Chad Perrin: SOB

16 April 2007

guns, guns, everyw- . . . no, more like “almost nowhere” today

Filed under: Liberty — apotheon @ 09:04
  1. There was a very widely publicized shooting spree at Virginia Tech today. At least 33 died when someone locked himself inside a building on Virginia Tech campus, started shooting people, and eventually shot himself.
  2. In March, a man with a concealed weapon saved a woman from death by stabbing and burning. Her husband stabbed her “at least ten times”, poured fuel over her, and prepared to set her on fire, but a passer-by saved her life and held the husband bent on murder at gunpoint until the police arrived.
  3. Oleg Volk (if you’re not familiar with him, you probably should be) has already created an excellent illustration of some of the facts of the Virginia Tech situation. He’s quick.

Think of the above as “1 + 2 = 3”. There’s a logical progression of concepts here.

problems in open source development

Filed under: Geek — apotheon @ 05:33

You’ve probably noticed by now that I’ve taken a break from the Symantec analysis. I’ll probably get back to it. It lost its luster, and I’ve been busy with other things (changing automobile insurance carriers, et cetera). In the meantime, I’ve decided to post some of my thoughts on The sorry state of open source today (also available here). I’ll organize these comments by the part of the editorial that inspired them. I recommend that you read the original editorial on which I’m commenting before reading these comments, and perhaps keep it open in another tab (you are using a tabbed browser, aren’t you?) for reference. I will not be restating the content of the original in my comments.

