Approaching the 45th year of his career, Warren Woodford is one of the most senior people in the computer industry. He was an early adopter who helped shape some of the technologies we take for granted today like desktop computing, software plugins, custom integration, online information at your fingertips, easy to use interfaces, automated (“automagical”) background functionality, and service architecture.
Warren started MEPIS in 2002 as a testbed for learning Linux and with the goal of integrating a Linux distro that met his personal standards–standards that were influenced by working with GUIs at Xerox in the 80s and being a NeXT and now an OSX developer. The result was the well liked desktop Linux distro known as SimplyMEPIS. Warren maintains MEPIS for his own satisfaction and for the benefit of the MEPIS user community. Through MEPIS LLC, Warren continues a successful consulting practice where he and his associates specialize in solving product design and mission critical problems for startups and large corporate clients.
Sean Campbell: Warren, could you introduce yourself and tell us about some of the things you have worked on during your career?
Warren Woodford: Sure. I’ve been pushing electrons for a very long time. I grew up with what is now the computer industry, and I was already working at almost the VP level when the first microcomputers came along.
My background includes telecommunications, entertainment, field service, mini computers, micro computers, mainframe computers, PCs before they were called PCs, real time processing systems, software for business, software for home, software for government, and tools that people have heard of if they’ve been around a long time–always on the bleeding edge.
That’s the way I worked until the Internet bubble burst, at which time I kind of withdrew and decided to take it easy while the economy was down, not realizing it was going to be so volatile for so long. It was in 2000 or 2001 that I first started looking at Linux.
Aside from the philosophy and technical foundations of Linux, there was a lot there that I really didn’t like, frankly. Because of my background, I had been a champion of GUI interfaces since the early ’80s, and that aspect in particular was very inadequate at the time.
The bottom line is that, when I first found Linux, it was too rough around the edges for me. That represented the possibility of opportunity, not that I was really looking for work. This will piss off a few people, but there was a certain amateur quality about it.
Around 2001 was the first time I used a version of Linux that felt pretty good, which was SUSE, but it also had some significant bugs. It was pretty mature, but it was stiff–just too rigid in the way it did certain things. Mandrake seemed like it was on the right track, but there were bugs in the installation process and things like that.
Still, I felt that there was promise, so I started using Mandrake around 2001, and as I got familiar with everything, I decided that it was marginally good enough. Then, in 2002, Mandrake stumbled badly with their release in the September/October timeframe. They made some big mistakes, in part because of pure hubris.
It was around that point that I started thinking about building a version of Linux, instead of depending on other people. I jumped into it, deciding to pursue it as a way to learn technology that I didn’t know.
It has always turned out that when I learn a new technology, opportunities arise, whether my original reason for getting involved worked out or not. That’s how I got into Linux and decided to develop MEPIS. It was first for myself, and then I decided to see what would happen if I gave it free reign.
It got picked up by Distrowatch and went to #10 in one month, and that told me something. I started spending almost all of my time on it, but then in 2004 I had an injury that laid me up for a long, long time. During that time, MEPIS made it to #1 at Distrowatch, but I couldn’t really do much to maintain it.
Then it slid. Mark Shuttleworth saw opportunity and forked Ubuntu off of Debian. To be clear, I think that has ultimately been good for Debian, and Ubuntu contributes a lot back to the Debian community, but it is clearly a fork.
Sean: What do you think about Ubuntu’s strategy? They contribute upstream–more as of late, in fact–but at the same they time fuzz the distinction for users that Linux is really a collection of sub projects that are traveling in the same direction at roughly the same velocity.
I actually think what he’s trying to do isn’t all that bad, but I may have the luxury of some detached pragmatism. I see it as a logical, commercially driven decision, but I’m curious what you think about it, because you’ve obviously got a lot more history in this than I do.
Warren: I’m not bothered by anything that Ubuntu does. I think that Ubuntu pushes the boundaries regarding purity, and I don’t think that’s a bad thing, although that gets me in trouble with some people.
Some people call me a whiner about the GPL, while from my point of view they are the whiners. The GPL deserves to be scrutinized closely and to be debated, as does any legal document that restricts people’s rights. Calling a person a whiner because they care enough to challenge, question, or state positions about something is itself whining.
I think it’s good that Ubuntu challenges the boundaries regarding what is and is not proper open source. I think that what Ubuntu contributes back, both upstream and cross-stream to Debian, is good. And I think that the way that they kicked Debian in the collective butt has been good for Debian.
