>>>>> "Lucas" == Lucas Nussbaum <lucas@debian.org> writes:
Lucas> Note that if you prefer not to frame this in the context of
Lucas> SWOT analysis, you can also answer the following four
Lucas> questions, which should result in basically the same
Lucas> information:
Thanks for giving me this option. I am not a huge fan of SWOT.
Lucas> * What are the main 2-4 strengths of Debian today?
We have a fairly comprehensive collection of free software that is a
wonderful distribution in and of itself and an amazingly powerful
building block.
We have great tools for doing building-block-like-things like
derivatives, building containers with good devops, building products
based on Debian.
We have a decentralized process that allows a lot of people to be
involved while having relatively limited coordination overhead. That is
developers and teams are relatively autonomous.
Lucas> * What are the main 2-4 weaknesses of Debian today?
Developers are relatively autonomous. It's hard to make sweeping
changes. It's hard to get consensus or decisions for these changes.
Some of our tools are showing their age.
When things require coordination it can add a lot of stop energy. I'm
thinking both of cross-team coordination, project-wide consensus
building, as well as simple coordination like me waiting for
dinstall/buildd/lintian/piuparts/ci/buildlog reports.
Lucas> * What are the main 2-4 external things happening in the
Lucas> world outside Debian, and that are "opportunities" for
Lucas> Debian?
What people need out of distributions is evolving. Userspace
containers, products like ostree, different ways of delivering and
thinking about the OS.
I think Debian has a lot to offer here: the wide variety of ways of
building Debian, our long usage of chroots, all make Debian useful to
prototype in these spaces. We're not doing a great job of taking
advantage of this opportunity, or at least it's not as obvious to me
that we are.
Linux and free software are more accepted than ever.
Privacy and security are on everyone's mind and are starting to be
things that more people begin to understand. We have good stories
there.
Lucas> * What are the main 2-4 external things happening in the
Lucas> world outside Debian, and that are "threats" for Debian?
There are a lot of application delivery strategies that don't focus on
the OS. We'll never package the entire npn ecosystem; people don't want
us to. I understand this threat overlaps with my first opportunity.
Companies are finding novel ways to use free software to create
proprietary walled gardens and trapping their users. Web services,
avoiding copyleft, combining free tools with proprietary tools in ways
that limit freedom, etc.
We don't have a good user strategy for hardware security. Assuming you
trust all the players, I think my phone has a better security model than
my Debian laptop. Companies are starting to care about that sort of
security: trusted supply chain, key management all the way back to the
hardware. Yes if I get open hardware, and I spend a lot of time on the
key management I can probably get something better. It's a lot more
work. For a lot of users freedom involves disabling secureboot, which
we're fixing. And yet the traditional desktop model is a lot weaker
than the Chromebook or phone models. And there, the free/hackable
solution is almost always turnoff all the security.
Attachment:
signature.asc
Description: PGP signature