So, we make it a nicely-formatted XML text file, obviously. Each user should be able to access only their portion of the file.
This would require a bunch of new software and a config daemon running all the time. This daemon would be an additional single point of failure or possible attack vector. It would also eliminate the possibility of manual repair should something go completely awry.
The Elektra folks already though about the whole XML approach and they've described quite nicely why it isn't such a great idea. Using standard Unix filesystems are a much better way to do everything you're talking about, but without requiring a huge collection of new tools and techniques. Please read the Elektra website mentioned in the original article for more! It really is an ingenious, yet DUH-obvious solution.
Congrats! Great minds indeed think alike. You've just re-invented Elektra. Read the original article. (-: Seriously! Go read it! You'll laugh at how similar Elektra is.
The only exception is that it might be nice to have XML metadata throughout the hierarchy for optional type-checking, etc. by automated tools.
Testing gets lots of security updates, from both security.debian.org and through the extremely rapid propagation of "normal" upgrades that packages get.
Yes, testing/unstable gets security updates, but they are not a priority. Priority as in "people are using this in production.. they need immediate fixes." Remember the recent uselib local-root Linux kernel bug? As far as I can tell, it was months before this was patched in testing/unstable kernel images. Or if it was, it sure wasn't communicated properly.
I see no reason why web technologies are a special case.
They're not a special case. They're just a case where the need is common among all users. This, of course, is the whole premise of the Internet -- the power of everyone using the same protocols and standards. But it depends on what you classify as "web technologies" I guess -- whether you're talking about "world wide web" or "anything that talks HTTP."
Why are you supporting a music store (iTunes) which that puts DRM on every song they sell? I would imagine that, if you really did not like DRM, you would do everything in your power to discourage its use.
Maybe because there's no feasible alternative at the moment? Maybe because he likes some artists who only distribute on iTMS? Maybe because he wants to play the AAC files he legally obtained on his Linux workstation?
Do you think that Apple's restrictions are really that ridiculous?
Who owns your computer? You or Apple? What right do they or anyone else have to tell you what you're allowed to do with your own personal property? I'm not talking about P2P or anything outside of your own computer. I'm talking about what you do with your personal physical property in the privacy of your home.
2) In addition, you're liable to hurt us people who don't mind the DRM, and in fact appreciate Apple's service, because cracking the encryption will more likely than not cause the RIAA to demand greater restrictions in the future.
DRM doesn't work and there is no way that it even theoretically can work. By necessity, DRM is the equivalent of placing your key under the doormat and expecting that nobody will use it without asking first. So what if the RIAA demands "stronger" DRM schemes than what Apple has implemented. It will only drive away customers. People like you will wake up and begin to care, perhaps. Which is really fine, because we don't need the RIAA anymore anyhow. Ever consider the fact that many iTMS artists are not RIAA member signed?
And incidentally, this does not appear to be a case of any encryption being cracked. In fact, it may not even be considered illegal, even under the bogus DMCA, because the data is merely being intercepted *before* DRM is applied to it. And it's not some form of wiretap because it's your own computer. But IANAL so don't base anything upon that speculation.
You play it off as if fighting DRM is some great act of civil disobiedence which will liberate us all from some fantasy corporate-controlled nightmare world.
If corporations are trying to define what you can legally do with your own personal property, then yes, there is reason to be concerned. And it is not a fantasy that abusive corporate control of the music industry has been detrimental to everyone minus the big-wig execs and a handful of top artists who managed to wrangle the system.
You have to realize that you're in a small minority, and you have to respect the rights of others who don't hold the same views.
Minority? Hardly. Maybe minority among Apple fanboys, but not among the majority of the population. Do you realize why MP3 is so popular? It's not because it's technically the best. It's because it is completely open. The free market has decided that most people don't like DRM. BTW, what "rights" is the original poster disrespecting of people who don't agree with him?
Windows domains offer end-to-end managed software rollouts through group policies. Linux has absolutely nothing of the sort.
You're making an apples to oranges comparison here. Linux/*nix OS'es don't use the same management techniques as Windows domains. That doesn't mean there's no way to do managed software rollouts. In my experience, it can be far easier and less convoluted with a proper setup. It's hard to beat the ability to store everything on network filesystems. You can do your updates whether workstations are turned on or not. And none of that "rebooting" nonsense. (:
That is excellent news. All the more reason to support the project in any way you can to help make the June release date possible.
In the meantime, it would be nice if there was some feature added to FF 1.0.x that would at least allow a local centralized update repository. This wouldn't help with large installations, but it would at least allow easier admin for small offices / workgroups while we wait for 1.1.
You can't implement a standard fully when it isn't self-consistent.
But you can implement all the parts that are fully accepted and are no longer considered in any way ambiguous by the development community. MS hasn't done that with IE6 and apparently doesn't intend to do so with IE7 either. And there's no excuse. What? It'd be a waste of extremely limited MS resources? Uh.. don't think so..
From the w3c website: "But most of all CSS 2.1 represents a "snapshot" of CSS usage: it consists of all CSS features that are implemented interoperably at the date of publication of the Recommendation." And there you have it.. IE7 could easily aim to implement CSS 2.1 as all the other browsers have.
The problem is self-perpetuating. If you take the attitude of not starting on implementing a standard until it's finish, then you're providing no feedback to the standards process.
Standards should codify, and in some cases invent, ways to properly meet common needs recognized through existing practice. Practice shows where standards are needed. The commonality of the need determines whether a standard should be pursued before or after attempts to meet that need. In the case of web technologies, standards should always come before.
The telecom industry has a long history of coming up with dozens of partially or completely incompatible standards for new technology. Eventually it gets bad enough that some regulatory body or industry consortium has to step in and declare one design "the standard," but not until after much politics and endless committees.
