Well, you can always do ad-hoc materialized views... I'm coding some now.
However, better matview management is currently under development. We had a Google Summer Of Code project to write code to manage the updating of materialized views. In a couple of releases, we might have matviews as good as Oracle's.
Of course, if you're a PostgreSQL user and you want better matview support, then we could really use your help developing it.
You're absolutely correct that such a comparison would be a real asset to users. However, it would also be a Herculean task. Several people have tried to do similar things, but the number of indexes you need to compare (features, reliability, performance, etc.) is too large. And some things are so different it's hard to compare them meaning fully. Imagine trying to do a head-to-head comparison of all OSes in every way.
Speaking as a database contributor (PostgreSQL), databases should absolutely secured at the network level. If not by firewall, by making them only available on localhost, or only by VPN or SSL connection.
DBMSes are designed to be feature-ful, fast, and secure... **in that order**. Which means that no DBMS is designed to stand up to a protracted, determined, knowledgable attack on an open port (athough some of us do better than others). At the very least, an attacker could DOS you by simply attempting a connection thousands of times a second, forcing the database to fork processes or threads.
Further, the most popular DBMSes (SQL Server, Oracle and MySQL) pretty much always have outstanding security exploits on their bug lists, and far more which were patched in the most recent update most people haven't applied. Even we fix 1-2 exploits per update these days, some of which are quite dangerous with an attacker who really knows their stuff.
Developers are *terrible* about setting good DB passwords. I absolutely can't tell you the number of times I've seen "temp/temp" as an authentication string in a production database, or "trust" authentication for the right IP (which can be spoofed) because a developer wanted a back door which didn't require typing his password.
For that matter, web developers are supposed to set up different permissions for the web user vs. the database owner, but this is a rare thing to see in practice.
So it's *way* important to firewall your database. Better yet, don't have it listen to the internet at all: set up the database to only listen to localhost or the private network.
That all depends on the vertical market your application is for. Ask yourself these questions:
1) Are the potential users of this application internet & computer savvy? 2) Are the consultants/vendors to this market more likely to contribute to a project, or to steal the code and never contact you?
We considered open sourcing our temp agency application -- 100% of our profit comes from customizations anyway -- but after analysis realized that temp agencies don't have the know-how to find and install the app on their own, and the other software companies in the market would happily steal our code and incorporate it into their own products without giving anything back (GPL or not). So we've chosen to keep it closed.
However, that varies considerably by industry. For example, you'll find a *lot* of OSS in manufacturing, because many manufacturers have tech-savvy staff, and since service outweighs licensing fees in that sphere 20-to-1, vendors are willing to share.
You're still wrong. The quote was "ALL KINDS of subselects". This would include subselects in the SELECT, FROM, WHERE and HAVING clauses, as well as correlated subselects and sub-subselects.
You will be amused to find out that we studied Ringworld in college as part of a course on gender relations in modern mass-market fiction. We found some quite pervasive themes about traditional gender roles in you novel. Were these intentional, or just a side effect of the story you wanted to tell?
Had to point out that this paragraph contains some preblematic assumptions:
"So I had to figure in the cost of one of my customer's IT staff staying active on that list and learning enough about the product to provide in-house support supplemented by the email list. Estimating this at one tenth of an FTE and that FTE at a low $80,000 per year resolved to $8,000 per year. This was nearly three times the cost of the most expensive commercial product support!"
This calculation makes two assumptions: 1) That keeping up with the application bugs & changes will take 4-6 hours/week (may be correct, you just don't state how you arrived at that figure)
2) That utilizing commecial support requires *no* staff time, a truly laughable assumption.
To give you a counter-arguement for assumption 2: One of my clients pays me to interface with the support engineers for a major proprietary application carrying a $8,000/year support contract. This year to date, I have billed the client 25 hours (at $175/hour) to nag the support department of the commercial vendor and prepare test cases proving the client's problems. And some bugs still take 9 months to resolve.
So: If you work with a flawed evaluation formula, you will get flawed results.
