Instilling Doubt

A pretty insightful comment coming from an anonymous poster (in the comments section),

I always wonder about these Linux puff articles — what motivates the writers to pimp OSs that any experienced person knows will be nosebleeds for 90%+ of the novices trying to do a real, complete migration from XP?

Linux never has been, nor will it ever be, an effortless turn-key OS for all-purpose desktop (let alone laptop!). Ubuntu is an improvement, but it’s still Linux — which, if you consider the costs of replacing unsupported hardware and your time struggling with setup at about two cents an hour, is the most lavishly expensive OS ever devised.

I’ve been screwing around with Ubuntu 5.04 for about five months, all but living on the official support forum, which provides — at best! — solutions for only about a quarter of the hardware and software problems I’ve encountered, and there are tons of them.

When 5.10 was released, the forum exploded with bug reports from those who had upgraded from 5.04 and found they had major-to-fatal problems.

I’ve tried to install 5.10 on my new laptop, but the VIA video is not supported, nor is the RaLink wireless, nor WPA authentication…etc., etc., etc.

If you want to spend the rest of your life talking with geeks (and in the process learn that OS advocacy is best understood as a psychiatric symptom above all else) and trying out an infinite number of kludges, you can get a lot of these problems worked out (more or less), but what you normally wind up doing is succumbing to what I call “Linux disfunction drift,” eliminating tasks that you used to do in Windows because your Linux distro won’t do them, or support the hardware you needed to do them.

Slashdot comes through for once: on the viability of open source “business”

There’s also a larger problem with this approach – it sucks for small companies trying to become bigger.

If you are only able to profit off of service contracts, you can’t ‘write once, reach many’ like you can with COTS software. Moreover, companies like IBM and Novell which have large established sales and service teams will win all the larger contracts.

If you write a great peice of software, and then have to sell, educate the customer AND hire/train all the workforce, how much time are you going to have to devote to Rev. 2 of your world beating product?

Whenever folks talk about OSS in the context of markets, I think it should be with a jaundiced eye towards our “helpmates” at IBM, Novell, SAP/MySQL and Sun.

Ultimately, IBM et al are about making money for shareholders, if they didn’t see that as the likley outcome, they would not be out there pimping OSS.

I think a world where software is only ‘sold’ in the context of a service contract is bad for the next great idea. OSS is great in its place, but to preclude software for sale isn’t the answer.

The truth hurts for Free Software zealots, but it’s the truth.

Free Software isn’t about eliminating proprietary software, at least it shouldn’t be. It should be about developing a free system for development, learning, and sharing, because we can.

The MDI Plague and Window Management Woes

There is a nice article on Wikipedia that discusses the multiple document interface, a horrible hack that took hold in the Windows world to deal with the fact that Microsoft’s default window manager was inadequate to handle multiple windows existing under the same application.

I think Mac OS/OS X handles the MDI plague best by simply grouping all application windows under a single application class, with a single menubar. But usability experts have debated whether that makes the most sense, since the menubar can change, for example, depending on what window is in focus. I think users get used to that, and it also allows the menubar to be as long as necessary while the window can remain as small as necessary. That’s a nice win.

However, given our current model on *nix/Windows of menubars for every reasonably complex window, and given the lack of the MDI hack in GTK+, we do have a mess for applications that need more than one window to operate properly, i.e. Glade and The Gimp.

What I’ve been doing is giving these programs their own workspace as a workaround. That seems quite greedy of them, and indeed it is. What’s more, however, is that it’s unusable. Even when I switch to my Glade workspace, I see 4 windows in my taskbar, each with the same icon and with the following names: “Glade: h2h”, “Properties: image95”, “Widget Tree”, “h2h”. The first three are actually part of the Glade window class, and if I enable Metacity’s taskbar grouping, I see them as part of the same group. The last one, however, is just my actual window, and so is separate.

This is good–but I only get some form of usability when I actually enable window grouping. The thing is, in Metacity you can’t enable window grouping on a per-application basis. It’s all, sometimes, or nothing. Sometimes means metacity only groups windows when I’m running out of space. Otherwise it’s either on or off.

The thing is, grouping isn’t just about space saving. It’s about being able to perform window manager operations on a group of windows, i.e minimize all and maximize all.

This doesn’t even solve all problems: alt+tab still shows me all 4 glade windows, which can be quite confusing since only one comes into focus at a time. But that’s a separate issue, separate debate.

Wouldn’t it be nice if instead of Metacity just “figuring out” when to group my windows together, it let me just press a hotkey “Group all X windows on this workspace”, where X is the application I’m currently in?

I’ve decided this feature is so valuable, I may just hack metacity to add it. It will at least provide a path for solving the MDI nonsense.

Update: check out these screenies of a “different” approach to MDI written in GTK. It’s called GTK ADI.

Met Runar, Discussed Software

I met with Runar (he’ll have a blog soon, I swear) today, and we discussed open source, Python, and all related goodness over coffee and vegetarian lunch free-riding on the ‘sNice wireless network.

We spent about 3 hours there, just talking about Runar’s project, “sqlstring”, my ideas about inferred typing and static source code analysis in Python, Python’s niceness in general, user interface toolkits, AJAX being a big, nasty hack, and web application frameworks in Java and Python. Our discussion really degrenerated into praise of vim once we discovered that we were both happy users. Text editors really bring people together.

