The Open Sourcerer

Timber! (More on Number 10’s website)

Here is the output of a Linux command called tree on the original contents of the theme that NMM claim to only have used the stylesheet from¹.

~/Desktop/dev_area/networker-10$ tree -phDC
.
|-- [-rw-r--r-- 24K  Jun 21 2007] How To Post Images In This Theme.doc
|-- [-rw-r--r-- 1.0K Jul 11 2007] archive.php
|-- [-rw-r--r-- 397  Aug 17 2007] archives.php
|-- [-rw-r--r-- 4.0K Jul 8  2007] comments.php
|-- [-rw-r--r-- 147  Jul 11 2007] footer.php
|-- [-rw-r--r-- 80   Jun 5  2007] functions.php
|-- [-rw-r--r-- 1.7K Jul 12 2007] header.php
|-- [-rw-r--r-- 267  Jul 12 2007] ie6.css
|-- [drwxr-xr-x 232  Aug 17 2007] images
|   |-- [-rw-r--r-- 88K  Jul 12 2007] Thumbs.db
|   |-- [-rw-r--r-- 2.0K Jul 12 2007] ad_space.gif
|   |-- [-rw-r--r-- 217  Jun 18 2007] bullet.gif
|   |-- [-rw-r--r-- 398  Jun 22 2007] nav_hover.gif
|   |-- [-rw-r--r-- 1.3K Jun 6  2007] sub_rss.gif
|   `-- [-rw-r--r-- 4.3K Jul 12 2007] wp.gif
|-- [-rw-r--r-- 1.1K Jul 9  2007] index.php
|-- [-rw-r--r-- 18K  Jun 13 2007] license.rtf
|-- [-rw-r--r-- 700  Jul 11 2007] page.php
|-- [-rw-r--r-- 60K  Jun 13 2007] screenshot.png
|-- [-rw-r--r-- 946  May 10 2007] search.php
|-- [-rw-r--r-- 257  May 10 2007] searchform.php
|-- [-rw-r--r-- 2.5K Jul 12 2007] sidebar.php
|-- [-rw-r--r-- 1.3K Jul 11 2007] single.php
|-- [-rw-r--r-- 2.4K Feb 2  2007] sitemap.php
`-- [-rw-r--r-- 9.6K Jul 12 2007] style.css


I thought I would try to find out just how much of Anthony’s theme is still there. Not being much of a hacker myself, all I have done is simply added each of the file names above to a URL that points to the location of the theme directory in the Firefox navigation bar. So the whole URL in the bar looks like this:  http://www.number10.gov.uk/wp-content/themes/networker-10/filename-to-look-for.

If you try and open a non-existent file, you get a “404” not found message as one would expect. Anything else means the file is present. The way php works however makes it very hard to tell what the contents of the .php files are.

Guess what? There is an awful lot of Anthony’s content still on Number 10’s website. Here’s what I found when comparing the response I got from Number 10 to the original files in the theme package:

• How To Post Images In This Theme.doc:
  Files are identical and there is a really interesting comment at the bottom of this file that is just so ironic: “to give credit where credit is due, I borrowed this idea from Chris Pearson who is the author of the Cutline theme.“
• archive.php:
  File exists and returns a blank page.
• archives.php:
  File isn’t present, returns 404.
• comments.php:
  File present and returns exactly the same response text as is written in the original file: “Please do not load this page directly. Thanks!”
• footer.php:
  File present and returns a blank page.
• functions.php:
  File present and returns a blank page.
• header.php:
  File present, returns a blank page.
• ie6.css:
  File present, has been modified greatly and Anthony’s header has been removed! But it does contain an identical first line of css styling: #content, #sidebar { overflow: hidden; }
. Note the spacing and line breaks etc
• /images
  • Thumbs.db:
    Files are identical.
  • ad_space.gif:
    Files are identical.
  • bullet.gif:
    Files are identical.
  • nav_hover.gif:
    Files are identical.
  • sub_rss.gif:
    Files are identical.
  • wp.gif:
    Files are identical.
• index.php:
  File present, and returns a blank page.
• license.rtf:
  File is present and the files are identical. Yet, the copyright notice of the site states “Crown Copyright! so which applies here?
• page.php:
  File present and returns a blank page.
• screenshot.png:
  This one is really funny… files are identical.
• search.php:
  Not present, returns 404.
• searchform.php:
  Not present, returns 404.
• sidebar.php:
  File present and returns “Newsletter. Sign up to our newsletter to keep updated with the latest information from Number 10, Click here to subscribe”. The HTML source retains comments from the original.
• single.php:
  File present and returns blank page.
• sitemap.php:
  File present and returns XHTML header information the same as in the original.
• style.css:
  File present, as we know already.

