What is your criteria for calling the Solaris kernel a "far second" to Linux?
Simply the pace of development. And I acknowledge that there isn't a complete competitor to dtrace yet, but I am also looking at the "features of the month" on LWN's kernel reporting. They go by pretty fast.
I run Linux on my main servers, my desktop, my laptop, and my cell phone. Same code base. Solaris would not do as good a job on either the laptop or desktop, and it's not going to be in the cell phone. More features, for more people, go into Linux, at a more rapid pace.
You are confusing the kernel with the software that is available for it.
Not at all. I was the second Debian project leader and understand all too well the totality of a distribution and what is in and out of the kernel. I remain very impressed with the Linux kernel team. More innovative work goes on there than in any user-mode project I know of.
The technical lead that Solaris has is harder for Linux to chase than the lead in x86 drivers that Linux has.
The technical lead of the entirely portable portion of Linux is very hard to chase. I don't believe that device drivers are a big consideration, although I believe that GPL-only device drivers lead to better stability. Proprietary drivers are where most crashes happen and the Linux community has been swift to deprecate them.
It works both ways. A main advantage about the Solaris kernel is that it is very very stable.
2.4 is very stable, if you want that. Most people don't, it seems. Backwards compatibility is not nearly so much of a problem as on Windows due to the fact that there's a mature standard for the API.
GPL code can't be integrated into BSD code either.
Actually, it can. The result has a GPL license. A number of kernel drivers have been shared between Linux and BSD.
Quite frankly I don't think I would want the Linux and Solaris kernels to converge into one great big monolith.
No, nobody needs that. That's actually the problem for Solaris. It won't get merged in, and it's not tremendously viable on its own over the long term.
Solaris has a few features at which the Linux folks look hungrily, and you know what happens when those folks like features. Linux gets them. These are the folks who replaced Bitkeeper in a month.
Not until they fix the developement model of the 2.6 kernel so that it becomes a lot more stable.
This is a non-sequitur. They will get the features regardless of the bug count.
The number of bugs in the 2.6 kernel is appalling. This isn't just about features, it's about rock-solid stability.
It's great to leave a machine booted for two years. I know that Solaris folks do that. I have had my main Linux server, running Debian stable, on the net up for months without reboots, and it's not ever had a kernel-related problem. Reboots happen because of user-mode changes that I make, mostly because I want to be sure that the machine will come up by itself after I change what daemons I'm running. I don't have physical access to the machine. No service tickets in over a year. I could really have kept the kernel up for a year or more if I'd cared to.
Linux will get the features, and the 2.6 development model will continue to have bugs as new kernels come out, and users will run a few versions behind the current kernel - as a lot of people seem to be running 2.6.11 and so on at the moment. The progression is toward a stable kernel with the features you need, and the number of people who must be on the bleeding edge gets progressively smaller. But you know what, some of us like to be there anyway.
Bruce
Re:Before you comment ...
on
Debian GNU/Solaris
·
· Score: 4, Interesting
It's interesting because it's another proof that Debian doesn't need the Linux kernel. Sun is making inroads into BSD's territory. Not Linux territory. Their kernel fills a role similar to the *BSDs in the Open Source world. Technically interesting, used in some projects, and a far second to Linux.
Linux has a huge independent development community and more huge companies than it is easy to count behind it, and nobody can keep up with the pace of development. The GPL is a very important factor. It's the only partnership that would keep it fair for the big guys and the little ones at the same time. What technical lead Solaris has is rapidly diminishing because they can not - and never will - keep up the development team that Linux and the GPL have spawned.
And then there's the deliberately-incompatible licensing, Sun's lack of success at building Open Source communities (OpenOffice should have a community 100 times the size of the one it's got - IMO it's second in importance to the Linux kernel), and Jonathan's tendency to turn any gains that Sun makes in the Open Source community into defeat with his own words. All of these things hold them back.
Solaris has a few features at which the Linux folks look hungrily, and you know what happens when those folks like features. Linux gets them. These are the folks who replaced Bitkeeper in a month.
It would be fun to have a system that booted the same binaries into Linux, BSD, Solaris, and HURD. If someone makes that, it'll be an awesome hack. But at the same time it would demonstrate the futility of having all of those kernels do the same thing technically, while one of them does the community part much better than the others.
Actually, insurance doesn't work that way. First, you have to justify your own processes to your insurer, because if you run a slipshod operation that is likely to generate an insurance payout, they don't want you as a customer.
Second, if you are about to go to court with an Open Source developer, the insurer is going to want you to settle with that developer. It's cheaper than going to court. Are you an Open Source developer, and you don't have money to enforce your copyright? You can get a lawyer to fight an insurance company for a 50% share of the results and no money up front.
