by Sali Earls
Linux 2005, the annual conference of the UKUUG takes place in Swansea from 4-7 August, with papers to be delivered from all aspects of the community, from kernel development through networking and security to public sector usage.
This year's key speakers include Dave Miller of Red Hat, and Jamal Hadi Salim of Znyx Networks. Sali Earls managed to catch up with them for a few minutes to find out what they would be talking about at the conference, and their thoughts about some wider issues.
What will you be talking about in your paper at the conference?
Dave Miller: I'll be discussing recent developments in the Linux networking. In particular I'll discuss the evolution of our TCP Segmentation Offload infrastructure, which I've been concentrating on a bit recently. I'll also discuss an ongoing project wherein we're trying to make core data structures, such as "struct sk_buff" as small as possible to reduce bloat in the Linux networking.
I will also touch on other topics, mostly being handled by the other Linux networking developers. Things have been quite inspiring lately since the recent netconf2005 in Montreal.
Jamal Hadi Salim: I have two sessions actually; a networking tutorial that I am giving with others, which focuses on the traffic control features of Linux and in particular on the u32 classifier. My talk in the main sessions is about NAPI and the new challenges (and myths of course) that face us with newer faster processors and slower IO.
What attracted you to the conference programme?
JHS: UKUUG is one of the premier Linux conferences in the world. To present here is to add one more badge. Steve Whitehouse and I have also talked about this for some time. This year Steve caught me on time so I had no excuse.
Many businesses may be put off Open Source software due to the concern that the development and redistribution of the software could make it unsecure and unsupported, but what would you say to convince them otherwise, and what can be done to protect users?
DM: I think anyone that investigates proprietary products, will see how glacial the pace is in which they operate. Having all of your dirty laundry out in the open makes it more secure in the end because it gets more and more difficult to find holes to plug over time since people are constantly studying and auditing it.
People working inside companies on non-open software have to concentrate on implementing features with fixed deadlines, fixing bugs that are important to some big money customer, and things like this. Which means that these developers have next to no time to go around casually looking for holes in the source itself.
Even with the advent of incredible tools for automatic source code analysis, you still need a thousand monkeys scouring over the source to get good significant coverage.
Another thing that simply does not happen with non-open software are large refactoring and cleanups of code. Both of which usually make the code more maintainable and less bug prone. People working with fixed deadlines simply do not have the resources to do these kinds of things.
JHS: Lets address the support issue first. On the contrary, there's a lot more support in Linux than other OS's. And it's a lot "safer support" since you are not tied to one company for it.
The central model of 1800-call-sun is flawed or highly overhyped. You have to be able to "route" around failed support if you choose to; however, more importantly you want to avoid the doom of a failed support company.
Its very simple, Sun may be bought by MS tomorrow who will then decide no longer to support Solaris. This has happened before: the number one embedded system company a few years back was windriver; one morning they bought the second largest embedded system company doing an OS called PSOS and gave their customers a limited time to move over to vxworks. If you are trying to build a product that lasts 10 years, what cost would you put to being subjected to such misery?
This will never happen with Linux.
You can ask for support for support from the vegetable farmer (to exaggerate a little); what this means is your support cost is lower. And if you are business trying to put out a product, cutting down the support cost is very important.
The case for security is made by the freedom to look at the source if you need to without signing your life away to some closed company. I would safely guess in fact that there are a lot more people fixing security problems in Linux than any other OS. It is a known fact that security issues are resolved much faster on Linux than any other OS. IIRC, Alan Cox fixed the ping of death security bug five minutes after it was advertised, to give you some measure.
How do you think business users could benefit from adopting Open Source technologies over proprietary software?
JHS: Many ways but what comes to mind for me right now is the lowered costs both in the short term because you don't have to barter an appendage of your body to pay for exorbitant licensing fees as well as in the long term because you are not tied to one central authority for bug fixes, maintanance and support. Cost is the number one requirement these days and trumps any other issue in my view (given the globalization and trends to outsource).
As an example, it will be intriguing to see how much MS will charge you if you really were to buy the source code from them because you want to buy insurance that you could fix a bug 10 years down the road.
With a few notable exceptions, most Open Source software is not as full-featured as commercial software. Do you see this changing or will business always have to compromise with Open
Source?
JHS: I have to say, clearly in the area I hang around (networking), Linux is always the leader - others follow. It may be one of the notable exceptions that you refer to.
In any other areas, it typically is an issue of time and interest. If you put enough pressure on vendors, they will deliver missing gaps. As a customer of a specific application or hardware it does help to express your desires for Linux support of said application or hardware.
Do you believe that having more than one desktop environment for Linux causes fragmentation and duplication of development and thus contributes to the slow progress being made with
Linux for desktops?
JHS: Not at all - it's always healthy to have competition.
Do you feel that Open Source software a threat to the traditional business model?
JHS: If you look at the big picture - it is.
Traditional business models are based on robber baron mentalities which are akin to leasing a piece of land from the government for 99 years then renting out pieces of it to the railway company; small towns around your land start flourishing and you just go around collecting rent. This is unfortunately also the same way the modern patent system is modelled after (and is why it is wrong to begin with). It is also the basis for classical business models which depend on collecting royalties (read: rent) that even some of the more foolish Embedded Linux vendors are putting out to the VCs to get money.
Open source puts innovation first; landlord mentality doesn't work.
So while you may be a leader in a specific area today, it forces / encourages you to continuously innovate to stay in that leadership position. You can still win by having the right market channels, but it's a less stronger position.
The US seems to be way ahead of the UK and Europe in terms of open source development and adoption - why do you think this is the case, and what can be done to level the playing field?
DM: It's probably a largely cultural issue. I find the same kind of thing happening in Asian countries. I can't even count on my hands the number of very active native Asian developers active in the Linux kernel community.
When people submit changes to the Linux kernel, it happens publicly and people are going to find problems and holes in your work. The Asian mindset doesn't handle this directed and focused criticism very well. Rather than being perceived as positive help, it is instead seen as a loss of face for the developer, and on a larger scale a loss of face for the group or organization that developer is a part of.
Some folks have gotten past this, but they are definitely in the minority. Most have given up on direct submissions and use other people to submit their work as a liaison of sorts.
So, the point I'm trying to make is that the UK and Europe lack of adoption is probably some deeply root cultural issue as well. Although I might argue against the "Europe" aspect, as for example Germany seems to be doing very well in this regard.
JHS: I am from Canada myself so I can't answer the question fairly - I have to say I am surprised to hear that Europe is behind.
We have a lot of good technical people in Linux from Europe, UK, Wales - Alan Cox needs special mention since he is in fact from Swansea, and not to belittle any of the others.
It's time you get more business people to get involved. I think what is needed is more businesses to be successful in putting out products that are Linux based. That's typically a good way to get people with money to invest.
Find out more about Linux 2005, and book your place at www.ukuug.org/events/linux2005.