31.292
that are making choices like supporting iPhone
0:31:31.292,0:31:33.990
to put in their exercise and diet regimes to talk
0:31:34.000,0:31:34.820
to their insulin pumps.
0:31:34.830,0:31:39.039
These are the kind of things that we need to really worry about.
0:31:39.039,0:31:45.030
because if we can't make our software easy to use by everybody,
0:31:45.350,0:31:47.063
no one is gonna want to use it.
0:31:47.292,0:31:50.565
And we have an opportunity now
0:31:50.565,0:31:52.442
a window that is slowly closing
0:31:52.619,0:31:54.870
because we're making choices now
0:31:54.870,0:31:56.691
that we're gonna have to live with for a long time.
0:31:56.691,0:31:58.500
We're building habits, we're building expectations
0:31:58.689,0:32:02.797
and we're establishing the metrics in our society for what is
0:32:02.797,0:32:04.771
acceptable software and what isn't.
0:32:07.931,0:32:10.580
I'm not gonna read these to you, you guys are here,
0:32:10.590,0:32:14.570
at LinuxConfAU, you know all the awesome reasons
0:32:14.590,0:32:16.710
why you should use Free and Open Source software
0:32:16.730,0:32:18.630
You're here for all those reasons
0:32:18.660,0:32:20.450
including that it's just really fun.
0:32:20.570,0:32:22.450
We've been having a great time here,
0:32:22.460,0:32:24.240
and learning about all sorts of really cool things
0:32:24.600,0:32:26.130
but the underscore of all that
0:32:26.310,0:32:29.575
and where all these reasons can come from is from Freedom
0:32:31.930,0:32:34.570
Free and Open Source software is not just good business
0:32:34.600,0:32:36.340
it's also the right thing to do
0:32:36.581,0:32:40.770
So when we talk about our heart devices, we talk about our voting machines
0:32:40.790,0:32:42.820
and then we talk about the way we live our lives
0:32:42.850,0:32:45.000
and the infrastructure of how we talk to one another.
0:32:45.112,0:32:49.083
We see that Free and Open Source software is just
0:32:49.083,0:32:50.830
the right thing to do for our society
0:32:50.903,0:32:52.778
and in order to bring that to other people
0:32:52.860,0:32:56.772
we need to make sure, it's easy and clear for them to use
0:32:56.920,0:33:00.800
These are some screenshots from the Gnome 3 release which
0:33:01.130,0:33:02.920
Most of who I would say are probably familiar
0:33:02.920,0:33:05.150
with already and are forming your own opinions about whether
0:33:05.160,0:33:07.010
you… laughs
0:33:07.010,0:33:09.780
Gnome 3 is something that you want to use or not
0:33:09.780,0:33:13.000
and I think that no mater what perspective you come from
0:33:13.010,0:33:15.520
I think that you can see that the Gnome 3 rewrite is done
0:33:15.540,0:33:18.970
to address these issues, it's to make our software
0:33:18.990,0:33:20.620
sleek and usable by everybody.
0:33:21.420,0:33:23.415
I joined Gnome after the Gnome 3 release
0:33:23.415,0:33:25.410
and it was the Gnome 3 release
0:33:25.410,0:33:28.065
that made me realize that I had to go work for Gnome
0:33:28.095,0:33:30.090
because this is our future.
0:33:30.100,0:33:34.000
We need to cross the bridge, we need to be able to provide software
0:33:34.000,0:33:38.000
to people who otherwise wouldn't be able to use it.
0:33:38.000,0:33:41.000
We need to make sure our desktop are accessible by everyone
0:33:41.000,0:33:44.060
because we are not going to be able to build
0:33:44.110,0:33:46.370
the right infrastructure for a whole society
0:33:46.390,0:33:48.665
if we don't bring these people on board too.
0:33:50.370,0:33:52.280
This is a second screenshot.
0:33:52.310,0:33:55.210
It happens to be Marina from the Gnome community
0:33:55.230,0:34:00.890
and she's the head of the Gnome outreach program for women
0:34:01.000,0:34:04.738
which is an awesome program and is a kind
0:34:04.738,0:34:06.260
of thing that you can do in a non-profit.
0:34:06.260,0:34:06.280
But what you may not have seen is that
0:34:06.280,0:34:08.180
But what you may not have seen is that
0:34:08.200,0:34:11.670
we launched, very recently, an extension website.
