Debian Project Votes To Postpone Policy Changes

jonoxer writes "A little while ago members of the Debian project voted to make changes to the Social Contract. As previously reported on Slashdot, the end result looked likely to be a delay in the release of Sarge, the next Stable edition of Debian, until 2005. But on Saturday Debian developers voted to postpone the changes until after Sarge releases, effectively affirming that the changes need to be made but making a pragmatic decision to not let the next release be delayed as a result. The official voting page doesn't show the result yet, but it's been semi-officially announced."

What's another delay?

[mindstrm]

They are so far out of whack with reality, what's another year? who cares?

What they NEED to do is strip down the core distribution and produce major updates faster.

That debian is still widely used despite being in the stone age is a testimony to all the things they are doing right.. now they just NEED to get releases under control.

Re:What's another delay?

[perlchild]

Apt is "available" on other distros, but it's NOT the same apt that debian has.

Quite simply, because a deb gets through more QA before release, not to mention that the standard debian packages have the following advantages:

1) most debian packages manage config file changes by the user, and try to merge them(at least in unstable, not 100% sure about Sarge as of yet)
2) Debian's userid/tcp-ip ports management through dpkg catches more errors and allows better handling for special situations(like development boxes running several different kinds of web servers, for instance), that might just be my personal experience however(although the amount of work I had to perform to get 6 different types of webservers on a single debian box was lower than on any other distro I've tried by a large amount)
3) I take exception to your "What's the point of getting Debian stable, when it is so out of date?" statement. Until you replace stable with unstable, I read that as an oxymoron. Stable software was out of date last month, it is however, secure, usable, and third parties have had months to work out their alphas and beta phases, so now you can use it with your 12321322123112 machines with no worries that a bug hasn't been found YET. Not that Debian is IMMUNE to bugs, but up-to-date software IS rife with bugs(and if you're lucky, you don't wait too long for your fix). But with debian stable, that's confusing the security patches, with the next generation release, and that's bad juju.

The branch of Debian I notice you don't mention anywhere, is testing, which just might do what you think is Stable's job. For the rest of us, I'll go pray that some 3rd parties get a clue from Debian and start producing Stable branches of their software that break less often than their Unstable ones.

Re:What's another delay?

[csirac]

Sure, a shitload of packages filled with last years versions.

Most packages are less than 2 weeks behind official upstream releases. Gnome 2.6 took exactly 16 days to enter unstable after it was officially released by the Gnome guys. I was able to upgrade with the usual apt-get update && apt-get dselect-upgrade with absolutely no problems, as usual.

Sure, if two weeks isn't fast enough for you, you can add an experimental source in /etc/apt/sources.list, which I've done recently to install GCC-3.4 so I could test it's FPU code performance.

But then again if you're such a version number junkie you probably don't care about getting real work done and so Debian may not be the best distro for you.

If you venture outside of the debian cult compound you will find many Gentoo and FreeBSD users who "made the switch" away from Debian in the last couple years. Shit some are even going to Fedora! Debian is definitely hemorraging userbase but slackware has shown theres always enough fanatics around to keep a project going long after it's relevance has expired.

Sure... That's why Knoppix/Debian are a close 3rd/4th behind Mandrake/Fedora on distrowatch? I suppose Gentoo and SuSE are distros with a "hemorraging" user base who's relevance has also expired?

Debian has never been a distro for everyone and I think the same people who stuck with Debian years ago are the same sorts of people who will stick with Debian in the future. With the growth of the 'net and increased awareness of Linux, all distros are under much higher scrutiny from a much broader crowd of people looking to try out Linux.

Regardless, Debian undoubtedly remains the best Linux distro on non-x86 hardware, and certainly holds its own amongst the more x86-centric distros. It has excellent QA and the best quality packages with hassle-free upgrades that I've seen on any distro. I haven't tried to use Gentoo seriously; I didn't like the way it liked to smash config files in /etc.

I've got another rant post that might help to explain the difference between unstable/testing/stable to you.

Cheers

Re:What's another delay?

[Dwonis]

Debian zealots claim that apt is what makes Debian great, however other distros have had it for years now.

You usually shouldn't put too much faith in zealots, you know.

The primary benefit of Debian (at least, to me) is not apt. It's the fact that Debian had apt several years before any other distro did, and that Debian *continues* to be (IMHO) the leading distro in terms of system integration and ease-of-administration (for power users).

Debian Policy, and the fact that almost all the software I use is packaged according to this policy, is the single most important reason why I continue to use Debian.

Oh, and if you're looking for something almost as new as unstable, but that isn't unstable, I suggest you try the "testing" branch. (On most of my machines, I run testing, plus the odd package from unstable.) The easiest way to do this is to put something like the following in /etc/apt/preferences (note how I specifically designate that the mozilla-firefox package is to come from unstable):

Package: *
Pin: release a=stable
Pin-Priority: 405

Package: *
Pin: release a=testing
Pin-Priority: 405

Package: *
Pin: release a=unstable
Pin-Priority: 401

Package: mozilla-firefox
Pin: release a=unstable
Pin-Priority: 501

Re:What's another delay?

[areve]

Thank's Anonymous Coward, I use debian testing and occasionally some packages from testing and some more from mentors.debian.net and I've had better stability from packages than any other distro i've tried. Which I won't name here... they all have pros and cons. I like debians stable stable version. If i'm running a server I'd rather have a rock solid debian system with all it's out of date packages than have the latest kde/gnome versions on it, cos it's gonna be running ssh apache etc...

Re:Bad for Debian?

that sound you just heard was the clue flying over your head.

yes, the move to postpone changes so as to not delay the release will someone put it farther behind.

I bet you also think 2+2=3

this is excellent news

[chef_raekwon]

Debian is probably the best/most stable GNU/Linux available, and if a sarge ver can accomodate the world--the better we are for it. as a redhatian, turned debianite...I'd say we are on the verge of a major breakthrough...

Re:this is excellent news

[myowntrueself]

"Debian is probably the best/most stable GNU/Linux available,"

only if you stick with debian 'stable' and are, therefore, prepared to use outdated packages.

If you want something new, go to 'backports' or to 'unstable' and, uh, lose stability...

Re:this is excellent news

[OverlordQ]

Even unstable is pretty damn stable for me. Unless you're running some completely obscure configs, I've never had a problem with unstable. The box only reboots when the power goes out.

Re:this is excellent news

[pyrrhonist]

The box only reboots when the power goes out.

That's way too unstable for me. Don't they support a UPS? Sheesh.

