One of the good things that I hope will come out of these cyber-wars: Better FOSS systems. If everyone distrusts each other then the only way to stay in the game will hopefully be to lay all your cards out on the table. I really hope we see more open hardware come to fruition as well.
I'm sad that the US keeps pushing other countries away from our platforms, but I do think better competition will come out of it.
That'd be nice, but I see it going in the opposite direction: the internet becomes too hostile for casual operators. The only way for an average company to survive is to hole up inside the datacenters and on top of the walled-garden platforms of the bid cloud providers, using locked-down and mostly immutable thin clients (i.e. Chromebooks). Already the only way to withstand a DDoS if you are small is to wrap yourself in someone bigger (Cloudflare, Amazon).
OR you can easily survive DDOS by not relying on friggin centralized servers accessible over the internet for your social networks and apps. Run them on intranets for your local communities, village etc. and run them on VPNs elsewhere. Then mitigating DDOS can simply be done on the virtual router level.
It may be inconvenient, but you'll survive. We as an industry really need to stop pretending that the cloud is magical and has no downsides. Running on intranets is how a ton of companies successfully do business.
Containers are supposed to be throwaway; if you need to change something inside, you rebuild it from scratch and redeploy.
Hopefully, your data should not be throwaway. The common architecture is to have an application server inside container that connects to database or other persistent storage running outside containers.
Uhm. I'm not using containers much so I'm not up-to-date with best practices, but I recall a solution involving a "shared volume" for containerazed database to store data in. Is this approach wrong?
Mounts and shared volumes are fine, if you can guarantee that the container is going to be scheduled on this specific machine, where the given filesystem lives.
If you can't guarantee that, you are going into the world of NFS (which databases do not like much) or iSCSI, or, if you have distributed storage, into the world of glusterfs, ceph or something similar.
It's much simpler to just set up a database server (or cluster) and live with that.
Everybody. One of the reasons software products are so lucrative is that it can be distributed easily, especially when compared to the logistical challenges of shipping physical goods. Take away my ability to sell Hello, World! to some guy in Japan, I might as well be selling candy door to door.
Guess what, "social" apps should help local communities without the signal having to go to a server farm halfway around the world. India rejected internet.org for that reason. Rural Africa doesn't need drones to organize community dinner or call a plumber.
That depends on why you're using the social app. If you're using it to find a local plumber, then sure, you only need ot to stay in your local area (but what's 'local'? Is that within your town, your county, your state or your country? If you want to fix a leak, you probably want a plumber in your town, if you're replumbing an entire school, then you may be happy to get bids from plumbers 50 miles away).
But if you're using your social network to find the solution to your recurring plumbing problem that the last 3 plumbers you hired couldn't fix, then you'll probably be just as happy with an answer from a plumber from across the world as you would from an plumber next door.
The power of online social networks it that they aren't limited to whoever is in your town.
But they can still live on VPNs and not the open internet. Requests from outside can be blocked. Sure an external router or DNS server might go down but the internal network would be intact. The routing can even be updated on internal routers. People can invite others to the network, and the whole invitation system can be throttled. Byebye DDOS
How does an "internal network" work with an online community? Are members across a community hard-wired in to this online community?
Otherwise it's still subject to all of the same DDoS attacks of a global social network provider. Except that it'll be easier to take it down since it has fewer resources to protect itself (i.e. it doesn't have multiple 10 gbit pipes to the internet and likely can't blackhole traffic with BGP routes)
So yes, the internal network may be fine if a DDoS attack takes down the router to the rest of the internet, but does that matter since no one can reach it?
Or are you envisioning entire communities unplugging themselves from the internet if any community member is under DoS attack?