So, out of 24 files in the original theme package, only three files have been removed. If you look here in the comments from my post of yesterday, you can read what Dave Smith of NMM said:

1. The only file that was drawn upon from Ant’s theme was the css file.

Now clearly some of the files above will be pre-requisites for any WordPress theme (like index.php for example) but 21 out of 24?.

I’m sure I can smell something quite smelly around here.

Number 10, WordPress and The Commons

This is a post largely related to the response that David Smith of New Media Maze posted yesterday regarding the farce of their web site development for Number 10 Downing Street.

The story so far, for any new readers, can be found here, here and here. And do follow the links in those posts to the various other sources to get a broader picture.

(David, if I am wrong anywhere, I assume you will let me know…)

What concerns me greatly about this whole fiasco is that New Media Maze are still (as I write this at least) basically trying to act as though they’ve done nothing really wrong and everything is fine. I think it isn’t.

David’s post seems to be an attempt to convince the reader that because they changed lots of things from the original template, their requirement to appropriately attribute the original work is negligible and the lines they forgot to remove left in the stylesheet are sufficient.

His post also, to me at least,  indicates a rather poor appreciation of what Open Source, “The Commons” and the new collaborative world in which we all live really mean.

First then, the WordPress theme.

The simple fact is this: the Number 10 website which New Media Maze claim to have designed is based on original work by somebody else. How much of the original work remains in the design is really not important, although almost all of the original stylesheet is still present within the gargantuan ~4000 lines of the new site’s file. (Incidentally, who on earth designed a stylesheet like that? I don’t recall ever seeing a 65kb stylesheet before. Maintenance and alterations are going to be fun…). And we also saw that the index.php file was from the original source as they had left the comment in it.

Irrespective of the legal position New Media Maze believe themselves to be in, the right (as in decent, proper, common) practice in these circumstances is to attribute the work in a suitable manner. Such as a simple line somewhere on the site saying something like: “This website is based on an original idea by…”.

I’m sure you all get the idea. And being a “Full Service New Media Agency” I’m sure NMM could come up with something suitably profound.

Most people on the Internet have no idea what a CSS is, how to find or read one, and why should they to be frank? There was a visible copyright notice in the original theme. It has been removed.

The continuation of this farce, by NMM is not helping their position, or their client’s, one little bit. To be honest, by continuing to bleat on about how little of the original work was used rather than just doing the right thing, makes them look like [insert your prefered derogatory phrase here]. My personal choice would be “a bunch of cowboys”.

On a secondary, but related note, an impression I get from reading David’s statement makes me wonder if Downing Street are actually running WordPress or are in fact running some uberpress code that has been made ultra-secure and “top secret”. If I am wrong about this please let me know, it is just an assumption on my behalf. What version of WP are they running? We can’t tell as they took out the meta-tag.

If they have hacked the code to make it more secure, I hope that those modifications have been provided back to the WordPress community so everyone gets the benefit. If they haven’t, Downing Street are not running WordPress, but a fork. They are now stuck with a version which will get harder and harder to maintain, and will ultimately be less secure than the publicly developed OSS code that has the world’s eyes watching and improving it every day…. I hope I am wrong and the backend is a regular WordPress release but if it isn’t, then Downing Street really have been sold a pup and are not using Open Source code at all.

And you want ID Cards??? (More on Number 10)

This is quite amazing stuff really. You just couldn’t make up a better story.

The Number 10 website fiasco just keeps going.

New Media Maze, that “Full Service New Media Agency”, look to have really screwed up. Not only have they nicked a free WordPress template and removed the attribution and removed the license, but it seems the site itself is actually full of bugs and errors too.

Dizzy Thinks has found some lovely errors and a strange chap called “Adam Test”… ROTFL.

And when you’ve finished rolling around on the floor laughing take a look at this research on The Rouseabout to see what a little more digging throws up: (I’ll give you a clue: 404s).

Honestly, if this is what we get for £100,000 of taxpayer’s money from New Media Maze then, quite frankly, I’m glad I hadn’t heard of them before.

How much are the Gov. going to spend on our ID card database? The one that nobody wants. Do you trust them to get it right? Nahhh.

And Glyn Moody discovered a little known government project to build a “massive central silo for all UK communications data…”.

It’s at times like these that I fall on my virtual knees and bless the cyber-gods that ensure every single major UK government project is a complete and utter failure, so this doesn’t stand a snowball’s chance in hell of ever working properly. Phew.