</satire>

Re:this is excellent news

[nihilogos]

If you want something new, go to 'backports' or to 'unstable' and, uh, lose stability...

Stable with backports of things that I really want latest releases of, like gnome and firefox etc, is my setup of choice.

"Unstable" just means "we haven't tested and tuned it for years to the point where we stake our reputation on it being stable." It doesn't necessarily mean you're "losing stability", it means you're losing their assurance that it's stable.

I've been using stable with backports of XFree86 and gnome on my laptop for 2 years without a *single* crash.
I p

I have been using stable with

Re:this is excellent news

[MrNemesis]

Hear frickin' hear!

(Disclaimer: I use Debian and Gentoo exclusively)

I am *so* sick and tired of all these "stable is hideously outdated" anti-debian trolls. Stable is designed to be used for production systems where downtime is *very* expensive; in my experience, it doesn't go wrong through b0rked dependencies, bugs in software, poor package management, high server load, anything. It just keeps on chugging along. I wouldn't like to run a working desktop on it, but I don't believe that's stable's target audience. Stable is designed for a practically zero-maintenance approach. You can use Cron to automatically keep every single app on the entire computer up to date with the latest releases and (most importantly) security fixes. Our file and outward-facing web server both run stable.

The other important Debian machines in the office run Testing - the cross between unstable and stable. Testing has proved incredibly solid as a desktop OS used for image processing, and the packages are what? A month or three behind the original release? And they don't break your system like unstable (rarely) does. We use testing for our image procesing boxes and our internal development servers.

If you're pissed off that stable has outdated packages, then you're not part of it's target audience. Those of us who care for incredible reliabilty and pain free administration at the expense of the biggest numbers *are* the target audience, and if the rest of them are anything like me I know they will hate all these "latest version of everything" wanting to bring down the reputation Debian has worked so hard to achieve. Stable is there because that's what a significant version of Debian users want; use testing, unstable, or roll your own version of Debian - it's not like no-one else has done it (Knoppix, Xandros... there's dozens).

Oh yeah, the Gentoo thing. I like to use it for my home desktops cos it's very up to date and very easy to customise. Even the "stable" stuff breaks sometimes (for instance, the new stable gentoo sources, 2.4.26-r3, kernel panics my machine whenever my PVR-250 stops recording - never been able to fix this one, so had to roll back to 2.4.25-r3), but uptime and reliability and round-the-clock processing capabilities aren't essential on my desktops. They are, however, essential in my file/DB server. Guess what that runs...

Re:Bad for Debian?

[alphan]

your point being?

are you talking about social contract or postponing it? how can postponing can be bad for debian desktop usage?

for the former, Debian is very strong all over the world, so if debian starts enforcing social contract, most developers will have to fallow Debian rules in order to penetrate to debian repository. finally, just for you information, new debian installer is much better than knoppix hd installer.

YES!

[jjeffries]

I love debian, and have it on about 30 or so machines. The way Stable is maintained, well, rocks. However, as time has gone by, stable has been getting less and less suitable for anything but the simplest of servers. Now I have production machines running testing, which along with other faults, doesn't provide timely packaged security fixes (my primary concern.)

When I heard that a policy change might delay the new release until next year, I was really bummed. That's my one big debian problem--the politcs seem to gum up the works all too frequently. I'm glad to see that this will be put aside until the very much needed next release. YAY DEBIAN!

On a side note, anyone ever take an up-to-date testing machine and convert it to stable at release time? Did it, uh, work?

Re:YES!

[calc]

If you just use the release name instead there is no conversion that happens.

Eg:

deb http://http.us.debian.org/debian sarge main contrib non-free

Re:YES!

[Elivs]

On a side note, anyone ever take an up-to-date testing machine and convert it to stable at release time? Did it, uh, work?

Due to the elegance of Debian this sort of thing is completely painless. I've personally done this on several machines when "woody" became "stable". Its easy to do because when "testing" finally becomes "stable" all that changes in the archive is that symlinks all change.

Currently:
testing -> sarge
stable -> woody

After the release:
stable -> sarge.

As an end user you have the option of tracking either by "testing/stable" or "woody/sarge". To do what you want should track "sarge" rather than "testing". The best method is to use "real names" in your /etc/apt/sources.list. That is, make all occurances of "testing" (or "sarge") all read as "sarge". This way you won't even need to know when "sarge" becomes "stable", all that will happen is your updates will suddenly become less frequent and all updates will be for security.

Elivs
PS- sorry about tpyos and poor formating I having a busy day.

Debian should take whatever time it needs

[starseeker]

Debian is something different from most other Linux distributions - it is the absolute high ground, the place which could withstand a legal flood that would wash away any other distribution in existance. That is its function, in my view. There is Redhat/Fedora for pragmatic server use, Mandrake for latest and greatest and friendliest. Debian is adhering to a PRINCIPLE.

Most of us don't like adhering to principles - it really sucks because you have to give up things. In this case you give up convenience and non-free software being hidden safely in the background. For many people that price is too high. That's fine - use another distro! There are others who cater to that. Anyone using Debian has no business objecting to that philosophy - it is the primary reason Debian exists. People not contributing it have no voice at all, nor should they expect one. Think they're dumb for not being pragmatic? Guess how much that matters.

Debian is what happens when you take potential legal problems to heart and try to do what it takes to avoid them. I rather suspect that Debian ultimately wants there to be ZERO chance of any successful lawsuit about anything in the distribution, although I don't know if that is an explicit policy. That's hard, in our society. (What they probably REALLY want is no chance of a lawsuit being brought against them period, but the laws of the US at least don't allow that.)

Debian is about Freedom first, and software second. I see no problem with them releasing and then implimenting the policy changes, since there is not likely to be any increased risk compared to their current release. But if I'm wrong for whatever reason, they should ignore all critics and take whatever time they need to Do It Right. That is done too little nowadays, particularly in Free Software where theoretically Doing It Right is the motivation.

Re:Debian should take whatever time it needs

I rather suspect that Debian ultimately wants there to be ZERO chance of any successful lawsuit about anything in the distribution...

You more or less nailed it. See, Debian themselves doesn't distribute material. Debian's ftp-masters group does; the ISPs who donate very large amounts of bandwidth and hosting for all of Debian's servers. In exchange, Debian gives then a best-effort to verify that there is and will never be a problem with any of the material that Debian asks its generous donors to redistribute.

