I believe the reason for Wayland and Mir is efficiency, so that you can run a very fast display manager or games on modest hardware (like an ARM tablet or mobile phone).
So I don't care if they break compatibility with X. I'll continue using X on my quad-core x86_64 desktops with dedicated video cards and oodles of RAM, and I'll use Wayland or Mir on my Linux tablet, if I ever have one.
I don't have a problem with Canonical choosing to use something other than Wayland. I also don't have a problem with GPLv3. What I dislike is that Canonical requires copyright assignment so that, exactly as you said, they can re-license the product under proprietary terms with any additional changes they like and no one else will have legal access to the changes unless they negotiate that with Canonical.
The whole point of the GPLv3 is to prevent software from being incorporated into proprietary products, so this strikes me as perversion of entire purpose the GPL. Instead of using it to make the software free in perpetuity, which is what the GPL is designed to do, Canonical is using it to force any third party contributors to the project to give Canonical a competitive advantage with Canonical's own proprietary fork.
I think if Canonical dropped the copyright assignment, there would still be less interest in Mir than Wayland because Wayland has a lot more momentum in the open source community as a whole. But at least Canonical would lose the ill will it's accumulating over this.
I don't think you can use GPL code in a BSD project. The BSD license states that redistribution of the software in source or binary form must include the BSD license. The BSD license includes a clause allowing redistribution of the software in binary form without guaranteed access to source code. So if you put GPL code into your BSD project, the resulting project is GPL software that can be distributed in binary form without guaranteed access to the source code, which violates the GPL.
So you can neither go GPL to BSD nor BSD to GPL, not directly. You have to reverse engineer the software you want to use and re-implement it.
We debate the merits of programming languages because we seek the most efficient tool for writing useful software with acceptable performance and quality. That's the core concept of the discussion - blast or praise features of language X because you think it makes the development process slower, or the likelihood of high quality better, or the runtime performance unacceptably low.
And it's a fun discussion to have, I really enjoy it. But eventually I realized I was spending so much effort seeking the perfect tool that I was neglecting to build anything with the tools I already acquired.
You are re-stating the original argument about free software that has been done to death on the internet.
To the BSD folks, they want to write software that is free as in free beer. You can take it, and do whatever you want with it. Drink it, dump it in the trash, give it to your friends, sell it. Free as in Freedom of the user
To the GPL or Free Software Foundation folks, they want to write software that is free as in free speech. You can copy it, and distribute it, but you can't restrict other people's rights to copy it and distribute it. Just like I can't hand out a copy of the US Constitution or a speech by Abraham Lincoln and forbid other people from sharing it or publishing a copy. Free as in Freedom of the software
You may prefer the BSD way, and that's fine, but "who isn't a zealot" is out of line. Having a different set of priorities does not make one a dick. Blatantly copying code under one license to the other is a dickish move, but re-engineering from one to the other is perfectly legitimate. And yes, I'm in the FSF camp.
No, it is not. But GCJ Java-to-native compiling didn't result in particularly fast Java code. That's one of the major reasons developers and enterprises ignored GCJ in the first place.
I imagine creating an effective cost structure that way would be difficult. "We demand the highest portion of the money reserved for CAs, because we have issued 0 certificates and therefore have absolute certainty that every certificate we issued is valid!"
Oh, and as Anonymous Coward pointed out below - key exchange over the internet is secure, you can exchange keys with someone with certainty that they key has not been modified. What key exchange over the internet does not do is guarantee the identity of the other person.
You might call that a distinction without a difference, but I think it does matter.
You're right that it only takes one compromised Certificate Authority - whether it's compromised by the NSA, hackers, or a corrupt owner - to issue what would be considered legitimate certificates for hundreds of websites like Microsoft or a bank.
But physical key exchange doesn't scale. You can't get a billion people that use desktop, laptops, tablets, or smart phones to understand how to do a physical key exchange or why it matters, let alone organize a practical way to get it done.
I don't know what the solution is, but this is a fundamental problem. A centralized authority of any kind managing key components of internet security is a very bad idea, because it's exactly where bad guys will go to poke holes in that security. But the average person isn't nearly educated enough for a distributed, user-owned alternative.
What we need is a distributed, user-owned, extraordinarily simple and easy system. I have no idea what that could be.
Signed Certificate + TLS = you have an encrypted connection with the entity named on the certificate.
