Wine is probably the most ambitious OSS project around... cloning the Win32 API is no small feat. I know where your bitterness comes from, but that was then. WINE really is about there... Crossover Office is just a few steps ahead of Wine at any given time, and it runs Office flawlessly, and other apps too.
I use the Crossover version of WINE every day and I don't have any complaints. It does what I need it to do. And considering it just as a porting library to speed up porting efforts to Linux is an entirely reasonable thing to do.
Long term WINE is going to be an important part of moving people off of Windows.
>Yeah one can make decent home movies and wedding videos... maybe even videos of some live performances and sporting events (well, some sporting events...)
I can't believe I left out porn, the driver of the Internet and popular culture in general...
Well I did mention the music videos thing. But other than that, you paint a dreary picture for the future of video... you're saying we're consigned to a fate of reality tv and AFV? Say it ain't so...
Anyway, I'm wondering now what the community produced version of LoTR is going to look like. Probably something awful with some neighborhood midgets with costumes on the level of a sci-fi convention, shaky filming and with a bad sound loop for background music...
Well I guess now you're making an argument for drug legalization? In that case, I agree with you. That would reduce crime, because it would reduce the price of drugs and reduce the number of people in prisons (where they become hardened criminals).
Keep in mind that you are basically comparing two totally different types of societies and coming to an oversimplistic and almost certainly wrong conclusion about one single aspect of why they are different.
Well it would be nice if the masses really did start to create high quality art instead of just being passive consumers of "content". Released under a Creative Commons license... but movie production ain't all that cheap and I don't see it getting there anytime soon.
Yeah one can make decent home movies and wedding videos... maybe even videos of some live performances and sporting events (well, some sporting events...). But do you really think those will have a wide audience as to compete with commercially produced content?
Off the top of my head... having a lower population density would have something to do with it too... no significant drug problems other than alcohol (and probably few 'traffic' fatalities resulting from that)
Unemployment levels are actually a good predictor of crime rates too.
And in small agrarian communities everyone knows your name. If you jack somebody in a small town everyone is going to have a good guess who did it, including the guy's family.
Any number of things other than everyone is toting a six-shooter to consider...
I thought it was a good solution because it a) could be completely automated for the user other than typing in the capcha and b) it isn't computationally tractable.
You're making an assumption that I do. I am only interested in this question technically and in terms of liberty/freedom of speech. I don't traffic in copyrighted materials.
You send a zip file. In it is an encrypted music file and an executable program.
When you run the executable (er... it's Java or C# and runs in a sandbox... feel any better?) it asks you to type in a capcha... something like that. If you do it right it decrypts the attached file.
In general a computer could not decrypt the file without a person or a really good AI to do some work.
Hey I suppose the RIAA could collude with the porn industry to pop up these funny filenames as "capchas" or whatever for people trying to get into porn sites.... use the horny browsing public as a massive AI for their evil schemes (note I didn't make this up... spammers are already using this technique to register for free email accounts).
So would you say that encrypting my GPG signed mail is good evidence that I have something illegal to hide?
If they can't get a warrant to force me to unlock some content, then they can't see what it is. It could be legit, it could not. They would need to get a warrant to find out, and for that they need some reasonable grounds for suspicion.
Truly we should encrypt everything we send on the public internet, and then encryption could never be considered evidence of some kind of intent.
No but the article seemed to mention legislators, and by inference legislation. It would have to be mandated.
But then you'd have to have it put into every web browser and FTP program and hey why not cp and mv while we're at it..
Heck, you know it just looks like this won't work without locking down the hardware, and I won't buy such non working stuff. So they'd have to legislate the hardware too, and then we're screwed. But I have some faith we won't get there. Er, hope at least...
Make the guy on the other end pass a turing test in order to get your key.
Or you create keys that only work in combination with n other trusted keys and you create a web of trust er wall of trust using some reasonable method. Conceivable. Requires collusion though to build the trusted keys but it would work... to become a Debian Developer for example you have to have at least one other DD sign your key. In order for another person to be willing to sign it they have to meet me in person.This would create similar communities.
Yeah I agree it's a arms race till you get to some real form of encryption. But all you have to do is outpace the software for now.
And remember tractability... the monitoring software has to be fast enough to run through plenty of things that aren't music just to get to my wacky encoded stuff.
Yeah the only software which can reliably pick an arbitrary set of such obvious locks though is the wetware in your scull (until AI is sufficiently capable and efficient).
Worst case, it just gets encrypted. Can't pick that lock in any reasonable period of time. See:Freenet.
And in all these examples I gave the data is still audible you just have an extra decoding step. All you have to do is stay one step ahead of the machine. See all the spam in my mailbox...