0:34:11.670,0:34:13.510
extensions.gnome.org
0:34:13.540,0:34:16.262
where third-parties can upload
0:34:16.966,0:34:21.230
extensions for the Gnome Shell and it's a simple point-and-click
0:34:21.240,0:34:22.940
for Gnome 3.2
0:34:23.330,0:34:25.840
So you can install all those customizations
0:34:25.980,0:34:29.070
and we're trying to build the ways
0:34:29.070,0:34:32.130
that Gnome 3 is going to develop over time
0:34:32.140,0:34:37.780
So, even though we have a single Gnome Shell vision,
0:34:37.780,0:34:40.450
with what I think are great choices,
0:34:40.450,0:34:44.966
if you disagree with them, there is a way to implement changes.
0:34:47.712,0:34:51.000
Gnome, I think, and I think many agree.
0:34:51.000,0:34:51.010
I've actually had a lot of people looking at my computer
0:34:51.010,0:34:54.250
I've actually had a lot of people looking at my computer
0:34:54.280,0:34:55.100
over my shoulder and say
0:34:55.110,0:34:57.800
"Oh my God what is that, that's so great!"
0:34:57.810,0:35:00.840
"It's not a Mac, but it looks so good"
0:35:01.190,0:35:02.780
"What's the story with that?"
0:35:02.790,0:35:06.730
So it's beautiful, but it's a lot more than beautiful
0:35:06.760,0:35:08.220
It's non-profit driven
0:35:08.527,0:35:11.040
And in the Free and Open Source software space
0:35:11.050,0:35:15.113
we have a lot of different ways that we develop our software together.
0:35:15.113,0:35:20.797
Some of our projects are more on the Android
0:35:20.797,0:35:24.833
or Unity side of things
0:35:24.833,0:35:27.878
where they're mostly controlled by a single company
0:35:27.878,0:35:32.049
and there are communities that build up around that
0:35:32.049,0:35:34.834
but at the end of the day, the ultimate control
0:35:34.834,0:35:36.540
of the project is by a single company.
0:35:36.804,0:35:40.610
And then we have projects like Gnome that are non-profit focused
0:35:40.862,0:35:43.440
and this actually touches on some other stuff that Bruce
0:35:43.440,0:35:44.930
was mentioning in his keynote.
0:35:46.150,0:35:49.550
What you get for non-profit development, or having a non-profit
0:35:49.560,0:35:54.025
that unifies the development in the community is a lot.
0:35:54.025,0:35:56.982
And one of the main things that you get is to keep other trust
0:35:57.110,0:36:00.030
So the Gnome community for example,
0:36:01.130,0:36:03.540
the Foundation is composed of members
0:36:03.570,0:36:06.190
there is over 300 members and it varies depending
0:36:06.190,0:36:08.680
on where people are and renewing their membership.
0:36:08.690,0:36:11.770
But in order to become a member, you have to be a contributor
0:36:11.790,0:36:14.050
to Gnome and it's only available to individuals
0:36:14.300,0:36:16.760
and if you're a contributor to Gnome
0:36:17.140,0:36:19.760
you can become a member, which allows you to vote for
0:36:19.780,0:36:23.610
the Board of Directors which influences the direction of the project
0:36:23.620,0:36:26.421
help spread infrastructure to support development
0:36:26.421,0:36:28.240
and decides to hire people like me.
0:36:28.500,0:36:33.180
So who are out there advocating for the ideology of Free and Open Source software
0:36:33.280,0:36:36.830
and helping to organize this kind of effort
0:36:37.080,0:36:39.612
So if you imagine the situation now,
0:36:39.612,0:36:44.630
the Gnome community does not require copyright assignment
0:36:44.850,0:36:51.000
but if a non-profit community like the Gnome community were to require,
0:36:51.000,0:36:53.130
or were to accept copyright assignment,
0:36:53.170,0:36:55.315
those copyrights were to be held by a Foundation
0:36:55.315,0:36:59.850
that had an oversight by the contributors
0:36:59.870,0:37:01.640
by everyone who has a stake in the community,
0:37:01.640,0:37:02.840
by everybody who invest in it.
0:37:02.920,0:37:07.070
There is a certain assurance to knowing that the control
0:37:07.100,0:37:09.720
of a community is in a non-profit that is
0:37:09.730,0:37:15.000
focused on what the contributors want, diversely,
0:37:15.000,0:37:16.268
over companies.