  1. The Linux kernel may be the poster boy for open source development, but comments about its state do not extend to open source software universally. I don’t even use a Linux-based OS as my primary OS — I’m a FreeBSD guy these days. Of course, I have noticed a decreased effectiveness of quality control in the Linux kernel, but it’s not horrible yet, and real steps are being taken to turn things around.
  2. No . . . the real reason OO.o won’t be forked has little to do with the fact that it has gone mainstream. The real reason it won’t likely be forked is two-fold — one, the maintainers are doing a “good enough” job so that most people don’t want to go to the effort; two, it has become such a huge, bloated piece of software (just like any office suite, by definition) that the effort involved in a fork is just insane to contemplate. As for the comments about bug patching, we should ultimately realize that immediate patches are important no matter what type of software you’re using, regardless of whether it’s open source software. The fact we live in a networked world affects the immediacy of security for everyone — especially when the vendor spends four months sitting on an ANI library vulnerability report, and doesn’t release a patch until after the vulnerability is being exploited by malicious security crackers!
  3. Software patents are not part of the “sorry state of open source” software. They’re part of the sorry state of legislation and case law. Patents in general are getting way the hell out of control — an inevitable effect of a legal system that makes use of patents and intermingles corporate business with government. Software patents should definitely be eliminated. That’s a problem of law, though, and not of software, though it affects all software, not just open source software. I agree it’s a problem, and a huge problem at that, for open source software, but I disagree with the characterization of it as part of “the sorry state of open source” software. The problem of software patents, by the way, cannot be laid at the feet of some kind of mystical American worship of the Founders. If that were the case, software patents would probably be less of a problem than they currently are (the Founders have said things both good and bad about patents) and a lot of other problems we currently have would never have happened at all. The problem is not an American slavish devotion to the words of the Founders, but a very universally human tendency to cherry-pick statements from long-dead authority figures that support a given viewpoint and defend that to the death, regardless of the fact that a more comprehensive look at the situation — or even a more complete look at what those authority figures have said — would show much that contradicts that viewpoint. Anyway, Ireland has on occasion proven itself most assuredly opposed to the side of the angels in software patents, so we’re clearly not talking about an American (only) problem. While I agree with Beranger on a number of subjects, his commentary on the Constitution, the Founders, and American tradition is so full of holes that there’s little left tying it together on the subject that actually means anything at all. Stick to attacking software patents, Beranger, and stop trying to analyze US politics, at least until you have a more comprehensive understanding. Unchanging Constitution? Don’t make me laugh. I have to agree, though, that US patent law is completely screwed up.
  4. I agree, 100%, with everything said in the “Devil’s advocate” section, with one potential disagreement: Beranger seems to be saying that patents are still a good idea for other technology industries, other than IT. There’s a point where he says something that calls that interpretation of his words into question, but if he’s saying that software patents should be eliminated but other tech industry patents should be kept, I have to disagree. Even so, however, I believe that the purpose of this editorial of his is best served by not challenging tech industry patents in general, since that would provide an unnecessary distraction from the important task of challenging software patents in particular.
  5. I similarly agree in large part with the commentary in “Detrimental to Linux at large”. I don’t see Novell’s actions as “betrayal”, however. To be a betrayal, Novell would have to have done something to be a trusted member of the open source community in the first place. It’s just a corporate organization bent on increasing market share and revenues (basically in that order), and nothing else. I don’t feel betrayed, because I never expected anything else from Novell.
  6. I similarly agree with everything Beranger has to say about GPLv3, and about the contradictory nature of the GPL’s relationship with the GNU/FSF “freedom 3”. I just wish more people would also notice that the GPL materially violates “freedom 2”, as well. Freedom 2 of the “four freedoms” (numbered 0 through 3) is The freedom to redistribute copies so you can help your neighbor (freedom 2). Because you can only distribute software released under terms of the GPL under specific restrictions, that means that you can’t freely distribute it. You can only distribute it when and how you are told to do so. Furthermore, “freedom 1” is The freedom to study how the program works, and adapt it to your needs (freedom 1). Access to the source code is a precondition for this. Clearly, Richard Stallman and his cronies are incapable of differentiating between a “freedom” and an actual ability to perform some task. You have the freedom to examine and modify something if nobody’s going to shoot you for it (for example). You have the ability to examine and modify something if you actually possess it — which is completely apart from freedom. In fact, until the recent attempts by organizations like the RIAA and MPAA to eliminate fair use entirely, fair use provided you the freedom to examine and modify software in your possession already, with the only restriction being on distribution. The so-called “freedom” to examine and modify that is stated in Freedom 2 is complete nonsense. So, yeah, I agree with what Beranger said about the GPL, but he left a couple of points out.
  7. There’s not much additional to say about the business model. The only really worthwhile comments I can add are that, first, Red Hat is the only Linux distribution corporation from that list that is both more than a handful of years old and actually pursuing a pure commercial support business model (as opposed to a productized sales model with support almost as an afterthought), and second, it wouldn’t be so difficult to make money hand over fist with a support-based business model for free software if the software had greater market penetration — as things stand, that’s really the only limiting factor.
