The problem is that GPL-incompatible programs
cause a host of practical problems.
The majority of all open source software / Free Software (OSS/FS), counting by number of packages or lines of code, uses the GPL.
You don't have to use the GPL license, but creating an OSS/FS a license intentionally incompatible with it causes lots of practical problems.
See
my essay on using GPL compatible licenses for more information.
Actually, the book has that one
on
Debugging
·
· Score: 1
I agree, explaining it to someone else is a really
good way to debug things. It's discussed in the book, it's just not identified as a "rule" per se. You're probably right, it should've been elevated to a rule or subrule. The book does have a funny story that one group used a mannequin and made everyone explain their inexplicable problems to the mannequin (same idea as the Teddy Bear). And yes, it worked for them, too!
casting the runes has worked! (Jargon file)
on
Debugging
·
· Score: 4, Interesting
Indeed,
casting the runes has been a successful
debugging technique before.
Here's the story from the Jargon File
(under "casting the runes"):
"A correspondent from England tells us that one of ICL's most talented systems designers used to be called out occasionally to service machines which the field circus had given up on. Since he knew the design inside out, he could often find faults simply by listening to a quick outline of the symptoms. He used to play on this by going to some site where the field circus had just spent the last two weeks solid trying to find a fault, and spreading a diagram of the system out on a table top. He'd then shake some chicken bones and cast them over the diagram, peer at the bones intently for a minute, and then tell them that a certain module needed replacing. The system would start working again immediately upon the replacement."
I'm not certain if this new license is
GPL-compatible or not.
But a brief reading suggests that it is probably not.
As I discuss in
Make Your Open Source Software GPL-Compatible. Or Else, it is extremely important
that OSS projects choose a GPL-compatible license.
You don't need to use the GPL -
not even the
Free Software Foundation (FSF),
the developer of the GPL and its most avid proponent,
claims that absolutely all software must be GPL-licensed.
But choosing a license incompatible with the
GPL is generally a bad idea if you're developing
open source software.
If a project isn't GPL-compatible,
it may not receive enough support from
other developers to sustain it.
Many developers prefer the GPL; the majority
of open source software (as counted by
packages or lines of code) are GPL'ed. See my paper, there's lots of quantitative evidence for this.
Developers who prefer the GPL will work with
non-GPL'ed programs, but usually only if they're
GPL-compatible.
Several high-profile projects have undergone
great agony to become GPL-compatible
(vim, Python, Mozilla, Qt). Apache just
made a change to its license saying that one
reason was to make it GPL-compatible.
Multiple major projects don't undergo painful license changes unless they
have a reason to do so.
If this isn't resolved, the likely outcome is a fork, with the version under the modified license eventually losing. I don't see that this license change is worth such an outcome. They could resolve this with a dual license with the GPL, or just continuing to use the original license, or some variation.
Yes, most of the names in the English dictionary
are taken by someone or other. English doesn't
have that many words, and there are a lot
of projects and companies.
However, it's easy to create a unique name.
One way is to use a random name generator.
I give away
Totro,
a free GPL'ed name generator.
You don't even have to install anything, just
view the page and start creating names.
Yes, the resulting name won't be a name
in the dictionary, but that's a good thing -
that means that the name is much more likely
to be unique.
The paper doesn't identify many relevant statistics showing that the open source software community has huge resources,
but the evidence is out there.
My paper
More than
a Gigabuck: Estimating GNU/Linux's Size
measured Red Hat Linux 7.1. It found that
this distribution had over 30 million physical
source lines of code (SLOC),
it would cost over $1 billion (a Gigabuck) to develop this Linux distribution by conventional proprietary means in the U.S. (in year 2000 U.S. dollars), and would have
required about 8,000 person-years of development time.
Over one year's time, it represented a
60% increase in size, effort, and traditional development costs.
Another study (inspired by mine) looked at
Debian 2.2.
The found that Debian 2.2
includes more than 55 million physical SLOC, and would have cost nearly $1.9 billion USD using over 14,000 person-years to develop using traditional proprietary techniques.
Linus, of course, doesn't have any sort
of real control of GNU/Linux outside the kernel.
But in the context of this article, the real
issue seems to be a comparison of the open source / Free software community (as represented by GNU/Linux, the Linux kernel, and Linus Torvalds) versus Microsoft.
And in that sense, this community has
managed to acquire an absolutely astounding
amount of resources, since it's managed to
become competitive with Microsoft in spite of
the many roadblocks it's had to handle
(lack of hardware vendor support, perception
that the approach can't work, etc.).
I'd be interested in seeing a study that
tried to measure if there was a "braindrain"
from Microsoft; Slashdot is necessarily a biased sample.
If this is true, there may be many reasons, perhaps working in concert (different people may have different and multiple reasons, making the effect much stronger).
For example, the fact that the developer can see the OS code may make him far more confident in working on code above it... because he can really understand what's going on underneath (and fix it if there's a problem).
Having the entire OS's code means that he can experiment with anything... and even if today he doesn't want to experiment with something, using OSS/FS means that he'll be more prepared for that time when he does.
From a security point-of-view, he can analyze and fix anything, and knowing that others can do that too might raise his confidence in the results.
By improving OSS/FS, he gains respect in the technical community that he wouldn't get simply by writing closed code (even if they're both paid for, everyone can see EXACTLY what you did in the open code).
I have a personal website (http://www.dwheeler.com),
and while this article is interesting, for me
and many others this article completely misses the point.
Many people, including me, have a personal
website because we want
to change people's
thinking or behavior, and
not because we gain directly from our
personal sites.
Reputation-building and
getting stuff (like money and free things)
is nice, and I certainly don't mind those
side-effects.
Have I made money from reputation, and
gotten free stuff? Yes to both questions,
but I better not quit my day job:-).