It is almost always better to agree on a standard before beginning implementation. Any inconsistencies and ambiguities are much easier to reconcile when everyone is at least on the same page.
Avalon is supposedly one of three "pillars" of Longhorn according to MS literature. Presumably this name encompasses the other related components so it can be used generically. If that's not the case, they need to work on the clarity of their marketing materials. Regardless, I am aware of the internal distinctions of what each component does. But that doesn't change my original stated opinion -- that Longhorn /.NET in reality is going to be about WS-enabled heavyweight client-sided applications that only run on Windows. Duh.. I mean.. if it was anything else, MS would be giving up their monopoly! They don't want a world full of web-standards driven applications where Desktop and Server platforms don't matter anymore.
The rest of you that are aware and capable of making upgrades, should do so of course.
Of course, the problem is that the FF/TB upgrade mechanism is absolutely awful. There's no easy way to roll out the FF/TB duo on a Windows network. Worse, even for stand-alone use, the upgrade process just installs a new copy over top of the old. (redundant add/remove program item, desktop icons, and all!) As a reluctant part-time Windows admin, I can say with pretty good confidence that this is the one thing holding Firefox back from widespread use in businesses.
Firefox team, please wake up and listen! An official method for centralized roll-out on Windows networks is an absolute must if you want to make a dent in IE usage in the business / corporate world.
Thank goodness the other half of my work is Linux, where FF upgrades are as simple as "apt-get install mozilla-firefox"
Linux has three role-based security mechanisms and mandatory access controls (SE-Linux is just the one included), three ACL mechanisms (Trustees, POSIX ACLs and SGI's XFS security mechanisms), an EAL4 rating with an EAL5 possibly underway, USB or dongle system locking, support for cryptographic and "trusted" hardware, support for IPSec, a very impressive packet filtering system (layers 2, 3 and 7), capabilities and that's just the kernel. If you want to include the rest of the system, you've stack guards, SSL/TLS, Kerberos 5, rootkit detectors, binary modification detectors, TCP wrappers, bayesian intrusion detection systems, root jails, virtualization (which allows you to compartmentalize, and therefore can be used for security), MD5 passwords for the shadow suite, one-time password systems, public key encryption and a host of validation & security auditing tools (TARA, SARA, NMap, Nessus, BASS, etc)
It is a terrible shame that "best practice" implementation of these wonderful security tools is not commonplace in today's popular free Linux distros. Debian and Fedora.. that means you! (: But seriously.. we now have the tools available to create nearly uncrackable machines. (ie. the point where physical security becomes the only significant remaining concern because it's far easier to break in and steal the box.. but you did use a crypto FS right?) Anyhow, we need to put these tools to use ASAP. It's good for Linux. It's good for Internet users at large.
Now if only we could devise a means to create nearly uncrackable users.. hmm..
frameworks.. sandboxing.. scrapping legacy API's.. documented code.. interoperability.. So basically, what you're saying is that MS has finally realized that the Java folks had it right all along. (:
Fortunately, they're doing everything clean this time with XML and SOAP
Truly distributed applications using XML/SOAP for RPC tend to be horribly slow. The development community has largely rejected distributed architectures because they simply aren't the right tools for the job in most cases. What's left is basically "B2B" functionality.. but this is readily available via Web Services today using Java. IMO, the future belongs to more heavily server-sided applications (think rich-web, standards compliance, etc.) due to reduced administrative costs and simplified security. The ultimate would be, for instance, a bunch of diskless Linux workstations with little more than a highly evolved web browser. Sure, XML in one form or fashion will be used to communicate between heavy servers and thin rich-web clients, but that doesn't make the applications distributed. And it sure doesn't require a whole bunch of complicated RPC and DCOM layers running on top of a heavyweight client-side framework that is interwoven all through your desktop shell. Indeed, MS would like the "PC desktop" to remain relevant even though the industry is now trying to pull in the opposite direction. In the end, we have this super-complex framework that basically talks XML and produces a shiny native Windows-only interface (Avalon.. which got most of its ideas from XUL). I'll stick with Java, Linux, and Mozilla for now, thanks.
Though I am a more or less a Linux pro, my experiences with desktop deployments are similar to your own. From an administrative perspective, the biggest need today is a quality web/GUI admin tool that takes the work out of combining all the great Open Source "raw materials" into workable solutions. (Whether that's a firewall, mail server, file server, etc.) Webmin doesn't cut it. It's just a front end to editing config files -- usually after all the hard work has already been done. We need a tool that is smart enough to aid in integration. (ex. rigging up LDAP + Kerberos + NFS + Samba) We also need to switch to Elektra style configuration in place of the traditional/etc structure. (this is a precursor to making quality admin tools feasible..) And did I mention this wonderful GUI admin tool must be Open Source? None of this "widget frosting" proprietary specialized Linux distro nonsense that costs as much as going with Windows.
From the user perspective, lack of features / polish in OpenOffice is the biggest problem. 2.0 will be a significant step forward, but the project desperately needs more resources. All it would take is a few big corporate sponsors and we could all kiss MS Office goodbye. (and Windows, which would quickly follow) As for Gimp and the rest, you've gotta realize that most people don't even know how to use Photoshop because they can't afford it. Both programs are pretty confusing to beginners and both are confusing to users familiar with only one or the other. (it goes both ways)
Windows hardware detection a dream? Umm.. lemme think.. no.
No so fast. IE7 still won't be standards-compliant. That won't matter to most end-users, of course, but it matters to me as a web developer.
Yes. This is why it's extremely important that FF continue to offer something that users can't get with IE7. There are countless stories of websites being re-designed to be more standards compliant since FF began to rise in popularity. Users complained about breakage and companies were forced to respond to the demand. Up to this point, tabbed browsing and reduced spyware risk were the primary reasons for casual users to use FF. Now we need something else to lure them. (well.. assuming the security of IE7 is actually improved) May I humbly suggest some innovations in the way bookmarks and history are handled? How about a bookmark start page like Galeon's but not ugly and disheveled? Maybe even create a portal-like start page. Or what ideas can we borrow from Opera?