0:37:18.840,0:37:20.870
I want to stress that I'm not saying
0:37:20.870,0:37:24.860
that companies don't have a very important place
0:37:24.860,0:37:26.370
in Free and Open Source Software of course.
0:37:26.500,0:37:31.070
Companies must be able to develop products
0:37:31.080,0:37:34.450
in the Free and Open Source community but we need to
0:37:34.450,0:37:37.990
encourage these non-profit structures which are focused on the ideology
0:37:38.020,0:37:40.740
and work with companies to help them accomplish their goals.
0:37:40.760,0:37:45.650
But under the rubric of non-profits the way that we have in the Gnome community
0:37:45.670,0:37:47.620
We have a lot of companies that are involved in Gnome,
0:37:47.760,0:37:49.160
on any Advisory Boards,
0:37:49.170,0:37:50.630
and are just good participants
0:37:52.040,0:37:56.100
but the overall mission of the Gnome Foundation and the community
0:37:56.560,0:37:59.410
is the public good.
0:37:59.420,0:38:02.790
We are a public charity, so we are focused on the public good
0:38:02.810,0:38:04.520
not on our profit.
0:38:05.790,0:38:08.800
We care about our profit but for participants in our community
0:38:08.940,0:38:10.670
but what it means at the end of the day
0:38:10.670,0:38:13.990
is that we want to make the World a better place.
0:38:14.210,0:38:16.980
Sounds a little bit hokey
0:38:17.110,0:38:19.280
but let's be honest, that where a lot of this
0:38:19.310,0:38:21.000
Free and Open Source software came from originally
0:38:21.000,0:38:24.000
ideologically that's why we have such great and cool software
0:38:24.000,0:38:26.668
We have to start thinking about making the World a better place.
0:38:27.650,0:38:30.900
So we, at Gnome, recently launched an accessibility campaign
0:38:30.980,0:38:33.300
We want to make 2012 the year of accessibility
0:38:33.330,0:38:34.852
This is a perfect example
0:38:34.852,0:38:37.840
Yeah, it's really cool work, it's super important.
0:38:37.840,0:38:40.998
*crowd clapping*
0:38:40.998,0:38:43.410
So this is exactly the kind of thing that a company
0:38:43.410,0:38:45.333
might not be able to afford to do
0:38:45.640,0:38:50.000
because it's not necessarily in the interest
0:38:50.000,0:38:55.000
in increasing the bottom line to work on specific accessibility initiatives
0:38:55.000,0:38:56.530
for smaller populations of people.
0:38:56.598,0:38:58.669
But we at Gnome understand that this is
0:38:58.669,0:39:02.280
incredibly important because a desktop that's not usable by everybody
0:39:02.300,0:39:05.031
is one that fails our mission.
0:39:05.193,0:39:09.460
So this guy is Robert Cole, he is super awesome
0:39:09.480,0:39:11.000
That's a picture of him in his family,
0:39:11.150,0:39:14.000
he was kind enough to come forward and let us use
0:39:14.000,0:39:17.720
his testimony for accessibility campaign
0:39:17.920,0:39:20.230
He was born with a vision defect
0:39:20.250,0:39:22.220
So he has no vision in one eye,
0:39:22.220,0:39:24.632
and very limited vision in the other eye
0:39:25.080,0:39:31.540
He was relying on some proprietary assistive technologies
0:39:31.540,0:39:34.240
at one point that were really working for him
0:39:34.250,0:39:37.650
he got a grant from his local government in order to
0:39:37.650,0:39:41.560
get those technologies and they were assisting him to work.
0:39:41.750,0:39:45.290
But then when his system upgraded, he applied for more funding
0:39:45.290,0:39:47.980
to get the upgrade of his assistive technologies and he was denied
0:39:48.000,0:39:48.960
additional funding.
0:39:49.517,0:39:51.185
And he was just out of luck.
0:39:52.166,0:39:55.340
Fortunately, Gnome has been a very accessible desktop
0:39:55.340,0:39:57.170
and he was able to use Gnome technologies,
0:39:57.180,0:40:01.370
and through that he became a very active member of the Gnome community
0:40:01.400,0:40:03.420
but with Free and Open Source software technology
0:40:03.420,0:40:05.660
whatever we develop is going to be out there,
0:40:05.680,0:40:08.350
it's going to be available, you don't have to rely on
0:40:08.350,0:40:10.677
expensive proprietary upgrades to know that
0:40:10.677,0:40:12.720
you're going to continue to be able to use your software,
0:40:12.730,0:40:14.476
should your overall system upgrade.