But that wasn't my point. My goal was to
give useful information to a set of other
people, to influence behavior and thinking.
I get a lot of visits, and I've received a
number of emails suggesting that my material
has changed the thinking or behavior of
some people, so I think I'm
very much meeting my goals.
I think people should be able to create
a personal website for whatever reason, and
then enjoy it if it meets their goals.
If you want a lot of people to visit
your personal website, you need to provide
something on your website that
others might want.
A blog declaring what you ate last night isn't
going to get a lot of visits.
But if it's meeting your goals, go to it!
If your goal is to change
thinking and behavior, then you must create
content that could do so.
I haven't had the problem of being "hidden";
my personal website's content ranks quite
high on Google when you enter keywords relevant to my content.
Why? Because I've worked hard to create content
that at least some people actually want.
The stuff about needing an expert to create
fancy graphics is just nonsense.
Nonsense!
LOTS of people visit my site, without the
fancy graphics.
When people are searching for information,
they'll use search engines which can't even
decipher the graphics.
As the author says, simple works quite well.
It's not that the author is wrong - if your
goal is reputation-building and free stuff,
a personal website could do it. But there
are many other motivations besides those two.
I love to see competition - Google has been a
remarkably good company to its users, but
there's no guarantee of that in the future.
Having a competitive market in search engines could make sure that all engines do a good job for their customers.
However, I worry about Microsoft entering the
search engine market more than it has. I see a strong
conflict of interest between providing good
search results
and shilling for their company and/or those who
pay them.
There's some evidence that Microsoft is
already being tainted by this conflict of interest.
On a lark, I went to www.msn.com and used their
"Search the Web" option... and searched for information on Microsoft competitors.
I found several cases where Microsoft's search
engine gave higher priority to what would
make Microsoft more money (as opposed to what the
user probably wanted to see), such as
Microsoft's official position on the matter:
Open Source Software: Ignoring the paid-for links (which to their credit are specifically noted as such), the first few links were
specific papers and things, several of which were frankly poor choices. The top ones included www.x86-64.org (huh?) and a South African consulting company. What's more interesting is that Microsoft's shared source page - their
attempt to counter open source - exceeds the ranking of opensource.org and the fsf.org web sites.
A searcher would usually want to first see the
page that directly discussed the searched-for
topic, not about a competitor
that tries to do something different.
free software only mentioned pages where "free" meant "gratis". The Free Software Foundation and GNU doesn't appear in the first 30 entries.
Google, of course, returns the Free Software Foundation's gnu.org as entry #1.
Linux finds first Amazon (huh?), eBay (double huh?), and then an "Introducing Linux" paper at Microsoft's site, tech.msn.com, followed by a Microsoft paper on how to transfer FROM Linux. Only after that do Linux papers from those who advocate Linux appear.
database's first entry is a general
site, but the #2 site is www.microsoft.com/sql (Microsoft's SQL Server) and the #4 site is www.microsoft.com/office/access/default.as
(Microsoft's Access).
#3 is a general directory of vendors.
Filemaker is #9, and
the web sites of leading vendors
Oracle, Sybase, and IBM (DB2), are merely
#10, 11, and 12, again far after
Microsoft's pages.
This didn't happen all the time. Searches for specific company names ("Red Hat", "Oracle") did okay.
But this happened often enough to make it
appear that their search engine intentionally
returns Microsoft's "message" first, even if it's not what the user wanted.
It smacks dangerously close to censorship.
This certainly raises the concern that the
conflict of interest might impact what users
could see; this suggests that this impact
is already occurring.
And conflict of interest is always something
worth considering.
If Microsoft was simply one of many search engines
that might not matter, but there's a good chance
they'd use their dominant desktop marketshare
position to inhibit competition by other
search engines.
Look what Microsoft did with Netscape,
integrating a product to make it difficult to
use a competing product.
Microsoft was convicted, but that conviction did
not restore competition in the marketplace
(or cause any other real change).
If Microsoft became the
near-dominant search engine,
then this conflict of interest could result in
people being unable to speak out or sell a
competing product... because there
would be no way for people to learn of the
dissent or an alternative product.
I could run "testing" on a desktop, but it
gets relatively little testing.
As I understand it, that really indicates that the "programs are in testing, and nothing obviously broke after a few weeks."
What I want is testing for say a month or two, not just a "deadline passed without complaint, must be okay".
I'm glad you've had good experiences with it - but it just isn't what I want.
What I want is a fourth category between "testing" and "stable"; call it "ready" (as in "ready for use").
Take "testing" and put it through a month of testing specific functions (what's new, common errors, general pounding). NOT just a deadline that's passed - make sure the apps were run.
I can get that by using the for-profit distros, so I use them as my primary distros.
If there were some category that fit my needs, I'd give Debian another try.
As author of a book on how to write secure programs, I feel I have to comment on this.
Let's look at his claims:
"You don't need perfect code to avoid security problems."
Actually, that's true. For security, you want to minimize the amount of code that's important for security, and the security-relevant pieces have to be right in the sense that they don't allow security to be broken.
Even the critical pieces can be imperfect as long as the imperfections don't harm security.
But there's a danger here - typically the bar is set far too low. My fear is that this will be interpreted by his developers as "slipshod implementations are still okay." Which is not true - the parts that matter, still matter.
"There are things we're doing that are making code closer to perfect, in terms of tools and security audits and things like that. But there are two other techniques: one is called firewalling and the other is called keeping the software up to date."
Tools and security audits can help, as can firewalling and keeping up with patches.
But that's not enough.
Training developers how to develop secure software , and giving them the time to do, is probably even more important. I know Microsoft has done at least some of that, though I don't know how widespread it is and how well it's compensating for all the years they did not do that.