So the question becomes, who will bother supporting non-mainstream hardware? They are still functional machines for me...
You do realize that you could probably replace every one of those old machines with one $350 modern x86 box, right? Unless you've made some sort of fulfilling hobby out of antique computers, there is no question that it's a waste of your time to maintain that old hardware. Yeah.. it's kinda neat that some old hardware just won't die, but in the grand scheme of things, Debian volunteer resources are better used for things that really matter.
Hopefully, they're liberal about the patent and will let noncommercial nonresearch applications use the algorithm.
Supposedly it's free for "non-commercial" use. But that eliminates most OSS licenses in the US. It's really disgusting that universities try to patent their research today. Whatever happened to science and mathematics for the greater good? Whatever happened to the notion that tuition money went partly to patronize the furthering of the arts and sciences through research? Students might as well send their tuition directly to corporate R&D labs.
Otherwise, we would have to wait for the really interesting software to come out.
Or find ways around this stupid patent.. After all, the patent most likely applies to a set of algorithms that make up the desired result. Some may not be necessary in common use. Some may be substituted for manual intervention. Others may be re-invented using the same concepts but improved techniques.
I can understand that not everyone has the same "lets band together and change the world" zeal and I'm not saying this is a requirement for OSS developers or anything like that. On the other hand, there is much at stake for everyone involved. Lets put it this way: all of our lives would be better if OSS dominated the industry. It would make our day jobs much more enjoyable. Even from a purely selfish perspective, I would pursue user-focused OSS for this reason. I don't want OSS to just be an intellectual hobby that I pursue in relative isolation from the "real world" of computing. I want to do this stuff for a living because I enjoy it more. Regardless of politics, I think this is a common desire that we can all agree upon. If we can agree, then I think that we need to use this as impetus to broaden our horizons and think strategically about how we can cause OSS to dominate, not just provide a niche alternative.
The last thing they want is for that source of new, purchasable ideas to dry up.... Therefore, they want to cultivate a market in which these startups are happening, which means dispelling the cloud of patent litigation that is currently suppressing new ideas.
You might be partly on track but it's probably more insidious than that. The article mentions that they want all companies to have access to patenting, including small companies. Now think about it.. who exactly would this hurt? Remember, we're talking about software patents here.. not true inventions. Big companies can buy small ones, patents and all, so it doesn't matter to them. And they're aggressively lobbying for software patents in Europe, so this is not them coming to their senses. No, this "equalization" and "reform" nonsense is aimed squarely at the Open Source movement. They want to create a world where effectively all software must be sold because inevitably you'll owe somebody patents royalties, however small.
At the same time, sure, they're probably against the most obvious abuses and want this to be reformed. But they are not coming out and saying "we're now against software patents." It's more like "we want everybody in our industry to have patents available to them for whenever they come up with an idea that is slightly innovative.... so that Open Source people can't use that idea."
Folks, it's time to nip this in the bud. All software patents are bad -- even in the rare case of a truly new idea. Software patents always stiffle innovation and more importantly limit intellectual freedom. It's time to get really politically active about this in the US before it gets worse.
And here's another idea: We need an Anti-Software-Patent database. A place for people to publically share every last innovative software-related idea that enters their minds to nullify its ability to be patented later by some company of any size that thinks they're hot stuff and entitled to money for nothing. If companies like MS want to astro-turf the industry with patents, we can fight back by astro-turfing with prior art faster (and for free! all you have to do is share the idea publically!)
As an Open Source developer myself, I hold the following philosophy when it comes to the use of my free time: "Because I am sacrificing a great deal of my time, I must evaluate its use. My time is highly valuable and I could be readily making money instead. If I'm going to freely spend some of this time for OSS, it should be spent in a way that helps the most people. After all, if I didn't care, I would just run Windows and stick with my day job -- that's the easy way out. Instead I desire to help people and advance technological freedom in our society by providing superior alternatives to proprietary software. The only way for this to happen is for me to listen to what my users want and weigh this heavily in my decision making. Sometimes they are flat wrong. Other times their ideas are brilliant. Regardless, if I don't listen, I will not produce quality software because it will only meet my own needs and/or the inaccurate perceived needs of my userbase. If I do listen to my users, my project will someday be popular enough that I can make money through support and paid enhancements. I don't wish to become rich, but I would like to make a living while doing what I love. If I could work full time on OSS, it would be beneficial to my userbase. My ultimate dream is to see OSS dominate computing for the benefit of all -- even those who today are the enemies of our ideals. Everyone in the OSS community must play their part, do their best, hold the right attitudes, and keep the big picture in mind."
For me, there always has to be a balance. Gaining more users is almost always more important than trying something new and whacky that may or may not work out. If I'm going to try something new, it should be a user-selectable option. The old should remain the default until the new is readily accepted. Flexibility is more important than the threat of bloat, but proper design takes care of both.
Those who aren't willing to CONTRIBUTE to an Open Source/Free Software project are not entitled to an opinion. But those who do not write code can still contribute. They can test and report bugs, write documentation, maintain infrastructure, help work the mailing lists and answer the easy questions to free up the devels time, contribute storage & bandwidth, cash, etc.
If you'd read her editorials, you would have noticed that she does most of those things you just listed as contribution. And not only that but the suggestion you made at the beginning was precisely what she was trying to do -- talk to users, learn where they suffer, and be an interface between end users and devels. She was trying to do some "marketing" to help out a project she likes and wants to see improve for the benefit of all.