I'm seeing a lot of negative comments about MSO document conversion here, which I find surprising. I use OpenOffice.org exclusively, as do two of my clients, and all of us trade back and forth documents with MSO users all the time. The problems I've found are limited to:
1. Floating text boxes and lists in Word, two areas I will point out have problems converting between versions of Word as well.
2. Page formatting/header/footer stuff in Word where there are numerous section breaks. This is something we need to work on.
3. Dealing with unsupported fonts. Another area that could be smoother.
So, we still have some issues, but on my testing our conversions to/from MSO are better that WP Office or Mac:Office.
If, however, you have documents that do *not* agree with the above, how about joining the OpenOffice.org project and filing some issues so that we can debug? We're reverse engineering, here, folks, give us some help!
I was one of the first 10 complaints to get the FCC investigating Fax.com in 1998. In fact, I got them in trouble with the Orange County District Attorney's office, and the S.F.D.A. as well.
1) SAP DB has only been Open Source for what, a year? Heck, I only heard about it 3 months ago. PostgreSQL has been Open Source for over a decade.
2) SAP DB is a pain to set up. Frankly, I don't have an entire weekend to set up a new RDBMS just to evaluate it. (Unless, of course, I'm being paid to!)
3) SAP DB, unlike PostgreSQL and like MySQL, has the single-company-development problem. PostgreSQL, as an OS project with 25-50 volunteer developers worldwide has survived the death of, so far, 6 companies that supported Postgres or its derivatives. Like MySQL AG, if SAP AG were to go down the tubes, development on SAP DB would halt (though it would still remain available under the GPL).
4) Most importantly... I am a minor player on the PostgreSQL project, and as such feel that I am well informed on PostgreSQL's bugs, limitations, development direction, and tradeoffs. As a recently opened commmercial product, SAP DB is still too "black box" for me to trust it. No doubt this will change.
-Josh Berkus
P.S. One volunteer suggested that we consider SAP DB support for OpenOffice.org. Sadly, we had to reject the idea because of the complexity and difficulty of administration for SAP-DB. If someone from SAP is reading this, and you disagree, please join the dev@dba.openoffice.org mailing list and make yourself heard.
Are you planning on upgrading from StarOffice 5.2 to OpenOffice.org 1.0 or StarOffice 6.0? Which? If not, is it because of a feature which OpenOffice.org is lacking, or just comfort with StarOffice 5.2?
Following up: Several news writers have e-mailed us (OpenOffice.org) asking for specific features designed to make OpenOffice.org more freindly to professional writers. As the "iron man" of science fiction and fantasy paperbacks, do you have a feature you'd particularly like to see?
-Josh Berkus
OpenOffice.org Marketing
Volunteer Lead
agliodbs@openoffice.org
If I had an Open Source project in which I think IBM should be interested, what's the best way to approach IBM management? Who do I contact, and what sort of independant projects is IBM most interested in supporting?
I don't think that there's any question that Ximian has the vision and talent necessary to produce excellent, extremely user-friendly tools for Linux and Gnome. However, there's no question that such an undertaking is expensive... not just for the programmers, but for Q/C, tech support, refunds, documentation, etc. In three parts:
1. How successful has the Red Carpet Subscription been in funding Ximian development, or at least itself?
2. What other ideas do you have to make people want to pay for Ximian software?
3. Where do you think that you can use the resources of the Open Source community to reduce costs?
I ask because, as a member of the OpenOffice.org project, we are looking to become more independant of Sun/StarOffice and need to answer these questions ourselves.
IANAL, but I do a lot of contract negotiation. No doubt you'll hear from Bradley Kuhn.
Is it legal? IMHO, Yes.
However, that begs the question: what does your company gain from this? Yes, they will release a product under the GPL where others cannot meaningfully read their code(*). How is this advantageous? It will certainly lead to bad press for your company, on Slashdot and elsewhere, and thus hurt sales/PR. It will not prevent others from copying and compiling your source code, as-is, for free, and does not therefore enhance revenue.