Unsigned Certificate + TLS = you have an encrypted connection with someone, and you can't know who unless you independently verify the certificate signature. (e.g. My brother sets up a site with a self-signed certificate, and then calls me on the phone and tells me the certificate signature. When I access his site, I view the certificate and make sure the signature matches.)
We're sitting here bitching about how much PHP sucks while Mark Zuckerberg sits on billions of dollars an application still mostly built on the language.
I love language wars, but the truth is while fanatics like me are looking for the perfect blend of our favorite features and abstractions from Lisp/Haskell/Scala/C++/APL/Ceylon/Clojure/Python/Ruby/Perl6/J, the people using PHP, Python, Perl, Java, and especially C and C++ rule the world.
I'm not saying you should avoid a review process. I'm saying you should avoid a ranking process and tying team or individual compensation to their review. Otherwise, you get all of the problems that Microsoft and millions of other major and minor companies have.
- Managers give mediocre reviews to star employees, because they want to avoid having the person promoted out of their department. Losing a star would hurt the department's overall performance, so the manager screws the employee to protect themselves.
- Employees kiss the manager's ass because they know review rank improves compensation.
- Employees actively avoid helping each other because someone else's success becomes a risk that they will get a better bonus or faster promotion.
- Departments actively avoid helping other departments because another department's success becomes a risk that the other department will get a bigger share of funding, and this department's manager may be reprimanded or replaced.
An incompetent or corrupt manager can screw his underlings whether there's a formal or informal review process in place. So I say, skip the formal review process. Make performance bonuses pretty general and global, so teams don't get penalized for helping each other out. Give individual managers discretion to cut dead weight. Go out of your way to avoid attaching a financial incentive to holding competent underlings at lower positions. If I lose my best developer because she goes on to be a kick-ass manager to another team, that should be a credit to me for mentoring her, not a penalty while I'm training the next round of future kick-ass managers.
Doing it well is extremely hard - but further, it may not be necessary. If your team is productive and doing high quality work, why do you need to measure individuals instead of the team as a whole? "Hello everyone. Your team reached all goals for this year, and the defect rate exceeds our required threshold. There have also been no formal complaints filed against anyone on the team for failing to contribute, or any form of harassment. We're dividing the bonus equally. Congratulations, keep it up."
I think the problem is that too many members of the geek community allow their hatred for Microsoft to influence their industry forecasts. I try not to do that. I hate them, but I see their decline, if it happens at all, happening at least 10 years from now.
If we the Microsoft haters are very lucky, ARM processors will continue to improve, Android productivity applications will continue to improve, and HTML5 applications will continue to improve to the point that people will be able to use real spreadsheets, real video editing software, and real software development environments on a 2025 Android tablet with bluetooth keyboard and mouse and micro-HDMI display output. Then I can see Microsoft's decline starting.
Today? Microsoft Office is still the undisputed heavyweight champion of the business world office suites, Exchange is the king of business email and calendar software, and Windows Azure is a credible IaaS and PaaS offering. Windows Phone, Bing, and Surface might be all but dead in the market, but Microsoft can afford to waste tens of billions of dollars on each every year for the next decade without harming the company.
At Microsoft the ranking system determines who is fired, and who gets the largest bonuses. That's why it was so divisive - if you're near the bottom, stabbing a colleague in the back could be the difference between keeping your job and getting fired. If you're not in the bottom, stabbing a colleague in the back, or at least failing to help your colleagues, could make a $10,000 difference in your bonus.
Measuring people is fine. Giving the measurements an impact on employment and pay destroys collaboration, and as a secondary effect it attaches a larger incentive to working fast (so you can show your manager a big list of accomplishments) instead of attaching an incentive to doing high quality work (which might lead to a shorter list of accomplishments, but fewer security holes and other errors that need to be fixed later).
My understanding is that at Microsoft, the bonuses are largest for rank 1, slightly smaller for rank 2, etc... and the bottom of the list get kicked out.
It doesn't matter if your ten person department has people with IQs from 180 to 189, the person with 180 is going to lose their job unless they game the system to rank ahead of a colleague. (Might be fun to watch a group of super geniuses outwit each other, though.)
I don't know that I'm skilled enough to make it through Microsoft's hiring process, but the stack ranking system is one of the things that prevented me from even applying.
That would probably still work better than stack ranking, because at least then you wouldn't spend the rest of the year plotting against your colleagues and wondering if they were plotting against you. It would just be one scary day per year.
