Slashdot Mirror
Does Open Source Need Quality Standards?
underpar writes "This Techworld.com article reports that a UK group called the Open Source Consortium is being officially launched today. The article further states that the goal of the group is to respond to claims that switching to open source is more expensive than using Microsoft products and to help smaller companies compete with Sun and IBM for open source contracts. They say they will not compete with other open source groups and they intend to eventually come to the US. The hype-filled about us section of their site says their Quality Standard Certification provides a "simple framework for self-assessment and performance improvement." The question of whether this is useful or even wanted in the US still remains to be answered."
Some open source projects do (carrier grade linux; linux in medical devices).
Others don't (screen savers, C# clones(to match MSFT's Quality Standards), etc)
Just because Linux is under the GPL which is an OSI aproved license does not mean that anything that has to do with open source has to be about linux.
I like the dedication to quality evidenced in their About Us page:
We are a not-for-profit organisation which guarantees the the quality of open source deployments in the public sector (emphasis mine)
"Truth is not decided by majority vote" consensus gentium -- Norman Geisler
Short answer is YES, almost everything needs a certain level of quality standards for widespread use. Even MS has its own quality standards :)
However, who is to set these standards and who is to govern them is another question.
I have a subtle feeling that Open Source = Freedom, that's probably why we see so many forks and distros because "I would have done this that way, and I could".
So what is to stop a "US Open Source Consortium" being officially launched tomorrow because another group of developers have different idea on Open Source's quality standards?
Can Linus the most influential man gives a single, authoritative guideline?
Rock that crushes, Paper & Scissors that don't matter.
Be careful what you wish for.
Something "free" or "cheap" might be so for a reason.
I still say best open source is that tied to proprietary hardware then you really cash in.
As for la-dee-dah software, operating systems, etc, I stay away from those.
More to the point, isn't ISO 9001 one of those standards where you prove your ``quality'' by committing to following a process, and documenting that you do indeed follow that process? The inevitable result is that you can commit to shooting your customer in the foot, and document that you have done so, and earn the highest ``quality'' rating for it. That sort of ``quality'' isn't very reassuring.
See what I've been reading.
If you have had Six Sigma traning, then you are definitely baffled about what it is.
--- Ban humanity.
Is that where they test Linux by throwing it in the ocean? Much like testing Windows by defenestrating it?
I think we all agree that a business world based on OpenSource would be preferable to a Windows-centric system. To achieve this, high-quality-business solutions have to be written and found. I am running my own business and am using Linux on 5 machines. There is some old Mac, but I do not really use it anymore. To please the Finanzamt (the german IRS), you have to file reports, do some accounting etc. This has proven very difficult for me when I tried it with OpenOffice. So I searched for business software, e.g. accounting suits, ERP and CRM-Software. I tried for over 2 months and have compiled about 100 different approaches - but all of them were either abandoned, not scaleable to other countries needs (I cannot use spanish tax forms) or they simply didn't work the way they where supposed to do (I even had an KDE program that was published with internal static linking to the programmers home directory!). I finally settled with lxoffice (http://www.lxoffice.org), which is fairly scaleable and where 95% of the system works, but it was a hard fight. While I am accepting such situations as a hobbyist, as a business owner that's lots of time I am not paid for. Quality control could help in such situations, helping users choose reliable software. And yes, I'd be willing to pay for it.
Screw the FSM - Real geeks believe in the Invisible Pink Unicorn
"Who is this 'We,' paleface?"
... MR. SUBARU!
:)
Lots of people are quick to say that someone else's work "needs" something. My car needs its cupholder in a sane spot, instead of so it just about blocks the radio buttons. It's true, but that's not exactly a demand on the car maker. Just a hint
Sometimes it's hypothetical and prescriptive; "Red Hat needs to compete in the market X, so it needs to advertise in trade publication Z and add the de-pre-mux-defrobnostication patch that this special niche requires." Fine
Other times, the "need" is expressed as an imperative, when the speaker has no standing to demand anything ("The GIMP interface needs to change!") etc, or (as in the headline here) where there is no single Thing to change. "Open Source" covers a huge range; it's like "Things that have the letter R." It's true that some of these things (like Catherine Zeta Jones) are beautiful, but it it does not follow that all things with "R" better our existence in quite the same way.
It's perfectly nice and positive and welcome etc that someone has decided to promulgate what they consider higher standards of quality for "Open Source" -- as long as everyone realizes that only a certain subset of open source software can be scrutinized by any given such body, that developers may have their own ideas (even if they are not universally popular, and even if they have no intention of following someone else's ideas of UI perfection), that open source's great advantage in this context is that UIs are a) frequently separate from the underlying code and b) forkable.
timothy
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5
F/OSS needs more unified standards first! (like for packages).
Certain versions of embedded and server Linux had already passed the Telecom Carrier Grade Reliability Test. Carrier Grade Linux is 99.999% Reliable. Any Window is NOT Telecom Carrier Grade Reliable. Microsoft won't even try because it will fail.
I can imagine an organized group like this, though, would be excellent at answering issues like corporate generated FUD in an organized and coherent way. That's our big problem, we lack representation (not counting eccentric geniuses with big ZZ top beards).