Techniques other than the ones he's listing are frankly more critical, too.
In particular, the system needs to be broken down into smaller, mutually suspicious pieces with minimal privileges, so that breaking one component doesn't break everything.
There needs to be multiple layers of defense.
The system needs less tight integration, and it needs to be easier to disable and remove everything not strictly necessary for a particular task.
In contrast, firewalling is only a first baby step - his competitors (like Red Hat Linux) enable that by default as a starting point, and so Microsoft is only just catching up there.
Besides, viruses are almost entirely an Outlook-unique problem, other systems are designed to not have that weakness in the first place.
Patch management is important, but given Warhol worms, they won't be enough - if attacks take a few seconds or minutes, we won't be able to patch every system around the world fast enough.
I hope that Microsoft is doing much more than Mr. Gates is saying here.
I don't think you're seeing the full picture.
All licenses are "powerless", but only in the same sense that
all laws are powerless. There are laws against other kinds of stealing and of murder, but clearly many kinds of stealing and murder happen all the time.
The power of law, and of licenses, is that if you break the law/license and get caught, there's a strong (deterrent) risk of being punished.
From that perspective, it's clear that SCO is not "getting away" with their actions. Instead, they're being sued by two organizations.
This case is becoming exactly what you asked for - a possible situation where the GPL is tested in the courts. It may not come to that; SCO could quickly back off on those points when it's trial time. But to get the GPL tested in the courts, you need someone willing to blatantly violate the license and continue to do so while in a trial. That's not happened before; violations are usually unintentional, and nobody's ever been willing to stay in court to fight the GPL.
I think most lawyers have decided that it'd be far too risky to play that game, and their clients
have some product or service that can make them
money.
SCO has nothing to lose.
By the way, you ask "What's gonna stop Microsoft from using Linux source in their next Windows version?" There have been persistent rumors that some major proprietary vendors (including Microsoft) are using GPL'ed code illegally in their proprietary code.
However, they're just that, rumors, and it is not fair to allege that someone has committed a crime when there's no evidence that they've done so.
Indeed, I think Microsoft takes copyright quite seriously and I would expect them to take many steps to prevent violating any licenses.
Currently it's difficult to detect stolen GPL code in proprietary programs.
But in theory it's quite possible to compare proprietary machine code (possibly decompiled) with GPL'd source code.
If anyone suspects that GPLed code has been wrongfully included in proprietary code, and
the binary is available, feel free to create and use tools to do such checking.
I'm not currently a Debian user, but I am an admirer. There's much, much, much to like about Debian. The difficulty of the initial install was a turn-off for me (well, at least for older Debians - that may not be a problem), but in theory, that's only a problem once for each machine.
The biggest problem for me, however, is that in many cases none of the three release types (stable, unstable, testing) are what I want.
Stable isn't just stable - it's a synonym for obsolete.
For a server install an old install may in fact be a good idea - often rock-solid reliability is by far the most important criteria.
But for a desktop,
running "stable" means that my desktop applications
can't read/write the document formats that more
modern versions can, my application choices
are fewer, they fail to provide critical functions
to me, and so on.
In short, "stable" is hopeless on a desktop.
But my alternatives are testing and unstable,
which get insufficient testing and are
excessively risky; I certainly don't
feel comfortable using them.
Compare this to
Red Hat / Fedora, SuSE, Mandrake, and some others;
they have a timeline (say 6 - 12 months),
test a combination far more than Debian's testing version gets, and then ship.
For a desktop, this tends to produce a better
results, because desktop users do want
reliability (more than "testing" provides)
but also need stronger functionality than old
versions of OSS/FS programs than what
"stable" provides.
And desktop users have less trouble with more rapid updates, as long as they don't cost anything.
Am I free to use some other distribution?
Yes! And I do.
But frankly, I wish Debian would create some
level between stable and testing, that
was frozen and tested on say a six-month
increment and released.
I'm interested in using Debian, but
its current lack of something between "stable" and "testing" is keeping me from using it routinely.
And I wouldn't be surprised if I'm not the only one; I don't see the success of Red Hat (for example) as being an accident.
I don't see any fundamental licensing issue
with an intermediate level - is there any possibility that one might be supported in the future?
If it had that level, I think there'd be even more Debian users.
In many markets, the only viable true
competitor to Microsoft is Open Source Software / Free Software (OSS/FS). Microsoft knows this. So, Microsoft cleverly proposed a settlement - and the gullible government accepted - a settlement that is fundamentally discriminatory, designed so that the only viable competitor CANNOT compete.
So, with a "fix" that is specifically designed to forbid use by the only competitor, why would anyone think that the fix would ever work?
The APIs and file formats for Windows and Office need to be public and open to all, no exceptions, no licenses. The document formats are in many ways more important, even; it makes no sense that much of the world's public records are only accessible via a private gatekeeper.
But technically this isn't impressive. I worked on programs that did full-text document searches about 20 years ago, and they weren't new then. So simply doing full-text searches in documents is just no big deal. But what about the large number of books, you say? Actually, that's nothing more than what they already do. I believe the scale of website text far exceeds the scale of the book text that they can search. The Wikipedia is simply one of millions of sites, and it has a whole encyclopedia.
So, they can simply use their existing schemes that examine websites to examine books as well.
I am impressed with Google's ability to manage web searches, but compared to that, book searching is no big deal.
It's a very minor extension to what they already do.
Is it patentable? They can probably send in paperwork and get a piece of paper, since the wheel and patterns for swinging on a swing have already been granted patents. Patenting in many countries has become simply a registration process, even though the law says otherwise. Software patents are particularly egregious.
