0:00:09.000,0:00:11.045 How is that, can you hear me? 0:00:11.045,0:00:13.953 Can I ask for everybody on the end 0:00:13.953,0:00:17.014 who has a seat next to them to move a little bit in 0:00:17.014,0:00:19.988 so that latecomers have a place to sit? 0:00:19.988,0:00:21.979 Just move in one seat. 0:00:21.979,0:00:25.373 As a latecomer often myself, it's a huge gift 0:00:25.373,0:00:28.208 if you walk in and there's a place to sit. 0:00:34.030,0:00:35.158 But not too much, 0:00:35.158,0:00:38.040 because I think they've shut the side doors too, so… 0:00:38.040,0:00:40.000 You're good, you're good. 0:00:41.040,0:00:42.070 OK. 0:00:43.020,0:00:45.481 I am really, really happy to be here. 0:00:47.010,0:00:51.000 My talk is entitled Freedom in my heart and everywhere. 0:00:52.020,0:00:54.879 As just said, I've been involved 0:00:54.879,0:00:57.000 in the Free and Open Source community for a while 0:00:57.000,0:01:00.000 I am the executive director of the GNOME Foundation 0:01:00.000,0:01:02.020 and we'll get to some of that a little bit later 0:01:02.020,0:01:03.692 which is really cool. 0:01:03.692,0:01:08.205 And I, for a long time, was a lawyer at the Software Freedom Law Center. 0:01:09.000,0:01:11.020 Resulting in eventually becoming general council. 0:01:11.020,0:01:13.631 So I had this really lucky opportunity 0:01:13.631,0:01:15.577 to get to know a lot of folks 0:01:15.577,0:01:16.969 in the Free and Open Source software community 0:01:16.969,0:01:18.508 by helping them with all of the crap 0:01:18.508,0:01:20.046 that they didn't want to deal with. 0:01:20.046,0:01:21.403 Really really fun! 0:01:21.403,0:01:24.527 I've been a Free and Open Source enthusiast, 0:01:24.527,0:01:26.388 I'd say, since the nineties 0:01:26.758,0:01:30.169 And I am also a patient 0:01:31.050,0:01:34.000 I have a really, really big heart 0:01:34.785,0:01:36.710 I actually have a huge heart. 0:01:36.710,0:01:38.388 So you think I work for non-profit 0:01:38.388,0:01:41.049 but I actually an enlarged heart 0:01:41.049,0:01:45.000 I have a condition called hypertrophic cardiomyopathy. 0:01:45.000,0:01:46.931 I always get a little bit nervous when I talk about that 0:01:46.931,0:01:48.000 because that sort of say 0:01:48.000,0:01:50.100 my heart is a little broken. 0:01:50.100,0:01:53.000 But it means that I have… 0:01:53.000,0:01:57.000 it's not actual. My heart is very thick 0:01:57.000,0:02:00.154 and that means that it has a hard time beating. 0:02:00.154,0:02:01.169 It's a little bit stiff. 0:02:01.169,0:02:03.115 And it's actually pretty fine. 0:02:03.115,0:02:05.062 I don't have any symptoms yet. 0:02:05.062,0:02:10.000 I just have a very high risk of suddenly dying. 0:02:11.000,0:02:13.462 The term is actually sudden death. 0:02:13.462,0:02:17.123 That's what the doctors tell you when you have HCM 0:02:17.123,0:02:21.000 and you need to enter in this life-long treatment. 0:02:21.000,0:02:24.000 They say you have a high risk of sudden death. 0:02:24.000,0:02:26.023 Which is really terrifying as a patient. 0:02:26.023,0:02:31.000 I have about a two to three chances per year of suddenly dying 0:02:31.000,0:02:36.000 and that compounds, so I've found out about this at age 31 0:02:36.000,0:02:42.000 and over the next decade it was sort of 20 to 30% risk of sudden death. 0:02:43.246,0:02:48.146 Really, really, just a scary thing to hear… 0:02:48.146,0:02:50.769 but there is a solution right now! 0:02:50.769,0:02:53.041 which is to get a defibrillator. 0:02:53.041,0:02:58.020 And what a defibrillator does is it's in your body 0:02:58.030,0:03:01.000 I actually did get one, it's right here. 0:03:01.000,0:03:02.223 It looks really huge there, 0:03:02.223,0:03:04.000 but it's about like this big 0:03:04.000,0:03:06.038 and it's right here. 0:03:06.592,0:03:07.817 It has wires that 0:03:07.817,0:03:09.765 sneak through my blood vessels 0:03:09.765,0:03:11.000 and scour into my heart 0:03:11.000,0:03:14.077 and it basically constantly monitors me 0:03:14.077,0:03:15.469 and it's like having people 0:03:15.469,0:03:16.862 following you around with paddles 0:03:16.862,0:03:20.000 and if I go into a sudden death, 0:03:20.000,0:03:23.000 it will shock me, and I'll be great! 0:03:23.000,0:03:27.231 And I won't die! it's very exciting! 0:03:28.030,0:03:32.000 So, all that is pretty well and good. 0:03:32.000,0:03:37.010 The electro-physiologist that I saw when I told this 0:03:37.010,0:03:39.245 has a bunch of these in his desk drawer, 0:03:39.245,0:03:42.250 just so he can pass it to every patient 0:03:42.250,0:03:45.363 because I think when you see how little this device is, 0:03:45.363,0:03:47.508 it doesn't feel so scary. 0:03:47.508,0:03:49.085 He pushed it over the desk at me, 0:03:49.085,0:03:50.938 I was sitting here with my mother. I pick it up… 0:03:50.938,0:03:52.506 He's like: "Pick it up, see how light it is!" 0:03:52.506,0:03:55.588 So I pick it up and I say "Cool, what does it run?" 0:03:55.588,0:03:58.000 Laughs 0:03:58.000,0:04:05.831 applause 0:04:05.831,0:04:08.077 To which I got a blank look. 0:04:08.825,0:04:11.000 My mother gave my a blank look. 0:04:11.738,0:04:14.200 Surgeon said "What are you talking about?" 0:04:14.200,0:04:16.692 and I said "Well obviously, " 0:04:16.692,0:04:20.000 "this piece of equipment is only as good as its software" 0:04:20.000,0:04:22.050 I mean, it relies on its software to know 0:04:22.050,0:04:24.040 when it is that I'm going to have a sudden death 0:04:24.040,0:04:26.381 whether it is that I run across the street 0:04:26.381,0:04:27.307 when I shouldn't have 0:04:27.307,0:04:29.000 or I decided to run a marathon 0:04:29.040,0:04:31.020 or for no reason at all. 0:04:31.952,0:04:34.295 I'm totally relying on this software to know 0:04:34.295,0:04:36.555 when is the appropriate time to give me a shock 0:04:36.555,0:04:37.393 and when it's not. 0:04:37.393,0:04:41.010 When I need pacing, maybe, or when I don't. 0:04:41.010,0:04:45.080 And the electro-physiologist, of course had no answer at all. 0:04:45.080,0:04:48.000 He said "nobody ever asked me this." 0:04:48.000,0:04:50.020 "I never thought about the software on this device." 0:04:50.020,0:04:53.718 "Hang on, there is a representative from Medtronic" 0:04:53.718,0:04:55.938 "here in our office today." 0:04:55.938,0:04:59.050 "I will get to him, because he is the manufacturer" 0:04:59.050,0:05:02.000 "and surely they have thought about this." 0:05:02.000,0:05:05.050 So, in walks this representative 0:05:05.050,0:05:07.000 and I sort of explain 0:05:07.000,0:05:09.070 "I'm a lawyer at the Software Freedom Law Center" 0:05:09.070,0:05:12.000 "I care about the software on my device" 0:05:12.000,0:05:13.000 "I just want to know: " 0:05:13.000,0:05:14.080 "how does it works? what does it run?" 0:05:14.080,0:05:16.000 "Can you tell me?" 0:05:16.000,0:05:19.000 And he said "Nobody's ever asked me that before". 0:05:19.677,0:05:22.995 So, we had this really interesting conversation and he said: 0:05:23.000,0:05:25.040 "I see that this is a very serious issue" 0:05:25.040,0:05:27.000 "Here is my number." 0:05:27.275,0:05:29.196 "Call me and I'll put you through" 0:05:29.196,0:05:30.947 "to people to talk about this." 0:05:33.030,0:05:38.050 Bolded by this, I called him at Medtronic 0:05:38.050,0:05:40.050 and he gave me the tech line 0:05:40.050,0:05:42.040 and so I kept leaving messages… 0:05:42.040,0:05:45.030 eventually, I kept being bounced around. 0:05:45.030,0:05:48.010 Nobody would talk to me about this. 0:05:48.010,0:05:53.027 I called the other two major medical device manufacturers: 0:05:53.030,0:05:55.000 Boston Scientific and St. Jude 0:05:55.000,0:05:57.992 and neither of them could give me a real answer either. 0:05:58.000,0:06:00.010 Eventually, I started calling and saying 0:06:00.010,0:06:02.000 "Look if someone would let me look at the software," 0:06:02.000,0:06:06.000 "I'll sign an NDA", You know, really against my principles 0:06:06.000,0:06:10.040 Because, I'm a non-profit activist in the technology world 0:06:10.040,0:06:13.040 I don't want to sign any NDA which would prevent me 0:06:13.040,0:06:15.013 from sharing what I find with somebody else. 0:06:15.013,0:06:15.742 But I though: 0:06:15.742,0:06:18.455 "At least, I'll be able to see the source code" 0:06:18.455,0:06:21.060 "and I'll feel comfortable about what's put in my body" 0:06:21.783,0:06:27.000 But, unfortunately, I was brushed off. I was told no. 0:06:27.000,0:06:31.040 I talked with some people at Medtronic that were sympathetic 0:06:31.040,0:06:33.972 I had access to good doctors 0:06:33.972,0:06:37.010 People said: "Oh, you know, we're Medtronic" 0:06:37.010,0:06:39.030 We care deeply about making sure 0:06:39.030,0:06:41.992 that there are no bugs in the software that we put on these devices. 0:06:42.000,0:06:46.000 Obviously, we wouldn't release it if we didn't think it was safe. 0:06:46.000,0:06:47.000 All these things 0:06:47.000,0:06:49.000 You must trust us. 0:06:49.000,0:06:52.708 Doctor say, the Food and Drugs Administration, 0:06:52.708,0:06:54.035 the FDA in the United States, 0:06:54.035,0:06:55.285 approves these devices 0:06:55.285,0:06:58.846 So clearly, you're over reacting. 0:06:58.846,0:07:03.070 And when I was talking to that same electro-physiologist on the phone 0:07:03.070,0:07:05.871 and said I'm really troubled by this, because 0:07:05.871,0:07:09.030 I think about all the people that have these devices. 