My choice is Comcast, unless I want to pay for satellite internet or use a 3G (4G is not available from any cell phone carrier in my area) cell phone plan. I'm sure Comcast has a list of every website I've visited since I moved into the house and sells it to advertisers.
I've kicked around the idea of getting a VPN service like ProXPN or something. Then they can track my every move and sell it to advertisers, but I'd rather see some tiny company (ideally, one based in another country) have this information than my ISP. But I've been too lazy to make that move. I don't want to use Tor because it slows down browsing speeds.
My house is 2100 square feet, and when we had oil heat we used 1100 gallons of oil per year. This is in Pennsylvania. My neighbor used to use the same amount of oil for his house, but he switched over to a woodburning stove and uses between 2-3 cords of wood per year. He works in landscaping, so his only expense for the wood is the fuel spent on his chainsaw and his pickup truck to haul it around.
Hint: for an awful lot of people, the price difference between buying cords of wood and using some other heating system like oil, gas, or electric is enough to put them in bankruptcy.
You're saying, "Do something more environmentally friendly". They're saying, "I understand what you mean, but how am I supposed to eat tomorrow if I do that?"
My grocery store actually had some bug in their software in which about 100 customers all had the same name. The cashier would routinely refer to me by some name I had never heard during the checkout process. That suited me fine, but eventually they noticed the error and issued new cards for all of us.
The Mozilla Foundation, which makes Firefox, gets most of its funding through hundred million dollar grants from Google. Google gets most of its money from advertising.
That's why Firefox browser (and of course, the Chrome browser) will never take any serious steps to block user tracking. If Mozilla ever got serious about user privacy, the next grant from Google would never arrive and Firefox development and bug fixes would slow to a trickle.
If any browser vendor would put real investment into blocking user tracking, it's probably Microsoft. Cutting ad revenue would hurt Google more than it hurts Microsoft, so Microsoft would love to move in that direction. But of course Microsoft makes proprietary software, so as soon as any grand plan to modify Internet Explorer to enhance user privacy actually worked, the NSA would probably just order Microsoft to insert a backdoor into the browser and track all user activity through that.
Slashdot Mirror
I believe the reason for Wayland and Mir is efficiency, so that you can run a very fast display manager or games on modest hardware (like an ARM tablet or mobile phone).
So I don't care if they break compatibility with X. I'll continue using X on my quad-core x86_64 desktops with dedicated video cards and oodles of RAM, and I'll use Wayland or Mir on my Linux tablet, if I ever have one.
An article on the differences between Mir and Wayland: http://blog.cooperteam.net/2013/03/server-allocated-buffers-in-mir.html
I don't have a problem with Canonical choosing to use something other than Wayland. I also don't have a problem with GPLv3. What I dislike is that Canonical requires copyright assignment so that, exactly as you said, they can re-license the product under proprietary terms with any additional changes they like and no one else will have legal access to the changes unless they negotiate that with Canonical.
The whole point of the GPLv3 is to prevent software from being incorporated into proprietary products, so this strikes me as perversion of entire purpose the GPL. Instead of using it to make the software free in perpetuity, which is what the GPL is designed to do, Canonical is using it to force any third party contributors to the project to give Canonical a competitive advantage with Canonical's own proprietary fork.
I think if Canonical dropped the copyright assignment, there would still be less interest in Mir than Wayland because Wayland has a lot more momentum in the open source community as a whole. But at least Canonical would lose the ill will it's accumulating over this.
I don't think you can use GPL code in a BSD project. The BSD license states that redistribution of the software in source or binary form must include the BSD license. The BSD license includes a clause allowing redistribution of the software in binary form without guaranteed access to source code. So if you put GPL code into your BSD project, the resulting project is GPL software that can be distributed in binary form without guaranteed access to the source code, which violates the GPL.
So you can neither go GPL to BSD nor BSD to GPL, not directly. You have to reverse engineer the software you want to use and re-implement it.
We debate the merits of programming languages because we seek the most efficient tool for writing useful software with acceptable performance and quality. That's the core concept of the discussion - blast or praise features of language X because you think it makes the development process slower, or the likelihood of high quality better, or the runtime performance unacceptably low.
And it's a fun discussion to have, I really enjoy it. But eventually I realized I was spending so much effort seeking the perfect tool that I was neglecting to build anything with the tools I already acquired.
Thanks for pointing out the flaws in my analogy. (To be clear, that was not sarcasm.)
You can't use BSD license code in a GPL project, either, so I don't see how that makes BSD any better.