But does this basic idea meet the legal requirements of a patent? No. The idea of searching the full text of books - and technology to do it - has been around for decades. If they've done something truly original to handle the scale, then maybe, but as of yet I don't see any evidence of that. Perhaps the evidence of something original and not obvious will come.
I like to hear about major new innovations - I even have a paper on software innovations.
But not everything has to be a breathtaking new innovation to be useful.
If it's useful, then let's say "thank you" and/or use it, without demanding that it represent a revolutionary change in technology.
Some of the things that have most changed our lives aren't radical new ideas, but instead are things that made pre-existing ideas easier or cheaper to use.
I use ebooks all the time, and they aren't dying at all. Of course, what I use is a Palm PDA (with its long battery life) and Plucker, a wonderful offline HTML/web reader (GPL license) for the Palm.
Plucker can take arbitrary collections of web pages, compress them, and store them on the Palm.
And many people have pre-created books using this format.
I've read several books (such as Bram Stoker's Dracula, a long science fiction story recently noted on Slashdot, and so on) on it; it works well.
I don't have any of the problems of "incompatible formats" - if it's in HTML (or ASCII text), which is true for a lot of documents, then I can read it.
And unlike these here today, gone tomorrow formats, I expect HTML to be around next year too.
It is true that you can read paper much faster and more comfortably than today's computer screens (even full monitors, never mind puny PDA screens).
But when standing in line, etc., I can pull out my PDA in places where I probably wouldn't have been carrying the book around.
So for casual reading, there's a trade-off: paper books are easier to read, but not as easy to carry.
For reference material there's no contest: ebooks are much lighter and permit searching.
True, I can't get the latest top-ten book this way, since they're not available as HTML. But they're usually not available in any electronic format either, so it's generally no loss. Even in the rare cases where a major book I want to read is available electronically, it's usually only available in some almost-as-expensive non-standard format that will disappear next year. Why should I invest in a book when I can't be certain I can read it years from now? (Any book purchase is an investment - a book is a far safer investment, since there's no worry that its "format" will become impossible to use). And I can't even give or sell the electronic version to someone else - something I can do with a book.
This article was really talking about the "nonstandard, special-purpose" readers and formats - and yes, they're dying. That's not surprising. They're dying because they not only fail to be competitive with books; they also fail to be competitive with the sweet simplicity of HTML readers on ordinary PDAs.
The idea is interesting, but the current implementation can only handle C - not C++ or other languages. That means it can't handle Open Office currently.
That's too bad, because the open source application most needing high reliability is Open Office. Don't get me wrong - Open Office is quite useable, and I experience fewer reliability problems with it than with Microsoft Office. However, making Open Office extremely reliable (far beyond most software) would help far more people than getting the GIMP more reliable.
I wish these folks well on their research.
I also hope that they extend their tool enough
to handle Open Office in the future.
In the "old days" the approximation 1K~=1024
was good enough for most purposes.
But nowadays, we have ordinary people using computers who, especially outside the U.S., know that K=1,000, M=1,000,000, and so on.
Computers are used by more than computer science
people now.
Indeed, they're invading every aspect of everyone's
life, including scientific applications, and having
this rediculous inconsistency is increasingly a
problem.
It's even inconsistent on computing equipment.
When I get a file size reported to me in binary Gigabytes, and try to send it over a transmission line measured in decimal Gigabytes or store it on a drive measured in decimal Gigabytes, things don't work right.
Look at the 3.5" floppy disks - they're called
"1.44" disks, but what is that number?
It turns out to be 1.44*1000*1024 bytes - so here have a unit that mixes the binary and decimal units.
Sure, there are many cases where this doesn't matter.
But in the future, as systems get bigger this difference becomes more pronounced.
"MiB" may look odd, but we're better off in the long term having unit prefixes having the same consistent meanings they've had everywhere else for decades.
There was a time when "Kilobyte" was odd too.
These stats aren't showing the full story,
as far as I can tell.
If Windows gained this month, then it gained and so be it - but that's not what these numbers say. They just say how many Windows 2003 systems used to run Linux, but they omit how many new users of Linux used to run Windows. Without that data, it's rather meaningless.
Apache is gaining, not losing market share.
Apache can run on Windows, but it rarely does - the Windows license costs make it rather expensive, and often with no benefit.
See
Netcraft
for more data.
Open source software / Free Software (OSS/FS) must
gain market share on the desktop, or it may die.
Many organizations are, for various reasons, pursuing their own policies that will try to make sure that OSS/FS programs/systems can't be used.
It's reasonable to presume that Microsoft will want to modify its operating systems and applications to ensure that nothing can interoperate with them.
Many organizations want to patent-squat on clearly obvious "inventions".
Many are paying legislatures to rewrite laws to give them control over markets, to the detriment of OSS/FS. For example, look at the patent lawyers who are trying to get the European Union to permit software patents - economic studies show it's a bad idea, and most practitioners think it's a bad idea, but it certainly would enrich the patent lawyers.
If those pressures are allowed to continue unopposed,
OSS/FS systems won't be able to do many important functions, and eventually they
will not be useful for any useful function.
Governments wield great power, and the mechanisms they create (like software patents) can certainly interfere with or inhibit otherwise useful technology.
OSS/FS programs have a strong share today on the server. But if they never gain hold on the desktop, that won't matter much. The owners of desktops will modify their systems so that only their desktops can view important content (buying the content, if necessary, to ensure customer lock-in).
Imagine if Internet Explorer always loaded
Apache sites at 1/10 the speed - or simply didn't load it at all - and the vendor could get
away with it because it was essentially illegal
to use another browser that had necessary
user functions.
If it becomes essentially impossible or illegal to use OSS/FS, it will quickly lose all developers and completely die.
There's little evidence that OSS/FS projects will generate the necessary capital to buy off these forces directly.
