LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

LWN Weekly Edition

Front page
Security
Kernel development
Distributions
Development
Linux in the news
Announcements
->One big page

 

This page

Previous week
Following week

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

openSUSE and the distribution of proprietary software

LPC: What's happening with webcams

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

LWN.net Weekly Edition for October 13, 2005

A pair of desktop initiatives

Whether or not they agree that Linux is "ready for the desktop" or not, most observers will allow that there remains plenty of room for improvement. And while some of those improvements will take the form of slick new applications, there is also quite a bit of less glorious work to do. So it is encouraging to see a couple of new efforts aimed at improving the quality of the desktop we already have.

Novell has sent out a press release announcing the launch of the Better Desktop initiative. This effort, part of the OpenSUSE project, intends to provide information to developers which will help them to make the Linux desktop a better experience.

User-oriented proprietary software companies have many techniques for improving the usability of their products. One of those is to film users trying to fight their way through an application, then lock the developers in a room and force them to watch the users struggle. No popcorn provided. Developers know their software, so they will not wander into the traps and dead-ends which confuse the rest of the world. Watching others run afoul of usability problems shines a light on those problems which cannot be denied. Once the problems are seen and understood, the developers can start to think about solving them.

The Better Desktop project cannot lock developers in a room, and it cannot deprive them of the refreshments of their choice. What it can do, however, is provide the films. As a start, the project has posted video streams of several users as they attempt to accomplish a set of objectives. Also posted is a small set of reports drawing conclusions from the videos. These conclusions are relatively simple (users want to see the username and password fields together on the login screen, for example), but they do demonstrate the sort of issues that developers tend not to see on their own.

The research results posted are just a beginning; one assumes that the project will run more experiments over time. Your editor suggests "figure out how to make betterdesktop.org display reports in firefox without popping up new windows" as a nice place to start. As this body of data grows, implementing usability improvements indicated by the results should be a relatively straightforward task. In usability, as in many other areas, the real challenge is figuring out what problems to solve, rather than implementing the solutions.

[icon]
[icon]
[icon]
[icon]
[icon]

The Tango Project has taken on a different goal: get rid of visual inconsistencies between desktop applications, regardless of their source. In particular, Tango has targeted icons as an area needing improvement. So, the project has posted a set of style guidelines on how icons should be created and a specification on how they should be named. If applications adopt both, the result should be applications that look the same everywhere.

The Tango icon gallery gives a good demonstration of the guidelines in action. These guidelines call for bright colors and well-defined perspectives on objects. Not everybody will like the relatively cartoonish approach taken by Tango, but use of these icons will undoubtedly create a lively desktop.

Tango may or may not succeed in the real world. It is important, however, as a cross-desktop effort to improve the overall user experience. If the Linux desktop is to continue to get better, a great deal of usability and consistency work will have to get done. The fact that projects are coming together to make a start on that work can only be a good thing.

Comments (17 posted)

Single-company free software

This has been an interesting week for those who watch how free software and the business world interact. Oracle's acquisition of Innobase, Check Point's acquisition of Sourcefire, and the closing of the Nessus source all raise some fundamental questions. Free software users are secure - even smug - in the knowledge that the software they use cannot be yanked out from under them. Is that really true, however, in situations where an important component is owned by a single company?

Oracle has announced the acquisition of a Finnish company named Innobase. This company is the creator of the "InnoDB" storage engine used by the popular MySQL relational database management system. MySQL has a number of storage engines, but InnoDB is the one which seems to meet the needs of a large portion of MySQL's users. So those users may well have cause to wonder about language like the following, from the Oracle press release:

InnoDB is not a standalone database product: it is distributed as a part of the MySQL database. InnoDB's contractual relationship with MySQL comes up for renewal next year. Oracle fully expects to negotiate an extension of that relationship.

MySQL AB has put out a cheery press release "welcoming" Oracle to the free database market. Behind the smile, however, there may be some worry in the MySQL office. Oracle, after all, does not have a reputation for being a particularly pleasant company to negotiate with. MySQL is almost certainly paying Innobase for the right to include InnoDB with the proprietary versions of its software; it may be that the price is about to go up.

