[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[debian-knoppix] Open accounting and Open source

Recently I expressed concern about Knoppix's security because, since 
it's based on testing and unstable, security fixes often come out 
late. I was told that such was the deal: either you go into the pains 
of installing Debian and you have a secure system or you install 
Knoppix and you your system is... well, not so secure.

Of course, if one intends to use Knoppix for the purpose it was 
designed -- i.e. as a Live-CD to pick up mail on a trip or to fix a 
broken down computer, etc. -- security is no concern. But since I had 
the project to offer people to install Knoppix on their computer for 
daily use, I've since had the worried times blues. Isn't there a way 
around this that would benefit both Knoppix and Debian?

Some people have already asked Klaus -- well, I certainly did -- if 
there was a way they could financially contribute to Knoppix. Klaus 
answered that the best way was to send the money to Debian. I don't 
agree with this.

Debian already receives some money though a company they've set up 
called "Software in the Public Interest, Inc." It seems to cather not 
only to Debian, but also to Fresco, GNOME -- GNOME, hear this 
Klaus!!!! :) -- LSB, OFTC, Open Source (.org) and GNU TeXmacs. How 
much, in what proportion, God knows.

What we do know is that, though Debian has hundreds of developpers, it 
seems none of them found that devising a decent installation program 
was an endeavour worth undertaking. If Klaus Knopper wasn't born, the 
world would still be stuck with the fucked up Debian script for 

Upgrading packages is not a project apt to bring the author's name to 
the forefront. So people prefer to work on HURD or whatever. So I 
doubt that even money sent to Software... Inc. will bring the 
security fixes any faster.

It seems some things at Debian just won't move. During all his 
leadership, Ben Collins has tried to make "ready when it's ready" a 
wee bit earlier. He never succeeded.

I understand Klaus wants to keep Knoppix a geeks' project, not a 
business undertaking. He doesn't want to have anything to do with 
finance and end up, as is almost always the case, with his nose in 
the great book instead of in programs. He's competent enough to ask 
good wages and can gather enough money to make a living AND continue 
to have fun with Knoppix.

Still, wouldn't it be great to have somebody paid to bring security 
fixes out asap? Wouldn't it get things moving faster at Debian too? 
Wouldn't this way of contributing to Knoppix also be a contribution 
to Debian worth so much more than sending the money directly?

Nice dream! Down to reality, the stumble blocks are numerous. It seems 
no one in his right mind would want to deal with paypal. I called 
VISA on friday and they told me that doing business with them costs 
about 40 euros a month (converted from figures in Canada), plus about 
5% on transactions, plus probably a registration fee, plus exchange 
from dollars to euros. Sounds expensive!

Maybe it would be possible for one person in each country to open an 
account for Knoppix in a national bank and the money could be sent to 
Germany in large chunks trhough the banking system... or used 
locally. But would look like a nice money laudering scheme. I'm not 
sure it's possible. It would have to be checked.

All checks would be written to the order of a not for profit Knoppix 
company (to be formed) and all accounting would be OPEN. If I was to 
collect all the money in Canada, I would have to register on a web 
page all donators and the amount given and Klaus would have to do the 
same for the amounts he receives and how he spends it.

People could be encouraged to put Knoppix Inc in their will. After 
all, isn't Linux the perfect application of the multiplication of the 
loaves: everybody gets its share and there is more left at the end 
than there was at the beginning :)

Of course, Klaus would have to set up a company, but it would have no 
office, would make no publicity, hire no employees, just give 
contracts. Would it be such a pain to manage? Would Knoppix soon turn 
into some kind of Mandrake agressively shoving the hat under it's 
users' nose? I doubt it very much.

Knoppix's success has now for many months brought it to the status of 
a full-fledged distro. This trend is so unescapabled that even Klaus 
has been working on a script to read from and write to USB drives.  
So, like it or not, some consideration will have to be given to 
security. If Knoppix was to fail as a distro, the Live-CD project 
would shrink to a shade of what it is today.

I feel so stupid bringing this kind of considerations in this 
conference where geeks speak only computerese, that writing is 
painful and awkward. But I do feel the matter is important. Open 
accounting should go alongside open source and nowhere, as far as I 
know, has even the notion of open accounting been brought up in the 
community. In a way, because of the Stock Exchange's regulation, it 
could even be said that Bed Rat's accounting is more open than 
Debian's. This is nonsense.

Anyway... If any of you geeks have observations on the need to gather 
money or not, or how this could be most efficiently achieved, I'm all 

La Masse critique
debian-knoppix mailing list

Reply to: