[HN Gopher] Tim Sweeney: "ISO obstructs adoption of standards by... ___________________________________________________________________ Tim Sweeney: "ISO obstructs adoption of standards by paywalling them" Author : linksbro Score : 485 points Date : 2021-03-08 19:04 UTC (3 hours ago) (HTM) web link (twitter.com) (TXT) w3m dump (twitter.com) | rdpintqogeogsaa wrote: | > The value of standards is in their adoption. | | Tim Sweeney correctly observes this, then continues to talk about | "millions of hobbyist programmers". I do not believe that ISO | targets, or even has any remote interest, in this market. | | ISO is comprised of nation-state members who will inevitably | mandate ISO standards as part of legal compliance. Various | stakeholders actually participate in standardization efforts and | thus also both already know the standard and are able to push it | through. All of these categories (government, industries in | highly regulated sectors and large stakeholders) have large | amounts of capital. The amount of money required to fund a | purchase of an ISO standard barely even factors in on a balance | sheet. | | Hobbyist programmers arguably make a lot of open source software | that builds the foundation for today's and tomorrow's platforms. | However, when the big bulldozers from the previous paragraph roll | in, hobbyist programmers give way to highly paid employees of | these giants; be it by merging a patch or be it by being worked | around with a greenfield project or fork. | | On the other hand, ISO has an incentive in charging money for | their standards because this adds perceived value: If something | is freely available, it is easier to dismiss it as a non-serious | effort when debating whether it is worth to bind personnel for | participation in the standards committees; the standards come | across as valueless, worthless. | | Looking at this vector of interests of the various parties | involved, I see little reason for this state of affairs to | improve. | oezi wrote: | ISO actually shouldn't have an incentive to charge more money | than the support of the standardization process costs. | | Also, regulators should (in my opinion) pay for standards to be | freely available when they harmonize/adopt them for their | country/countries. It is kind of insane that one as a customer | can't access the rules by which products are approved without | paying. It is as if laws would be hidden behind paywalls. | luplex wrote: | Actually, laws are kind of hidden behind paywalls! For most | laws, I wouldn't trust my own judgement on their | interpretation and would have to pay a lawyer. | deckard1 wrote: | This always struck me as the dagger into the idea of | freedom. How can one follow the law if one is not fully | informed of the law? | | Of course, those with money like it this way. It's a | barrier for competition and exercising your rights. | | Once you start looking at barriers, such as ISO, you start | noticing them everywhere. Real estate, dentistry, doctors, | school teachers. You can't even cross state lines as a | school teacher, or other professions. People often argue | that software developers should be licensed much like | engineers. Let's be thankful that's not the case. Imagine | the headache of being remote and having to get licensed in | multiple states! | ngrilly wrote: | Not in France. Everything is publicly accessible on | Legifrance.gouv.fr. | phlo wrote: | There's an important distinction here. Laws (and court | decisions) are freely available in many (most?) places. | Relevant commentary on how these laws are applied tends | to be more costly. | | I'm not very familiar with the situation in France, but I | can offer a data point from Switzerland: The civil code | is (of course) freely available online and in PDF format. | A printed copy is available for CHF 15 or so1, both from | the federal press and from other publishers who might | throw in an index or a keyword reference at the same | price. | | However, if you're actually looking to apply any of the | contents, you'll want qualified explanation and | references to jurisprudence alongside the legal text. | Affordable commentary2 on the civil code start at CHF 250 | or so, and the industry standard "Basler Kommentar" to | the civil code is sold as two volumes, retailing for CHF | 598.- each. | | 1 It's a few hundred pages; IIUC the price pretty much | reflects the cost of printing, binding and logistics. Key | point: Nobody is getting rich off of selling these. | | 2 For the civil code, specifically, you'd be in luck: | Some consumer advocacy organizations publish hands-on | guidebooks that are significantly cheaper than the usual | commentaries. So you might get by on CHF 100 or so. But | these tend to not be available for other, less | mainstream, laws. | cma wrote: | Binding legal precedent is often paywalled to read too. | whoknew1122 wrote: | Just last year the US Supreme Court ruled (in a 5-4 split | decision) that states can't put their laws behind a paywall. | Before that it wasn't terribly uncommon for that to happen. | | Capitalism, baby! | boarnoah wrote: | Would IETF where the specs are publicly accessible but it's | vendors and so on in the various working groups be a better | model? | fanf2 wrote: | In principle, people participate in the IETF as individuals, | though in practice it matters who they are employed by. | hrktb wrote: | There is a middle ground between hobbyist and large | stakeholders that ends in the worst spot. | | As you point out those are legal requirements, and a | small/middle size company would need to know them before | entering a field or hitting some legally bound clients. The | paying upfront makes it difficult to do pure discovery to even | know how hard are the requirements to implement. | | I saw that at a small company where we could have been | interested in applying for a standard, as a nice to have to | bring more business. But the cost of paying for the doc, go | through it to then perhaps realize it's not worth it, brought | enough friction that it was delayed to oblivion. | Robotbeat wrote: | Yup. Monetization of things that ought to be free and | standardized is one of the biggest unnecessary drags on | productivity growth today. That many non-profit bodies | contribute to it just makes it more sad. Large companies | don't care about this relatively small cost, and they | actually benefit from the (small) moat that monetization | creates. | SpicyLemonZest wrote: | But I think the ISO paywall prevents adoption in the market | you're describing too. I've worked in enterprise and government | facing commercial databases for half a decade, been involved in | dozens of discussions about whether some proposed piece of | syntax is standards-compliant, and I haven't once encountered a | reference to a section or page number of the actual SQL:2016 | ISO standard. | Hjfrf wrote: | The only bits people actually know are yyyy-mm-dd and pre-92 | implicit joins. | munk-a wrote: | Modern SQL standards seem to be primarily written by the | PostgreSQL team - new features they roll out and syntax to | describe them tend to be widely adopted. Granted, it could be | coming out of ISO itself but nobody would be able to tell | since their standards aren't openly published. | yarcob wrote: | ISO standards are often discussed at PostgreSQL | conferences, and whenever possible they try to follow the | standards. Sometimes standards are written after PostgreSQL | implements a feature, and it some cases it seems like they | are even written to accomodate PostgreSQL (eg. the SQL/JSON | standard seems to take into