Commentary

OSCON 2014: Is Open Source Dead?

Posted on by tarus

After visiting OSCON this year, I have to ask myself: is open source dead?

I don’t mean open source software. Software published under licenses approved by the OSI is booming. What I mean is the ideal of open source software, that people would get together to build collaborative applications that would be given away for free.

I’ve never been a fan of software in an of itself. I’ve always looked toward software for what it can allow me to do. I don’t care about spreadsheets unless they help me manage my company. I don’t care about word processors beyond their ability to allow me to express my thoughts. Even games can be judged on how well they allow me to escape into them. So I don’t see “software” as a product – it’s the thing that helps me make the product.

It seems that open source applications have all but disappeared. What’s doing very well are open source libraries and languages that allow people to build proprietary products. Take a look at the biggest sponsors of OSCON. There’s Bluehost, a hosting provider “built on open source technologies”. There’s Paypal, “using open source foundations in their technology stacks”. The list continues: Citrix, Google, HP, Github, Microsoft and Rackspace. Of all of those, only Github strikes me as an open source company. The others are using open source technologies but to build closed products. The “open” has come to mean “open protocols” more than “open source”.

Is this a bad thing? I really don’t know.

If you look at the sponsor page, you’ll see “We’re Hiring” banners next to the names of many of the companies. Being fluent in open source technologies is a good way to get a job, and seems to be the primary reason many of the companies were there in the first place.

The only large truly open source company I know of, Red Hat, was there, but in a little bitty booth. There are still a lot of “open core” companies represented: those companies that provide a feature limited version of their products under an open source license but charge for the full featured one. While I think this is a bad thing, they seem to be doing well.

Is it because no one cares anymore? This saddens me.

There seems to be a lack of concern about the lock-in that comes with proprietary software, even more so than in years past. There is a huge gold rush to provide software as a service (SaaS) offerings, but no one is caring about security or portability. A lot of the business models of these SaaS companies directly involves analytics of their users. Was anyone in the tech world really surprised when it was revealed that Facebook was experimenting on its user base? Yet people seem to be in a rush to turn over their most important information to third parties. Even at OSCON, the premier open source conference, most of the people wandered around with Macbooks and iPhones.

So, open source is really succeeding in core technologies such as libraries and languages but fails at the end user application level. I think part of it is the lack of a good business model. People are more than willing to pay exorbitant amounts of money for software licenses but are loathe to pay for an open source support contract. I also think that it fails when it comes to usability. Without the business model, there just aren’t the resources available to make a lot of the software accessible to the casual technical user and much less to the Muggles. Heck, even Apple, which did such a good job with Time Machine, has pretty much moved backup from the user space to iCloud.

This doesn’t mean that I’ve given up on open source. I still use a Linux Mint desktop and an Android phone running OmniROM. Almost all of the software I use is open source, but even I have to admit that in many cases the stuff I use isn’t ready for the basic user. But I may have to rethink my relationship to the term “open source”.

This post may sound like I’m really down, but I’m not. I’m actually kind of upbeat overall. And I really enjoyed the short amount of time I spent at OSCON. While not as open source-y as I might like, this is one of the few times a year I can be assured of running into a lot of cool people I’ve met over the years. When I arrived at the exhibit hall, I made a beeline for the unfashionable booths in the back and toward the left known as the “Nonprofit Pavilion” or as I like to call it, the “Geek Ghetto”. It’s pretty cool that some commercial shows like this offer free booths, but one must realize that they don’t include things like carpet padding, power or Internet access. I know a couple of projects that got booths next to each other so they could share.

The first booth I stopped at was the Software Freedom Conservancy booth where I got to see Bradley Kuhn and Karen Sandler for the first time in over a year, and I got to meet Marc Delisle, the maintainer of phpMyAdmin. They seem to be doing well and the list of Conservancy projects keeps growing. While I was there, open source guru Stormy Peters stopped by, as well as Deb Nicholson from the Open Invention Network.

I also was happy to see the LibreOffice booth. That is one project that really does try to do a fully open source application and they seem to be succeeding (I use it every day). Back when I was a Mac user I started using Keynote and Pages until I realized that the stuff I was creating was going to be tied to Apple forever. To my knowledge none of the Microsoft Office or iWork stuff support an open format, but maybe that will change now that the UK government has formally adopted ODF as their standard.