Either there's something you're not telling us, or this is a hypothetical situation that you are making up and not a real company.
(* = eventually, someone would crack and release a program to reverse the search-and-replace operation to obfuscate your code. After all, it's easier than reverse-engineering bytecode)
We've had online backups since version 6.5. In fact, backing up and restoring Postgres is easier than any other well-known DB except MySQL. Certainly it's about 5x faster than MS SQL Server.
Point-in-time recovery, standby databases, and replication are all related on the TODO list. Sadly, I think that these major features will wait until a commercial entity decides they're worth paying for. Unless you wanna volunteer?
As for clustering/parallel processing, may I point out that MS SQL Server doesn't have that, either? This is an Oracle/DB2-grade feature you're talking about, and there are still some reasons that Ellison and the boys get to charge $25,000 for their product.
-Josh
PostgreSQL Volunteer
P.S. How about we drop the Postgres vs. MySQL flamewars every time someone posts a database article? Frankly, as a PostgreSQL applications developer, it's a non-issue. MySQL is a good database for some things. PostgreSQL is a good database for most-but-not-all things. It's not a popularity contest, for crissakes! Grow up.
Just read your follow-up to Software Stinks! I noticed that you did not address one common comment to your original article. That is, how are BAD Buildings similar to Bad Software?
Let me extend your analogy between building software and building bridges, because I think it works. What you leave out is that bad buildings get built *all the time*. For a few examples, continuing the analogy:
1. Unrealistic budgets: The "Towers" housing project in West Oakland was, as is government habit, awarded to the lowest bidder and the budget was cut after the fact. As a result, by the time construction started, the building company was committed to building a 12-story apartment building for something like $3/square foot. As a result, this 12-story, 90-unit building had one elevator which was out of order 1/2 the time, and the roof *fell off* 4 years after construction.
Similarly, I often have the following conversations with any of my clients:
Me: "Your database was badly designed and needs to be re-built from scratch for $100,000."
Client: "That's too much money."
Me: "It's what you need."
Client: "What if we just fix what we have?"
Me: "That would only cost about $15,000. But you'll continue to have major bugs and data integrity problems, and the system will stay very slow."
Client: "We'll do that then."
2. Constant Changes to Spec: The San Francisco Airport started building their new international terminal in 1994. However, after starting construction, the Mayor's office, the Airport Administration, and the Airlines each found ways to make several minor changes to the plans to accomodate their fantasies -- AFTER the concrete was laid. The result were some very expensive retrofitted changes, causing the airport project to be completed 2 years late and $300 million over budget.
Likewise, I have a major accounting application. Just yesterday, I was informed by the client of a significant policy change that affects the business rules for the database in several places. Apparently, the policy change happened 6 months ago and it did not occur to them to inform me; as a result, I not only need to change the business rules in 8 different places, but I also need to find some way to make this change 6-months retroactive. This is not the first time they have done this. Unsurprisingly, this project is now 1 year overdue and $40,000 over budget.
As a member of the Project, let me clear a few things up:
OpenOffice.org is an Open-Source project sponsored by Sun and Collabnet. It is currently Build 638C, and has not even reached version 1.0. This is mostly because we've sepnd a lot of time replacing proprietary componets from StarOffice, such as the spellchecker, fonts, and conversion filters.
StarOffice is a commerical Sun product, available for free download, which is currently beta-ing its version 6.0. Most of this vesrion is code from OpenOffice.org Build 638 with the addition of the above-mentioned proprietary compnents.
Recarding all of the compaints on features and slow load time: If there's something you'd like to see different about OpenOffice.org, then join the project and write some code, darn it! This is Open Source.
We desperately need more coders from the community. Please, sign up and contribute!
Just spent 10 hours reparing the damage done by Nimda. !^*&*@ this is a nasty worm. basically it scans for every NT and Outlook exploit possible, and attacks the entire network.
While I've gotten my clients to reduce their NT dependance, we've got this one vendor machine... and, of course, they won't let us patch it without (lengthy) approval. So guess what machine gets compromised, and scans until it find an inadequately secured share on one server that it can use to leapfrog to the whole network?