0:07:09.030,0:07:11.000 Some of them are quite powerful 0:07:11.000,0:07:13.000 Dick Cheney had one at the time. 0:07:13.000,0:07:15.874 He has a more impressive device now, 0:07:15.874,0:07:18.354 that continually circulate his blood 0:07:18.354,0:07:20.646 so he has no pulse. 0:07:20.646,0:07:25.169 It's a fascinating, fascinating device, yeah! 0:07:28.000,0:07:30.000 There are a lot of prominent people that… 0:07:30.000,0:07:32.525 the demographic that get this devices 0:07:32.525,0:07:35.373 are often in some powerful positions 0:07:35.373,0:07:38.010 So you can easily imagine a situation where 0:07:38.010,0:07:40.080 someone would be wanting to shut down these devices. 0:07:40.080,0:07:40.080 And the electro-physiologist that I spoked to on the phone[br]someone would be wanting to shut down these devices. 0:07:40.080,0:07:43.629 And the electro-physiologist that I spoked to on the phone 0:07:43.629,0:07:46.010 got so upset, he got so upset… 0:07:46.010,0:07:48.000 that he hang up on me. 0:07:48.030,0:07:52.000 He said "I think you're up to something" 0:07:52.000,0:07:53.192 "I don't understand" 0:07:53.192,0:07:55.000 "I don't know why you're so upset about this." 0:07:55.000,0:07:57.000 "If you want to get a device, I'll help you" 0:07:57.000,0:08:02.020 "But I think, I just don't, I think you're… you're…" 0:08:02.020,0:08:03.000 Hang up. 0:08:03.000,0:08:05.010 and I think it was really scary 0:08:05.010,0:08:07.070 because he told me at the beginning of talking to him 0:08:07.070,0:08:10.000 that he installed these devices all the time 0:08:10.000,0:08:13.020 He installs sometime several devices a day. 0:08:13.020,0:08:16.491 So the idea that he could be 0:08:16.491,0:08:17.732 not even asking questions 0:08:17.732,0:08:19.542 about the software that runs on these devices 0:08:19.542,0:08:21.000 was pretty terrifying to him. 0:08:21.000,0:08:23.000 So I put the whole thing off. 0:08:23.000,0:08:24.297 And I just said, you know, 0:08:24.297,0:08:25.465 I can't think about this. 0:08:25.465,0:08:26.846 It's so terrifying. 0:08:26.846,0:08:27.841 Am I really going to get 0:08:27.841,0:08:29.158 proprietary software in my body? 0:08:29.158,0:08:30.020 I don't know 0:08:30.020,0:08:34.000 Plus the whole "mortality thing" 0:08:34.000,0:08:36.000 and getting a piece of equipment 0:08:36.000,0:08:38.000 sewn into your body. 0:08:38.000,0:08:40.000 It's really a lot to deal with 0:08:40.000,0:08:41.050 So I kept putting it off 0:08:41.050,0:08:43.030 and eventually I couldn't anymore 0:08:43.030,0:08:48.000 because friends and family kept asking me about it 0:08:48.000,0:08:52.000 and saying "We're so worried about you" 0:08:52.000,0:08:53.649 "We know that you can die at anytime" 0:08:53.649,0:08:56.647 My mother, you know, off course don't have a land line 0:08:56.647,0:08:59.055 and I don't have a great mobile reception in my apartment 0:08:59.055,0:09:01.070 and my mother, if I didn't called her back within a hour 0:09:01.070,0:09:02.998 would start calling all my friends 0:09:02.998,0:09:04.853 saying "Have you speak to Karen today?" 0:09:04.853,0:09:06.046 "Do you know if she's OK?" 0:09:06.046,0:09:08.908 I went to brunch with a friend, and she asked me 0:09:08.908,0:09:10.716 how this process was going. 0:09:10.716,0:09:14.000 And I said "Well nobody from medical companies are calling me back," 0:09:14.000,0:09:16.060 "and you know, I'm sure I'll work it out." 0:09:16.060,0:09:18.070 And she just burst into tears and she said 0:09:18.070,0:09:22.020 "You know, you could die. Today." 0:09:22.020,0:09:25.020 "and I just can't deal with that" 0:09:25.020,0:09:26.040 "If you don't take care of this," 0:09:26.040,0:09:27.850 "I don't know if I can be friend with you" 0:09:27.850,0:09:30.165 "because this is a serious thing" 0:09:30.165,0:09:31.404 "and you're ignoring it for…" 0:09:31.404,0:09:34.000 what she considered to be an esoteric issue. 0:09:34.000,0:09:38.000 I really understood that and I really didn't have a choice 0:09:38.000,0:09:40.000 So I got a device 0:09:40.000,0:09:41.666 I got it implanted 0:09:41.666,0:09:44.218 and it took sometime to… 0:09:51.080,0:09:54.398 It took some time to recover from the surgery 0:09:54.398,0:09:59.409 and also to really think about 0:09:59.409,0:10:01.189 my own situation in a more abstract way 0:10:01.189,0:10:02.154 to do some research. 0:10:02.154,0:10:03.542 But I swore that if I got the device 0:10:03.542,0:10:06.362 I would do some research and I would write a paper 0:10:06.362,0:10:10.230 and I would talk about the issues that came up 0:10:10.230,0:10:12.030 that the medical profession 0:10:12.030,0:10:15.020 or at least the medical professionals that I dealt with 0:10:15.020,0:10:17.020 had no answer for. 0:10:17.020,0:10:22.000 So, the things that I found out when I wrote my paper were 0:10:22.000,0:10:25.389 things that would surprise you and things that would not surprise you. 0:10:26.020,0:10:27.404 Software has bugs. 0:10:27.404,0:10:29.588 I really wanted a picture of the crickets 0:10:29.588,0:10:31.738 that were in my room last night 0:10:31.738,0:10:33.030 that fellow keynoters… 0:10:33.030,0:10:34.060 *they are cockroaches* 0:10:34.070,0:10:36.000 They are cockroaches? 0:10:36.000,0:10:38.000 These are cockroaches. 0:10:38.000,0:10:40.000 *So where are they?* 0:10:40.000,0:10:43.000 But Paul and Jake got them out of my room. 0:10:43.000,0:10:45.000 So that was really exciting. 0:10:45.000,0:10:47.010 We were joking that I was going to talk about real bugs 0:10:47.010,0:10:48.040 instead of software bugs. 0:10:48.040,0:10:51.010 But, so, software has bugs. 0:10:51.010,0:10:57.000 And medical devices as like as Matthew Garrett said 0:10:57.010,0:10:58.030 will have bugs 0:10:58.030,0:11:01.010 because the software engineering institute estimates that 0:11:01.010,0:11:04.010 there is about one defect for every one hundred lines of code. 0:11:04.010,0:11:08.330 So even if a majority of the bugs are caught in testing, 0:11:08.440,0:11:11.018 even if three quarters of the bugs are caught in testing, 0:11:11.018,0:11:13.000 that's still a lot of bugs. 0:11:13.000,0:11:19.000 There's a study that I read that looked at 0:11:19.583,0:11:24.000 recalls of devices that were published by the FDA. 0:11:25.455,0:11:30.430 Basically, the study looked at all of the recalls 0:11:30.440,0:11:34.200 and determined which ones they can tell were from software failures 0:11:34.200,0:11:35.750 and then they evaluated those 0:11:35.760,0:11:39.160 and the ones that they could tell enough 0:11:39.170,0:11:41.610 about what the problem was from the software 0:11:41.610,0:11:44.710 ninety-eight percent of them would have been detected 0:11:44.710,0:11:47.000 with simple all-pairs testing. 0:11:47.650,0:11:51.490 So, basic testing that you would expect 0:11:51.490,0:11:54.920 for any kind of technical piece of equipment. 0:11:54.920,0:11:59.280 So yes, the FDA has some review over these devices 0:11:59.290,0:12:03.620 but if the companies aren't doing basic testing 0:12:03.630,0:12:05.370 what are we doing? 0:12:05.380,0:12:08.000 So, software has bugs. 0:12:08.000,0:12:10.000 We know this, here in this room. 0:12:10.000,0:12:13.000 Another thing that most of us here know is 0:12:13.000,0:12:15.500 that security through obscurity doesn't work. 0:12:15.705,0:12:19.170 And this is something that seems very counter intuitive 0:12:19.170,0:12:21.640 for the folks that are not in this room. 0:12:21.650,0:12:26.770 Every person who I started to about this in the medical profession said: 0:12:26.770,0:12:28.160 "But I don't understand:" 0:12:28.160,0:12:31.040 "Why would you want people to be able to see the software?" 0:12:31.050,0:12:33.450 "If people can see the source code," 0:12:33.450,0:12:36.450 "it will be that much easier to break into it." 0:12:36.450,0:12:39.440 But as we all know, that's not quite true. 0:12:39.460,0:12:41.960 And in fact, by publishing the source code, 0:12:41.970,0:12:44.000 everybody can see it, it will be a lot safer. 0:12:44.000,0:12:46.380 But this is a major point that actually 0:12:46.400,0:12:49.000 I address in my paper Killed By Code 0:12:49.000,0:12:53.120 which go systematically through a lot of the research 0:12:53.130,0:12:57.000 that shows how security professionals agree with that assertion. 0:12:57.200,0:13:02.680 So, what we have is actually the worst of both worlds. 0:13:02.680,0:13:07.110 We have closed code, so it doesn't have the safety 0:13:07.110,0:13:09.010 of having a lot of people reviewing it. 0:13:09.102,0:13:12.480 But we also have no security on these devices. 0:13:12.490,0:13:15.000 A lot of these devices are broadcasting wirelessly. 0:13:15.000,0:13:16.590 That's the standard right now. 0:13:16.620,0:13:20.740 When I found out about that, I was totally freaked out. 0:13:20.760,0:13:23.235 What do you mean, 0:13:23.235,0:13:26.084 my heart device is going to be continuously broadcasting? 0:13:28.040,0:13:30.240 Thinking the conferences that I go to, 0:13:30.250,0:13:31.260 the people I hang out with, 0:13:31.260,0:13:31.280 I don't want my information being broadcasted.[br]the people I hang out with, 0:13:31.280,0:13:35.000 I don't want my information being broadcasted. 