Projects 01: Brief Descriptions
I’ve always focused mostly on what my employers needed from me and not really done much with my own time that wasn’t geared toward that. I’ve learned a lot that way but I do wish I’d spent more on my own stuff. Had a bunch of other stuff going on the last decade as well that took up a lot of time. So I’m getting back into it.
Going into freelance also more or less forced me to create an LLC and a bunch of other stuff you do to keep more of your money. With that in mind I have started some projects there that it pays me for when it can and I have the time I can give it. They are or will be open source when I can get there but in the meantime, one issue with making progress is that I need to renew a lot of very rusty skills. So most of the time my “learning” posts are about these. Further, I plan to do some projects geared to learn more about some of the problems I’m thinking about. I do hope that I can get more contracts or something and keep that business floating so it can make one or more of these happen, but we’ll see. Maybe someone wants to partner with me; that would be great!
Git QMS
The last 7-8 years I’ve been working for a small team trying to break into the BCI industry. They were learning the ins and outs of medical device development and the regulations and when I see my employer struggling with stuff I learn as much as I can about it and my brain explodes with ideas. Unfortunately, I tend to try to pester them about my ideas and it doesn’t go well. Have to admit they can be kind of out there and maybe my timing is off :p But, I do think they are good ideas usually, or could be turned into them with some refinement. That’s sort of what I think I have here.
I went and bought a copy of 62304 (and then lost it by not having it backed up :) and a few books on 13485/62304 and 9001 and started reading. You can get access to much of the same information for free on the FDA website because the US and ISO regulations have been made to mostly line up such that it’s just different ways to present the same info. The books help though and there’s a lot that isn’t in the standards that you can get a taste of from them.
A lot of the stuff that we did manually I think can be done in a much more automated, lean manner. This would leverage DevOps principles to design the QMS so that regulatory documentation is built and packaged as part of the automated release cycle. My thinking here goes something like so:
Put everything about a project into git
This is the ticketing system, the system model, developer information even maybe. Anything about the project that is in quality control is in git. There are some existing implementation of ticketing systems in git that include git-bug and radicle. There are also tools for code review in git-? and, again, radicle.
I haven’t really messed with any of them but they do seem kinda primitive in comparison to what we are used to. Not really much in the way of boards for one. I don’t see much for workflow and that would be needed. All things that can be implemented for sure, but I don’t see them currently. I intend to maybe help out with that if I can.
One thing I’ve not seen is any modeling software that is explicitly in git. I’m not yet wholely convinced this is as useful as it seems to me, but it seems very useful to me. If each object in your model is some sort of object also in git then it has revision and patching pretty much automatically. Need some good viewers but there you go. Furthermore, the tracing that is so important to highly regulated industries can be represented within git objects that point directly to unit files in the source code. Navigation can happen between requirement, to test, to both test plan document and implementation, etc…
Then those things can be scripted against. This doesn’t require the backend be git but it’s one that should work and with the other benefits make it good maybe. The idea would then be that I can generate documentation with something like Jupyter Book that extracts that information and constructs them as pdf and/or ms word documents (both are possible).
Then, audit events such as design approval, design match approval, change approval, etc… can be injected as more objects in that same system (either with git’s already existing signing fascility or more probably something more involved) and then these digital signatures can also be embedded into those documents–perhaps with a graphic of the signer’s real signature just for show.
The radicle forge has a lot of the properties I want here but I think the signing system for this needs to be different and more like guix authenticate.
A larger management system
A business is supposed to live and breath its QMS. What I described above is great for one project but doesn’t really help for the wider business. I think this also can be in git all the way down to accounting and the rest. Git and blockchain have some common properties and git could serve as a ledger itself maybe. Or there are tools that keep accounts in text files.
User system
This is where I don’t know if this pattern scales to “enterprise”. This may be just for small businesses and teams. I have the idea that maybe I can address this here in the same way as my next project I’ll describe in some ways (especially with regard to user identity) but git has no sense of “user” at all and the existing security mechanisms may not be structured correctly for this–I don’t know yet. So far the idea plays well if you have a small, tight team that works well together. When that’s not the case I don’t know if it does but think it can probably still.
Homestead
Another pretty lofty goal, this “disruptive technology” tries to replace the current system of social media with something utterly different. More similar to Mastodon than any of the others but more individualistic than even that. It tries to solve the problem of the average user actually being in charge of their own data. I’ve tried to start something like this twice and we’ll see. There’s a lot I don’t know about enterprise web systems and the stuff I do know is pretty outdated–but it’s also from a time when enterprises ran their own systems so maybe there’s a touch on my side.
Home device
This system is a centerpiece of your home IT. It’s a main service hub for everything computerized that you own and if your home is built for it, it’s also the brain of your home’s automation and alarm systems.
This device is possibly composed of more than one computing unit so that it can provide physical separation between a data and control plane and maybe it has ways to plug in more things for something like a media server or a minetest server (what it was called when I first was toying with this idea).
Everything in your home links to this system. Your door locks, your phones, your smart watch, your car. It’s YOUR system. You own it. It talks to who you want it to talk to when you want it to. Your devices no longer talk to whoever they want (though getting manufacturers to buy into this might be … difficult) but just to your system unless you WANT it to do otherwise.
Identity
Identity in the system is a passkey like thing. Users really barely notice using it. Only when doing secure activities do they have to provide additional input. Single sign-on with multiple registered devices. When doing something that needs more permissions they use a dongle and or a specialized device that has passphrase interface for the REALLY secure activities.
True ID is the public part of a public key pair but of course the user can provide additional information to people.