0:40:14.476,0:40:21.223
So making sure that this kind of work is done in a Free and Open Source software environment
0:40:21.223,0:40:23.160
is extremely important so we just launched
0:40:23.190,0:40:25.910
this accessibility campaign if you donate to Gnome
0:40:25.980,0:40:28.670
while this campaign is going on we pledged to use the money
0:40:28.690,0:40:30.892
to help develop assistive technologies.
0:40:33.450,0:40:36.740
So all this to say: let's choose freedom!
0:40:36.750,0:40:42.232
We can choose freedom, we in this room are a very special group of people.
0:40:42.232,0:40:47.910
While I'm focusing on what our users are doing and how we must bring our users all…
0:40:47.920,0:40:49.736
and I say the broad of users,
0:40:49.736,0:40:51.552
we have to think big, we have to think giant!
0:40:51.570,0:40:57.010
While we need to do things that bring our user base in,
0:40:57.010,0:41:00.280
people in this room are making choices everyday
0:41:00.300,0:41:03.720
I can't tell how many iPhones I have seen at this conference
0:41:03.720,0:41:05.700
how many Macs I have seen in this conference.
0:41:05.730,0:41:07.900
You know we have the technology, it's good.
0:41:07.940,0:41:13.000
I don't really tweak my desktop very much anymore at all
0:41:13.280,0:41:16.790
I've switched over to Gnome-shell and it's so sleek
0:41:16.790,0:41:19.960
and great and I barely use the command line
0:41:19.960,0:41:23.990
for things that are connected to my computing environment
0:41:24.000,0:41:27.160
and only then when I really feel I can't
0:41:27.170,0:41:29.890
It's not for everybody, but we need to choose
0:41:29.890,0:41:32.530
free an open platform, we need to develop on them
0:41:32.710,0:41:34.460
because it's the only way we're gonna create
0:41:34.470,0:41:37.870
these safer and better societies
0:41:37.900,0:41:40.090
It's the only way we're going to create a World
0:41:40.110,0:41:44.030
where we know that our software can be reviewed
0:41:44.060,0:41:45.480
and that it will have integrity
0:41:46.790,0:41:52.840
We need to build our communities in the non-profit space
0:41:53.110,0:41:56.000
Because we need to create those really good degrees of trust
0:41:56.410,0:41:59.438
We need to bring our ideology back into Free software.
0:42:00.184,0:42:03.132
Going a little bit out there, I'd say:
0:42:03.132,0:42:05.264
It's not about terminology, it's about ideology.
0:42:05.464,0:42:06.545
We really need to think about
0:42:06.545,0:42:08.809
making the World a better place because we can,
0:42:08.809,0:42:09.920
and we should.
0:42:10.520,0:42:15.520
I have this picture from the original Apple campaign.
0:42:15.622,0:42:21.340
Because it really strikes me that this woman
0:42:21.360,0:42:24.680
coming and taking her hammer and,
0:42:24.710,0:42:29.330
flinging it against the establishment and the machine
0:42:29.400,0:42:31.610
for individuality and our freedom,
0:42:31.800,0:42:33.380
and it really speaks to me now.
0:42:34.710,0:42:36.860
Let's choose Free and Open Source software
0:42:36.860,0:42:39.470
for ourselves, and for our society.
0:42:42.090,0:42:45.500
So the Gnome Foundation is a charitable organization.
0:42:45.540,0:42:47.150
We accept donations.
0:42:47.150,0:42:53.260
And my talk is freely licensed so feel free to quote it
0:42:53.460,0:42:55.620
and republish it.
0:42:56.860,0:42:58.400
Does anybody have any questions?
0:42:59.910,0:43:15.160
*crowd clapping*
0:43:16.008,0:43:17.215
Good day.
0:43:18.554,0:43:23.660
I guess I personally see it as a really positive future
0:43:23.660,0:43:28.070
because I think there is never going to be a year of
0:43:28.080,0:43:30.550
the leading desktop where everyone suddenly converts
0:43:30.560,0:43:32.480
but it would just be this gradual process.
0:43:32.480,0:43:35.495
in the same way that most of us have come to Linux
0:43:35.495,0:43:39.098
after some other proprietary process
0:43:40.310,0:43:45.282
I'm wondering how you see us engaging with not
0:43:45.282,0:43:48.461
the entirety of society, cause that's way to difficult
0:43:48.461,0:43:51.763
but what's the next age of the people
0:43:51.763,0:43:54.653
that we can engage with and that can then convert
0:43:54.653,0:43:57.040
their friends and their parents and so forth?