0:13:35.000,0:13:37.829 So this is one of the things I brought up with 0:13:37.829,0:13:39.230 the different doctors that I spoke to. 0:13:39.250,0:13:41.530 I actually, as you might imagine, 0:13:41.550,0:13:44.610 I got rid of that electro-physiologist that hang up on me. 0:13:44.630,0:13:47.070 And I went from cardiologist to cardiologist 0:13:47.070,0:13:50.170 to find someone who really understood these problems 0:13:50.170,0:13:52.730 or at least why I was so worried about them. 0:13:52.740,0:13:56.000 And I finally found a great cardiologist 0:13:56.000,0:13:57.860 and a great electro-physiologist. 0:13:57.880,0:14:02.940 Who said "I have never thought about this issue" 0:14:02.950,0:14:05.560 "but I understand why it could be a problem." 0:14:05.570,0:14:08.820 "You need this device. You can't wait another day." 0:14:08.820,0:14:11.410 "But I'm going to work with you and see ways" 0:14:11.410,0:14:14.470 "that we can at least address some of the things that you're worried about." 0:14:14.480,0:14:19.000 So, one of the things that my electro-physiologist did 0:14:19.000,0:14:22.000 was that he called around from hospital to hospital 0:14:22.000,0:14:24.510 until he found an old device. 0:14:24.510,0:14:28.900 So he said that I've got a simple heart condition. 0:14:28.930,0:14:31.220 All that I need to do is to have a device that's going to 0:14:31.220,0:14:33.900 be monitoring for a dangerous rhythm 0:14:33.900,0:14:36.400 and if I get a dangerous rhythm, it will shock me. 0:14:36.410,0:14:40.190 It's a much more simple algorithm than what the newer devices do. 0:14:40.190,0:14:42.000 So a lot of the newer devices have this 0:14:42.000,0:14:45.010 complex pacing algorithm for people who have a wide variety of problems. 0:14:45.010,0:14:47.710 You'd understand why the medical companies do this. 0:14:47.750,0:14:52.220 They do it because these devices are very difficult to make. 0:14:52.220,0:14:53.790 They're precision manufacturers. 0:14:53.820,0:14:57.300 And if they can get these devices that work for a broader range of cases 0:14:57.300,0:14:59.000 then that's all the better. 0:14:59.000,0:15:01.590 And then you never know what kind of additional complications 0:15:01.600,0:15:03.465 that people are going to be developing. 0:15:03.465,0:15:05.620 So, I don't have any symptoms now 0:15:05.620,0:15:07.000 but I might develop them 0:15:07.000,0:15:08.770 and it's great to have the pacing technology. 0:15:08.790,0:15:11.170 But my electro-physiologist, my cardiologist said 0:15:11.318,0:15:15.838 "Great, I now that you have a simple need here" 0:15:15.838,0:15:17.610 "so why don't I find you an old device?" 0:15:17.620,0:15:19.360 So I actually have an older device 0:15:19.360,0:15:21.750 that communicate using magnetic coupling 0:15:21.750,0:15:24.259 and not through wireless technology 0:15:24.259,0:15:28.970 but my father has a wireless enabled pacemaker 0:15:28.980,0:15:31.600 and when he walks into a room in the technician's office 0:15:31.630,0:15:32.910 they just change his pulse. 0:15:33.128,0:15:36.480 So, before he even sits down 0:15:36.490,0:15:38.350 they know so much about him 0:15:38.350,0:15:40.770 and they have the ability to really affect him. 0:15:40.858,0:15:42.330 It's incredible. 0:15:43.590,0:15:47.220 But as you can see at the last point on this slide 0:15:47.220,0:15:48.720 these devices have been hacked. 0:15:48.740,0:15:51.800 A university think-tank… 0:15:51.820,0:15:55.460 actually a think-tank of a couple of universities worked together 0:15:55.460,0:15:59.540 and showed that using just commercially available equipment 0:15:59.550,0:16:02.010 you can hack into these devices and take control of them. 0:16:02.351,0:16:05.920 They were able to not only deliver shocks, 0:16:06.010,0:16:07.150 which is terrifying. 0:16:07.150,0:16:07.170 I once had my device shock me in error[br]which is terrifying. 0:16:07.170,0:16:09.200 I once had my device shock me in error 0:16:09.200,0:16:12.600 and I can tell you it's like being kicked in the chest. 0:16:12.950,0:16:16.820 You are basically out of commission 0:16:16.830,0:16:17.830 at least for a few minutes 0:16:17.840,0:16:20.180 I had to sit down and it was so exhausting 0:16:20.190,0:16:23.000 just the surprise of it and the worry 0:16:23.000,0:16:25.310 that I went to sleep for a few hours afterwards. 0:16:25.310,0:16:29.190 It's pretty enduring. 0:16:29.190,0:16:32.200 So not only that. 0:16:32.290,0:16:33.650 They were able to deliver the shock, 0:16:33.670,0:16:38.000 but they were also able to stop the delivering treatment. 0:16:38.000,0:16:40.840 If the device was pacing, they could stop the pacing 0:16:40.840,0:16:42.980 and a lot of people require their pacing 0:16:42.980,0:16:42.990 in order to just live.[br]and a lot of people require their pacing 0:16:42.990,0:16:44.290 in order to just live. 0:16:44.760,0:16:46.460 A lot of people can't walk up a flight of stairs. 0:16:46.470,0:16:49.227 My father is of these, if his pacing is disrupted. 0:16:49.520,0:16:53.910 They were also able to get key information off 0:16:53.910,0:16:54.780 of these devices. 0:16:54.780,0:16:59.538 Like medical ID numbers, doctor's names, 0:17:00.412,0:17:04.630 serial numbers… a lot of personal information that's broadcasting 0:17:04.640,0:17:07.950 and there's no encryption of any kind on these devices. 0:17:07.960,0:17:10.060 It's pretty scary. 0:17:10.070,0:17:12.540 They were also able to put these devices into test mode. 0:17:12.720,0:17:14.600 And what that does is it slowly runs on the battery 0:17:14.600,0:17:16.980 Err… runs down the battery at a much faster rate 0:17:17.000,0:17:20.000 than in normal circumstances 0:17:20.000,0:17:22.410 and these devices are only as good as their batteries. 0:17:22.770,0:17:25.378 So if my battery runs out on my device 0:17:25.805,0:17:28.000 I need a new device, which means surgery. 0:17:28.000,0:17:30.158 So, these devices have be hacked. 0:17:30.158,0:17:33.077 It was after I was diagnosed that that happened 0:17:33.077,0:17:36.138 but then I called up the doctor and said: "See?!" 0:17:36.138,0:17:43.000 Clapping 0:17:43.000,0:17:45.860 So the doctor really relies on the fact that 0:17:45.870,0:17:47.850 these devices are approved by the FDA 0:17:47.850,0:17:50.946 in the United States, and similar regulatory bodies elsewhere. 0:17:51.808,0:17:55.966 So, as a good lawyer, I went and researched the FDA 0:17:55.966,0:17:57.790 mechanism for approval of software 0:17:57.810,0:18:00.082 And what I found, is that the FDA 0:18:00.082,0:18:02.860 doesn't even typically review the source code on these devices 0:18:02.860,0:18:06.280 Unless there is something obviously wrong with the software 0:18:06.280,0:18:08.995 they generally don't even ask to see it 0:18:11.645,0:18:14.860 There isn't actually a clear set of requirements for the software even 0:18:14.950,0:18:19.350 and there are reasons for all these decisions of the FDA 0:18:19.360,0:18:23.700 but we think the FDA is doing a lot more than it turns out that they are. 0:18:23.710,0:18:26.175 The fact that they don't have a clear set of requirements 0:18:26.175,0:18:28.171 is connected to the fact that 0:18:28.171,0:18:31.790 they say that the companies that design these devices 0:18:31.930,0:18:33.640 because they are so specialty 0:18:33.640,0:18:36.460 and because they are so particular to each manufacturer 0:18:36.470,0:18:40.000 There are probably tests that are specific to those devices 0:18:40.010,0:18:43.460 and the people who know these devices best are the manufacturer 0:18:43.583,0:18:46.769 and therefore they are the ones that need to design what the tests are. 0:18:46.769,0:18:47.983 And there is some back and forth 0:18:47.983,0:18:49.610 about whether they've done the right tests or not, 0:18:49.610,0:18:51.607 but the truth of matter is that at the end of the day, 0:18:51.607,0:18:54.400 there's nobody at the FDA that even sees the source code. 0:18:54.615,0:18:56.850 Because they are not requesting the source code 0:18:56.950,0:18:59.400 they don't even have a repository of it. 0:18:59.648,0:19:03.850 So if there is catastrophic failure at Medtronic for example 0:19:04.010,0:19:07.320 I don't know that there is a canonical repository 0:19:07.330,0:19:09.220 for the software that I would have access to 0:19:09.250,0:19:13.310 and without being able to update the software on my device 0:19:13.320,0:19:15.340 I may get surgery to get a new one. 0:19:15.500,0:19:18.440 So, if there is a problem 0:19:18.550,0:19:26.129 my doctor, or truthfully some programming-savvy doctor 0:19:26.129,0:19:29.470 I can find or would be able to work with 0:19:29.510,0:19:33.230 to write a patch for my device, should there be a bug 0:19:33.260,0:19:34.320 or should we find it out 0:19:35.920,0:19:38.950 I actually spoke on a panel, with a guy 0:19:38.960,0:19:40.650 in cyber-security at the FDA 0:19:40.650,0:19:42.260 and I was really, really nervous 0:19:42.270,0:19:44.670 because I did as much as I could as a lawyer 0:19:44.670,0:19:46.370 I did all the research I could about the FDA 0:19:46.370,0:19:49.920 but I was not sure if this was actually 0:19:49.920,0:19:52.260 the case in practice so I put up the slide and I said 0:19:52.270,0:19:55.937 John, tell me if I am wrong, but this is what I think it is. 0:19:55.937,0:19:57.788 This is the way I think it is! 0:19:57.788,0:20:00.490 And I followed with a slide about Free and Open Source Software 0:20:00.490,0:20:02.930 and why is it so much better, and so much safer 0:20:02.950,0:20:06.160 and as soon as he came up to speak he said: 0:20:06.233,0:20:10.610 "Everybody thinks that the FDA should do this, the FDA should do that" 0:20:10.620,0:20:12.840 "but we just don't have the resources" 0:20:13.013,0:20:16.470 "and that is not what the FDA is set up to do" 0:20:16.470,0:20:18.230 and he paused, and looked at me 0:20:18.230,0:20:19.954 and just as I was about to… you know. 0:20:19.954,0:20:22.953 And he said: "But you are saying something different" 0:20:22.953,0:20:27.000 "You are saying, we let everybody else review the source code" 0:20:27.005,0:20:29.141 "That is something very interesting!" 