consideration that a database | might have multiple JSON types just like PostgreSQL) | | But whenever the topic of standards comes up, someone | immediately mentions the high price of the standards, and I | think only some of the developers actually have a copy of | the SQL standards. | onion2k wrote: | _I do not believe that ISO targets, or even has any remote | interest, in this market._ | | "Hobbyist programmers" in this context includes "pre-revenue | startup founders" and "open source project maintainers". Those | people need to have access to standards and shutting them out | only serves as a barrier to the industries their applications | could disrupt. | ngrilly wrote: | It's not just an issue for hobbyist programmers. That's also an | issue for most startups and small companies. You just can't buy | all the documents you need when you're designing hardware. That | stuff is insane. And it's not just about the cost, it's also | about the time necessary to buy these documents. Creates way | too much friction compared to the open model of the IETF, W3C, | Unicode Consortium, etc. The ISO and other organisms using | paywalls live in the past and are hurting innovation. | launderthis wrote: | well I guess innovation has a price (or maybe a cost). And as | long as ISO puts up a paywall they have determined by market | forces what that cost is. | | My perspective on this idea is that altruism is dead when it | comes to open source. Peoples work needs to be paid for. | Weather its ISO or the guy creating a program using it. We | are not to be slaves to the future and I dont wish that for | future devs. Making a profit isnt evil but wanting others | work for free is selfish. People can always make their own | standards and come together across nations and do the work. | But they much rather cry and call hardworking people bad. | | Tim is trying to save a buck I bet. | dpatterbee wrote: | I'm fairly confident that Epic Games don't have any issues | paying a few thousand dollars for any ISO standard they | wish to have access to. | brian-armstrong wrote: | This isn't a robust way to write good software. It's better to | capture the requirements up front and apply those early on in | the project's life. Relying on other users to notice defects is | likely to result in only some of the software being correct. | Especially if it's a date library, the author should be able to | know the proper date format at the outset. | inetknght wrote: | > _Tim Sweeney correctly observes this, then continues to talk | about "millions of hobbyist programmers". I do not believe that | ISO targets, or even has any remote interest, in this market._ | | I completely disagree. As a hobbyist programmer I want to | improve myself so that I can sell my skills to international | standards. It's more difficult to do that when standards have | to be _bought_ before I can even determine how hard it would be | to learn and adapt to it. | whoknew1122 wrote: | The parent's point is that ISO doesn't care about you, the | hobbyist programmer. | | The parent wasn't saying that millions of hobbyist | programmers don't care about standards. The point is that | millions of hobbyist programmers DO care about standards. But | ISO doesn't care about the milions of hobbyist programmers | and therefore paywalls standards. | indymike wrote: | Actually, hobbyist programmers often create what become | competing standards to the ISO track one resulting in low | adoption of the ISO standard. | linksbro wrote: | Perhaps it will be beneficial in the discussion to add examples | of other orgs e.g. IETF, Unicode. Unicode spec is fully | available[1] and their funding comes from a membership-model | rather than a pay-model[2]. | | ISO's argument is compelling but we see other standards | organizations taking different approaches and more or less | still finding success. | | [1] http://www.unicode.org/versions/Unicode13.0.0/ [2] | https://home.unicode.org/membership/why-join/ | r3un1 wrote: | I'm afraid that you are comparing apples and Walmart. | | Unicode is a standard for encoding characters. ISO is an | organisation that _creates_ standards for just about | anything. | | Unicode became a standard as a result of beating other | competing standardisations. ISO declares that whatever they | came up with is the standard, no competition required. Hence | the effectiveness of the business model. | wodenokoto wrote: | Parent is talking about the Unicode Consortium, not the | character encoding, that the consortium is responsible for. | | https://en.wikipedia.org/wiki/Unicode_Consortium | [deleted] | EricE wrote: | If I have a choice or am in a position to influence a | decision, I always push for open standards orgs like OASIS: | https://www.oasis-open.org | smarx007 wrote: | OASIS is good but there member orgs need to pay membership | dues and do it every year. I think ISO encourages | independent experts from public sector and academia to | provide expert feedback without paying for membership. | | Though, I think that ISO can be fully funded by the | national standards bodies on an annual basis just like | OASIS is funder by companies and not charge for PDFs. | Mindless2112 wrote: | Also ECMA (C# and JavaScr... er, ECMAScript) which provides | standards at no cost vs ANSI (no notable language specs since | C and Pascal) which charges a fee. | leowbattle wrote: | Last year I finished the school year early because of the | coronavirus lockdown and had too much free time - so I | wrote an interpreter for CLR bytecode | (https://github.com/Leowbattle/clr_lite). The ECMA-335 | standard contained everything I needed to know for that | project: documentation of the EXE format, VM instructions, | etc. | | I learned a lot doing this project, and I would never have | been able to do it without free access to the standard. So | I think Tim is right to recognise the value open standards | provide to hobbyist programmers. | RcouF1uZ4gsC wrote: | ANSI for languages now operates under the aegis of ISO. For | the C and C++ languages, ANSI is one of the voting member | bodies. | [deleted] | 1f60c wrote: | I _think_ "ECMA C#" lags behind C# as implemented in .NET, | but still. | dblohm7 wrote: | > hobbyist programmers give way to highly paid employees of | these giants | | They all learned C++ somewhere, and I doubt that most of them | had access to the official ISO standard while doing it. (Yes, | I'm aware of the final drafts etc) | dragonwriter wrote: | > They all learned C++ somewhere, and I doubt that most of | them had access to the official ISO standard while doing it. | | There's a difference between "learning to use" and | "implementing" (though having access to the standard is good | for both, it's more critical for the latter.) | cushychicken wrote: | Ah, the old fallacy of "If they charge money for it, it must be | good!" | | Meanwhile, Oracle out here laughing their way to the bank. | justicezyx wrote: | True, but you missed the underlying concept of this statement. | | The trend of innovation is increasingly becoming grassroots- | driven. | | In part, that's because our fundamental research advancement | has stagnated, i.e., the nation states can no longer steadily | produces ground breaking tech that leaves the industry to | adopt. As a result the adopt of standards become more relevant | to SMBs and individuals. | | On the other hand, Internet has driven down the knowledge | acquisition cost to probably bare minimal. I.e., modern days, | one who has good understanding of English can learn pretty much | any highest-level of knowledge almost for free. The SMBs and | individuals are becoming