The ideas here are also in line with what is being standardized in Web3. Current Web3 projects tend to focus on the blockchain as a backend and/or as a way to distribute keys. There are lots of alternatives that provide most of the same features. The one thing a distributed ledger might provide is a way to revoke keys without being blocked by a service provider–other use cases seem to either not require DLT or the goal isn’t fundamental to the Web3 ecosystem (like not being able to register a key with some provider–you should always be able to revoke, but adding isn’t a “right” probably).
I’ve been learning about these things and then also how some ideas that come from blockchain can be applied to make users’ lives easier elsewhere. An example of this is the way the keys used there can be formed from a “master phrase” that can be used to create derivative keys that don’t visibly link to each other but can all be recomputed from the same phrase and then static information like the username or some standardized index. I don’t fully understand that standard and why some of the elliptic curve algorithms work for it and others don’t, but one is that there are mathematical holes in some of the ones used for much of the web stuff we do today, making some constructed keys impossible or something.
Federated ID and auth
A nice feature here would be able to say in one household that the people from another household have certain accesses to your internal network. This would make things really easy in say logging into your wifi or sharing photos or something. You can even find business use cases for this, especially if you start thinking about projects and companies as being more distributed in nature than has been in the past. It would be nice to be able to add and remove these people easily as well.
OIDC might solve a lot here but the issue of federating on the fly is something I’ve not seen a solution for yet. I’ve also had some struggles setting that up but I’m almost certain that’s 100% ignorance on my part–it at least seems like it should be relatively easy to make an OIDC central at least to all the services that the main home device has and thus from there no huge deal to federate. It’s just on/off federaton that might make stuff really messy. Most services it seems SHOULD be easy to set up, though legacy systems that don’t even know how are problematic.
YunoHost does this and provides OIDC over an LDAP, which is an alternative to OIDC in this maybe. I wasn’t able to get YunoHost up and going, but that’s due to my personal network making that difficult and them choosing caddy as the proxy server software (it only knows how to do let’s encrypt, not static configs or whatnot–making it easy in most situations but problematic in mine).
Gaming interface
One crazy idea I had in all this was to make it so you had a little minetest world that was yours you could put stuff in to show off. So you could build a little house and hang photos in it. This would be voxel except for the photos and stuff. You could pop in and out of each others' little world through some sort of in-game gateway (I was calling it a stargate). You could even put these in actual worlds for people to participate in. It’s all using the same keys, and/or it’s easy to make new ones that either do or don’t have any link back to other keys you own. You don’t have to like log into everyone’s world, you just try and if you have the key you get in. I even considered ways you could make the key something you could have in your inventory.
Would be neat I think.
Internetworking
An issue with networking between homes is that both are going to probably be behind NAT. I considered ways to deal with this and one is simply that you can have it use P2P tech to create that and there are a lot of those. These technologies all have ways to punch through the NAT, the easiest of which is probably simply having a set of “seed servers” to get you in. These “seed servers” could actually be something you get with an account at a provider that might also provide you ways to interoperate with the Web2 world by providing domain name resolution and/or a reverse proxy interface.
Linux Plumbers
The goal is to make this device and system run as smooth as possible without requiring any specialized skills to maintain. However, it’s expected that the whole problem of having a user who doesn’t know how maintain their own servers probably cannot be completely solved. Thus the vision here is to have a system of trade developers who operate similar to the “semi-skilled” household plumber you hire when something goes wrong with THAT system in your home. Not really highly paid but enough to build a business on to serve your local community. It can be a mix of household and business users.
This of course already happens and people already do this but this system would be standardized and documented in such a way that there’s choice between providers and not only can any of those providers readily deal with anothers’ (there can just be scheduling issues) but their systems work together seamlessly without direct integration between providers.
This is a standardization process. So really my idea here is to just participate in that somehow. In that I’ve found some of the standards I think apply and I’m looking for others as I go.
The main thing here is that the average household cannot afford to hire experts to deal with their computer things. So the components need to be fairly easy to use and to have everyone running their own ActivityPub instance, as example, I think is going to require a new, inexpensive class of professional that can do this. This means less training requiremnts and such.
Signs and other artistic pieces
I created a process whereby I can make letters on a 3d printer that you can then put LED strips in and make those neon-sign looking signs, sort of. Up close you see a lot of the imperfections and misbalances, but you actually don’t have to get very far at all before the effect is there.
The electronics to do this are pretty straight forward and inexpensive. The programming of the microcontrollers is quite easy, especially if you just use arduino. The issue is really sourcing the electronics and getting them to me, which the location of my business makes unpredictable and problematic. So that’s something I’d need to solve to make a business of making signs. The probably is some market for really inexpensive versions of the neon signs though.
My process prints a shell as a difuser. Other approaches print an outer edge and then fill it with silicon. That’s the approach most businesses take, but they have more equipment. This sort of product I had in mind here is something for someone who otherwise simply couldn’t afford a sign or would have to go with something less visible/lighted. It may have issues with sun and weather because I didn’t test that stuff yet. To solve that it might be prudent to put it in a shell. This could be made out of wood and plexi.
I used a similar process to make a funny clock face for a thing I made as a gift.
Websites
Learning how to do websites again. I figure websites are something I can make for small businesses, I just need to learn this skill again. There’s a lot of people I can lean on by using tech like hugo and the themes others have made available. I can use the same skill to help me make some of these other apps and things.
This site is obviously a poor example. My “learning” page has obvious places where my CSS playing has made the theme go nuts. Haven’t debugged it there because it’s still readable and it’s kinda OK there until I can fix it. I’m also using an old version of this theme right now (someone forked it because it wasn’t being maintained).