The fact that Mark is out there trying to make commercial deals actually may or may not make a big difference in the long run, but it’s not necessarily a bad thing. For example, I know that a couple of years ago he negotiated with IBM to get Ubuntu approved as a platform for running DB2. That would make it very easy to get that DB2 approval extended to Debian if anybody wanted to, and I think that’s OK.
From the point of view of what’s right and wrong, I don’t think there’s anything at all wrong with their fuzzying things a bit, as long as they don’t do it as much as Xandros did. Xandros at one point was blatantly changing copyright, renaming things and such, to make it appear that they had invented KDE or something. I can’t speak for what was in their mind, but something was going on there.
I don’t see Ubuntu doing that. I see them creating projects of their own to build utilities that represent their philosophy about how such things should be done, like the Adept project for a package manager. However if there’s a good product out there already, then there’s no good reason for them to be reinventing the wheel.
I think KPackage has been kind of so-so. On the other hand, I think Synaptic is awfully darn good. But Synaptic is GTK based, and while that’s not necessarily a bad thing, I wouldn’t program in that world. For personal reasons, it would be too inefficient and take too long to do. I wouldn’t program in Python for the same reason.
I don’t see anything wrong with creating or sponsoring Adept, just as I don’t see anything wrong with the idea of starting Ubuntu in the first place. You can complain or you can say that competition’s a good thing.
Mark, for one, is probably not going to pursue something unless there really is a shortcoming to be addressed.
Sean: What about Ubuntu’s OEM strategy? They have done really solid work in getting Toshiba to push Ubuntu, for example, and of course they also have Dell with five systems. They seem to be doing a really bang up job in getting OEMs to ship, promote, and push the Linux based desktop, and that doesn’t even count the netbooks push that’s happening.
Do you think they may have figured out a strategy that could give them a certain position on desktops that others haven’t quite figured out yet?
Warren: An important consideration is that Mark is more or less a billionaire, and he made that money in the computer industry. He can talk to companies like Dell, IBM, Toshiba, and others with a level of credibility that no one else in the Linux industry that I’m aware of can match.
He can get in the door to propose things, and he can get things agreed to that nobody else can. That gives him an advantage when you consider one distro over another, but that’s just how things are.
That’s good for Linux as a whole, and it means that companies like Dell and Toshiba are starting to think about compatibility more than they were before. And that’s a good thing. There are people who have told me, “Hey, this is really great. I bought a Dell machine with Ubuntu and then put SimplyMEPIS on it and it all worked.”
Sean: You’ve got Intel producing video drivers and wireless drivers and you’ve got network managers, so this is where the Ubuntu fuzzing works both for and against you. On the one hand, it makes the user feel like the network manager is Ubuntu’s network manager, even though it isn’t, really. On the other hand, they can just go stick a different distro on it.
Warren: Yes. In that regard, they’re having a positive impact on Linux compatibility with mainstream hardware, by getting the mainstream hardware companies to think a little bit about compatibility.
Scott Swigart: How much difference is there, from an application developer’s perspective, between different Linux distros? And how much work is that to take into account, and how much does something like the Linux Standard Base help with that?
To put it another way, for an application developer, how much effort is it to support and test and ensure that you’re compatible with lots of different Linux distributions? And how much of that work is done by the app developer versus the distros themselves?
Warren: That is a very big question. About three years ago, some of the biggest companies in the computer industry brought together some Debian affiliated companies like mine regarding this very question. They wanted to explore having Debian-based Linux as a competitor for Red Hat and Novell, and it gave rise to the ill-fated Debian Common Core Consortium.
Those conversations arose from this very issue. You couldn’t have commercial applications or commercial support for a particular Linux distro without a known, stable base. That plays out at different levels, because it depends on what kind of application it is. If it’s something for server, then probably, you only care about a core set of packages.
You can have a core set of packages, and you can have standards around that. If you do, then at the very lowest foundational level, companies that are considering something commercial related to Linux have a common base that they can rely on. But what’s the real core if you’re running a practical application?
And if we’re not using straight X, then what toolkit are you using, and what version? Consider the case of Acrobat Reader for Linux. How are you going to release Acrobat Reader in a way that runs cross distro, when each distro and each release of each distro may have different versions of key libraries?
Adobe does it by basically bundling those libraries, so they only have to rely on the very minimum number of compatible packages, or libraries, on a particular release.
From the point of view of an application developer, the problem is that every distro and every release of every distro has variations in what versions of core packages are installed. And because each distro has a different philosophy about long term maintainability and about stability of the distro, it’s a moving target forever.