PLEASE!!!! Someone take these huge IT projects out of the Government’s hands! They are so crap at it our whole lives will end up on Facebook if we aren’t careful… Oh, most already are.

All we need now is for Microshaft to come rolling along spouting off about how much better the site would have been if they’d spent the money on Blog Server 2008 running on Windoors 2010 with Sequal Server 2012… or whatever crap it is they are pushing this week.

More on Number 10’s website fiasco

Being “that-kind-of-a-bloke”, I thought I’d dig a bit further into the Number 10 Steals Free WordPress Theme story 😉

Here’s the background:

• No. 10 Are running WordPress¹
• The theme (or template) is based on one called NetWorker²
• The attribution and copyright notice that is in the original footer has been removed
• The site claims to be Crown Copyright and makes no reference to the CC-by-sa license used in the original template

I am a bit confused here. Why would a web design shop (or “Full Service New Media Agency” as they call themselves), who were apparently paid the best part of £100k for this job³, use somebody else’s template as the basis for their design?

• You might think it would be because using a pre-made template would save you loads of tricky coding and playing around with CSS trying to get your site to look the same in IE6, IE7, Firefox, Safari and Opera [A task I am quite familiar with myself].
• You might also think that using a pre-made template would allow you to make minor modifications, add some different images and give you something that looks really different.
• Of course it might be simply that you don’t have time to create a new theme from scratch and using an “off-the-shelf” template will mean you can get the site up and running much faster.
• Or another possibility could be that you like ripping off your customers for as much as possible and using a free (or even a bought) template will mean your costs are minimal.

All, some, or none of the above could be reasons to use an existing template as a basis for your new design.

So how much new coding would be needed making the changes to an existing template to suit your new design? 10%, 20%, maybe even 50% and it would still be worth while…

Get this: the revised stylesheet from Anthony Baggett’s template is more than 6 times the original’s length and size! And that isn’t all made up of whitespace either…

The original stylesheet⁴ is 612 lines in length and is 9234 bytes in size (9KB).

The modified stylesheet⁵ is 3826 lines long and weighs in at a frankly astonishing 63724 bytes (63KB)!

You can obviously download the two stylesheets from their websites directly (I recommend using a plugin for Firefox called Web Developer) or to make things easier, I have made them available at the bottom of this page.

Looking through the new file, the amount of duplication and repetition of styling of the same, or very similar elements, is quite odd. It certainly isn’t the way I would construct a theme. Why duplicate the same styling over, and over, and over again when you could craft the logic so that each of these elements have a commonality that could then be controlled with a much smaller stylesheet?

Here are a few screenshots showing some of the differences between the two files. In the brilliant Open Source comparison application Meld I’m using here, the original stylesheet is shown in the left pane and the modified one is on the right. The first image shows the very top of both files with Anthony’s header still in tact. The second and third are just a couple of fairly random points where the new file contains a great deal of repetition as I am walking down through the files. The final image shows the bottom of both files (note the line numbers!).

One thing that is clear from using a tool like Meld is that these two files are definitely related. The way the application displays the differences, it is clear where the files are the same and where they differ. The larger file is certainly a derivative work of Anthony’s original.

Another aspect I found rather funny in this investigation was the method of version control for this huge stylesheet. Both stylesheets have the same version number and there doesn’t appear to have been any tool used to update the header as would be usual. How on earth does a business that develops a ~4000 line stylesheet manage to do that without using some sort of versioning system?

I have helped businesses use and modify pre-made templates for Joomla!, and to be honest if you are making changes of any significance to these templates, it is almost always easier and quicker and cheaper to start from scratch. For small mods and changes pre-bought templates can be really good value (I mean $50 is fairly average), but getting your head around someone else’s code is never easy and takes considerable time. For major alterations it just doesn’t make financial sense.

Now, making additions and changes just to the stylesheet of more than 6 times the original is not good business sense in my opinion. How much more work have they done to the PHP code that we can’t see? We know they have modified at least index.php (by removing the WordPress statistic generator meta tag) and footer.php (by removing Anthony’s copyright notice). But if they have made SO MANY changes and additions to the stylesheet, there surely must be a good deal of altered php code, or additions, in the core php files too? Surely, it would have been easier to make a new template from scratch in this instance?

