Slashdot Mirror
Does Open Source Need Quality Standards?
underpar writes "This Techworld.com article reports that a UK group called the Open Source Consortium is being officially launched today. The article further states that the goal of the group is to respond to claims that switching to open source is more expensive than using Microsoft products and to help smaller companies compete with Sun and IBM for open source contracts. They say they will not compete with other open source groups and they intend to eventually come to the US. The hype-filled about us section of their site says their Quality Standard Certification provides a "simple framework for self-assessment and performance improvement." The question of whether this is useful or even wanted in the US still remains to be answered."
A simple framework for self-assessment would do wonders for the current and future administration.
Some open source projects do (carrier grade linux; linux in medical devices).
Others don't (screen savers, C# clones(to match MSFT's Quality Standards), etc)
Just because Linux is under the GPL which is an OSI aproved license does not mean that anything that has to do with open source has to be about linux.
... and rumor has it they're experimenting with this quality assurance idea called 'pier review'
Remembering that you are going to die is the best way I know to avoid the trap of thinking you have something to lose.
I like the dedication to quality evidenced in their About Us page:
We are a not-for-profit organisation which guarantees the the quality of open source deployments in the public sector (emphasis mine)
"Truth is not decided by majority vote" consensus gentium -- Norman Geisler
Short answer is YES, almost everything needs a certain level of quality standards for widespread use. Even MS has its own quality standards :)
However, who is to set these standards and who is to govern them is another question.
I have a subtle feeling that Open Source = Freedom, that's probably why we see so many forks and distros because "I would have done this that way, and I could".
So what is to stop a "US Open Source Consortium" being officially launched tomorrow because another group of developers have different idea on Open Source's quality standards?
Can Linus the most influential man gives a single, authoritative guideline?
Rock that crushes, Paper & Scissors that don't matter.
Be careful what you wish for.
Something "free" or "cheap" might be so for a reason.
I still say best open source is that tied to proprietary hardware then you really cash in.
As for la-dee-dah software, operating systems, etc, I stay away from those.
More to the point, isn't ISO 9001 one of those standards where you prove your ``quality'' by committing to following a process, and documenting that you do indeed follow that process? The inevitable result is that you can commit to shooting your customer in the foot, and document that you have done so, and earn the highest ``quality'' rating for it. That sort of ``quality'' isn't very reassuring.
See what I've been reading.
Then who would test the beta/non-working versions of new projects?
I hate sigs.
DYB
Well, since you used a double negative, then you are still virgin!
Congratulations.
Certifications like this are often welcome in corporate environments where names and packaging often matter as much or more than the product.
... anything that lends credibility to OSS is, in my book, a good thing. So if this takes off and acts as some sort of benchmark for quality that people can rely on, I say more power to them.
Even if OSS is better in a lot of cases, many managers can't politically afford to introduce it because of the climate that exists in the still largely Windows-controlled world.
Any sort of
dmiessler.com -- grep understanding knowledge
If you have had Six Sigma traning, then you are definitely baffled about what it is.
--- Ban humanity.
Scientists wonder:
Do bears shit in the woods?
Is the pope Catholic?
.... we want something like that here. We have Microsoft and SCO.
-=fshalor
I think we all agree that a business world based on OpenSource would be preferable to a Windows-centric system. To achieve this, high-quality-business solutions have to be written and found. I am running my own business and am using Linux on 5 machines. There is some old Mac, but I do not really use it anymore. To please the Finanzamt (the german IRS), you have to file reports, do some accounting etc. This has proven very difficult for me when I tried it with OpenOffice. So I searched for business software, e.g. accounting suits, ERP and CRM-Software. I tried for over 2 months and have compiled about 100 different approaches - but all of them were either abandoned, not scaleable to other countries needs (I cannot use spanish tax forms) or they simply didn't work the way they where supposed to do (I even had an KDE program that was published with internal static linking to the programmers home directory!). I finally settled with lxoffice (http://www.lxoffice.org), which is fairly scaleable and where 95% of the system works, but it was a hard fight. While I am accepting such situations as a hobbyist, as a business owner that's lots of time I am not paid for. Quality control could help in such situations, helping users choose reliable software. And yes, I'd be willing to pay for it.
Screw the FSM - Real geeks believe in the Invisible Pink Unicorn
YES !!!
And it needs to stick to them. Microsoft may produce buggy insecure code but I'm fed up of finding bugs in Open Source software and being told 'what do you expect, it's free'.
Ed Almos
Budapest, Hungary
The more corrupt the state, the more numerous the laws. - Tacitus, 56-120 A.D.
Based on the amount of abandoned projects, weak support, buggy code, inconsistent UI, and so forth I've seen in projects that were "neat ideas", I'd say yes, some standards would be useful. Especially when there are projects like Firefox, OpenOffice, and Gaim to carry the banner (plus many other lower-profile projects).
OSS still has a bit of a reputation of being "kids in basements wearing black t-shirts hacking out amateur software surrounded by Matrix screen savers" and not always undeservedly.