A DDoS attack is dependent on flooding the users connection with traffic, so if this connection cannot be established, a DDoS is unable to have a significant impact
Your first statement is true, but the traffic doesn't have to be successfully terminated for an attack -- a DDoS attack can easily fill your internet pipe with traffic even if your firewall silently ignores it (and indeed, once the attack is underway, it's likely that your servers can't keep up with the request rate, so many of the connections are going unanswered). So a VPN is no magic bullet.
webrtc is a fairly bad start because it cannot establish connections to known endpoints (think address:port) or speak multicast for local neighbor discovery in a p2p network.
it generally relies on a signalling server or at a minimum on an exchange of one-time session tokens the user could enter for each connection.
it's not distributed and barely decentralized. it's more geared around a client-server approach where some of the traffic is offloaded to peer-peer connections.
compared to protocols like tcp and udp it's incredibly crippled
An interesting side effect of the creeping googlification and closed-sourcing of the Android platform [1] is that it's making Android less attractive to reasonably paranoid non-American government users.
Yeah and SailFish OS isn't full open source.
The only thing that is not open source on android is the Google Play services. Android is can be fully functional without the Play Services.
With SailFish the UI is closed source. How's the OS without a UI?
Android isn't fully functional without the apps you want it to run. And all the apps you want to run require Play Services. With a walled garden like that you have no way around that requirement where it's implemented.
A UI layer you can conceivably replace. App stores have incredible controlling power. But even worse is the Play Services platform: It means even if you get the APK on an AOSP device, it won't run because it's not built to run on Android, the open source project, it's built to run of Google Android, the closed source product.
The realization people need to realize is that Google effectively forked their own OS, and the original has basically no support.
If anything, F-Droid is far more trustworthy than the Play Store, as F-Droid essentially is a single-source publisher. If F-Droid can't build the APK from source, it won't ship it. So it's guaranteed that you can look at the actual source code of any app you install via F-Droid.
The Play Store, on the other hand, is taking a risk.
It's tricky because there's not really a great alternative to creating the Play Services divide because those services are pretty integral to how a lot of apps function and they rely a lot on outside data and servers so you either have a separate bit of the OS handle it or you have base AOSP have weird dependencies on Google servers for data.
Also I think a lot of the movement of things into Play Services instead of the base OS is because manufacturers were so horrible about actually updating their devices so Google moved it out of the OS into a portion they could actually control so they could actually roll out updates in a timely manner.
First of all, Google is responsible for poor updating of devices. Don't blame anyone else for the fact that their OS is hard to update, and Google doesn't require even basic security fixes as a requirement of getting the Play Store. (If you're unaware of what the MADA is: Google actually gets to approve or veto every device and software update released for devices running Android, effectively, and uses it to make demands about installed apps and branding.)
Second, the OS, designed for openness, would have open protocols for apps to build on that could be backed by anyone's servers. For instance, you can add multiple ___location providers to Android, there's no excuse for telling developers to build a dependency specifically on "Google Location Services". An open platform would have the ___location provider in the open source OS, and then apps would pull from whatever ___location services happened to be on the device in question, whether that be Google's servers, Samsung's servers, or someone else's.
The reality is that Play Services was designed for one purpose, and one purpose only: To create a proprietary fork of the Android application platform that would only run on devices Google controls via their secretive contracts with manufacturers.
I honestly don't know why this is downvoted, I pretty much agree with everything here. The current situation is pretty much a result of politics and policies, not technical issues which can't be solved.
I'm not so certain that's exactly how it'd go. OEMs faced with being forced to provide updates at an unknown pace might just decide to try to roll their own version of Play Services and the underlying data that those hook into, which given the quality of their normal bundleware isn't too promising.
Play Services are mostly necessary for commercial apps (to show advertisement, so spy on user, to collect payments). Many applications in F-Droid do not require them.
And using Play Services doesn't require to have an account with Google or to have a network connection. As Google Play Services are distributed for free, anyone can download them and set up so that they cannot connect to Google but still allow to run apps dependent on them.
There are several alternatives to Google Apps, if that is what you are referring to, including TK Gapps and the MicroG project (as far as I know - I haven't used them myself).