more and more sophisticated, making | them gradually become competent to be involved in the | standardization process. | | In short, ISO's practice is fine looking from a perspective of | 10 years ago, but it's now wrong. | launderthis wrote: | > The trend of innovation is increasingly becoming | grassroots-driven | | Please qualify this, I call bs. I acutally think its harder | and harder to innovate now a days and we need large companies | to innovate because scale is now the battle for any product | that makes an impact. | | If its a "trend" then you must have historical data that | displays the change and im sure you have a hard definition | for "innovation" and "grassroots". This is basically a | flippant comment that Im not even sure you feel strongly | about but it sounds nice. | | > down the knowledge acquisition cost to probably bare | minimal | | you dont understand how important experience is. Books have | been around for centuries, all this knowledge was not much | more difficult to get decades ago but you still have people | cant perform surgery from reading a book or create a rocket | ship. Knowledge is about 10% of the solution to any problem. | | >individuals are becoming more and more sophisticated | | Complicated yes, sophisticated no. Look at music, you think | this is a sophisticated society??? | NHQ wrote: | Standards should be myriad and have benchmarks. | s17n wrote: | What do nation-states and legal compliance have to do with | standards like C++ and SQL? I've never heard of a government | mandating that compilers be standards compliant, or anything | like that. | colejohnson66 wrote: | ISO deals with _way_ more than just C++ and SQL. | [deleted] | chrismcb wrote: | People adapting the standards adds more value than perception. | If these standards are being paid for by governments, then of | course they should be free. But it they aren't free, it means | not everyone will adapt then, and lowers their value | munk-a wrote: | I think the real issue comes from once-removed tools. The | people writing a tool that you use may have access to and | adhere to some ISO standards, and that information may be | quite helpful for debugging while they're building their tool | - but it doesn't really help you all that much since you lack | access to those same standards. | | The C++ standard is pretty different and an interesting | example here, traditionally there were portions of the | standard that weren't really accessible and that, in part, | contributed to different compilers not being called out on | differences of opinion along with the ability to have | differences of opinion not being called out by experts since | they didn't have access to the standards to see where those | contradictions lay. | | In the modern world the C++ standard is what I think ISO | should aim for with all their standards, it is widely | available and heavily discussed and that feedback has allowed | the standard to grow by leaps and bounds as the language has | adopted things once seen as impossible (outside of Qt & | boost) like foreaches and not-terrible-to-work-with lambdas. | dragonwriter wrote: | > Tim Sweeney correctly observes this, then continues to talk | about "millions of hobbyist programmers". I do not believe that | ISO targets, or even has any remote interest, in this market. | | They probably don't. And, maybe that made sense decades ago | when it was more true (though this has never been completely | true) that serious software came out of big industry with up- | front allocation of resources, whereas what any hobbyist | programmers were working on was something else entirely. Today, | much serious software is built by informal networks of | developers who don't necessarily share an organizational | affiliation even if some of them have institutional sponsors. | And a lot of it evolves fluidly, without mandated standards as | institutional requirements, so if developers can't get a | standard freely to assess it for fitness, they simply won't | consider it at all. Thet'll either ignore it entirely, or | approximate the behavior of some other piece of software that | implements (perhaps not faithfully) functionality from the | standard relevant to the needs of the new project (maybe making | alterations to suit the different use case, without reference | to the inaccessible standard, which may have a solution for the | new projects problem that the project used as a model didn't | need.) | | ISO/ANSI/etc. model of selling standards documents to fund the | standards maintenance organization introduces friction for even | "serious software" in that environment, whereas the models used | by the IETF, ECMA, W3C, etc., that funded standards work | without relying on selling standards docs does not. | | Now, of course, there's an easy workaround; if you want | technology to be used, and multiple standards organizations | make standards in the field, don't submit it (at least not | exclusively) to the paid-access organizations. But you've also | got to get, e.g., governments onboard so that they don't adopt | paid-access standards into law. | bombcar wrote: | In a time of vast databases of paywalled scientific papers you're | telling me nobody has a collection of ISO standards? | oasisbob wrote: | If there is, I haven't found it yet. Many national standards | I've seen don't seem to even have DOIs assigned. | | My tiny stash of climbing relevant EN safety standards only | exists because of a scrappy Russian climbing community web | server someone uploaded to. | Daho0n wrote: | Most would likely not even understand them as they are written | in the best example of newspeak (from '1984') I have ever seen. | userbinator wrote: | There are torrents of related ones floating around, although | they tend to be huge and not very seeded. For computing-related | ones, especially popular subjects, you can often find a copy | someone has hosted sneakily amongst other unrelated documents | if you search hard enough. | captn3m0 wrote: | LibGen has a section for standards, but I've rarely found it | useful. | | A better hack is to approach your local standards body. BIS in | India publishes the ISO standards mostly-as-is as adopted by | Indian Law/Regulations. They don't make it easily accessible on | the Internet, but it's available if you ask them for it. | olieidel wrote: | Finally this is getting some attention. Somewhat related, | Healthcare startups are struggling with this because the | standards they have to comply with (for developing medical | software) cost up to 280 EUR (for a pdf!). [1] | | One common workaround is to go to "the Estonian site" which | offers the same, English version of standards for a much lower | price [2]. Being a bit cynical, I would say that Estonia | prioritises open information much more highly than.. other | developed countries. I created a price comparison on my website | [3]. | | But: The core problem of standards being openly available is | still not solved. Why is this not possible? For me, standards are | very comparable to the law: A large number of people should | comply with it. For that, they must be openly available to | everyone. Everything else doesn't make sense. Is that | unreasonable? | | [1] https://www.iso.org/standard/38421.html [2] | https://www.evs.ee/en/ [3] https://openregulatory.com/accessing- | standards/ | ironmagma wrote: | Luckily, FHIR exists is an open healthcare standard which gives | it an advantage. (Disclosure: I work at Commure which uses it.) | wk_end wrote: | Very much in favour of open standards on principle, but is a | few hundred EUR really an obstacle for any