Anyway, Russ, if you still need data on the Nimda virus, boy howdy do I got it.
As an unlicensed contract lawyer, it's actually pretty clear...
The patent restriction requires all users of the RTLinux code to comply with the GPL or make a seperate commercial license with Yodiaken. This is, IMHO, a good thing that extends "copyleft" to the patent world.
On the other hand, the Patent adds some additional restrictions not normally contained in the GPL:
5. To require any recipient of your product based on RTLinux code to send an e-mail to Yodiaken with their contact info;
6. To keep detailed records of commercial uses of RTLinux, to be furnished to Yodiaken on demand.
All of the other clauses either repeat the above or support the terms of the GPL.
Frankly, overall Yodiaken seems to be a staunch upholder of the GPL and using his patent to uphold it. I can't understand why Stallman is freaking about Yodiaken's demand to collect a little demographic information.
Surely this is something that could be worked out with Yodiaken or simply ignored? Sheesh!
From my previous experience in the non-profit arena (as a professional fundraiser) you have to be careful with what kind of receipt a non-profit gives you for used equipment. Many non-profits are not following IRS guidelines, and you will get in trouble if you try to claim your donation to them.
The most important thing is that the non-profit cannot give you a "cash value" for donations. They should describe, in detail, in their acknowlegement the equipment you donated, but must refrain from making any estimate of dollar value. Many non-profits violate this rule, and you must discard their estimates of the worth of your donation. You will get in trouble with the IRS for trying to use this kind of valuation (and so will the non-profit).
Instead, you should be claiming either the depreciated value of the equipment according to your depreciation schedule (bleah!) or the current market value for equipment which was not depreciated (for example, personal non-business donations). For the latter, it is very useful to print out and save ads for comparable items on Craigslist or Ebay.
Normally I donate to "legal defense funds" (such as Skylarov) but this appeal has me a little suspicious. Particularly the appeal for $10,000 in lawyer fees and the convenient PayPal account. Other defendants have needed a support group or the EFF to set this up for them, but Brian has his ready to go.
I don't want to slam Brian if he's really facing unfair procecution, but I also would like to see some outside verification of his story from a reliable news source (like the EFF or the ACLU).
Otherwise, it's quite possible that Brian is in fact a cracker and is playing on the sympathies of the Slashdot crowd to raise a little bail money. Remember, the FBI does sometimes arrest real criminals!
Please CC: your reply to me, since this item already has hundreds of comments and I'm not sure I'll find it.
In addition to all of the ethical and legal reasons already pointed out, the US has a strong pragmatic reason to let Dimitry go (with apologies and compensation).
Currently a lot of foreign programmers are boycotting conventions in the US due to sympathy, and fear that they will also be arrested. If Dimitry is convicted, this boycott will spread, and a lot of international software conventions currently held in the US will move to Europe, because they don't want to lose half their presenters.
Such a shift will eventually lose the US its primacy in the high-tech world. Germany, the UK and Israel are already eager to take the lead in tech development away from America; this would give them the push they need. Pretty soon, Americans would find themselves learning German or Hebrew just to maintain second place in the software world.
And that's aside from the millions in convention income lost.
Personally, I wouldn't mind seeing the technological wealth a little more world-distributed. However, I'd think that an appointed official of the Bush Administration would be a little more concerned with keeping America's technical edge sharp.
Slashdot Mirror
Well, you can always do ad-hoc materialized views ... I'm coding some now.
However, better matview management is currently under development. We had a Google Summer Of Code project to write code to manage the updating of materialized views. In a couple of releases, we might have matviews as good as Oracle's.
Of course, if you're a PostgreSQL user and you want better matview support, then we could really use your help developing it.
--Josh Berkus
PostgreSQL Project
JD,
You're absolutely correct that such a comparison would be a real asset to users. However, it would also be a Herculean task. Several people have tried to do similar things, but the number of indexes you need to compare (features, reliability, performance, etc.) is too large. And some things are so different it's hard to compare them meaning fully. Imagine trying to do a head-to-head comparison of all OSes in every way.
