- When does code you create become copyright?
As soon as it is saved - If you could wave a magic wand and open source any any piece of proprietary software, what would you choose?
Microsoft Word - If the software was open sourced, would it's company remain stable? How would it make money?
It would probably be able to maintain itself through support - What do you think the most beneficial thing to learn in class was?
I learned about trademarking, which was something that I had never really thought about before and didn't really understand at all when looking back at it. - Explain some of the motivation a company may have to open source software
It encourages the community to communicate and help fix some of the issues that the developer may have with their release that they may be unaware of. It also helps to illustrate the trustworthiness of the company by showing what it is doing to the public more than they otherwise might. - Are there any changes that you suggest making to the profile template? What parts do you find most interesting or important?
Honestly I found the Community Architecture and Technology sections to universally be a problem to fill in for my profiles. They are too narrow in focus and would often have no real answer without going outside the original scope of the profile. Rationale is also pretty moot because it has no influence on the the actual information presented, outside maybe showing bias in the individual writers. - If there could have spent more time on any topic, which would you have liked to cover in more depth?
I would have like more about trademarks and licensing since it was only briefly covered. - Why are you using *MIT* as the license for your open source project?
I don't really have an active open project, so that leaves the ones that I did for HFOSS and ADVFOSS, which MIT seemed like the best fit at the time. - If you would suggest a video to be watched as part of this course, what would it be?
Well aside from Hackers, because it is the agreed upon answer, I don't really have any sort of referential material that would be particularly useful for the class as I have very limited voice when it comes to this.
Tuesday, May 19, 2015
Business and Legal Aspects of Free and Open Source Software Final
So here we are at the end of it all. These were the questions that we were required to answer for the final, so here we go!
Reflections on being a Teaching Assistant - Final Thoughts for the Year
I have been a Teaching Assistant for 3 semesters now. It has been an interesting experience and will continue to be one when I get back in fall. The only question that remains is what have I really learned from my experiences this year. First and foremost, is really experiencing that everyone gets things at different speeds. I had several students that would just immediately pick up a concept and others that would struggle with it for a whole week. I saw several students withdraw from the course and wonder if I could have done more for them or if the lack of outreach from them was a simple enough sign. I just hope that I am providing a good enough example for the students I am helping to enter my field and I hope that they will continue to prosper as time goes on.
The Bunny Theory of Code
This article brings up an interesting idea.
Once we write code, it tends to take on a life all of its own. As it gets passed around, it only gets stranger and stranger until it gets put down for the last time. Hopefully in a condition that will allow it to still function. This goes doubly when it is code that is being worked on by multiple users, all whom may only be tangentially able to communicate. Code evolves in strange ways to fit the needs of those that are using it and there is no way to really keep track of every little bit of information that is getting tossed in without extensive oversight. All it takes is a line or two here or there and the entire quality starts to go down for a project, hopefully not to the extent that it causes serious errors.
Once we write code, it tends to take on a life all of its own. As it gets passed around, it only gets stranger and stranger until it gets put down for the last time. Hopefully in a condition that will allow it to still function. This goes doubly when it is code that is being worked on by multiple users, all whom may only be tangentially able to communicate. Code evolves in strange ways to fit the needs of those that are using it and there is no way to really keep track of every little bit of information that is getting tossed in without extensive oversight. All it takes is a line or two here or there and the entire quality starts to go down for a project, hopefully not to the extent that it causes serious errors.
Reflections on being a Teaching Assistant - Finals
This week was finals week and it has been rather hectic for me. I have two take home exams that I need to do in addition to a presentation to give. The biggest thing though was the fact that I had to go to the final for the class that I am the assistant for. The exam was at 8:00 AM on Monday. That is so bad compared to what I normally have to do. Either way, Finals are strange when you aren't actually the one that has to take them. Just watching everyone furiously strike at the keyboard, hoping they can figure out the problem in the time they have left. I think the most frustrating thing is that there really isn't any way to help them if they get stuck. I have watched students almost completely break down before the exam.
The other big part that makes attending an exam that you really aren't a part of awkward is the fact that there really isn't anything to do. Partly because you can't really create a distraction for the students and also because you have to be ready for if they have a question that they need answering, that you can actually answer. It is just two hours of standing there waiting for something to happen. At the very least, taking a look at the exam that the professor prepared, it didn't seem too difficult, which was good. Overall, I am glad to be done with it for a while anyway.
