Category Archives: Open Source

The code is out there

Public Domain vs. Open Source

Posted on by
Reply

Ok, I promise to slow down on the use of X vs. Y on this blog, but after this post. CNet has an interesting blog post by Stephen Shankland essentially asking is public domain software open source? A very interesting question.

This little bit of information from Richard Hipp, founder of SQLite, I found to be particularly interesting:

“…The consensus there seems to be that ‘public domain’ is valid and is a proper subset of ‘open source’–except in France and Germany where the concept of ‘public domain’ is not recognized…”

In my opinion, as long as the project stipulates that all contributions be released as public domain (defined as intellectual property not owned or controlled by anyone, and available for use by anyone for any purpose without restriction) for perpetuity, I think that in itself is an open source license. It’s also the cleanest and most easy to read.

Microsoft’s Open Source Decoy

Posted on by
2

So Microsoft will open up with information on many protocols/formats, and provide a “covenant” not to sue open source developers. Note the exception. Microsoft reserves the right to sue companies who commercially distribute such implementations. They need to get a license. As Microsoft put it in their principles:

Open Source Compatibility. Microsoft will covenant not to sue open source developers for development and non-commercial distribution of implementations of these Open Protocols.

As far as everyones reaction to this, Arstechnica wins with the best quote:

“Instead of offering a patent license for its protocol information on the basis of licensing arrangements it knows are incompatible with the GPL—the world’s most widely used open source software license.”

It may settle some curiosity in regards to how close certain reverse engineered implementations are to the actual protocol, but beyond that I don’t think it will make any difference. I think this caveat would limit most projects ability to utilize the information. I don’t think any major project is willing to utilize code subject to that limitation.

For example I mentioned just the other day that Exchange compatibility would bring about the most corporate adoption to Mozilla Thunderbird. Well this could potentially help make that a reality, except Mozilla’s commercial arm would be subject to trouble come release time. Not to mention any downstream commercial distribution that includes it (including many Linux distributions) unless they include a version without this code.

It may however be possible for a company to sell a product and offer a GPL licensed open source “plugin” or “addon” that adds the functionality. So for example Thunderbird would ship as usual via Mozilla Messaging and various Linux distributions. If you wanted exchange compatibility you would need to go to mozilla.org and download the addon for it. Similar to the current process for the provider for Google Calendar. However this adds a nasty extra step for users. It’s far from ideal.

The other notable thing in my mind is this part of their principles:

Industry Standard Formats. Microsoft supports many data formats promulgated by standards bodies in its products today. We will apply Principle II with respect to any standards-based data formats in our high-volume products. We will incorporate customer advice from our Interoperability Executive Customer Council and our ongoing community and customer engagement efforts to give us guidance to prioritize which standards we support in any given product release.

We want OpenDocument.

So despite all the media attention, I don’t think open source gained much today. There’s potential (OpenDocument getting priority would be nice), but really no big win. I just don’t see projects giving up GPL, and I’m pretty sure this agreement would violate GPL.

Open Source And Recessions

Posted on by
3

There’s an interesting blog post on Open Source and recessions worth reading. Essentially the question is this: Does a recession have a negative impact on open source?

I’d say the answer is somewhat more complex than a simple yes/no. There are many different types of projects out there with entirely different circumstances. However I suspect a projects impact could be gaged on a few key aspects of it’s operation:

Purpose – The purpose of the project is likely the most critical aspect. For example, I don’t think there would be any significant impact on projects like the Linux kernel which is essential to many products out there including server infrastructure that powers much of the web and many companies computer systems. Then you have consumer products like TiVo, Google Android etc. Because it’s purpose is so broad there are enough people with a financial interest in seeing development continue. WebKit, Mozilla, Apache, are good examples of this. They have broad usage by many. Something specific to a more obscure task would have more trouble due to it’s more limited market.