> for example, Geolocation would be a problem without Google's WiFi data
UnifiedNlp[0] geolocation, when I looked into it a little while ago, could use various data sources including Mozilla's, Apple's, OpenWlanMap, and others.
Funny how China is able to take Android and make it their own OS void of any Google services. I guess it's easier for these lazy people to blame Google then doing the actual work like China did.
Yes, I use SailfishOS as my daily driver. I should note that I'm a Linux user, and developer, so I am technical.
SailfishOS satisfies all my technical requirements. Admittedly there are things that I would like (e.g. containerising/jailing functionality), but I understand that Jolla has limited manpower.
It meets all my communication requirements, and developing for it is awesome (I don't use that word lightly).
> Any reason to think it wouldn't end up like Firefox OS?
I don't know about FirefoxOS, but SailfishOS, thanks in a large part to Nokia before it, has a strong community from the Maemo and Meego days. e.g. https://talk.maemo.org/ and https://together.jolla.com ; also checkout the IRC channels on Freenode.
The community is very smart and dedicated. I think with a fully opensource SailfishOS, it could continue to maintain the OS without corporate sponsorship (i.e. Jolla). To give credit to Jolla, they really help accelerate development of GNU/Linux on the mobile.
My understanding is that Jolla phones still have proprietary basebands and are thus no more secure than any other phone, since the GSM spec includes silent remote file pushing and the baseband chip has more or less unfettered access to the system.
That's correct. Currently both Android and iOS provide better security features than SailfishOS. The only security "advantage" that SailfishOS currently has, is obscurity.
I use SailfishOS because:
1) I prefer programming for GNU/Linux over Android or iOS
2) I prefer a decentralised development model (SailfishOS is made up of software by Red Hat, Intel, Mozilla, etc.)
3) I prefer the tight-knit, open, hacker community around SailfishOS/Maemo/Meego
>I don't know about FirefoxOS, but SailfishOS, thanks in a large part to Nokia before it, has a strong community from the Maemo and Meego days. e.g. https://talk.maemo.org/ and https://together.jolla.com ; also checkout the IRC channels on Freenode.
That's not the problem with Firefox OS. The problem was installing it on regular phones, and the subsequent lack of apps.
If anything, Replicant makes much more sense as an OS OS.
> That's not the problem with Firefox OS. The problem was installing it on regular phones, and the subsequent lack of apps.
You're right, I misinterpreted your question.
I cannot see how Jolla can overcome the difficulty of getting SailfishOS onto regular phones.
I personally don't think SailfishOS needs 10% market share. It needs 1% market share, with a dedicated following. Similar to how Linux is on the desktop.
I'm hopeful that SailfishOS becomes mature enough that you can install it onto existing phones relatively easily; similar to how people tried Linux on their desktop PCs in the 2000s.
>I'm hopeful that SailfishOS becomes mature enough that you can install it onto existing phones relatively easily; similar to how people tried Linux on their desktop PCs in the 2000s.
It's not about maturity. It's about the lack of ARM standardization, which cellphones are notorious for.
>I'm hopeful that SailfishOS becomes mature enough that you can install it onto existing phones relatively easily; similar to how people tried Linux on their desktop PCs in the 2000s.
Linux was able to use existing Unix code, and now has a large server following.
How much time would you spend on programming for Android Cupcake (which probably has more users than Jolla)?
Linux is pretty awful on desktop. I only put up with it because it's worth putting hours for a tool I use 50+ hours a week. There is no way to justify that kind of timesink for a mobile device.
Seriously? Everything you do outside the terminal? Maybe stuff that just works on Windows/Mac OSX? Like connecting peripherals, printers, Android phones? Dual video card support? Kernel support for new Intel CPU's? Support for HD monitors / screens?
There is a reason Linux isn't gaining any market-share on desktop..
I'm always amazed by the misconceptions out there about the Linux desktop, Maybe the last time you used it was like 3 years ago ?