But not always deservedly either. And some sort of cert program (I leave to people smarter than I am the how, where, and when of certification) could be helpful. Would it make it more difficult for an innovative project to take root? Well, yes, but that would be the point, and it would guard against projects that are abandoned when, for example, their creators graduate from university.
I'm a big fan of Free software, btw.
Why would any government actually want to pay Microsoft any money when they could pirate the software instead? whats Microsoft going to do? come and sue them? yes I know its more complicated than that and there are all sorts of WTO issues not to mention plain diplomacy, but if were talking about a country that doesnt care, then seriously? why not just open up big government-run CD presses and start churning out copies of Windows for your country?
This comment does not represent the views or opinions of the user.
Linux is quality. By having publicly available code, we can all make sure it's up to our standards. If it's not, then you are welcome to (a) not use it, or (b) fix it. So why the concern? Contribute to the community and all is well. There's no barrier to helping (such as improving a country). But seriously, Linux has proven itself worthy of being quite stable and for the most part secure (problems are bound to happen in such a large block of code, but responsible repair is key). Same with the core applications within it. The UNIX model is tried tested and true over and over again. It's still used so commonly BECAUSE it just makes sense... Try that in a windows world (click here, then here, then here... no wait- we moved that feature elsewhere in the latest 'security patch'). -M
when you see the word 'Linux', drink!
"Who is this 'We,' paleface?"
... MR. SUBARU!
:)
Lots of people are quick to say that someone else's work "needs" something. My car needs its cupholder in a sane spot, instead of so it just about blocks the radio buttons. It's true, but that's not exactly a demand on the car maker. Just a hint
Sometimes it's hypothetical and prescriptive; "Red Hat needs to compete in the market X, so it needs to advertise in trade publication Z and add the de-pre-mux-defrobnostication patch that this special niche requires." Fine
Other times, the "need" is expressed as an imperative, when the speaker has no standing to demand anything ("The GIMP interface needs to change!") etc, or (as in the headline here) where there is no single Thing to change. "Open Source" covers a huge range; it's like "Things that have the letter R." It's true that some of these things (like Catherine Zeta Jones) are beautiful, but it it does not follow that all things with "R" better our existence in quite the same way.
It's perfectly nice and positive and welcome etc that someone has decided to promulgate what they consider higher standards of quality for "Open Source" -- as long as everyone realizes that only a certain subset of open source software can be scrutinized by any given such body, that developers may have their own ideas (even if they are not universally popular, and even if they have no intention of following someone else's ideas of UI perfection), that open source's great advantage in this context is that UIs are a) frequently separate from the underlying code and b) forkable.
timothy
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5
I mean code and stories btw.
the opensource software must be at least the same quality as microsoft products.
F/OSS needs more unified standards first! (like for packages).
This is indeed Geek News, but please keep it to yourself. The other 90% of geeks that have yet to be laid will get jealous and mark you offtopic out of spite.
Engineering is the art of compromise.
Certain versions of embedded and server Linux had already passed the Telecom Carrier Grade Reliability Test. Carrier Grade Linux is 99.999% Reliable. Any Window is NOT Telecom Carrier Grade Reliable. Microsoft won't even try because it will fail.
SourceForge shows that there is no end to open source, small (2 or fewer developers), niche software projects that could benefit greatly from following QA methods during their development.
Not all software is going to have a wide enough following by developers to effectively catch bugs if the core development team is sloppy. If the certified company is not completely cynical about the QA Cert, but actually incorporate QA Methods into development, they will produce generally better software with fewer bugs. They don't need to be CMM level 5 to do this, either.
While i could care less about w3c compliant, *if* you decide to put up a link to w3c, checking valid xml stuff, make sure it's actually valid ;)
Do we need standards that pertain to quality or standards that themselves have quality? :)
I can imagine an organized group like this, though, would be excellent at answering issues like corporate generated FUD in an organized and coherent way. That's our big problem, we lack representation (not counting eccentric geniuses with big ZZ top beards).
Luck favors the prepared, darling.
If FOSS is to conquer the end user market, there must be quality standards for usability (giving the system a polished look) and documentation. Many projects already are quite good at the documentation but a lot lack usablility in terms of "I'm coming from windows and I want at least a bit comfort by configuring the system via a GUI". That's not my opinion (I like the config-file-style) but it's how less technically experienced people think. And this is, after all the group of people that should be carefully driven away from monopolist software and at least use some free software.
We are a not-for-profit organisation which guarantees the the quality of open source deployments in the public sector by setting professional standards and bonding its members.
AFBCD (Another Fucking Barber College Diploma)
More info on stinkin badges.
Now I'm the grandest Tiger in the Jungle!
This type of issue is why drivers are still a big problem for linux.
Jeoin
The default screen saver in QNX, the high-reliability operating system, is the Matrix "green numbers" screen saver. That's what you get if you don't select a screen saver.
SQA is essentially one of the most important aspects in software engineering. Depending on the nature of a software, open source or not, SQA is definitely a must and key to developing software that meets the needs of the intended end-users without sacrifycing quality. What's the point of having a software that has fancy features of this and that and yet crashes every now and then?