The only real defense against such tactics is
if OSS/FS gains market share on the desktop.
If it's on enough desktops, there will be many people (users AND developers) who will want to make sure there are no artificial barriers to its use. The number of servers is small; the number of desktops is huge, and any democracy will start taking notice if many desktop users are unhappy. Legislatures will be less interested in writing laws that tilt against OSS/FS; content providers will be less interested in tools that exclude users of OSS/FS; hardware vendors will be more interested in doing what it takes to get support by OSS/FS operating systems.
Thankfully, there are lots of signs that OSS/FS is becoming competitive on the desktop.
Having an alternative is in the interest of a lot of users, and a lot of computer companies would like to have alternatives too.
Once the desktop becomes competitive, I
think we (as consumers) can expect to see a lot of good things.
OSS/FS doesn't even have to even gain dominant share to have a positive effect - just enough market share to create competition.
I love competition, because
honest competition does wonderful things for the consumer.
I have hopes we're seeing the beginning of a
real competition.
If you want to be allowed to develop OSS/FS programs tomorrow, you should root for a competitive market share for OSS/FS applications and operating systems on the desktop.
I took a brief look at the patent;
it appears that it only applies if the
content appears within the browser's
own display (see particularly claim 1).
Perhaps if you invoked the plug-in and displayed it OUTSIDE the browser display, that's avoid the patent. For some types, like most PDF
documents, that would work well.
But this is all amazingly silly.
This is so obvious to a "practitioner of the art" that the patent office should have
instantly rejected it.
Displaying data where it's requested is
a fundamental notion.
And invoking a program based on its type is
also a fundamental notion.
COM and DCOM were developed specifically for
this reason, for example: to enable in-line
display and manipulation of data.
They both precede this patent (COM certainly
does) making them prior art.
The patent wasn't even filed until
October 17, 1994.
But Java was publicly demonstrated on
September 1992 (originally called Oak), and
Safe-TCL came out in 1992 as well.
It wouldn't surprise me if they also met
this patent, and were prior art too.
This is a junk patent that needs revoking.
Just base 3 or 4? How about base pi, e, i, 1,...
on
Beyond Binary Computing?
·
· Score: 4, Interesting
Base 2,3,4, and 10 are so easy.
If you really want a challenge, build
a computer using
base pi, e, i, 1, or 0:-).
Slashdot Mirror
The problem is that GPL-incompatible programs cause a host of practical problems. The majority of all open source software / Free Software (OSS/FS), counting by number of packages or lines of code, uses the GPL. You don't have to use the GPL license, but creating an OSS/FS a license intentionally incompatible with it causes lots of practical problems. See my essay on using GPL compatible licenses for more information.
If you think the SCO case is an important case for the SEC to investigate, you should contact the SEC, telling them to investigate SCO and why you think the SEC should be involved. You should reference specific points from Halloween X and/or Groklaw if you're going to make your point. Most government organizations prioritize in part by whatever wheel squeeks the loudest.
I agree, explaining it to someone else is a really good way to debug things. It's discussed in the book, it's just not identified as a "rule" per se. You're probably right, it should've been elevated to a rule or subrule. The book does have a funny story that one group used a mannequin and made everyone explain their inexplicable problems to the mannequin (same idea as the Teddy Bear). And yes, it worked for them, too!
Here's the story from the Jargon File (under "casting the runes"): "A correspondent from England tells us that one of ICL's most talented systems designers used to be called out occasionally to service machines which the field circus had given up on. Since he knew the design inside out, he could often find faults simply by listening to a quick outline of the symptoms. He used to play on this by going to some site where the field circus had just spent the last two weeks solid trying to find a fault, and spreading a diagram of the system out on a table top. He'd then shake some chicken bones and cast them over the diagram, peer at the bones intently for a minute, and then tell them that a certain module needed replacing. The system would start working again immediately upon the replacement."
Hope those references help.
As I discuss in Make Your Open Source Software GPL-Compatible. Or Else , it is extremely important that OSS projects choose a GPL-compatible license. You don't need to use the GPL - not even the Free Software Foundation (FSF), the developer of the GPL and its most avid proponent, claims that absolutely all software must be GPL-licensed. But choosing a license incompatible with the GPL is generally a bad idea if you're developing open source software.
If a project isn't GPL-compatible, it may not receive enough support from other developers to sustain it. Many developers prefer the GPL; the majority of open source software (as counted by packages or lines of code) are GPL'ed. See my paper, there's lots of quantitative evidence for this. Developers who prefer the GPL will work with non-GPL'ed programs, but usually only if they're GPL-compatible. Several high-profile projects have undergone great agony to become GPL-compatible (vim, Python, Mozilla, Qt). Apache just made a change to its license saying that one reason was to make it GPL-compatible. Multiple major projects don't undergo painful license changes unless they have a reason to do so.
If this isn't resolved, the likely outcome is a fork, with the version under the modified license eventually losing. I don't see that this license change is worth such an outcome. They could resolve this with a dual license with the GPL, or just continuing to use the original license, or some variation.
For a brief summary of related infomration, see the Wikipedia article on File Allocation Table.
However, it's easy to create a unique name. One way is to use a random name generator. I give away Totro, a free GPL'ed name generator. You don't even have to install anything, just view the page and start creating names. Yes, the resulting name won't be a name in the dictionary, but that's a good thing - that means that the name is much more likely to be unique.
My paper More than a Gigabuck: Estimating GNU/Linux's Size measured Red Hat Linux 7.1. It found that this distribution had over 30 million physical source lines of code (SLOC), it would cost over $1 billion (a Gigabuck) to develop this Linux distribution by conventional proprietary means in the U.S. (in year 2000 U.S. dollars), and would have required about 8,000 person-years of development time. Over one year's time, it represented a 60% increase in size, effort, and traditional development costs.