0:20:36.246,0:20:42.220 So, making sure that our devices have software published 0:20:42.220,0:20:43.320 means that anyone can review it 0:20:43.340,0:20:47.000 My dad, who has that pacemaker is also an engineer 0:20:47.000,0:20:48.800 and a fortunate programmer. 0:20:48.800,0:20:50.260 He probably would have looked over it. 0:20:50.290,0:20:52.451 Many of us know people with pacemaker. 0:20:52.451,0:20:54.610 we would scour that code, for sure! 0:20:57.680,0:20:59.330 One other thing that I found out 0:20:59.330,0:21:00.680 which is a little bit weird 0:21:00.920,0:21:04.020 is that because these devices in the United States 0:21:04.020,0:21:07.050 are approved by a federal agency 0:21:07.560,0:21:11.009 patients are preempted from suing under State True Law. 0:21:11.009,0:21:13.790 So there is a whole avenue of remedy that patients 0:21:13.800,0:21:16.808 normally get, which the medical manufacturers 0:21:16.808,0:21:17.936 don't even have to worry about. 0:21:17.936,0:21:20.810 So now, I mean, I am not saying that the medical device companies 0:21:20.810,0:21:23.170 don't care if their patients die, obviously they do. 0:21:23.190,0:21:27.940 But there is a whole part of legal remedies that aren't even available 0:21:30.460,0:21:33.140 Really amazing, this research, and I have all of this set out 0:21:33.140,0:21:35.128 in this paper I wrote that is available on 0:21:35.128,0:21:37.548 the Software Freedom Law Center's website. 0:21:38.030,0:21:43.123 All this results in the fact that I don't have freedom in my own body. 0:21:43.427,0:21:47.440 I am not allowed to review the software that is implanted in it. 0:21:47.572,0:21:50.500 It's literally connected in and screwed into my heart 0:21:50.500,0:21:51.740 and I can't take a look at it. 0:21:51.928,0:21:53.992 it's unbelievable to me. 0:21:55.392,0:21:58.760 My mind is blown at the fact that the situation happened to me 0:21:58.770,0:22:00.810 It is a little bit freakish that I was a lawyer 0:22:00.810,0:22:01.950 at the Software Freedom Law Center 0:22:01.960,0:22:04.640 and I happened to have this weird heart condition, I admit. 0:22:04.660,0:22:08.030 but still just mind-blowing. 0:22:08.163,0:22:09.940 I didn't even had a choice. 0:22:10.113,0:22:13.636 The choice was either, you're extremely likely to die, 0:22:13.636,0:22:15.670 or you can get this device in your body 0:22:15.880,0:22:20.030 I hope that nobody in this room has to face that choice, but it was 0:22:20.040,0:22:22.110 really, really scary. 0:22:23.522,0:22:25.627 And then I started thinking about it, 0:22:25.872,0:22:29.330 and you know, it's not just the heart devices. 0:22:29.656,0:22:33.185 It's anything that our lives in our society rely on. 0:22:33.835,0:22:38.750 And as I thought about it, I realized that this actually touches on 0:22:38.770,0:22:43.428 a lot more areas of our lives than I thought it was. 0:22:46.750,0:22:48.770 For example, cars. 0:22:51.476,0:22:57.870 Like the university think tank that worked on those medical devices 0:22:57.870,0:23:02.070 and I would say, if you have time in our board, you should totally read that study. 0:23:02.080,0:23:08.000 It's fascinating, they implanted that device into a bag of bacon or meat of some kind 0:23:08.000,0:23:12.000 to stimulate it and they show all the equipment that you can find anywhere 0:23:12.745,0:23:15.350 that they used to hack into it. 0:23:15.821,0:23:18.870 But the same process as done with cars. 0:23:19.090,0:23:23.040 And a different think tank showed that they were able 0:23:23.060,0:23:25.880 to hack into two different brands, 0:23:25.910,0:23:28.000 two different manufacturer cars. 0:23:29.940,0:23:33.650 So the IEEE says that a premium class car 0:23:33.680,0:23:35.510 has close to 100 million lines of code. 0:23:35.580,0:23:39.610 So if we think back to what the Software Engineering Institute said 0:23:39.630,0:23:42.390 about one bug for every 100 lines of code 0:23:42.390,0:23:46.250 that's a lot of bugs, just in your car. 0:23:49.570,0:23:51.640 And what this think tank was able to do, 0:23:51.640,0:23:53.950 was all the things you might expect. 0:23:53.960,0:23:57.610 They are able to cause the car to accelerate, to brake. 0:23:57.880,0:24:02.645 They were able to control each wheel of a car individually. 0:24:02.852,0:24:05.662 And my favorite part, just for kicks, 0:24:05.662,0:24:08.455 I don't know if you can see, but 0:24:08.455,0:24:11.249 they're able to put a message on the dash 0:24:11.490,0:24:15.000 and so, they said pwnd and there is a little 0:24:15.000,0:24:19.020 x-eyed emoticon there. 0:24:19.692,0:24:23.093 The idea that they are able to take control over 0:24:23.093,0:24:25.255 two different brands of premium class cars 0:24:25.255,0:24:28.508 is really amazing to me. 0:24:30.510,0:24:34.700 Voting machines is another area that is super critical 0:24:34.700,0:24:36.180 and we've actually been talking about. 0:24:36.200,0:24:38.389 A lot of security experts have been talking about. 0:24:38.389,0:24:40.520 the problems with their voting machines. 0:24:40.520,0:24:45.070 In the United States, we rely on Diebold 0:24:45.070,0:24:49.000 and a lot of private manufacturers. 0:24:51.600,0:24:54.190 We have had problems with calibration. 0:24:54.200,0:24:58.040 I don't know if you've seen, but there is this hilarious cartoons 0:24:58.060,0:25:00.628 of people trying to vote for the right candidate 0:25:00.628,0:25:03.240 and the name of the candidate they want to vote for 0:25:03.270,0:25:06.560 moving around the screen, you sort of trying to poke after it 0:25:06.570,0:25:08.470 and eventually, whatever you wanted to do it says: 0:25:08.480,0:25:12.920 "You wanted to vote for the opposite candidate, right? right?" 0:25:13.020,0:25:16.260 And it's very difficult to know because we sometimes 0:25:16.290,0:25:18.390 don't have a verification of paper receipt 0:25:18.420,0:25:21.790 we don't even know that our vote was counted properly 0:25:21.800,0:25:25.020 and we were able to vote candidate in the end. 0:25:26.238,0:25:29.800 Really weird, as this is the basis of our society 0:25:29.820,0:25:32.094 and the backbone of our democracy. 0:25:33.308,0:25:35.020 I love what they did in Brazil. 0:25:35.210,0:25:38.408 I don't know if you guys heard about this, but Brazil said: 0:25:38.408,0:25:42.846 "We know that software has vulnerabilities and software has bugs." 0:25:42.846,0:25:46.027 "So we're gonna invite teams of hackers to come in," 0:25:46.027,0:25:47.948 "we're gonna give you the source code" 0:25:47.948,0:25:49.985 "and we're gonna give a prize" 0:25:49.990,0:25:52.414 "to anybody who find a way to…" 0:25:52.414,0:25:55.000 "who finds a vulnerability to get into the system" 0:25:55.000,0:25:59.959 All those teams, two of them were able to find bugs. 0:25:59.959,0:26:03.550 They say that neither of them would have affected 0:26:03.570,0:26:08.600 an election, but they were able to fix those bugs. 0:26:08.792,0:26:10.930 And those hackers got a prize. 0:26:10.930,0:26:12.960 Democracy is safer. 0:26:12.970,0:26:14.970 Security through obscurity doesn't work. 0:26:14.970,0:26:17.330 I don't know when we're going to figure this out, 0:26:17.340,0:26:20.790 but Brazil has got it done. So it's possible. 0:26:21.700,0:26:24.250 Our financial institutions, yeah, it's exciting! 0:26:24.270,0:26:27.430 Financial institutions are an other area we've seen recently 0:26:27.430,0:26:31.910 how bad it can be when our trusted institutions fail. 0:26:32.330,0:26:35.555 A lot of these institutions are running software 0:26:35.555,0:26:37.464 and our stock markets 0:26:37.464,0:26:39.250 and the operations of our banks. 0:26:39.250,0:26:43.010 These are all things that are critical 0:26:43.010,0:26:45.944 to just the way we live our lives. 0:26:45.944,0:26:50.078 It's more of a societal thing but we've already seen 0:26:50.078,0:26:51.966 that there are vulnerabilities there. 0:26:52.440,0:26:57.240 So, all this to say, it sounds heavy-handed 0:26:57.250,0:27:01.040 but my medical device can be controlled! 0:27:01.488,0:27:04.010 Our cars can be controlled and interfered with 0:27:04.014,0:27:06.420 and our financial institutions can be compromised. 0:27:07.850,0:27:13.260 I think we can all agree that our society and life-critical software must be safe. 0:27:13.810,0:27:16.250 But we're in a really interesting time right now. 0:27:16.498,0:27:22.150 Because how do we know what software that we use is life and society-critical? 0:27:22.720,0:27:25.224 The way that we use computers has totally changed 0:27:25.224,0:27:27.520 very very rapidly and very recently. 