In open source software as in proprietary, often the out-of-date component of the project is the documentation.
You are re-stating the original argument about free software that has been done to death on the internet.
To the BSD folks, they want to write software that is free as in free beer. You can take it, and do whatever you want with it. Drink it, dump it in the trash, give it to your friends, sell it. Free as in Freedom of the user
To the GPL or Free Software Foundation folks, they want to write software that is free as in free speech. You can copy it, and distribute it, but you can't restrict other people's rights to copy it and distribute it. Just like I can't hand out a copy of the US Constitution or a speech by Abraham Lincoln and forbid other people from sharing it or publishing a copy. Free as in Freedom of the software
You may prefer the BSD way, and that's fine, but "who isn't a zealot" is out of line. Having a different set of priorities does not make one a dick. Blatantly copying code under one license to the other is a dickish move, but re-engineering from one to the other is perfectly legitimate. And yes, I'm in the FSF camp.
No, it is not. But GCJ Java-to-native compiling didn't result in particularly fast Java code. That's one of the major reasons developers and enterprises ignored GCJ in the first place.
I imagine creating an effective cost structure that way would be difficult. "We demand the highest portion of the money reserved for CAs, because we have issued 0 certificates and therefore have absolute certainty that every certificate we issued is valid!"
Oh, and as Anonymous Coward pointed out below - key exchange over the internet is secure, you can exchange keys with someone with certainty that they key has not been modified. What key exchange over the internet does not do is guarantee the identity of the other person.
You might call that a distinction without a difference, but I think it does matter.
You're right that it only takes one compromised Certificate Authority - whether it's compromised by the NSA, hackers, or a corrupt owner - to issue what would be considered legitimate certificates for hundreds of websites like Microsoft or a bank.
But physical key exchange doesn't scale. You can't get a billion people that use desktop, laptops, tablets, or smart phones to understand how to do a physical key exchange or why it matters, let alone organize a practical way to get it done.
I don't know what the solution is, but this is a fundamental problem. A centralized authority of any kind managing key components of internet security is a very bad idea, because it's exactly where bad guys will go to poke holes in that security. But the average person isn't nearly educated enough for a distributed, user-owned alternative.
What we need is a distributed, user-owned, extraordinarily simple and easy system. I have no idea what that could be.
Signed Certificate + TLS = you have an encrypted connection with the entity named on the certificate.
Unsigned Certificate + TLS = you have an encrypted connection with someone, and you can't know who unless you independently verify the certificate signature. (e.g. My brother sets up a site with a self-signed certificate, and then calls me on the phone and tells me the certificate signature. When I access his site, I view the certificate and make sure the signature matches.)
We're sitting here bitching about how much PHP sucks while Mark Zuckerberg sits on billions of dollars an application still mostly built on the language.
I love language wars, but the truth is while fanatics like me are looking for the perfect blend of our favorite features and abstractions from Lisp/Haskell/Scala/C++/APL/Ceylon/Clojure/Python/Ruby/Perl6/J, the people using PHP, Python, Perl, Java, and especially C and C++ rule the world.
I'm not saying you should avoid a review process. I'm saying you should avoid a ranking process and tying team or individual compensation to their review. Otherwise, you get all of the problems that Microsoft and millions of other major and minor companies have.
- Managers give mediocre reviews to star employees, because they want to avoid having the person promoted out of their department. Losing a star would hurt the department's overall performance, so the manager screws the employee to protect themselves.
- Employees kiss the manager's ass because they know review rank improves compensation.
- Employees actively avoid helping each other because someone else's success becomes a risk that they will get a better bonus or faster promotion.
- Departments actively avoid helping other departments because another department's success becomes a risk that the other department will get a bigger share of funding, and this department's manager may be reprimanded or replaced.
An incompetent or corrupt manager can screw his underlings whether there's a formal or informal review process in place. So I say, skip the formal review process. Make performance bonuses pretty general and global, so teams don't get penalized for helping each other out. Give individual managers discretion to cut dead weight. Go out of your way to avoid attaching a financial incentive to holding competent underlings at lower positions. If I lose my best developer because she goes on to be a kick-ass manager to another team, that should be a credit to me for mentoring her, not a penalty while I'm training the next round of future kick-ass managers.
Doing it well is extremely hard - but further, it may not be necessary. If your team is productive and doing high quality work, why do you need to measure individuals instead of the team as a whole? "Hello everyone. Your team reached all goals for this year, and the defect rate exceeds our required threshold. There have also been no formal complaints filed against anyone on the team for failing to contribute, or any form of harassment. We're dividing the bonus equally. Congratulations, keep it up."