Another study (inspired by mine) looked at Debian 2.2. The found that Debian 2.2 includes more than 55 million physical SLOC, and would have cost nearly $1.9 billion USD using over 14,000 person-years to develop using traditional proprietary techniques.
Linus, of course, doesn't have any sort of real control of GNU/Linux outside the kernel. But in the context of this article, the real issue seems to be a comparison of the open source / Free software community (as represented by GNU/Linux, the Linux kernel, and Linus Torvalds) versus Microsoft. And in that sense, this community has managed to acquire an absolutely astounding amount of resources, since it's managed to become competitive with Microsoft in spite of the many roadblocks it's had to handle (lack of hardware vendor support, perception that the approach can't work, etc.).
More quantitative data showing that there cases where open source software / free software is competitive is available in my paper "Why OSS/FS? Look at the Numbers!".
If this is true, there may be many reasons, perhaps working in concert (different people may have different and multiple reasons, making the effect much stronger). For example, the fact that the developer can see the OS code may make him far more confident in working on code above it... because he can really understand what's going on underneath (and fix it if there's a problem). Having the entire OS's code means that he can experiment with anything... and even if today he doesn't want to experiment with something, using OSS/FS means that he'll be more prepared for that time when he does. From a security point-of-view, he can analyze and fix anything, and knowing that others can do that too might raise his confidence in the results. By improving OSS/FS, he gains respect in the technical community that he wouldn't get simply by writing closed code (even if they're both paid for, everyone can see EXACTLY what you did in the open code).
I'm sure there are others.
Many people, including me, have a personal website because we want to change people's thinking or behavior, and not because we gain directly from our personal sites.
Let me give specific examples. I've been frustrated that many developers don't know how to write secure programs, so I give away a free book telling people how to write secure programs (particularly for Linux/Unix). I was interested in open source software / Free software, and was frustrated when I discovered that quantitative information existed but it was hard to find - so I collected quantitative data about open source software / Free software so others could benefit from my search, and so that people would start thinking quantitatively about such things. In a similar vein, I was curious about how much source code was in GNU/Linux, and wanted people in general to think about quantitatively analyzing these systems, so I posted my paper on the number of source lines of code in a GNU/Linux distribution ("More than a Gigabuck").
Reputation-building and getting stuff (like money and free things) is nice, and I certainly don't mind those side-effects. Have I made money from reputation, and gotten free stuff? Yes to both questions, but I better not quit my day job :-).
But that wasn't my point. My goal was to
give useful information to a set of other
people, to influence behavior and thinking.
I get a lot of visits, and I've received a
number of emails suggesting that my material
has changed the thinking or behavior of
some people, so I think I'm
very much meeting my goals.
I think people should be able to create a personal website for whatever reason, and then enjoy it if it meets their goals. If you want a lot of people to visit your personal website, you need to provide something on your website that others might want. A blog declaring what you ate last night isn't going to get a lot of visits. But if it's meeting your goals, go to it! If your goal is to change thinking and behavior, then you must create content that could do so.
I haven't had the problem of being "hidden"; my personal website's content ranks quite high on Google when you enter keywords relevant to my content. Why? Because I've worked hard to create content that at least some people actually want.
The stuff about needing an expert to create fancy graphics is just nonsense. Nonsense! LOTS of people visit my site, without the fancy graphics. When people are searching for information, they'll use search engines which can't even decipher the graphics. As the author says, simple works quite well.
It's not that the author is wrong - if your goal is reputation-building and free stuff, a personal website could do it. But there are many other motivations besides those two.
However, I worry about Microsoft entering the search engine market more than it has. I see a strong conflict of interest between providing good search results and shilling for their company and/or those who pay them.
There's some evidence that Microsoft is already being tainted by this conflict of interest. On a lark, I went to www.msn.com and used their "Search the Web" option... and searched for information on Microsoft competitors. I found several cases where Microsoft's search engine gave higher priority to what would make Microsoft more money (as opposed to what the user probably wanted to see), such as Microsoft's official position on the matter:
This didn't happen all the time. Searches for specific company names ("Red Hat", "Oracle") did okay. But this happened often enough to make it appear that their search engine intentionally returns Microsoft's "message" first, even if it's not what the user wanted. It smacks dangerously close to censorship. This certainly raises the concern that the conflict of interest might impact what users could see; this suggests that this impact is already occurring. And conflict of interest is always something worth considering.
If Microsoft was simply one of many search engines that might not matter, but there's a good chance they'd use their dominant desktop marketshare position to inhibit competition by other search engines. Look what Microsoft did with Netscape, integrating a product to make it difficult to use a competing product. Microsoft was convicted, but that conviction did not restore competition in the marketplace (or cause any other real change). If Microsoft became the near-dominant search engine, then this conflict of interest could result in people being unable to speak out or sell a competing product ... because there
would be no way for people to learn of the
dissent or an alternative product.
I'm glad you've had good experiences with it - but it just isn't what I want.
What I want is a fourth category between "testing" and "stable"; call it "ready" (as in "ready for use"). Take "testing" and put it through a month of testing specific functions (what's new, common errors, general pounding). NOT just a deadline that's passed - make sure the apps were run.
I can get that by using the for-profit distros, so I use them as my primary distros. If there were some category that fit my needs, I'd give Debian another try.
Actually, that's true. For security, you want to minimize the amount of code that's important for security, and the security-relevant pieces have to be right in the sense that they don't allow security to be broken. Even the critical pieces can be imperfect as long as the imperfections don't harm security. But there's a danger here - typically the bar is set far too low. My fear is that this will be interpreted by his developers as "slipshod implementations are still okay." Which is not true - the parts that matter, still matter.
