Sunday, February 06, 2011







Fosdem weekend is already over, and it was fabulous once again. There are just so many great sessions and talks that sometimes it's hard to choose. This year there were 6000 open source minded people present, and this is getting problematic. On Saterday i had a lot of problems getting into rooms because most of them were full. What i did notice is that a lot of guys take their girlfriends along, don't ask me why, because most of the time these girls are bored and don't really want to be there. I don't have anything against geek-girls, who are there to learn, i just think it is silly that some people are not able to attend a talk for that reason.
Never the less, great conference. What captured my attention is the strong presense of open source embedded solutions, going from arduino to satellites. Perl is still going strong with fresh and cool projects. Even though the perl crowd is older then most other projects, there is some young blood blowing fresh air. They definatly need a person like Sawyer, which is a very good and entertaining speaker. It's also interesting to see that the main talks don't draw that many listeners anymore and all the action is found in the developer rooms.

Saturday, February 05, 2011

Android is probably the most popular linux distro at the moment. The amount of users buying and the companies implementing it are huge, all in a little more then 2 years. In a certain way this shows linux was ready for the masses all along, but as always it took a big company (google in case you didn't know) to get it anywhere.
The one issue that everybody keeps picking on, is the so called fragmentation, i don't think it is really an issue though. The root of this, is the hesitance of manufacturers to release updates to their devices. They might release some for a while, ironing out bugs, but hardly you get an upgrade for your device for major versions, for example going from 1.6 to 2.0. Most of the time the vendors will claim the devices are simply not able to run it, but hackers have proven them wrong each time, for example; my 2 year old Samsung galaxy runs 2.2 just fine. Ofcourse this is all sales driven, new phones need to be sold and an OS upgrade might be a good excuse.
Still fine by me, i will just keep on upgrading my phone the unofficial way until it falls apart or the battery is worn out.The issue i have with all this is in the security part of all this. Linux is a great kernel, but it does have its security issues, if you're subscribed to the weekly SANS newsletter you'll notice there is almost a different security issue each week. Agreed, not all of those are critical or are applicable to Android, but some are. Nobody provides Android security updates, perhaps if it is critical enough, there might be an update for the latest generation of devices but all older phones are left in the dark and stay vulnerable. Since these phones are basicly small computers (you get linux and a shell with more tools on then when i started with linux more then 15 years ago), we could end up with an army of unsupported insecure Android zombie machines, we've been there before, with windows and i don't want it to happen again.
I started by saying that Android is the most popular linux distro ever, and the solution to the above problem is that they should treat Android more like an actual distro, and enable some kind of repositories-like update mechanism for the core of the OS. That way all fixes will be available to everybody and you should not have to surrender you security to the wil of the hw-builders.