The other big part that makes attending an exam that you really aren't a part of awkward is the fact that there really isn't anything to do. Partly because you can't really create a distraction for the students and also because you have to be ready for if they have a question that they need answering, that you can actually answer. It is just two hours of standing there waiting for something to happen. At the very least, taking a look at the exam that the professor prepared, it didn't seem too difficult, which was good. Overall, I am glad to be done with it for a while anyway.
Study - Why Good Developers Write Bad Code
Interesting thought experiment, if you are good at something, why do you sometimes screw up? Sometimes it is because of pressure, sometimes it is because you weren't as careful as you should have been because it is all old hat. Sometimes you just don't really care. Well, a recent study has found something similar with Software companies and organizational structures within them.
Often times when working in industry, projects will very often change scope beyond what we initially think that they will be. My professor always says that no one is good at projecting how much work is actually required or how long something will take, at best, you can get a rough estimate. This is telling because so often it will be true and be a major cause of stress on a given project as management can be keen to forget what is going on behind the scenes and how much can is being put in.
The study, which can be found here, is quite good and shows the kind of nuances that can often be overlooked when it comes to how much work actually goes into software development. This can only get worse when you apply it over to FOSS just due to the nature of contributing to a project and how there isn't really a way to guarantee anything of the people that you are working with.
Often times when working in industry, projects will very often change scope beyond what we initially think that they will be. My professor always says that no one is good at projecting how much work is actually required or how long something will take, at best, you can get a rough estimate. This is telling because so often it will be true and be a major cause of stress on a given project as management can be keen to forget what is going on behind the scenes and how much can is being put in.
The study, which can be found here, is quite good and shows the kind of nuances that can often be overlooked when it comes to how much work actually goes into software development. This can only get worse when you apply it over to FOSS just due to the nature of contributing to a project and how there isn't really a way to guarantee anything of the people that you are working with.
Reflections on being a Teaching Assistant - Class Work
I always find that my time inside the class room is always spent awkwardly. The teacher that I am the assistant to is very good at what he does, but it leave me with very little to do for the first portion of the class. During the lecture, I don't have much to do because the slide deck is pretty short overall, and afterward he goes into examples. I don't really have much to do until it is time for the ICE. It is a little disheartening to sit around for the first half of class and not doing anything of real value. I do enjoy the time after though where I can help the students. It is always surprising to me just how much these people know. There always seems to be an even split between the students with a strong background and those that came in knowing nothing. Never really any in the middle though...
The most interesting thing to me is the amount of times where a student will create an issue that just explodes the program. Those are fun to try and figure out. It is also pretty fun to go up to a student who is having an issue and just point to one portion of code that is the issue. In either case, I try to make sure the student is the one to figure something out as opposed to just straight up telling them the answer. I feel like it does more to help them learn, though I'm pretty sure that it can also make look like I don't really know myself. Oh well, take the bad with the good I suppose.
The most interesting thing to me is the amount of times where a student will create an issue that just explodes the program. Those are fun to try and figure out. It is also pretty fun to go up to a student who is having an issue and just point to one portion of code that is the issue. In either case, I try to make sure the student is the one to figure something out as opposed to just straight up telling them the answer. I feel like it does more to help them learn, though I'm pretty sure that it can also make look like I don't really know myself. Oh well, take the bad with the good I suppose.
News - Stripe in Asia
Stripe is a relatively new method for online payment in the same vein as Paypal. It has made a decent boom over in the Silicon Valley for being fairly simple to use with a nice interface. I personally use Paypal, though it is extremely infrequent, and I will say I find the whole process to be fairly annoying. Bad as it may be, I tend to just use my card to pay for things. I know, I know, for shame. Either way, it is always good to see more competition springing up in a market, though I do have to wonder just how many of these services there are that are essentially money middlemen. It seems so strange to me to be hearing about all of these different services springing up.
Aside from the interface, Stripe has partnered with Sumitomo Mitsui Credit to help bolster their user base as they are essentially fresh blood over there. It is a pretty bold move and will hopefully work out well. It will remain to be seen if it can generate the buzz it needs to stay strong in the industry, but best of luck.
Aside from the interface, Stripe has partnered with Sumitomo Mitsui Credit to help bolster their user base as they are essentially fresh blood over there. It is a pretty bold move and will hopefully work out well. It will remain to be seen if it can generate the buzz it needs to stay strong in the industry, but best of luck.