Tools and security audits can help, as can firewalling and keeping up with patches. But that's not enough. Training developers how to develop secure software , and giving them the time to do, is probably even more important. I know Microsoft has done at least some of that, though I don't know how widespread it is and how well it's compensating for all the years they did not do that. Techniques other than the ones he's listing are frankly more critical, too. In particular, the system needs to be broken down into smaller, mutually suspicious pieces with minimal privileges, so that breaking one component doesn't break everything. There needs to be multiple layers of defense. The system needs less tight integration, and it needs to be easier to disable and remove everything not strictly necessary for a particular task. In contrast, firewalling is only a first baby step - his competitors (like Red Hat Linux) enable that by default as a starting point, and so Microsoft is only just catching up there. Besides, viruses are almost entirely an Outlook-unique problem, other systems are designed to not have that weakness in the first place. Patch management is important, but given Warhol worms, they won't be enough - if attacks take a few seconds or minutes, we won't be able to patch every system around the world fast enough.
I hope that Microsoft is doing much more than Mr. Gates is saying here.
From that perspective, it's clear that SCO is not "getting away" with their actions. Instead, they're being sued by two organizations.
This case is becoming exactly what you asked for - a possible situation where the GPL is tested in the courts. It may not come to that; SCO could quickly back off on those points when it's trial time. But to get the GPL tested in the courts, you need someone willing to blatantly violate the license and continue to do so while in a trial. That's not happened before; violations are usually unintentional, and nobody's ever been willing to stay in court to fight the GPL. I think most lawyers have decided that it'd be far too risky to play that game, and their clients have some product or service that can make them money. SCO has nothing to lose.
By the way, you ask "What's gonna stop Microsoft from using Linux source in their next Windows version?" There have been persistent rumors that some major proprietary vendors (including Microsoft) are using GPL'ed code illegally in their proprietary code. However, they're just that, rumors, and it is not fair to allege that someone has committed a crime when there's no evidence that they've done so. Indeed, I think Microsoft takes copyright quite seriously and I would expect them to take many steps to prevent violating any licenses.
Currently it's difficult to detect stolen GPL code in proprietary programs. But in theory it's quite possible to compare proprietary machine code (possibly decompiled) with GPL'd source code. If anyone suspects that GPLed code has been wrongfully included in proprietary code, and the binary is available, feel free to create and use tools to do such checking.
The biggest problem for me, however, is that in many cases none of the three release types (stable, unstable, testing) are what I want. Stable isn't just stable - it's a synonym for obsolete. For a server install an old install may in fact be a good idea - often rock-solid reliability is by far the most important criteria. But for a desktop, running "stable" means that my desktop applications can't read/write the document formats that more modern versions can, my application choices are fewer, they fail to provide critical functions to me, and so on. In short, "stable" is hopeless on a desktop. But my alternatives are testing and unstable, which get insufficient testing and are excessively risky; I certainly don't feel comfortable using them. Compare this to Red Hat / Fedora, SuSE, Mandrake, and some others; they have a timeline (say 6 - 12 months), test a combination far more than Debian's testing version gets, and then ship. For a desktop, this tends to produce a better results, because desktop users do want reliability (more than "testing" provides) but also need stronger functionality than old versions of OSS/FS programs than what "stable" provides. And desktop users have less trouble with more rapid updates, as long as they don't cost anything.
Am I free to use some other distribution? Yes! And I do.
But frankly, I wish Debian would create some level between stable and testing, that was frozen and tested on say a six-month increment and released. I'm interested in using Debian, but its current lack of something between "stable" and "testing" is keeping me from using it routinely. And I wouldn't be surprised if I'm not the only one; I don't see the success of Red Hat (for example) as being an accident. I don't see any fundamental licensing issue with an intermediate level - is there any possibility that one might be supported in the future? If it had that level, I think there'd be even more Debian users.
So, with a "fix" that is specifically designed to forbid use by the only competitor, why would anyone think that the fix would ever work?
The APIs and file formats for Windows and Office need to be public and open to all, no exceptions, no licenses. The document formats are in many ways more important, even; it makes no sense that much of the world's public records are only accessible via a private gatekeeper.
But technically this isn't impressive. I worked on programs that did full-text document searches about 20 years ago, and they weren't new then. So simply doing full-text searches in documents is just no big deal. But what about the large number of books, you say? Actually, that's nothing more than what they already do. I believe the scale of website text far exceeds the scale of the book text that they can search. The Wikipedia is simply one of millions of sites, and it has a whole encyclopedia. So, they can simply use their existing schemes that examine websites to examine books as well. I am impressed with Google's ability to manage web searches, but compared to that, book searching is no big deal. It's a very minor extension to what they already do.
Is it patentable? They can probably send in paperwork and get a piece of paper, since the wheel and patterns for swinging on a swing have already been granted patents. Patenting in many countries has become simply a registration process, even though the law says otherwise. Software patents are particularly egregious. But does this basic idea meet the legal requirements of a patent? No. The idea of searching the full text of books - and technology to do it - has been around for decades. If they've done something truly original to handle the scale, then maybe, but as of yet I don't see any evidence of that. Perhaps the evidence of something original and not obvious will come.
I like to hear about major new innovations - I even have a paper on software innovations. But not everything has to be a breathtaking new innovation to be useful. If it's useful, then let's say "thank you" and/or use it, without demanding that it represent a revolutionary change in technology. Some of the things that have most changed our lives aren't radical new ideas, but instead are things that made pre-existing ideas easier or cheaper to use.
I don't have any of the problems of "incompatible formats" - if it's in HTML (or ASCII text), which is true for a lot of documents, then I can read it. And unlike these here today, gone tomorrow formats, I expect HTML to be around next year too.