SQA helps to validate the software whether it is developed up to certain acceptable standards like whether it's functioning the way it supposed to, does it go berserk and stop functioning after the user keys in certain kind of data, etc.
Just because a software is open source and free, I see no reason why the quality should be compromised especially the operating systems, office productivity and development tools.
And so I really feel this Quality Standard Certification is needed, I mean just look at the numbers of governments and organizations is using Windows OS despite it's many flaws compared to the number of Linux OS adoption. The reasoning for this that "Linux is harder to use" is lame - it's obviously because of it's reputation and that Microsoft gave "quality assurance" to their product. What about Linux? Is there concrete proof that Linux is better that will convinced the government and the organization that it is a better OS?
Not only an overgenralisation, it is a redundant idea to boot. OSDL already provides a lot of the stuff they publicly talk about - code quality etc. The real purpose of the organisation comes to light when you read deeper into the site.
You need to be skilled in their "consulting framework" and you need to conform to some "financial framework" as well. Their membership criteria are mysterious (hint, you probably need to be a member of their club of buddies) and some of the organisations that are members (and knowing those organisations intimately, they probably are the drivers behind this thing as well) are decidedly dodgy - Open Forum Europe has publicly spoken as "Open Source Representatives" and as such, have signed a declaration supporting software patents. Looks to me like just another group of people trying to corner a market. Anyone remember the Open Group, and the "good" they did for UNIX? (another hint - a lot of the same people are involved)
This is so much the wrong crowd to hang out with....
People who think they know everything are a great annoyance to those of us who do.
"The question of whether this is useful or even wanted in the US still remains to be answered."
Why wouldn't you want quality standards? Or is it that just because this is not a US born organization then whatever they say is not useful in the US?
My penguin ate my sig
Good to see "Dumb overgeneralization" modded to +5 right off the bat. Other replies in this thread also deserve "insightful" moderation.
Software should be held to whatever quality standards the customer requires, regardless of it's proprietary or open development process.
For products where quality IS important, published documentation, including source, code-change-history, published test-cases and results of running those tests cases, etc. can help ensure quality. Commercial outfits typically rely on outside auditors or "trust us" to show that they probably ship quality code. At best, they publish their test cases and the results of those tests. If we are really lucky, a few outsiders have reviewed the code and pronounced it good.
For projects where quality isn't important, well, nobody cares but the authors.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Why would open source need quality standards? All open source software is perfect by default, just in the same way that every piece of code coming from Redmond is evil to the power of ten.
...
Stupid question
Free software is known to deliver quality software without stupid standards. People just program whatever they feel like programming. They do it because it is fun. Not because some stupid idiotic manager who thinks he's hot schitt because he has an MBA is breathing down your neck and yelling at the programmer for not making quality software fast enough and cheap enough. They don't understand anything about software and they think they can make stuff better by making up quality standards.
Not only do they expect the impossible in a shorter amount of time and they don't give you the TIME to make up good software, but then they make up quality standards as if to add insult to injury.
That is why F/OSS is so much better than this commercial garbage. Because F/OSS makes everything better without the need for any of this stupid management crap. F/OSS. Because friends don't let friends use commercial software.
A company I worked for produced shit for software but, as they where ISO9001 certified at least our customer know that they could document every step of the process it took to make shit.
Something "free" or "cheap" might be so for a reason.
You mean, because the developers are frustrated with illegal and unethical monopolies producing products that don't meet their needs, but nonetheless are financially benefiting from it?
Because the developers enjoy the product they are creating, and are creating it for the fun of it, and want to give it away for free because of it?
Because developers are being supported by a nonprofit or publically funded institution that operates to increase public welfare and are obligated to release products openly?
As for la-dee-dah software, operating systems, etc, I stay away from those.
What is a "la-dee-dah" operating system? Are you referring to Linux--which runs on many of the fastest supercomputers and servers in the world? Or something else?
Why does this summary look at open source consortium so critically? Where did unbiased reporting go? They haven't done anything yet and already this summary is using terms like "hype-filled". As far as I can see it is saying that it will do the good job responding to "claims that switching to open source is more expensive than using Microsoft products" and helping "smaller companies compete with Sun and IBM for open source contracts".
You are mistaking a 'standard' (such as TCP/IP) with a 'quality standard'. One can make a program to follow a specific protocol, but that doesn't make it a good program at all.
We're talking about quality. How good is the finished product compared to its usage. Is a mission-critical application actually going to be stable? Does your application spend most of its time in spin locks? The quality is in the method of the implementation. A web server can answer HTTP requests without trouble, but will is do so well? Is it expandable? Is it going to advance? Is it useful? Are its libraries useful to other functions?
Quality is a 'degree of excellence'. So what makes the software you see on Linux better than 'average'. Why are we all using it? Price decreases our costs and barriers, but a degree of quality exists because there is a large user base creating quality, and demanding quality.