kind of serious | medical startup? | olieidel wrote: | It is: | | - You need to purchase multiple standards (at least 4). | | - In theory, you need to purchase a multi-user license if | more than one person should be allowed to read the pdf in | your company (hint: nobody purchases the multi-user license). | | - Every few years, new versions of the standards are released | which you have to purchase. | | - Sometimes, you just purchase standards to realise that | they're not applicable to your company. | | - The industry is riddled with shadiness: A German standards | web shop offers a "standards flatrate" for a "great price" of | e.g. 750 EUR for 10 standards. [1] | | - Getting off-topic, but more related shadiness: Your | purchased PDFs are watermarked with your company name and | full name of purchaser (!) in the footer of each page to | prevent sharing. | | [1] https://www.beuth.de/de/regelwerke/normen-flatrates-im- | ueber... | edflsafoiewq wrote: | Especially compared to the cost of reading and complying with | them. | pretendgeneer wrote: | The problem is not just a few hundred EUR if that standard is | your core business, it's the 10's-100's that are roughly | adjacent that if they were free you would just have on hand | and use/adopt if it makes sense, but to have a price | gatekeeper means you have to think about every single | standard that might make sense to follow. | oauea wrote: | It's not just one document. And you don't know what will be | relevant before you buy them, because you won't know the | contents! | ballenf wrote: | ICD code licensing is highway robbery. I would guess most | health tech startups also need those. | | And those prices look reasonable compared to drug database | license costs. | | And the real killer is meaningful use certification. | | The whole field seems engineered to prevent competition. | | So while ISO costs are unjustifiable, they're a pittance | compared to other compliance costs that most in the field | will encounter. | btilly wrote: | _The whole field seems engineered to prevent | competition._ | | It is. After all it is not in the interests of anyone who | is established in the field to make competition easy. | jtwaleson wrote: | The fact that the content is copyrighted and can't be | publicly discussed is the main issue. | nl wrote: | That's not what copyright is at all. | | Copyright might restrict reposting parts, but nothing | (except perhaps license agreements) restricts public | discussion. | | You can see this by the fact that Wikipedia has complete | details of the ISO date standard (as referenced in the | parent tweet Tim replied to). | unethical_ban wrote: | When ISO is defacto law in some industries, I would argue | that laws should not be paywalled. | jrochkind1 wrote: | Your comment reminds me of related thing, with building | codes in the US. The Supreme Court recently ruled they | could not be copyrighted, for the reasons you say, they are | laws that need to be available. | | These codes are often produced by a single organization, | "International Code Council", a non-profit somewhat | analagous to ISO, which I believe sells them to | governmental jurisidictions which adopt them as law, | sometimes with some customizations or "choose A or B" | choices. | | One of the parties to the lawsuits involved happens to be a | Y Combinator funded company, "UpCodes". | | https://archinect.com/news/article/150195411/supreme- | court-r... | | https://www.constructiondive.com/news/construction-code- | purv... | | https://techcrunch.com/2020/11/16/a-court-decision-in- | favor-... | | In the US, if there are any cases where an ISO code is | mentioned in law as legally binding in some way, it's | possible someone could try to challenge the ability to keep | from sharing the relevant standard text freely. It's not | exactly the same situation, but this supreme court decision | provides a possible path anyway. | jsmith45 wrote: | That is a severe overstatement. | | The Supreme Court ruled in Georgia vs | public.resource.org, which was very much not about | building codes. P.R.Org actually does have another | ongoing lawsuit that is similar to UpCode's: American | Society for Testing and Materials et al. v. | Public.Resource.Org | | The UpCode ruling was at the district court level, and | merely cited the ruling from Georgia vs | public.resource.org. | | Until we get at least appellate level decisions on the | copyrightability of enacted codes, I'm unlikely to feel | satisfied. | jrochkind1 wrote: | Hm, thanks for correction. I'm definitely not an expert. | I just vaguely remembered that it was something that was | at one point being legally challenged, so looked it up | and found those articles, with headlines including: | | "Supreme Court rules that building codes cannot be | copyrighted" | | "Construction code purveyor calls Supreme Court's ruling | that annotated code can't be copyrighted 'monumental'" | | Are you saying those headlines were overstating? | skissane wrote: | > These codes are often produced by a single | organization, "International Code Council" | | Somewhat off-topic, but I've never quite understood the | American tendency to call something the "International X" | when the US is only the country of any significance | involved in it. | | (It may be technically true that a handful of small | countries have adopted the US building code - such as | Bermuda or Western Samoa. But that doesn't change its | status as an essentially American code. The US is the | only major economy to use it, and non-US entities have | very minimal, if any, input on its contents. And a few | small countries might have adopted the US building code | even if it was called "US" rather than "International".) | AYBABTME wrote: | Marketing. | lathiat wrote: | Same problem with the building standards in Australia. | | Same problem in Australia with the AS/NZS standards. I've | been having problems with my whiteset plaster, which is | like a liquid applied white plaster surface used on | almost every home here in Western Australia. Mine was | done incorrectly, I had to purchase two different $250 | standards to understand how it was done wrong, how it | should behave, how it was tested, in order to file a | complaint. It may not surprise you part of the reason it | was applied incorrectly is because not every trade has a | copy of said standard. | | And then even once you purchase it, it's a "one user" | watermarked PDF you're supposed to only have 1 copy of | and there's lots of harsh warnings about that, so even | those that have it and scared to run around with it. | | It's a crazy situation. Because this is legislated stuff | for building. As a consumer it's very expensive to inform | yourself on these things. If you wanted to inform | yourself on all aspects of a build it would get expensive | fast. | | It's also difficult for me to publish and discuss this | information in the public domain to help other consumers | having the same problem, as the limits of how much text I | can "copy" appears technically set at 0 even though it's | standard to "reference" it. But it's very easy to mis- | interpret the standard if you don't read things in | context. | | If the standards are effectively government legislated | they either need to be government funded (this makes | total sense to me) or the price needs to be much more | token, 10 dollars, with much less draconian access. But | at that price the government may as well fund it anyway. | Dave_TRS wrote: | If anyone is interested, below is a relevant portion of | the court's analysis from the Up.Codes case in the | original document