Lots of people are not thinking this through all of the way.
Disclaimer: I am on the board of OSRM. I don't get paid, and I have enough worthless stock in other companies to be honest with myself about the prospect that I ever will get paid.
This is correct. "At the right premium" means that before someone underwrites a policy, you have to provide actuarial data that justifies their investment in the risk.
Well, you can hire me to review your GPL compliance. And you are right that the main way to manage this problem is with training. The real problem is that engineers and technical managers think they are soldering parts together when in actuality they are creating derivative works out of someone else's intellectual property. Of course, there is some resistance when we try to get them to think about it that way:-)
If you buy this product, you have to assure OSRM that you are in compliance. They don't give you insurance so that you can have slipshod processes in your company and just get paid whenever you goof.
The initiators of litigation could, of course, come from the ranks of those who stand to lose the most by more widespread adoption of FOSS, or from agents acting on their behalf.
With this particular product, the initiator would have to be the copyright holder on the software. That person is the Open Source developer.
Are you confusing this with the patent issue? That is a much more serious issue, and maybe one OSRM can cover in the future. But this product does not cover that.
Many Open Source licenses are contracts, even though they are based on copyright law. The GPL purports to be a straight copyright permission because RMS didn't want to remove any rights you already had, but it includes words like "you agree" and thus it's not entirely clear that it is not a contract. No court has ruled either way.
Insurance doesn't protect you from violating the law wilfully. A number of commenters seem to be missing that. OSRM is not in the business of issuing a license to kill:-) Indeed, if you buy their product you have to demonstrate to them that you are maintaining compliance. This should help.
Unintentional violations happen. So far, no Open Source developer has demanded damages for one. However, there was a situation where there were two companies and an open source developer involved in the same product, and one of the companies sued the other and asked for damages. The case settled and is sealed, I'd go to jail if I told you details, and they didn't tell me what the settlement was.
I don't need this insurance and you don't. Some companies would consider it cheap.
I am on the OSRM board. I don't get paid, and although I have stock, that doesn't mean it will ever be worth anything.
I have been involved in a number of GPL violation cases. None were intentional. All were incredibly stupid. Mostly they had to do with engineers and technical managers not knowing what to ask their lawyers or not having sufficient access to lawyers. When you produce a product for money, there is a due-diligence requirement that many engineering companies don't trouble themselves with.
If you think infringement of Open Source licenses is a problem, it's even worse with proprietary products. Embedded systems contain a lot of unlicensed proprietary software, and the risk is higher there.
I visit Fortune 100 companies in my work for Sourcelabs. The managers comment that their engineers are clamoring to use Rails and the managers are holding back until the product is more mature. They continue to watch the trend.
There are some interesting sites. Note Epson Developers. You might find this note about a large medical application interesting. I also noted a Rails project being developed in a department of the New York City government.
Bruce
New Security Framework for Ruby on Rails
on
What is Ruby on Rails?
·
· Score: 4, Informative
ModelSecurity helps Ruby on Rails developers implement
a security defense in depth by implementing access control
within the data model.
If you are like most developers, you think about security when
you program controllers and views. But a bug in your controller
or view can compromise the security of your application, unless
your data model has also been secured.
The economical, flexible, and extremely readable means of
specifying access controls provided by ModelSecurity makes it
easier for the developer to think about security, and
makes security assumptions that might otherwise live in one
developers head concrete and communicable to
others.
They already own it. And they don't pay taxes. But in any case, Real Estate is not by any means the largest expense.
There is lots of space in Mojave, but who wants to live there? The personnel would much rather live at Hat Creek. I expect that getting good personnel is a more difficult problem than finding empty land in California.
University of California runs the Hat Creek observatory. I've been there too, after camping in Lassen. Lassen is like Yosemite without the crowds. And it has showers. I can camp forever as long as there's a shower. Hat Creek observatory is worth a visit. Go on to Burney Falls afterward.
I am not undermining the improvements. I am discussing the claim. The claim is that the software is 1) more protective than it really would be - because it doesn't protect small allocations and that it 2) outperforms Electric Fence, which it turns out it does only by (again) turning off protection for small allocations.
With security software, it's essential that you understand what's really going on.
They gave microcode writers a lot of work back then.
Bruce
Re:Maybe an OSS future isn't that bright afterall
on
Nessus Closes Source
·
· Score: 1
No, you have that wrong. Open Source helps those folks because it gives them a mechanism to distribute cost and risk rather than sustain all of the development on their own. For a longer discussion, see this paper.