Here's a few comparison links, but they just scratch the surface:
http://troels.arvin.dk/db/rdbms/
http://en.wikipedia.org/wiki/Comparison_of_SQL_database_management_systems
PostgreSQL *must* be the leading open source SQL database, now. People are bashing us on Slashdot. That's always a sign of success.
Thanks, guys!
--Josh Berkus
PostgreSQL contributor
Why not just use .NET with PostgreSQL? You can put whatever you want on the back end.
Or you could use Once:Radix or Servoy, both of which integrate with PostgreSQL.
https://sourceforge.net/projects/onceradix/
http://www.servoy.com/
Ed,
... **in that order**. Which means that no DBMS is designed to stand up to a protracted, determined, knowledgable attack on an open port (athough some of us do better than others). At the very least, an attacker could DOS you by simply attempting a connection thousands of times a second, forcing the database to fork processes or threads.
Sorry, no.
Speaking as a database contributor (PostgreSQL), databases should absolutely secured at the network level. If not by firewall, by making them only available on localhost, or only by VPN or SSL connection.
DBMSes are designed to be feature-ful, fast, and secure
Further, the most popular DBMSes (SQL Server, Oracle and MySQL) pretty much always have outstanding security exploits on their bug lists, and far more which were patched in the most recent update most people haven't applied. Even we fix 1-2 exploits per update these days, some of which are quite dangerous with an attacker who really knows their stuff.
Developers are *terrible* about setting good DB passwords. I absolutely can't tell you the number of times I've seen "temp/temp" as an authentication string in a production database, or "trust" authentication for the right IP (which can be spoofed) because a developer wanted a back door which didn't require typing his password.
For that matter, web developers are supposed to set up different permissions for the web user vs. the database owner, but this is a rare thing to see in practice.
So it's *way* important to firewall your database. Better yet, don't have it listen to the internet at all: set up the database to only listen to localhost or the private network.
--Josh Berkus
That all depends on the vertical market your application is for. Ask yourself these questions:
1) Are the potential users of this application internet & computer savvy?
2) Are the consultants/vendors to this market more likely to contribute to a project, or to steal the code and never contact you?
We considered open sourcing our temp agency application -- 100% of our profit comes from customizations anyway -- but after analysis realized that temp agencies don't have the know-how to find and install the app on their own, and the other software companies in the market would happily steal our code and incorporate it into their own products without giving anything back (GPL or not). So we've chosen to keep it closed.
However, that varies considerably by industry. For example, you'll find a *lot* of OSS in manufacturing, because many manufacturers have tech-savvy staff, and since service outweighs licensing fees in that sphere 20-to-1, vendors are willing to share.
-Josh Berkus
San Francisco
Well, the .ORG domain runs on PostgreSQL + eRServer, so that's one scalable solution ...
Wonko,
You're still wrong. The quote was "ALL KINDS of subselects". This would include subselects in the SELECT, FROM, WHERE and HAVING clauses, as well as correlated subselects and sub-subselects.
MySQL supports as "sub-set" of this.
-Josh
Mr. Niven:
You will be amused to find out that we studied Ringworld in college as part of a course on gender relations in modern mass-market fiction. We found some quite pervasive themes about traditional gender roles in you novel. Were these intentional, or just a side effect of the story you wanted to tell?
-Josh
Had to point out that this paragraph contains some preblematic assumptions:
"So I had to figure in the cost of one of my customer's IT staff staying active on that list and learning enough about the product to provide in-house support supplemented by the email list. Estimating this at one tenth of an FTE and that FTE at a low $80,000 per year resolved to $8,000 per year. This was nearly three times the cost of the most expensive commercial product support!"
This calculation makes two assumptions:
1) That keeping up with the application bugs & changes will take 4-6 hours/week (may be correct, you just don't state how you arrived at that figure)
2) That utilizing commecial support requires *no* staff time, a truly laughable assumption.
