[debian-knoppix] Open accounting and Open source
Recently I expressed concern about Knoppix's security because, since
it's based on testing and unstable, security fixes often come out
late. I was told that such was the deal: either you go into the pains
of installing Debian and you have a secure system or you install
Knoppix and you your system is... well, not so secure.
Of course, if one intends to use Knoppix for the purpose it was
designed -- i.e. as a Live-CD to pick up mail on a trip or to fix a
broken down computer, etc. -- security is no concern. But since I had
the project to offer people to install Knoppix on their computer for
daily use, I've since had the worried times blues. Isn't there a way
around this that would benefit both Knoppix and Debian?
Some people have already asked Klaus -- well, I certainly did -- if
there was a way they could financially contribute to Knoppix. Klaus
answered that the best way was to send the money to Debian. I don't
agree with this.
Debian already receives some money though a company they've set up
called "Software in the Public Interest, Inc." It seems to cather not
only to Debian, but also to Fresco, GNOME -- GNOME, hear this
Klaus!!!! :) -- LSB, OFTC, Open Source (.org) and GNU TeXmacs. How
much, in what proportion, God knows.
What we do know is that, though Debian has hundreds of developpers, it
seems none of them found that devising a decent installation program
was an endeavour worth undertaking. If Klaus Knopper wasn't born, the
world would still be stuck with the fucked up Debian script for
Upgrading packages is not a project apt to bring the author's name to
the forefront. So people prefer to work on HURD or whatever. So I
doubt that even money sent to Software... Inc. will bring the
security fixes any faster.
It seems some things at Debian just won't move. During all his
leadership, Ben Collins has tried to make "ready when it's ready" a
wee bit earlier. He never succeeded.
I understand Klaus wants to keep Knoppix a geeks' project, not a
business undertaking. He doesn't want to have anything to do with
finance and end up, as is almost always the case, with his nose in
the great book instead of in programs. He's competent enough to ask
good wages and can gather enough money to make a living AND continue
to have fun with Knoppix.
Still, wouldn't it be great to have somebody paid to bring security
fixes out asap? Wouldn't it get things moving faster at Debian too?
Wouldn't this way of contributing to Knoppix also be a contribution
to Debian worth so much more than sending the money directly?
Nice dream! Down to reality, the stumble blocks are numerous. It seems
no one in his right mind would want to deal with paypal. I called
VISA on friday and they told me that doing business with them costs
about 40 euros a month (converted from figures in Canada), plus about
5% on transactions, plus probably a registration fee, plus exchange
from dollars to euros. Sounds expensive!
Maybe it would be possible for one person in each country to open an
account for Knoppix in a national bank and the money could be sent to
Germany in large chunks trhough the banking system... or used
locally. But would look like a nice money laudering scheme. I'm not
sure it's possible. It would have to be checked.
All checks would be written to the order of a not for profit Knoppix
company (to be formed) and all accounting would be OPEN. If I was to
collect all the money in Canada, I would have to register on a web
page all donators and the amount given and Klaus would have to do the
same for the amounts he receives and how he spends it.
People could be encouraged to put Knoppix Inc in their will. After
all, isn't Linux the perfect application of the multiplication of the
loaves: everybody gets its share and there is more left at the end
than there was at the beginning :)
Of course, Klaus would have to set up a company, but it would have no
office, would make no publicity, hire no employees, just give
contracts. Would it be such a pain to manage? Would Knoppix soon turn
into some kind of Mandrake agressively shoving the hat under it's
users' nose? I doubt it very much.
Knoppix's success has now for many months brought it to the status of
a full-fledged distro. This trend is so unescapabled that even Klaus
has been working on a script to read from and write to USB drives.
So, like it or not, some consideration will have to be given to
security. If Knoppix was to fail as a distro, the Live-CD project
would shrink to a shade of what it is today.
I feel so stupid bringing this kind of considerations in this
conference where geeks speak only computerese, that writing is
painful and awkward. But I do feel the matter is important. Open
accounting should go alongside open source and nowhere, as far as I
know, has even the notion of open accounting been brought up in the
community. In a way, because of the Stock Exchange's regulation, it
could even be said that Bed Rat's accounting is more open than
Debian's. This is nonsense.
Anyway... If any of you geeks have observations on the need to gather
money or not, or how this could be most efficiently achieved, I'm all
La Masse critique
debian-knoppix mailing list