While interest in open source applications is waning, it is fun to see the open source spirit is still alive in projects other than software. I met Kevin from Free Geek, a non-profit that started in Portland but has grown to over ten other cities. Free Geek recycles technology and provides training for a variety of disciplines including computer hardware, software and even lock picking (who knows when you’ll get locked out of the server closet).

Something I don’t believe they had at OSCON last time was an “open hardware” section. I got to play with a beagleboard which is used by Prof. Thomas Bewley in his robotics classes as UCSD. I’m kind of jealous at all the new toys college students get to play with these days, for credit even.

One project is to create a balancing, two-wheeled robot. The one I played with was managed with a radio controller, and it was quite robust, even when I purposely drove it into other things (people, other robots).

On the opposite corner of the hall from the Geek Ghetto were the booths of some of the smaller open source projects with more commercial backing. The Red Hat booth was over there, and it was nice to run into Greg DeKoenigsberg at the Anisible booth. I met Greg when he was at Red Hat and it was also nice to see a local face (he’s nearby in Durham). Anisible seems to be a pretty cool project and I loved the tweet from an emphatic user who said “If a vegan, Crossfit, Anisible enthusiast meets you, what do they talk about first?”.

Speaking of meeting people, I got to chat with Erica Brescia over at the Bitnami booth, and later on ran into Jono Bacon and Stephen Walli. We ended up at Baileys along with Chris Aniszczyk from Twitter and some others, but as they say, what happens in Portland stays in Portland, so no pictures.

Plus, you really, really don’t want to know about that evening’s particular discussion. Ah, good times.

30 Years

Posted on by tarus

I missed noting it, but 30 years ago on Saturday, June 9th, 1984 I graduated in the third graduating class of the North Carolina School of Science and Mathematics. It was an amazing two years and I’m happy to say that I’m still in touch with many of the people I met there.

The speaker at my graduation was Ron McNair, the first African-American astronaut. Earlier that year, in February, I got to see him launched into space on Space Shuttle mission STS-41-B. Unfortunately, he was one of the seven people killed in the Challenger disaster a couple of year later.

While most people, I would assume, don’t remember the speech given at their high school graduation, I remember him talking about daring to be “a flea weight in a heavy weight world”. I took those words to heart and it is one of the reasons OpenNMS is able to challenge products from the likes of HP and IBM.

I should note that on Sunday, June 10th, 1984, I started working as a machine operator in a plastics injection molding plant in Asheboro, NC. In retrospect, it wouldn’t have hurt me to take a day off but I guess that just how we open source geeks roll.

(grin)

Trust and the Internet of Things

Posted on by tarus

One of the main things we are focusing on at Dev Jam is scalability. The goal of OpenNMS has always been to become the de facto management platform of choice for everyone, and as more and more things become connected to the Internet, scalability will be a huge issue. It’s one thing to monitor a drink machine and quite a different thing to monitor millions of them.

The main performance bottleneck in OpenNMS has always been the storage of time series data. While much of it can be addressed via hardware, we realized we needed a write-optimized system that could perform at scale. The result of that work, lead by Eric Evans, is NewTS, the New Time Series database built on Cassandra.

As a left leaning libertarian, I’m really concerned about the privacy issues of the Internet of Things. One of the reasons I work on OpenNMS is to insure that the best platform for managing this data is also one that can be privately owned. It will be the end user’s choice one how that data is stored and shared.

Yesterday Apple announced a number of new initiatives at their WWDC keynote. These included iHome, a home automation platform, and iHealth, a platform for gathering personal biometric data. Among the new shiny was a total lack of concern about privacy. An example given was an integration between iHome and Siri, where you could tell Siri “I’m going to bed” and certain actions would happen. What people tend to forget is that almost all of Siri’s processing is done on Apple servers, and if you tell Siri you are going to bed, you are also telling Apple and who knows who else. The potential for 1984-like abuse is there, and it will be up to Apple users to either trust Apple or do without.

But does this have to be the case? Do users have to give up privacy or blindly trust in third parties in order to access useful technology?

I don’t think so.

The technology is there, and I believe eventually society will demand it.

One of the oldest examples of such technology is public key encryption. It’s a beautiful system, and while the encryption aspect is important, so is the ability to digitally “sign” things. What’s brilliant about it is that no personal information has to be given up – if one trusts the key then one can trust the signature even without knowing who signed it, and third parties can verify the signature as well.

I am eagerly awaiting the release of the Angel open source health sensor. I have a strong interest in tracking my personal health data, but I also don’t want to share it with a third party unless I choose to do so. None of the popular sensors, to my knowledge, have the option of keeping that data private if you want it to be useful.