To give you a counter-arguement for assumption 2: One of my clients pays me to interface with the support engineers for a major proprietary application carrying a $8,000/year support contract. This year to date, I have billed the client 25 hours (at $175/hour) to nag the support department of the commercial vendor and prepare test cases proving the client's problems. And some bugs still take 9 months to resolve.
So: If you work with a flawed evaluation formula, you will get flawed results.
-Josh Berkus
Folks,
I'm seeing a lot of negative comments about MSO document conversion here, which I find surprising. I use OpenOffice.org exclusively, as do two of my clients, and all of us trade back and forth documents with MSO users all the time. The problems I've found are limited to:
1. Floating text boxes and lists in Word, two areas I will point out have problems converting between versions of Word as well.
2. Page formatting/header/footer stuff in Word where there are numerous section breaks. This is something we need to work on.
3. Dealing with unsupported fonts. Another area that could be smoother.
So, we still have some issues, but on my testing our conversions to/from MSO are better that WP Office or Mac:Office.
If, however, you have documents that do *not* agree with the above, how about joining the OpenOffice.org project and filing some issues so that we can debug? We're reverse engineering, here, folks, give us some help!
-Josh Berkus
OpenOffice.org
To toot my own horn:
I was one of the first 10 complaints to get the FCC investigating Fax.com in 1998. In fact, I got them in trouble with the Orange County District Attorney's office, and the S.F.D.A. as well.
Go me! Huzzah!
The answer to this one is simple:
... I am a minor player on the PostgreSQL project, and as such feel that I am well informed on PostgreSQL's bugs, limitations, development direction, and tradeoffs. As a recently opened commmercial product, SAP DB is still too "black box" for me to trust it. No doubt this will change.
1) SAP DB has only been Open Source for what, a year? Heck, I only heard about it 3 months ago. PostgreSQL has been Open Source for over a decade.
2) SAP DB is a pain to set up. Frankly, I don't have an entire weekend to set up a new RDBMS just to evaluate it. (Unless, of course, I'm being paid to!)
3) SAP DB, unlike PostgreSQL and like MySQL, has the single-company-development problem. PostgreSQL, as an OS project with 25-50 volunteer developers worldwide has survived the death of, so far, 6 companies that supported Postgres or its derivatives. Like MySQL AG, if SAP AG were to go down the tubes, development on SAP DB would halt (though it would still remain available under the GPL).
4) Most importantly
-Josh Berkus
P.S. One volunteer suggested that we consider SAP DB support for OpenOffice.org. Sadly, we had to reject the idea because of the complexity and difficulty of administration for SAP-DB. If someone from SAP is reading this, and you disagree, please join the dev@dba.openoffice.org mailing list and make yourself heard.
Are you planning on upgrading from StarOffice 5.2 to OpenOffice.org 1.0 or StarOffice 6.0? Which? If not, is it because of a feature which OpenOffice.org is lacking, or just comfort with StarOffice 5.2?
Following up: Several news writers have e-mailed us (OpenOffice.org) asking for specific features designed to make OpenOffice.org more freindly to professional writers. As the "iron man" of science fiction and fantasy paperbacks, do you have a feature you'd particularly like to see?
-Josh Berkus
OpenOffice.org Marketing
Volunteer Lead
agliodbs@openoffice.org
If I had an Open Source project in which I think IBM should be interested, what's the best way to approach IBM management? Who do I contact, and what sort of independant projects is IBM most interested in supporting?
Nat,
... not just for the programmers, but for Q/C, tech support, refunds, documentation, etc.
I don't think that there's any question that Ximian has the vision and talent necessary to produce excellent, extremely user-friendly tools for Linux and Gnome. However, there's no question that such an undertaking is expensive
In three parts:
1. How successful has the Red Carpet Subscription been in funding Ximian development, or at least itself?
2. What other ideas do you have to make people want to pay for Ximian software?
3. Where do you think that you can use the resources of the Open Source community to reduce costs?
I ask because, as a member of the OpenOffice.org project, we are looking to become more independant of Sun/StarOffice and need to answer these questions ourselves.
-Josh Berkus
OpenOffice.org
A. Nomminous:
IANAL, but I do a lot of contract negotiation. No doubt you'll hear from Bradley Kuhn.
Is it legal? IMHO, Yes.
However, that begs the question: what does your company gain from this? Yes, they will release a product under the GPL where others cannot meaningfully read their code(*). How is this advantageous? It will certainly lead to bad press for your company, on Slashdot and elsewhere, and thus hurt sales/PR. It will not prevent others from copying and compiling your source code, as-is, for free, and does not therefore enhance revenue.
Either there's something you're not telling us, or this is a hypothetical situation that you are making up and not a real company.
(* = eventually, someone would crack and release a program to reverse the search-and-replace operation to obfuscate your code. After all, it's easier than reverse-engineering bytecode)
-Josh
We've had online backups since version 6.5. In fact, backing up and restoring Postgres is easier than any other well-known DB except MySQL. Certainly it's about 5x faster than MS SQL Server.
Point-in-time recovery, standby databases, and replication are all related on the TODO list. Sadly, I think that these major features will wait until a commercial entity decides they're worth paying for. Unless you wanna volunteer?
As for clustering/parallel processing, may I point out that MS SQL Server doesn't have that, either? This is an Oracle/DB2-grade feature you're talking about, and there are still some reasons that Ellison and the boys get to charge $25,000 for their product.
-Josh
PostgreSQL Volunteer
P.S. How about we drop the Postgres vs. MySQL flamewars every time someone posts a database article? Frankly, as a PostgreSQL applications developer, it's a non-issue. MySQL is a good database for some things. PostgreSQL is a good database for most-but-not-all things. It's not a popularity contest, for crissakes! Grow up.
Chris,
Just read your follow-up to Software Stinks! I noticed that you did not address one common comment to your original article. That is, how are BAD Buildings similar to Bad Software?
Let me extend your analogy between building software and building bridges, because I think it works. What you leave out is that bad buildings get built *all the time*. For a few examples, continuing the analogy:
1. Unrealistic budgets: The "Towers" housing project in West Oakland was, as is government habit, awarded to the lowest bidder and the budget was cut after the fact. As a result, by the time construction started, the building company was committed to building a 12-story apartment building for something like $3/square foot. As a result, this 12-story, 90-unit building had one elevator which was out of order 1/2 the time, and the roof *fell off* 4 years after construction.
Similarly, I often have the following conversations with any of my clients:
Me: "Your database was badly designed and needs to be re-built from scratch for $100,000."
Client: "That's too much money."
Me: "It's what you need."
Client: "What if we just fix what we have?"
Me: "That would only cost about $15,000. But you'll continue to have major bugs and data integrity problems, and the system will stay very slow."
Client: "We'll do that then."
2. Constant Changes to Spec: The San Francisco Airport started building their new international terminal in 1994. However, after starting construction, the Mayor's office, the Airport Administration, and the Airlines each found ways to make several minor changes to the plans to accomodate their fantasies -- AFTER the concrete was laid. The result were some very expensive retrofitted changes, causing the airport project to be completed 2 years late and $300 million over budget.
Likewise, I have a major accounting application. Just yesterday, I was informed by the client of a significant policy change that affects the business rules for the database in several places. Apparently, the policy change happened 6 months ago and it did not occur to them to inform me; as a result, I not only need to change the business rules in 8 different places, but I also need to find some way to make this change 6-months retroactive. This is not the first time they have done this. Unsurprisingly, this project is now 1 year overdue and $40,000 over budget.
-Josh Berkus
As a member of the Project, let me clear a few things up:
OpenOffice.org is an Open-Source project sponsored by Sun and Collabnet. It is currently Build 638C, and has not even reached version 1.0. This is mostly because we've sepnd a lot of time replacing proprietary componets from StarOffice, such as the spellchecker, fonts, and conversion filters.
StarOffice is a commerical Sun product, available for free download, which is currently beta-ing its version 6.0. Most of this vesrion is code from OpenOffice.org Build 638 with the addition of the above-mentioned proprietary compnents.