Luck favors the prepared, darling.
SQA is essentially one of the most important aspects in software engineering. Depending on the nature of a software, open source or not, SQA is definitely a must and key to developing software that meets the needs of the intended end-users without sacrifycing quality. What's the point of having a software that has fancy features of this and that and yet crashes every now and then?
SQA helps to validate the software whether it is developed up to certain acceptable standards like whether it's functioning the way it supposed to, does it go berserk and stop functioning after the user keys in certain kind of data, etc.
Just because a software is open source and free, I see no reason why the quality should be compromised especially the operating systems, office productivity and development tools.
And so I really feel this Quality Standard Certification is needed, I mean just look at the numbers of governments and organizations is using Windows OS despite it's many flaws compared to the number of Linux OS adoption. The reasoning for this that "Linux is harder to use" is lame - it's obviously because of it's reputation and that Microsoft gave "quality assurance" to their product. What about Linux? Is there concrete proof that Linux is better that will convinced the government and the organization that it is a better OS?
Not only an overgenralisation, it is a redundant idea to boot. OSDL already provides a lot of the stuff they publicly talk about - code quality etc. The real purpose of the organisation comes to light when you read deeper into the site.
You need to be skilled in their "consulting framework" and you need to conform to some "financial framework" as well. Their membership criteria are mysterious (hint, you probably need to be a member of their club of buddies) and some of the organisations that are members (and knowing those organisations intimately, they probably are the drivers behind this thing as well) are decidedly dodgy - Open Forum Europe has publicly spoken as "Open Source Representatives" and as such, have signed a declaration supporting software patents. Looks to me like just another group of people trying to corner a market. Anyone remember the Open Group, and the "good" they did for UNIX? (another hint - a lot of the same people are involved)
This is so much the wrong crowd to hang out with....
People who think they know everything are a great annoyance to those of us who do.
Good to see "Dumb overgeneralization" modded to +5 right off the bat. Other replies in this thread also deserve "insightful" moderation.
Software should be held to whatever quality standards the customer requires, regardless of it's proprietary or open development process.
For products where quality IS important, published documentation, including source, code-change-history, published test-cases and results of running those tests cases, etc. can help ensure quality. Commercial outfits typically rely on outside auditors or "trust us" to show that they probably ship quality code. At best, they publish their test cases and the results of those tests. If we are really lucky, a few outsiders have reviewed the code and pronounced it good.
For projects where quality isn't important, well, nobody cares but the authors.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Don't know much about Quality, do you?
I'll speak of these things in general, since they are essentially the same types of certifications (ISO, CMM, etc). If your customer agrees to be shot in the foot, and you shoot him in the foot, then the quality of that release is right on the money. One of the things that people miss (or fake) when implementing these processes is that they try to cut corners and fake-out the process. These certifications usually require that you get customer commitment to process changes. That means you keep your customer in the loop of communication. Therefore, you get them to agree to things and hold them to it. Customers don't usually like that, they love to wiggle and worm their way around commitments. But if you follow these processes, you can get them to document their commitment. They aren't very happy when they are called on the fact that they get exactly what they asked for, but in the end the point is to make them happy by getting them to ask for what they really want.
Everyone loves to put down things like the CMM and Six Sigma, because they "don't work". Just because you worked somewhere where it didn't work doesn't mean the models don't work, it means you didn't do them very well. And they aren't easy to do well, they take effort. Most places will cut corners and fake the behavior that they think will let them slide by to get a certification, then they will usually go right back to doing what they want. There is a difference to "getting to certification level X" and "operating at certification level X".
And the real definition of quality is the delta between what the customer expects and what is delivered.
My beliefs do not require that you agree with them.
I'll give you that, but for every binary decision, you're going to piss off roughly half the people.
:)
There are security analysts who do spend time looking at the kernel, but it's a big job. As with most of these projects, they usually start becomes someone pays a security company to spend millions auditing it (ie: a government wanting to use it for sensitive data or voting machines). If only we could get every linux user to do one line of code *smirk*
BTW: FHS is an attempt at getting some standardization.
You mention 'designed for linux' and 'interoperability' which I think are tough ones. The big difference I find between Linux OS and Windows OS is that one company merges the GUI, kernel, drivers, shared libraries of 3rd party applications (DLLs), and (sadly) web browser into one. Linux, while having folks like RedHat producing distros, has no consistancy.
Now of course, I'm not saying anything you (or anyone on Slashdot) doesn't already know. But the key factor is that I can make my new audio board 'designed for linux 2.6', but the actual installation is different on every system. Some want a kernel compile, some store modules in one place, others will scream that the kernel is tainted when you load them. So how can one ensure that their board will work properly (and easily)?
There are a few attempts at standardizing hardware (as you mention linux hardware). The most popular thus far is DKMS: DKMS stands for Dynamic Kernel Module Support. It is designed to create a framework where kernel dependent module source can reside so that it is very easy to rebuild modules as you upgrade kernels. This will allow Linux vendors to provide driver drops without having to wait for new kernel releases while also taking out the guesswork for customers attempting to recompile modules for new kernels.
See http://linux.dell.com/dkms/ for more information.
when you see the word 'Linux', drink!