ernest.park's blog

FOSSBazaar is no longer being updated. The information on this site is preserved for your convenience but may be out of date. Please visit Linux Foundation's Open Compliance Program for current information and activities.

Software 101: Open Source vs. Free Software Movement

ernest.park's picture

While both the Open Source software as well as the Free Software Movement has been in existence for quite some time now, some of you may be wondering, what's the difference? Don't both ideas basically proclaim free software for all? While some may see both ideas basically reach the same conclusion of free software for everyone, philosophically the ideas are very different.

License Proliferation - Less is More, One is Best

ernest.park's picture
Chris DiBona from Google suffered the slings and arrows of the OSS community when he rejected the AGPLv3 license for Google Code repository, citing license proliferation as one of hte reasons. Looking back, Chris challenged the wisdom of OSI years ago when he was on their board, still at the time fighting against yet another license.
An open source software license is specifically a copyright focused on types of use permitted for electronic media.
By introducing yet another license, it create more complexity to explain, understand, and enforce the use of software governed by these licenses.
The reality is that lack of clarity and confusing, or internally contradictory terms, makes the license potentially limited in worth, as the cost to actually enforce that license increases.

2008: The Risk Report - FOSS

ernest.park's picture

2008: The Risk Report

The Research Group has developed tools that objectivelytrack and report on operational risk associated with software applications,operating systems and hardware.I have seen a number of "Most Risky" lists that seem to besubjective and crafted by nothing more than a few Google searches and apopularity contest. 

Top 25 FOSS

Quality Matters - What are we willing to do for it

ernest.park's picture

While I started writing this in response to, but seemd to warrant a separate post.

FOSS users are becoming increasingly apathetic regarding the proactive management of software obtained for nominal cost. The recent Debian example comes to mind, where for an extended period of time,  OpenSSL within it had been modified with a code checking tool. Such modification removed a programmatic element important to the generation of the key, such that the total possible key combinations were effectively reduced to a fraction of the total unbroken possibilities. This problem existed for nearly two years, with countless users depending on the code, using vendor solutions to test for the same things, and yet this went undetected.