Runar kind of convinced me that trying to infer all the types of objects is very “unpythonic,” which I guess is true since it discourages the crazy stuff you can do with Python. Maybe the best thing to do is judiciously eval code, as was my original impulse for getting nice completion out of Python? Not sure.

Or maybe I should just give up the idea and accept the fact that vim plus ipython is just about as good as it gets. That seems like a cop-out, though.

Regardless, Runar seemed somewhat willing (only half-willing) perhaps to give a small talk for Free Coders on Python, I’ll see if I can convince him that it’ll be fun. I suppose I could give the talk myself, but I already do all the talkin’.

User interfaces with GTK+ and Glade

I’ve been hacking up a user interface for my motion capture/computer vision project called “Hand2Hand,” found here.

At first I was gonna do the user interface in Python and have the image processing done in C, but then I decided that the user interface was simple enough that I should just give GTK+ in “pure C” form a try. Of course, I used Glade, which drastically reduces the amount of annoying code for things like Vboxes and Hboxes and Containers you have to write. In fact, using Glade, interface design becomes somewhat straightforward in C. Which is weird, because C seems like it was never built for user interface design, but the g_signal system makes it easy to catch events that occur in your program, and GTK+ is high enough abstracted that you can do pretty well. I don’t know how well GTK+ scales for large programs (i.e. many dialogs, many lists, etc.)–in that case, I think I’d definitely pick a higher level language.

Looking forward to how this application may turn out. OpenCV looks like a pretty awesome library.

Annotated and Hyperlinked Notes on Professor Dewar’s talk on Software Copyrights, Patents and Free Software

Below are a few notes I took at Professor Dewar’s talk the day before yesterday. I also annotated them a bit with relevant hyperlinks.

When I find a copy of Dewar’s slides posted online, I’ll link to those as well.

  • Libertarian thought: property rights are central. If you regard ideas as property, Ayn Rand’s position isn’t surprising.
  • Jefferson: private letter to Isaac McPherson 1813. “He who receives an idea from me, receives instruction himself without lessening mine; as he who lights his taper at mine, receives light without darkening me.”
  • Jefferson faction won on this issue, Intellectual Property Clause.
  • Copyright extension case, now life + 90 years.
  • England: history of copyright, fundamental moral right?
  • Software: special case of copyright infringement and trade secret violation simultaneously!
  • Computer Associates vs. Altai (source vs. object code copyrights, interesting read here).
  • Borland copying a macro language (interesting, if old, article by an MIT student), Supreme Court.
  • Derived works: fair use provisions. But fair use goes to juries, and it’s very vague.
  • Software will never fall into public domain, due to perpetual derived works.
  • Patent an invention, but not an idea, but in practice you can patent either. Europe turned down this law.
  • “Obvious” patents. Juries can’t really judge how obvious they are.
  • You can copyright a non-obvious combination of obvious ideas. Intermittent wind shield wipers.
  • Does a program express inventions and ideas? Is software is distinct from physical stuff?
  • Big risk for free software–patents can ask for damages. And patent is secret until it’s granted (this may not be true, I can’t really tell for sure: “To protect your privacy, we suggest that you delete such information from any documentation you send the office. Alternatively, you may request that the submissions be kept out of the public file, if appropriate. (See MPEP Sections 724. 02 to 724.06.) Please remember that all patent application files are published and made available to the public 18 months from the filing date, unless a non-publication request is made in the application. Additionally, all patented application files will become available to the public upon the grant of the patent.”).
  • Open Source business model can work–selling support and services, while keeping code GPLed.

Outfoxed and trust networks, revisted

I think everyone should revisit Outfoxed, if you’re interested in a truly interesting new approach to bookmarking and web browsing that actually takes advantage of all this “Web 2.0” hype and nonsense.

I just mentioned this to Free Coders on the mailing list yesterday.

The application of “trust-based networks” is very wide. I think it’s the “trust” factor that makes eBay successful (perhaps even viable!). New services like Pandora and Last.fm recommend music by trusting that users who rate music are being honest. eBay users buy from trusted sellers by assuming that those who rate the sellers are honest. These assumptions may be fallible, but they’re better than nothing. And it’s only natural that this trend would spread to web browsing.

I think trust networks should be applied to political organizing, both to reduce risk of people showing up just to start trouble, and also to enhance the perceived value of a meeting based on the combined trust of its attendees. I’m going to think about this a bit more in the next few days.

(Meanwhile, I got in touch with Runar from the Google talk with Alex Martelli, who is working on an awesome library for Python called sqlstring. Check it out. I’ve also been thinking about expanding on my earlier ideas on Python inferred types; we’ll see if I find the time.)

Found out how I got hacked originally

I run a tool on my server which creates charts based on basic server vitals, like free disk space and CPU load averages.

It’s called cacti, and it’s great.

Except, apparently this security hole allowed the hacker who originally broke into my server to get in. He was able to execute arbitrary commands via the good old URL string hack. (He did the same thing as is described in there: wget’ed his own script which added a new user for himself and added him to sudoers, and then connected via ssh).

In my latest upgrades, I saw that this cacti bug’s been fixed.

Scary stuff. Computer security, these days. How does a php script have code which can run an arbitrary command? My Java Servlets never have a way to run command line apps by way of specific arguments in the URL string. Sigh. In *nix we may have [basically] all-or-nothing security (that is, if you discount ACL support)–but knowing this, please prefer “nothing” to “all”, for crying out loud!