  8. There are two perspectives one can take on package management (well, three, really). The first is that software management in the open source OS world is years ahead of that in the closed source OS world. Whatever problems you may have with APT, YUM, SMART, urpmi, YAST, or any of the other major package management systems and their associated software archives, such issues pale in comparison with the lack of functionality and the regular brokenness of software management with OSes such as MS Windows. The second is that, yes, there is indeed a dismaying lack of care taken with software archives and software management systems on many Linux distributions — in fact, as I pointed out in my dramatically-titled the decay of the Debian distribution, the distribution with perhaps the best record of software stability and the best binary package management system to date started suffering from increasing issues with package stability and software management system issues (though I’d still bank on its stability long before I’d even gamble on that of MS Windows). The third perspective, which I almost didn’t mention here, is that by choosing carefully one can find oneself wondering why so many people have problems. Using FreeBSD now, I find that the way software management is handled with this OS is more stable, more robust, and even more fixable and otherwise flexible and customizable than with any Linux distribution’s software management system, without sacrificing any ease of use. By the way, I’d recommend APT (with dpkg for low-level stuff) over aptitude any day of the week for someone that actually wants complete, and sane, control of the software management system. Finally, I don’t hold out any hope for the LSB providing a miraculous save — the LSB has become a political animal that incorporates stupid, pointless, powermongering posturing as often as logical, standardized solutions to problems of compatibility. It started out as a great idea, and was quickly co-opted by people with agendas almost completely unrelated to making Linux distributions in general the best they can be. Yes, it can provide true compatibility — but only at the cost of destroying a lot of beneficial characteristics of many Linux distributions.
  9. Not only is Debian’s “testing” branch usually more stable than Ubuntu’s supposedly stable releases, but it’s more stable than almost every Linux distribution out there. At least, it was — I’m not sure whether that’s still true, since the recent decline in Debian’s stability that I’ve previously noted. Of course, I have no problem with the existence of an “unstable by design” Linux distribution whose purpose is to stay bleeding-edge, even if Beranger doesn’t seem to like that idea at all — as long as other distributions (like Debian and Slackware) stay stable in practice. It’s about choice, after all. I, for one, am not a fan of the bleeding-edge, unstable approach either, but I don’t begrudge others their decision to pursue such an approach to their computing environment. If I did, I’d be talking sh*t about Gentoo all the time.
  10. I’m a little torn on the subject of eye candy and “user friendliness” (translation: newbie accessibility) in the open source world. I think eye candy and newbie accessibility are important, so long as they’re handled well and not in a manner that shoves these things down our throats. Ubuntu shoves this crap down the user’s throat — which is fine if it’s what the user wants, but not so great for me. What I want is efficient, stable, and designed to enhance productivity. I get that with FreeBSD. I can also get the eye candy and “user friendliness” from FreeBSD that is available with Ubuntu if I want it — though, frankly, I’d probably choose something that gives it to me by default. It would still be better to choose an OS that, while giving me these things by default, allowed me to quickly and easily eliminate them if need be. The reason I’d choose such a thing, given the option, is that I recognize the need for all of the above, and don’t merely dismiss eye candy and newbie accessibility in favor of the “correctness” I actually want — nor do I dismiss that “correctness” or sideline it in favor of eye candy and “user friendly” features. I’d rather have both Beryl and fvwm available to me in a given distribution, as well as everything between, rather than just the extremes at one end of the spectrum or the other. I want the option and the ability to choose for myself, not to have my choice dictated to me. Of course, I think Beranger might be misinterpreting some arguments. For instance, he complains about statements that Linux actually does some eye candy stuff better than Vista’s supposedly “revolutionary” new AeroGlass interface because Linux shouldn’t need to be sold on those terms. On the other hand, I’ve seen people mention exactly those comparisons as a means of pointing out, not that Linux is a better eye candy platform and should thus be used instead, but that Vista isn’t doing anything new and all the hype over its mostly productivity-irrelevant “advances” is ridiculous. Sometimes, you have to say “Oh, this open source OS does it better!” before anyone will listen to you when you say “. . . and it doesn’t matter, because eye candy doesn’t help you get anything done.” On the other hand, I worry that the noise over eye candy might lead to a decrease in attention on the stuff that really matters as well, sometimes.
  11. I share Beranger’s concerns over security. I believe — or at least hope — that the existence of an opposite extreme in open source OSes such as OpenBSD will help to provide a balancing influence, and will at the very least provide an alternative for anyone with a couple brain cells to rub together, but that doesn’t change the fact that crap like what Pardus and even Ubuntu have done to security is Not A Good Thing.
  12. I agree with the concepts illustrated in the hype vs. real needs section. I’ve long been less than impressed with the new run of “desktop search” programs as well. Maybe I should just solve the problem of search applications by creating a simple GUI front end to the combination of system search utilities that actually work — locate, grep, find, which, whereis, and so on (have I forgotten any?). It would certainly be easier and more reliable than something like Beagle, built on Mono. As for the extended complaint about email notification, Mutt seems to work great for me.
  13. I really can’t disagree with the statement that “our friends are our foes”, as Beranger put it. If someone really wanted to be a friend of the open source development community, he or she would just release something under a permissive license like the BSD license and be done with it. Aside from contributing to development with free-and-clear code and making use of the improving codebase him- or herself, that would be the end of it. Period. EULAs are not indicative of friendship. Friends don’t place conditions like that.
  14. I find the commentary about evidence of malfeasance from vendors and corporate supporters from open source software troubling. I can’t corroborate or dispute any of it, but assuming it’s all true (and I don’t have reason to expect otherwise at this time) I find myself agreeing with Beranger’s dismay.
  15. The FreeBSD Handbook is excellent — better than any closed source software documentation I’ve ever seen by orders of magnitude. The same is true of the Debian online documentation (manpages, et cetera). Help fora, mailing lists, and other discussion venues abound. Documentation is good, as long as you choose your platform in part for documentation. Luckily, the most stable, secure, well maintained systems also tend to be those with the best documentation. That’s true of Debian, more true of FreeBSD, and the reason I entirely believe Beranger’s statement about the OpenBSD FAQ. I see indications of the respect for manpages declining, as Beranger does — even with Debian, the single best manpage coverage in any open source OS I’ve ever seen, in some cases manpages are being sidelined in favor of info pages. One other note here: Why does Beranger seem to be looking for every opportunity available to say good things about EU countries (or is it just non-US countries in general?) and bad things about the US? That’s just gratuitous and unnecessary.