So I’m constantly on the lookout for companies and products that “get it”, that understand my desire to only share the information I choose. I want to be marketed to, show me cool things I’m interested in, but on my terms.

One company I recently came across is called Personagraph. On the surface it appears to be another analytics company, but if you dig deeper you can find that they have a strong interest in personal privacy. I learned about them on one of my recent trips to Silicon Valley, but I had to dig to find references that reflect what I was told.

Of their three main products, I’m really drawn to PG Protect. The idea is as follows:

Let’s say that I have an application that collects several hundred metrics about me. For example, totally as a mind experiment, assume that I like to watch The Big Bang Theory in the nude while eating popsicles. I might not want to share the nudity aspect with anyone, but I am okay with letting people know I like the show and that I like popsicles. In a traditional marketing application, I would need to reveal these things to a third party, which would in turn sell them to interested companies.

But what if instead of individual metrics, some sort of aggregate score was created from my likes and interests, and that anonymous score was the only thing that was presented to the third party? They might be looking for people who score high on a number of metrics and yet they could be matched with me without knowing exactly which metrics I trigger. I could then be presented with offers and ads, and then the choice could be up to me if I want to engage. Speaking of “engage”, a product like Personagraph’s PG Engage could be used by the company doing the marketing to see how well their campaign was doing, without having to know any personal information about me.

Pretty cool, huh? What I like about their products is that they provide trust without having you to take it on faith.

Unfortunately, it’s hard to get the privacy angle from their website. I did find a little YouTube ad that touches on it:

but the real meat can be found in this white paper. If you care about privacy, I encourage you to check it out as well as to make sure the companies providing the products and services you use are aware that privacy is important to you.

STUIv2: Focus on the Network

Posted on by tarus

One of the things that really makes me angry is when critics of open source claim that open source doesn’t innovate, despite the fact that the very business model is incredibly innovative and probably the most disruptive thing to happen to the software industry since its inception.

Another example of innovation is in the new network visualization (mapping) software coming in the next release of OpenNMS.

I have been a vocal critic of maps for years. It stems from a time when I was working at a client during the first Internet bubble and my job was pretty much to spend several hours a day moving icons into container objects on the OpenView map. It was mind-numbingly dull work that returned little value. Most experienced network and systems managers move away from maps early on, but often the bosses who tend to make the buying decisions demand it as part of any solution.

Now, I’ve seen “cool” maps so it’s not that maps aren’t cool, it’s just that they tend to require more work to make cool than they save by being useful.

That is about to change with the new OpenNMS Semantic Topology User Interface (STUI).

Before I talk about that, I should mention that OpenNMS has a map. In fact it has a number of them. The first one was built for the Carabinieri in Italy who liked OpenNMS but wanted it to have something like OpenView’s map. Now called the “SVG” map, and it does its job well, as well as any map of that type can.

Then when we built the remote poller we needed a way to represent the pollers’ location geographically, and thus the “distributed” map was born. People liked the geographical representation, so we made it available to all nodes and not just remote pollers with the “geographical” map.

None of this work was really innovative, map-wise. But we started to depart from the norm with the topology map introduced in 1.12.

The topology map was novel in that it lets the user determine the topology to view. By default OpenNMS ships two different topology APIS. One is based on level 2 connections discovered by the “linkd” process, and the other is based on VMWare data showing the relationship between a host machine and its guest operating systems, as well as any network attached storage.

But it doesn’t have to stop there. In JunOS Space, Juniper is able to show connection data through all of its devices by using the API. Any other source of topology data and business intelligence can be added to the OpenNMS system.

However, me, the map hater, still wasn’t sold. While it is fine for smaller networks, what happens when you enter into the realm of tens of thousands of devices? We eventually see OpenNMS as being the platform for managing the Internet of Things, and any type of map we create will have to scale to huge numbers of devices.

Thus the team created the new topology map (STUIv2), available in 1.13 and coming in the next stable OpenNMS release. The key to this implementation is that you can add and remove “focus” from the map. This lets you quickly zoom in to the area of the map that is actually of interest, and then you can navigate around it quickly to both understand network outages as well as to see their impact.

While I like words, it’s probably better if you just check out the video that David created. It’s 20 minutes long and the first ten minutes cover “what has gone before” so if you are pressed for time, jump to the ten minute mark and follow it from there.

I like the fact that the video shows you the workflow from the main UI to the map, but then shows you how you can manage things from the map back to the main UI.