Now, I don't know anything about this woman's past commentary or interaction with developers, but regardless, she does make some valid points in her editorial that need to be heeded (minus a few overly harsh criticisms..) Unfortunately, Slashdot editors had to give this article an inflamatory headline, so everyone immediately went into this discussion as a flamewar and, as usual, didn't read the original content.
One of her paragraphs sums up her overall point best and is worth reading whether or not you go back and read the whole article:
[snip] What I like to see, is some market research. Approach all kinds of users, put their gripes in line, make a note of their features they really need and evaluate them. Then, create a project plan and distribute the tasks that need to be done to your developers and make sure they deliver what they must deliver. People will say "that's not how OSS works", but as a user, I don't really care how OSS works. I care about using software that's been properly developed taking users into account rather than purely developers' needs. Be careful: I am not asking the OSS developers to implement every little thing that's asked out there, I am asking them to simply take users into account and get an idea of what the whole of their userbase needs. Extracting useful information from the mass will be difficult, but it is achievable if the right resources & infrastructure are into place. [/snip]
Now what, precisely, is so horribly wrong with this proposal, fellow Slashdotters? This is how large Open Source projects should be run. Users absolutely must be the focus. Her idea of setting up an infrastructure to allow masses of ordinary users to produce feedback is an excellent idea. And no, this is not covered by existing Bugzilla because it requires registration and too much knowledge and formality.
As an Open Source developer myself, I hold the following philosophy when it comes to the use of my free time: "Because I am sacrificing a great deal of my time, I must evaluate its use. My time is highly valuable and I could be readily making money instead. If I'm going to freely spend some of this time for OSS, it should be spent in a way that helps the most people. After all, if I didn't care, I would just run Windows and stick with my day job -- that's the easy way out. Instead I desire to help people and advance technological freedom in our society by providing superior alternatives to proprietary software. The only way for this to happen is for me to listen to what my users want and weigh this heavily in my decision making. Sometimes they are flat wrong. Other times their ideas are brilliant. Regardless, if I don't listen, I will not produce quality software because it will only meet my own needs and/or the inaccurate perceived needs of my userbase. If I do listen to my users, my project will someday be popular enough that I can make money through support and paid enhancements. I don't wish to become rich, but I would like to make a living while doing what I love. If I could work full time on OSS, it would be beneficial to my userbase. My ultimate dream is to see OSS dominate computing for the benefit of all -- even those who today are the enemies of our ideals. Everyone in the OSS community must play their part, do their best, hold the right attitudes, and keep the big picture in mind."
And then she goes on to rant how Open Source developers need to cater to their users if open source is to 'succeed.'
Open Source projects need to cater to users if they are to succeed beyond a small group of developers and enthusiasts. There's nothing wrong with saying this because OSS history has proven it time and time again. I'm not saying that all projects must cater to all users. Furthermore, I'm not saying that all user demands are valid. However, diligent research into common, legitimate user demands will, in fact, make a project more popular. This benefits everyone since popularity usually also translates into more developers and ideally some sort of funding.
So, apparently Eugenia doesn't really understand how Open Source software development works. It's not a Leia^H^H^H^Hcommittee.
There's no one way that "OSS development works." Some projects are, in fact, run by an efficient committee and it works out well for them. Others completely lack centralized leadership. There are pros and cons to both. I'm not sure what the "Leia" reference was.. I hope that's not a jab at her gender. If anything, women should be offered more technical coordinator and user-liaison roles in OSS projects because these fit their well with their natural strengths. (Yes, I know there are good women programmers too. The point is that women are often superior to men in dealing with a flood of information and personal interactions.)
All work is voluntary, which means, as the Gnome devel team pointed out, the only work that gets done is work the devel team feels like working on.
All work does not need to be voluntary. If users care enough, they can raise money to pay the developers to add whatever features they want. Commercialization, not pure volunteerism, is the future of OSS. I'm not talking about huge companies or struggles for control; I'm talking about an efficient exchange between users and developers -- both intellectually and financially. Developers need to realize that the best way to take their projects to the next level is to begin commercializing them -- to treat their hobby partly as a small business. The day when most developers are being paid to write OSS full time is the day when the Open Source movement can be declared a complete success. It is my concern that too many projects today function as small island economies. Nobody has questioned the ability of impassioned developers to meet their own needs. The question is whether their passion and creative resource can be effectively used to transform a world in dire need. We, Open Source community at large, need to broaden our horizons.
..but better managment of the update system is something that is more pressing and is having a negative impact on users today.
I don't think the FF developers spent much time thinking about real-world deployment on Windows networks. This is an awful shame because it's the only reason why FF adoption has slowed. You can't embrace and extend a platform if you don't fully understand the platform. The initial adoption surge was primarily home users and enthusiasts -- for whom is acceptable to assume manual download of the installer and manual updates as needed. For businesses running Windows networks, this is entirely unacceptable. Initial deployments *and* updates need to be centralized. You can't expect users to take care of updating themselves. (Not to mention the bandwidth issues for both Mozilla servers and individual businesses!)
The FF team needs to assign someone to be an official "corporate deployment issues" coordinator. They need to produce their own MSIs and/or push-update client coupled with proper documentation for admins. For smaller / less sophisticated networks, they need to produce a tool that at least centralizes updates locally. It could be very simple -- such as the ability tell FF to look for and auto-install updates found in some network path instead of from the net and without any user intervention.
But if his point was that enterprise business software is a different market than shrinkware, I agree with it although it was off-topic apparently.
The OSS-driven business model varies depending on which market you're going after. With enterprise business software, the model is not much different than non-OSS. In either case you're selling a solution (support, training, any licensing, sometimes hardware) and dealing with contracts. With software intended to replace popular shrinkware, a completely different business model is needed. Not off-topic.. just making a distinction.
Slashdot Mirror
So, we make it a nicely-formatted XML text file, obviously. Each user should be able to access only their portion of the file.