Calm down, AC. I worked in the film industry for 19 years, 12 of them at Pixar. I have a credit on two features, see the Internet Film Database. I am one of the people the film industry consults about Linux and count some of the largest special effects houses as my customers. I am passing on what they tell me about nVidia.
Pixar has bigger fish to fry than the market for Renderman. They probably made more from showings of The Incredibles in San Francisco than they have ever made from Renderman.
However, Pixar has not had the easiest time with studio tools. When I left there, the studio tools had been in continuous development for 20 years, no kidding. It showed. They actually simulated the E&S picture system calligraphic API on top of OpenGL. I hope they've been able to get out from under that. At times, they considered giving up and just using Maya. However, I'd imagine Alias had been offered to them a few times over the past few years, and they must have chosen not to take it.
And sold for $57M in 2004. And yes, Autodesk could royally screw up the film industry, but then the film industry has been cruising for a bruising. You think we have problems with nVidia. The film folks have to be really nice to nVidia for fear that the company will just walk away from that market.
Open Source might end up being the studios salvation. It'll be an interesting few years.
The gift economy theory was cool when Eric published it, but IBM does not participate in Linux development "for the recognition of its peers". For a discussion of why Open Source makes economic sense, read this paper.
Well, he thinks there is a decline in the rate of increase of the rate of increase. Which he seems to have overstated. And he thinks the CDDL is going to let developers ignore patents. Which I guess is only true for the patents of people who use the CDDL pool, which is mostly Sun and maybe a few friends like Computer Associates. I made the point that all pools I've seen so far only protect us from the people we weren't worried about in the first place.
I would not have linked to his editorial from Slashdot. There wasn't any revelation in it - merely someone who doesn't think so much of Linux and GPL mostly becuase of his perspective rather than because there's anything wrong with Linux and the GPL.
He really likes Unix. He likes Solaris because it has some big-machine features that aren't in Linux yet. We had a talk about process migration. He feels that Solaris has continuing differentiating value. I don't. But he acknowledges that Sun doesn't promote its features effectively and that only 1% of people use this stuff.
Why does he think Sun is doing well with Open Solaris and CDDL? This is really out of left field. Is there some study that I haven't noticed, or just marketing FUD?
Simply the pace of development. And I acknowledge that there isn't a complete competitor to dtrace yet, but I am also looking at the "features of the month" on LWN's kernel reporting. They go by pretty fast.
I run Linux on my main servers, my desktop, my laptop, and my cell phone. Same code base. Solaris would not do as good a job on either the laptop or desktop, and it's not going to be in the cell phone. More features, for more people, go into Linux, at a more rapid pace.
Bruce
Not at all. I was the second Debian project leader and understand all too well the totality of a distribution and what is in and out of the kernel. I remain very impressed with the Linux kernel team. More innovative work goes on there than in any user-mode project I know of.
The technical lead that Solaris has is harder for Linux to chase than the lead in x86 drivers that Linux has.
The technical lead of the entirely portable portion of Linux is very hard to chase. I don't believe that device drivers are a big consideration, although I believe that GPL-only device drivers lead to better stability. Proprietary drivers are where most crashes happen and the Linux community has been swift to deprecate them.
It works both ways. A main advantage about the Solaris kernel is that it is very very stable.
2.4 is very stable, if you want that. Most people don't, it seems. Backwards compatibility is not nearly so much of a problem as on Windows due to the fact that there's a mature standard for the API.
GPL code can't be integrated into BSD code either.
Actually, it can. The result has a GPL license. A number of kernel drivers have been shared between Linux and BSD.
Quite frankly I don't think I would want the Linux and Solaris kernels to converge into one great big monolith.
No, nobody needs that. That's actually the problem for Solaris. It won't get merged in, and it's not tremendously viable on its own over the long term.
Not until they fix the developement model of the 2.6 kernel so that it becomes a lot more stable.
This is a non-sequitur. They will get the features regardless of the bug count.
The number of bugs in the 2.6 kernel is appalling. This isn't just about features, it's about rock-solid stability.
It's great to leave a machine booted for two years. I know that Solaris folks do that. I have had my main Linux server, running Debian stable, on the net up for months without reboots, and it's not ever had a kernel-related problem. Reboots happen because of user-mode changes that I make, mostly because I want to be sure that the machine will come up by itself after I change what daemons I'm running. I don't have physical access to the machine. No service tickets in over a year. I could really have kept the kernel up for a year or more if I'd cared to.
Linux will get the features, and the 2.6 development model will continue to have bugs as new kernels come out, and users will run a few versions behind the current kernel - as a lot of people seem to be running 2.6.11 and so on at the moment. The progression is toward a stable kernel with the features you need, and the number of people who must be on the bleeding edge gets progressively smaller. But you know what, some of us like to be there anyway.
