Archive for the ‘’ Category

You’re doing it wrong!

Wednesday, March 3rd, 2010

“You’re doing it wrong.”  I believe is one of the most counterproductive statements a person can make.

First of all – that statement gets little accomplished.  Typically it makes the person that is “doing it wrong” dig deeper to defend their work.  Why – well they are WORKING CREATING ACCOMPLISHING.  Something is vested and so therefore I must defend that time and effort on my part that I have vested.  It is a natural and some what justifiable human response.

And it be honest, “You’re doing it wrong” is typically an inaccurate statement.  Instead it should be “I think that you are not creating what I think I want.” Or perhaps instead “you are not doing what I would do.”  And sometimes “you are not doing what 99% of the rest of the world would do.”  That doesn’t actually make it wrong…  I mean Feynman talks about science being that constant challenging of norms and experimentation.  When is something actually 100% wrong?

I strive in life to be the person that helps people figure out that instead of them both fighting over the orange.  One person wants the peel while the other needs the juice.

So I am working on this citability codeathon.  It is interesting to me that many view me as dictating a standard that is incompatible with whatever they are doing and therefore my project must be competition.  This reminds me when I was at the National NonProfit Congress and I had to facilitate a discussion between two Nonprofits that were angry that the other was “stealing their poor people.”  I view this as losing sight of the cause or the reason we do what we do.

Our mutual goal is to make data citable and therefore more accessible to the people.  There are many paths there.

For the codeathon, I have several groups that will be attending.  At first glance, it might seem we are at odds.  For example everyone assumes that Joe Carmel’s must conflict w Citability.  He and I talked for several hours.  They don’t.  Actually citability may make his job easier.  We both know we could never get all the govt sites to adopt citability and that makes his tool quite necessary.

Also the Coins and URN:LEX crowd, those datamarkup standards can easily be added to the citability markups.  URN:LEX isn’t for everyone since it must be created and maintained by a governmental body but there is no reason why we can’t add a special parser to citability to add those fields when they are available.  Same with the semantic web.  Citability only requires 3 things: A unique location, datestimestamp and granularity.   There is so much more to be added.  When it was created, we KNEW it wasn’t perfect.

I suppose when you start a project from a point of view where you know what you are doing is not the complete answer, it makes it easier to see adaptive solutions.

I consider what we are doing with citability to be a baby step.  I don’t consider it to be right and other ways wrong.  I typically find that if we can sit down and talk there are easily ways to make things interoperable.  I believe that citability is right for a small part of what we are trying to accomplish.  I don’t think it is perfect.  Far from it.  I think eventually we will have some fascinating structures to build folksonomies, taxonomies and ontologies on top of this esp where we can specialize for different documents etc.

I know that Tim Berners-Lee is doing a huge project in the UK with Linkeddata.  I think that is awesome.  But I’m not sure about that project being available for the City of Austin anytime soon.  I am working within some very limited constraints.  I really want him to succeed. It would make many things easier if he does.  But this doesn’t mean I stop doing what I am trying to do.  It doesn’t mean our way of doing things is wrong. Life is evolution.  We use HTML 5 and XML now :-)

But for now, I am trying to do what I believe is right for now.  Doesn’t mean I think what you are doing is wrong.  Just maybe wrong for me.  But there are so few of us creating in this space… I find it sad to argue over someone stealing their poor people…  Instead, let’s talk and see if maybe you just want juice while I am eying that orange peel.  And yes you are INVITED to the codeathon to work on your project as well just make sure it is Open Source :-)


WDYDWYD part 2

Thursday, December 31st, 2009

So I ignored the signs about identity. I waffled back and forth trying to create privacy on important things like home addresses while trying to maintain my brand. In a way I was forced into it. Whenever anyone hears the name Silona and they know me – they assume it is me. It’s a reasonable assumption. But when some students of mine discovered, I realized I had more to do. was a porn site for a dominatrix in the Czech Republic. Unfortunately she never showed her face and hard dark hair and a similar build to mine. Everyone seemed to believe me that it wasn’t me but.. the seeds of doubt were there. I knew I had to work more on creating and preserving my own identity. And I was tired of addressing the issue – “no that isn’t me…”

So I gave up on privacy. For me it had become a lost cause. So many sites and agencies wanted my address and phone. It had accidentally been published. So many things depended on my SSN and name. I had already been stalked once and because of that Dad and I had done concealed handgun classes together. (Yes I own 4 guns. Yes I am a Texan and a military brat.) I realized privacy as secrecy was a thing of the past – it just took me awhile to completely accept it.

I know it’s hard. I mean I do large scale databases for a living.

So I went looking for a way to fix it… my first attempt was a royal failure.  I realized things don’t just need to be available.  They need to be equitable.

As individuals, the electronic medium was forcing us to be transparent to businesses and government but they did not have to report back to us.

I decided to strive to create more equitable relationships.  Step was get government transparent… step two was business.  But I didn’t tell many people.  See in 2004 in Texas – most people already thought I was a little “unrealistic.” (to put  it nicely.)

Recently though I refocused.  Now I am focused on citations for government documents, creating citable data, and openbanking.


Podcast w Jon Udell about

Saturday, August 15th, 2009

The podcast I did with Jon Udell about is now live!

check it out!

and if you want to help work on the specs see

also we need help w PDF issues at

community work at

project specifications for drupal at

Project specifications for archive server at


nifty video about presenters at OSCON

Monday, August 10th, 2009

I love Gregg Pollack’s use of Viddler where he has put links for all the presenters he managed to wrangle at OSCON09.


