Week 9 (3/20, 3/22)
Teams Reports
I want weekly emailed status reports from each team!
Individual Assignment 1
Katharos license
About that "given enough eyeballs, all bugs are shallow" thing ....
https://r0ml.medium.com/free-software-an-idea-whose-time-has-passed-6570c1d8218a
Lefkowitz really doesn't seem to like RMS. The "Free" here is specifically "Free/Libre". He regards the Gnu approach as fundamentally political.
Which is all good. But then he gets cranky:
But then Lefkowitz goes off the rails a bit, with the idea that software publishers should be liable for errors, and that should apply to FSF. Holding open-source contributors liable for bugs would have dire consequences.
And then Lefkowitz suggests that software privacy and security would be better addressed by government regulation. There is no way that is going to end well.
"The point being: large corporations and government agencies have always had the ability to get access to the source code of commercial software, and modify it if they wish. And if they have a good reason, they will do so. But usually, they don’t wish to."
Lefkowitz' idea about "public software" is, well, bizarre. Software is not like books. There's no point in a library-like check-out-and-return policy.
Yes. The business model is "open core". But thank you for yet another tedious reminder.
Open Source Security Foundation (OpenSSF)
Earlier I raised the issue of clang vs gcc, suggesting that maybe plugins to allow gcc to interface with non-GPL IDEs was the issue. Here's another article on that: https://lwn.net/Articles/629259.
It took many years before the GNU Compiler Collection (GCC) changed its runtime library exemption in a way that allowed for GCC plugins, largely because of fears that companies might distribute proprietary, closed-source plugins.
Ironically, emacs has lots of weird plugins.
But here's another issue:
Stallman is concerned that proprietary backends could take the [gcc abstract syntax tree] output and generate code from it.
This is an intense debate, because, as Perry Metzger noted:
Linux’s solution to this problem was to create a policy of never breaking userland applications. This means userland interfaces to the Linux kernel never change under any circumstances, even if they malfunction and have known bugs. That is worth reiterating. Linux maintains known bugs – and actively refuses to fix them. In fact, if you attempt to fix them, Linus will curse at you, as manifest by this email.