> Like connecting peripherals, printers
SANE for printers and scanners support hundreds of peripherals out of the box. No specific driver installation required. Most USB devices are recognized and supported in the kernel.
> Dual video card support
That I can agree with you, but it's not related to the "desktop" per se, it's for a tiny amount of people who have this kind of configuration that it's an issue. There are workarounds like Bumblebee, and with Wayland the situation is supposed to improve.
> Kernel support for new Intel CPU's
Intel is releasing patches all the time. That's not the Linux's project fault if Intel is not working at the same pace on all platforms.
> Support for HD monitors / screens
The situation has vastly improved with GNOME, Mate, Cinnamon and KDE for HDPI support. The issue remaining are mostly applications that have not been rewritten to take advantage of modern GUI frameworks yet. Note that on Windows the situation is far from perfect either.
> There is a reason Linux isn't gaining any market-share on desktop..
It has actually beeing gaining steadily about 0.5% market share in the past 6 months according to different metrics of net usage. And it's gaining that kind of share DESPITE having no company doing marketing for it, and very few hardware sold with Linux in the first place (99.9% PCs come with Windows by default).
When you are not in a situation where the choice is left to the user, OF COURSE you will get this kind of share.
I don't get the anger against Linux on the desktop.
It may work, it may not. Let's even say that Linux works on the level it did in the 90s (when compiling your own kernel was a regular thing).
It's not Linux's fault it has terrible driver support. In reality, the same issues back then cause the same issues now.
Lack of standards plus NDAs mean that sometimes Linus just can't figure out how your screen works. It's like screaming that CM doesn't support Samsung S6. It's Samsung you should be angry at, not CM.
Pointing out drawbacks of a platform is different than blaming the authors of the software.
Using the trackpad on my Mac with Linux installed will probably always be worse than with macOS. Obviously that's not the fault of Linux. Still a drawback.
> I'm always amazed by the misconceptions out there about the Linux desktop, Maybe the last time you used it was like 3 years ago ?
I'm using it right now (and have been for years), rather I was going to ask you the same thing..
> SANE for printers and scanners support hundreds of peripherals out of the box. No specific driver installation required. Most USB devices are recognized and supported in the kernel.
Really, what front-end are you using? 50% of the time or more I've had to wiki [0] / run terminal commands to get a printer to work and if that floats your boat that's fine. As for Android it's a complete crap-shot e.g. the Archlinux wiki lists as many as 5 different MTP packages[1] one of which will hopefully work?
> That I can agree with you, but it's not related to the "desktop" per se, it's for a tiny amount of people who have this kind of configuration that it's an issue. There are workarounds like Bumblebee, and with Wayland the situation is supposed to improve.
It's not a tiny-amount of people -- it's anyone that wants to play games on a laptop.. Have you tried Bumblebee? I only got very marginal ~10 FPS improvement running a game with Bumblebee (Nvidia+Intel) vs. only dedicated Intel (after hours of configuration) -- basically useless: don't play modern games on Linux.
> Intel is releasing patches all the time. That's not the Linux's project fault if Intel is not working at the same pace on all platforms.
I don't see how it matters whose fault it is - it doesn't change the fact that if you buy a new laptop/desktop with a CPU less than one year old -- you are going to be in for a world of hurt if you chose Linux.
> The situation has vastly improved with GNOME, Mate, Cinnamon and KDE for HDPI support. The issue remaining are mostly applications that have not been rewritten to take advantage of modern GUI frameworks yet. Note that on Windows the situation is far from perfect either.
I've tried HiDPI with GNOME Shell -- maybe it works for all the built-ins but breaks lots of other programs you might install, again I'm not saying you can't fix it, I'm saying that passing command-line arguments to grub or editing XML files isn't something most users are into.
> When you are not in a situation where the choice is left to the user, OF COURSE you will get this kind of share.
This kind of delusional thinking amazes me. You want users to spend hours monkeying around on command-line/googling getting their system to work -- and than you still think the reason it doesn't have market-share is because users don't have a choice? Don't believe me? I encourage you to give a Linux laptop to some non-programmer friends and ask them about it.