Development Team – Of course for a project to succeed it needs one or more developers. During a recession one could theorize that many would be less inclined to participate. This may not necessarily so. First of all, quite a bit of open source development is loosely sponsored. Several projects have actual staff, paid employees who write open source code. For example Apple employees people to work on WebKit. Mozilla has staff working on Firefox. There are people paid to work on Linux (Red Hat, IBM, Novell, etc.) and many other open source projects. There are also companies who contribute some code that would be of strategic value to them. There’s also those who are simply willing to sponsor some work they want to see happen. All of which fund developers of larger open source projects. But would developers who aren’t sponsored or employed to code still participate? I theorize most still would as they don’t depend on it for income during good times, presumably a job during a recession wouldn’t generally prohibit participation and more than a job during years of economic growth. There’s also the impact of college students who participate partially for the educational aspect. The early 2000′s was a recession and still showed a fair amount of growth of open source. In fact many of todays stars really started to take shape during that period. For example:

Funding – Somewhat obvious: Funding is key. Who pays the developers (partially the last aspect I discussed)? Who pays for the projects needs (servers, etc.)? Many of the more popular projects (almost all of the above) have either an organization of for-profit company around built around it. That company often sponsors the needs of the project. Unless the needs of that companies product/service is no longer needed during the recession, funding likely remains. That’s partially the first aspect I discussed.

It’s my belief the larger and more popular open source projects would feel a minimal impact during a recession. I think history has shown this, and common sense agrees. They are mostly low development cost, adequately funded (often from diverse sources), stable, and have a broad team of developers. The projects that are in trouble are the ones who have very few or only 1 developer, even worse if they share the same sponsor, even worse if there is little community around the project. Most projects would generally experience a slight slowdown in development the degree would depend on the above. A few may go dormant for a period of time. Thanks to things like GPL licensing, another developer can pick up should there be a market in the open source ecosystem.

Overall I don’t think open source would be nearly as impacted as most businesses during a recession. The model is very different. Open source when successful has a community and many different sponsors. The diversity allows the project to survive even when recession causes some sponsors to need to reduce or eliminate involvement. Open Source also by definition is used to this type of environment. It’s used to developing on a budget, soliciting sponsors to help cover costs, etc.

The interesting thing about recession is that it impacts everyone, but the degree to which someone is impacted varies. For example construction and housing are generally harder hit than other industries. People tend to cut back on new home purchases before they cut back on other things. Each of those industries has computing needs, sometimes met by open source. This all feeds into the open source ecosystem.

I’d suggest that all of the projects I have mentioned here will do ok during a recession. Many with a slowdown, but all will still continue as long as they provide value. A notable situation is Mozilla’s income comes largely from Google which is based on ad revenue. During a recession and bubble bursting this would likely dramatically reduce the revenue brought in. This isn’t being ignored. As the 2006 Financial FAQ states:

First, the cash reserve is of course a form of insurance against the loss of income. We will continue to maintain enough of a reserve to allow us flexibility in making product decisions….

It seems that an open source project with a diverse stream of funding from individuals and companies of various industries, as well as developers in different situations is in the best position to survive.

It’s an interesting topic.

ZFS On Mac OS X

Posted on by
1

Anyone with an interest in file systems, data management, large scale storage, and security has been keeping an eye on Sun’s ZFS for a while now. Apple looks like it will ship the first consumer-targeted OS to feature workable ZFS support. It’s in Leopard, but read only. Apple has now released binaries and source. It’s still not ready for prime time (not even bootable, and has some serious bugs), but it’s progressing.

While not in Apple’s implementation yet (it is however planned), ZFS supports things like compression and encryption. ZFS is also a 128bit filesystem, so for the foreseeable future, it’s enough storage for anyone. Dynamic striping and Snapshots are also extremely interesting. I’m curious to know how snapshots in ZFS will integrate into Mac OS X 10.5 Leopard with Time Machine. I wonder if complete ZFS support will make a 10.5 revision or if it will be read-only until 10.6.

I am however curious if they have given any thought to solid state storage. It’s pretty clear that’s where the future is headed. While ZFS targets size rather than performance (meaning the two won’t collide for some time as solid state storage won’t be practical for large storage arrays for a few more years), I wonder if ZFS would be able to do things like wear-leveling. So far I haven’t seen any documentation to hint that the feature exists (I’d presume it doesn’t). No idea if it would be something that could be added or if it’s nearly impossible.

Mitch Kapor Leaves Chandler

Posted on by
2

Chandler is the attempt by OSAF to create a PIM. Several years later, it’s still not ready for prime time. Now Mitch Kapor is leaving, and his funding will follow.

He also sits on the board of directors for the Mozilla Foundation. Parent of the Mozilla Corporation and the yet-to-be-named mail corporation which will continue Thunderbird’s development.

