Data Mapping

It’s been exactly ten years since the launch of OpenStreetMap, the largest crowd-sourced mapping project on the Internet. The project was founded by Steve Coast when he was still a student.

It took a few years for the idea of OpenStreetMap to catch on, but today, it’s among the most heavily used sources for mapping data and the project is still going strong, with new and improved data added to it every day by volunteers as well as businesses that see the value in an open project like this.

To celebrate the project’s birthday, I sat down with Coast, who now works at Telenav, to talk about OpenStreetMap’s earliest days and its future. Here is a (lightly edited) transcript of the interview:

How did the project get started?

So the original idea was way simple. I had a GPS unit attached to my laptop and there wasn’t very much you could do with it because there wasn’t any data. You could download a picture of a map, but if you wanted to do anything like have the computer figure out what roads you were on or do turn-by-turn navigation or anything that’s kind of useful, you couldn’t do it because there wasn’t any map data. So I just thought: why don’t we create some map data? When you have a GPS, you can just drive or bike or walk around all the streets, all the roads, all the footpaths and use that information to create a map. I build a little bit of the map where I live and you build a little bit of where you live and we build this thing like a jigsaw puzzle — and incidentally give it away for free. Just like Wikipedia was building an encyclopedia in a very similar way, I copied many of the ways Wikipedia was built with — like open licensing, the ability for anybody to contribute and so on.

What were you doing at the time when you started the project?

I was working at the computer laboratory in Cambridge. I did a lot of stuff and most of it didn’t work out.

But OpenStreetMap did. How did you get others to join the project?

Well, there’s a couple of ways. One is just PR. I gave a lot of talks. Linux user groups used to be very popular — people getting together on a Saturday afternoon to talk about Linux. They already knew half the story because they knew about open source and they knew about computers and data. So it wasn’t too hard to explain what OpenStreetMap was doing. From there I gave talks at mapping conferences. I stopped counting at something like 500 talks. I used to use the number on my first slide.

Was it pretty much just yourself in the early days?

Yeah. Absolutely. And then we had some mailing lists and started to form a community. I also invented this thing called mapping parties, which were typically a weekend event. People would come along and we’d show them how to use a GPS because this was pre-iPhone. We’d walk around, collect data and show them how to upload it and integrate it to OpenStreetMap. And then we’d go to the pub afterwards. I really wanted to get people talking and make it feel like a community.

It took a while and you can’t convince everybody, but it got to the point where it was self-sustaining.

At what point did you know this was going to take off?

Ha. I’m not sure I do. I look at it really as a series of milestones, right? We are still not quite there. I mean, OpenStreetMap is a great display map, but there is still not a whole lot of navigation data and address information, for example.

But I can still remember when I stopped being surprised, and that was when I was at a mapping party. To show people the power of the project, I’d ask them to pick a place that was important or interesting to you. And then on OpenStreetMap, we’d zoom in to what was interesting to them. Then I’d ask them to tell me if they saw any mistakes or what was missing — and then we’d edit it. That made it very personal and showed the power of the map. And typically they’d say there’s a road missing or something and we’d edit the data. There was this particular time when somebody said “let’s zoom in on Cuba.” At the time I thought the UK would be great, Spain had a bunch of information but if we zoom in on Cuba, there would be nothing there. So we zoom in over Havana and it was basically complete. All the roads, one-way streets. That’s when things stopped surprising me. That was around 2008.


Did managing the infrastructure get harder as more people started using the service?

There are a couple of ways to look at this. It was less of a technology problem than it was doing things that other people didn’t want to do and getting people involved. I had a bunch of experience running large SQL databases and doing large SQL queries.

There were other people who were trying to do open mapping, but they maybe two  mistakes. One is they concentrated on the shiny stuff: the editor and the website and so on. I focused on making the backend work. That wasn’t quite as much fun to work on. The other projects also wanted to limit you in some ways. They’d say you can map whatever you want, but it has to be in England, or it has to be footpaths. What we did was say: hey, it’s open source for everything. That made it relevant to everyone.