> You want users to spend hours monkeying around on command-line/googling getting their system to work
Funny, you seem to live in a world where Windows users never have technical issues. Look at support forums for Windows, you are in for a good time.
Oh, and for reference, I have installed Linux distros for several of my family members who are non-programmers and complete noobs with computers, and they never complain and actually tell me it runs much better than before (ie. with Windows). You have to wonder which opinion if the most reliable.
You paid for your printer with money, so contact your vendor and solve your driver problem with them. When you will finish, compare their support with community support, provided by community for free.
yep, people are afraid to call Linux out on its problems because it's open source and free and it makes a lot of people money and we should just be glad to have an alternative at all.. but there are many serious problems with it, it's easy to forget this if you don't have the courage to keep saying it despite the things I mentioned.
1. linux portability. yes, most likely you cant just write one app and it works on 'linux'. without additional work it will only work on your specific distro. Probably even just your specific distro with a specific version number.
2. linux installers in general. i get it, we all like just typing in a quick command and installing a whole suite of programs. thats nice. but for general installations, in 99% of the cases it would be helpful to offer some easy gui click-through installer just like we get on windows.
3. easy to break it: no, i dont see it as my personal user error if i install some random nvidia driver from some random ppa and it breaks my boot desktop and i only get a black screen. i dont care how i broke it, that simply should not be possible ever.
>1. linux portability. yes, most likely you cant just write one app and it works on 'linux'. without additional work it will only work on your specific distro. Probably even just your specific distro with a specific version number. 2. linux installers in general. i get it, we all like just typing in a quick command and installing a whole suite of programs. thats nice. but for general installations, in 99% of the cases it would be helpful to offer some easy gui click-through installer just like we get on windows. 3. easy to break it: no, i dont see it as my personal user error if i install some random nvidia driver from some random ppa and it breaks my boot desktop and i only get a black screen. i dont care how i broke it, that simply should not be possible ever.
1. & 2. We're not in the 90s. Nowadays, I go to chrome or JetBrains and download one of _four_ files: a 32bit deb, a 32bin rpm, a 64bit deb, and a 64 bit rpm, and use a graphics installer.
3. You download an EXE and it breaks your computer? Naah, can't happen on Windows /s .
I think people should be reminded that downloading things from some PPA is _exactly_ like downloading random_cat_video.exe
And it's always the "evil OEMs" and "the stupid users" fault that its desktop adoption is still not there.
I know there are a lot of closed hardware components and you can't do much most of the time. I get that and that's a fair counter-argument.
That however means the fan community should stop pretending Linux is superior on the desktop and that it "just hasn't been discovered yet". This is simply not true.
This is my question. I mean, not to be disparaging (and correct me if I'm off base here) but isn't the Russian market rather small? Double the GDP per capita of china, sure, but with only 143m people and an economy about the size of New York City it seems like a tall order.
Being government backed, does that make it a security risk, similar to the recent issues with BLU devices calling home to Chinese servers?
This is an OS developed by a finnish company. There is little to none risk that a finnish developer would allow malicious russian code on their plattform. The only more anti-russian people I know of is the Balts.
>Sailfish’s local certification in Russia also follows an announcement earlier this year that a new Russian company, Open Mobile Platform (OMP), had licensed the OS with the intention of developing a custom version of the platform for use in the domestic market. So, in other words, a Russian, strategic ‘Android alternative’ is currently being built on Sailfish.
Am I misunderstanding the scope of this 'custom version'? Is the version of Android running on BLU devices not also a custom version developed by a local company?
I've used a Jolla phone for almost a year but ditched it because the camera wasn't up to par for me. Besides that I really liked it, pretty good native apps for a lot of things and a fallback to Android that usually worked well enough for things that weren't available on Jolla (banking apps mostly).
The UI looks nice and is smooth and it's easy to SSH into the phone and write your own software in f.e. Python.