Should MySQL users worry? The current version of InnoDB is licensed under the GPL, and Oracle cannot take that away. What might happen is that development for the freely-licensed InnoDB may slow or stop. Nothing can prevent the user community - or MySQL AB itself - from forking the project and continuing development should Oracle take things in an undesirable direction. But MySQL AB's motivation to do so may be small if it is unable to include InnoDB in its commercial products.

Meanwhile, Sourcefire has been acquired by Check Point, a security firm. Sourcefire is the company created around the free Snort intrusion detection system. Snort users depend on it to catch and respond to attempts to compromise systems on their networks. So the idea that this code could go proprietary is of concern.

Check Point claims to be "fully committed" to the Snort open source community, so, presumably, Snort will remain free for a while. In the case of Snort, however, the users who truly depend on it are already paying for additional services. Among other things, a tool like Snort requires regular updates to its rule set to keep up with the latest attack signatures. Quick rule updates were already a value-added service, and that is unlikely to change. With luck, the free rules will continue to be updated regularly. If that fails to happen, and there is sufficient interest in the community, those updates will come from outside the company in the future.

Users of the Nessus security scanner were recently surprised by a Nessus roadmap posting. The upcoming 3.0 release will include a number of improvements, especially in performance, but it will no longer be licensed under the GPL. It will, instead, carry a "free beer" license which makes the distribution of binaries difficult or impossible. Tenable Software, the company behind Nessus, cites two reasons for the license change. The first is that other companies are using Nessus to compete in ways that Tenable sees as unfair:

A number of companies are _using_ the source code against us, by selling or renting appliances, thus exploiting a loophole in the GPL. So in that regard, we have been fueling our own competition and we want to put an end to that. Nessus3 contains an improved engine, and we don't want our competition to claim to have improved "their" scanner.

The exact nature of this "loophole" is unclear; selling an appliance loaded with GPL-licensed software does not change the GPL's requirements, as several router appliance vendors have found to their detriment. That said, it is clear that Tenable believes that distributing Nessus under the GPL is costing it business. When that belief is combined with the company's other claim - that the wider community has failed to contribute any worthwhile code to Nessus anyway - the reasoning behind the change becomes clear. Why bother with a free license when it hurts business and does not bring in any contributions from outside?

It is hard to say, from a distance, why there has been so little community contribution to Nessus. Certainly there is nothing readily visible on Nessus.org encouraging contributions. But there does not appear to be any indications that Tenable went out of its way to discourage or reject contributions. This may be one of those cases - certainly not the only one - where an outside development community has simply failed to come together for a particular project.

Once again, the current version of Nessus is licensed under the GPL, and nobody can take that away. Tenable has even said that it will continue to support the GPL version with bug fixes. So if the Nessus user community is truly upset by the licensing change, it will be able to fork the free version and carry it forward. It's worth noting that many Nessus plugins, which perform the actual security checks, have been covered by a different license for some time, however. Tenable requires third-party plugins to be distributed under the GPL, which indicates that the company sees those plugins as being derived from Nessus itself. How such plugins can be legally used with a non-GPL Nessus would be an interesting question for the lawyers.

All three of these cases illustrate a particular hazard associated with free software projects which are entirely owned by one company. Any such project can turn proprietary at any time, leaving users scrambling for a new solution. This risk is worth keeping in mind, but it should also be kept in perspective. Proprietary software is no more reliable; indeed, it can vanish altogether leaving users with no recourse at all. Free software, at least, cannot be taken away. Users have the option of carrying it forward, should they choose to do so. OpenSSH is a good example of how this freedom can work.

A bigger risk with single-company free software might well turn out to be that it has a harder time attracting developers. This may be especially true in cases where developers are required to assign their copyrights to the owning company on any contributions. It is hard to justify giving away your code when some company might just turn around and make it proprietary. For this reason, a number of companies based on free software projects have created independent foundations to own the copyrights and manage development. For both users and developers who are evaluating free software projects, the existence of such a foundation will provide a higher degree of assurance that the freedoms they count on will remain available in future releases of the software.