linked to at the end of the Techcrunch | article above. They lay out criteria by which a | copyrighted work is considered "the law", giving the | public free access to it: | | "the principles that guide the Court's analysis seem | relatively clear. The law is in the public domain, and | the public must be afforded free access to it. SeePRO, | 140 S.Ct. at1507. That a law references a privately- | authored, copyrighted work does not necessarily make that | work "the law," such that the public needs free access to | the work. CCC, 44 F.3d at 74. However, a privately- | authored work may "become the law" upon substantial | government adoption in limited circumstances, based on | considerations including (1) whether the private author | intended or encouraged the work's adoption into law; (2) | whether the work comprehensively governs public conduct, | such that it resembles a "law of general applicability"; | (3) whether the work expressly regulates a broad area of | private endeavor;(4) whether the work provides penalties | or sanctions for violation of its contents; and (5) | whether the alleged infringer has published and | identified the work as part of the law, rather than the | copyrighted material underlying the law." | switch007 wrote: | I know European funding has its issues but is a few hundred | Euro that bad? | drspacemonkey wrote: | For one or two standards? There's just the headache of | getting approval to spend the money. | | But when it gets to dozens/hundreds, plus requiring vendors | to have their own copies, it quickly multiplies into a | massive burden. And that's not even getting into the open | source issues. | | Not to mention the fact that you might not know if you NEED | the ISO until after you've already bought it. | korijn wrote: | ISO standards commonly refer to other standards for more | details. Then you also need technical reports which are also | pay walled to get a sense of practical application. It very | quickly adds up and there is no way to "explore" which | documents are really applicable to your company and products. | | And to top it off most of these licenses under which you buy | them only allow for a single digital copy (one person). | babayega2 wrote: | As mentioned above, if it few $524 per document, and you | don't know how many documents you will need to consult in | order to comply with the standards and at the end you need to | buy the relevant document ... It's tricky. Standards are like | laws. The law shouldn't be pay-walled. | linksbro wrote: | It's incredible to learn from the responses in this thread how | widespread and systemic this problem is, not just in software | but seemingly every industry. Thank you for these examples. | jtwaleson wrote: | I fully agree | munk-a wrote: | I am a rather seasoned database person at this point, but when I | wasn't - when I was just getting into database interactions - I | had an academic background in relational algebra and I knew that | SQL was the main communication language. For day to day work this | was fine but at one point I was tasked with making our | application DBMS neutral with support for running on top of | SQLServer (TSQL), PostgreSQL, and MySQL. My first thought when | coming to this problem was, well, let's take a good look at the | grand daddy doco so I attempted to find the SQL standard. | | It disappoints me that, to this day, the best reference for pure | SQL out there are the postgres docs, postgres is actually pretty | good about calling out non-compliances so you can get a really | good grounding of what code is likely to be cross platform | compatible. | | I 100% agree with Tim Sweeney's sentiment. ISO are terrible at | their job. | [deleted] | yakubin wrote: | Aside from obstructing access, ISO produces really low-quality | standards. The prose alone leaves much to be desired in terms of | clarity and concision. Knowing that, I'm relieved each time I am | to deal with an IETF standard instead, which wins on both fronts | (quality and access). | dragonwriter wrote: | > Aside from obstructing access, ISO produces really low- | quality standards. | | Low-quality standards are themselves an access issue, and I | think are reinforced by the paid-access rule, since that means | the people reading the standards are a narrower group who is | more specialized in dealing with ISO standards, who are more | prone to become blind to "that's just the way ISO standards | are". | | ANSI (also paid access) standards such as the whole ASC X-12 | suite widely used in industry and a portion of which is | mandated federally for healthcare under HIPAA are a complete | nightmare mess, too. (And it doesn't help that not only are | they paid-access standards, but they often incorporate by | reference literally hundreds of other, largely paid access, | standards from other bodies, some of which have become obsolete | and are no longer available when the standard referencing them | remains mandated.) | peterlk wrote: | If there is anyone on earth who could reinvent the internet, it | is Tim Sweeney. The metaverse is coming, and it will exist | because of him. Think I'm being hyperbolic? Go listen to his | SigGraph 2019 talk | zepto wrote: | It will obviously not 'exist because of him'. | | It wasn't his idea, and thousands of people have worked on the | technologies to enable it, and he's not even the only | billionaire with a company who is working on such a thing. | | For the most part I see him complaining about people impeding | him, rather than just solving the problems with his own | resources. | aargh_aargh wrote: | Saving you a click... since I, for one, had no idea who Tim | Sweeney was. | | "Timothy Dean Sweeney (born 1970)[4] is an American video game | programmer, businessman and conservationist, known as the | founder and CEO of Epic Games and as the creator of the Unreal | Engine, a game development platform." | | https://en.wikipedia.org/wiki/Tim_Sweeney_%28game_developer%... | | "Tune in to hear Tim Sweeney (founder and CEO, Epic Games) | during his SIGGRAPH 2019 Talk, "THRIVE: Foundational Principles | & Technologies for the Metaverse." You'll hear Sweeney posit | the state of the games industry, the rise of creator-centric | and social gaming, what the "metaverse" really is, and what it | will take to build the medium on a larger scale." | | https://blog.siggraph.org/2019/10/siggraph-spotlight-episode... | leoedin wrote: | The price of standards makes me angry. They're essentially a form | of legislation in many countries - to sell anything in the EU you | have to comply with the relevant safety standards. Yet they're | kept under lock and key - to read the rules which you need to | follow to sell something in your own country, you need to pay a | 3rd party hundreds of Euros. | | And when you read the standards, they reference other standards. | Eventually you have to build a graph of standards to which you | must comply, each one costing hundreds of Euros. It's a complete | racket. | | The worst thing is that the standards themselves tend to be | written by 3rd party organisations with an interest in that | domain, so they have a strong incentive to make the standard | match with whatever they're doing. So not only does a new startup | have to spend months reading hugely expensive dry safety | standards, you also have to build something which is essentially | a worse version of the incumbents. | leipert wrote: | I wonder whether it is worth to employ a student just for | getting access to Standards / Papers via their university. | (Back when I was at a technical University we could access that | via our student