0:43:57.353,0:44:00.050
I also think that the next wave is that we need to get
0:44:00.070,0:44:01.450
into schools as much as possible
0:44:01.710,0:44:04.500
I think there are a lot of great initiatives to bring
0:44:04.500,0:44:07.352
our various free distros into schools
0:44:07.352,0:44:10.415
what really strikes me is that, in the United States in particular,
0:44:10.415,0:44:15.027
there are a number of non-profits that are set up as technology charities
0:44:15.027,0:44:20.172
and what they do is they bring Microsoft licenses and other proprietary licenses
0:44:20.172,0:44:23.405
to underprivileged communities and to schools.
0:44:23.405,0:44:25.263
They get tax breaks for doing that
0:44:25.263,0:44:28.569
What they're actually doing is creating a dependency
0:44:28.569,0:44:32.299
on proprietary software and it's a very clever,
0:44:32.299,0:44:34.183
very very clever technique
0:44:34.183,0:44:38.619
because we're training people to use certain kind of software.
0:44:38.619,0:44:39.936
We need to do the same thing.
0:44:40.192,0:44:41.863
I know there are a lot of great initiatives already.
0:44:41.863,0:44:43.990
Gnome has a number of initiatives that would do this.
0:44:44.140,0:44:47.565
And I'd say everybody get involved in your community
0:44:47.565,0:44:50.170
and start bringing our software into schools.
0:44:50.170,0:44:51.381
I think that a first step.
0:44:51.381,0:44:54.520
I think the next step is writing really cool
0:44:54.580,0:44:57.850
applications for our Free and Open platforms
0:44:57.990,0:45:00.383
If we've got the next cool thing,
0:45:00.383,0:45:02.000
then people would want to use it.
0:45:02.000,0:45:04.215
There are lots of different steps. I think you're right.
0:45:04.215,0:45:07.594
There is no easy answer to make
0:45:07.594,0:45:10.289
this the year of the GNU/Linux desktop
0:45:10.289,0:45:12.894
it just doesn't happen as easily as that
0:45:12.894,0:45:14.572
but there are things that we can do in the schools,
0:45:14.572,0:45:16.659
It's, I think, the first place we should start.
0:45:18.640,0:45:19.580
Thanks you.
0:45:19.800,0:45:21.660
Two things if I could. One is,
0:45:22.750,0:45:24.950
for us in Australia and other countries,
0:45:24.950,0:45:28.135
if the FDA has approved it, is that it?
0:45:28.135,0:45:32.633
Is that accepted here without us having our own standards and rules
0:45:32.633,0:45:34.449
setting the software, any of that?
0:45:34.465,0:45:36.958
So I haven't actually looked into Australia.
0:45:36.958,0:45:37.566
I should have.
0:45:37.566,0:45:39.502
I actually thought this morning that I really needed
0:45:39.502,0:45:41.163
to check the situation in Australia.
0:45:41.163,0:45:46.260
But I know that in any UK and other countries there are comparable bodies
0:45:46.310,0:45:47.510
the ones that I've looked in so far
0:45:47.530,0:45:49.250
also don't review the source code.
0:45:49.270,0:45:50.930
So they have similar review processes.
0:45:50.950,0:45:54.660
The FDA only applies in the United States
0:45:54.670,0:45:57.390
So each region has its own approval process.
0:45:57.400,0:45:59.840
But from what I've discovered, so far in the regions
0:45:59.840,0:46:01.560
that I have looked at, they are similar.
0:46:02.550,0:46:05.246
The other thing is that there are other areas
0:46:05.246,0:46:07.383
where software is extremely important
0:46:07.383,0:46:09.278
that you've mentioned during your talk
0:46:09.278,0:46:11.616
like avionics and gambling machines, and so on.
0:46:11.616,0:46:14.650
And in some places in the World there are
0:46:14.740,0:46:17.570
different rules, there is review of code and that
0:46:17.570,0:46:18.440
sort of things.
0:46:19.140,0:46:22.990
Two things out of that. One is it seems a shame
0:46:23.040,0:46:27.180
that there aren't general government standards for
0:46:27.200,0:46:31.000
software where it matters. Have you got any thoughts
0:46:31.000,0:46:32.630
on how we could make that happen?