You know, it’s a miracle that Firefox works so wonderfully. Those guys are incredible, and so are the Open Office people. Figuring out how to write code that is compatible with so many different versions of libraries to run with or be compiled against is a huge job. This is where Linux has a really big disadvantage when it comes to building complicated applications that you want to distribute broadly.
Scott: Educate me on the Linux Standard Base. What you basically said is that it’s a moving target forever. How much does the Linux Standard Base do to alleviate that? It feels kind of like POSIX back in the day.
Warren: In my opinion, LSB doesn’t do a lot for that. LSB provides some value, like POSIX provides some value, but it doesn’t resolve all the issues.
New releases of MEPIS are still on top of Debian, which acts like a stable core or foundation on which MEPIS is built. If you take the latest version of OpenOffice and recompile it for Debian Lenny, OpenOffice 3.0 will compile in that environment. But OpenOffice 3.0 will not compile on top of Etch, because so many things have changed. One of the things that happens is that a lot of libraries change over time–names of libraries, APIs, and entire philosophies change.
Underneath it all, Linux represents a very active developer community in various areas with people trying out new ideas or making improvements. Without them being coordinated with or accountable to projects like OpenOffice, or Firefox or whomever, it’s a real challenge to build a stable distro or to build a complex application and have it be compatible.
Scott: There seems to be a lot of pressure as companies become more comfortable with Linux, to move from the paid distributions to the free ones, because they find that they’re not picking up the phone. They are not making a lot of support calls and things like that.
On the other hand, if we are at conference and we walk up to the Red Hat booth and ask them about that, their response is typically that the Linux market overall is growing, and it’s only going to be a small percentage of the total number of Linux users that go from free to fee. They are just happy to see the overall market grow.
Warren: In general, corporate America wants something that is supported officially. You can argue about why that is, and it may be a bit cynical to say so, but my impression is that people in companies can’t afford to take the chance of guaranteeing something themselves.
You are in a company and you are working toward retirement. You have a good job with benefits, and you do not want to say, “Well, let’s use this free version of Linux. I guarantee you it will be fine, and we will take care of any problems that come up.”
People don’t want to do that in the corporate world. They want say, “Well, Gartner says this thing over here is great and will work fine for our purposes. They have an annual support contract, and they’re an established company, so we can go with this.” The company can feel comfortable, and everybody up the food chain can be held blameless if something goes wrong.
I think that is the number one driving factor for free versions of Linux not being used in corporate America, except covertly or in very special circumstances where management is used to taking risks. Some industries are more risk-averse than others, of course.
The commercial versions of Linux also offer extras that the free versions don’t. If you look at Red Hat versus Fedora or Novell versus SUSE, they are offering extra things, like guaranteed update schedules, tiered support, and other kinds of extras. For example, their versions also contain extra utilities that facilitate and manage enterprise deployment of Linux.
Now, a small company can sure start out with Red Hat and switch to Fedora, and in a ten-person company with a good technical person in house, that could work out fine. For the most part, though, that won’t happen in larger companies except where risk taking is the norm.
Scott: Do you see that changing over the next five years or so? Do you see some of those larger, somewhat risk-averse companies realizing that there is money that they could be saving by not writing a big check every year, if they haven’t been having the problems they were worried about?
Warren: They absolutely will consider writing a smaller check to a different company, but I don’t see them going with something that is completely free and open source unless it is not critical to their operations.
I know of a recent scenario where a company had no approved product for doing a translation; if I remember correctly, it was a transform between PDF and TIFF. They couldn’t find a commercial product that exactly met their requirements and was approved by their enterprise architecture organization.
Since they couldn’t get enterprise architecture to suggest a product, they went with something open source. But that’s a minor usage of an open source product. I guarantee that same company won’t use Linux as a platform OS. They hang their hat on IBM big iron and AIX.
In the corporate world, it’s largely not a matter of writing a check or not–it’s more writing a big check versus a smaller one, where the person championing it to upper management isn’t going to get hung if something doesn’t work.
People will be bothered if there’s a big problem with some software, but if the company is big enough and proper due diligence was done, then nobody is going to be fired if it doesn’t work out.
Scott: What about the year of the Linux desktop?
Warren: It’s never going to happen. Sorry.
Scott: Why not?
Warren: There’s a chicken and egg problem with getting it on the desktops, where no matter how much Mark Shuttleworth does, Michael Dell is not going to tell Bill Gates where to go. No one is going to forget that Microsoft’s the big game in town, no matter how much Microsoft stumbles.
Mark Shuttleworth can spend his entire billion dollars on trying to make Ubuntu good enough to shoot down Microsoft on the desktop and that won’t change. It goes back to what I was saying earlier about the fragmentation in the Linux market.