Recarding all of the compaints on features and slow load time: If there's something you'd like to see different about OpenOffice.org, then join the project and write some code, darn it! This is Open Source.
We desperately need more coders from the community. Please, sign up and contribute!
-Josh Berkus
OpenOffice.Org Marketing Project
Damn.
... and, of course, they won't let us patch it without (lengthy) approval. So guess what machine gets compromised, and scans until it find an inadequately secured share on one server that it can use to leapfrog to the whole network?
Just spent 10 hours reparing the damage done by Nimda. !^*&*@ this is a nasty worm. basically it scans for every NT and Outlook exploit possible, and attacks the entire network.
While I've gotten my clients to reduce their NT dependance, we've got this one vendor machine
Anyway, Russ, if you still need data on the Nimda virus, boy howdy do I got it.
-Josh
As an unlicensed contract lawyer, it's actually pretty clear ...
The patent restriction requires all users of the RTLinux code to comply with the GPL or make a seperate commercial license with Yodiaken. This is, IMHO, a good thing that extends "copyleft" to the patent world.
On the other hand, the Patent adds some additional restrictions not normally contained in the GPL:
5. To require any recipient of your product based on RTLinux code to send an e-mail to Yodiaken with their contact info;
6. To keep detailed records of commercial uses of RTLinux, to be furnished to Yodiaken on demand.
All of the other clauses either repeat the above or support the terms of the GPL.
Frankly, overall Yodiaken seems to be a staunch upholder of the GPL and using his patent to uphold it. I can't understand why Stallman is freaking about Yodiaken's demand to collect a little demographic information.
Surely this is something that could be worked out with Yodiaken or simply ignored? Sheesh!
-Josh
The most important thing is that the non-profit cannot give you a "cash value" for donations. They should describe, in detail, in their acknowlegement the equipment you donated, but must refrain from making any estimate of dollar value. Many non-profits violate this rule, and you must discard their estimates of the worth of your donation. You will get in trouble with the IRS for trying to use this kind of valuation (and so will the non-profit).
Instead, you should be claiming either the depreciated value of the equipment according to your depreciation schedule (bleah!) or the current market value for equipment which was not depreciated (for example, personal non-business donations). For the latter, it is very useful to print out and save ads for comparable items on Craigslist or Ebay.
This has been your Tax Accounting Moment
-Josh
Normally I donate to "legal defense funds" (such as Skylarov) but this appeal has me a little suspicious. Particularly the appeal for $10,000 in lawyer fees and the convenient PayPal account. Other defendants have needed a support group or the EFF to set this up for them, but Brian has his ready to go.
I don't want to slam Brian if he's really facing unfair procecution, but I also would like to see some outside verification of his story from a reliable news source (like the EFF or the ACLU).
Otherwise, it's quite possible that Brian is in fact a cracker and is playing on the sympathies of the Slashdot crowd to raise a little bail money. Remember, the FBI does sometimes arrest real criminals!
Please CC: your reply to me, since this item already has hundreds of comments and I'm not sure I'll find it.
-Josh
In addition to all of the ethical and legal reasons already pointed out, the US has a strong pragmatic reason to let Dimitry go (with apologies and compensation).
Currently a lot of foreign programmers are boycotting conventions in the US due to sympathy, and fear that they will also be arrested. If Dimitry is convicted, this boycott will spread, and a lot of international software conventions currently held in the US will move to Europe, because they don't want to lose half their presenters.
Such a shift will eventually lose the US its primacy in the high-tech world. Germany, the UK and Israel are already eager to take the lead in tech development away from America; this would give them the push they need. Pretty soon, Americans would find themselves learning German or Hebrew just to maintain second place in the software world.
And that's aside from the millions in convention income lost.
Personally, I wouldn't mind seeing the technological wealth a little more world-distributed. However, I'd think that an appointed official of the Bush Administration would be a little more concerned with keeping America's technical edge sharp.
-Josh Berkus
San Francisco