This would require a bunch of new software and a config daemon running all the time. This daemon would be an additional single point of failure or possible attack vector. It would also eliminate the possibility of manual repair should something go completely awry.
The Elektra folks already though about the whole XML approach and they've described quite nicely why it isn't such a great idea. Using standard Unix filesystems are a much better way to do everything you're talking about, but without requiring a huge collection of new tools and techniques. Please read the Elektra website mentioned in the original article for more! It really is an ingenious, yet DUH-obvious solution.
Why reinvent the wheel?
Congrats! Great minds indeed think alike. You've just re-invented Elektra. Read the original article. (-: Seriously! Go read it! You'll laugh at how similar Elektra is.
The only exception is that it might be nice to have XML metadata throughout the hierarchy for optional type-checking, etc. by automated tools.
Testing gets lots of security updates, from both security.debian.org and through the extremely rapid propagation of "normal" upgrades that packages get.
Yes, testing/unstable gets security updates, but they are not a priority. Priority as in "people are using this in production.. they need immediate fixes." Remember the recent uselib local-root Linux kernel bug? As far as I can tell, it was months before this was patched in testing/unstable kernel images. Or if it was, it sure wasn't communicated properly.
I see no reason why web technologies are a special case.
They're not a special case. They're just a case where the need is common among all users. This, of course, is the whole premise of the Internet -- the power of everyone using the same protocols and standards. But it depends on what you classify as "web technologies" I guess -- whether you're talking about "world wide web" or "anything that talks HTTP."
Why are you supporting a music store (iTunes) which that puts DRM on every song they sell? I would imagine that, if you really did not like DRM, you would do everything in your power to discourage its use.
..putting down cluestick and stepping off soapbox
Maybe because there's no feasible alternative at the moment? Maybe because he likes some artists who only distribute on iTMS? Maybe because he wants to play the AAC files he legally obtained on his Linux workstation?
Do you think that Apple's restrictions are really that ridiculous?
Who owns your computer? You or Apple? What right do they or anyone else have to tell you what you're allowed to do with your own personal property? I'm not talking about P2P or anything outside of your own computer. I'm talking about what you do with your personal physical property in the privacy of your home.
2) In addition, you're liable to hurt us people who don't mind the DRM, and in fact appreciate Apple's service, because cracking the encryption will more likely than not cause the RIAA to demand greater restrictions in the future.
DRM doesn't work and there is no way that it even theoretically can work. By necessity, DRM is the equivalent of placing your key under the doormat and expecting that nobody will use it without asking first. So what if the RIAA demands "stronger" DRM schemes than what Apple has implemented. It will only drive away customers. People like you will wake up and begin to care, perhaps. Which is really fine, because we don't need the RIAA anymore anyhow. Ever consider the fact that many iTMS artists are not RIAA member signed?
And incidentally, this does not appear to be a case of any encryption being cracked. In fact, it may not even be considered illegal, even under the bogus DMCA, because the data is merely being intercepted *before* DRM is applied to it. And it's not some form of wiretap because it's your own computer. But IANAL so don't base anything upon that speculation.
You play it off as if fighting DRM is some great act of civil disobiedence which will liberate us all from some fantasy corporate-controlled nightmare world.
If corporations are trying to define what you can legally do with your own personal property, then yes, there is reason to be concerned. And it is not a fantasy that abusive corporate control of the music industry has been detrimental to everyone minus the big-wig execs and a handful of top artists who managed to wrangle the system.
You have to realize that you're in a small minority, and you have to respect the rights of others who don't hold the same views.
Minority? Hardly. Maybe minority among Apple fanboys, but not among the majority of the population. Do you realize why MP3 is so popular? It's not because it's technically the best. It's because it is completely open. The free market has decided that most people don't like DRM. BTW, what "rights" is the original poster disrespecting of people who don't agree with him?
Windows domains offer end-to-end managed software rollouts through group policies. Linux has absolutely nothing of the sort.
You're making an apples to oranges comparison here. Linux/*nix OS'es don't use the same management techniques as Windows domains. That doesn't mean there's no way to do managed software rollouts. In my experience, it can be far easier and less convoluted with a proper setup. It's hard to beat the ability to store everything on network filesystems. You can do your updates whether workstations are turned on or not. And none of that "rebooting" nonsense. (:
Planned for 1.1.
That is excellent news. All the more reason to support the project in any way you can to help make the June release date possible.
In the meantime, it would be nice if there was some feature added to FF 1.0.x that would at least allow a local centralized update repository. This wouldn't help with large installations, but it would at least allow easier admin for small offices / workgroups while we wait for 1.1.
You can't implement a standard fully when it isn't self-consistent.
But you can implement all the parts that are fully accepted and are no longer considered in any way ambiguous by the development community. MS hasn't done that with IE6 and apparently doesn't intend to do so with IE7 either. And there's no excuse. What? It'd be a waste of extremely limited MS resources? Uh.. don't think so..
From the w3c website: "But most of all CSS 2.1 represents a "snapshot" of CSS usage: it consists of all CSS features that are implemented interoperably at the date of publication of the Recommendation." And there you have it.. IE7 could easily aim to implement CSS 2.1 as all the other browsers have.
The problem is self-perpetuating. If you take the attitude of not starting on implementing a standard until it's finish, then you're providing no feedback to the standards process.
Which is what beta versions of software are for..
Standards should codify, and in some cases invent, ways to properly meet common needs recognized through existing practice. Practice shows where standards are needed. The commonality of the need determines whether a standard should be pursued before or after attempts to meet that need. In the case of web technologies, standards should always come before.
The telecom industry has a long history of coming up with dozens of partially or completely incompatible standards for new technology. Eventually it gets bad enough that some regulatory body or industry consortium has to step in and declare one design "the standard," but not until after much politics and endless committees.