The ftp-masters group is politically very strong. They can overrule any Debian Developer's decision, the Technical Committee, or even the Project Leader himself. They are where the rubber meets the road and as such, their decisions on what packages they distribute--and how--are final. The only recourse for Debian is to reject that server and remove them from the list of official servers and mirrors.

The primary purpose of debian-legal is to service the ftp-masters. Because without distributors, Debian can't reach any audience.

Re:Debian should take whatever time it needs

[Anonymous+Sniper]

No, it isn't.

Debian/Unstable is downright fantastic for my desktop as I'm a tinkerer...

Debian/Testing is great for general purpose desktops

and Debian/Stable is perfect for servers - I don't have to worry about software changes, and there is always backports.org if I really need something not in stable (e.g. amavisd-new / postix 2.0)

Re:Debian should take whatever time it needs

We see the 'high ground' a bit differently. I think Red Hat who spends 1/5th of thier revenue on R&D back into the community is huge, all GPL software, all free as in speech just like Debian except they give back a magnitude of software more. The knee jerk reaction is companies don't have principals but some of them do really good things with the money we put into them.

Re:Debian should take whatever time it needs

[miope]

Do you Administer Debian servers in your job, or do you use some of the Distros that (by your own words) are more suitable for pragmatic use?

Well, maybe you should know that Debian is the ideal distribution to use in servers, thanks to his excelent package administration. The problem is that nowadays we have to use Testing or Unstable (!) in servers since the last stable release is too old to use, and not all is backported.

You also said that Debian is about Principle, that Debian seeks to avoid legal trouble, etc. That's, true, and I agree with that; that's one of the things that distingue Debian from other distros, and this was one of the reasons that made me a Debian User.

But I think that you are making a dangerous mistake when you say that "Debian is about Freedom first, and software second". No! Debian is about Freedom *in* Software. Debian will be of no value if its only a group were people meet to talk about Freedom (and do nothing), or if its so outdated that nobody uses it. Nobody said that you should be non-functional in order to be idealistic.

One of the good things about Free Software is not only that its morally correct, but that it *works* , and it works better than the (not so moral) propietary alternative.

So, congratulations to the Debian Team for the results of the voting!

Re:Debian should take whatever time it needs

[jmorris42]

> Debian is something different from most other Linux distributions
> - it is the absolute high ground,

Oh really now. Do you know how many non-free packages RedHat is currently shipping in their ENTERPRISE distribution? Since you obviously don't know the answer, I'll fill you in; exactly the same number as Debian is shipping. Ok, how many non-free packages are in Fedora then. Another ZERO, so much for your line of argument.

Of course there are some differences. RHEL (or a rebuild like my own WhiteBox or Tao and cAos) is new enough it will actually install on modern hardware. Meanwhile Fedora is at least as bleeding edge as Sid.

Not saying Debian isn't a good distro. I currently have a machine installed with Woody and find it very stable. But lets get a grip on the FanBoy hyberbole.

Good News!

[Bongo+the+Monkiii]

But on Saturday Debian developers voted to postpone the changes until after Sarge releases, effectively affirming that the changes need to be made but making a pragmatic decision to not let the next release be delayed as a result.

This is a super example of how open source products can, when properly managed, be much, much more nimble than a lot of proprietary offerings. Look at the Longhorn delays. That's not going to come out until approximately the same time the Sun becomes a cold, dark chunk of coal (that's a joke, please don't flame me :) ).

The smaller, more flexible systems that are characterized by Linux-based OSes, however, can quickly adapt to all sorts of changes.

Re:Good News!

[BJH]

I think you meant to say, "When Longhorn comes out, Sun will be worth no more than a chunk of coal" ;)

Ramble on

[mcpkaaos]

Let's just hope this next edition of Debian is easier to deal with than this article's summary.

YEAH!

[3141]

This is fantastic news, absolutely fantastic.

As the current version of Debian is obviously not compatible with the new policy decisions, it is not as if releasing one more version with the same incompatibility will be such a big deal.

I agree that Debian should be as free as possible, but if what is currently released was all right a few years ago, then it will keep for another year or so.

Assuming, of course, that the next release comes out in about a year, which would be a GOOD THING. One major upgrade a year is fine. Once a month would be far too unstable, and even once every six months would be unnecessarily unstable for Debian, IMHO.

(I am not a Debian developer, but I do maintain about thirty Debian machines. My opinions are based on this.)

Re:Bad for Debian?

[jrockway]

> I bet you also think 2+2=3

For small values of 2, it does!

Re:Sarge postponed?

[Pharmboy]

Is Sarge becoming the Half Life 2 of Linux distros?

That is silly, there is NO comparing the two. Everyone knows that Half Life 2 WILL be released someday.

We need two sub distros

[AtlanticCarbon]

This is good news. Alas, it will still have been too long when Sarge comes out.

I've heard others elsewhere suggest that there should be a server distro and a desktop distro in Debian. I like the idea personally.

Yes, I know about testing and unstable. I use unstable as my desktop. However, I'd like to have reasonable recent software without dealing with the constant moving target that is unstable. I'd like to see a desktop version that is updated every six to twelve months and that isn't held to the same standards the server sub-distro would held to. I think unstable updates too often. Stability is also a factor. Yes, unstable is relatively stable, but you have to keep close watch on incoming packages to make sure they don't break something.

This would also allow for docs to be made for the majority of Desktop Debian users who don't seem to be using stable.

Re:We need two sub distros

[jmorris42]

> I've heard others elsewhere suggest that there should be a server
> distro and a desktop distro in Debian. I like the idea personally.

Sarge is planned to weigh in at about 14 CD-ROMs. Obviously that is too much. Even a server/desktop split won't solve that problem. But instead of just being a "Negative Nancy" I'll propose something that might work.

Break up Debian into several components, each with it's own manager and release schedule, except all would obviously have to co-operate with the core LGX component.

Debian LGX (Linux/GNU/X)
The Linux kernel, key system utils, etc
The GNU tools, compiler, glibc and everything needed to have a command line environment.
X11 and the fundementals, xlib, xterm, twm, etc.

Debian Server
All of the server components, kept in one large collection because many depend on each other.

Debian GNOME
Just what the name implies, gmome & gtk libraries, GNOME and key GNOME apps.
GNOME, gdm, Nautilus, Mozilla, OO.o

Debian KDE
Just KDE & it's key apps.

Debian Utilities
Important utilities that do not fit into one of the other catagories.