1. You swap every other byte or 2. You add a header to the beginning that says "REMOVE THIS HEADER" 3. You zip it 4. You tar it
Or any other of an uncountably infinite number of transformations.
There's nothing they can do about it technologically unless they lock it down at hardware level (and I won't buy a machine like that). Everthing else is just fooling around...
In general I'd say FOSS doesn't need any QA auditor role at all. That's for *large* corporations with huge projects and a bad tendency to push releases out to the buying public before they are ready... sort of a checks-and-balance system to mitigate management stupidity.
FOSS tend to be small groups, with small projects. And there is no insane pressure from management to let releases escape to early.
It would be nice to have some dedicated testers around to do smoke tests and general usablity tests. In general FOSS projects rely on the users to want to run the bleeding edge code and test that. But in my experience a group of good testers is the best bang for the buck beyond starting with great programmers.
To the specific points:
>What is the development process? Is it documented? The development process is pretty typical. Check out any successful project on SourceForge. No need for QA audit role. There's no management around to muck things up, the engineers are in charge.
> What types of estimation procedures do you do? Irrelevant. It gets done when it gets done. If you pay for the development one can do better... you can audit those circumstances, but in general, don't need QA audit role here.
> What is the SCM process? Is it documented? CVS or subversion and bugzilla or some such is typically the tool. Much of the SCM process probably depends on the distribution that actually packages the code. Might be Debian's release process. Anyway this is pretty well defined too...
> What is the review/inspection process for all artifacts? There are usually a few "stars" writing all the code. They can tell crap from not. And if it's crap it probably doesn't work, so no one is going to use it. So you find out one way or another. Reviews of code might help but in general it doesn't matter. If it works well, and the people maintaining it can read it, we're OK. The project will die its natural death otherwise (just like proprietary software... actually its death is usually prolonged too far...).
> Are there software requirements? Are they inspected/reviewed? What gets implemented is what the creator needs and sounds cool or seems OK and is contributed. Unless someone is paying, in which case this might be useful. But in general, no role for QA here.
> Are there development plans/design docs? Are they inspected/reviewed? Informal probably. Small team, might trade mockups of screens or working prototype code around. Back of the napkin kind of stuff. Probably works OK for most projects. Wouldn't fly a plane that way though:-)
> Are there code reviews? Hahah. And you and I both know they don't really matter anyway unless you're dealing with poor programming ability, in which case you're screwed anyway... what are you going to do, fire the volunteer programmer from his own project?
Code reviews don't find bugs. You might be able to get more conformity to the coding guidelines if any that way. But in general, many projects enforce their guidelines by having few people allowed to check in. And good programmers go with the flow as far as code formatting anyway.
> What are your defect escape rates? Escape rates? Must be some QA auditor speak. Does that mean bugs V&V didn't find before release? Anyway, Not interesting... If the stuff doesn't work people won't use it. It will die a natural death.
> What is your plan for alpha/beta testing? Release early, release often but maintain a good stable release if you're changing things rapidly. Don't need QA to tell us engineers how to do that.
> What is your release schedule? Irrelevant. It's done when it's done unless someone's paying.
Say a mathematician or economist proposes a new model for understanding some business problem.
A business uses the idea, makes lots of money, and doesn't pay the mathematician that came up with the idea anything.
Is that exploitation? Is mathematics harmed? Is the mathematician harmed? In fact, the mathematician will probably be shown to be right on target with his idea... he'll have an easier time getting published in the future, more likely to get tenure. Maybe a prize, grants, etc.
What is given cannot be taken away. It can only be accepted.
For software we can even have another benefit. Red Hat brings engineering and a wide audience of user engineers to code that you've made Freely available. And your name is on the code, and the about box. It could well bring you customers in addition to simply improvements. Also it's perfect proof of capability for paid custom development work.
>"Open" is the political argumentation line, "free" is the economic argumentation line of the same thing
That's funny. It shows Clemens doesn't understand either. Both are political, both are practical, and both are almost orthogonal to monetary interests. In fact I'd say the "Free" most F/OSS guys discuss is what most would consider the "political" side of it, not the other way round.
Ask RMS whether he's writing Free software or Open Source...
Slashdot Mirror
> On the third hand
It's called the gripping hand...
See "The Mote In God's Eye", Larry Niven & Jerry Pournelle.
Well I don't run that version, but it is supposed to run Office XP.
Anyway, that's what your support contract is supposed to cover...
I use VmWare too, but for Visual Studio 6 and VS.Net
Wine is probably the most ambitious OSS project around... cloning the Win32 API is no small feat. I know where your bitterness comes from, but that was then. WINE really is about there... Crossover Office is just a few steps ahead of Wine at any given time, and it runs Office flawlessly, and other apps too.