logins) | | That way you might explore which standards are necessary and | buy them if need-be. | | edit: Obviously I would advocate for open and free standards. | kaliszad wrote: | Yes, it is a big problem and a very good business for some | firms. I have 2nd hand experience with that thanks to my | closest family. There is a partial workaround using a public or | university library, which at least in Germany and most likely | other European countries, seems to work. They tend to have many | standards available and they can usually order more if you ask | politely. At least bigger central libraries or those connected | to a big university shouldn't have an issue with that. Of | course, even so you may have to buy a standard (licence) | because of the licence part. At least you know, what it | contains before you think about buying the licence. It may be, | you don't actually need the licence at all or can reduce the | amount of the total licences you need. | lathiat wrote: | Same problem in Australia with the AS/NZS standards. I've been | having problems with my whiteset plaster, which is like a | liquid applied white plaster surface used on almost every home | here in Western Australia. | | Mine was done incorrectly, I had to purchase two different $250 | standards to understand how it was done wrong, how it should | behave, how it was tested, in order to file a complaint. It may | not surprise you part of the reason it was applied incorrectly | is because not every trade has a copy of said standard. | | And then even once you purchase it, it's a "one user" | watermarked PDF you're supposed to only have 1 copy of and | there's lots of harsh warnings about that, so even those that | have it and scared to run around with it. | | It's a crazy situation. Because this is legislated stuff for | building. As a consumer it's very expensive to inform yourself | on these things. If you wanted to inform yourself on all | aspects of a build it would get expensive fast. | | It's also difficult for me to publish and discuss this | information in the public domain to help other consumers having | the same problem, as the limits of how much text I can "copy" | appears technically set at 0 even though it's standard to | "reference" it. But it's very easy to mis-interpret the | standard if you don't read things in context. | | If the standards are effectively government legislated they | either need to be government funded (this makes total sense to | me) or the price needs to be much more token, 10 dollars, with | much less draconian access. But at that price the government | may as well fund it anyway. | neuroma wrote: | Agree with all you say. Apparently people sometimes put ISO | documents on libgen, potentially saving the expense. | Faaak wrote: | Sometimes even, the standard is split into different norms. For | example, the EV charging cable is defined in EC 62196-{1..6}. | Which in turn address other standards. So you finally need to by | at least 10 PDFs to understand the darn thing.. | mleonhard wrote: | IETF works around ISO's paywall by including necessary info in | their free RFCs. For example, TLS uses X.509 certificates which | use "ASN.1 object identifier" numbers from a non-free ISO/IEC/ITU | document [0] [1]. IETF includes the required and optional numbers | in the appendix of their free RFC on X.509 [2]. | | [0] https://www.iso.org/standard/80321.html | | [1] https://www.itu.int/rec/T-REC-X.520 | | [2] https://tools.ietf.org/html/rfc5280#section-4.1.2.4 | plankers wrote: | There's something beautiful about watching a billionaire (or | almost one) tell the ISO Central Secretariat "That's dumb." | 3np wrote: | What does their bank account have to do with anything...? | bondolo wrote: | I am glad that this is getting attention. Open access has been a | discussed issue for academic journals for some time already but | the locked down access for standards has received little | attention. In addition to ISO the IEEE, SAE, NMEA all have their | standards behind paywalls. Even ASN.1 was for many years, long | after it was adopted for the RSA PKCS standards, a paywalled | standard. This is incredibly frustrating. | | I remember sending cheques to "Global Engineering Documents" in | Englewood Colorado to get printed copies of various standards | back in the 1990s and hoping that would die with the advent of | the Internet and the possibility of cheaply distributing | information. It was understandable in the world of paper that if | you wanted some obscure technical document that it was expensive. | They retained the publishing model but eliminated the reason it | was expensive. | | It has been encouraging that people like Carl Malamud have been | working at making various aspects of our laws, regulations and | standards public but more work is needed. | | Some of my tweets over the years on the topic of open access | standards: | | "I am really thrilled by sudden attention on paywalled standards. | Current model hurts standardization. So how about it @SAEIntl, | @IEEESA, @NMEA_org, @isostandards, @ITUstandards will you join | the 21st century and move to free open access standards? | Alternative is your irrelevancy." | https://twitter.com/mjduigou/status/1369033695030513670 | | "It annoys me that the IEEE standard for publishing test results | probably won't be adopted by software industry because it is | behind a fricking paywall | https://ieeexplore.ieee.org/document/8662798" | https://twitter.com/mjduigou/status/1273718847497887744 | | "I don't like that @IEEESA or @SAEIntl put their standards behind | paywalls. Whatever revenue this publishing model makes is grossly | offset by the impairment to, you know, standardization." | https://twitter.com/mjduigou/status/1308889681187221505 | | "How many bullshit encodings have been created since 1984 because | ASN.1 wasn't a freely available standard? Not that it is perfect | but SO MUCH PAIN could have been avoided if there had been | community adoption. That adoption didn't happen because it was | not an open access standard." | https://twitter.com/mjduigou/status/1308892326098546691 | | "Free the codes! | https://www.kickstarter.com/projects/publicresource/public-s... | Only slightly worse than patent trolls are public standards | behind paywalls." | https://twitter.com/mjduigou/status/384767046753320962 | LockAndLol wrote: | Is there going to be a scihub for specs? Spechub? This seems to | be the build IP towards that. | aejnsn wrote: | I have had the hardest time with getting other developers to | understand standards because of this. If the standards are walled | off in some privileged access, how can the public, or users | thereof, understand, much less contribute to said standards? | There has to be a better mechanism. | curtis3389 wrote: | Even if you get past the paywall, you'll be presented with | incredibly obtuse standards. | | I tried to use ISO 1016 for writing a software design doc with | some success, but it was like pulling teeth. | | First, you needed multiple ISO dictionaries to find out what half | the words are referring to, and even then things are ill-defined. | | For example, one of the required sections in an ISO SDD is the | Context, but nowhere is context defined or described. | | The standards just seem like a web of academic garbage with no | connection to reality. | | Woe to anyone that must implement them as part of their job. | SloopJon wrote: | The posted link took me straight to Tim's tweet, so I didn't | realize at first that he was replying to @isostandards: | | > Hello, unfortunately, the ISO Central Secretariat does not | provide free copies of