I'm sorry, I just received a late update (at great cost) from Anthony Baxter.
The last keynote from Linux.conf.au was about the upcoming Python "We'll break all your code" 3k. Perhaps not quite keynote material, but it covered a gamut of issues which will break old code when the move happens - and he did work for a colorful company. The set & dict comprehensions, function annotations and dictionary views are probably worth the terrible loss of reduce(), my favourite companion to map(). And obviously old style classes & string exceptions were excess fat to be trimmed anyway. But there was more interesting code to test.
>> from __future__ import braces File "<stdin>", line 1 SyntaxError: not a chance >> import this
And check the output twice.--
I believe a little incompatibility is the spice of life, particularly if he has income and she is pattable.
-- Ogden Nash
I was there, but I didn't talk. Didn't sit around either.
Yes... I stood behind people.
And then, I came back. With a somewhat odd feeling at the back of my mind. Somehow, unlike all the other years, this year it felt more like a JNU event, rather than an ILUG-D event. What with the focus shifting off software into the rather vague (for me) realms of freedom. Maybe it was the conclave or the dinners, it didn't scream out ILUG-D like it used to - but that may not be a bad thing, per se.
Shall just have to wait and watch.--
In this country we enjoy many freedoms; freedom of speech, freedom of thought and indeed, the freedom to do neither.
Occasionally, I do wonder why I do what I do, especially with software. The answers I've got with might not make sense to everyone - actually, it no longer makes too much sense to *me* today. But one thing's remained the same - it wasn't the money then and it isn't money now.
Everyone admits that more money helps (talks, walks you home and even buys you dinner). But the question at hand was whether money, more accurately, the presence thereof, hurts open source projects. And Stormy Peters began with that question, into her LCA '08 keynote.
The internal motivations to write F/OSS usually are weakened when there's greenbacks flying. Not to mention money brings in the people who herd it, from the clan of MBA (not to be confused with N.W.A). The processes and rest of the beasts of communication, reports and roadmaps which follow aren't necessarily bad, but they aren't "fun". But even when hacking hasn't been instutionalized, money is a selective reward, which splits the community into those who are paid and the rest. Dunc-Tanc is a classic example of this divide in action. And I'd personally lost that rush the moment I start equating efforts to money - there's a stress level which you can't pay me to take up, but in which I used to live day in & day out.
Stormy Peters takes on the topic from the point of view of someone actively involved in funding open source projects & developers. Occasionally, I run into clearer insights than mine, but conclusions I gathered from the talk are something to a closer look at.
Once a f/oss developer, always a f/oss dev. Even when you've gotten off the rush for some project, pushing it along as a good engineer, the hacker in you doesn't sit around. So, even if you don't do the same for free, it's very likely you'll do something else for the same reasons you did it first - look at the ex-Eazel folks. Anyway, history might just rhyme or pun, or maybe people just go do the same again ( *cough* Gnome Online Desktop), but whatever they already did - is not lost.
Anyway, to the objective reader, I'd suggest that you ignore my blatant bias in the above post and go watch the video.--
It's classic percolate-up economics, recognizing that money is like manure: It works best if you spread it around.
After all the dust from the miniconfs settled down, the real conference began with a real treat - Bruce Schneier talking on Reconceptualizing Security [video (~150 MB)]. The keynote was about dealing with security as an intangible feeling as well as the reality of security.
Lemons: But before I head off into what that talk was about, let me introduce a new concept - Market for Lemons. The idea is that when the quality of a product (like a used car) cannot be assessed easily, the bad car (i.e a lemon) would sell for a profit, while the good car wouldn't have any customers because it is expensive. The scenario is exactly tilted towards the dishonest seller, in the absence of proper information and/or blacklists for lemon peddlers.
The security software market right now is such a one (I'd say that the job market is too). Products which are pure snakeoil are completely indistinguishable from real products from a brochure or presentation. As was clearly illustrated today. The company which invests more efforts in creating the illusion of security would potentially win over someone who has been actually spending time & effort to secure their product. The price war cannot be fought between good & bad without enough in-depth information about stuff under-the-hood.