  16. I agree substantively with the statements about how the environment at large shouldn’t be directly affected by the stability of a single application, but there’s still a significant difference between crashing X in Linux and crashing the entire OS in MS Windows. As proof of this, recently working with someone on getting World of Warcraft running via Wine on a Debian GNU/Linux system caused the system to become unusable by a user sitting in front of the computer when a couple of issues manifested (specifically, I recommend you always close Firefox before playing WoW on Linux). Luckily, it was easily recoverable by using SSH to access the machine remotely and kill the relevant process. That’s it. No work in other applications was lost. The system was just fine, once the interface was freed up from a frozen WoW instance. Hardly Windows ME. As for unfixed bugs, I find them utterly unacceptable — in free unices as well as in Microsoft Windows.
  17. I’m not convinced that the Debian project mishandled the Mozilla trademark policy. My understanding is that Debian just chose to provide modified versions of Firefox and other Mozilla software under other names with different logos, like Iceweasel, to avoid trademark infringement. That strikes me as complying exactly with Mozilla’s trademark policy — which is, itself, not really so bad. There are some people associated with the Debian project who of course have bizarre extremist views about the Mozilla trademark policy and rail against it at great length, but that doesn’t necessarily mean that the Debian project itself, as a whole, is such a problem child. Of course, I haven’t really investigated the matter in any depth, so it’s entirely possible that I’m simply missing some important details that might give me a different perspective on the matter, but I don’t see that market share matters for anything other than as competition with something like IE. I’m also quite glad that the Debian Free Software Guidelines lead to consideration of software distributed under terms of the GPL only “conditionally free”. It’s true. If you want actual freedom, use something with a more permissive license, like the BSD license, the MIT license, or the CCD CopyWrite license. I hadn’t heard about the Dunc-Bank experiment, of course — but imbeciles like that should be considered a danger of business as usual, and accounted for. Community-based distributions like Debian shouldn’t be released on a commercial schedule designed to maximize new version uptake, as that’s only really important for revenue generation, anyway; instead, they should be released when they’re ready. In any case, all of Beranger’s prognostications and observations about the decline of Debian prompt me to say that I hope he’s wrong, and he may well be wrong, but I’m not confident he’s wrong. At least I have FreeBSD.
  18. He’s right about everything he says in the “freedom and myths” section, with a first read-through at least. That’s all I’ve got.
  19. A single example of something wrong in the state of Denmark (or Linux, more literally), as in the case of the 2.5.20 kernel, doesn’t prove Linux is t3h suxx0r. On the other hand, that strikes me as a piss-poor way to handle software advances, and I do like the concluding advice (switch to *BSD).
  20. I’d say Beranger should stop beating a dead horse (he already brought up kernel stability in previous sections), but this is a new point about the old subject, and such stability concerns are of paramount importance to me. As such, my reaction is simply: Yes. I agree.
  21. I’ve never seen much useful difference between KDE and GNOME, ever since I discovered other window managers. They’re both bloated, tightly coupled, messy, sprawling, cthulhoid monstrosities. I guess they’re probably a comforting transitional middle ground for those moving in from the direction of MS Windows, though.
  22. I can’t really comment much on the *BSD-related personal experiences of Beranger, of course. Not only are they his experiences, and not mine, but I haven’t even used any *BSD in much depth until fairly recently. For the most part, I agree with what he has to say that is more objective, or at least based on information that is more objective in nature. I do have one caveat to bring up, however. For instance, Theo de Raadt likes having at least one string attached, contrary to what Beranger says — the copyright on the installer format. That’s one of the major reasons I chose to try out FreeBSD instead of OpenBSD when I was looking for a replacement for Debian as my primary OS. Considering his approach to freedom only as it applies to software licensing, however, I must agree that he’s a lot more consistent and credible than Richard Stallman and friends. It’s where you get to the edges of what’s considered “software” that he starts getting annoying and inconsistent, really — and that, in itself, at least makes a certain amount of sense. Stallman and the FSF are just self-contradictory in general, and are liars, hypocrites, or simply not very clear on the concept of logical consistency. By the way, when Beranger said “As it was once said: the BSD license protects the freedom of the users, whereas the GPL protects the freedom of the code,” he was likely referring to me, as he referred to me once before on that same topic. Perhaps the most important point of this section of Beranger’s editorial, however, is the simple fact that arguably the most important lineup of open source OSes — the *BSDs — is marginalized and ignored by many self-appointed advocates of open source software.
  23. I’m basically in agreement with everything said in the section about the open source development community shooting itself in the foot, with the exception that Beranger should have stuck to commenting on licensing. Bringing up a software bug is hardly a very useful tactic here.
  24. On the occasions that I’ve bothered to set up suspend to RAM and disk capabilities in Debian, I had no problems other than the fact that, at first, I didn’t know how to set it up. It turned out that editing a file or two and installing one or two things via APT was all I needed, but it was at first not easy to find the needed information to set it up. If what Beranger says is true (and I don’t really have reason to doubt it), it sounds like I was one of the lucky ones. I intend to find out whether FreeBSD supports such suspend capabilities worth a damn at some point — but I expect that, if it does, it will keep doing so, and will not experience these “not working in this release” problems that Beranger describes for various Linux distributions. I have seen some indications of the sort of attitude GNU/Linux system developers have toward stability and fixing/breaking things that he mentions, though I think he may be overstating the situation a touch. I hope so, anyway.
  25. I certainly agree that we cannot turn a blind eye to the problems in open source software. If there are inaccuracies in what Beranger said, I believe they are honest errors, and not FUD (with the possible exception of his obvious distaste for US law as contrasted with his impression of law in other countries). All in all, I find a lot to think about in this editorial piece, and I’m glad he wrote it. I hope a lot of open source developers draw useful knowledge from it, rather than perceiving it merely as a personal attack and railing against it, while turning that blind eye to the problems in their own house.

That about sums it up.

All original content Copyright Chad Perrin: Distributed under the terms of the Open Works License