I use the Crossover version of WINE every day and I don't have any complaints. It does what I need it to do. And considering it just as a porting library to speed up porting efforts to Linux is an entirely reasonable thing to do.
Long term WINE is going to be an important part of moving people off of Windows.
You mean posting on Slashdot is not sufficient?
I donate to EFF and send letters to congress regularly.
Not that it truly matters... the only proven way to influence the US government is to donate big money to campaigns.
At least EFF donations result in some tangible efforts in the courts.
>Yeah one can make decent home movies and wedding videos... maybe even videos of some live performances and sporting events (well, some sporting events...)
I can't believe I left out porn, the driver of the Internet and popular culture in general...
Well I've got a camcorder and a kazoo, and now apparently an audience for LoTR: Those Darn Gamgees.
Production begins tomorrow!
Well I did mention the music videos thing. But other than that, you paint a dreary picture for the future of video... you're saying we're consigned to a fate of reality tv and AFV? Say it ain't so...
Anyway, I'm wondering now what the community produced version of LoTR is going to look like. Probably something awful with some neighborhood midgets with costumes on the level of a sci-fi convention, shaky filming and with a bad sound loop for background music...
Well I guess now you're making an argument for drug legalization? In that case, I agree with you. That would reduce crime, because it would reduce the price of drugs and reduce the number of people in prisons (where they become hardened criminals).
Keep in mind that you are basically comparing two totally different types of societies and coming to an oversimplistic and almost certainly wrong conclusion about one single aspect of why they are different.
Well it would be nice if the masses really did start to create high quality art instead of just being passive consumers of "content". Released under a Creative Commons license... but movie production ain't all that cheap and I don't see it getting there anytime soon.
Yeah one can make decent home movies and wedding videos... maybe even videos of some live performances and sporting events (well, some sporting events...). But do you really think those will have a wide audience as to compete with commercially produced content?
Smells like pro-gun propaganda to me.
Off the top of my head... having a lower population density would have something to do with it too... no significant drug problems other than alcohol (and probably few 'traffic' fatalities resulting from that)
Unemployment levels are actually a good predictor of crime rates too.
And in small agrarian communities everyone knows your name. If you jack somebody in a small town everyone is going to have a good guess who did it, including the guy's family.
Any number of things other than everyone is toting a six-shooter to consider...
I thought it was a good solution because it a) could be completely automated for the user other than typing in the capcha and b) it isn't computationally tractable.
Wetware doesn't scale like software.
Your CID (cheap Indian decoder) won't keep the session interactive.
It would be useful for building evidence for a lawsuit but that's not the point.
You're making an assumption that I do. I am only interested in this question technically and in terms of liberty/freedom of speech. I don't traffic in copyrighted materials.
-- John.
Here's an idea...
You send a zip file. In it is an encrypted music file and an executable program.
When you run the executable (er... it's Java or C# and runs in a sandbox... feel any better?) it asks you to type in a capcha... something like that. If you do it right it decrypts the attached file.
In general a computer could not decrypt the file without a person or a really good AI to do some work.
Then it decrypts the attached file for you.
Hey I suppose the RIAA could collude with the porn industry to pop up these funny filenames as "capchas" or whatever for people trying to get into porn sites.... use the horny browsing public as a massive AI for their evil schemes (note I didn't make this up... spammers are already using this technique to register for free email accounts).
Ah the arms race to ensue...
So would you say that encrypting my GPG signed mail is good evidence that I have something illegal to hide?
If they can't get a warrant to force me to unlock some content, then they can't see what it is. It could be legit, it could not. They would need to get a warrant to find out, and for that they need some reasonable grounds for suspicion.
Truly we should encrypt everything we send on the public internet, and then encryption could never be considered evidence of some kind of intent.
Perhaps they understand that it "won't work" perhaps the PHBs are buying some snake oil.
I posit that there is no hidden intention there, but just a series of acts of increasing desperation.
They'll try anything at this point...
No but the article seemed to mention legislators, and by inference legislation. It would have to be mandated.
But then you'd have to have it put into every web browser and FTP program and hey why not cp and mv while we're at it..
Heck, you know it just looks like this won't work without locking down the hardware, and I won't buy such non working stuff. So they'd have to legislate the hardware too, and then we're screwed. But I have some faith we won't get there. Er, hope at least...
Make the guy on the other end pass a turing test in order to get your key.
Or you create keys that only work in combination with n other trusted keys and you create a web of trust er wall of trust using some reasonable method. Conceivable. Requires collusion though to build the trusted keys but it would work... to become a Debian Developer for example you have to have at least one other DD sign your key. In order for another person to be willing to sign it they have to meet me in person.This would create similar communities.
Yeah I agree it's a arms race till you get to some real form of encryption. But all you have to do is outpace the software for now.