Debian Extras
Everything that didn't go anywhere else. It would be understood that CD distributions would be free to edit down the selection from here in the interest of space. Most probably wouldn't carry any from here, best to let apt-get pick up the few each machine needs.

The key idea would be to make the promise that, except for Extras, none of these would exceed one 700MB CD-ROM image for both i386 binaries AND source. This sort of space limitation would force some very hard choices, pruning the packageset to just the essentials. It would also give maintainers the weapon they need when the whinging starts about package foo not making the cut. They just ask the complainers which OTHER package(s) should get cut to make room for their favorite. Then when those packages' fans come out of the woodwork the maintainer can leave the ensuing flamewar and get back to work for a few weeks while it sorts itself out.

However, while Extras itself wouldn't have a size limit the whole of Debian should be constrained to what can be held on a single layer DVD-ROM. Any OS that won't fit on a DVD is too fscking big and we end up with the Sarge problem again.

focus

[SuperBanana]

It seems that Debian based distros have been taking off (especially live CD based ones, which install much more easily than Deb). Won't this just put it farther behind?

If I had to pick one great failing in the business world, it'd be "too many irons in the fire". Many a company has tried to sell you everything and anything- and thusfar, the only company to do it successfully has been Walmart, and that's at least partially from stepping on their workers like they're dirt, but that's another story for another time.

Debian excels at being reliable and "serious". I don't use it because, unfortunately, it's not even -remotely- close to current; it's about two weeks shy of two years old. However, it is serving a specific market, and it should not pander to trying to please everyone. Mandrake is worse, in my opinion- they still want to be everything from your desktop to your server; they excel in the desktop arena, and that is where they should focus for the same reason.

Do one thing, do it well- and never have to worry about pleasing everyone, having conflicting goals, etc. You'll never have to say, "well, this configuration system will never be understood by new linux users!"- because your market is experienced linux users who will appreciate extra functionality (by the way, this is a mythical example).

I've never used Debian, but understand the advantages and have a few friends who prefer it. I like and use Mandrake on desktop systems I have to use regularly; my personal "servers" get Gentoo. Redhat is what I use for business/enterprise stuff.

Re:focus

[Hast]

A problem is that the different distros have very different definitions of "stable". Unstable is about as unstable as a version x.0 release of another distro. Ie it should work but there may be some bugs or misses in there and if you are unlucky you will run into some of them. Use it if you want an excuse every now and then to learn how to handle the system manually.

Testing is where most other distros and OSs are. Sure there is the occational problem but it is rare. Stable is what most other distros and OSs do not even have. I guess BSD is the best comparison. You use stable when you can not afford it to crash due to software.

If you run mission critical stuff on Windows or other distros you can just as well run it on Debian Testing. Naturally you should take the precaution of havning a separate server you can use to test significant updates on first, but that is true for any mission critical stuff. And Debians apt-get system makes it easy to do this quite painlessly. (More so than many other distros and much more than Windows systems.)

Not that you have to switch to Debian, but your understanding of the issues involved is not quite complete. BTW you can do your own compilations with Debian as with Gentoo, you use use "apt-get source" instead of "apt-get install".

The biggest differance between Debian and RH etc is that the other big distros have a company behind them. That tend to make people calmer about dealing with them for some reason. (I can not really see why, AFAIK no company has been successfully sued for distributing buggy software.)

Re:Bad for Debian?

[nutznboltz]

Aren't longer release cycles better for production enviroments? If you have 500 servers do you really want to update every month (except for critical bug fixes which you can get by putting apt-get in a crontab)?

Voting mechanism

[ChrisCampbell47]

As with many things Debian, it is completely awesome that they choose to use the extremely logical mechanism that they use for voting and picking the winner. It looks like a form of instant runoff voting, which is a beautiful way of getting a winner that the most people are reasonably happy with, even if it isn't their first choice. In other words, it eliminates the "spoiler" problem where a no-chance-in-hell choice on the ballot (e.g. Nader) draws enough votes from the other similar candidate (e.g. Gore) that the election ends up falling to the candidate DISliked by the majority (e.g. Bush). There is no such thing as a "wasted" vote.

Click the link above for a better explanation of instant runoff voting (try the flash demo). It's ultimately the best way to get what the people want. I love that the IT organizations (Debian, ACM, IEEE) are using this!

Re:Voting mechanism

As with many things Debian, it is completely awesome that they choose to use the extremely logical mechanism that they use for voting and picking the winner. It looks like a form of instant runoff voting, which is a beautiful way of getting a winner that the most people are reasonably happy with, even if it isn't their first choice. In other words, it eliminates the "spoiler" problem where a no-chance-in-hell choice on the ballot (e.g. Nader) draws enough votes from the other similar candidate (e.g. Gore) that the election ends up falling to the candidate DISliked by the majority (e.g. Bush). There is no such thing as a "wasted" vote.

Click the link above for a better explanation of instant runoff voting (try the flash demo). It's ultimately the best way to get what the people want. I love that the IT organizations (Debian, ACM, IEEE) are using this!

Every time there is a Slashdot story about a Debian vote, someone plugs Instant Runoff. Debian has not, does not, and will not ever use Instant Runoff. Instant Runoff suffers from major flaws, and its only real effect is to allow symbolic votes for compromise candidates while effectively taking them out of the running. The primary difference between Condorcet and IRV is that IRV completely ignores everything but your top choice, until that choice is eliminated. This means that with IRV, if you have a favorite third party as well as a preference between the two primary parties, such as (Libertarian,Republican,Democrat) or (Green,Democrat,Republican), you are hurting the ability for your second choice to win over your third choice, because that preference is completely ignored until your first choice loses. This has two effects: when your first choice is weak, your vote for them is meaningless; when your first choice is strong, but not strong enough to actually win, your first choice could eliminate your second choice (Libertarian beating Republican, or Green beating Democrat), and then your last choice would win (Democrat beating Libertarian, or Republican beating Green), completely ignoring one of your preferences. This means that the only way in an IRV system to successfully express a preference in the two-party race is to rank one of the two parties first, which is the problem we have now.

To quote electionmethods.org:

Until a minor party is strong enough to win, a first-choice vote for them is essentially only symbolic. After a minor party is strong enough to win, on the other hand, a vote for them could have the same spoiler effect that it could have under the current plurality system. Hence, if IRV is ever actually adopted, we will likely remain stuck in the old two-party system [...]