There is probably a sweet spot between real security and the illusion of security, which would be profitable. It wouldn't be bullet-proof security by any stretch of imagination, but the sense of security wouldn't necessarily be misplaced. Which is what the profit-oriented capitalist economy would gravitate to, provided there was enough awareness & information about what is actually in the box.
Q&A: I actually got to ask Bruce Schneier a question - about the meta-stable state of this balance, where every new development/marketing tactic would again upset the market off this point. He admitted that it was an interesting question, but suggested that it would probably dampen into insignificance (think about soaps & detergent brands).
Anyway, there I was, communicating to Bruce Schneier without encyrption.--
There's small choice in rotten apples.
-- William Shakespeare, "The Taming of the Shrew"
Looks like I'll be able to make it to freed.in. Except, in a departure from the usual, I'll not be presenting there. I wasn't online or in any state to prepare a decent proposal for the conference. I'll be attending it as a vanilla delegate to the conference, possibly talking about something during the conclaves.
I wouldn't miss it if I were you (even if I were me, which I am).--
Nothing will dispel enthusiasm like a small admission fee.
-- Kim Hubbard
Monday: I had this illusion that I had no jet lag after reaching melbourne. So, I headed out to the security miniconf. The WiFi wasn't up yet (it never is for the first day). The couple of talks I was really focussing on was the OpenSSH one and the 'aggressive' Network defense one.
The latter talk had some interesting 'facts' about ICMP. The ICMP host redirect used in the sense of "talk to the hand" packet dumping. Also suggestions for an ICMP quench message to be un-deprecated as well as a lot of ire directed at sysadmins who just drop ICMP at fire-walls.
The OpenSSH talk had a fair amount of detail about writing secure code and more importantly retro-fitting security into existing code. Ironically, it began by quoting a Microsoft research paper as inspiration for a lot of work. Moving on, it shows how different is sshd compared to the standard unix daemon. Rather than move ahead accept-fork model followed very successfully by apache, sshd uses accept-fork-exec to run a master and slave process. The master handles all the higher privilege functions while the latter handles the protocol/crypto/book-keeping functionality.
Tuesday: I slept off till late afternoon. Woke up in time to peek into the gaming miniconf and walk around between Lygon st. & Swanston st.
Still not adjusted to local time yet, but the extra coffee seems to be helping today.--
So little time, so little to do.
-- Oscar Levant
LCA '08 beckons and so does a fairly long vacation down under. The blanks left behind have been filled up and I'm sitting in Singapore right now and as usual this trip was also run quite close to the wire in terms of scheduling. But I'm here and on my way.
I'll be reaching MEL by Sunday night (yes, sleepover at the SG transit hotel) and then the week goes into the conference. After which, I plan to hop onto a kangaroo and head off along the coast to Brisbane (that's about as clear my plans are).
If any of you feel like putting up this low-budget traveller somewhere on that coastal route, ping net dot php at gopalv (in reverse).--
Gosh that takes me back... or is it forward? That's the trouble with time travel, you never can tell.
-- Doctor Who, "Androids of Tara
As fox2mike told me, "We're missing a kick-ass conference" (sitting behind the scenes).
Conferences are unnecessarily cruel on the organizers. After five days of FOSS.in, I was left drained & empty rather than re-energized. Compared to the last year, when I said it was Ardeo Redux, this year my emotions are completely different. Was no fun, this conference - show up early, baby-sit the hack center, feeling sick in the infernal cold snap. Anyway, I suppose that's what responsibility steals from all of us.
Kudos to everyone who's worked tirelessly behind the scenes all these years.--
Some people grow with responsibility -- others merely swell.
Unlike last year, this year I had a pl_n.
It's a little sketchy now, but looks like I've got cash for the tickets, without doing anything too extreme .
Post conference, I've got about a week to get from Melbourne to Brisbane via some sort of ground transport, along the gold coast. Hopefully, I'll be able to find some company to drive and share gas money with. Otherwise, I need to figure out how public transport can take me to point B from point A possibly passing through point Sydney.
But before all that, foss.in beckons.--
Life is what happens to you while you're busy making other plans.