But in terms of the technology itself, initially I wrote the whole thing in Java and it was talking XML-RPC. But around that time, REST was becoming popular and it was becoming obvious to me that it was going to win. Java was also becoming increasingly painful. That’s when I switched the whole thing to Ruby. And then about that time was when Ruby on Rails started, so I switched to that. It was a fairly early project to use Rails.

What about financing the project? How did you do that?

The costs were actually very low. There were a couple of computers and bandwidth that was needed. There wasn’t actually a lot of infrastructure that was needed. I just convinced the university to host it and at the university where I was [University College of London at that time], they had great Internet connectivity. So the cost were actually pretty minimal. But to answer your question more directly: the money that we did need would typically come from conferences. We’d run a conference and sell t-shirts and we could buy a couple of servers every now and then.

How did the arrival of smartphones change the project?

The early smartphones were pretty terrible, right? You could have something in your pocket to access the Internet, but the turning point was really the arrival of the iPhone. It replaced the five devices you used to carry around.

The short answer is that it lowered the cost of us collecting data and made it more accessible to everyone. But it also changed people’s perception of what a map was and how accessible a map should be to someone on the street. It also changed peoples’ relationship with maps. Instead of this static artifact, it was now something you’d always have with you. It made it malleable from this static artifact — and it turned it into something self-updating.

Maps used to be this stand-alone app for your PC — and then Apple and Google Maps changed it to this thing that was always with you. And now maps are just going into every application because you can make them relevant for everything.

What’s the state of online mapping in general today?

I think the challenge remains to open up the data. OpenStreetMap is focused on the data, not necessarily competing with Google. They have a lot more data, right? Anybody can go and make a nice mapping experience available on the web or on mobile, but the limiting factor is the data. Google made this huge investment in building its own data set. Opening up the data levels the playing field for everyone. Not necessarily for consumer experiences. It’s still hard to make something that’s delightful for your users. But if you don’t have the data, you don’t have the option for even trying that.

How is the ecosystem around OpenStreetMap doing?

We’ve got tile servers and people are doing that, but the reason I joined Telenav was to get navigation working.

We’ve had the ability to use OopenStreetMap as a display map for quite a while now. You look at it and it looks great, but it’s much harder to make it navigable. And that’s really what you need to make the end-run to the consumer experience. You have to be able to get from A to B.

Do you need a commercial partner for that?

It’s pretty hard to do. OpenStreetMap lacks a couple of things. Navigable information like one-way streets, time restrictions or speed limits. It also lacks address data. Telenav has a lot of GPS traces. We process all of those into navigable information. If you take all the people traveling on the freeway and they all go 55, you know that’s probably the speed limit. If nobody is turning left at an intersection, there is probably a turn restriction there.

So you can fix that with GPS traces. But the address data is harder. In the U.S. you can license this data, but in Europe and other places it’s much harder. In the U.S.. the federal government is mostly a public domain organization and that trickles down to the local governments. You can get data from that. Every other country tries to own all the mapping data. In the U.S., most of the address data is also very predictable. In the rest of the world it’s not that simple. In Japan, the street number is often based on the block and the age of the house. So the first house is number one, the second number two and so on. So it’s much harder to figure out where things are by inference.

It’s something that a lot of people want to solve, so I expect it will get fixed somehow and there are a bunch of interesting way to do this. You can crowdsource the data, you can pay people to go collect it, but I expect it’ll be a mixture of a number of things. Every time you use a check-in app, for example, you are signalling that this restaurant with this address is in this location.

What’s the relationship between OpenStreetMap and your employer Telenav now?

Telenav has hired a number of key people. One thing we do is we contribute our data back as much as possible. When we figure out a street is a one-way street, we have a process to contribute that back. We sponsor a website called MapRoulette, which is a crowdsourced game for contributing. We also sponsor the conferences and do various spot donations. For the 10th anniversary, there are parties around the U.S. and we are giving them gift cards to buy foods and drinks. That sort of thing.

How has the community around OpenStreetMap changed?

The raw numbers have gone up, but it’s also — in the beginning it was very much around open source ideology. “Data wants to be free” and so on. But as the project grew, it’s got much more diverse. There are lots of companies involved now that want to improve the mapping experience. There is a huge variety of people now involved that wasn’t there in the beginning — and that’s a good thing.