It is almost always better to agree on a standard before beginning implementation. Any inconsistencies and ambiguities are much easier to reconcile when everyone is at least on the same page.
Avalon is supposedly one of three "pillars" of Longhorn according to MS literature. Presumably this name encompasses the other related components so it can be used generically. If that's not the case, they need to work on the clarity of their marketing materials. Regardless, I am aware of the internal distinctions of what each component does. But that doesn't change my original stated opinion -- that Longhorn / .NET in reality is going to be about WS-enabled heavyweight client-sided applications that only run on Windows. Duh.. I mean.. if it was anything else, MS would be giving up their monopoly! They don't want a world full of web-standards driven applications where Desktop and Server platforms don't matter anymore.
The rest of you that are aware and capable of making upgrades, should do so of course.
Of course, the problem is that the FF/TB upgrade mechanism is absolutely awful. There's no easy way to roll out the FF/TB duo on a Windows network. Worse, even for stand-alone use, the upgrade process just installs a new copy over top of the old. (redundant add/remove program item, desktop icons, and all!) As a reluctant part-time Windows admin, I can say with pretty good confidence that this is the one thing holding Firefox back from widespread use in businesses.
Firefox team, please wake up and listen! An official method for centralized roll-out on Windows networks is an absolute must if you want to make a dent in IE usage in the business / corporate world.
Thank goodness the other half of my work is Linux, where FF upgrades are as simple as "apt-get install mozilla-firefox"
Linux has three role-based security mechanisms and mandatory access controls (SE-Linux is just the one included), three ACL mechanisms (Trustees, POSIX ACLs and SGI's XFS security mechanisms), an EAL4 rating with an EAL5 possibly underway, USB or dongle system locking, support for cryptographic and "trusted" hardware, support for IPSec, a very impressive packet filtering system (layers 2, 3 and 7), capabilities and that's just the kernel. If you want to include the rest of the system, you've stack guards, SSL/TLS, Kerberos 5, rootkit detectors, binary modification detectors, TCP wrappers, bayesian intrusion detection systems, root jails, virtualization (which allows you to compartmentalize, and therefore can be used for security), MD5 passwords for the shadow suite, one-time password systems, public key encryption and a host of validation & security auditing tools (TARA, SARA, NMap, Nessus, BASS, etc)
It is a terrible shame that "best practice" implementation of these wonderful security tools is not commonplace in today's popular free Linux distros. Debian and Fedora.. that means you! (: But seriously.. we now have the tools available to create nearly uncrackable machines. (ie. the point where physical security becomes the only significant remaining concern because it's far easier to break in and steal the box.. but you did use a crypto FS right?) Anyhow, we need to put these tools to use ASAP. It's good for Linux. It's good for Internet users at large.
Now if only we could devise a means to create nearly uncrackable users.. hmm..
frameworks.. sandboxing.. scrapping legacy API's.. documented code.. interoperability.. So basically, what you're saying is that MS has finally realized that the Java folks had it right all along. (:
Fortunately, they're doing everything clean this time with XML and SOAP
Truly distributed applications using XML/SOAP for RPC tend to be horribly slow. The development community has largely rejected distributed architectures because they simply aren't the right tools for the job in most cases. What's left is basically "B2B" functionality.. but this is readily available via Web Services today using Java. IMO, the future belongs to more heavily server-sided applications (think rich-web, standards compliance, etc.) due to reduced administrative costs and simplified security. The ultimate would be, for instance, a bunch of diskless Linux workstations with little more than a highly evolved web browser. Sure, XML in one form or fashion will be used to communicate between heavy servers and thin rich-web clients, but that doesn't make the applications distributed. And it sure doesn't require a whole bunch of complicated RPC and DCOM layers running on top of a heavyweight client-side framework that is interwoven all through your desktop shell. Indeed, MS would like the "PC desktop" to remain relevant even though the industry is now trying to pull in the opposite direction. In the end, we have this super-complex framework that basically talks XML and produces a shiny native Windows-only interface (Avalon.. which got most of its ideas from XUL). I'll stick with Java, Linux, and Mozilla for now, thanks.
Though I am a more or less a Linux pro, my experiences with desktop deployments are similar to your own. From an administrative perspective, the biggest need today is a quality web/GUI admin tool that takes the work out of combining all the great Open Source "raw materials" into workable solutions. (Whether that's a firewall, mail server, file server, etc.) Webmin doesn't cut it. It's just a front end to editing config files -- usually after all the hard work has already been done. We need a tool that is smart enough to aid in integration. (ex. rigging up LDAP + Kerberos + NFS + Samba) We also need to switch to Elektra style configuration in place of the traditional /etc structure. (this is a precursor to making quality admin tools feasible..) And did I mention this wonderful GUI admin tool must be Open Source? None of this "widget frosting" proprietary specialized Linux distro nonsense that costs as much as going with Windows.
From the user perspective, lack of features / polish in OpenOffice is the biggest problem. 2.0 will be a significant step forward, but the project desperately needs more resources. All it would take is a few big corporate sponsors and we could all kiss MS Office goodbye. (and Windows, which would quickly follow) As for Gimp and the rest, you've gotta realize that most people don't even know how to use Photoshop because they can't afford it. Both programs are pretty confusing to beginners and both are confusing to users familiar with only one or the other. (it goes both ways)
Windows hardware detection a dream? Umm.. lemme think.. no.
No so fast. IE7 still won't be standards-compliant. That won't matter to most end-users, of course, but it matters to me as a web developer.