-- John Lennon, "Beautiful Boy"
Shreyas, Karunakar, Pradeepto, Tejas, Suparna, Kartik and Naba are on the other posters. The elusive Karunakar had been captured by the able hands of spo0nman - during Freedel '06 (danke for the Creative Commons). And a rockstar-like Pradeepto from one of my FOSS.NITC '06 pics (but for some other pics from that trip ... *cough*).
Anyway, if you want to get on one of these posters - just follow Sankarshan's advice.--
The trouble with doing something right the first time is that nobody appreciates how difficult it was.
I had gone to Freed.in to talk on something slightly unusual. My talk was on "!0 Things You didn't know about Python" - and as usual, I overdid the technical bits of the talk. But at least someone will remember memoization can improve your factorial code. So, here are the slides and let's leave it at that.
The whole conference schedule was packed with familiars from #linux-india - but the absence of Lap_64 and Lawgon was felt rather heavily. Nearly all of ILUG-Bom was present at the conference, even the Panvelkar.
There were some interesting things which came up during the conference. One of them was the SME Panel discussion where the adoption of F/OSS in the small & medium enterprise was discussed. The hurdles to most of these arise from the lack of support and surprisingly, vice versa.
As one of the volunteers commented, the paid-for support structures in place are leaning precariously on the seniors in the community. Where there is an OldMonk or BigBeard, there isn't really a gradation into a lower echelon of cheaper support for simpler tasks which a newcomer can take up without incurring much risk. The vicious cycle of establishing a reputation versus requiring one is present in the system.
Repurposing the LUG to handle the responsibility as a contact point was discussed and IMHO was a waste of time. A community organization with democractically inclined operation cannot do that job effectively. Involving it in monetary transactions brings in a large number of problems which are best solved by incorporation elsewhere.
Secondly, there was f3ew's talk on Building Online Communities, which was mind-mapped unconference of sorts. I'm still working on my Breaking & Entering Communities talk, but this sort of served as a stage to throw out some of my material. I personally think that we need help in contributing to communities rather than going about building them.
And as the conference wound down, we all packed our bags and headed out to Manali.--
I don't believe in sweeping social change being manifested by one person, unless he has an atomic weapon.
-- Howard Chaykin
FOSS.in is back and it is bigger than ever, stretching for five full days from tuesday to saturday (04-Dec to 08). But as I said last year, there are sort-of miniconfs this year. Instead of doing ordinary mini-conf style, this one is going to be project specific rather than topic-specific. This works out nicely for the big projects to get a little momentum going, but might be slightly bad for the small projects or platform coders (like me). I guess that's a chicken & egg problem which a conference cannot solve by itself.
Since my previous post was about freed.in, I think there's something that needs to be said. While I was at OSCON, trying to convince people to submit talks to foss.in, I was asked an interesting question.
Not enough speakers ?: Sure, India does have enough qualified speakers to run a 5 day conference with the people we have. But foss.in, IMHO, has the resources to actually bring some really interesting people to India. Somehow the assumption that bringing in foreign speakers is an admission of weakness has to be debunked. I consider the fact that the conference can afford that as a strength. Actually being able to be in ad-hoc discussions with these folks itself brings about interesting results. No, I'm not talking about b-school style "networking". I'm talking about ideas getting thrown around, bounced off and suggestions being made by a group who probably would not have met if not for the conference. After all, the aim is to encourage communication, collaboration and contribution from India - not to merely showcase last year's work.
The new avatar of the conference itself has some modifications. The conference dinner is one of the things which has been borrowed from some of the more successful conferences. You can read the full announcement for more details.--
You're not an alcoholic unless you go to AA meetings.
The old Freedel you knew is no more. The new & improved incarnation of the conference is to be named Freed.in and to be held this September in Delhi. It is a community conference and run by the ILUG-D community (*ahem*, the usual culprits). The Call for papers is open, so if you happen to be India & working for a cool F/OSS project, put in a paper now.
I've been to the conference last couple of years and it has been an awesome experience.--
No group of professionals meets except to conspire against the public at large.
-- Mark Twain
For those who've not been keeping track of what I've been upto, I did manage to make it to OSCON. A couple of days too late, but in time to get there, revamp my slides (after I sat through a couple of php sessions) and give a kickass talk. The last minute jet-lagged efforts to tailor the slides to the crowd was very much worth the effort.