Looking forward, it sounds like address data and routing are the big challenges. Is that what you are mostly working on right now?

The address data is really the most important and interesting thing to work on. The routing stuff you can infer from GPS traces and there are many ways to do that. But if I had a solution for the address data I’d let you know, but we’re not there yet.

Do you remember what the first street on OpenStreetMap was?

That’s a good question. I’m not sure but I think it would be either the inner or outer circle of Regent Park in London.

The World Of Everything

Editor’s note: Tom Blomfield is a Ruby developer and co-founder of GoCardless (YC S11). He was named one of the Top 5 Entrepreneurs under 30 in Europe and blogs at tomblomfield.com.

Over the last few years, it’s become dramatically more simple and capital-efficient to launch and grow Internet businesses. In particular, “X-as-a-Service” providers help startups get off the ground with only a few hundred dollars. Amazon and Rackspace provide on-demand servers that scale to meet hosting requirements, Mailchimp and Sendgrid run high-performance mail servers at very low cost, while Stripe, Braintree and PayPal make payment processing straightforward.

As companies become more comfortable using these outsourced services, more specialized and niche services can flourish, and so the process of launching startups becomes faster and cheaper. It’s become possible to build billion-dollar companies with a handful of engineers. Thanks to these services and tools, we’ve “decoupled the technical ability and experience needed to write tricky software from the ability to solve problems for people.”

In the brick-and-mortar world, it’s a different story.

While outsourcing to external services is certainly not a new concept, the benefits haven’t trickled down to newly launched companies, as the scale required to access most offline outsourcers is prohibitive.

Three related factors may explain this disparity. First, with most online “X-as-a-Services,” you can get up and running straight away. There’s no procurement or long purchasing process; you can simply sign up and go, often without even talking to a human being.

Second, robust, well-documented APIs make this sign-up-and-go approach possible. Implementation consultants and long integration processes are usually a thing of the past. Plugging services together is a matter of minutes or hours, not weeks or months.

Third, the minimum required volume to use these services is often “one,” with a price-point of “free.” These zero-cost trial periods make sense because the infrastructure to power the API has already been built. You can have customisation, but only within the boundaries of the existing API.

In contrast, solutions offered by brick-and-mortar outsourcers are effectively custom-built each time, making the marginal cost of an additional customer prohibitively high. This, in turn, explains the long procurement processes and staggering minimum-order volumes.

Changing Tides?

In certain brick-and-mortar industries, we’ve seen a fundamental change in the way business is done. Take the fast-food delivery market. Chains like Pizza Hut traditionally operated a vertically integrated model, owning and running their own website, delivery fleets and restaurant portfolios.

As smaller competitors struggled to compete, the first thing to be “outsourced” was the website, iPhone app and payment processing, led by companies like Seamless, GrubHub and JustEat.

The next candidate for outsourcing might be the delivery network. Seamless’ core competency is branding, building colorful websites and acquiring customers. For restaurants, it’s cooking great food. But no one is particularly good at optimizing a last-mile delivery fleet – I’d expect to see a number of very large Delivery-as-a-Service companies emerge in the next few years (think Uber Rush, Wun Wun and Postmates on an industrial scale).

The next billion-dollar fast-food corporation probably won’t even run their own kitchens – it may simply be a collection of intellectual property – brand name, menus and recipes – with all the physical work of food preparation and delivery performed by service providers. Indeed, Burger King has doubled its stock price by taking this approach.

Grocery-as-a-Service

In another real-world industry – grocery shopping – Instacart is a fascinating example, as it has the potential to build the largest grocery chain in the world without owning a single grocery store. It uses the existing network of grocery stores to effectively warehouse their inventory, while focusing on the final-mile delivery and a delightful customer service.

In its early days, Instacart found an ingenious way to solve the three requirements for efficient outsourcing; instead of spending years dealing with large warehousers, woeful APIs and huge minimum-order volumes, they simply had their personal shoppers walk into city-centre grocery stores to pick produce off the shelves. Instead of negotiating access to stores’ inventory lists, they simply bought one of every item in Trader Joe’s and photographed them all in a studio over a weekend.