Note that I had nothing to do with this map. I often say that my only true talent is attracting amazing people to work with me, and this just drives that point home.

While I’m still not sold on maps, I am warming up to this one. I got goose bumps around minute 16:45 and then again at 17:30.

It’s great, innovative work and I’m excited to see what the community will do with this new tool.

Milgram's Experiment

Posted on by tarus

I returned home from a trip to England yesterday through London’s Heathrow Airport, and once again I was delayed by airport security. The experience reminded me of the Milgram Experiment, a famous study on how people respond to authority.

In the experiment, there were three roles: a researcher, a student and a teacher. While both the student and the teacher were introduced as volunteers, the true subject of the study was the person in the teacher role, who was given monetary reward to participate ($4 in 1961 or about $31 today). The researcher would explain that the purpose of the study was to explore the affects of negative reinforcement on learning. The teacher would read questions and should the student end up getting a answer wrong, it was the duty of the teacher to administer an electric shock. The strength of the shock would be increased if the student continued to answer questions incorrectly. The subject in the teacher role would be given an example shock at the lowest level before the experiment began.

I was introduced to the experiment in school through a black and white film called Obedience. It must have been in middle school, since I distinctly remember it as a film and not a VCR tape, which is what we had in high school. I can remember sitting in a dark room listening to the whirr of the projector as we watched the results of the experiment.

The teacher and student were separated, and the true subject of the experiment was seated in front of a console with numerous switches. Each switch was supposed to represent a level of shock, from mild shocks in the “green” area on the left side of the console up to extremely strong shocks in the “red” and finally “black” area on the right side (and yes I have no idea why I still see that panel in color when it was a black and white film – perhaps it was described). Now no actual shocks were administered to the student. Instead the panel was tied to a tape recorder that would play back the “student’s” responses. As the shock level increased, the recorded responses would get more desperate, often pleading for the experiment to end. In some variations, the confederate in the student role would even bang on the wall separating them from the teacher. Eventually, the pleading would simply end and be met with silence.

What Milgram found was that a high number of the subjects would be willing to administer shocks at the highest level as long as the researcher told them to do it. One should really experience this film because I was horrified when I saw it. Most of the people, while expressing concern, continued to press the buttons, and I can remember actually crying when one of the subjects simply refused to continue after administering the lowest shock – he was the only one to stand up to the man in the lab coat (at least in the film).

The movie had a strong impact on me and my personal philosophy, and Peter Gabriel even wrote a song about it called Milgram’s 37 with the repeating lyric “We do what we’re told.”

So what reminded me of this experiment at an airport? I’m glad you asked.

I suffer from an eye condition that requires me to put saline solution in my eyes periodically. This becomes more of an issue when I fly due to the dry air in airplanes. Unfortunately, I have to use a special sterile, preservative-free solution that only comes in 118 mL (4 oz) bottles. The bottles are sealed to prevent contamination.

Back when I had only two of my three readers, I ran into a problem transferring at LHR on a trip to Portugal. The liquid limit in Europe is 100mL and they refused to let me through the airport with my solution (even though it is stamped with “TSA Approved” on the bottle). I would say about 50% of the time when traveling internationally someone spots the bottle, but in every single airport outside of Heathrow, including Bangkok and Dubai, the security people have accepted my explanation and let me take it through.

After my last problem at this airport, I sought out the policy that would allow me to take this liquid on the plane. I found this in regard to medicine on the Heathrow website:

Liquid, aerosol or gel medicines in containers over 100ml must be carried separately, together with supporting documentary proof of authenticity, such as a prescription or letter from your doctor.

I had my eye doctor write me a letter explaining the situation and I carry it with me when I travel. Luckily, I haven’t had to use it.

Until now.

As I was going through screening, the lady noted that my saline bottle was above the limit. They had also held my bag for additional screening (I travel with a lot of wires and they sometimes call it a “spaghetti bag”) so I told her that I could produce from that bag a letter from my doctor explaining that I needed that liquid for a medical reason and that it was only available in a 118mL bottle. She sat the bottle aside and called over a supervisor.

Mr. Bally Balkar (an STL or Service Team Leader) arrived and I dutifully showed him my letter. He seemed very confused, although the letter explained in detail why I needed the sterile solution in that particular container. He suggested, as did the lady the last time this happened, that I could go to Boots and get a smaller bottle. Apparently the English system of education tends to skip over the definition of “sterile” or maybe he was out that day. I patiently explained that the whole reason I didn’t do that in the first place, such as I do with other liquids, was due to the fact that the liquid both had to be sterile and could not contain preservatives, and I have neither the equipment nor the expertise to transfer it on my own, much less in the departure terminal of an airport.