It is true that you can read paper much faster and more comfortably than today's computer screens (even full monitors, never mind puny PDA screens). But when standing in line, etc., I can pull out my PDA in places where I probably wouldn't have been carrying the book around. So for casual reading, there's a trade-off: paper books are easier to read, but not as easy to carry. For reference material there's no contest: ebooks are much lighter and permit searching.
True, I can't get the latest top-ten book this way, since they're not available as HTML. But they're usually not available in any electronic format either, so it's generally no loss. Even in the rare cases where a major book I want to read is available electronically, it's usually only available in some almost-as-expensive non-standard format that will disappear next year. Why should I invest in a book when I can't be certain I can read it years from now? (Any book purchase is an investment - a book is a far safer investment, since there's no worry that its "format" will become impossible to use). And I can't even give or sell the electronic version to someone else - something I can do with a book.
This article was really talking about the "nonstandard, special-purpose" readers and formats - and yes, they're dying. That's not surprising. They're dying because they not only fail to be competitive with books; they also fail to be competitive with the sweet simplicity of HTML readers on ordinary PDAs.
That's too bad, because the open source application most needing high reliability is Open Office. Don't get me wrong - Open Office is quite useable, and I experience fewer reliability problems with it than with Microsoft Office. However, making Open Office extremely reliable (far beyond most software) would help far more people than getting the GIMP more reliable.
I wish these folks well on their research. I also hope that they extend their tool enough to handle Open Office in the future.
But nowadays, we have ordinary people using computers who, especially outside the U.S., know that K=1,000, M=1,000,000, and so on. Computers are used by more than computer science people now. Indeed, they're invading every aspect of everyone's life, including scientific applications, and having this rediculous inconsistency is increasingly a problem.
It's even inconsistent on computing equipment. When I get a file size reported to me in binary Gigabytes, and try to send it over a transmission line measured in decimal Gigabytes or store it on a drive measured in decimal Gigabytes, things don't work right. Look at the 3.5" floppy disks - they're called "1.44" disks, but what is that number? It turns out to be 1.44*1000*1024 bytes - so here have a unit that mixes the binary and decimal units.
Sure, there are many cases where this doesn't matter. But in the future, as systems get bigger this difference becomes more pronounced. "MiB" may look odd, but we're better off in the long term having unit prefixes having the same consistent meanings they've had everywhere else for decades. There was a time when "Kilobyte" was odd too.
Apache is gaining, not losing market share. Apache can run on Windows, but it rarely does - the Windows license costs make it rather expensive, and often with no benefit. See Netcraft for more data.
Many organizations are, for various reasons, pursuing their own policies that will try to make sure that OSS/FS programs/systems can't be used. It's reasonable to presume that Microsoft will want to modify its operating systems and applications to ensure that nothing can interoperate with them. Many organizations want to patent-squat on clearly obvious "inventions". Many are paying legislatures to rewrite laws to give them control over markets, to the detriment of OSS/FS. For example, look at the patent lawyers who are trying to get the European Union to permit software patents - economic studies show it's a bad idea, and most practitioners think it's a bad idea, but it certainly would enrich the patent lawyers. If those pressures are allowed to continue unopposed, OSS/FS systems won't be able to do many important functions, and eventually they will not be useful for any useful function. Governments wield great power, and the mechanisms they create (like software patents) can certainly interfere with or inhibit otherwise useful technology.
OSS/FS programs have a strong share today on the server. But if they never gain hold on the desktop, that won't matter much. The owners of desktops will modify their systems so that only their desktops can view important content (buying the content, if necessary, to ensure customer lock-in). Imagine if Internet Explorer always loaded Apache sites at 1/10 the speed - or simply didn't load it at all - and the vendor could get away with it because it was essentially illegal to use another browser that had necessary user functions.
If it becomes essentially impossible or illegal to use OSS/FS, it will quickly lose all developers and completely die. There's little evidence that OSS/FS projects will generate the necessary capital to buy off these forces directly.
The only real defense against such tactics is if OSS/FS gains market share on the desktop. If it's on enough desktops, there will be many people (users AND developers) who will want to make sure there are no artificial barriers to its use. The number of servers is small; the number of desktops is huge, and any democracy will start taking notice if many desktop users are unhappy. Legislatures will be less interested in writing laws that tilt against OSS/FS; content providers will be less interested in tools that exclude users of OSS/FS; hardware vendors will be more interested in doing what it takes to get support by OSS/FS operating systems.
Thankfully, there are lots of signs that OSS/FS is becoming competitive on the desktop. Having an alternative is in the interest of a lot of users, and a lot of computer companies would like to have alternatives too. Once the desktop becomes competitive, I think we (as consumers) can expect to see a lot of good things. OSS/FS doesn't even have to even gain dominant share to have a positive effect - just enough market share to create competition.
I love competition, because honest competition does wonderful things for the consumer. I have hopes we're seeing the beginning of a real competition.
If you want to be allowed to develop OSS/FS programs tomorrow, you should root for a competitive market share for OSS/FS applications and operating systems on the desktop.
But this is all amazingly silly. This is so obvious to a "practitioner of the art" that the patent office should have instantly rejected it. Displaying data where it's requested is a fundamental notion. And invoking a program based on its type is also a fundamental notion. COM and DCOM were developed specifically for this reason, for example: to enable in-line display and manipulation of data. They both precede this patent (COM certainly does) making them prior art.
The patent wasn't even filed until October 17, 1994. But Java was publicly demonstrated on September 1992 (originally called Oak), and Safe-TCL came out in 1992 as well. It wouldn't surprise me if they also met this patent, and were prior art too.
This is a junk patent that needs revoking.
Base 2,3,4, and 10 are so easy. If you really want a challenge, build a computer using base pi, e, i, 1, or 0 :-).