Bruce
Linux has a huge independent development community and more huge companies than it is easy to count behind it, and nobody can keep up with the pace of development. The GPL is a very important factor. It's the only partnership that would keep it fair for the big guys and the little ones at the same time. What technical lead Solaris has is rapidly diminishing because they can not - and never will - keep up the development team that Linux and the GPL have spawned.
And then there's the deliberately-incompatible licensing, Sun's lack of success at building Open Source communities (OpenOffice should have a community 100 times the size of the one it's got - IMO it's second in importance to the Linux kernel), and Jonathan's tendency to turn any gains that Sun makes in the Open Source community into defeat with his own words. All of these things hold them back.
Solaris has a few features at which the Linux folks look hungrily, and you know what happens when those folks like features. Linux gets them. These are the folks who replaced Bitkeeper in a month.
It would be fun to have a system that booted the same binaries into Linux, BSD, Solaris, and HURD. If someone makes that, it'll be an awesome hack. But at the same time it would demonstrate the futility of having all of those kernels do the same thing technically, while one of them does the community part much better than the others.
Bruce
Second, if you are about to go to court with an Open Source developer, the insurer is going to want you to settle with that developer. It's cheaper than going to court. Are you an Open Source developer, and you don't have money to enforce your copyright? You can get a lawyer to fight an insurance company for a 50% share of the results and no money up front.
Lots of people are not thinking this through all of the way.
Disclaimer: I am on the board of OSRM. I don't get paid, and I have enough worthless stock in other companies to be honest with myself about the prospect that I ever will get paid.
Bruce
Bruce
If you buy this product, you have to assure OSRM that you are in compliance. They don't give you insurance so that you can have slipshod processes in your company and just get paid whenever you goof.
A lot of people don't realize it works that way.
Bruce
With this particular product, the initiator would have to be the copyright holder on the software. That person is the Open Source developer.
Are you confusing this with the patent issue? That is a much more serious issue, and maybe one OSRM can cover in the future. But this product does not cover that.
Bruce
Insurance doesn't protect you from violating the law wilfully. A number of commenters seem to be missing that. OSRM is not in the business of issuing a license to kill :-) Indeed, if you buy their product you have to demonstrate to them that you are maintaining compliance. This should help.
Unintentional violations happen. So far, no Open Source developer has demanded damages for one. However, there was a situation where there were two companies and an open source developer involved in the same product, and one of the companies sued the other and asked for damages. The case settled and is sealed, I'd go to jail if I told you details, and they didn't tell me what the settlement was.
I don't need this insurance and you don't. Some companies would consider it cheap.
I am on the OSRM board. I don't get paid, and although I have stock, that doesn't mean it will ever be worth anything.
Bruce
If you think infringement of Open Source licenses is a problem, it's even worse with proprietary products. Embedded systems contain a lot of unlicensed proprietary software, and the risk is higher there.
Bruce
There are some interesting sites. Note Epson Developers. You might find this note about a large medical application interesting. I also noted a Rails project being developed in a department of the New York City government.
Bruce
ModelSecurity helps Ruby on Rails developers implement a security defense in depth by implementing access control within the data model.
If you are like most developers, you think about security when you program controllers and views. But a bug in your controller or view can compromise the security of your application, unless your data model has also been secured.
The economical, flexible, and extremely readable means of specifying access controls provided by ModelSecurity makes it easier for the developer to think about security, and makes security assumptions that might otherwise live in one developers head concrete and communicable to others.
There is lots of space in Mojave, but who wants to live there? The personnel would much rather live at Hat Creek. I expect that getting good personnel is a more difficult problem than finding empty land in California.
Bruce
Bruce
With security software, it's essential that you understand what's really going on.
Bruce
Bruce
Bruce
Bruce
Bruce
However, Pixar has not had the easiest time with studio tools. When I left there, the studio tools had been in continuous development for 20 years, no kidding. It showed. They actually simulated the E&S picture system calligraphic API on top of OpenGL. I hope they've been able to get out from under that. At times, they considered giving up and just using Maya. However, I'd imagine Alias had been offered to them a few times over the past few years, and they must have chosen not to take it.
Bruce
Open Source might end up being the studios salvation. It'll be an interesting few years.
Bruce
Thanks
Bruce
I would not have linked to his editorial from Slashdot. There wasn't any revelation in it - merely someone who doesn't think so much of Linux and GPL mostly becuase of his perspective rather than because there's anything wrong with Linux and the GPL.
Bruce
Bruce
Bruce
Bruce