He called over his supervisor, a Mr. Harry Singh (also an STL), who very solemnly examined my letter and then proceeded to suggest the same things Mr. Balkar had done. At this point I realized that despite my having followed the procedures for an exemption, there was no way that I was going to get that bottle (which, I should point out, only contained about 30mL of liquid at this time) on the plane. I decided to see if either Mr. Balkar or Mr. Singh possessed the ability to reason.

Me: I’m a little confused. I have followed the procedure. Why am I not allowed to carry this bottle on?

STL: Well, this letter doesn’t look like a prescription.

Me: The liquid itself is not prescribed. My use of this particular liquid is, however, necessary for the health of my eyes. And in the US you usually have to surrender the prescription when obtaining the medicine.

STL: But this is not a prescription.

Me: I understand that, but it is a letter signed by my doctor on official letterhead explaining why I need it. Isn’t that sufficient?

STL: But it is a year old.

Me: It’s dated April 15th, 2013, which makes it a little less than 11 months old, but as my condition hasn’t changed I didn’t see the need to bother my doctor for a new letter.

STL: (silence)

Me: I’m confused. You let the family ahead of me through with litres of baby formula and didn’t even swab it for chemical traces, yet you are saying that my doctor’s letter isn’t sufficient?

STL: Well, they were traveling with a baby.

Me: So you are saying that terrorists wouldn’t think to travel with a baby?

STL: (silence)

Me: Here, let me demonstrate the safety of this liquid. (I open the bottle and squirt a bit into my mouth). See?

Balkar: Oh, if you’ll finish that here we can let you go.

Me: (incredulous silence)

As I had now been at security for over 30 minutes and really wanted to leave, I settled for getting the names of the inspectors who denied me and I plan to file a complaint with the airport as well as with my airline. I am a frequent traveler through Heathrow but I’ll change airlines if this is not addressed. If anyone reading this knows of someone else who might be sympathetic to my story, say a UK government agency or a newspaper, please drop me a note with the contact details.

I both pity and fear men like Mr. Bally Balkar and Mr. Harry Singh. I pity their cowardice. In much like the subjects in the Milgram experiment, they were so afraid to make a mistake in the eyes of an authority figure that they would ignore overwhelming evidence that their actions were wrong.

I also fear them, as under a slightly different set of circumstances these are the men who drag families and children into vans in the middle of the night for “re-education”.

We do what we’re told.

Review: The Snowden Files

Posted on by tarus

As someone with very strong opinions of the illegal surveillance being performed by the NSA, I was eager to read the account of how they became exposed in The Snowden Files by Luke Harding. I highly recommend it to everyone, especially those people who believe the government exists at the will of the people and not the other way around.

Do note that the book is entitled The Snowden Files and not The Ed Snowden Story. While Edward Snowden does figure prominently, the book is much more about the Orwellian domestic spying machine his revelations describe than the man himself. It has a lot of detail on the NSA as well as organizations such as Britain’s GCHQ, massively funded by the NSA to spy on people both domestically and abroad.

Among my social circles, Snowden is a bit polarizing. There are those who think that he broke an oath when he used his position as a contractor at the NSA to obtain these documents and that the end didn’t justify the means. Other more public figures describe him as “a grandiose narcissist who deserves to be in prison“. However, most of my friends tend to believe, and this book demonstrates, that Snowden is a patriot in the truest sense of the word.

The Snowden portrayed by Harding is a rather humble and shy man. Nothing in this story indicates he is a narcissist. Perhaps his brief association with Wikileaks and Julian Assange (a narcissist of the first order) is where the idea comes from, but I think that NSA apologists feel more comfortable portraying him as a man acting in extreme self interest. If that were the case, he would have sold the information secretly and be living out his life in some warm paradise instead of remaining as a “guest” of the Russian government.

The only inflation of his position I found in this story was in the beginning when he describes himself as a “senior” member of the intelligence community. He was, in fact, a rather junior member, and the mere fact that he was able to acquire all of this extremely secret information just goes to demonstrate that the government can’t be trusted with it. I’m pretty much willing to forgive him for that, since had he prefaced his initial press contact with “yo, I’m a contracted sysadmin for the US government and happen to have a treasure trove of sensitive documents” he wouldn’t have been believed.