You don’t have one set of products against which you can build commercial software, or do commercial deployment, or even long term enterprise deployment. It’s doable with Ubuntu, but it’s not a no brainer, although Novell and Red Hat are trying to address that part.
Right now, I don’t know of a single major corporation that would go with Linux on the desktop for one reason–no Visio. Until OpenOffice does a Visio clone, you can forget it.
Sean: That reminds me of a story. Wikipedia went to Ubuntu recently for all their servers, but they still have one Windows machine to run QuickBooks, which runs their financials.
There’s the problem, right? And it leads to the question, if you were king for a day, what is a reasonable goal for Linux on the desktop?
Is it netbooks, where because it can be thin and light, it’s kind of a doorway to the Internet? And then if you want to leverage all those other locally installed apps, you have to go over to the Windows thick client? That scenario is a bit like the way Apple is carving out a niche with a certain set of consumers.
Warren: Like I said, Linux desktops cannot win in big business as long as there is no Visio clone. They can’t win in small business because of the very thing you mentioned–QuickBooks. Small companies all seem to use it.
On the other hand, some things that are happening right now, like Nokia buying Trolltech and Google inventing Android, can shed light on where the opportunity lies.
In other words, appliances are a place where Linux, with a GUI, can land and really thrive in my opinion–not the desktop we’d normally think of.
Scott: We talked to someone from Mandriva, and his impression was that by focusing on the Linux desktop, people are missing the boat. He suggests that Linux is going to bypass the desktop altogether, because people are looking for the day when won’t need their laptop on the road, because they have a phone and similar devices that are sufficiently capable.
So Linux is not well suited for the desktop, as we know it, but it might be very well suited for what comes after the desktop. Even if the desktop always remains as a mainline use case, there are going to be other scenarios with handheld devices.
Linux shouldn’t really be aiming at where people have been, it should be aiming at where they’re going, and it might be better suited for that.
Warren: I think that’s exactly where it is going, and it is happening right now, specifically with things like Android and Nokia. Notice that in the handheld arena, you don’t probably want QuickBooks or Visio.
Because these application markets are just getting established, if you make sure that the environments support the major toolkits for developing applications for those environments, you’re not going to fall short.
To touch back on Linux on the conventional desktop, though, I use MEPIS for everything I do. I just spent a year on site in a corporate environment, and I used MEPIS everyday.
Almost everybody there was using Windows, but my Citrix connections were better, and so was my wireless connection within the corporate environment. Through Citrix, I was able to use Microsoft apps. An individual can absolutely use Linux for their desktop and have very little that they’re falling short on.
I also run all kinds of things in Virtual Box. Actually, for MEPIS, I do a recompile of the open source Virtual Box, because since Sun took over, they’ve been a little behind on recompiling the open source edition. If you’re using a 2.6.26 or a 2.6.27 kernel, you can’t run a guest on Virtual Box unless you have Virtual Box Version 2.0.2 or better.
The bottom line is that I can run Windows in Virtual Box, and I can run all kinds of test scenarios in Virtual Box. I can run from whichever 32 or 64 bit version of MEPIS I want. My main development machine is a MacPro, so I can even run OS X when I need to do that. It gives me one heck of an environment as a developer.
Scott: I want to be sensitive to the time, so is there anything you want to add in closing?
Warren: Earlier you asked about what I thought was not given as much attention as perhaps it might be. To follow up on that, there are reasons for DNSSEC and IPv6, for example, to be implemented and used.
The circles that I run in, I haven’t heard much talk about DNSSEC or IPv6, except very recently. I think that with IPv4 running out of IP addresses, IPv6 has to come along really soon. But the problem is infrastructure not OSes; I think most Linuxes can do IPv6 out of the box. MEPIS certainly does.
DNSSEC, though, has been with us for 16 years now as a concept, and it hasn’t been implemented. It should greatly improve security on the Internet regarding spoofing and things like that, and there’s work being done to actually implement it now. Still, though, I don’t hear much being said about it, and I don’t know to what degree people are getting ready for it or considering implementing it sooner rather than later.
The .gov domain is going to start implementing DNSSEC January 1st. There are trials that have been done, I believe, for .com and .org, but if you look to see what’s been done regarding integrating DNSSEC in user applications, there’s practically nothing.
It’s all at the experimental stage. To go to a website and be able to identify immediately that it does not have a valid DNS record would be a great thing. That’s something that I would hope that the Firefox project is going to put in the next release, but I don’t know that they are.
Sean: Those are great points. Thanks for taking the time to talk today.
Warren: Thank you.