I think the problem is that too many members of the geek community allow their hatred for Microsoft to influence their industry forecasts. I try not to do that. I hate them, but I see their decline, if it happens at all, happening at least 10 years from now.
If we the Microsoft haters are very lucky, ARM processors will continue to improve, Android productivity applications will continue to improve, and HTML5 applications will continue to improve to the point that people will be able to use real spreadsheets, real video editing software, and real software development environments on a 2025 Android tablet with bluetooth keyboard and mouse and micro-HDMI display output. Then I can see Microsoft's decline starting.
Today? Microsoft Office is still the undisputed heavyweight champion of the business world office suites, Exchange is the king of business email and calendar software, and Windows Azure is a credible IaaS and PaaS offering. Windows Phone, Bing, and Surface might be all but dead in the market, but Microsoft can afford to waste tens of billions of dollars on each every year for the next decade without harming the company.
At Microsoft the ranking system determines who is fired, and who gets the largest bonuses. That's why it was so divisive - if you're near the bottom, stabbing a colleague in the back could be the difference between keeping your job and getting fired. If you're not in the bottom, stabbing a colleague in the back, or at least failing to help your colleagues, could make a $10,000 difference in your bonus.
Measuring people is fine. Giving the measurements an impact on employment and pay destroys collaboration, and as a secondary effect it attaches a larger incentive to working fast (so you can show your manager a big list of accomplishments) instead of attaching an incentive to doing high quality work (which might lead to a shorter list of accomplishments, but fewer security holes and other errors that need to be fixed later).
My understanding is that at Microsoft, the bonuses are largest for rank 1, slightly smaller for rank 2, etc... and the bottom of the list get kicked out.
It doesn't matter if your ten person department has people with IQs from 180 to 189, the person with 180 is going to lose their job unless they game the system to rank ahead of a colleague. (Might be fun to watch a group of super geniuses outwit each other, though.)
I don't know that I'm skilled enough to make it through Microsoft's hiring process, but the stack ranking system is one of the things that prevented me from even applying.
That would probably still work better than stack ranking, because at least then you wouldn't spend the rest of the year plotting against your colleagues and wondering if they were plotting against you. It would just be one scary day per year.
My choice is Comcast, unless I want to pay for satellite internet or use a 3G (4G is not available from any cell phone carrier in my area) cell phone plan. I'm sure Comcast has a list of every website I've visited since I moved into the house and sells it to advertisers.
I've kicked around the idea of getting a VPN service like ProXPN or something. Then they can track my every move and sell it to advertisers, but I'd rather see some tiny company (ideally, one based in another country) have this information than my ISP. But I've been too lazy to make that move. I don't want to use Tor because it slows down browsing speeds.
My house is 2100 square feet, and when we had oil heat we used 1100 gallons of oil per year. This is in Pennsylvania. My neighbor used to use the same amount of oil for his house, but he switched over to a woodburning stove and uses between 2-3 cords of wood per year. He works in landscaping, so his only expense for the wood is the fuel spent on his chainsaw and his pickup truck to haul it around.
Hint: for an awful lot of people, the price difference between buying cords of wood and using some other heating system like oil, gas, or electric is enough to put them in bankruptcy.
You're saying, "Do something more environmentally friendly". They're saying, "I understand what you mean, but how am I supposed to eat tomorrow if I do that?"
My grocery store actually had some bug in their software in which about 100 customers all had the same name. The cashier would routinely refer to me by some name I had never heard during the checkout process. That suited me fine, but eventually they noticed the error and issued new cards for all of us.
The Mozilla Foundation, which makes Firefox, gets most of its funding through hundred million dollar grants from Google. Google gets most of its money from advertising.
That's why Firefox browser (and of course, the Chrome browser) will never take any serious steps to block user tracking. If Mozilla ever got serious about user privacy, the next grant from Google would never arrive and Firefox development and bug fixes would slow to a trickle.
If any browser vendor would put real investment into blocking user tracking, it's probably Microsoft. Cutting ad revenue would hurt Google more than it hurts Microsoft, so Microsoft would love to move in that direction. But of course Microsoft makes proprietary software, so as soon as any grand plan to modify Internet Explorer to enhance user privacy actually worked, the NSA would probably just order Microsoft to insert a backdoor into the browser and track all user activity through that.