Critics will often cry that he should have used formal channels to express his unease. This book shows several examples of people who tried to do just that and found their lives ruined and their careers over. It is hard to trust in the system when people like James R. Clapper, the Director of National Intelligence, lies directly to Congress and not only still has his job but is not in prison.

While the book is written in a very “matter of fact” manner, parts of it read like a spy novel. One of the more surreal chapters deals with the forced destruction of computers at the London offices of The Guardian. Great Britain doesn’t have a written Constitution nor does it guarantee freedom of the press. So to avoid possible incarceration of Guardian staff, Two GCHQ agents named “Ian” and “Chris” arrive to oversee the physical demolition of the computers used to break the story (of course, The Guardian simply moved the operation to their US offices and while there were similar threats nothing at this level occurred).

Personally, I think Snowden’s greatest “crime” was embarrassing the powers that be. President Obama won his first term on a campaign to overturn the Constitutional abuses of his predecessor and Snowden demonstrated that he not only continued those policies but strengthened them. The British government in this affair comes across as not only petty but pretty much lap dogs to the US intelligence service, with US tax money going to fund the GCHQ. Congress is currently full of self-interested sheep who take being lied to in stride as long as they don’t look weak on “terrorism”. Basically, forget popular opinion, just don’t end up on Jon Stewart.

While I try very hard to avoid Godwin’s Law, perhaps I should mint Balog’s Law, a corollary where all discussions of national security abuses end up referencing Al-Qaida.

Often, power is referred to as a “structure”. In my experience it is much more fluid, and right now it is flowing into the hands of a small minority of people. I know from first hand experience that these people are way more concerned with their own wellbeing versus mine, regardless of the rhetoric they spout to the contrary, and the end result will be disastrous.

There are things you can do to make power flow in the other direction. In general these are things like shopping locally (the more self-sustaining a community is the less they can be influenced by central government) but concerning privacy in particular there are a number of steps you can take to make the NSA’s job more difficult.

Use encryption. It is easier than you think. There are a number of tools that can plug right into your e-mail client. I use Enigmail for Thunderbird. OS X Mail.app users should check out GPGMail. There is even GPG4Win for you Outlook users. Once installed and configured it can be pretty seamless to use. The biggest thing you lose is the ability to search your encrypted mail.

Use as much open source software as you can. The Snowden documents reveal that the NSA has been actively trying to both subvert encryption standards (making all of us less safe from foreign prying eyes) as well as to install backdoors into commercial software. This is much more difficult with open source. Even if, say, Canonical put in a backdoor to openssh-server into Ubuntu, someone would notice that the package they compiled had a different hash than the binary on the server, and an investigation would ensue. Even if you can’t make the jump to an open source desktop operating system, a lot of open source applications (think Firefox and Thunderbird) are available on proprietary platforms such as Windows and OS X.

Also, limit what you share. Remember that if you aren’t paying for the product, you are the product, so think twice about your Facebook habits. You can also learn about tools such as Tor that allow your Internet traffic to be somewhat anonymous. I also “sandbox” all of my Google activity within the Chrome browser but do most of my work in Firefox using Firefox Sync to coordinate with all of my devices.

To bring this somewhat “more rambling than usual” post to an end, I just want to point out that totalitarian societies do not happen overnight. Instead, there is a gradual erosion of personal freedoms until one day there is nothing left. Some people I’ve talked to about Snowden reply with “of course the government is spying on me”, in much they same way that getting groped at the airport is now “normal”.

It doesn’t have to be that way, and sometimes it takes brave people to point that out.

Review: Dell "Sputnik 3" Ubuntu Edition

Posted on by tarus

I’m in the market for a new laptop, or at least I was. My first generation Dell XPS 13 is getting a little long in the tooth and I really could use a little more screen real estate. I decided to order the latest third generation XPS 13 after trying out the second generation Lenovo X1 Carbon. After all, it has a nicer screen, Haswell, and since it still ships with Ubuntu 12.04 the hardware ought to be supported, at least with Linux Mint, my current desktop distro of choice.

When talking about laptops, it is hard to not make comparisons to Apple. While I think Macbooks are overpriced and too proprietary, they are nice machines and for the most part “just work”. I just wish I could buy something as good that runs Linux well.