Instant Runoff also has another major problem: results cannot be tabulated locally. In all good voting systems, if you tally the votes from one county, tally the votes from another county, and add the totals, then the results will be the same as if you had tallied all the votes together. With our current "plurality" system, the tally is an array of length N (for N candidates). With Condorcet, the tally is an NxN matrix. With IRV, however, one cannot just keep tallies, because a ballot is not equivalent to a set of pairwise votes; instead, one must either use a tally of size N! (one for each possible order), or just track every single ballot. This makes IRV highly impractical as well as being technically inferior to just about every other system.

Debian uses the much better Condorcet voting system. Like IRV, Condorcet gathers a ranked list of candidates from each voter. However, Condorcet looks at _all_ of your preferences at the same time. It treats the voting process like a set of two-candidate elections between every possible pair of candidates. This means that in a three-candidate election (Rep/Dem/Lib, for example), a vote for (Lib,Rep,De

Why?

[BassZlat]

Software is... software. Its not a cure for some social ills, its purpose is defined by the usability it brings to people.

Software which places such usability in second place becomes something else.. a propaganda tool perhaps? If Debian continues to keep such course, the only reason I see for using it is to make a political statement.

I wish the Debian project would stop pretending and become a political party or something.

Re:Why?

[dvdeug]

Software is... software. Its not a cure for some social ills, its purpose is defined by the usability it brings to people.

And free software brings more usability to people by being free.

In any case, everything is just itself. Cotton is just cotton, whether it's grown by slaves or free farmers on their own farm. That doesn't mean that what we use and how we choose it doesn't have consequences.

Re:Why?

[be-fan]

Well, it's obvious that you disagree fundementally and irreconcilably with the Debian developers. To them, software *isn't* just software, but critical infrastructure in a modern society that is increasingly dependent on computers. When a tool becomes so pervasive that there are serious social ramifications involved in doing without it (consider, for example, disadvantaged children who cannot afford computers), then it becomes something a bit more than an ordinary tool.

Why Current Debian users don't mind that much....

[garagecartel]

A while back while reading in an issue of "Linux User & Developer," I read an article about how bad the install was for first timers installing Debian. It went over one of the readers hard times, troubles, etc. After the user finally coming to a completion with the install, they made a comment that made so much sense to me. With the greatness of apt-get literally letting you uprade anything and everything, once you have debian installed, you never need to reinstall. That's probably why most users don't really bother with a new installer, because for one they're already se and won't have to deal with it anymore, and because secondly...Even the thought of the installation process invokes uncontrolable goose-bumps....:P

That's not what unstable means.

[mindstrm]

Unstable does NOT mean it will crash, not at all.. unstable means the layout and dependencies are not stable, and prone to change from update to update.

I cannot afford to run an update and have dependencies break partway through.

As a workstation, I would not hesitate to run unstable, not at all.. as such quirks can be easily dealt with.

Yes, I can test on another machine.... but that can be difficult in practice.. a certian level of stability of updates is needed.

Fixing things by hand is very difficult..

Yes i am perfectly capable of building from source, or using another package format... or using backports from somewhere else for updated packages.. but that defeats a large part of hte purpose for running debian.

That's pretty cool

[Grell]

I mean, it obvious they really care about the contract. It's obvious many users are not _as_ interested in waiting for the contract to be reexamined.

So they move Sarge while agreeing to discuss it at a later date.

When's the last time you saw something this internally important to a project drag a project down in flames? How many other non and for profit organizations have torn apart/forked or become non productive over such a dispute?

It's a nice compromise and I'm glad they're willing to be so reasonable about it.

As far as being out of touch, hey slow and steady is still a winning strategy for those willing to wait. *

~G

* glances at apt source.list for all the lovely unstable bits.. I'm not one who likes waiting tho' ^_^

Re:a bit of common sense

But as I understand it (I don't use Debian), FreeBSD's stable is less "stable" than Debian stable (in that it's updated a lot more). FreeBSD STABLE is still a branch where potentially big changes are made, and it's possible to cvsup a broken setup. What seems to be a more adequate comparison is FreeBSD's RELENG. RELENG is basically frozen in time at a particlar release (RELENG_4_8 for example, corresponds to 4.8-RELEASE), and is only updated with security/stability fixes.

*Sigh*

[BradlyLane]

reading through these comments i wonder: When will people learn that debian/stable is not contain the latest and greatest software?? "stable" in terms of debian the distro means that no major amounts of software are changed, it only gets security updates. the packages in the stable tree aren't changed, so therefore it's stable.

if you want the latest and greatest software, run debian/unstable. "unstable" doesn't mean that the software itself is unstable, it's just that the packages in the unstable tree are changed/updated often, hence calling it "unstable". debian unstable contains all the goodies that are in the latest versions of other distros, like kde 3.2, gnome 2.6, etc, etc.....

also, yes, all the packages in sarge may fill 14 cds, but you don't need to download all of them. all you need to get is the net-installer iso (around 100 MB) and then download only what you want. so set up the base system with the net-install cd, then the latest versions of whatever you want are just an apt-get away.

sorry for the rant, but people unfamiliar with debian are often misinformed or make unfair assertions.

Re:*Sigh*

[GregChant]

Sometimes I wonder if it would be better for Debian to call the stable branch "frozen" instead. It'd disspell a lot of the myths about how Debian is 4 years behind the times.

But then again, some of the Debian core developers think the world should conform to them, not the other way around... :-/

Re:*Sigh*

[GregChant]

My number was hyperbole, but people think Debian is behind the times because the last "stable" release, Woody, came out in 2002. A lot has happened in the Linux community since then (Woody came out when Linux kernel v.2.2 was still all the rage). However, they neglect to realize that you use the stable branch if you want a rock-solid platform, not a platform with the latest software versions.

For everything else, you should use the unstable branch, not stable. Unstable tends to have releases all the way up to the day the source was released for most packages.

Re:*Sigh*

[shikan_taza]

Amen to that. I ran Debian Woody for about two years, all the while thinking that 'unstable' meant 'prone to crashes' (I know, I am dumb). I moved to Mandrake 10 CE recently, and am happy with the latest GNOME, KDE, etc. I feel that the Mandrake bootsplash package has sucked up part of my soul, though :-)

Re:Paralysis by Analysis

[GregChant]

The installer was redesigned in Sarge, and should be much easier to use.

And you don't have to download all 14 CDs: only do so if you a) have a penchant for pain or b) are obsessive with hard copies of things.

You only need the first CD to have a working stable system, and Debian sorts its packages based on popularity, so most likely, you'll find what you need within the first 4 CDs.

You could also just use apt-get and an http or ftp source, but I guess that would be too convenient.

Out of date? Compared to what?

[csirac]

Alright, this really shits me.

Exactly WHAT part of Debian is out of date? It's not the packages, that's for sure.

I use Debian unstable. Do you actually know what the "unstable" part means? It means that the contents of the "unstable" packages are probably still changing! Does that make it any less usable? When you're admining 20 servers, you probably don't want your PostgreSQL database server to suddenly become incompatible with your data due to a format change. (aside: debian upgrade scripts can try to automagically dump/re-import your old database for you)

But compared to a desktop OS like Fedora? NO! Debian unstable is absolutely FINE for desktop usage, despite the "unstable" label.

So why is it called "unstable"?

It may be because upstream is still changing fundamental parts of the app, such as when the new exim4 (at the time) decided to split the config files up. You can't put that in "stable" can you?

Or it may be because the Debian package maintainers haven't figured out the best way to package something according to Debian policy, like when the vim package suddenly decided to break into multiple packages separating out arch-independant/doc related stuff to avoid duplicating data on the mirrors.

I'm sure there are better examples, but the point is, when comparing Debian vs DesktopLinuxOS like Fedora, compare Debian Unstable.

If you do, you will find that package updates are plenty and timely. I think the kernel images are barely even a week behind the kernel.org releases. Gnome 2.6 took a while, about TWO WHOLE FRIGGING WEEKS. How much faster do you want?

If, for example, you want the latest GCC 3.4 which I'm guessing isn't considered "ready" to replace GCC-3.3 as the default compiler, then just add an experimental source in your /etc/apt/sources.list! It's as easy as that. apt-get update, followed by apt-get -t experimental gcc-3.4. DONE.

Geez, why after all this time do people still not GET Debian.... it's enough to make somebody ANGRY

Re:Out of date? Compared to what?

[Bishop]

Debian unstable (Sid) is not absolutely fine for desktop use. Unstable does break. Recently Samba and parts of KDE could not coexist due to print library dependancies. This is not acceptable for computers that are used for work.

Debian stable is ancient. There have been some nice software updates in the past two years. Using backports.org is a solution, but has its own problems. The quality of backports is not garanteed to be as good as Debian proper. More importantly security updates are garanteed to be released promptly.

Just because unstable is acceptable for your use, does not make it acceptable for the rest of us.

Re:Out of date? Compared to what?

[bioglaze]

>Debian unstable (Sid) is not absolutely fine for desktop use.
>Debian stable is ancient.

Then why not use Debian testing? It doesn't break that often and is relatively new.

Re:Out of date? Compared to what?

[DavidNWelton]

Debian testing does not get security updates.

Re:Comparison between Debian and Gentoo?

[Hast]

Try Knoppix! You burn a bootable CD and can run the entire OS from CD. This will let you play a lot with Linux so you can decide on if you want to use it in the future. Knoppix is based on Debian and can play basically any file (except RealVideo and Quicktime sorenson, but that is due to legalities). Standard Debian is not that easy for the beginner, not sure if Gentoo is better. The new installer for Debian is good though, and it makes installing pretty much painless.

Re:Bad for Debian?

[0racle]

#include <stdio.h>
int main(void) {
float num = 2.56;
int five;

five = num+num

printf("%d\n);

}

Obviously its not really 2+2=5 but by the way C, and possibly other languages, cast from a float to an int, it rounds up, hence the reason this shirt says what it says.

In the sense you're thinking of...

[rsilvergun]

a release cycle has little meaning to the Debian project, since anyone with the skills to install Debian and the patience to learn it's package management system can easily update a system to whatever they want. The only reason for Debian to do new releases is to bring the project in line with it's Social goals.

This is why when someone says they run Mandrake or Redhat, they'll tell you the version (8,9,10, etc), but if you ask a Debian user they'll just say 'Debian' and leave it at that.

Re:Comparison between Debian and Gentoo?

[dmaxwell]

I would say they are remarkably similar. The two biggest differences seem to be that Gentoo is source based and only seems to have one main subdistribution. Debian is binary based although any package can be recompiled from source pretty easily. Debian Unstable and Gentoo would give you the best apples-to-apples comparison. I'm not a Gentoo user so I can't advise you there. I will point out that the following source list for Debian's apt tool will get you easy access to fully compiled packages of mplayer and the w32codecs:

deb http://http.us.debian.org/debian unstable main contrib non-free
#deb-src http://http.us.debian.org/debian unstable main contrib non-free

deb http://non-us.debian.org/debian-non-US unstable/non-US main contrib non-free
#deb-src http://non-us.debian.org/debian-non-US unstable/non-US main contrib non-free

# Blackdown java port
deb http://www.tux.org/pub/java/debian sid non-free

# Cinelerra/Media Players
deb http://lpnotfr.free.fr/debian ./
deb ftp://ftp.nerim.net/debian-marillat/ unstable main
deb http://www.kiberpipa.org/~minmax/cinelerra/builds/ sid ./

Once your desktop is configured to taste, I think the following will do what you want with the preceding in your /etc/apt/sources.list:

apt-get install mplayer-586 mplayer-mozilla w32codecs mozplugger acroread timidity mikmod sox j2re1.4 flashplugin-nonfree

If you want Shockwave as well, you'll have to pony up for a copy of Crossover Wine.

That gets the software to playback most anything and the ability to do it within a browser as well. Watching trailers on apple.com even works well.

Tuning:

mozplugger and the mplayer plugin are redundant in the video department. It won't hurt anything to skip this step but I do it anyway. Edit /etc/mozpluggerrc and comment out all the lines that handle video MIME types. The mplayer plugin does a better job. You want have all of this installed before running the Mozilla or Firefox for the first time for maximum painlessness.

Assuming you have a well supported video card (Nvidia and Matrox work well from personal experience), edit /etc/mplayer/mplayer.conf and set vo=xv. This will enable hardware scaling for watching videos. Leave everything else in there alone.

Re:Is this true?

[Dwonis]

Is this true? I'm not saying it isn't -- just wondering if anyone who isn't an anonymous coward will back it up.

I think it is. It's not explicitly stated in the Debian Constitution, but IIRC every new package that is uploaded must be approved by the ftp-masters before it will be added to the archive.

Are there any instances of the ftp-masters insisting on things that the most of the rest of the project doesn't want?

Not as far as I know. The ftp-masters don't really hold any ceremonial power. They just collectively control the distribution system; if the ftp-masters refuse to allow a certain file to be on their machines, then that file will effectively not be in Debian. It's similar to how CmdrTaco effectively controls every post anyone makes to Slashdot. Although he doesn't have to specifically approve posts, if he deletes your post, there's nothing you can do about it.