If you make code that is not readable or properly coded, nobody will use it, or people will say "I'm starting my own project" and fork off (as we've seen so many times in the UNIX world).
A good example of quality (IMHO) is qmail. Written well, coded securely, very functional, and very logical. And it has succeeded for those reasons (and hype). The tens of patches out there for it adding all sorts of neat features are people saying "this code makes sense. This structure makes sense". Adding features to a SMTP system doesn't involve mucking up the mail system. People like it because it screams of quality. A great deal of time, effort, and quality went into the code.
You mention a standard. We need standards in protocols- not in quality. The standard says that a SMTP conversation goes like this... but the style, programming language, where security checks are made, and so on are all up to the programmer or team of programmers. And why should we (you?) take away that freedom? If I want to make my code of low quality, don't use it, don't buy it, don't use the service I offer from it (not that I do produce poor code).
-M
when you see the word 'Linux', drink!
Go look at the fucking site. The "Quality Assurance" is NOT for open source apps, but for COMPANIES that provide services based on OSS. The /. summary is very misleading.
I tend to think of OSS as a war between different developers to see who's idea will be favored by the market. For too many years, implementation of ideas was up to some PHB. The problems of that system are starting to show. The idea that "well, it may not be the best way to do it, but at least we can all agree to do it this way" goes against the idea that the best solution will come out on top.
I think developers should continue to try new ideas and do it their way. If nobody likes their idea, their software won't be used and it won't matter.
The market will adjust. It may not be elegant or convenient to juggle several different packaging systems, for example, but people are doing it. Eventually, the best packaging system will come out on top because people chose to use it, not become some standards organization decided it was best.
These past few years of OSS have shown some pretty neat ideas in a short amount of time. I think it's going to improve at a faster rate in the next few years.
"de-pre-mux-defrobnostication" that's a great term! The frobno part sounds like Zork. Maybe there's a hint of Douglas Adams in there? This is totally off-topic, but I've enjoy marketing jargon satires. Slashdot should have a survey of fictional technical jargon. There's probably something on the web- maybe there should be a wikipedia entry? Something on the Hitchhiker's Guide that wasn't strictly Douglas Adam's? Actually, this is probably all-too on-topic. I always thought quality control was supposed to be divided amongst thousands of volunteers on free software projects- right?
Quality standards in Linux would go against the mantra of "Release early and release often". A good open source project shoul dbe first release at the time it shows promise, even if it has kinks in it to allow other open source developers to pick it up and contribute. Once the project is matured, then it is okay to add a "stable" release stream (like Linux even-versions) to complement the "hacker" releases (like Linux odd-versions), but in order for an open source project to produce quality code, it must release code that isn't ready for prime time in order to allow peer review and to reduce duplicate effort. This is how the bazaar works.
- Thomas;
___ This sig is in boldface to emphasize its importance!
This wouldn't happen to be you, then?
Judging by closed source software, it looks like there is no expectation of a minimum level of quality in software.
I've seen some difficult to understand jokes on slashdot, but "pier review" is not one of them. On the other hand, is there a special significance to "Pier 13?" Yes, I've googled it, but there's only so much time for me to waste till I get out of work.
Don't know much about Quality, do you?
I'll speak of these things in general, since they are essentially the same types of certifications (ISO, CMM, etc). If your customer agrees to be shot in the foot, and you shoot him in the foot, then the quality of that release is right on the money. One of the things that people miss (or fake) when implementing these processes is that they try to cut corners and fake-out the process. These certifications usually require that you get customer commitment to process changes. That means you keep your customer in the loop of communication. Therefore, you get them to agree to things and hold them to it. Customers don't usually like that, they love to wiggle and worm their way around commitments. But if you follow these processes, you can get them to document their commitment. They aren't very happy when they are called on the fact that they get exactly what they asked for, but in the end the point is to make them happy by getting them to ask for what they really want.
Everyone loves to put down things like the CMM and Six Sigma, because they "don't work". Just because you worked somewhere where it didn't work doesn't mean the models don't work, it means you didn't do them very well. And they aren't easy to do well, they take effort. Most places will cut corners and fake the behavior that they think will let them slide by to get a certification, then they will usually go right back to doing what they want. There is a difference to "getting to certification level X" and "operating at certification level X".
And the real definition of quality is the delta between what the customer expects and what is delivered.
My beliefs do not require that you agree with them.
Just like the scientific community, Open Source developers and their work are under the constant scrutiy of other Open Source (and even closed source) developers. The more popular and active the project, the more people reviewing the code.
Secondly, Open Source projects are predominantly not products; they are solutions, proof of concepts, etc. Their sole reason for existance is to be the best possible solution to the problem that the developers are able to produce, without deadlines, budget cuts or preasure to out-do a market competitor. As such, the "commercial standards of quality" attached to so many software products have no meaning for Open Source.
As long as Open Source remains open, as long as skilled programmers around the world have the ability to review their peer's code throught the development process, Open Source will continue to have it's own built-in form of quality assurance.