FOSS can lead to more secure software for Government

Monday, July 20th, 2009

Security issues with…

1) Open Source (community created) – Open Source Communities don’t always focus on risk analysis.  This is a paper tiger since typically FOSS programmers are not paid to care about security as top priority.  If compensated properly, they can and will implement proper security procedures.  I do not know anyone that views this as “FUN” programming.  However the source code can be viewed and therefore fixes can be made by anyone that is paid to do so.

2) Proprietary – Typically proprietary software results in a single point of failure in regard to code being fixed.  That singular point of failure is the vendor.  All the insane governmental contracting regulations are created to try and prevent that vendor based failure from happening.  Much of this is CYA dumping on the vendor in the attempt to create an equitable relationship.  Often times this also results in software being unreasonably expensive.  These CYA attempts are a smoke screen however because you never really know if the software is secure without the visible code and all its inner workings.

3) Homegrown – If done in house, you have the ability to see all code and do proper vetting procedures.  But hiring upper echelon programmers is difficult.  The vetting process is one that most programmers are not typically willing to go through just because of basic creative personality characteristics.  A top programmer can make more money with less hassle in the business sector.

So I suggest a melding of all three.  If you can’t see the code is it ever going to be truly secure?  Instead have internal teams focus on proper security vetting.  Create good release procedures about security information and adding back working fixes to the FOSS community.  And if necessary (typically I see this as a failure of timing) do not release security information until internal teams have created a fix that is ready for the public.  Also use those third party outsiders to do security testing of the FOSS products.  It doesn’t matter if their source is open or not.  They just have to inform you of the vulnerabilities they have found.

I think Government could perform an amazing community service that is a win/win solution for the public by focusing purely on the Customization and Security of FOSS projects with their internal teams.  This way they can be suitably vigorous without significantly increasing the barrier of entry to contractors and  FOSS communities.  And they could save money but not having such convulted contracting procedures.

Also Proprietary companies that help with security processes of risk analysis and risk management and can help supply warranties.  After all why would anyone undertake risk without compensation?  Otherwise it is an inequitable relationship that cannot be trusted.

Let us not forget the change management aspect of adopting a new methodology.  Working with open source code AND open source COMMUNITIES is going to require some serious change management for current government employees.  There is a HUGE cultural break because so much in resources is currently used for CYA. We have to retrain them in regards to open processes.

Also recognize with being so integrated with FOSS there may come a time for the project to fork because of security issues.  This is extremely difficult and political and must be managed properly.  This will require serious training in typical FOSS community culture and processes.  For example govt employees should understand the basic stages of FOSS development and the different risks that each stage poses.

We also need to prep FOSS vendors on how to integrate with government processes as well.  There is a middle ground here.  We need to define it for the barriers to be broken down successfully.  We have to be ready to help gently educate them as well (instead of being self absorbed self righteous a$$#&& – you know who you are…)

You can see from the need for security, risk analysis, risk management, and change management that FOSS does not reduce costs.  But it can result in better software for the money spent with less flamboyant failures that seem inherent to the current high risk bidding procedures in government.

Some good reference materials:


How to save the world in 3 easy steps

Tuesday, June 30th, 2009

This is the 10 year plan I created in 2004

1) transparent govt
2) transparent business
3) introduce checks and balances in behavior
and create legal constructs when social norms fail

I started on all this because I am “Silona Bonewald” the only one in the world and I am a database geek. So I realized with the nature of things as they become electronic – privacy thru obscurity is gone. We needed a new (might I say better) type of checks and balances. And decided to start making govt and businesses more transparent.

When I started I didn’t talk much about business – everyone thought I was crazy enough in regards to govt. But now with the crash and such… I am not looking as crazy.

This is why I do allllll the crazy projects I do…
this is my theme!



Tuesday, February 24th, 2009

saw a post today about how CMS’s are evil

As to disliking the CMS and advising NPO’s and other to create their own…  I’m sorry I disagree.  They need it simple.  And simple means not creating something new.  (version, scope control etc etc)

Instead for my NPO’s (I’m on the board of directors of Texas Assoc of Nonprofit Orgs),  I recommend the cloud.  Yes, even as I protest the cloud’s use of users data and lack of protection.  It is a huge win for NPO’s to go with someone else hosting solution and setting up wordpress.  Their IT infrastructure is always lacking and it is simplier to outsource it all in a central location that does backups properly.  Most NPO’s know next to nothing in regards to properly hiring and managing an outside consulting firm for custom development.  And to be honest, can’t afford them.

The simpler the better and as a point of disclosure… I used to have a group called where we did drupal setups for NPO’s.   The educational process was huge.

at the same time I also got wind of a new structure of RDF and RSS feeds being required by the federal government to states receiving the stimulus package.

Now the hard thing about this post is I really like both of these guys.  And I think they are really good developers.


I do believe they are both going in the wrong direction.

In the data realm, I would like just to have access to the DB dumps.  Seriously, the govt needs to just scrub them of privacy data and put them in a data warehouse.  And then make that available w open API.  We will create our own RSS feeds and process it ourselves.  Requiring standards at that level always makes me nervous because of the resistance to changing them once set.  And you never know what data you are also going to want later.  I prefer those standards evolving organically – after we see what interesting programs others make.

i would like to see thinking moving in a more semantic direction.