0:27:29.160,0:27:33.330 I've been astounded how people of all ages have started using computers 0:27:33.350,0:27:35.510 in a way that they never have before. 0:27:36.400,0:27:40.530 It's no longer specific tech-savvy people that are computing. 0:27:40.530,0:27:44.620 It's everybody, it's our grandparents, it's everyone. 0:27:44.621,0:27:47.290 And we're using our software for everything, 0:27:48.160,0:27:52.000 it's become how we do everything 0:27:52.159,0:27:54.017 How we communicate with each other. 0:27:54.345,0:27:56.620 How we talk on the phone 0:27:56.798,0:28:00.170 How we write, how we create art 0:28:00.310,0:28:04.000 How we handle our educational institutions 0:28:04.010,0:28:05.620 and how we manage our lives 0:28:06.300,0:28:08.080 We're building this infrastructure 0:28:08.110,0:28:10.823 and we're not really even thinking about it 0:28:11.862,0:28:15.876 A lot of people are using their phones to monitor things like their 0:28:16.715,0:28:19.290 exercise schedules and their diet 0:28:20.042,0:28:24.280 it's very convenient because you're keeping track of what you've eaten 0:28:24.300,0:28:27.380 as you go, or what you do 0:28:27.420,0:28:32.920 Some phone have pedometers, functionality built-in 0:28:33.140,0:28:35.506 and that's kind of basic and fundamental 0:28:35.506,0:28:38.710 but there is already software for the iPhone 0:28:39.160,0:28:42.050 that can talk to an implanted insulin pump 0:28:42.670,0:28:48.300 and compare your exercise and your diet information 0:28:48.300,0:28:51.792 with your blood sugar levels on your insulin pump 0:28:52.105,0:28:56.065 So now, suddenly, we're back to were I was with my medical device. 0:28:56.065,0:28:59.191 You got an iPhone that you're relying on for your life. 0:28:59.450,0:29:03.997 So, we're building all this infrastructure, 0:29:03.997,0:29:05.795 and we're willing to think about it 0:29:06.720,0:29:08.850 which is why the desktop is so important 0:29:09.030,0:29:11.700 This is where sort of all this all fits in to 0:29:11.820,0:29:15.570 my personal story and why I left the Freedom Software Law Center 0:29:15.580,0:29:18.000 which I loved and felt like the luckiest lawyer in the world 0:29:18.030,0:29:21.200 for being able to work there and been to the Gnome Foundation 0:29:21.220,0:29:22.795 which I also left. 0:29:24.390,0:29:27.570 And I say the desktop in quotes because I am talking about 0:29:27.570,0:29:29.580 these ways that we interact with our computing 0:29:29.590,0:29:32.030 in the ways that we manage our lives through software 0:29:33.145,0:29:36.235 We've reached the point where software must be usable by everyone. 0:29:36.235,0:29:38.620 I think everybody here 0:29:38.630,0:29:42.520 probably knows an older person, who as of a few years ago 0:29:42.520,0:29:44.728 probably never did anything with their computer. 0:29:44.728,0:29:46.901 My mother was one of these people. 0:29:47.512,0:29:51.150 I remember when I was a kid I kept saying 0:29:51.160,0:29:53.200 "but mom look at these cool games!" 0:29:53.242,0:29:54.310 "Not interested" 0:29:54.340,0:29:57.010 And I remember when I was in college and I said: 0:29:57.030,0:30:00.170 "Mom if we could talk by email, it could be so much better!" 0:30:00.340,0:30:01.190 Nothing… 0:30:01.370,0:30:04.060 I remember in Law School, I was saying 0:30:04.080,0:30:07.100 "Mom I can do all this great research using my computer," 0:30:07.110,0:30:09.300 "I don't have to sit all day in a library, it's awesome" 0:30:09.300,0:30:10.000 Nothing… 0:30:10.990,0:30:15.450 Later I tried to say "mom I'm going to organize my travel using the computer!" 0:30:15.610,0:30:18.100 Suddenly, she was slightly interested 0:30:18.350,0:30:22.680 and now, with everything that has come to pass 0:30:22.690,0:30:24.624 she can't do anything without her computer now 0:30:24.624,0:30:26.386 Now, her computer has become… 0:30:26.540,0:30:30.349 The first thing that she does, she emails and text to her friends 0:30:30.349,0:30:33.910 she does her travels, she manages her finances 0:30:33.920,0:30:36.120 it's spectacular to me because 0:30:36.150,0:30:38.735 I didn't use my father because he was an engineer 0:30:39.090,0:30:41.900 but my mother was really a bit of a technophobe 0:30:41.930,0:30:44.250 And now she loves Apple 0:30:44.470,0:30:45.540 LOVES APPLE 0:30:45.560,0:30:48.310 She can use her computer to do… She doesn't have to think about it 0:30:48.320,0:30:52.457 It's great, and it's very frustrating to me 0:30:54.250,0:30:57.660 But I'm excited for her because she now can use a computer 0:30:57.660,0:31:00.150 and it's something she owns now 0:31:00.160,0:31:03.950 She doesn't ask me a question, well she does… 0:31:03.980,0:31:08.000 But she doesn't think that there is any reason why 0:31:08.000,0:31:11.761 these devices are not targeted at her 0:31:11.761,0:31:17.578 and she is very much a representative of the majority of our society. 0:31:17.578,0:31:20.810 And these are people, only a few years ago, would not have been 0:31:20.810,0:31:23.900 that able to do very much with their computer. 0:31:24.945,0:31:28.848 We need to appeal to these people because they are the ones 0:31:28.848,0:31:31.292 that are making choices like supporting iPhone 0:31:31.292,0:31:33.990 to put in their exercise and diet regimes to talk 0:31:34.000,0:31:34.820 to their insulin pumps. 0:31:34.830,0:31:39.039 These are the kind of things that we need to really worry about. 0:31:39.039,0:31:45.030 because if we can't make our software easy to use by everybody, 0:31:45.350,0:31:47.063 no one is gonna want to use it. 0:31:47.292,0:31:50.565 And we have an opportunity now 0:31:50.565,0:31:52.442 a window that is slowly closing 0:31:52.619,0:31:54.870 because we're making choices now 0:31:54.870,0:31:56.691 that we're gonna have to live with for a long time. 0:31:56.691,0:31:58.500 We're building habits, we're building expectations 0:31:58.689,0:32:02.797 and we're establishing the metrics in our society for what is 0:32:02.797,0:32:04.771 acceptable software and what isn't. 0:32:07.931,0:32:10.580 I'm not gonna read these to you, you guys are here, 0:32:10.590,0:32:14.570 at LinuxConfAU, you know all the awesome reasons 0:32:14.590,0:32:16.710 why you should use Free and Open Source software 0:32:16.730,0:32:18.630 You're here for all those reasons 0:32:18.660,0:32:20.450 including that it's just really fun. 0:32:20.570,0:32:22.450 We've been having a great time here, 0:32:22.460,0:32:24.240 and learning about all sorts of really cool things 0:32:24.600,0:32:26.130 but the underscore of all that 0:32:26.310,0:32:29.575 and where all these reasons can come from is from Freedom 0:32:31.930,0:32:34.570 Free and Open Source software is not just good business 0:32:34.600,0:32:36.340 it's also the right thing to do 0:32:36.581,0:32:40.770 So when we talk about our heart devices, we talk about our voting machines 0:32:40.790,0:32:42.820 and then we talk about the way we live our lives 0:32:42.850,0:32:45.000 and the infrastructure of how we talk to one another. 0:32:45.112,0:32:49.083 We see that Free and Open Source software is just 0:32:49.083,0:32:50.830 the right thing to do for our society 0:32:50.903,0:32:52.778 and in order to bring that to other people 0:32:52.860,0:32:56.772 we need to make sure, it's easy and clear for them to use 0:32:56.920,0:33:00.800 These are some screenshots from the Gnome 3 release which 0:33:01.130,0:33:02.920 Most of who I would say are probably familiar 0:33:02.920,0:33:05.150 with already and are forming your own opinions about whether 0:33:05.160,0:33:07.010 you… laughs 0:33:07.010,0:33:09.780 Gnome 3 is something that you want to use or not 0:33:09.780,0:33:13.000 and I think that no mater what perspective you come from 0:33:13.010,0:33:15.520 I think that you can see that the Gnome 3 rewrite is done 0:33:15.540,0:33:18.970 to address these issues, it's to make our software 0:33:18.990,0:33:20.620 sleek and usable by everybody. 0:33:21.420,0:33:23.415 I joined Gnome after the Gnome 3 release 0:33:23.415,0:33:25.410 and it was the Gnome 3 release 0:33:25.410,0:33:28.065 that made me realize that I had to go work for Gnome 0:33:28.095,0:33:30.090 because this is our future. 0:33:30.100,0:33:34.000 We need to cross the bridge, we need to be able to provide software 0:33:34.000,0:33:38.000 to people who otherwise wouldn't be able to use it. 0:33:38.000,0:33:41.000 We need to make sure our desktop are accessible by everyone 0:33:41.000,0:33:44.060 because we are not going to be able to build 0:33:44.110,0:33:46.370 the right infrastructure for a whole society 0:33:46.390,0:33:48.665 if we don't bring these people on board too. 0:33:50.370,0:33:52.280 This is a second screenshot. 0:33:52.310,0:33:55.210 It happens to be Marina from the Gnome community 0:33:55.230,0:34:00.890 and she's the head of the Gnome outreach program for women 0:34:01.000,0:34:04.738 which is an awesome program and is a kind 0:34:04.738,0:34:06.260 of thing that you can do in a non-profit. 0:34:06.260,0:34:06.280 But what you may not have seen is that 0:34:06.280,0:34:08.180 But what you may not have seen is that 0:34:08.200,0:34:11.670 we launched, very recently, an extension website. 