>>>>> "Lucas" == Lucas Nussbaum <lucas@debian.org> writes: Lucas> Note that if you prefer not to frame this in the context of Lucas> SWOT analysis, you can also answer the following four Lucas> questions, which should result in basically the same Lucas> information: Thanks for giving me this option. I am not a huge fan of SWOT. Lucas> * What are the main 2-4 strengths of Debian today? We have a fairly comprehensive collection of free software that is a wonderful distribution in and of itself and an amazingly powerful building block. We have great tools for doing building-block-like-things like derivatives, building containers with good devops, building products based on Debian. We have a decentralized process that allows a lot of people to be involved while having relatively limited coordination overhead. That is developers and teams are relatively autonomous. Lucas> * What are the main 2-4 weaknesses of Debian today? Developers are relatively autonomous. It's hard to make sweeping changes. It's hard to get consensus or decisions for these changes. Some of our tools are showing their age. When things require coordination it can add a lot of stop energy. I'm thinking both of cross-team coordination, project-wide consensus building, as well as simple coordination like me waiting for dinstall/buildd/lintian/piuparts/ci/buildlog reports. Lucas> * What are the main 2-4 external things happening in the Lucas> world outside Debian, and that are "opportunities" for Lucas> Debian? What people need out of distributions is evolving. Userspace containers, products like ostree, different ways of delivering and thinking about the OS. I think Debian has a lot to offer here: the wide variety of ways of building Debian, our long usage of chroots, all make Debian useful to prototype in these spaces. We're not doing a great job of taking advantage of this opportunity, or at least it's not as obvious to me that we are. Linux and free software are more accepted than ever. Privacy and security are on everyone's mind and are starting to be things that more people begin to understand. We have good stories there. Lucas> * What are the main 2-4 external things happening in the Lucas> world outside Debian, and that are "threats" for Debian? There are a lot of application delivery strategies that don't focus on the OS. We'll never package the entire npn ecosystem; people don't want us to. I understand this threat overlaps with my first opportunity. Companies are finding novel ways to use free software to create proprietary walled gardens and trapping their users. Web services, avoiding copyleft, combining free tools with proprietary tools in ways that limit freedom, etc. We don't have a good user strategy for hardware security. Assuming you trust all the players, I think my phone has a better security model than my Debian laptop. Companies are starting to care about that sort of security: trusted supply chain, key management all the way back to the hardware. Yes if I get open hardware, and I spend a lot of time on the key management I can probably get something better. It's a lot more work. For a lot of users freedom involves disabling secureboot, which we're fixing. And yet the traditional desktop model is a lot weaker than the Chromebook or phone models. And there, the free/hackable solution is almost always turnoff all the security.
Attachment:
signature.asc
Description: PGP signature