standards. All ISO Publications derive | from the work and contributions of ISO and ISO Members that | contain intellectual property of demonstrable economic value. | | > For this reason, considering the value of standards, their | economic and social importance, the costs of their development | and maintenance, we and all ISO Members have the interest to | protect the value of ISO Publications and National Adoptions, not | making them publicly available. | | The ISO standard that I have the most experience with is ISO/IEC | 9899:1990, aka C90. Part of the reason for that, of course, is | that I had a used copy of Herbert Schildt's _Annotated ANSI C | Standard_ ; it's also a considerably smaller standard than, say, | SQL or C++. | | I'm of mixed minds as to the value of the C standard. There is | certainly value in having _a_ standard. After sufficient study | and deliberation, you can usually determine whether an input | program or compiler implementation is standards conforming. When | I compare the evolution of C and C++ to say, Python and Rust, I | have trouble pointing to the specific value that ISO adds. | | This isn't really a fair comparison, because the difference | between C/C++ and Python/Rust isn't just the process, but the end | result. I judge C and C++ not just by ISO's efforts, but by those | of Microsoft, IBM, GNU, LLVM, etc. Python and Rust, meanwhile, | ship a working reference implementation, and do a pretty good job | of it. Rust has improved quite a bit six weeks at a time. C | standards, meanwhile, ship closer to every decade. Even the new | rapid pace of C++ is every three years. | ak217 wrote: | Aside from Tim making very good points, ISO-8601 is not a good | standard - it tries to specify too many formats and ends up being | so flexible that full compliance is rare. RFC 3339 is an open | standard and is much simpler and more practical. | lifthrasiir wrote: | I do think ISO 8601:2004, which is now ISO 8601-1:2019, is a | reasonable standard. It never tried to become a computer data | type and/or format standard; it is a simple extension to human- | readable date and time format modulo ambiguity. Even infrequent | formats like intervals are not complex and can be easily | learned. By comparison RFC 3339 only covers a very specific use | case (which is the internet protocol), and if we had only RFC | 3339 but not ISO 8601 we will still be fighting over mdy vs. | dmy vs. ymd order for human-readable dates. The only problem | with ISO 8601 is, well, it is not openly available and Tim is | very right about that. | | ISO 8601-2:2019 [1] is however a complete mess. It is too | complex for human consumption and too ambiguous for computing | uses. I argue that it should be shelved as soon as possible. | | [1] | https://web.archive.org/web/20171020000043/https://www.loc.g... | (draft standard) | wongarsu wrote: | > ISO 8601-2:2019 [1] is however a complete mess | | Wow, you weren't joking. | | It introduces things like "?2015-?02-31" (year and month are | uncertain, day is known), which may be abbreviated as | "2015-02?-31". 'The character '?' (question mark) is used to | mean "uncertain". The character '~' (tilde) is used to mean | "approximate". The character '%' (percent) is used to mean | "both uncertain and approximate".' | | There's also "1950S2" (2 significant digits, so a year | between 1900 and 1999, estimated as 1950). You could also | write 19XX, though that has a slightly different meaning | (leaving the last two digits unspecified). | | There are special "month" values to denote other divisions of | a year. "2001-21" is spring of 2001, 2001-22 is summer, | 2001-33 is the first quarter. | | "R/20150104T083000/PM15S00/FREQ=YR;INTR=2;BYMO=1;BYDA=SU;BYHO | =8,9;BYMIN=30" is a fifteen minute time interval every Sunday | in January at 8:30:00 AM and 9:30:00 AM, every other year | wheybags wrote: | Genuinely curious to hear the supposed use case for this | stuff from the original author. | guitarbill wrote: | You're not wrong, but unfortunately a lot of libraries call it | ISO 8601, and not RFC 3339. I think a lot of people probably | mean RFC 3339 when they say ISO 8601 (myself included for a | long time). | nwhatt wrote: | Healthcare has long been the same way, HL7 was paywalled | ($1000+/yr membership until 2012).X12 is still in the thousands | for membership. | dj_mc_merlin wrote: | I was not aware people buy ISOs at all. I thought everyone | pirated them and only companies paid the actual price, same as | with software licenses. | Kranar wrote: | I can't speak about the ISO as a whole for engineering fields, | but the ISO standardization process has worked out horribly for | the C++ community. Not only for the issues Tim Sweeney points | out, but the entire C++ standardization process is defacto a | closed-off and secretive process where participation is limited | to those who can physically travel from place to place and it's | painfully obvious that the quality of features in C++ are much | lower than what they could have been otherwise. | | A common claim made by the ISO C++ committee regarding criticism | of the language is that these guys are volunteers working in a | mostly unpaid capacity on the language, and often have to hit | tight deadlines to have any shot at getting a feature into the | standard, and that's true exactly because of how arcane the ISO | standardization process is. It's this pseudo-antagonistic process | where maybe one or two individuals are tasked to "champion" a | paper in front of their peers and then everyone is supposed to | pretend that there's no politics involved and that the paper gets | approved entirely on its technical merit. | | C++ would have been much better served from ditching that and | doing what Java, Python, and Rust do, have broad community | feedback and input. It's hard to imagine what beneficial features | are in C++ that would not still be there had there been | involvement from the broader community of game developers, | embedded device developers, desktop software developers and a | host of people who use the language regularly, but it's clear | many clumsy and awkward features would have been eliminated, | including the now 50 ways of initializing variables, broken | standard library features like std::variant, the now unusable | std::regex, the minefield that is std::random, the upcoming | bloated and error prone std::ranges, it's no wonder many C++ | development teams are skeptical of the utility of the standard | library and just roll their own alternatives. | | I hope no other language goes down the road of using ISO to | standardize its language. | initplus wrote: | One of the biggest impediments caused by the C++ standards | committee is the tight scope of the standard. Anything outside | of the language/library spec is entirely outside the realm of | standardization. | | So any tooling improvements (dependency management, build | process) are not able to be made to the language. Fractured | solutions harm adoption, languages with good dependency | management and good build processes have one solution they push | on everyone. | deckard1 wrote: | C++ at least had the benefit of industry and OOP trend behind | it. It was rather fortunate in this case. | | I've argued elsewhere on HN that Common Lisp died because they | were closed and secretive at the exact moment they needed to go | the opposite route. | | https://www.cs.cmu.edu/Groups/AI/html/faqs/lang/lisp/part4/f... | | Around 2004, Lisp was having a bit of a revival of sorts. Lisp | was becoming trendy, various blogs and web sites were created. | But the only documentation you could find