Just look at the major Open Source projects available today. The results speak for themselves.
be kicking a real ass, who is also the world's MOST DANGEROUS AND INARTICULATE LEADER, after the U.S. completes their current withdrawal from Iraq; the U.S. dollar reaches record lows (that not highs National Public Radio commentator) against foreign currencies; and interest rates
hit 20%.
Seditiously,
Kilgore Trout, CEO
What makes OSS by nature better quality is that the people who write it are also among the people who use it.
As to Microsoft's claim about "costs"...Steve Ballmer clarified all that last week. It's not an analysys. It's a threat.
What else should it have, LOW quality standards?
Of course, and one of the big problems is getting people to agree on these standards. While some have been successful (OpenGL) others have not (just about anything related to X).
What I like about Windows is a unified development environment - OS X has this too. I feel like I'm missing that in Linux.
That reminds me some widely used proprietary software that is tied to an open hardware platform ... x86. ;)
People who dislike China tend to mention Tiananmen Square a lot, but they always forget the Tank Man is also a Chinese.
I know fine well that I can inspect the source code of every app running on my laptop, but the despite being a capable coder... i dont. Partly I don't have time and partly I dont care enough.
I'm happy with the mindset of "other people use it so it must be pretty solid".
However, businesses don't really think that way. It makes sense to have a badge that individual distributions use that assures managers that it's reached a particular standard of quality.
Of course in practice that's highly non-trivial.
There already exists a consistent devotion to high quality software, otherwise people wouldn't write open source software in their spare time. Applying standards to quality levels could prove tedious to existing and future project maintainers as it's one more thing to add to and worry about in the design and implementation stages. What besides the GUI could be regulated? Code efficiency? Documentation? Those things are already done sufficiently. If those things weren't already done sufficiently, people would not use or contribute to the project.
Vic
You know, I wish people would quit twizzling up organizations like this and just write some code. OTOH if these guys figure out how to make some money off open source I guess thats not all bad. I wish I could be working for a company that was making money that way.
Obama is a twitter sock puppet
I don't mind finding new bugs in new features. As a software developer I can understand this.
What truly annoys me is when something that has worked fine for years is now broken. This happens so often that I dread every new Linux distribution release. Something minor always breaks.
The kernel proper, audio drivers, and the window managers are the worst culprits. Glibc is fairly stable. The X11 server used to be very stable when XFree86 was the distro's choice. The new Xorg has such a rapid development pace that things are breaking faster than they are fixing them. Totally crazy. It is like the Linux world hasn't yet discovered the concept of Quality Control. I think it all comes down to standards and sticking to them.
Now I am a huge Linux fan, I've been a Linux desktop user for the past 6 years, but this perpetual game of wack-a-bug is getting tiring. I send in bug reports, I fix some myself, but this quality problem is getting worse, not better. This has led me to these 2 realizations:
* Fixing other peoples bugs is not my job. So pay me. But the economics of open source won't allow that.
* The Linux credo of "release early and release often" might not be a smart idea (unless you value new features over new bugs). Take the stagnant XFree86 project for example, their releases were fairly high quality, but their snail pace development cycle is what caused their doom.
What will it take to fix these vicious cycles?
Interestingly, many of the pages at the OSC web site do not validate using the W3C XHTML validation link at the bottom of all the pages.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
I think the best way to reduce costs for deploying open source software is also a huge business oportunity for some small nimble companies.
The same way that distributions are aimed at specific tasks, a business can be made around aiming a set of software and hardware at niche markets.
Imagine if you put together a set of hardware and software based on open standards for a dentist office, so that it would scale from 1 to 50 dental stations.
Imagine if you rolled out X terminals to a small business along with a printer/ scanner / fileserver / fax machine / voice mail machine / web server / database server/ internet gateway / applications server all in a single central little rack of machines and had ip phones at each terminal.
The opportunity to roll out complete small solutions to businesses with opportunities for customization is huge. Any company that does roll out a custom linux solution should look at selling their solution to a reseller and get money as that reseller rolls their solution into hundreds of other customer sites.
Does Open Source Need Quality Standards?
YES.
Well I even mentioned in the header that it was offtopic... Shows that most ppl are actually stupid by saying my message is off topic. ;)
I could troll and mention the country.
Domain 'lxoffice.org' does not exist. lxoffice.com points to a Chinese site without a word in English nor German (beyond the stupid "Enter")...
In Soviet Washington the swamp drains you.
to Microsoft?
I'm glad to see the majority of posters so far have chosen to miss the point of the article, and to miss the point of the Consortium.
8^)
For what it's worth, the Consortium consists of 'close to the community' F/L/OSS businesses in the UK who have got together to promote FLOSS to the UK government and Public Sector.
How do I know this?
Because I started the process.
We have been communicating with various parts of the UK Gov and Public Sector for months. The International Secretary of Socitm (http://www.socitm.gov.uk/), Bob Griffith, spoke at our Press Launch stating unequivocally that Socitm's members want an OSC in order for their members to go ahead with deploying Open Source software.