Instacart is a dramatic example of Everything-as-a-Service – the ability for smart, scrappy entrepreneurs to build billion-dollar, real-world businesses with a handful of staff, no premises and minimal capital investment.

What’s Next?

It’s an exciting time for entrepreneurs working in offline spaces: Real-world startup costs will become dramatically lower, allowing new business models to be developed and tested with much greater velocity. As in the online world, access to capital, infrastructure and specialist skills have become less important than the “the ability to solve problems for people.”

About Diversity...

Editor’s note: Telle Whitney is the President and CEO of the Anita Borg Institute and co-founder of the Grace Hopper Celebration of Women in Computing. Connecting, inspiring, and guiding women technologists is her passion.

The conversation about women in tech is shifting as technology companies begin to hold themselves accountable. Recent moves, such as Google, Facebook, LinkedIn and Yahoo releasing their employee diversity numbers, show an intensified commitment to making real change for women technologists, but the sentiment is not industry-wide.

We often hear from tech leadership that they would like to hire more women in technical roles, but they continue to reference the lack of women in the STEM pipeline as the cause. Deferring accountability will not affect real systematic change.

We are saddled with a chicken and egg stalemate. The fact is, the tech brogrammer culture that startups are known for is a major reason for women being put off from working in the industry.

On HBO’s “Silicon Valley” – a show that often hits too close to home to be considered satire – one of the running jokes is the app Nip Alert, one character’s creation that helps locate women with large breasts. This app, of course, is based on real-life incidents in the tech industry, which crop up every day, and then are all too often swept under the rug.

When it becomes commonplace for technical conferences to include a twinge of sexism or to uncover a startup founder’s misogynistic behavior, it is a red flag that the startup fraternity culture is out of control. The tech industry’s “boys will be boys” mentality in the face of these recent events is taking a toll on diversity in the STEM pipeline.

In the face of all the negative stories coming out of the tech industry, it is no wonder that young women are not flocking to be the next target. Intelligent young women are generally uninterested in joining a frat house environment that stereotypes them in negative ways and demeans them regularly. A perceived lack of opportunities to flourish in a tech career may be keeping young women out of the computer science and engineering pipeline.

There is a way to enact a cultural change, and it starts with the men in tech. Women will continue to be vocal and push for change, but it is just as important for men to step in and speak up. This includes men at all levels of the technical workforce, leadership and especially at venture capital firms.

The tech brogrammer culture that startups are known for is a major reason for women being put off from working in the industry.
As it stands, many of the recent controversies in tech were met with silence and inaction from VC firms. When Julie Ann Horvath spoke up about the harassment she faced at GitHub, the only response from the company’s VC firm was a lonely tweet from Marc Andreessen supporting the founder who resigned. There was no apology to Horvath and no indication of support for improving the work environment for women. Similarly, when the CEO of RadiumOne, Gurbaksh Chahal, was convicted of two misdemeanors for domestic violence and battery against his girlfriend, the drawn-out inaction of RadiumOne’s board of directors only resulted in his firing when the media firestorm became too much.

Even when laws aren’t being broken, the absence of women has failed to register as an issue for VCs, such as the lack of women on Twitter’s board just before their IPO in 2013. Silence in the face of incidents like these, especially from those who hold the purse strings, sends a terrible message to women technologists and young women considering careers in the field. A culture that glorifies the boy genius founder and encourages a frat house environment in spite of all the warning signs is not a place where most intelligent young women feel they can succeed, leading them to pursue other careers.

At the Anita Borg Institute we regularly see men in leadership positions stepping forward to take part in the conversation. Over the past 20 years of hosting the Grace Hopper Celebration of Women in Computing, we often feature many of our committed board members, including Alan Eustace from Google, Mike Schroepfer from Facebook, Justin Ratner from Intel, and Rick Rashid from Microsoft. This year we have Microsoft CEO Satya Nadella as one of our keynotes. These men understand that changing tech’s culture is not just a women’s issue, it is an innovation issue.

Now is not the time for complacency. There are many actions men in the technology industry can take to show their support. The most important action is to speak up in opposition to inequality and inaction and to speak out in support of women technologists, especially when you see actions or messages that are inappropriate or condescending. Individual male support for women in tech will lead to a greater grassroots effect that will bring about a more accepting and innovative tech culture where all parties can thrive.