But the fun part of the talk was about four minutes into the talk when Amarok decided to splash up an OSD message which said in loud bold letters - I Wanna Have Your Babies. Panic ... brain skips a beat. Well, there was nothing to do but close Amarok and really make people forget they ever saw it. I think I succeeded in that task - nobody's reminded me about that yet, but enough people have said that it was entertaining. And that's a new experience for me :)
In conclusion, I came, I saw ... I talked.
PS: slides and bazookatooth on IRC reminded me that Amarok said "Girlfriend/Avril Lavigne".--
Confidence is simply that quiet, assured feeling you have before you fall flat on your face.
-- Dr. L. Binder
In a development which is becoming depressingly familiar, my travel plans are in a mess. As of right now, I have no flight tickets, not hotel booking and not even an ETA on when both these things will be fixed up - and the conference starts on Monday. It's not like this is the first time or even the the second time this has happened.
But what's really different this time from those two is that finally for once Yahoo! is paying for my travel. For the previous two journeys, I had booked my tickets myself (and blowing up a year's savings each time), which ensured that I had a travel agent to call up and bug. And both times I did manage to get where I wanted and everything did work out nicely. But ever since I heard the "We'll check again on monday" on Friday afternoon, I've sort of given up.
But two out of three ain't so bad ...--
One possible reason that things aren't going according to plan is that there never was a plan in the first place.
Last monday afternoon, I tore myself from the mundane grind of office to go listen to Eben Moglen talk about GPLv3 and Beyond. The evening that was to follow was as brilliant as the golden monsoon sunset. I happened to miss the GPLv3 conference that went on last year, mostly due to personal reasons and I'd been out of the loop from the whole license process.
A Benevolent GPL: Most people assume GPL version 3 is going to get tougher on those who violate the license. But I was surprised to learn about the amnesty period for bonafide violations, to give the errant a chance to redeem themselves. The termination clause allows for a sixty day period to get back to compliance and avoid the penalties associated with copyright infringement.
Patents: I didn't hear this from Eben Moglen, but it bears repeating - "Where they were supposed to patent new inventions, companies have taken to inventing new patents". And with all due respect, that is exactly what is wrong with the current patent regimen.
The whole Microsoft deal was discussed in the meeting, where the failure of them to act up on the violations would automatically bring in Laches into effect. The FUD might actually work against Microsoft, even if they come up with the list of 253 patents because they will be deprived of all royalty claims for infringements wilfully ignored. Essentially, they're eating into their own war chest of patents with the bluffs.
The Process: There were several comments made about the GPLv3 process, which raises the bar for the creation of new licenses. If someone like OSI decides to ask more questions about community involvement in the development of the license, the proliferation of open source licenses will come to a quick grinding halt. Even moreso, the LGPL is going to become truly GPL+LE (for instance, dotgnu's class libraries and GNU classpath are GPL+LE rather than LGPL).
There will always be people who write BSD licensed code, but it lacks the unifying nature of GPL. The proprietary forks for most successful projects are doomed to die, due to the lack of the very things which make their mainline a success. It is a living tree which only sprouts dead branches - an enormous waste of manpower thanks to short term myopia.
Adoption: In this context, it would be good to remember that something as popular as Firefox is dual-licensed under GPL version 2 or *later*. As far as the world of code is concerned nearly all of that is as good as GPL v3'd, after the first commit which says "version 3 or later".
Freedoms: There have been too many comments of companies like Tivo and others who abide by the legalese, but violate the spirit of the license. But it serves some purpose to point out that the intention of the license upgrade was to plug some of the legal loopholes which have come up during the last half-decade. Those who shall suffer are those who have been exploiting those loopholes.
Essentially, the license makes no pretence about the freedoms it tries to protect - the users'. In turn, it does protect the developers who in conjunction with the former, makes up the community - from underhanded attacks by for-profit redistributors. Basically, there are people who will lose out due to the changes, but it somehow looks as though the license is slanted the right way for Joe Hacker - both for individual gain and altruism.--
The difference between the Mafia and an insurance agency is that the latter doesn't burn down your house if you don't pay.