Box Toxen and Poul-Henning Kamp make certain viewpoints with regard to the role of funds in secure software. Can anyone generalise and formulate a theory using aberrations as examples ? I think the method deployed by Poul-Henning is wrong. While funds may contribute to secureness of software, proprietary-ness of software will effectively prevent anyone from knowing what's really going behind the scene. When patches could be effectively used to alter the functionality of a given proprietary software, how could anyone verify truthfulness of a software to a function based on mere claims ? Access to software sources must be a extended in order to conclusively verify absence of mischievious code. Another perspective stems from the fact that proprietary software can only be improved at the developer's place. The case with Free Software is different, as any student could pick up a sample project and go on to complete the project as part of academic work - an exercise which is normally impossible with proprietary software.
Carlos
|
Mon, 18 Aug 2014 16:42:39 UTC
@Fellow Traveler. "If you want the companies to fund the development, just use the GPL"
I don't think that's the problem. See the Apache Foundation. The truth, companies are takers, open-source is the mean, not the end for those companies. So, they usually contribute when they can use the software in their private business freely without having to open their own code and when that open-source software is a core part of their business, so they need to maintain it.
The problem with most of those "take-a-lot-contribute-little" companies is a matter of *assumptions*, which is a very common problem in engineering: "it is open-source -> it is robust and tested -> we can trust".
Fellow Traveler
|
Sun, 17 Aug 2014 22:03:16 UTC
If you want the companies to fund the development, just use the GPL. This enforces a consortium-like arrangement where all the companies feel safe to contribute to open source, and are incentivized to do so. Notice that most of the pull requests to Linux are funded by large corporations who are otherwise in business competition with each other.
The problem is not funding for open-source. Rather, the problem is funding for BSD-style open-source. Because when it's GPL, the problem ceases to exist.
David
|
Sat, 16 Aug 2014 08:49:33 UTC
This problem I think is a mirror of that faced by artists: viz commissions, grants and the open market. The importance of federal funding of the arts is clear, but (in these narrow contexts) FOSS is not art as it does not contribute to 'a richer cultural life'. It contributes to a richer software-based economy.
Perhaps a tax on business to fund a department of FOSS that would disburse grants independently. We could call it an OpenLevy :)
Alex Henzell
|
Fri, 15 Aug 2014 23:41:31 UTC
Tax redirection:
Howabout the option for companies to pay, say, 10% of their tax to FOSS projects of their choice rather than the government.
Pierre
|
Fri, 15 Aug 2014 22:29:18 UTC
I think it's more accurate to say that you don't get what you don't pay for.
(Did the buyers of Enron, Bre-X or Worldcom stock "get what they paid for"?)
Joel A. Seely
|
Fri, 15 Aug 2014 20:49:09 UTC
The better analogy I've heard about Open Source Software is that it is "Free" as in "Puppy". Sure the little scamp is cute in the box at the grocery store, but don't forget you're going to need to train it, feed it, groom it, and take it to the vets. All of that takes time and money. It's the same for free software.
Lodewijk
|
Fri, 15 Aug 2014 20:47:49 UTC
Don't you think the strict maintainer structure is the cause of much grief?
Aside from practical and simple it's really anti-control-your-own-software. Shouldn't we fund features and forks more directly?
And why should you give the software to these large companies for free? Do you realize that the PHB is just an honest manifestation of capitalism in this case? In Dilbert the guy usually makes bad choices, but if he says "No." to giving money away for no profit that seems about right to me. It's the right individual choice in a game theory problem.
I see you think, but it would be much better if they /did/ fund it. And I agree. But gametheory doesn't work that way, and neither does reality. So, what can we do to keep software open but still require some sort of funding?
Stanny
|
Fri, 15 Aug 2014 20:37:04 UTC
I have never seen the amount of money spent have any effect whatsoever on software quality. Quality software is written by quality programmers, and it's a rare thing -- regardless of how much money you wave around.
Logan
|
Sat, 21 Jun 2014 14:21:18 UTC
Your TV? It has a Linux or {Net|Free}BSD computer inside it. So does the copier-printer/multifunction machine at the office, as do the entertainment consoles in your car and in your kids' bedrooms. <- Quite a few printers also has OpenBSD inside:
https://www.google.mu/url?sa=t&rct=j&q=&esrc=s&source=web&cd=5&cad=rja&uact=8&ved=0CDIQFjAE&url=http%3A%2F%2Fsupport.ricoh.com%2Fbb_v1oi%2Fpub_e%2Foi%2F0001027%2F0001027949%2FVB2227858%2FB2227858.pdf&ei=GoalU9aiC8iC4gSpv4CQCQ&usg=AFQjCNFNHKTv6O7ZOS5UY4VFi4BBW9pC3Q&bvm=bv.69411363,d.bGE
That said, awesome article :-)
CK Raju | Tue, 09 Dec 2014 06:51:29 UTC
Carlos | Mon, 18 Aug 2014 16:42:39 UTC
Fellow Traveler | Sun, 17 Aug 2014 22:03:16 UTC
David | Sat, 16 Aug 2014 08:49:33 UTC
Alex Henzell | Fri, 15 Aug 2014 23:41:31 UTC
Pierre | Fri, 15 Aug 2014 22:29:18 UTC
Joel A. Seely | Fri, 15 Aug 2014 20:49:09 UTC
Lodewijk | Fri, 15 Aug 2014 20:47:49 UTC
Stanny | Fri, 15 Aug 2014 20:37:04 UTC
Logan | Sat, 21 Jun 2014 14:21:18 UTC
Your TV? It has a Linux or {Net|Free}BSD computer inside it. So does the copier-printer/multifunction machine at the office, as do the entertainment consoles in your car and in your kids' bedrooms. <- Quite a few printers also has OpenBSD inside: https://www.google.mu/url?sa=t&rct=j&q=&esrc=s&source=web&cd=5&cad=rja&uact=8&ved=0CDIQFjAE&url=http%3A%2F%2Fsupport.ricoh.com%2Fbb_v1oi%2Fpub_e%2Foi%2F0001027%2F0001027949%2FVB2227858%2FB2227858.pdf&ei=GoalU9aiC8iC4gSpv4CQCQ&usg=AFQjCNFNHKTv6O7ZOS5UY4VFi4BBW9pC3Q&bvm=bv.69411363,d.bGE That said, awesome article :-)