USB Flaws?

USB 'critically flawed' after bug discovery, researchers say

Continue reading the main story

Related Stories

• Redesign for Raspberry Pi computer
• Can a $7 gadget change the world?
• First look at reversible USB cable

Cyber-security experts have dramatically called into question the safety and security of using USB to connect devices to computers.

Berlin-based researchers Karsten Nohl and Jakob Lell demonstrated how any USB device could be used to infect a computer without the user's knowledge.

The duo said there is no practical way to defend against the vulnerability.

The body responsible for the USB standard said manufacturers could build in extra security.

But Mr Nohl and Mr Lell said the technology was "critically flawed".

It is not uncommon for USB sticks to be used as a way of getting viruses and other malicious code onto target computers.

Continue reading the main story

“Start Quote

You can never trust anything anymore after plugging in a USB stick”

Karsten NohlSecurity Research Labs

Most famously, the Stuxnet attack on Iranian nuclear centrifuges was believed to have been caused by an infected USB stick.

However, this latest research demonstrated a new level of threat - where a USB device that appears completely empty can still contain malware, even when formatted.

The vulnerability can be used to hide attacks in any kind of USB-connected device - such as a smartphone.

"It may not be the end of the world today," Mr Nohl told journalists, "but it will affect us, a little bit, every day, for the next 10 years".

The USB memory stick is a convenient connector used across many devices

"Basically, you can never trust anything anymore after plugging in a USB stick."

'Chip' exploited

USB - which stands for Universal Serial Bus - has become the standard method of connecting devices to computers due to its small size, speed and ability to charge devices.

USB memory sticks quickly replaced floppy disks as a simple way to share large files between two computers.

The connector is popular due to the fact that it makes it easy to plug in and install a wide variety of devices. Devices that use USB contain a small chip that "tells" the computer exactly what it is, be it a phone, tablet or any other piece of hardware.

Karsten Nohl: "You can never trust anything anymore after plugging in a USB stick"

It is this function that has been exposed by the threat.

Smartphone 'hijack'

In one demo, shown off at the Black Hat hackers conference in Las Vegas, a standard USB drive was inserted into a normal computer.

Continue reading the main story

“Start Quote

Any business should always have policies in place regarding USB devices and drivers”

Mike McLaughlinFirst Base Technologies

Malicious code implanted on the stick tricked the machine into thinking a keyboard had been plugged in.

After just a few moments, the "keyboard" began typing in commands - and instructed the computer to download a malicious program from the internet.

Another demo, shown in detail to the BBC, involved a Samsung smartphone.

When plugged in to charge, the phone would trick the computer into thinking it was in fact a network card. It meant when the user accessed the internet, their browsing was secretly hijacked.

Mr Nohl demonstrated to the BBC how they were able to create a fake copy of PayPal's website, and steal user log-in details as a result.

Unlike other similar attacks, where simply looking at the web address can give away a scam website, there were no visible clues that a user was under threat.

The same demo could have been carried out on any website, Mr Nohl stressed.

'Trust nothing'

Mike McLaughlin, a security researcher from First Base Technologies, said the threat should be taken seriously.

"USB is ubiquitous across all devices," he told the BBC.

"It comes down to the same old saying - don't plug things in that you don't trust.

"Any business should always have policies in place regarding USB devices and USB drives. Businesses should stop using them if needed."

Universal Serial Bus (USB)

• Standard method of connecting devices to computers
• Popular due to its small size
• Easy to plug in and install a variety of devices

The group responsible for the USB standard, the USB Working Party, refused to comment on the seriousness of the flaw.

But in more general terms, it said: "The USB specifications support additional capabilities for security, but original equipment manufacturers (OEMs) decide whether or not to implement these capabilities in their products.

"Greater capabilities of any product likely results in higher prices, and consumers choose on a daily basis what they are willing to pay to receive certain benefits.

"If consumer demand for USB products with additional capabilities for security grows, we would expect OEMs to meet that demand."

Mr Nohl said the only protection he could advise was to simply be ultra-cautious when allowing USB devices to be connected to your machines.

"Our approach to using USB will have to change," he told the BBC.