So go ahead and whine. You are confirming all of the UK Governments worst stereotypes. Meanwhile Microsoft are *all over* the Public Sector here in the UK.
As for all the ranting about standards, sheesh - have you *read* the article? It says "He stressed that it would not compete with some of the existing open source groups which are more concerned with standards"
Let me give you an example of some work the OSC has done in the standards arena. We are hosting John Terpstra's presence here in Europe to speak out against software patents as part of his work with the Open Standards Alliance (www.openstandardsalliance.org). So far we have helped the Alliance present to senior EU officials at the IST 2004 conference and the Flosspols conference. We have also hosted a presentation (in conjunction with the NCC) to UK Government officials here in the UK. The message we have been projecting in Europe is that to those who are seeking so-called 'Intellectual Property' protection, computing infrastructure = patents + copyright + bite your arse laws, and the dialogue these people use is litigation. John has been very vocal that the Open Source community vehemently objects to any notion of 'Intellectual Property' protection, and that infrastructure computing is the result of unfettered technology development, and that our dialogue brings about concensus.
Still, if you're more comfortable thinking we're just a bunch of suits, or that we're *pro* patents (where the f*ck did you get *that* idea!), go right ahead! 8-P
Complaining is the easiest thing in the world - knock yourselve out!
We decided we'd try and achieve something a little bit more positive than that - promote the uptake of F/L/OSS in the UK Public Sector.
Or maybe we should just leave the UK to Microsoft and simply sit here whining on Slashdot...
Even with our "bad" economy we are still kicking your asses :)))
The other part to this is being able to make an elite club (ie those inside "quality" vs those "outside"). Such levels of exclusivity fly in the face of what Open Source stands for.
Engineering is the art of compromise.
The OSC was formed to get around UK government procurement constraints. This initiative provides a way for members to win business opportunities using open source software in UK government areas.
Members ofthe OSC are all small open source consultants and contractors. The purpose of getting organized is to get proprietary vendors out and get open source into government IT projects.
I know the OSC launch is not perfect, they are working against many negative barriers. How about some support instead a put-down. You are kicking your friends in the teeth with the rants against them so far!
But like you said, the "economics of open source won't allow that."
Be realistic. Getting people to care about about quality control of free software that they create in their free time is not going to happen.
The BSOD is a standard as far as it goes.
"In the crapper" and "Runs once out of ten tries" are "quality standards" just not excessively hard to achieve.
Yea, that sounds funny, but I am not joking. If you have ever worked with government or mission critical systems you know that there are whole ranges of "quality standards" that properly hinge on all sorts of factors and properly "only go so far".
You have been conditioned to see those two words and automagically think nine-nines-of-uptime or zero-errors or whatever. But those words are _MEANINGLESS_.
The article and the proposal is a bunch of Market Speak.
In point of fact each program/project/routine has some (possibly unspoken) quality standard to which it is being crafted. And the web site/company in question is also being crafted to the PHB set.
The questions really are:
1) does this organizatino propose quality requirements that are more-exacting than the Open Software systems they expect to sell and support, and if so, will they be spending the time and money to raise those projects/programs to those standards or will they just bitch in some mailing list?
1a) Aproach?
1b) Participation?
1c) Remedies?
2) Is this just pandering to control-freakery or does the group in question have a participation model in mind? Does that model presage a "we (you people) need a licensing organization (us) to certify you as good open source"?
3) What resources is this organization/company expecting to "plunder" in their start-up period? Given that they don't list products and projects, they clearly don't plan to hire a group of experts before setting up shop. This infers that they will either shovel a lot of very fluid finincials in different directions at the drop of a dime; or serve up stock distributions with their sticker on them; or they plan to try to coerce the OS bug tracking and review process. In the latter case they probably have no idea about how little power random people have in coercing OS workers into individual agendas.
So far, my vote is, "no, we don't need you to come in and try to lubricate OS, it's working fine without your vision and you'll just give it a bad name once you finish fleecing your dupes."
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press
Fair hearings pah!
A major ethos of open source is anti-establishment. This 'consortium' is phishing, and mooting the creation of an O/S establishment. On that basis, since most of its target audience are very wary indeed (passim), it's a non-starter.
Ballony! Most FLOSS folks are kind gentle souls who want to see Microsnot get their tails wagged right off! Tf the OSC is out to rip that tail off in style they can count on a thumbs-up from me.
:-) hehehe.
I don't care for formal bullsh*t - just rip that sucker right off!
Anyone care to sign-up to help them?
Anything that comes out of the UK that mentions "standards" should be avoided like the plague.
x years down the line the "standards" will be backed up by legislation that says that enything that doesn't conform to the "standard" is now illegal. Should you do otherwise we'll have your kidneys, your first born, your home, your brain etc. etc.
Welcome to the UK. The largest floating prison system in Europe ("Conform or do time")
Sky subscribers are morons. They pay to be advertised at !
In a rational organization, the name means something because everyone knows that stuff from that company always rocks.