Comments (40 posted)

LWN status - a followup

The LWN status update posted two weeks ago generated quite a bit of feedback. We have also received quite a bit of mail; it has all been read, though we have not had a chance to respond to every message. Once again, we offer our thanks to all of you, who clearly care about keeping LWN going and making it better.

One of the most commonly-suggested ideas was a "send a link" feature for subscribers. Using this feature, a subscriber could generate a link which would enable a non-subscriber to access an article which is still behind the subscription gate. The idea would be to let our readers spread limited access to subscription content, thus helping to hook more readers. We will probably implement this idea, though the specific shape of it remains to be worked out. Stay tuned.

Other promotional approaches are being looked at and tried out. Ad campaigns run on That Big Search Engine have been disappointing so far, though we have not yet given up on that approach. What seems more effective is targeted trial subscription offers; a trial offer sent to the GnuCash and KMyMoney lists (so they could read the recent Grumpy Editor article) got quite a few takers. LWN does not need a reputation for spamming developer lists, however, so much care will have to be taken with this approach.

The idea of extending the subscription period did not inspire a great many replies, one way or another. We may try a modest extension (to two weeks, perhaps), maybe in conjunction with the "send a link" feature.

A few people have asked for a higher-priced subscription option or the ability to simply make donations. We may eventually add the higher level, though we expect that the uptake - which would be necessarily less than we see now for the "project leader" level - would be relatively small. There will not be a donation option added, however. Those of you who were with us when we first decided to try subscriptions will remember that we went through a major hassle with our credit card merchant bank. Donations are a red flag which, it seems, creates major anxiety in merchant bank risk management departments. Our current bank has proved to be far more rational than the one we had back then, but the ability to accept credit cards is our lifeline, and we cannot do things (like accepting donations) which put it at risk.

We do have a couple of options for anybody who would like to send more money LWN's way: (1) buy a gift certificate for a friend, or (2) buy a text ad promoting your favorite free software project.

A few users have suggested that the site could use a redesign to give it a more professional look. No doubt that is true, and a site makeover has been on the "to do" list for some time. Any such redesign, when it happens, will preserve the core philosophy of the current site: LWN is about high-quality text without a lot of distracting decorative material. So there is no need to worry that we'll be going to a frame-based, flash-encrusted, image-heavy presentation in the future.

Thanks to all of you for your support and feedback. LWN has truly been blessed with the best group of readers we could ever have hoped for.

Comments (58 posted)

Page editor: Jonathan Corbet

Inside this week's LWN.net Weekly Edition

  • Security: Mail filtering in Thunderbird 1.5; New vulnerabilities in the kernel, koffice, mozilla, openssl, ruby, ...
  • Kernel: Introducing gfp_t; Hard drive protection; Adaptive readahead.
  • Distributions: How many is too many?; OpenLab4; SUSE 10; Ubuntu 5.10RC; Mandriva Linux 2006 + Ark Linux, Pie Box and 64Studio
  • Development: GIMP 2.4 Moves Toward Better Usability, the Tango project, new versions of Oggz, Java Parallel Processing, Open MPI, PostgreSQL, COPL, funkload, LogMiner, Midgard, Whitebeam, CalCore, Gnome, FlowDesigner, SQL-Ledger, pyGame Utilities, Dogtail, Smack, KOffice, OpenMCL, File Manage, Pyflakes, Deskzilla.
  • Press: Declaration of InDRMpendence, Nessus drops GPL, Web 2.0 coverage, Internet Identity Workshop, Sun Wah wins Chinese bid, Japan to increase Linux use, scp howto, Linux Web development tools, embedded GNOME.
  • Announcements: SugarCRM's Open Source Developer Contest, Xara open-sources Xtreme, EFF on public web pages and the broadcast flag, DDJ covers Google Summer of Code, Race to Linux contest winners, GOSCON - Portland, AMIA 2005 - Washington DC, LCA registration, CodeCon 2006 cfp, KDE Jabber server.
Next page: Security>>

Copyright © 2005, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds