All Change, Still Purple.

Apparently there’s been some confusion about my choice of hair color. Some people seem to have been under the impression that I chose purple to match the color scheme of Samsung Internet. So I want to set the record straight. Purple is my favoirite color, and I exclusively choose employers with purple logos. I hope that clears things up.

So now – after six years with Samsung, building and leading the Samsung Internet developer advocacy group, I’m moving on to a new role and a new set of challenges.

I want to be clear about one thing: Samsung Internet is a great browser and it’s been a privilege to have worked as part of the team there. I also think, under the leadership of the awesome Heejin Chung, Samsung Internet is on exactly the right path — particularly in putting an emphasis on greater user privacy. During my time there I feel I’ve helped to achieve the goal we set out of putting Samsung Internet on the map and establishing it, rightly, as one of the big web browsers.

If you’ve been following my journey (and there’s no particular reason you should have been, but just on the off chance) then you’ll know that one constant theme has been the web. I got my start building web sites and web applications for scientific publishers and later for dot-coms during the go-go 90s when the web was just taking off. After moving to London, and subsequently becoming out of work in London, I landed at Vodafone where I took my passion for the web to newly emerging mobile channels. I continued this work at Telefónica where among other things I worked on the Firefox OS project. Most recently at Samsung I have brought that energy to the Samsung Internet browser. Throughout all that I’ve been a believer in the power of the web as an open platform and I’ve been privileged to be able to contribute to the open standards that enable that platform.

Another enabler of the web is the complex latticework of interconnected open source software that supports it. You can’t talk about the web without also talking about open source. The web has its foundations in open source — with the release of the original web server and client code by CERN in the early 90s. Fast forward to the present day and there is not a single aspect of our lives that is not mediated by the web in some way. What we eat, who we love, where we travel to, how we interact with governments, how we pay our bills, how we work, how we communicate with family, how we access healthcare and social support, the information and entertainment landscape we live in — everything is touched by the interconnected web of software and applications and all of it is reliant in some way on open source.

This web of software that we all rely on so much is under constant attack. In 2014 I hosted and participated in the STRINT joint W3C-IETF IAB workshop at the offices of Telefónica in London to discuss the attack on the Internet by governmental pervasive monitoring. One of the outcomes of this workshop was a call for greater encryption on the web via the use of HTTPS. Now, because companies and organisations came together to support this goal, the majority of web use is over (secure) HTTPS. We also have a increasingly sophisticated set of APIs and tooling that help to protect applications from attackers. The W3C security activity and the work going on in the Web App Security working group has been especially instrumental in helping to secure the web platform. The evolution of HTTP itself has also been influenced by this thinking. But what about other parts of the stack? What about cloud environments? What about the application build process? What about the whole area of digital privacy which is intertwined with security? How can we ensure that the software supply chain of the platforms and applications we all use is as secure as it can be, as it needs to be?

These are some of the topics I hope to be tackling as Head of Open Source and Open Standards Strategy at Snyk. If we want to have a chance of sustaining the digital world we’ve built without falling into a digital dystopia we need security, and that security needs to be built up from user needs. This is especially important for open source — where the open nature of the ecosystem invites abuse by bad actors. In my role as member and co-chair of the Technical Architecture Group at W3C (a role that I will be continuing) I’ve been a strong proponent of an ethical approach to technology — the need for technologists to ensure systems are designed with ethics at their core. I also believe it’s vital that we bring greater diversity, inclusion and representation to the organisations where open standards and open source software are developed. One of the first things I’ll be diving into is the nascent Open Source Security Foundation, and I plan to bring those same priorities and energy to this forum.

On a personal level — I’m really excited to be taking this step. And I’m keeping the purple.

Liked this post? Follow this blog to get more.