Debian is a good name and they have documentation to back up their processes. It should not be hard to turn that documentation into sound QC. The process already works and any rational organization should be able to point to it and say, "those guys who know what they are talking about says so, as you can see for yourself."
Software currently used has far less to offer. What kind of QC does M$ hold itself to? What do you get out of that besides a restrictive EULA that wastes your resources in a fruitless effort to avoid being sued by the BSA (essentially M$ suing their customers)?
The credibility is there, you just have to present it correctly. Good luck with it.
Friends don't help friends install M$ junk.
Friends don't help friends install M$ junk.
The whole point is that the organisation decides what quality standard(s) it is required to meet (for example under government regulations or industry standards), what extra measures it chooses to meet, and documents these and the processes involved. A system of documentating the outcomes of the processes plus internal audits, is overseen by external auditing that checks the organisation is doing what it has said needs to be done. That's ISO 9001.
You'll notice that the quality system is essentially self-managed.
Looking at space, radio, science and computing from a 'down-under' amateur enthusiast perspective.
It's pure vapor until enough early adopters buy into it.
Then it's extortion by unelected, unregulated authority.
"If you have ISO certification, you'll be better than everyone else" quickly turns to "If you're not ISO certified, you'll be perceived as a fly-by-night operation."
"Reality is that which, when you stop believing in it, it doesn't go away." - Philip K. Dick
Standards are required at the right parts in the process.
Yes:
What the OSC is talking about is process standards for those companies wishing to sell product based on open source offerings. Whether free software purists like it or not, buy/don't buy decision often consider the presence of a standards badge collection. If I am paying, for example, RedHat for a Linux distribution I would want reasonable assurance that any two boxes labelled RH9 are, in fact, the same in form, fit, and function. I would also like to be reassured that some level of testing of fitness for purpose has been done and that some level of support process exists. Without some form of quality system RedHat cannot guarantee this is the case. Debian's policy of package selection based on proven stability is an example of a quality-driving policy that already exists. Quality systems do not need to adhere to ISO9001, or any other international standard, but the benefits of doing so come because the customer can rely on an ISO9001 quality improvement process being in place without having to get into the specifics of each supplier's case. The customer is trusting the ISO9001 third-party auditing process to ensure the producer is adhering to their stated policy.
No:
Many of the posts in this discussion have focussed on what developers like to focus on---lines of code in flavour-of-the-month-language X. This focus misses the point of what OSC is addressing, but nonetheless makes valid points. To try and impose a full-blown international standard at this low coding level would, IMHO, be exceptionally unpopular. Developers typically only tolerate these things if they are being paid to. Given the distributed nature of this type of effort in the free software community, coding standards can be hard to enforce. Nevertheless, most large free software project do enforce a modicum of fairly unobjectionable code quality standards and accept/reject criterion. Such processes and policies would form a very small portion of an ISO9001 accreditation suite of policy and procedure.
Patent litigation: A doctrine of Mutually Assured Destruction... in which everyone seems willing to push the button
Folks you cannot tell an enterprise using your linix variant to go to some message board, blog, newsgroup etc for answers to their questions or problems.
Seriously, if a programmer can't even put forth the effort to make autoconf work on more than one platform, then they won't have the time to spend on "quality standards." I've seen professional programmers spout "best practices" out of their asses for a long time, and, when it comes time to produce something, they are just as fast and loose as anyone. The reason: talk is cheap. quality is very hard.
-- "Makes Little Debbie look like a pile of puke!" - Moe Szyslak
Comment removed based on user account deletion
You'll die in seven years.
if neatly defined standards were practiced many a beta tester would be out of work... being sloppy is only bad if it isn't caught and corrected by a different departement
Get your torrents...
And furthermore YES. I'm not running any cracked out M$ style code here, I got work to do not bugs to find.
ISO 9001 was initially billed as a 'quality' standard but the standard has evolved. This is my 'forte' (but not as it relates specifically to software). If any of you want to know more about ISO 9001, stop by Elsmar.com - There's a discussion forum full of ISO info. There is also the Tickit software certification. And there is a project management approach called CMM (Capability Maturity Model).
A lot of stuff on sourceforge does, like CDEX, Audacity, GAIM, and a lot more.
However, users that have only a basic knowledge of computers don't care and often don't have time to configure everything from a console. Grahical installation and configuration is limited with many Linux desktop environments, so that is an example of where open source software does not meet quality standards.
There are standards on Linux, but there are so many sets of standards that it's hard for new users to become accustomed to everything. For example, there are more than five different major windowing libraries/interfaces used in Linux, and that often alienates new users.
Don't get me wrong - I think highly of Linux, but in my opinion it has a way to come.
On the other hand, is there a special significance to "Pier 13?"
Yes. It's like ROT-13, except instead of being merely damp and mildewed, Pier 13 is all wet.
~REZ~ #43301. Who'd fake being me anyway?
My company has looked at Open Source alternatives for some technology. We are subject to stringent certification process for our aviatoin software. The quality of Open Source code (programming habits, style, algorithms), the comments, the organization, makes use of Open Source a no-go.
