Regulatory Compliance/Meeting Notes for 2016-11-14

From SOBAC Wiki
< Regulatory Compliance
Revision as of 04:21, 13 January 2017 by BobJonkman (talk | contribs) (Draft page for Meeting Notes: Regulatory Compliance)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

October 2016: Promoting Open Source

=======================

FLOSS: Free/Liberated Open Source Software

- What FLOSS does your organization use? How did it get approved? Implemented? - What kinds of FLOSS is amenable to use by nonprofit organizations? Why? - What kinds of FLOSS are less amenable? Why? - What are some of the selling points you use? - What have been some of the advantages? - What have been some of the challenges and disadvantages?

Announcements

- Tue Oct 18, 7pm: Ruby FLOSS Contributions, Sweet Tooth + Boltmade was bought by Shopify! + Bring a laptop and a Ruby install + Goal: encourage FLOSS contributions and bring visibility to FLOSS projects in the area - Sat Oct 22, 4-8pm: Laptop Rescue Mission, Computer Recycling


How do you sell it?

- End users don't care much about open source + They think you need to contribute code + Contributing might mean contributing financially or reporting bugs

- Lots of people using the code might make it better + But this did not work so well for OpenSSL + How do you make people aware of the code that they use? + How do you pick the projects to support?

  • Apache
  • Linux Foundation (they have a Core Infrastructure initiative)
  • SPI: Software in the Public Interest

- Do endorsements from famous people matter? + Can you get the word out? + http://trustmeimlying... + Getting grassroots word of mouth matters a lot + Ask for reviews from reviewers

- Maybe it makes sense to throw money at infrastructure projects? + Pay somebody to maintain/develop the stuff instead of paying a propreitary software company + Again, SaaS has changed this landscape

  • Would it even be feasible for SaaS providers to release their software as FLOSS?
  • Maybe this is their "community editions"?
  • Most community editions take out features

Arguments for Open Source

- Cheap to acquire the software (and nonprofits are cheapskates) - FLOSS tends to be easier to debug and troubleshoot + eg looking through the source of Samba to troubleshoot a problem + You can get consultants to fix your software for you

  • eg Zikula CMS has 2600 weblinks
  • They did an upgrade and he paid somebody $50 to fix it
  • eg OSCAR medical records system: we paid somebody to set it up

and customize it for us (OSCAR/CAISI) - Data migration can be easier: the code is the template for migration - It is possible for people to develop code coverage and test suites after the fact - What would the advantage be if our rollback software was open source? + You could debug the software easier + You could see what it is trying to do

Arguments Against Open Source

- Software might be unfamiliar from what people are used to/what they use in school. - Privacy is important sometimes and you need to trust the code + Sometimes privacy is a concern - Other providers need to use the same application, which is not in use across the board + What about federation? This may not be the issue.

- Software as a Service has taken over the industry + Conceptually it is possible to make it FLOSS + In practice it usually is not + Failure to make SaaS FLOSSy is a failure of sales

  • "If you can download the code then what are you selling?"
  • Really you are paying people to take care of infrastructure for you

Considerations

- How quickly can people pick up the software? - Are we using it to contribute back or just to use it?

- What is the code quality? + In proprietary software the code quality may be bad, but hidden - Are there developers? Is the project being supported. - How good are the development leads? This is important for stability. + eg LibreOffice has good quality according to Coverity

- Who gets paid to develop the code and how? + Consultants? + Sometimes big companies sponsor developers?

- How friendly is the community?

- People are used to paying for proprietary software but not FLOSS? + But people are also used to not paying for online software unless it is SaaS + Open source does not tend to nag people to pay for it + Patreon models are becoming more popular + Is it enough to fund only a few projects? + How do you crowdsource projects? How do you sell the software? + We pay for a pfSense gold membership for no reason

  • But it is a kind of insurance so that pfSense continues to exist
  • Maybe it is a sliding scale fee


- Trust is a huge factor + Can our organizations trust the product? + Does the website look nice?

- How much support can you get? - What are your fellow companies using?

- Sometimes interoperability matters + TWC cannot use LibreOffice for resumes (but how does Google Docs play into this?)


Other things

- Libreoffice Online is being developed and is running + Done with OwnCloud and Collabora + The goal is to sell to government and make sure that all the government templates are available + Canadian requirements for accessibility are more stringent than elsewhere

  • And there are not that many developers working on it

- Is there any antivirus that is FLOSS? + There is Clam, which is good for email servers and terrible for desktops

- Is there antiviruses for other operating systems? + It exists for Mac and Linux but is not widely used + Android is the new Windows and has lots of viruses + You don't want to run everything as root + Software stores make this a little better + Android updates do not go out as quickly + Why is Android such a disaster?

  • Too many users?
  • Not enough quality control?
  • Too many apps?
  • Too much fragmentation?

+ Android good practices?

  • Be careful about clicking links
  • Look at how many people use the app
  • There is antivirus software available for Android

+ If you root your phone do you run everything as root?

  • No?

- How well has Drupal worked as a CMS? + We have been able to modify it. + The community is open and friendly + Developing core functionality has been hard + Major upgrades are difficult + Rails makes upgrades easier

  • A bunch of modules were backported from Rails 4 to Rails 3

- Can you get university and college students to develop code as part of their coursework? + It is real code, not toy projects + Contributions that are accepted look good on resumes + If the project is organized properly this can still be valuable + A lot of student work looks rough + LibreOffice has a mentorship project for students

- In digital media programs they used FLOSS so the students could continue using the software on their own afterwards + In the marketplace this software is less popular + But the skills are transferable

Retrieved from "https://sobac.com/mediawiki/index.php?title=Regulatory_Compliance/Meeting_Notes_for_2016-11-14&oldid=608"