0:34:11.670,0:34:13.510 extensions.gnome.org 0:34:13.540,0:34:16.262 where third-parties can upload 0:34:16.966,0:34:21.230 extensions for the Gnome Shell and it's a simple point-and-click 0:34:21.240,0:34:22.940 for Gnome 3.2 0:34:23.330,0:34:25.840 So you can install all those customizations 0:34:25.980,0:34:29.070 and we're trying to build the ways 0:34:29.070,0:34:32.130 that Gnome 3 is going to develop over time 0:34:32.140,0:34:37.780 So, even though we have a single Gnome Shell vision, 0:34:37.780,0:34:40.450 with what I think are great choices, 0:34:40.450,0:34:44.966 if you disagree with them, there is a way to implement changes. 0:34:47.712,0:34:51.000 Gnome, I think, and I think many agree. 0:34:51.000,0:34:51.010 I've actually had a lot of people looking at my computer 0:34:51.010,0:34:54.250 I've actually had a lot of people looking at my computer 0:34:54.280,0:34:55.100 over my shoulder and say 0:34:55.110,0:34:57.800 "Oh my God what is that, that's so great!" 0:34:57.810,0:35:00.840 "It's not a Mac, but it looks so good" 0:35:01.190,0:35:02.780 "What's the story with that?" 0:35:02.790,0:35:06.730 So it's beautiful, but it's a lot more than beautiful 0:35:06.760,0:35:08.220 It's non-profit driven 0:35:08.527,0:35:11.040 And in the Free and Open Source software space 0:35:11.050,0:35:15.113 we have a lot of different ways that we develop our software together. 0:35:15.113,0:35:20.797 Some of our projects are more on the Android 0:35:20.797,0:35:24.833 or Unity side of things 0:35:24.833,0:35:27.878 where they're mostly controlled by a single company 0:35:27.878,0:35:32.049 and there are communities that build up around that 0:35:32.049,0:35:34.834 but at the end of the day, the ultimate control 0:35:34.834,0:35:36.540 of the project is by a single company. 0:35:36.804,0:35:40.610 And then we have projects like Gnome that are non-profit focused 0:35:40.862,0:35:43.440 and this actually touches on some other stuff that Bruce 0:35:43.440,0:35:44.930 was mentioning in his keynote. 0:35:46.150,0:35:49.550 What you get for non-profit development, or having a non-profit 0:35:49.560,0:35:54.025 that unifies the development in the community is a lot. 0:35:54.025,0:35:56.982 And one of the main things that you get is to keep other trust 0:35:57.110,0:36:00.030 So the Gnome community for example, 0:36:01.130,0:36:03.540 the Foundation is composed of members 0:36:03.570,0:36:06.190 there is over 300 members and it varies depending 0:36:06.190,0:36:08.680 on where people are and renewing their membership. 0:36:08.690,0:36:11.770 But in order to become a member, you have to be a contributor 0:36:11.790,0:36:14.050 to Gnome and it's only available to individuals 0:36:14.300,0:36:16.760 and if you're a contributor to Gnome 0:36:17.140,0:36:19.760 you can become a member, which allows you to vote for 0:36:19.780,0:36:23.610 the Board of Directors which influences the direction of the project 0:36:23.620,0:36:26.421 help spread infrastructure to support development 0:36:26.421,0:36:28.240 and decides to hire people like me. 0:36:28.500,0:36:33.180 So who are out there advocating for the ideology of Free and Open Source software 0:36:33.280,0:36:36.830 and helping to organize this kind of effort 0:36:37.080,0:36:39.612 So if you imagine the situation now, 0:36:39.612,0:36:44.630 the Gnome community does not require copyright assignment 0:36:44.850,0:36:51.000 but if a non-profit community like the Gnome community were to require, 0:36:51.000,0:36:53.130 or were to accept copyright assignment, 0:36:53.170,0:36:55.315 those copyrights were to be held by a Foundation 0:36:55.315,0:36:59.850 that had an oversight by the contributors 0:36:59.870,0:37:01.640 by everyone who has a stake in the community, 0:37:01.640,0:37:02.840 by everybody who invest in it. 0:37:02.920,0:37:07.070 There is a certain assurance to knowing that the control 0:37:07.100,0:37:09.720 of a community is in a non-profit that is 0:37:09.730,0:37:15.000 focused on what the contributors want, diversely, 0:37:15.000,0:37:16.268 over companies. 0:37:18.840,0:37:20.870 I want to stress that I'm not saying 0:37:20.870,0:37:24.860 that companies don't have a very important place 0:37:24.860,0:37:26.370 in Free and Open Source Software of course. 0:37:26.500,0:37:31.070 Companies must be able to develop products 0:37:31.080,0:37:34.450 in the Free and Open Source community but we need to 0:37:34.450,0:37:37.990 encourage these non-profit structures which are focused on the ideology 0:37:38.020,0:37:40.740 and work with companies to help them accomplish their goals. 0:37:40.760,0:37:45.650 But under the rubric of non-profits the way that we have in the Gnome community 0:37:45.670,0:37:47.620 We have a lot of companies that are involved in Gnome, 0:37:47.760,0:37:49.160 on any Advisory Boards, 0:37:49.170,0:37:50.630 and are just good participants 0:37:52.040,0:37:56.100 but the overall mission of the Gnome Foundation and the community 0:37:56.560,0:37:59.410 is the public good. 0:37:59.420,0:38:02.790 We are a public charity, so we are focused on the public good 0:38:02.810,0:38:04.520 not on our profit. 0:38:05.790,0:38:08.800 We care about our profit but for participants in our community 0:38:08.940,0:38:10.670 but what it means at the end of the day 0:38:10.670,0:38:13.990 is that we want to make the World a better place. 0:38:14.210,0:38:16.980 Sounds a little bit hokey 0:38:17.110,0:38:19.280 but let's be honest, that where a lot of this 0:38:19.310,0:38:21.000 Free and Open Source software came from originally 0:38:21.000,0:38:24.000 ideologically that's why we have such great and cool software 0:38:24.000,0:38:26.668 We have to start thinking about making the World a better place. 0:38:27.650,0:38:30.900 So we, at Gnome, recently launched an accessibility campaign 0:38:30.980,0:38:33.300 We want to make 2012 the year of accessibility 0:38:33.330,0:38:34.852 This is a perfect example 0:38:34.852,0:38:37.840 Yeah, it's really cool work, it's super important. 0:38:37.840,0:38:40.998 *crowd clapping* 0:38:40.998,0:38:43.410 So this is exactly the kind of thing that a company 0:38:43.410,0:38:45.333 might not be able to afford to do 0:38:45.640,0:38:50.000 because it's not necessarily in the interest 0:38:50.000,0:38:55.000 in increasing the bottom line to work on specific accessibility initiatives 0:38:55.000,0:38:56.530 for smaller populations of people. 0:38:56.598,0:38:58.669 But we at Gnome understand that this is 0:38:58.669,0:39:02.280 incredibly important because a desktop that's not usable by everybody 0:39:02.300,0:39:05.031 is one that fails our mission. 0:39:05.193,0:39:09.460 So this guy is Robert Cole, he is super awesome 0:39:09.480,0:39:11.000 That's a picture of him in his family, 0:39:11.150,0:39:14.000 he was kind enough to come forward and let us use 0:39:14.000,0:39:17.720 his testimony for accessibility campaign 0:39:17.920,0:39:20.230 He was born with a vision defect 0:39:20.250,0:39:22.220 So he has no vision in one eye, 0:39:22.220,0:39:24.632 and very limited vision in the other eye 0:39:25.080,0:39:31.540 He was relying on some proprietary assistive technologies 0:39:31.540,0:39:34.240 at one point that were really working for him 0:39:34.250,0:39:37.650 he got a grant from his local government in order to 0:39:37.650,0:39:41.560 get those technologies and they were assisting him to work. 0:39:41.750,0:39:45.290 But then when his system upgraded, he applied for more funding 0:39:45.290,0:39:47.980 to get the upgrade of his assistive technologies and he was denied 0:39:48.000,0:39:48.960 additional funding. 0:39:49.517,0:39:51.185 And he was just out of luck. 0:39:52.166,0:39:55.340 Fortunately, Gnome has been a very accessible desktop 0:39:55.340,0:39:57.170 and he was able to use Gnome technologies, 0:39:57.180,0:40:01.370 and through that he became a very active member of the Gnome community 0:40:01.400,0:40:03.420 but with Free and Open Source software technology 0:40:03.420,0:40:05.660 whatever we develop is going to be out there, 0:40:05.680,0:40:08.350 it's going to be available, you don't have to rely on 0:40:08.350,0:40:10.677 expensive proprietary upgrades to know that 0:40:10.677,0:40:12.720 you're going to continue to be able to use your software, 0:40:12.730,0:40:14.476 should your overall system upgrade. 0:40:14.476,0:40:21.223 So making sure that this kind of work is done in a Free and Open Source software environment 0:40:21.223,0:40:23.160 is extremely important so we just launched 0:40:23.190,0:40:25.910 this accessibility campaign if you donate to Gnome 0:40:25.980,0:40:28.670 while this campaign is going on we pledged to use the money 0:40:28.690,0:40:30.892 to help develop assistive technologies. 0:40:33.450,0:40:36.740 So all this to say: let's choose freedom! 0:40:36.750,0:40:42.232 We can choose freedom, we in this room are a very special group of people. 0:40:42.232,0:40:47.910 While I'm focusing on what our users are doing and how we must bring our users all… 0:40:47.920,0:40:49.736 and I say the broad of users, 0:40:49.736,0:40:51.552 we have to think big, we have to think giant! 0:40:51.570,0:40:57.010 While we need to do things that bring our user base in, 0:40:57.010,0:41:00.280 people in this room are making choices everyday 0:41:00.300,0:41:03.720 I can't tell how many iPhones I have seen at this conference 0:41:03.720,0:41:05.700 how many Macs I have seen in this conference. 