I think this quote from the article is really something to pay attention to:

The best communal open-source projects are run like Mozilla (strong core development team with easy pluggability from the outside), Eclipse (cohesive corporate involvement to create a common core while competing at the edges–come to think of it, Linux is like this too), or Apache (strong technology brand that allows for a wide range of experimentation).

Some more interesting reflections on the news can be found on Why does everything suck. Chandler always sounded very interesting, but it never really found it’s way.

Things to keep in mind as Thunderbird develops wings of it’s own.

Benchmarking And Testing Browsers

Posted on by
1

When people talk about open source they often talk about the products, not the process. That’s not really a bad thing (it is after all about the product), but it overlooks some really interesting things sometimes. For example open source tools used in open development.

A few months ago Jesse Ruderman introduced jsfunfuzz, which is a tool for fuzz testing the js engine in Firefox. It turned up 280 bugs (many already fixed). Because the tool itself is not horded behind a firewall it’s also helped identify several Safari and Opera bugs. It’s a pretty cool way to find some bugs.

The WebKit team has now released SunSpider a javascript benchmarking tool. Something tells me this will lead to some performance improvements in everyone’s engine. How much will be done for Firefox 3.0 is a little questionable considering beta 2 is nearing release, though you never know. There’s been some nice work on removing allocations recently. So just because it’s beta, you can’t always assume fixes will be minor in scope.

Another test that many are familiar with is Acid 2 which essentially is checking CSS support among browsers. Ironically this one too was released when Gecko is somewhat late in the development cycle.

Efforts like this really help web development by allowing browser developers to have a baseline to compare their strengths and weaknesses. Having a little healthy competition as motivation can be pretty helpful too ;-) .

Top Windows Programs Open Source

Posted on by
4

CNet has a slide show with it’s top Windows programs. It’s a pretty good list. I’d agree with it for pretty much everything. What I found really interesting is that of the 9 listed, 7 are open source. Here’s the rundown with the license for the source of each:

Interesting to see the penetration of open source here.

Android SDK Released

Posted on by
4

We knew it was coming, and it’s now here. I haven’t looked at it too closely, but a few things I’ve noticed:

Yet another XML UI? Clearly it’s becoming a popular way to do things, but do we need so many? XUL, MXML, XAML, now Android? Surely there must be another way. XUL as a standard sadly never materialized.

There’s a mention of 3D libraries, but notes:

…the libraries use either hardware 3D acceleration (where available) or the included, highly optimized 3D software rasterizer…

We all know how well graphics drivers have historically been on Linux. Hopefully the embedded/mobile market will prove better than the desktop.

One thing I do wonder is all the variables. The platform seems to have a fair amount of potential, but there’s no real standard regarding what you can be assured will exist on a handheld (for example 3D acceleration) or even what restrictions might be imposed by the carrier (firmware lockdown). At least with the iPhone you know they all ship with certain CPU’s, graphic capabilities, etc. It’s a very predictable platform. Android reminds me a lot of programming for the PC, there’s a ton of variations out there on the web to account for. Even if most run the same OS. Mobile has the added complexity of carriers who are notoriously restrictive. I wonder if this will really change. This is why the web as a platform is so great. It overcomes most of these limitations.

In general I have to agree with most of what Robert Scoble says (vaporware, unimpressive UI, etc.) but it’s still very early on, and you can’t judge much based on this early preview. Right now, the iPhone is a clear winner, but I wouldn’t discount Android just yet.

My general feeling is that it’s too early to make much of a judgment. There many things that can happen in the next several months that can drastically alter the fate of Android for better or worse both business and tech wise.

The next key moment in the mobile landscape will be the release of the iPhone SDK due early next year.

Then there’s always the underdog OpenMoko.

The Illusive Gphone

Posted on by
1

So the illusive Gphone is finally announced, but not as a phone but an alliance.

One should note it coincides very nicely with last months announcement of Firefox Mobile becoming a priority. Firefox has a nice share of the Linux browser market. Extending it to mobile seems somewhat natural. A real win for developers. The same browser on all major PC platforms, and many mobile devices (on multiple carriers by different manufacturers) creates one of the largest platforms on the planet for a high level language like JavaScript. It also means it will be easier to port existing web applications to mobile devices knowing the browser is of the same lineage and honors true standards. It’s also nice to know that other mobile browsers like Safari on the iPhone are also very standards friendly.