> Does Open Source Need Quality Standards?
yes.
class he-man extends man!
Look - what I like about open source is the quality that comes from peer review and years of incremental improvement. This idea of certifying open source packages is NOT A GOOD THING if you like to get your project seeded into corporations. If the certification exists doors may close to projects that are not QUALITY CERTIFIED(TM). It creates a barrier to entry for new projects and an unnecessary expense for FOSS development.
-- $G
From TFA: With Open Source software there are no licences to track and no legal risks.
Duh, of course there are licenses to track. A GNU GPL or BSD license is a license like any other. You have to accept what the license tells you in order to use or modify the software.
I do not moderate.
A few of the big Linux Companies have applied for the Common Criteria for IT Security Evaluation certifcation. If you want to use software in a lot of government agencies you need this certification. It is a pity that HP, IBM, Xandros and Canonical and companies like that don't get to gether to put Debian though the Common Criteria. Info on Common Criteria: http://csrc.nist.gov/cc/
"Flags are bits of colored cloth that governments use first to shrink-wrap people's brains..."
In the interest of balance I would like to point out that Microsoft alleges they were not allowed to speak at the FLOSSPOLS conference. I think that was a tactical mistake - they should have been first to speak. The rest of the conference would have disproved any creative interpretation of the facts.
It would have added a lot of power to the proceedings.
Insert
The question of whether this is useful or even wanted in the UK also remains to be answered.
The OSC coming to the States? Where does it say that on the site? I couldn't find it.
"Hype-filled" about us section? Read it again:
"The Open Source Consortium has been formed to represent the Open Source business community in the UK.
"We are a not-for-profit organisation which guarantees the quality of open source deployments in the public sector by setting professional standards and bonding its members."
Crikey, bring on the dancing girls!
http://www.lx-office.org/ (auf Deutsch)
The world has changed and we all have become metal men.
Oh Whoopee! They are using ISO 9001 as their compliance standard. Great :-(. What ISO 9001 means, in a nutshell, is that you right your own quality standard and the compliance people come around to see if you adhere to it. Wonderful.
Lets try:
"Our quality standard is that we just code ad-hoc".
Thats not a hard one to adhere to is it? Not much use as a quality standard, but easy to assess if you live up to it.
As someone that has been through the BS5750 and ISO9001 standard accreditation schemes several times and also worked with excellent organisations that deliberately don't encumber themselves with ISO9001, I'd got with the latter. ISO9001 says nothing about the quality of the quality system and a lot about the ability to pass tests that you self-selected. In short, its worthless to those that know the difference but keeeps the management people that know nothing about developing software happy.
If you want a quality system, put one in place, but don't rely on box ticking ISO9001 standards to provide one for you.
Some OSS Projects like LAMP (Linux, Apache, MySQL, Perl/Python) have high quality but there are countless other OSS projects that are very poor quality. It is difficult for companies to pick and choose what OSS will work and can spend a lot of time trying to get a program to work only to realize that it doesn't work the way they say it does. Also A lot of OSS projects are always in Beta and they don't know if it is a stable Beta (Like in the OSS project Jed, where the developer is just afraid to state that his product is problem free) or it is actually in Beta and there are a lot of bugs in the product. If there was a method of QA to a product and they can just check the QA website to verify that this project up to these versions meet the QA standards then the customer knows that it at least matches a minimum standard.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
... since such principles can be applied more generally than standards. Admittedly, they can't be as easily verified, but they can help to create a culture of quality.
:)
Back in the NeXTSTEP days, the API documentation was fanatically good, and several companies that transitioned from NeXTSTEP to Java applied this level of API documentation quality to JavaDoc comments, complete with overviews, TOC's, footnotes, usage-guides, etc. linked together with the JavaDoc shell. This was a kind of quality that was based on a culture, which held up a principle of documenting useful APIs well and usefully. It was spontaneous, and not part of any formal standard, but it really helped. (Not all companies, mind you...
What could some of these principles be? Things like:
- Adequately document public APIs
- Commit to removing irrelevant and obsolete code
- Commit to finding and fixing certain kinds of errors before adding new features (buffer overflows, malloc errors, retain cycles, etc.)
- Commit to making software usable by non-geeks, if the software target audience is non-geek.
- .
i - This sig provided by
I don't know how much policing goes on in the world to make sure that companies who award Quality certifications are legit, but I am guessing there isn't much. If *I* were an unscrupulous businessman, I think I might start a Quality Certification company in India.
I am not saying that those companies don't have valid quality certifications. I am saying that you shouldn't believe anything like that on face value, regardless of where the company is located.
My beliefs do not require that you agree with them.
It would be nice if any software (Open Source or not) could have its quality meaningfully metricized (and published). This would put a little bit more "rational and informed" into the customers, and lead to better products. Perhaps it could even help slow the race to the bottom.
'A major ethos of open source is anti-establishment' How can it be 'anti-establishment' when it is moving into the establishment and changing it? Its more to do with writing better software than closed source. Simple!
It Seems I've developed an aversion to proprietary software