0:46:32.990,0:46:34.625
We have to become real advocates
0:46:34.625,0:46:38.450
and what does really strike me is that
0:46:38.460,0:46:41.364
proprietary software companies have such an amazing lobby.
0:46:41.364,0:46:43.090
They have so much money that they can pour in
0:46:43.090,0:46:45.890
to making sure that the government is deeply
0:46:45.890,0:46:47.840
concerned about their innovative edge.
0:46:48.000,0:46:52.260
For their products that
0:46:52.260,0:46:52.280
they keep they proprietary incentives[br]For their products that
0:46:52.280,0:46:54.430
they keep they proprietary incentives
0:46:54.440,0:46:56.380
Medical devices is a really good example
0:46:56.400,0:46:57.830
of how that breaks down.
0:46:58.000,0:47:01.231
When you think about the business case
0:47:01.231,0:47:04.010
of medical devices, you sort of search and see:
0:47:04.030,0:47:06.046
OK, well I'm not buying my heart…
0:47:06.046,0:47:07.907
I'm not choosing the brand of my heart device
0:47:07.907,0:47:10.290
because it has the best software on it.
0:47:10.330,0:47:14.385
I'm choosing Medtronic because they have a good track record.
0:47:14.385,0:47:18.224
Because they are a precision manufacturer of really detailed equipment
0:47:18.224,0:47:19.850
and they have been for a long time.
0:47:19.960,0:47:21.870
If they published their software,
0:47:21.870,0:47:24.432
even if they've published their hardware specs,
0:47:24.432,0:47:31.302
it's not like Nokia is going to go and start producing medical devices.
0:47:31.302,0:47:33.650
And if they did, it would take some time
0:47:33.670,0:47:35.439
to get doctors comfortable that the fact
0:47:35.439,0:47:36.408
that they will be relying on them.
0:47:36.408,0:47:37.504
They're going to get support.
0:47:37.504,0:47:42.586
There's this whole issue of the fact that
0:47:42.586,0:47:44.641
these proprietary software companies have
0:47:44.641,0:47:46.489
a really strong lobbying force.
0:47:46.489,0:47:49.374
The only response I got from Medtronic so far
0:47:49.374,0:47:52.168
is saying: "Our business case relies on"
0:47:52.168,0:47:53.950
"keeping ourselves for proprietary"
0:47:54.960,0:47:57.192
In the United States there were a bunch of
0:47:57.192,0:47:59.955
Breathalyzer cases, with drunk drivers.
0:48:03.540,0:48:05.240
There is a driver who said:
0:48:05.240,0:48:09.700
"If you're gonna convict me on the fact that"
0:48:09.700,0:48:11.877
"this Breathalyzer said my blood alcohol level was very high,"
0:48:11.877,0:48:13.537
"I want to be able to see the source code"
0:48:13.537,0:48:16.000
"in order to determine whether or not"
0:48:16.000,0:48:18.570
"that was accurately drived"
0:48:20.190,0:48:21.954
The company fought it and said
0:48:21.954,0:48:23.719
"this is our proprietary technology"
0:48:23.719,0:48:24.265
"blablabla".
0:48:24.265,0:48:25.950
Eventually the Court said you must produce
0:48:25.950,0:48:28.450
the software, the source code and
0:48:28.470,0:48:30.790
what the Court found through their experts was
0:48:30.810,0:48:32.659
that the results couldn't be relied on.
0:48:34.800,0:48:37.029
Amazing stuff, and this happens in a lot of different jurisdictions.
0:48:37.029,0:48:38.657
In the United States, some jurisdictions say
0:48:38.657,0:48:41.393
you must produce the code, others say no.
0:48:41.393,0:48:43.280
But I think at the end of the day
0:48:43.300,0:48:46.257
we need to keep it in our dialog, keep asking these questions
0:48:46.257,0:48:50.476
throughout our different areas from
0:48:50.476,0:48:53.140
breathalysers to medical devices.
0:48:53.360,0:48:57.990
And being a really vocal community
0:48:58.000,0:48:59.790
about these issues is going to help.
0:49:00.020,0:49:02.863
We also need to organize from a lobbying perspective as well,
0:49:02.863,0:49:05.194
because there is just so much funding on the other side.
0:49:06.820,0:49:08.270
There was a question back there.