The Sputnik 3 could have been that laptop but I had to send it back due to pretty severe LCD backlight “bleeding”, especially along the bottom edge. It was very apparent when I was booting up to install Mint, but my pictures don’t really do it justice. Here you can see a sort of “half moon” bleed on the left side:

and here is a similar area on the right:

Since I knew I couldn’t live with it, I decided to send it back and just stick with my older laptop awhile longer. While we have a small Macbook available to me that would probably run Mint just fine, I just can’t bring myself to use Apple products when they are so determined to use their marketing clout to prevent competition. I can’t go a day without reading about another example, such as the one I just read about Apple pulling a bitcoin app from their store.

I’d rather deal with “old shiny” than to give up my freedom like that.

Nagios News

Posted on by tarus

My friend Alex in Norway sent me a link to a Slashdot story about the Nagios plugin site being taken over by Ethan Galstad’s company Nagios Enterprises. From what I’ve read about the incident, it definitely sounds like it could have been handled better, and it points out one of the main flaws with the “fauxpensource” business strategy.

I assume that at least two of my three readers are familiar with Nagios, but for the one who isn’t, Nagios is one of the most popular tools for monitoring servers, and it has been around just as long as OpenNMS (the NetSaint project, the original name of Nagios, was registered on Sourceforge in January of 2000 while OpenNMS joined in March of that year). Its popularity is mainly based around how easy it is to extend its functionality through the use of user written scripts, or “plugins”, plus it is written in C which made it much easier for it to be included in Linux distributions. A quick Google search on “nagios” just returned 1.7 million hits to 400K for “opennms”
A few years ago Ethan decided to adopt a business model where he would hold back some of the code from the “core” project and he would charge people a commercial licensing fee to access that code (Nagios XI). If your business plan is based on a commercial software model, then your motivations toward your open source community change. In fact, that community can change, with projects such as Icinga deciding to fork Nagios rather than to continue to work within the Nagios project framework.

Enter the Nagios Plugins site.

To say that Nagios Plugins was instrumental to the success of the Nagios application would be an understatement. Back when I tracked such things, there were way more contributions of both new plugins and updates to existing plugins on that project than were given to the Nagios code itself. The plugins community is why Nagios is so popular in the first place, and it seems like they deserve some recognition for that effort.

Trademark issues within open source projects are always tricky. Over a decade ago a company in California started producing “OpenNMS for Mac”. Even though we had OpenNMS on OS X available through the fink project, it required a version of Java that wasn’t generally available to Mac users (just those in the developer program). However, that version was was required to allow OpenNMS to actually work at scale, but this company decided to remove all of the code that depended on it and to release their own version. Unfortunately, they called it “OpenNMS” which could cause a lot of market confusion. Suppose a reviewer tested that program, found it didn’t scale, and decided to pan the whole application. It would have a negative impact on the OpenNMS brand. After numerous attempts to explain this to the man responsible for the fork, I had to hire a lawyer to send a cease and desist order to get him to stop. It was not a happy experience for me. When you give your software away for free, the brand is your intellectual property and you need to protect it.

So I can understand Ethan’s desire to control the Nagios name (which is actually a little ironic since the switch from NetSaint to Nagios was done for similar reasons). He has a commercial software company to run and this site might lead people to check out the open source alternatives available. Since they are based on his product, the learning curve is not very steep and thus the cost to switch is low, and that could have a dramatic impact on his business plan and revenues.

At OpenNMS we treat our community differently. We license the OpenNMS trademark to the OpenNMS Foundation, an independent organization based in Europe that is both responsible for the annual Users Conference (coming to the UK in April) as well as creating the “Ask OpenNMS” site to provide a forum for the community to provide support to each other. They own their own domains and their own servers, and outside of an small initial contribution from the OpenNMS Group, they are self funded. Last year’s conference was awesome – the weather notwithstanding (it was cold and it snowed).

OpenNMS is different from Nagios in other key ways. At its heart, Nagios is a script management tool. The user plugins are great, but they don’t really scale. Almost all of the OpenNMS “checks” are integrated into the OpenNMS code and controlled via configuration files which gives users the flexibility of a plugin but much greater performance. For those functions that can’t be handled within OpenNMS, we teach in our training classes how to use the Net-SNMP “extend” function to provide secure, remote program execution that can scale. OpenNMS is a management application platform that allows enterprises and carriers to develop their own, highly custom, management solution, but at the cost of a higher learning curve than products such as Nagios.

Now that doesn’t make OpenNMS “better” than Nagios – it just makes it better for certain users and not for others (usually based on size). The best management solution is the one that works for you, and luckily for Nagios users there are a plethora of similar products to choose from which use the same plugins – which I believe is at the heart of this whole kerfuffle.