It's more of a "sysop == God" thing than anything else.

What 'stable' really means'

[peterwilm]

Many people using debian do not understand what the labels stable, testing and unstable mean.
Debian stable ist called stable, because the packages are only replaced in order to fix security flaws. The security patches are manually backported by the debian security team. This concept assures that one can configure a system and handcoded scripts will not break until a new version of debian stable is released (every 2-3 years!).
So stable has the meaning that one can install a system, do automatic daily security updates and forget about it until the next version comes.
Debian unstable gets updated packages every day. So if you would like to have current software you could chose debian unstable. Unstable does not get security fixes. This isn't too bad, because the original software mainainers patch their software and this will get into debian unstable pretty soon.
Than there is debian testing which is meant to be the testing system before the release of the next version of debian stable. It does not get security patches. It sometimes does not get timely package updates.
If you want a system which is stable in the way, that the software does not have many bugs, you should NOT use debian stable, but UNSTABLE!!! This is because non-security-bugs are not patched in debian stable, but in debian unstable, as new versions arrive there. A good example is mozilla: In debian stable, the current version is 1.0.0! It did not even get security fixes as this would have meant too much work! In debian unstable the current version of mozilla is 1.7. Mozilla 1.7 definetely crashes less often than Mozilla 1.0.0!
Do not use debian testing for other reasons than testing the next version of debian stable! Testing has sometimes outdated software AND does not get security patches. This combines the bad features of stable and unstable!
So if you want a system that almost never changes, because you do not have the time to reconfigure your system often, use debian stable. In all other cases, use debian unstable. It is not less secure. In some cases, like mozilla, it is MORE SECURE! Never use debian testing, except you want to help with testing at the debian community.
Please do not suggest that debian stable has less bugs than debian testing which has less bugs than debian unstable. Almost the opposite is true!

Re:What 'stable' really means'

[UltraOne]

The line for security updates for the testing distribution (taken directly from my /etc/apt/sources.list file) is:
deb http://security.debian.org/ testing/updates main contrib non-free

Re:Bad for Debian?

Yes, they are. I find it more than a bit ironic that RedHat has been praised (by some...) for their new strategy of "charge 'em more, release less often" while Debian gets slammed for not releasing a new version every six months.

IMHO, Debian's dependency management is so good that it's worth dealing with older packages to get a "stable" version that runs like a top.

Debian is also good at keeping the initial number of packages installed small, which is good for keeping things simple--especially important for servers. It is very easy to install a bare bones stable installation and then add to it using aptitude and perhaps tasksel).

Not true

[jeroenvw]

No, this isn't true. The ftp-masters are Delegated by the Project Leader to perform checking packages against legal issues. They indeed have a say whether or not to let a package go in the archive.

However, as with every delegate and also the Project Leader himself, their decisions can be overridden by the developers (by means of a vote, where any five developers can call for).

In the end, the developer body has the ultimate say about everything.

--Jeroen

The biggest praise of apt

[hayden]

Is in how the Debian installer works.

The way every other package based installer works (that I've used anyway) is to install all the packages from the installer boot (usually by forcing dependencies) and then say "all done, reboot now".

The way the Debian installer works is to install a barest minimum system that will boot and run apt and then reboot. Then once it has rebooted it asks for some apt repositories, asks which packages you want install and then installs them (this bit may take a couple of passes though the list to work out any warts in the dependencies). Having done that it presents you with a fully working system WITHOUT a reboot.

The fact they can have that much confidence in the apt repository and the tools is pretty impressive.

A pity

[yanestra]

I'd rather like to see Sarge with the new policy enabled, even if it takes two more years or four. (I am young, I can wait.)
I mean, Debian is FREE, and so should be its documentation.

Surge of popularity

[ultrabot]

I bet we can expect a big surge of Debian popularity soon, as the "stable" version becomes up-to-date again, making it usable for something like 6 months at least. Sarge is quite well on the "speet spot" of software released now, with KDE 3.2, Gnome 2.6 and Kernel 2.6, and the last "good" version of xfree (the next good x server is probably some time away anyway).

It's nice to see debian decided not to slash it's own wrist by postponing the release. The problem with debian is, people who make the decisions to release or not are themselves using Unstable, and don't really care either way with the release. The loser is the guy who wants to run Debian stable, but doesn't get a say on if/when they are planning
to release.

BTW, one significant turn-off with Debian is the quality of the user base - you need to search far and wide to find as unfriendly a bunch. There is no friendly community that some would expect from such a project. Perhaps it's all the infighting that hardens the people...

I second that

[samjam]

As an ex-debian-rant-meister I am pleased with having switched to Debian after the RH9 closure.

Getting used to the differences took a couple of working days but it was well worth it.

Networking setup is very simple with debian, they haven;t managed to scatter it over so many conflicting config files as redhat.

Debian also really care about free software.

The only annoying thing with debian is the large (lots of files) debian-specific directory required for each package compared with redhats single .spec file which project maintainers are generally happy to look after themselves.

But thats a small gripe. The other gripe is that it is too hard to donate to debian. I have given up twice unable unsure of who I'm eventually paying money to and for what.

Sam

Re:Comparison between Debian and Gentoo?

[amcguinn]

Firstly, this is a relevant question and I don't see why it was marked "offtopic".

I have been a debian stable user for many years, and recently installed gentoo on my main workstation, so here's the comparison as I see it:

In debian stable, as in gentoo x86, the packages are tested before being released. The difference is that in debian stable, the distribution as a whole is tested, so you don't get integration problems. When I installed gentoo, I got a good working version of gimp, and a good working version of sane (scanner tools), but they weren't compatible with each other -- to scan an image from gimp I'd need to upgrade to a newer "unstable" sane or downgrade to an older gimp.

Secondly, debian generally tries to configure packages for you. You decide you want a service, you install the package, and that service is installed and running. It might need to ask you a couple of questions, but that's all. Gentoo explicitly leaves the runtime configuration of a package to the user. The "zero-administration" paradigm of debian is extremely ambitious, but they are surprisingly successful at it -- probably more so than any other distribution or for that matter any other operating system. Mostly everything Just Works. Then there's the obvious differences: debian stable is very old, and in Gentoo you have to wait for stuff to compile.