0:49:09.090,0:49:10.360
Oh, you've got the mic, OK
0:49:10.660,0:49:13.332
So first of all, I think that your talk was totally awesome
0:49:13.332,0:49:16.697
and thanks for expressing basically the core
0:49:16.697,0:49:18.875
of the Free software ideology which is that
0:49:18.875,0:49:20.419
Free software is about freedom including
0:49:20.419,0:49:22.280
the freedom to know how you're kept alive.
0:49:22.450,0:49:25.950
Which I think is really important, so thanks for doing that!
0:49:26.220,0:49:32.000
clapping
0:49:33.690,0:49:36.000
As far as the remote car exploit stuff, that's
0:49:36.000,0:49:38.510
actually from Alexei, Karl and Franzi in the lab
0:49:38.520,0:49:39.930
at UW where I work.
0:49:39.960,0:49:42.695
And those exploits were done remotely
0:49:43.092,0:49:46.410
through the telematics units in the cars so just
0:49:46.420,0:49:49.400
like cardiac-implants people can crash you car remotely.
0:49:50.241,0:49:52.413
It's like through a telephone.
0:49:52.639,0:49:57.330
Actually, I meant to get that into a little bit more detail,
0:49:57.330,0:50:00.580
but yes the control of the cars were remote but
0:50:00.580,0:50:03.981
I also want to mention that the HP printer exploit
0:50:03.987,0:50:07.399
that happened recently, where
0:50:09.735,0:50:13.200
over the Internet, folks were able to take control of
0:50:13.220,0:50:16.220
HP printers which not only were able to do all
0:50:16.220,0:50:18.440
kind of terrible things like being able to know what
0:50:18.440,0:50:20.910
you are printing including monitoring to see if you
0:50:20.930,0:50:23.160
are printing text documents and so determining
0:50:23.190,0:50:25.710
what information was included in particular boxes
0:50:25.730,0:50:29.230
but they were also able to set printers on fire.
0:50:29.990,0:50:33.000
laughs
0:50:34.108,0:50:35.890
They weren't? They were!
0:50:35.900,0:50:38.818
"There was a guy at the CCC that had a printer set on fire this year"
0:50:38.818,0:50:39.795
"Yeah!"
0:50:39.795,0:50:51.000
mumbling
0:50:51.000,0:50:54.000
"You should either talk into the microphone or ask a question"
0:50:54.000,0:50:55.270
The question I was gonna ask you is
0:50:55.410,0:50:57.170
You're talking about accessibility
0:50:57.370,0:50:59.400
and one of the things I've noticed is that
0:50:59.400,0:51:01.108
people that are blind are totally fucked
0:51:01.108,0:51:02.631
when it comes to using computers
0:51:02.631,0:51:04.183
and if you want to get a Braille terminal
0:51:04.183,0:51:07.089
it can cost somewhere like 6 or 8 thousand Euros to get them.
0:51:07.089,0:51:10.250
And there is one group in the UK that are looking at
0:51:10.250,0:51:12.370
building affordable ones, I think coming in
0:51:12.400,0:51:13.840
somewhere at a thousand dollars.
0:51:14.230,0:51:16.317
But I wonder what Gnome can do to make it
0:51:16.317,0:51:18.640
so that computers are really accessible in terms of
0:51:18.720,0:51:21.400
alternate methods of interfacing with computers
0:51:21.410,0:51:24.240
especially for people who are blind or unable to see
0:51:24.550,0:51:26.330
and I wonder if you can talk a bit about
0:51:26.330,0:51:29.000
Braille terminals and maybe making them accessible and so on.
0:51:30.820,0:51:33.000
I was gonna say this actually as a separate talk.
0:51:33.000,0:51:36.060
There was a talk on accessibility at this conference,
0:51:36.160,0:51:38.920
but I don't want to get into too much detail
0:51:38.920,0:51:44.810
about the particular initiatives, but with Gnome 2
0:51:44.810,0:51:47.650
there are a lot of assistive technologies for
0:51:47.650,0:51:49.630
vision or magnification.
0:51:49.640,0:51:55.000
Other types of software that are very helpful but…
0:51:55.700,0:51:58.850
and actually Gnome won several awards for
0:51:58.860,0:52:01.098
the accessibility of their desktop.
0:52:01.098,0:52:04.618
But while we rewrote Gnome 3,
0:52:04.618,0:52:08.159
we actually broke a lot of our assistive technologies,
0:52:08.159,0:52:11.468
as part of the necessity of starting all over again
0:52:11.468,0:52:12.310
and starting new.