Reflections on being a Teaching Assistant - Grading
Grading is a very strange subject for me. On the one hand, I want all of the students I help to teach to succeed. On the other hand, sometimes the code that they hand in makes me cringe. If that just comes from experience or because it is just that bad, I have yet to find out. It is still a little weary for me to be controlling so many student's grades. I think the worst part about it is that since I am not the one to be coming up with the rubric, I don't always know how much things should be docked for.
That in mind, it always strikes me as irksome when I see students with code that clearly has not been tested. Even the times where I have had to throw something together at the last minute, I have the forethought to make sure that it will at least work to some extent. I know this isn't always the case for some students, if that is because they just legitimately hit a roadblock or something, but sometimes you can just tell.
I will say that I have found the work to be very insightful, as it has made me come to realize some of the bad coding practices that I still have to work on. For that I can be thankful I suppose.
That in mind, it always strikes me as irksome when I see students with code that clearly has not been tested. Even the times where I have had to throw something together at the last minute, I have the forethought to make sure that it will at least work to some extent. I know this isn't always the case for some students, if that is because they just legitimately hit a roadblock or something, but sometimes you can just tell.
I will say that I have found the work to be very insightful, as it has made me come to realize some of the bad coding practices that I still have to work on. For that I can be thankful I suppose.
News - Hacker's claims of Hacking Plane Disproven
In recent news, it came up that Chris Roberts, founder of security intelligence company One World Labs, had found a way to hack an airplane from inside the plane. This story has been circulating for a few days now, but it stands to reason that it is probably for the best that this came up as a false flag rather than anything else. As an avid flier, it would make my trans-national flights so much more annoying if I suddenly wasn't allowed to use devices on them because of a scare like this.With that in mind, it does stand to reason that this will probably still make transit companies look into increasing the security of their systems, which is an overall net positive.
Lit Review 5: FOSS Primer Trademark
This time we are heading back to the FOSS primer to take a look at Chapter 5!
Who:
The GPL Guide was written by Bradley M. Kuhn, Anthony K. Sebro Jr., and Denver Gingerich
What:
Where:
When:
2008
The Gist:
This chapter is all about trademarks and using them properly.
The Good:
- Very clear and concise
- Talks about actually applying for a trademark
The Bad:
- Not much in the way of defending oneself
- Doesn't really factor in anything outside US law, though that makes sense
Any Questions?
- What counts as being thorough?
- What counts a Brand Confusion?
In Conclusion:
Overall a very good chapter, as expected of most of the Primer. It serves a needed service and is good to know. 9/10
Lit Review 9: Production Democratization
This time we are taking a look at an economics paper showing the value of Free and Open Source Software!
Who:
Joshua Pierce
What:
An economics paper showing the value of FOSS
Where:
When:
December 2014
The Gist:
The paper basically tries to show the use of FOSS and FOSH as cost saving measures by showing what you can do with 3d printing a pump
The Good:
- Good Technical example of FOSS work for use in statistics
- Shows positive use for 3D-printing
The Bad:
- Equations can be a little difficult to follow
- Not sure if the data is entirely accurate
Any Questions?
- Are there other case studies where 3D-printing would have as strong an impact?
- How does economics actually work, because every time I see something, I just become more confused
In Conclusion:
Overall a difficult read with an interesting premise. I don't know if I am really the best person to judge though. 7/10.
Profile 4 Presentation: OWASP
mtubinis and I worked together on this presentation. I really like the idea of OWASP, even if I don't fully understand all of the work that they put into everything.
Profile 4 Presentation
Profile 4 Presentation
Profile 3 Presentation: Indiegogo
mtubinis and I worked on this presentation. Indiegogo was fairly strange. I don't think I personally will ever use the service.
Profile 3 Presentation
Profile 3 Presentation
Profile 2 Presentation: Lantern
mtubinis and I worked on this one. I still enjoy the fact that we actually did the wrong start-up for this because of them both having the same name and broad idea
Profile 2 Presentation
Profile 2 Presentation
Profile 1 Presentation: Free Software Foundation
This presentation was done with the help of mtubinis, chrisknepper, beruberufunbot, and h2g2guy
Profile 1 Presentation
Profile 1 Presentation
Profile 0 Presentation: Canonical-Ubuntu
Here is a link to the associated presentation that mtubinis and I did for the Profile 0:
Profile 0 Presentation
Profile 0 Presentation
Lit Review 4: Patent Promises
This time we are looking at the various patent promises that have been made by Red Hat, IBM, and Apple
Who:
Apple, Red Hat, Google, and IBM
What:
The Patent Promises by the various companies and what they mean
Where:
When:
Red Hat posted their's in 2014, but the others have no listed time
The Gist:
Multiple companies have basically said that they will not go after anyone who is using their patents in specific ways
The Good:
- This helps promote open source
- This helps developers know to an extant what is okay to do with their resources
The Bad:
- Open Source has a very loose definition
- The language is fairly thick overall
Any Questions?