The reason Gentoo can have the "rolling stable" distribution is because it is a source distribution. debian testing is the same kind of idea, but it doesn't work nearly as well because binary packages necessarily have more dependencies on specific versions of other packages. It is the loosening of dependencies, not the tiny optimisations, that is the real benefit of distributing as source.

Of course, if you want the "stable distribution" rather than "distribution of stable software", then debian has the advantage. The gimp/sane problem was the only issue of that kind that I've encountered so far, though, so from my point of view the integration question seems fairly manageable.

What's the gripe about Debian?

[Kjella]

I run "testing" on my desktop, and it works great. Kernel 2.6.6, recent packages all around. Not had any problems with it. If people read "server, desktop, experimental" instead of "stable, testing, unstable" it'd be much closer to the truth.

I don't know where it is coming from that testing don't get security patches. It might not have the guarantee that stable does, but in my experience they've been there almost instantly. That's pretty much what you get from ALL other distros as well (we provide as fast as we can, but make no guarantees).

As for installation, I install the base image (100mb, there's even a 30mb microinstall), then download the rest on-demand. If you're not on broadband, pick up the box and put it somewhere with broadband (where you'd download the CDs) until it is installed. It's text based and looks a little crummy (this is the new installer, you know), but it is powerful and easy. Slap an (optional) GUI on top and it competes well with Mandrake and Fedora.

Overall, I think those that installed 'stable' sometime in the stone age love that their distro is still supported. And whenever sarge is released, that it'll probably be supported to something like 2010. That matters to a significant portion of the people (server admins) that will never gripe about it on slashdot until it is "my "#"# production box just went to #%"!!!!!"

Personally, I don't care much for their social contract (I have no problems putting non-free and other sources in my sources list), I just picked them because in my opinion they're the best distro around. Best to get any real work done at least, with a minimum of maintenance.

Kjella

A very practical compromise

[chathamhouse]

Let's not forget that the freedom in documentation that you want is more than many, including myself, would consider appropriate.

To be 100% DFSG-defined free, some have argued in debian-devel and debian-legal you should be able to edit, and redistribute your edits of any documentation.

Sounds ok when you first think of it, which is probably why the general resolution that proposed that changed passed. But then you realize that:

1) the docs include standards, like RFCs, which _should not_ be changed and redistributed, less confusion ensue. There is a formal process for contribution and review, but just editing the docs isn't it.

2) the docs include license texts, like the GPL, APL, etc. The condition of using and redistributing most of the code in debian/main, including such useful things as the kernel, glibc, gcc, g, is that the text of GPL be distributed along with it. However, the GPL text itself isn't 100% free from the DFSG's point of view because it once again cannot be altered and redistributed as the GPL. And bingo, you're stuck! The GPL can't be put into non-free, because is presence is mandatory, but good luck in having the FSF alter their license.

I have nothing against a free _software_ interpretation of the DFSG, but there are good practical reasons why the same freedoms cannot be applied to the documentation.

----------seperate point for discussion-----------
Interesting thing - wait much more than 6-12 months for Sarge, and most serious debian installs will be running production systems with a heavy concentration of backports.

And with backports, there are less eyes on the package's code level, and less eyes to notice that an update may have been released to plug some security problems. But there's the trap: (1) use testing and have a too volatile OS, (2) use stable + backports and get a functional os, that's generally secure, or (3) use just stable and get an OS that in time loses the ability to deliver 'standard' features, i.e. functions that have been available for more than a year.

Re:what's the deal with debian?

[Killeri]

The Debian Developers aim to provide three things to the users, IMO: security, ease of installation, ease of upgrading.

Security means that for the stable release the security team will provide timely updates for all known security issues. For unstable the security is provided by the DD responsible for the package - usually unstable versions are updated at the same time as the stable. For testing this does not apply at the moment, though. If the DD tags his updated version as "urgent", it will propagate to testing within two days, but I don't really have data as to how many developers do this. There have been intermittent ideas about having a separate security team for the testing, but these haven't really taken off.

Ease of installation means that you should always be able to say "apt-get install foobar" to get foobar package working in your system. In stable this is a must, in unstable sometimes this breaks.

Ease of upgrade means that you should be able to say "apt-get install foobar" when you know that foobar has been updated without having to worry about losing any of your existing configuration. This applies to all distributions, but of course in unstable you run a higher risk of encountering a bug which might cause your configuration data to be lost.

Re:Comparison between Debian and Gentoo?

[EzInKy]

Gentoo is becoming the system of choice for those who like to develop, test, and play, while Debian is for those who just want to set up a stable box and forget about it. Of course there certainly are people who still use Debian to develop just as there are those who use Gentoo for servers, but each distro seems to be heading towards those two niches. Debian tried and true, Gentoo bleeding edge and new. Both distros are very important to the open source community.

Re:+1 interesting

[barawn]

Are the upstream packages too broken to be good enough for debian?

Usually. Take a look at all the bugfixes that Debian applies to the packages (just look at bugreports from each package).

Has debian deviated so far from mainstream that the packages require extensive customization?

Not really. Upstream authors just don't really pay tons of attention to detail, and so while a release might work fine on their heavily customized system, it doesn't play well nice with the standards that Linux Standards Base and Debian Policy have defined.

Why can't the fixes be committed directly to upstream?

Sometimes they are - Debian package maintainers do a ton of backporting. Take, for instance, the Intel driver in XFree86 - for the longest time, it was improperly supported in X, and so the newest 855 (I think) couldn't run. You could fix it by going to a CVS update (4.3.99) but there were no releases of XFree86 that actually had this fix.

This is stupid, so Debian fixed it - the 855 driver change got backported to the version that Debian has, and Debian's version works.

A lot of people don't realize this, and so they think that "oh, I can't use Debian because certain packages are very old and contain many bugs" - that's not true. Lots of bugs are backported to packages. It's just that upstream authors many times change much, much more than just a simple bugfix, and to introduce all of those changes at once would, and does, break systems.

The other simple reason is that Debian supports more architectures, by far, than any other distribution, and it takes a large amount of time to verify all those architectures.

(Many people would say "who cares, I only use x86", and that's nice - but we need to have a distribution like Debian!)

It's also important to remember that Debian acts as a very solid "base" for operating systems. You can build on it very, very well, and many companies do! Knoppix is quite amazing (and is Debian, repackaged). Lindows/Linspire, Xandros, Libranet, etc. are all Debian-based operating systems, and the number really keeps growing. Those distributions don't stay out of date because they don't have the same concerns Debian does, and so if you're really a version-number whore, go with them.