0:52:12.650,0:52:15.974
So actually our campaign is much more basic than that.
0:52:15.974,0:52:18.169
I'd like for us to get there over time.
0:52:18.169,0:52:20.486
But we have some great software
0:52:20.486,0:52:22.547
but it needs help just to get working.
0:52:22.547,0:52:24.670
So the accessibility campaign
0:52:24.680,0:52:26.738
that we're running now is really fundamental
0:52:26.738,0:52:30.940
If we get a huge level of support from it,
0:52:30.940,0:52:33.180
we can hire developers to work on the stuff and
0:52:33.180,0:52:35.755
start exploring some of those particular initiatives.
0:52:35.755,0:52:39.975
But it's sort of like, now the accessibility
0:52:39.975,0:52:43.172
team at Gnome, at our annual general meeting
0:52:43.172,0:52:45.063
I asked them to give a little presentation
0:52:45.063,0:52:47.961
of where we stand, and the first slide was
0:52:47.961,0:52:49.676
a set of stairs.
0:52:50.740,0:52:53.255
So right now, we have a lot of work to do.
0:52:53.255,0:52:56.474
We need to bring our new system back to
0:52:56.474,0:52:58.182
where we were with Gnome 2,
0:52:58.182,0:52:59.777
and then we need to go beyond.
0:52:59.777,0:53:01.916
We're much further now, with Gnome 3
0:53:01.916,0:53:03.642
than where we were when we launched Gnome 2
0:53:03.642,0:53:05.572
and Gnome 2 went really far
0:53:05.572,0:53:07.750
but we really have along way to go.
0:53:08.520,0:53:11.000
So there was a question for someone right over there
0:53:11.000,0:53:14.588
who had put his hand up, and I'll be really fast.
0:53:14.588,0:53:16.345
If we can have one more question,
0:53:16.345,0:53:18.117
we'll have to wrap it up after that.
0:53:22.000,0:53:23.000
Thank you.
0:53:23.649,0:53:30.020
I am concerned that should your implant fail,
0:53:30.760,0:53:34.160
and you collapsed to the floor, I don't know what to do.
0:53:34.180,0:53:37.110
Is it just CPR or is this something else I should do?
0:53:37.140,0:53:38.890
That's a great question.
0:53:38.890,0:53:41.550
Everybody should be trained in CPR,
0:53:41.600,0:53:44.910
and I've became aware of this and hassle
0:53:44.930,0:53:47.500
the people close to me to get trained in CPR
0:53:47.510,0:53:49.400
when I found I had this heart condition.
0:53:49.410,0:53:50.762
So if somebody collapse in the front of you,
0:53:50.762,0:53:53.205
you should commence CPR,
0:53:53.205,0:53:57.630
you should check their life signs and follow that procedure.
0:53:57.640,0:54:00.392
For me, if I've collapsed now my device
0:54:00.392,0:54:03.796
will most likely shock me and if it doesn't,
0:54:03.796,0:54:05.146
if somebody performs CPR,
0:54:05.146,0:54:08.785
hopefully we can keep my blood circulating until help comes
0:54:08.785,0:54:12.523
and I can be shocked with an external defibrillator.
0:54:12.523,0:54:15.642
The truth is, it often takes so long
0:54:15.642,0:54:17.269
to get an external defibrillator
0:54:17.269,0:54:18.610
and to get people's heart starting again
0:54:18.610,0:54:21.263
that there is often some brain damage by the time that happens.
0:54:21.263,0:54:22.895
So that's part of the reasons.
0:54:24.000,0:54:25.000
There is one in the lobby.
0:54:26.050,0:54:28.090
And it's funny because when I walk by those
0:54:28.100,0:54:29.570
now I think: "Those are for suckers!"
0:54:29.570,0:54:30.850
I've got my own!
0:54:30.860,0:54:35.000
clapping
0:54:35.000,0:54:38.957
So, all this to say I am really glad
0:54:38.957,0:54:41.033
that I have this piece of technology,
0:54:41.033,0:54:42.726
and I'm glad that I can rely on it.
0:54:42.726,0:54:44.595
I just think it can be better and safer.
0:54:44.820,0:54:45.710
Thanks you.
0:54:45.730,0:54:47.110
Unfortunately, we're running out of time,
0:54:47.130,0:54:49.000
but a huge round of applause for Karen.