0:41:05.730,0:41:07.900 You know we have the technology, it's good. 0:41:07.940,0:41:13.000 I don't really tweak my desktop very much anymore at all 0:41:13.280,0:41:16.790 I've switched over to Gnome-shell and it's so sleek 0:41:16.790,0:41:19.960 and great and I barely use the command line 0:41:19.960,0:41:23.990 for things that are connected to my computing environment 0:41:24.000,0:41:27.160 and only then when I really feel I can't 0:41:27.170,0:41:29.890 It's not for everybody, but we need to choose 0:41:29.890,0:41:32.530 free an open platform, we need to develop on them 0:41:32.710,0:41:34.460 because it's the only way we're gonna create 0:41:34.470,0:41:37.870 these safer and better societies 0:41:37.900,0:41:40.090 It's the only way we're going to create a World 0:41:40.110,0:41:44.030 where we know that our software can be reviewed 0:41:44.060,0:41:45.480 and that it will have integrity 0:41:46.790,0:41:52.840 We need to build our communities in the non-profit space 0:41:53.110,0:41:56.000 Because we need to create those really good degrees of trust 0:41:56.410,0:41:59.438 We need to bring our ideology back into Free software. 0:42:00.184,0:42:03.132 Going a little bit out there, I'd say: 0:42:03.132,0:42:05.264 It's not about terminology, it's about ideology. 0:42:05.464,0:42:06.545 We really need to think about 0:42:06.545,0:42:08.809 making the World a better place because we can, 0:42:08.809,0:42:09.920 and we should. 0:42:10.520,0:42:15.520 I have this picture from the original Apple campaign. 0:42:15.622,0:42:21.340 Because it really strikes me that this woman 0:42:21.360,0:42:24.680 coming and taking her hammer and, 0:42:24.710,0:42:29.330 flinging it against the establishment and the machine 0:42:29.400,0:42:31.610 for individuality and our freedom, 0:42:31.800,0:42:33.380 and it really speaks to me now. 0:42:34.710,0:42:36.860 Let's choose Free and Open Source software 0:42:36.860,0:42:39.470 for ourselves, and for our society. 0:42:42.090,0:42:45.500 So the Gnome Foundation is a charitable organization. 0:42:45.540,0:42:47.150 We accept donations. 0:42:47.150,0:42:53.260 And my talk is freely licensed so feel free to quote it 0:42:53.460,0:42:55.620 and republish it. 0:42:56.860,0:42:58.400 Does anybody have any questions? 0:42:59.910,0:43:15.160 *crowd clapping* 0:43:16.008,0:43:17.215 Good day. 0:43:18.554,0:43:23.660 I guess I personally see it as a really positive future 0:43:23.660,0:43:28.070 because I think there is never going to be a year of 0:43:28.080,0:43:30.550 the leading desktop where everyone suddenly converts 0:43:30.560,0:43:32.480 but it would just be this gradual process. 0:43:32.480,0:43:35.495 in the same way that most of us have come to Linux 0:43:35.495,0:43:39.098 after some other proprietary process 0:43:40.310,0:43:45.282 I'm wondering how you see us engaging with not 0:43:45.282,0:43:48.461 the entirety of society, cause that's way to difficult 0:43:48.461,0:43:51.763 but what's the next age of the people 0:43:51.763,0:43:54.653 that we can engage with and that can then convert 0:43:54.653,0:43:57.040 their friends and their parents and so forth? 0:43:57.353,0:44:00.050 I also think that the next wave is that we need to get 0:44:00.070,0:44:01.450 into schools as much as possible 0:44:01.710,0:44:04.500 I think there are a lot of great initiatives to bring 0:44:04.500,0:44:07.352 our various free distros into schools 0:44:07.352,0:44:10.415 what really strikes me is that, in the United States in particular, 0:44:10.415,0:44:15.027 there are a number of non-profits that are set up as technology charities 0:44:15.027,0:44:20.172 and what they do is they bring Microsoft licenses and other proprietary licenses 0:44:20.172,0:44:23.405 to underprivileged communities and to schools. 0:44:23.405,0:44:25.263 They get tax breaks for doing that 0:44:25.263,0:44:28.569 What they're actually doing is creating a dependency 0:44:28.569,0:44:32.299 on proprietary software and it's a very clever, 0:44:32.299,0:44:34.183 very very clever technique 0:44:34.183,0:44:38.619 because we're training people to use certain kind of software. 0:44:38.619,0:44:39.936 We need to do the same thing. 0:44:40.192,0:44:41.863 I know there are a lot of great initiatives already. 0:44:41.863,0:44:43.990 Gnome has a number of initiatives that would do this. 0:44:44.140,0:44:47.565 And I'd say everybody get involved in your community 0:44:47.565,0:44:50.170 and start bringing our software into schools. 0:44:50.170,0:44:51.381 I think that a first step. 0:44:51.381,0:44:54.520 I think the next step is writing really cool 0:44:54.580,0:44:57.850 applications for our Free and Open platforms 0:44:57.990,0:45:00.383 If we've got the next cool thing, 0:45:00.383,0:45:02.000 then people would want to use it. 0:45:02.000,0:45:04.215 There are lots of different steps. I think you're right. 0:45:04.215,0:45:07.594 There is no easy answer to make 0:45:07.594,0:45:10.289 this the year of the GNU/Linux desktop 0:45:10.289,0:45:12.894 it just doesn't happen as easily as that 0:45:12.894,0:45:14.572 but there are things that we can do in the schools, 0:45:14.572,0:45:16.659 It's, I think, the first place we should start. 0:45:18.640,0:45:19.580 Thanks you. 0:45:19.800,0:45:21.660 Two things if I could. One is, 0:45:22.750,0:45:24.950 for us in Australia and other countries, 0:45:24.950,0:45:28.135 if the FDA has approved it, is that it? 0:45:28.135,0:45:32.633 Is that accepted here without us having our own standards and rules 0:45:32.633,0:45:34.449 setting the software, any of that? 0:45:34.465,0:45:36.958 So I haven't actually looked into Australia. 0:45:36.958,0:45:37.566 I should have. 0:45:37.566,0:45:39.502 I actually thought this morning that I really needed 0:45:39.502,0:45:41.163 to check the situation in Australia. 0:45:41.163,0:45:46.260 But I know that in any UK and other countries there are comparable bodies 0:45:46.310,0:45:47.510 the ones that I've looked in so far 0:45:47.530,0:45:49.250 also don't review the source code. 0:45:49.270,0:45:50.930 So they have similar review processes. 0:45:50.950,0:45:54.660 The FDA only applies in the United States 0:45:54.670,0:45:57.390 So each region has its own approval process. 0:45:57.400,0:45:59.840 But from what I've discovered, so far in the regions 0:45:59.840,0:46:01.560 that I have looked at, they are similar. 0:46:02.550,0:46:05.246 The other thing is that there are other areas 0:46:05.246,0:46:07.383 where software is extremely important 0:46:07.383,0:46:09.278 that you've mentioned during your talk 0:46:09.278,0:46:11.616 like avionics and gambling machines, and so on. 0:46:11.616,0:46:14.650 And in some places in the World there are 0:46:14.740,0:46:17.570 different rules, there is review of code and that 0:46:17.570,0:46:18.440 sort of things. 0:46:19.140,0:46:22.990 Two things out of that. One is it seems a shame 0:46:23.040,0:46:27.180 that there aren't general government standards for 0:46:27.200,0:46:31.000 software where it matters. Have you got any thoughts 0:46:31.000,0:46:32.630 on how we could make that happen? 0:46:32.990,0:46:34.625 We have to become real advocates 0:46:34.625,0:46:38.450 and what does really strike me is that 0:46:38.460,0:46:41.364 proprietary software companies have such an amazing lobby. 0:46:41.364,0:46:43.090 They have so much money that they can pour in 0:46:43.090,0:46:45.890 to making sure that the government is deeply 0:46:45.890,0:46:47.840 concerned about their innovative edge. 0:46:48.000,0:46:52.260 For their products that 0:46:52.260,0:46:52.280 they keep they proprietary incentives[br]For their products that 0:46:52.280,0:46:54.430 they keep they proprietary incentives 0:46:54.440,0:46:56.380 Medical devices is a really good example 0:46:56.400,0:46:57.830 of how that breaks down. 0:46:58.000,0:47:01.231 When you think about the business case 0:47:01.231,0:47:04.010 of medical devices, you sort of search and see: 0:47:04.030,0:47:06.046 OK, well I'm not buying my heart… 0:47:06.046,0:47:07.907 I'm not choosing the brand of my heart device 0:47:07.907,0:47:10.290 because it has the best software on it. 0:47:10.330,0:47:14.385 I'm choosing Medtronic because they have a good track record. 0:47:14.385,0:47:18.224 Because they are a precision manufacturer of really detailed equipment 0:47:18.224,0:47:19.850 and they have been for a long time. 0:47:19.960,0:47:21.870 If they published their software, 0:47:21.870,0:47:24.432 even if they've published their hardware specs, 0:47:24.432,0:47:31.302 it's not like Nokia is going to go and start producing medical devices. 0:47:31.302,0:47:33.650 And if they did, it would take some time 0:47:33.670,0:47:35.439 to get doctors comfortable that the fact 0:47:35.439,0:47:36.408 that they will be relying on them. 0:47:36.408,0:47:37.504 They're going to get support. 0:47:37.504,0:47:42.586 There's this whole issue of the fact that 0:47:42.586,0:47:44.641 these proprietary software companies have 0:47:44.641,0:47:46.489 a really strong lobbying force. 0:47:46.489,0:47:49.374 The only response I got from Medtronic so far 0:47:49.374,0:47:52.168 is saying: "Our business case relies on" 0:47:52.168,0:47:53.950 "keeping ourselves for proprietary" 0:47:54.960,0:47:57.192 In the United States there were a bunch of 0:47:57.192,0:47:59.955 Breathalyzer cases, with drunk drivers. 