- Any legal battles from after these promises were made?
- Just how many patents do Google an IBM actually own?
In Conclusion:
Fairly tough read as the material was rather thick. While this is on the whole a good step forward for Open Source development, it is rather telling that this much has to be put into protecting oneself and their software. 8/10
Video Review 1: Trademarks and Open Source
Who:
The presentation was made by Karen SandlerWhat:
An one hour talk at All Things OpenWhere:
You can find the video hereWhen:
October 22, 2014
The Gist:
Trademarks are important, but it is also important to not hurt your end users by choosing a bad one for your projectThe Good:
- Clear and precise information
- Real world examples
- Admits to not being legal advice
The Bad:
- Presenting style is a little off
Any Questions?
- When can a trademark be too generic?
- How different is trademark law elsewhere?
Final Thoughts and Rating:
It was an alright presentation. It was nice to hear more in depth about licensing. Overall 7/10.
Questions for Final
Here are a couple questions that I had going in to the final:
- What was your favorite reading for the course?
- Which profile did you enjoy researching the most?
- What is one thing you would change about the course?
Profile 4: OWASP
OWASP
Michael Tubinis (mstubinis), Brian Escriche (Pharas)
Rationale
Their home page looked like it had a lot of information at first glance… Yes that’s why we chose it as we did not have any prior knowledge of any of the other entities we could choose from.
Organizational Details
- Is the subject of your profile a corporate entity?
Yes, a 501(c)(3) - What type?
Worldwide non-for-profit charitable organization - When was it founded?
April 21, 2004 - By whom?
Mark Curphey - Original founder(s) still active?
It appears he is no longer active - Publicly Traded? Since when? Initial Stock Price? Current stock price?
It is not publicly traded - Has the company made any acquisitions? If yes, which companies, and what were their core products?
No - Has the company made any investments in other companies? If yes, which ones.
No - Number of Employees?
7 Global Board Members. 8 Employees / Contractors - Where is HQ?
1200-C Agora Drive #232 in Bel Air, MD 21014 - Does it have any other offices or locations?
- Does your organization file any annual reports? Please include links to any relevant documents (i.e. 990, Annual Report, Year in Review, etc...
No
Communications
- Does your subject participate in social media? If yes, please list a URL for each
Facebook - https://www.facebook.com/pages/Open-Web-Application-Security-Project/296236753839074 - 8900 likes
Twitter - https://twitter.com/owasp 41.6k Followers
Google+ - https://plus.google.com/communities/105181517914716500346 - 2293 members
LinkedIn - https://www.linkedin.com/groups/Global-OWASP-Foundation-36874 - What communication channels does your subject use to reach their public? Briefly describe and include a URL for each.
OWASP Blog - http://owasp.blogspot.com/ - Does your subject organize or participate in any conferences? If so, list them here, and provide links to any relevant sessions, keynotes, or content.
http://2015.appsec.eu/conference-program/
http://2015.appsecusa.org/c/
Community Architecture
- If applicable, list and provide links to:
- The project's IRC Channel
- Other communication channels
Issue Tracker - http://jeremylong.github.io/DependencyCheck/issue-tracking.html - Describe the software project, its purpose and goals.
Dependency-check is an open source solution the OWASP Top 10 2013 entry: A9 - Using Components with Known Vulnerabilities. Dependency-check can currently be used to scan Java applications (and their dependent libraries) to identify known vulnerable components.
- Give brief history of the project. When was the Initial Commit? The latest commit?
Initial - September 6th, 2012
Latest - April 26th, 2015 - Who approves patches? How many people?
Jeremy Long - Who has commit access, or has had patches accepted? How many total?
There are 12 contributors to the project overall - Has there been any turnover in the Core Team? (i.e. has the top 20% of contributors stayed the same over time? If not, how has it changed?)
So far no, but the Core Team is the BDFL - Does the project have a BDFL, or Lead Developer? (BDFL == Benevolent Dictator for Life)
Jeremy Long - Are the front and back end developers the same people? What is the proportion of each?
Essentially, as Jeremy Long is the main developer by an overwhelming majority - What have been some of the major bugs/problems/issues that have arisen during development? Who is responsible for quality control and bug repair?