Yes. This is why it's extremely important that FF continue to offer something that users can't get with IE7. There are countless stories of websites being re-designed to be more standards compliant since FF began to rise in popularity. Users complained about breakage and companies were forced to respond to the demand. Up to this point, tabbed browsing and reduced spyware risk were the primary reasons for casual users to use FF. Now we need something else to lure them. (well.. assuming the security of IE7 is actually improved) May I humbly suggest some innovations in the way bookmarks and history are handled? How about a bookmark start page like Galeon's but not ugly and disheveled? Maybe even create a portal-like start page. Or what ideas can we borrow from Opera?
So the question becomes, who will bother supporting non-mainstream hardware? They are still functional machines for me...
You do realize that you could probably replace every one of those old machines with one $350 modern x86 box, right? Unless you've made some sort of fulfilling hobby out of antique computers, there is no question that it's a waste of your time to maintain that old hardware. Yeah.. it's kinda neat that some old hardware just won't die, but in the grand scheme of things, Debian volunteer resources are better used for things that really matter.
Hopefully, they're liberal about the patent and will let noncommercial nonresearch applications use the algorithm.
Supposedly it's free for "non-commercial" use. But that eliminates most OSS licenses in the US. It's really disgusting that universities try to patent their research today. Whatever happened to science and mathematics for the greater good? Whatever happened to the notion that tuition money went partly to patronize the furthering of the arts and sciences through research? Students might as well send their tuition directly to corporate R&D labs.
Otherwise, we would have to wait for the really interesting software to come out.
Or find ways around this stupid patent.. After all, the patent most likely applies to a set of algorithms that make up the desired result. Some may not be necessary in common use. Some may be substituted for manual intervention. Others may be re-invented using the same concepts but improved techniques.
I can understand that not everyone has the same "lets band together and change the world" zeal and I'm not saying this is a requirement for OSS developers or anything like that. On the other hand, there is much at stake for everyone involved. Lets put it this way: all of our lives would be better if OSS dominated the industry. It would make our day jobs much more enjoyable. Even from a purely selfish perspective, I would pursue user-focused OSS for this reason. I don't want OSS to just be an intellectual hobby that I pursue in relative isolation from the "real world" of computing. I want to do this stuff for a living because I enjoy it more. Regardless of politics, I think this is a common desire that we can all agree upon. If we can agree, then I think that we need to use this as impetus to broaden our horizons and think strategically about how we can cause OSS to dominate, not just provide a niche alternative.
The last thing they want is for that source of new, purchasable ideas to dry up. ... Therefore, they want to cultivate a market in which these startups are happening, which means dispelling the cloud of patent litigation that is currently suppressing new ideas.
You might be partly on track but it's probably more insidious than that. The article mentions that they want all companies to have access to patenting, including small companies. Now think about it.. who exactly would this hurt? Remember, we're talking about software patents here.. not true inventions. Big companies can buy small ones, patents and all, so it doesn't matter to them. And they're aggressively lobbying for software patents in Europe, so this is not them coming to their senses. No, this "equalization" and "reform" nonsense is aimed squarely at the Open Source movement. They want to create a world where effectively all software must be sold because inevitably you'll owe somebody patents royalties, however small.
At the same time, sure, they're probably against the most obvious abuses and want this to be reformed. But they are not coming out and saying "we're now against software patents." It's more like "we want everybody in our industry to have patents available to them for whenever they come up with an idea that is slightly innovative.... so that Open Source people can't use that idea."
Folks, it's time to nip this in the bud. All software patents are bad -- even in the rare case of a truly new idea. Software patents always stiffle innovation and more importantly limit intellectual freedom. It's time to get really politically active about this in the US before it gets worse.
And here's another idea: We need an Anti-Software-Patent database. A place for people to publically share every last innovative software-related idea that enters their minds to nullify its ability to be patented later by some company of any size that thinks they're hot stuff and entitled to money for nothing. If companies like MS want to astro-turf the industry with patents, we can fight back by astro-turfing with prior art faster (and for free! all you have to do is share the idea publically!)
As an Open Source developer myself, I hold the following philosophy when it comes to the use of my free time: "Because I am sacrificing a great deal of my time, I must evaluate its use. My time is highly valuable and I could be readily making money instead. If I'm going to freely spend some of this time for OSS, it should be spent in a way that helps the most people. After all, if I didn't care, I would just run Windows and stick with my day job -- that's the easy way out. Instead I desire to help people and advance technological freedom in our society by providing superior alternatives to proprietary software. The only way for this to happen is for me to listen to what my users want and weigh this heavily in my decision making. Sometimes they are flat wrong. Other times their ideas are brilliant. Regardless, if I don't listen, I will not produce quality software because it will only meet my own needs and/or the inaccurate perceived needs of my userbase. If I do listen to my users, my project will someday be popular enough that I can make money through support and paid enhancements. I don't wish to become rich, but I would like to make a living while doing what I love. If I could work full time on OSS, it would be beneficial to my userbase. My ultimate dream is to see OSS dominate computing for the benefit of all -- even those who today are the enemies of our ideals. Everyone in the OSS community must play their part, do their best, hold the right attitudes, and keep the big picture in mind."
For me, there always has to be a balance. Gaining more users is almost always more important than trying something new and whacky that may or may not work out. If I'm going to try something new, it should be a user-selectable option. The old should remain the default until the new is readily accepted. Flexibility is more important than the threat of bloat, but proper design takes care of both.
Those who aren't willing to CONTRIBUTE to an Open Source/Free Software project are not entitled to an opinion. But those who do not write code can still contribute. They can test and report bugs, write documentation, maintain infrastructure, help work the mailing lists and answer the easy questions to free up the devels time, contribute storage & bandwidth, cash, etc.
If you'd read her editorials, you would have noticed that she does most of those things you just listed as contribution. And not only that but the suggestion you made at the beginning was precisely what she was trying to do -- talk to users, learn where they suffer, and be an interface between end users and devels. She was trying to do some "marketing" to help out a project she likes and wants to see improve for the benefit of all.