And remember tractability... the monitoring software has to be fast enough to run through plenty of things that aren't music just to get to my wacky encoded stuff.
Yeah the only software which can reliably pick an arbitrary set of such obvious locks though is the wetware in your scull (until AI is sufficiently capable and efficient).
Worst case, it just gets encrypted. Can't pick that lock in any reasonable period of time. See:Freenet.
And in all these examples I gave the data is still audible you just have an extra decoding step. All you have to do is stay one step ahead of the machine. See all the spam in my mailbox...
1. You swap every other byte or
2. You add a header to the beginning that says "REMOVE THIS HEADER"
3. You zip it
4. You tar it
Or any other of an uncountably infinite number of transformations.
There's nothing they can do about it technologically unless they lock it down at hardware level (and I won't buy a machine like that). Everthing else is just fooling around...
All software should be Free and Open.
But not all software can, will or should be free of cost to produce and maintain it.
In general I'd say FOSS doesn't need any QA auditor role at all. That's for *large* corporations with huge projects and a bad tendency to push releases out to the buying public before they are ready... sort of a checks-and-balance system to mitigate management stupidity.
:-)
FOSS tend to be small groups, with small projects. And there is no insane pressure from management to let releases escape to early.
It would be nice to have some dedicated testers around to do smoke tests and general usablity tests. In general FOSS projects rely on the users to want to run the bleeding edge code and test that. But in my experience a group of good testers is the best bang for the buck beyond starting with great programmers.
To the specific points:
>What is the development process? Is it documented?
The development process is pretty typical. Check out any successful project on SourceForge. No need for QA audit role. There's no management around to muck things up, the engineers are in charge.
> What types of estimation procedures do you do?
Irrelevant. It gets done when it gets done. If you pay for the development one can do better... you can audit those circumstances, but in general, don't need QA audit role here.
> What is the SCM process? Is it documented?
CVS or subversion and bugzilla or some such is typically the tool. Much of the SCM process probably depends on the distribution that actually packages the code. Might be Debian's release process. Anyway this is pretty well defined too...
> What is the review/inspection process for all artifacts?
There are usually a few "stars" writing all the code. They can tell crap from not. And if it's crap it probably doesn't work, so no one is going to use it. So you find out one way or another. Reviews of code might help but in general it doesn't matter. If it works well, and the people maintaining it can read it, we're OK. The project will die its natural death otherwise (just like proprietary software... actually its death is usually prolonged too far...).
> Are there software requirements? Are they inspected/reviewed?
What gets implemented is what the creator needs and sounds cool or seems OK and is contributed. Unless someone is paying, in which case this might be useful. But in general, no role for QA here.
> Are there development plans/design docs? Are they inspected/reviewed?
Informal probably. Small team, might trade mockups of screens or working prototype code around. Back of the napkin kind of stuff. Probably works OK for most projects. Wouldn't fly a plane that way though
> Are there code reviews?
Hahah. And you and I both know they don't really matter anyway unless you're dealing with poor programming ability, in which case you're screwed anyway... what are you going to do, fire the volunteer programmer from his own project?
Code reviews don't find bugs. You might be able to get more conformity to the coding guidelines if any that way. But in general, many projects enforce their guidelines by having few people allowed to check in. And good programmers go with the flow as far as code formatting anyway.
> What are your defect escape rates?
Escape rates? Must be some QA auditor speak. Does that mean bugs V&V didn't find before release? Anyway, Not interesting... If the stuff doesn't work people won't use it. It will die a natural death.
> What is your plan for alpha/beta testing?
Release early, release often but maintain a good stable release if you're changing things rapidly. Don't need QA to tell us engineers how to do that.
> What is your release schedule?
Irrelevant. It's done when it's done unless someone's paying.
Say a mathematician or economist proposes a new model for understanding some business problem.
A business uses the idea, makes lots of money, and doesn't pay the mathematician that came up with the idea anything.
Is that exploitation? Is mathematics harmed? Is the mathematician harmed? In fact, the mathematician will probably be shown to be right on target with his idea... he'll have an easier time getting published in the future, more likely to get tenure. Maybe a prize, grants, etc.
What is given cannot be taken away. It can only be accepted.
For software we can even have another benefit. Red Hat brings engineering and a wide audience of user engineers to code that you've made Freely available. And your name is on the code, and the about box. It could well bring you customers in addition to simply improvements. Also it's perfect proof of capability for paid custom development work.
>"Open" is the political argumentation line, "free" is the economic argumentation line of the same thing
That's funny. It shows Clemens doesn't understand either. Both are political, both are practical, and both are almost orthogonal to monetary interests. In fact I'd say the "Free" most F/OSS guys discuss is what most would consider the "political" side of it, not the other way round.
Ask RMS whether he's writing Free software or Open Source...