This leads on to the other question that might be worth digging into a bit more; GPL violations:

“If” the developers have modified the WordPress engine, as is being suggested as a possibility here, and then sold it to the Government, in my humble understanding that means they have distributed their modifications. That means those modifications must also be licensed under the GPL. I had a quick look on New Media Maze’s web site and couldn’t find an area for software downloads or mention of the GPL. That doesn’t say anything to be honest and there might be nothing to this, but it would be interesting to find out a bit more… Is there a real WordPress guru who can look at the “footprint” of the XHTML the site generates and tell if it is different? Or are there any other ways to tell if it has been modified?

Anyway, what a wheez this all is for us bloggers: It just isn’t Gordon’s year is it…

1. www.number10.gov.uk/
2. NetWorker Theme
3. £100k for WordPress site
4. Anthony’s original stylesheet
5. No. 10’s heavily modified stylesheet

Number 10 and the Creative Commons

Number 10’s new website, from our beloved government who are such strong users and supporters of Open Source Software [NOT], is running on WordPress. This isn’t actually big news now. There’s plenty of comment about that on the web via Google.

Well, that’s OK I guess. At last they are starting to grok OSS perhaps, although I’m rather inclined to actually surmise that they [#10] don’t even know what WordPress is. They just bought a website…

Anyway, quite a nice site layout don’t you think? I wonder who designed their site?

Looking at the html source, we see that the stylesheets are in a directory called networker-10/ and many of the images are in a subdirectory called images/.

Firstly, see the bit above where it says ? Usually, in there, that line reads: where the X.X.X is the version of WordPress the site is running.

So they’ve removed changed that then. I wonder if they are trying to conceal the fact they are using WP? Not a very useful trick though is it? Having a directory tree called /wp-content/themes/... is a bit of a giveaway if you ask me.

Now then, if you visit Antbag.com and look at some of the themes they have created, there’s one on there called “Networker”. Here’s the demo page http://antbag.com/demo/index.php?wptheme=NetWorker

Let’s look at the top few lines of the html source for this theme:

They look quite similar don’t they? The directory structure is identical and the top-level theme directory is called networker-10. Amazing…

The Networker theme is licensed under a Creative Commons Attribution-ShareAlike 3.0 License. Which you can read all about here: http://creativecommons.org/licenses/by-sa/3.0/

I can only assume that Number 10 have requested, and received, permission of the author to remove all traces of this license and attribution from their WordPress site. I have left a “contact us message” at the author’s website to see if this is the case…

[Update] Anthony Baggett, the theme’s author, has just confirmed that No 10 have not requested that the attribution be removed. That’s not playing fair by my book.

[Update 2] Seems like I am not the only one to have noticed this. A bit more digging has thrown up the following sites also commenting on #10’s cock-up. One is also suggesting it cost £100k. Not bad for a ripped off theme running on an Open Source blogging engine… Links below]
http://cabalamat.wordpress.com/2008/08/16/prime-ministers-website-breaks-copyright-law/
http://community.livejournal.com/theyorkshergob/123043.html
http://www.mikerouse.net/2008/08/15/10-downing-street-wordpress-website-knock-off-and-rip-off/
http://dizzythinks.net/2008/08/downing-street-claims-crown-copyright.html

Alfresco, a bit like Quickr but Bettr

Quickr, for those who are lucky enough not to know, is the morphologically challenged relative of Lotus Quickplace. In reality it is Quickplace with two new themes, two new placetypes and two versions of dojo dumped on the filesystem to make things look a bit more “Web 2.0” and some windows-only integration with Microsoft only applications. So why I am I telling you about proprietary software here on “The Open Sourcerer”? Well I have a bit of a background in the IBM/Lotus area and I have been developing corporate themes for Quickplace since sometime in the last millennium. It hasn’t changed much, but there is a very serious Free and Open Source alternative now.

In brief, Quickr is a website creating tool, each site is known as a “place” and within a place you can have folders and rooms. Rooms are like sub-places, they can have their own access control rules and a different style. They can contain rooms as well so you can have a hierarchy of places. It looks quite pretty, and 10 years ago it was 5 years ahead of its time. It has now got a client install, which integrates with some legacy Windows applications, more on that later.

Alfresco is an Open Source Enterprise Content Management System, which runs as a J2EE application on Linux and other platforms (I would stick to Linux+Apache+Tomcat+MySQL for preference). Like Quickr you create areas for storing stuff, in Alfresco they are called “Spaces”. Spaces can contain files, folders and more spaces.

Inheritance of security to sub-spaces/rooms

So in Quickr you create a place, you add members to that place, you create a room within the place, you carefully check the checkbox labeled “inherit members from parent place” as you create it so that all the members of the place can get into the room. Lovely. Now add another member to the place. You would expect them to be able to access the room wouldn’t you?