Now, I don't know anything about this woman's past commentary or interaction with developers, but regardless, she does make some valid points in her editorial that need to be heeded (minus a few overly harsh criticisms..) Unfortunately, Slashdot editors had to give this article an inflamatory headline, so everyone immediately went into this discussion as a flamewar and, as usual, didn't read the original content.
One of her paragraphs sums up her overall point best and is worth reading whether or not you go back and read the whole article:
[snip]
What I like to see, is some market research. Approach all kinds of users, put their gripes in line, make a note of their features they really need and evaluate them. Then, create a project plan and distribute the tasks that need to be done to your developers and make sure they deliver what they must deliver. People will say "that's not how OSS works", but as a user, I don't really care how OSS works. I care about using software that's been properly developed taking users into account rather than purely developers' needs. Be careful: I am not asking the OSS developers to implement every little thing that's asked out there, I am asking them to simply take users into account and get an idea of what the whole of their userbase needs. Extracting useful information from the mass will be difficult, but it is achievable if the right resources & infrastructure are into place.
[/snip]
Now what, precisely, is so horribly wrong with this proposal, fellow Slashdotters? This is how large Open Source projects should be run. Users absolutely must be the focus. Her idea of setting up an infrastructure to allow masses of ordinary users to produce feedback is an excellent idea. And no, this is not covered by existing Bugzilla because it requires registration and too much knowledge and formality.
As an Open Source developer myself, I hold the following philosophy when it comes to the use of my free time: "Because I am sacrificing a great deal of my time, I must evaluate its use. My time is highly valuable and I could be readily making money instead. If I'm going to freely spend some of this time for OSS, it should be spent in a way that helps the most people. After all, if I didn't care, I would just run Windows and stick with my day job -- that's the easy way out. Instead I desire to help people and advance technological freedom in our society by providing superior alternatives to proprietary software. The only way for this to happen is for me to listen to what my users want and weigh this heavily in my decision making. Sometimes they are flat wrong. Other times their ideas are brilliant. Regardless, if I don't listen, I will not produce quality software because it will only meet my own needs and/or the inaccurate perceived needs of my userbase. If I do listen to my users, my project will someday be popular enough that I can make money through support and paid enhancements. I don't wish to become rich, but I would like to make a living while doing what I love. If I could work full time on OSS, it would be beneficial to my userbase. My ultimate dream is to see OSS dominate computing for the benefit of all -- even those who today are the enemies of our ideals. Everyone in the OSS community must play their part, do their best, hold the right attitudes, and keep the big picture in mind."
And then she goes on to rant how Open Source developers need to cater to their users if open source is to 'succeed.'
Open Source projects need to cater to users if they are to succeed beyond a small group of developers and enthusiasts. There's nothing wrong with saying this because OSS history has proven it time and time again. I'm not saying that all projects must cater to all users. Furthermore, I'm not saying that all user demands are valid. However, diligent research into common, legitimate user demands will, in fact, make a project more popular. This benefits everyone since popularity usually also translates into more developers and ideally some sort of funding.
So, apparently Eugenia doesn't really understand how Open Source software development works. It's not a Leia^H^H^H^Hcommittee.
There's no one way that "OSS development works." Some projects are, in fact, run by an efficient committee and it works out well for them. Others completely lack centralized leadership. There are pros and cons to both. I'm not sure what the "Leia" reference was.. I hope that's not a jab at her gender. If anything, women should be offered more technical coordinator and user-liaison roles in OSS projects because these fit their well with their natural strengths. (Yes, I know there are good women programmers too. The point is that women are often superior to men in dealing with a flood of information and personal interactions.)
All work is voluntary, which means, as the Gnome devel team pointed out, the only work that gets done is work the devel team feels like working on.
All work does not need to be voluntary. If users care enough, they can raise money to pay the developers to add whatever features they want. Commercialization, not pure volunteerism, is the future of OSS. I'm not talking about huge companies or struggles for control; I'm talking about an efficient exchange between users and developers -- both intellectually and financially. Developers need to realize that the best way to take their projects to the next level is to begin commercializing them -- to treat their hobby partly as a small business. The day when most developers are being paid to write OSS full time is the day when the Open Source movement can be declared a complete success. It is my concern that too many projects today function as small island economies. Nobody has questioned the ability of impassioned developers to meet their own needs. The question is whether their passion and creative resource can be effectively used to transform a world in dire need. We, Open Source community at large, need to broaden our horizons.
..but better managment of the update system is something that is more pressing and is having a negative impact on users today.
I don't think the FF developers spent much time thinking about real-world deployment on Windows networks. This is an awful shame because it's the only reason why FF adoption has slowed. You can't embrace and extend a platform if you don't fully understand the platform. The initial adoption surge was primarily home users and enthusiasts -- for whom is acceptable to assume manual download of the installer and manual updates as needed. For businesses running Windows networks, this is entirely unacceptable. Initial deployments *and* updates need to be centralized. You can't expect users to take care of updating themselves. (Not to mention the bandwidth issues for both Mozilla servers and individual businesses!)
The FF team needs to assign someone to be an official "corporate deployment issues" coordinator. They need to produce their own MSIs and/or push-update client coupled with proper documentation for admins. For smaller / less sophisticated networks, they need to produce a tool that at least centralizes updates locally. It could be very simple -- such as the ability tell FF to look for and auto-install updates found in some network path instead of from the net and without any user intervention.
But if his point was that enterprise business software is a different market than shrinkware, I agree with it although it was off-topic apparently.
The OSS-driven business model varies depending on which market you're going after. With enterprise business software, the model is not much different than non-OSS. In either case you're selling a solution (support, training, any licensing, sometimes hardware) and dealing with contracts. With software intended to replace popular shrinkware, a completely different business model is needed. Not off-topic.. just making a distinction.