0:48:03.540,0:48:05.240 There is a driver who said: 0:48:05.240,0:48:09.700 "If you're gonna convict me on the fact that" 0:48:09.700,0:48:11.877 "this Breathalyzer said my blood alcohol level was very high," 0:48:11.877,0:48:13.537 "I want to be able to see the source code" 0:48:13.537,0:48:16.000 "in order to determine whether or not" 0:48:16.000,0:48:18.570 "that was accurately drived" 0:48:20.190,0:48:21.954 The company fought it and said 0:48:21.954,0:48:23.719 "this is our proprietary technology" 0:48:23.719,0:48:24.265 "blablabla". 0:48:24.265,0:48:25.950 Eventually the Court said you must produce 0:48:25.950,0:48:28.450 the software, the source code and 0:48:28.470,0:48:30.790 what the Court found through their experts was 0:48:30.810,0:48:32.659 that the results couldn't be relied on. 0:48:34.800,0:48:37.029 Amazing stuff, and this happens in a lot of different jurisdictions. 0:48:37.029,0:48:38.657 In the United States, some jurisdictions say 0:48:38.657,0:48:41.393 you must produce the code, others say no. 0:48:41.393,0:48:43.280 But I think at the end of the day 0:48:43.300,0:48:46.257 we need to keep it in our dialog, keep asking these questions 0:48:46.257,0:48:50.476 throughout our different areas from 0:48:50.476,0:48:53.140 breathalysers to medical devices. 0:48:53.360,0:48:57.990 And being a really vocal community 0:48:58.000,0:48:59.790 about these issues is going to help. 0:49:00.020,0:49:02.863 We also need to organize from a lobbying perspective as well, 0:49:02.863,0:49:05.194 because there is just so much funding on the other side. 0:49:06.820,0:49:08.270 There was a question back there. 0:49:09.090,0:49:10.360 Oh, you've got the mic, OK 0:49:10.660,0:49:13.332 So first of all, I think that your talk was totally awesome 0:49:13.332,0:49:16.697 and thanks for expressing basically the core 0:49:16.697,0:49:18.875 of the Free software ideology which is that 0:49:18.875,0:49:20.419 Free software is about freedom including 0:49:20.419,0:49:22.280 the freedom to know how you're kept alive. 0:49:22.450,0:49:25.950 Which I think is really important, so thanks for doing that! 0:49:26.220,0:49:32.000 clapping 0:49:33.690,0:49:36.000 As far as the remote car exploit stuff, that's 0:49:36.000,0:49:38.510 actually from Alexei, Karl and Franzi in the lab 0:49:38.520,0:49:39.930 at UW where I work. 0:49:39.960,0:49:42.695 And those exploits were done remotely 0:49:43.092,0:49:46.410 through the telematics units in the cars so just 0:49:46.420,0:49:49.400 like cardiac-implants people can crash you car remotely. 0:49:50.241,0:49:52.413 It's like through a telephone. 0:49:52.639,0:49:57.330 Actually, I meant to get that into a little bit more detail, 0:49:57.330,0:50:00.580 but yes the control of the cars were remote but 0:50:00.580,0:50:03.981 I also want to mention that the HP printer exploit 0:50:03.987,0:50:07.399 that happened recently, where 0:50:09.735,0:50:13.200 over the Internet, folks were able to take control of 0:50:13.220,0:50:16.220 HP printers which not only were able to do all 0:50:16.220,0:50:18.440 kind of terrible things like being able to know what 0:50:18.440,0:50:20.910 you are printing including monitoring to see if you 0:50:20.930,0:50:23.160 are printing text documents and so determining 0:50:23.190,0:50:25.710 what information was included in particular boxes 0:50:25.730,0:50:29.230 but they were also able to set printers on fire. 0:50:29.990,0:50:33.000 laughs 0:50:34.108,0:50:35.890 They weren't? They were! 0:50:35.900,0:50:38.818 "There was a guy at the CCC that had a printer set on fire this year" 0:50:38.818,0:50:39.795 "Yeah!" 0:50:39.795,0:50:51.000 mumbling 0:50:51.000,0:50:54.000 "You should either talk into the microphone or ask a question" 0:50:54.000,0:50:55.270 The question I was gonna ask you is 0:50:55.410,0:50:57.170 You're talking about accessibility 0:50:57.370,0:50:59.400 and one of the things I've noticed is that 0:50:59.400,0:51:01.108 people that are blind are totally fucked 0:51:01.108,0:51:02.631 when it comes to using computers 0:51:02.631,0:51:04.183 and if you want to get a Braille terminal 0:51:04.183,0:51:07.089 it can cost somewhere like 6 or 8 thousand Euros to get them. 0:51:07.089,0:51:10.250 And there is one group in the UK that are looking at 0:51:10.250,0:51:12.370 building affordable ones, I think coming in 0:51:12.400,0:51:13.840 somewhere at a thousand dollars. 0:51:14.230,0:51:16.317 But I wonder what Gnome can do to make it 0:51:16.317,0:51:18.640 so that computers are really accessible in terms of 0:51:18.720,0:51:21.400 alternate methods of interfacing with computers 0:51:21.410,0:51:24.240 especially for people who are blind or unable to see 0:51:24.550,0:51:26.330 and I wonder if you can talk a bit about 0:51:26.330,0:51:29.000 Braille terminals and maybe making them accessible and so on. 0:51:30.820,0:51:33.000 I was gonna say this actually as a separate talk. 0:51:33.000,0:51:36.060 There was a talk on accessibility at this conference, 0:51:36.160,0:51:38.920 but I don't want to get into too much detail 0:51:38.920,0:51:44.810 about the particular initiatives, but with Gnome 2 0:51:44.810,0:51:47.650 there are a lot of assistive technologies for 0:51:47.650,0:51:49.630 vision or magnification. 0:51:49.640,0:51:55.000 Other types of software that are very helpful but… 0:51:55.700,0:51:58.850 and actually Gnome won several awards for 0:51:58.860,0:52:01.098 the accessibility of their desktop. 0:52:01.098,0:52:04.618 But while we rewrote Gnome 3, 0:52:04.618,0:52:08.159 we actually broke a lot of our assistive technologies, 0:52:08.159,0:52:11.468 as part of the necessity of starting all over again 0:52:11.468,0:52:12.310 and starting new. 0:52:12.650,0:52:15.974 So actually our campaign is much more basic than that. 0:52:15.974,0:52:18.169 I'd like for us to get there over time. 0:52:18.169,0:52:20.486 But we have some great software 0:52:20.486,0:52:22.547 but it needs help just to get working. 0:52:22.547,0:52:24.670 So the accessibility campaign 0:52:24.680,0:52:26.738 that we're running now is really fundamental 0:52:26.738,0:52:30.940 If we get a huge level of support from it, 0:52:30.940,0:52:33.180 we can hire developers to work on the stuff and 0:52:33.180,0:52:35.755 start exploring some of those particular initiatives. 0:52:35.755,0:52:39.975 But it's sort of like, now the accessibility 0:52:39.975,0:52:43.172 team at Gnome, at our annual general meeting 0:52:43.172,0:52:45.063 I asked them to give a little presentation 0:52:45.063,0:52:47.961 of where we stand, and the first slide was 0:52:47.961,0:52:49.676 a set of stairs. 0:52:50.740,0:52:53.255 So right now, we have a lot of work to do. 0:52:53.255,0:52:56.474 We need to bring our new system back to 0:52:56.474,0:52:58.182 where we were with Gnome 2, 0:52:58.182,0:52:59.777 and then we need to go beyond. 0:52:59.777,0:53:01.916 We're much further now, with Gnome 3 0:53:01.916,0:53:03.642 than where we were when we launched Gnome 2 0:53:03.642,0:53:05.572 and Gnome 2 went really far 0:53:05.572,0:53:07.750 but we really have along way to go. 0:53:08.520,0:53:11.000 So there was a question for someone right over there 0:53:11.000,0:53:14.588 who had put his hand up, and I'll be really fast. 0:53:14.588,0:53:16.345 If we can have one more question, 0:53:16.345,0:53:18.117 we'll have to wrap it up after that. 0:53:22.000,0:53:23.000 Thank you. 0:53:23.649,0:53:30.020 I am concerned that should your implant fail, 0:53:30.760,0:53:34.160 and you collapsed to the floor, I don't know what to do. 0:53:34.180,0:53:37.110 Is it just CPR or is this something else I should do? 0:53:37.140,0:53:38.890 That's a great question. 0:53:38.890,0:53:41.550 Everybody should be trained in CPR, 0:53:41.600,0:53:44.910 and I've became aware of this and hassle 0:53:44.930,0:53:47.500 the people close to me to get trained in CPR 0:53:47.510,0:53:49.400 when I found I had this heart condition. 0:53:49.410,0:53:50.762 So if somebody collapse in the front of you, 0:53:50.762,0:53:53.205 you should commence CPR, 0:53:53.205,0:53:57.630 you should check their life signs and follow that procedure. 0:53:57.640,0:54:00.392 For me, if I've collapsed now my device 0:54:00.392,0:54:03.796 will most likely shock me and if it doesn't, 0:54:03.796,0:54:05.146 if somebody performs CPR, 0:54:05.146,0:54:08.785 hopefully we can keep my blood circulating until help comes 0:54:08.785,0:54:12.523 and I can be shocked with an external defibrillator. 0:54:12.523,0:54:15.642 The truth is, it often takes so long 0:54:15.642,0:54:17.269 to get an external defibrillator 0:54:17.269,0:54:18.610 and to get people's heart starting again 0:54:18.610,0:54:21.263 that there is often some brain damage by the time that happens. 0:54:21.263,0:54:22.895 So that's part of the reasons. 0:54:24.000,0:54:25.000 There is one in the lobby. 0:54:26.050,0:54:28.090 And it's funny because when I walk by those 0:54:28.100,0:54:29.570 now I think: "Those are for suckers!" 0:54:29.570,0:54:30.850 I've got my own! 0:54:30.860,0:54:35.000 clapping 0:54:35.000,0:54:38.957 So, all this to say I am really glad 0:54:38.957,0:54:41.033 that I have this piece of technology, 0:54:41.033,0:54:42.726 and I'm glad that I can rely on it. 0:54:42.726,0:54:44.595 I just think it can be better and safer. 0:54:44.820,0:54:45.710 Thanks you. 0:54:45.730,0:54:47.110 Unfortunately, we're running out of time, 0:54:47.130,0:54:49.000 but a huge round of applause for Karen.