Obviously absent on the list of members in the alliance is Verizon, AT&T, and Apple. I’d be curious to know what Apple is thinking. Could this be another Mac vs. PC? Or will Apple “Think Different” this time when faced with a pending platform war? I know what I would do. I’d start hacking up a Wine-like API for running Linux applications on Mac OS X. Since Linux doesn’t need to be reverse engineered like Windows, development should be much easier. Mac OS X having strong UNIX roots would also likely be helpful. At the end of the day, you would then be able to run Android applications on top of the thin(ish) compatibility layer. Casual users wouldn’t know any better. I guess in a sense Apple has started down this road. There is X11 for Mac OS X. They can of course keep it all under the radar for a while, just like Mac OS X for x86 until they need to play that card.

Om Malik makes an interesting point:

  • Google (GOOG) says it’s open source, letting you download it and do whatever — except that carriers can create their own locked-down versions of the software with Android. That doesn’t seem very open to me.

It does make me wonder if Google is doing the heavy lifting and carriers will just fork it when done and ship a closed version of the software and take advantage of not needing to pay licensing.

Very interesting stuff, but still doesn’t answer my question regarding bandwidth becoming fast enough, and affordable enough to hit critical mass. It still seems that mobile data services are just too expensive for many people to justify. Will this encourage enough competition in the mobile space to drive prices down? Or is there going to be some incentives to offer lower priced data services?

Snoopy’s Relative Redirect Bug

Posted on by
4

Snoopy is a PHP class that automates many common web browsing functions making it easier to fetch and navigate the web using PHP. It’s pretty handy. I found an interesting bug recently and diagnosed it this afternoon.

If you navigate to a 301 or 302 redirect in a subdirectory you can get something like this:

HTTP/1.1 302
Date: Sat, 13 Oct 2007 20:26:46 GMT
Server: Apache/1.3.33 (Unix)
Location: destination.xml
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

The key thing to pay attention to here is Location: destination.xml. Say your initial request was to:

http://somesite.tld/directory/request.xml

Our next request based on the redirect should be to:

http://somesite.tld/directory/desination.xml

Instead what Snoopy is doing is appending to the hostname, resulting in an incorrect request:

http://somesite.tld/request.xml

This is correct in cases where the first character of a redirect location contains a “/”. In this case it does not, which makes it incorrect. The following patch I wrote corrects this behavior. As far as I can tell (I haven’t read every word of the spec, but many chunks over the years) the HTTP 1.1 specs RFC 2616 only dictate that URI be provided, it doesn’t seem to require full url’s. See comments for follow up discussion on the specs. My conclusion is that it’s best practice but not required to use absolute uri’s). I wouldn’t call this a very common practice, but it does exist in the wild.

— Snoopy.class.php    2005-11-08 01:55:33.000000000 -0500
+++ Snoopy-patched.class.php    2007-10-13 16:10:38.000000000 -0400
@@ -871,8 +871,18 @@
                                // look for :// in the Location header to see if hostname is included
                                if(!preg_match("|\:\/\/|",$matches[2]))
                                {
                                        // no host in the path, so prepend
                                        $this->_redirectaddr = $URI_PARTS["scheme"]."://".$this->host.":".$this->port;
+                                       // START patch by Robert Accettura
+                                       // Make sure to keep the directory if it doesn’t start with a ‘/’
+                                       if($matches[2]{0} != ‘/’)
+                                       {
+                                               list($urlPath, $urlParams) = explode(‘?’, $url);
+                                               $urlDirPath = substr($urlPath, 0, strrpos($urlPath, ‘/’)+1);
+                                               $this->_redirectaddr .= $urlDirPath;
+                                       }
+                                       // END patch by Robert Accettura
+
                                        // eliminate double slash
                                        if(!preg_match("|^/|",$matches[2]))
                                                        $this->_redirectaddr .= "/".$matches[2];

Code provided in this post is released under the same license as Snoopy itself (GNU Lesser General Public License).

Hopefully that solves this problem for anyone else who runs across it. It also teaches a good lesson about redirects. I bet this isn’t the only code out there that incorrectly handles this. Most redirects don’t do this, but there are a few out there that will.