was the HyperSpec. | Which, as anyone that had the misfortune of reading, is _awful_ | as a reference. It 's both too technical for casual software | developers and not official enough for language implementers. | There were two free, open source Lisps available (CMUCL, CLISP) | and both were rather unloved and clunky at best. | | Even Linus had a bit of trouble getting his hands on POSIX | standards. Imagine Linux dying because it couldn't follow | standards that Linus could not acquire. | | By the mid-to-late '90s the writing was already on the wall. | Perl, Python, PHP, Ruby followed no standard. It became common | for the free implementation to _be_ the standard. | | Clojure arrived and largely filled the Lisp void. Racket | attempted a similar movement, by renaming itself from PLT | Scheme to something that removes the emphasis on any particular | standard. If you want Lisp today, though, you're probably doing | Clojure. | varjag wrote: | C++ was pretty horrible prior to C++98 as well (and likely 33 | out of 50 ways to initialize a variable already existed by | then). It did improve considerably within the past decade under | the auspices of the committee. | slezyr wrote: | std::string has been in C++98, however, you couldn't use it | to create a std::ifstream as it had only char* constructor. | | It took a decade to add a std::string constructor... | nraynaud wrote: | I would at least start by distributing for free all standards | targeted by a legislation. | | Because those suckers cross-reference each other like crazy, a | standard can have only a few paragraphs of useful content (and | pages and pages of legaleeze and revision management around). | ketamine__ wrote: | Seems a bit dramatic. | vernie wrote: | The Fortnite money printer has made it possible for Sweeney to | tilt at as many windmills as he likes. | moonbug wrote: | this dude needs to learn about libraries. | colejohnson66 wrote: | What library contains copies of ISO standards? | moonbug wrote: | I guess you do too. | gjvnq wrote: | University libraries | gred wrote: | Can we frame this as an equity or social justice issue, so that | we can leverage the social media MaaS (Mob as a Service) | infrastructure to effect change? | camdenlock wrote: | I haven't seen anyone ask this question yet: do we LOSE anything | by removing these fees? Does the incentive structure change in | any meaningful way? i.e. do we need these fees in order to | incentivize the production of quality standards? | | I agree that the fees seem like annoying gatekeepers, and | antithetical to the purpose of standards. But if we remove them, | where do the economic incentives come from? | s1mon wrote: | It's not just the ISO. ASME (American Society of Mechanical | Engineers), IEC (International Electrotechnical Commission), PIA | (Plastics Industry Association), etc. all have standards which | they are supposedly trying to promulgate. There are a few | standards that I've needed professionally which are freely | available: the USB specs and the MIDI specs. | https://usb.org/documents https://www.midi.org/specifications | | When specifications needed to be printed and shipped, I | understand that costs money, but electronic standards should be | very low to zero cost to download. | | I did find that DIN (Deutsche Institut fur Normung or German | Institute for Standardisation) is starting to publish some of | their standards for free. https://www.din.de/en/din-and-our- | partners/press/press-relea... | | In the US, anything that is published by the government is | supposed to be free of copyright. | https://www.govinfo.gov/about/policies | robmccoll wrote: | Private standards are also how you end up with a variety of | implementations that are all non-conforming in their own subtle | ways. Some because the authors didn't have access and were | attempting to do the best they could with documentation from | other implementations, third party articles, and reverse | engineering. Some because the authors have the standards, but the | consumers of their products don't and won't hold the authors | accountable since they don't know how it is really supposed to | work anyway. Others because they think there is competitive | advantage in deviating from the standard. | | It's hard enough getting consistent behavior out multiple | implementations of the same public standards. | MaxBarraclough wrote: | I was certain that the Ada language spec - an ISO standard - was | made freely available. I was mistaken. They only make an old | version freely available. [0] | | I get the impression the standardisation of Ada has been broadly | successful in providing assurance of conformity, [1] but that | still doesn't excuse paywalling the document. | | [0] https://en.wikipedia.org/wiki/ISO/IEC_8652 | | [1] https://www.adaic.org/ada- | resources/standards/ada-95-documen... | ndesaulniers wrote: | Yep, hence GNU C extensions. Many are good and solve deficiencies | in the language. I wish there was more collaboration between | implementations before any became widespread in use, but I can | appreciate avoiding design by committee. | ChuckMcM wrote: | This is the engineering equivalent of scientific journals. | shadowgovt wrote: | Yes, which is why so many standards are not ISO. | | Some are, to be certain. Especially standards where a lot of | money is riding on all the adopters agreeing on compliance, so | there's a certain benefit to the "money where your mouth is" | aspect of the service ISO provides. | | But plenty of highly influential standards are not ISO. | j1elo wrote: | I see a nice parallelism with the concept of OSS. All these | paywalled standards are like closed source software, in the sense | that they are not created under terms that ultimately protect the | freedoms of final consumers (those who end up reading the PDF). | | The ISO business model is creating something (standards) and then | profiting from their distribution. | Rapzid wrote: | I went to make a SQL to AST parser; was absolutely shocked to | discover you had to purchase the SQL standard. | yehButEpic8 wrote: | Dear Tim Sweeney, | | Get together with Unity and open source your engines so we can | drive towards a standard. | | What's actually interesting is content. Why should we developers | be locked into walled gardens? | | Thanks | tuke wrote: | This has bugged me for a long time. | | My company complies with HITRUST. Many of the HITRUST controls | are syntheses of controls found in NIST, ISO, and other | organizations. | | In some cases, I want to know where a HITRUST control comes from: | But since I can't look at ISO without paying, I am blocked from | understanding the provenance of some HITRUST controls. | | I don't like that. | not_knuth wrote: | I vaguely remember ISO wanting to make their standards freely | available a couple of years back, but the BSI (British Standards | Institute) blocking the move, because it conflicted with _their_ | business model. | | I can't find a reference to it though and it was only briefly | announced during an ISO meeting. Is there someone from ISO who | can back this up? | smitop wrote: | Recently I was curious as to how the wireless emergency alert | systems work. But the actual specifications [1] from ATIS | (another standardisation body) that carriers are required to | implement are paywalled with ridiculous prices. $145 for a 35 | page PDF is way too much, and makes the whole system way less | transparent. | | [1] e.g. | https://www.techstreet.com/standards/atis-0700036-v002?produ... ___________________________________________________________________ (page generated 2021-03-08 23:00 UTC)