The part of the story that bothers me the most is the line “large parts of our web site were copied“. If this is true, that is unfortunate, and could result in a copyright claim from the plugins site.

To me, open source is a meritocracy – the person who does the work gets the recognition. It seems like the Nagios Plugins community has done a lot of work and now some of that recognition is being taken from them. That is the main injustice here.

It looks like they have it in hand with the new “Monitoring Plugins” site. Be sure to update your bookmarks and mailing list subscriptions, and lend your support to the projects that support you the most.

Steve Jobs is Dead and I Miss Him

Posted on by tarus

As much as I dislike Apple’s walled garden, I don’t impose my will on my teammates. If they are more productive using Apple equipment, so be it.

On Friday Seth mentioned that his laptop had been having issues since upgrading to Mavericks. Snow Leopard was fine, but now it would crash frequently, especially when it was cold (i.e. had not been running for awhile). Now the policy at OpenNMS is that everyone gets a brand new laptop when they come on as an employee and we always buy three years of service, so if anything goes wrong in those three years it gets fixed for free and then it’s time for a new laptop.

I asked Seth if he had taken it to the “Genius Bar” and he had, but they couldn’t find anything wrong with it running the test disk and since it was 30 days outside of Applecare so they wouldn’t explore it further without charging us for it. I hadn’t realized that his laptop was that old, so it was time to get him a new one.

We visited store.apple.com and configured a new one. Nothing special, just a 15-inch Macbook Pro with retina display, 16GB of RAM and the 512GB SSD (it’s ridiculous to pay an extra $500 for the 1TB disk). Unfortunately, it wasn’t scheduled to ship until November 22nd, and looking at availability at the stores nearby it also showed a November 22nd date.

This struck me as odd since the laptop had been out for awhile, so I called the Apple Store at Southpoint Shopping Center and talked to Christoph (not Chris – Christoph). I mentioned that I was a business owner and I needed a new laptop for one of my guys as soon as possible and what did he have in stock. Turns out the online store was wrong and they had several of the laptops Seth wanted on hand. Cool. I told him I was on my way and that I’d be there in about 30 minutes.

Now, I hadn’t been in an Apple Store in a long time, even longer since I’d made a purchase, and the first thing I noticed was the counter was gone. There used to be one counter about 20 feet from the door where you could run in, make a purchase and run out. After wandering around for a few minutes, I found a lady in a blue Apple shirt holding an iPad. I told her I had called ahead and talked to Christoph about a laptop I needed for one of my employees. She smiled, took my name, typed it into the iPad and said that there were a number of people in front of me so could I just “wait over there by the Macbook display”.

So for forty minutes or so I loitered near the counter listening to all of the people in front of me ask questions like “How does Facetime work?” when I knew exactly what I wanted and was ready to make a purchase. Luckily, there were a number of Ingress portals within range so at least I could hack them while I waited (and answer questions from Apple fanboys such as “What game is that?” with “it’s not for you”).

Finally it was my turn to get a sales associate. This is when it gets worse. He couldn’t find “OpenNMS” in the system and so he insisted on collecting all of my business information.

I asked “will this get me a discount?” No.

I asked “can you just you my Apple ID?” No.

(sigh)

Fifteen minutes later I was walking out of the store, fuming, with Seth’s new laptop. The whole process should have taken less than five minutes. Not only does it gall me that I had to waste an hour of my time just to turn over $3000 to a company I dislike, I couldn’t help but think that this wouldn’t have happened under Steve Jobs. He was a devotee of “form follows function” and he would have never let some fashion whim such as “no Apple Store shall have a counter” interfere with the purchasing process.

Now my hope is that I’ll never have to buy another Apple product for my team, but if I do, it surely won’t be through a walk-in store. This was one of the worst shopping experiences of my life, and definitely the worst one at that level of spend.

More Tidbits (or now I remember what I forgot)

Posted on by tarus

I remembered what I meant to write in the last post.

I’ve left LinkedIn. It used to be my favorite social network for business, but now they just seem to want to mine your contacts.

I was pretty unhappy when a coworker started spamming me from the service until I realized that they probably just got caught with that intro window that snarfs up their address book. However, the last straw was when I read about Intro which actually routes all of your e-mail through their servers.

Enough is enough.

By the way, I read about Intro and a number of other amazing things on my friend Barry’s new news blog If That Isn’t Nice I Don’t Know What Is. Add it to your RSS reader. You’ll be glad you did.