Nothing overwhelming - How is the project's participation trending and why?
The only real contributor is Jeremy Long, though it is fairly consistent - In your opinion, does the project pass "The Raptor Test?" (i.e. Would the project survive if the BDFL, or most active contributor were eaten by a Velociraptor?) Why or why not?
No, Jeremy Long is a couple thousand commits ahead of everyone else, and several million lines of code. - In your opinion, would the project survive if the core team, or most active 20% of contributors, were hit by a bus? Why or why not?
Again, no, because of the large disparity between commit amount - Does the project have an official "on-boarding" process in place? (new contributor guides, quickstarts, communication leads who focus specifically on newbies, etc...)
None that can be easily found at least - Does the project have Documentation available? Is it extensive? Does it include code examples?
http://jeremylong.github.io/DependencyCheck/ Has a large amount of information about the project, but nothing as far as code - If you were going to contribute to this project, but ran into trouble or hit blockers, who would you contact, and how?
You would need to talk with Jeremy Long - Based on these answers, how would you describe the decision making structure/process of this group? Is it hierarchical, consensus building, ruled by a small group, barely contained chaos, or ruled by a single or pair of individuals?
This isn’t really a business structure of any sort, so there isn’t much to say here. - Is this the kind of structure you would enjoy working in? Why, or why not?
Again, no real structure.
Profile 3: Indiegogo
IndieGoGo
Michael Tubinis (mstubinis), Brian Escriche (Pharas)
Rationale
Indiegogo seemed like an overall interesting company and it would be interesting to see how they interacted with Open Source
Organizational Details
- Is the subject of your profile a corporate entity?
Indiegogo, Inc. - What type?
“Funding Platform that does Seed Investments” - When was it founded?
2008 - By whom?
Danae Ringelmann, Slava Rubin (CEO), Eric Schell - Original founder(s) still active?
Yes - Publicly Traded? Since when? Initial Stock Price? Current stock price?
It is a private company. - Has the company made any acquisitions? If yes, which companies, and what were their core products?
No acquisitions that were mentioned - Has the company made any investments in other companies? If yes, which ones.
Yes, $25,000 invested in UCreate3D - Number of Employees?
80 employees - Where is HQ?
965 Mission Street, 6th Floor San Francisco, CA 94103 United States - Does it have any other offices or locations?
145 Hudson St, Tribeca, New York - Does your organization file any annual reports? Please include links to any relevant documents (i.e. 990, Annual Report, Year in Review, etc...
No annual reports that we could find
Communications
- Does your subject participate in social media? If yes, please list a URL for each account, and reach within that community.
Facebook - https://www.facebook.com/Indiegogo (321,668 likes)
Twitter - https://twitter.com/Indiegogo (218k followers, 18.6k tweets)
Google+ - https://plus.google.com/+indiegogo (291k followers, 3.185
million views)
Instagram - https://instagram.com/indiegogo/ (261 posts, 5,982 followers)
Linkedin - https://www.linkedin.com/company/indiegogo (6,710 followers) - What communication channels does your subject use to reach their public? Briefly describe and include a URL for each.
Blog - http://go.indiegogo.com/blog
They also appear to use their Facebook and Twitter to help promote some of the various projects that get put up using their service. - Does your subject organize or participate in any conferences? If so, list them here, and provide links to any relevant sessions, keynotes, or content.
http://connectedconference.co/ - Connected Conference - Indiegogo will be attending to host a crowdfunding competition
Technology/Product
- Who invented, created, or sponsored the technology?
Indiegogo was started in 2007 under the name Project Keiyaku by Danae Ringelmann, Eric Schell, and Slava Rubin. It officially launched in January 2008 at Sundance - What is the technology designed to do? How is it used?
Indiegogo is meant to allow people to start up any idea they want and crowdsource the funds from other people. Generally speaking, Indiegogo is used to give ideas that normally wouldn’t get anywhere a chance in the light. - Who would benefit from using this technology?
Anybody can start a campaign. More directly, people who need just a little more funding before they can launch their project. - What kinds of companies or organizations (stakeholders) might have been concerned about the development of this technology? Why?
The biggest concern about crowdsourcing in general is that legitimate startups circumvent the need for Venture-capital. This is merely postponing it, as the startups hit the point at which they need to expand.
There has been some controversy surrounding Indiegogo, but little to none of it has to do with copyright law. Namely Indiegogo now no longer has the same fraud guarantees.
Subscribe to:
Posts (Atom)