No. Inheritance is a one shot deal when you create a room, it just copies the access control list from the parent room as it creates the subroom. Now imagine an place in an enterprise with 100+ rooms and managing user access to this lot. It gets messy.

In Alfresco, inheritance works just like it should. You can set a space to inherit from the parent space, and override it at will. Nice, friendly and fit for the enterprise user/administrator.

Access as a file system

The big new feature in Quickr (the pretty skins don’t count as they are only skin deep) is the Quickr Connectors. This Windows only program installs as a Windows Explorer extension and sits alongside the network neighbourhood, it sort of works like a filesystem.

You can’t do linked spreadsheets (OpenOffice.org or Symphony, or the other one) because the files don’t reside at a resolvable UNC path.

Folders are deeply broken. You can create folders, and nested folders, but they look rubbish in most of the web themes which are designed for a single level of folders. If you do use a web theme with a hierarchical folder tree and then use the web interface to move folders between rooms, they break in the connector. Moving them in the web doesn’t update some important UNID field somewhere, I couldn’t figure out which, but I reported it as a bug.

Personal spaces (aka Quickr Entry) were supposed to be a wonderful thing, when you send an email with an attachment from a proprietary email client (Lotus Notes or the other one) it asks you if you want to store the attachment in your Quickr place and send a link instead. This sort of works. With no security. Your place is public, anyone can see stuff you put in it (with a lame security-by-obscurity option which I haven’t figured out how to get to yet). So you want to organise your space, putting stuff in folders etc. well you can’t. Folders aren’t allowed in personal spaces. Tough.

So how does file system access work in Alfresco? Well it will act as a WebDav server or a CIFS server or both. There is no mucking about with locally installed connector clients and Windows Explorer extensions to make it look a little bit like a network filesystem. It is a network filesystem. WebDAV is well supported on Linux and Mac and it works on Windows too. Once you connect to your server via WebDAV it just looks like another bit of your filesystem. You can drag and drop documents into and out of it, double click things to open them etc. Linked spreadsheets work fine, and in fact every application that expects to be storing or accessing data on a regular drive works just fine with your remote content management system. It isn’t just any remote drive though, it is still a content management system, if the business rules for a space where you drop a file dictate version control then that is exactly what happens.

Version control

So lets say you have a document in Quickr created with a form set up for optional version control (which is a bit of a sloppy concept in itself). You are doing some edits and what started as correcting a few typos turns into a major re-factoring session. You now want to save your document as a new version. Tough. Too late. You have to create a new version before you start editing it, otherwise you are just editing and overwriting the existing version. Quickplace always had a published version + working draft system, it now has a sort of revision history stuffed into it. The two models don’t seem to like each other very much.

Version control in Alfresco is somewhat more thought out, it has a very powerful Advanced Versioning Manager, which can track back not just individual files, but directories, it can show you the state of the whole repository at a particular point in time. Very useful for the multiple linked spreadsheets example. It can do way more than this, it is configurable as

So what does work Bettr in Quickr?

Well Quickr has a truly sickening theme/skin engine. It only works in Internet Explorer with ActiveX and you can upload 6 files (stylesheet + 5 HTML files) which it scoops up along with any referenced images. The HTML files basically duplicate each other, or you can upload just one HTML file and have it guess what the others should look like. There is no community site to share and sell Quickr skins that I know of, unlike Joomla! and WordPress etc. However, rubbish as the theme engine is, it is better than Alfresco which doesn’t yet have a skinning capability (you can edit the stylesheet and all the .jsp files, but that isn’t the same as a facility for uploading a package of skin elements so that places can be individually styled.)

Quickr isn’t just for storing files, it has a nice calendar that can show custom forms on it. I haven’t yet seen a calendar view for Alfresco. The Gantt chart view in Quickr isn’t very sophisticated at all, I wouldn’t miss that, but the calendar is useful.

When uploading files though the web interface from some Microsoft Office applications it does an ActiveX/COM control thing that gets the application to save as HTML as well as the native binary format and it uploads both the HTML version and the native format. It then serves up the HTML version to browser clients, which would be a nice trick. If it worked a bit better. It doesn’t do this trick if using the windows explorer integration, so if you use a mixture of the Quickr connector and the web client you get a great big muddle and a mess.

In conclusion

If I had to do a 15 minute sales demo, on Windows, I could easily make Quickr look fantastic, but when comparing Quickr against Alfresco as a serious tool for long term use in a modern business, Quickr falls short and Alfresco is the one I would choose.