If you're really interested try to find a cheap second-hand Jolla phone.
Government backing can make it last longer, but, as Russia should have learned during the Soviet times, consumer goods aren't commodities, it isn't how much you can produce, but how much people want it that matters.
I suspect that the Russian government wants an OS it can trust for its official and military mobile devices, but realizes that the project is utterly hopeless unless the devices are also sold to consumers, to help pay for the R&D and ensure competitiveness with the market leaders.
Indeed, but it isn't just about being sold to consumers. Consumers have to buy it too. Both blackberry and windows phone were sold to consumers, as well as the fire phone. All 3 failed miserably.
A big thing will be dependent on Russian companies supporting it. Bear in mind, Yandex is the chief of the online services land there, not Google. If Yandex is providing top notch apps and features on Sailfish, it's going to be appealing.
There are countries where the chances of a new mobile OS succeeding depend mostly on the ability to run Whatsapp. Simply put: WA is the free SMS in many developing contries where air-time is still expensive. Carriers even offer plans with unlimited data for WA usage and that is key to drive new sales (I know this for a fact). I still argue that the main reason FFOS on a ultra cheap ZTE failed to gain market share on developing countries was because potential buyers realized they wouldn't be able to chat with friends and family.
For this reason, if Sailfish can trully run any Android app, I'd say they have a better chance.
Sailfish can run pretty much any Android app I've thrown at it - but only on an official Jolla phone. Any phone where SFOS is just a "port" cannot run the emulation layer (and sadly this is a limitation with the software itself, not just a licensing issue).
I wonder if it's a great move for Jolla: Cooperation with the Russian government may raise more doubts than it eliminates. And what happens when the Russian government wants the OS changed somehow? Jolla may find itself under tremendous pressure to agree, or Russia could fork it and corrupt the brand's image.
I have the same concern. I don't think when the Russian government is your biggest (or sole) investor that you can say "no" to backdoors similar to those recently found in quite a lot of Chinese Android devices. In theory you can but in practice they can twist your arm enough for you to agree.
Even though I am more likely to trust the Russian gov't compared to the USA gov't, I still can't safely assume they are the best-hearted people in the world and they'll just open-source all the Sailfish OS code and keep the process fully transparent.
I want to believe it but IMO this is the modern arms race and the superpowers are simply trying to make their weapon better than the others. :(
> How do you have a phone alternative if they can't be bought?
I think that's the reason for the shift stated in the article.
P.S. Try having a look on eBay. That's where I bought my Intex Aquafish. Alternatively, if you're a tinkerer, you could try a community port (note, there's no AlienDalvik Android support): https://wiki.merproject.org/wiki/Adaptations/libhybris
tl;dr - Jolla tried to make a tablet based on an existing Chinese tablet design (Aigo X86). [0] They screwed up the project management to legendary levels, lied to backers, and kept the money. Backers have received NOTHING from Jolla and still don't have a refund. What Jolla did to Jolla Tablet backers borders on fraud. Jolla had the chance for a popular product with people who wanted an Apple/Google alternative, but destroyed their relationship with the community through their repeated delays and lying.
===
I would celebrate, but I have first hand experience with the incompetent management at Jolla. So, I don't expect this to really make an impact at all.
Jolla ran an IndieGoGo campaign to manufacture a Jolla tablet. [1] They raised over $2 million dollars, then spent the next 18 months mismanaging the project into the ground.
By early-2016, their ODM in China had manufactured all the tablets for the backers, something like 10,000 tablets were made. But Jolla ran out of money to pay the factory for the units (and in the mean time, mislead all the backers and said there were no tablets at all).
Now, I know people are going to say "it's crowdfunding, they're not required to give you anything" and that's true.
But what Jolla did next was really, really angering. They only delivered a hand full of the tablets manufactured [2]. The factory actually started selling the finished tablets directly on Taobao, so people who weren't even part of the IndieGoGo campaign could buy them for LESS than the IndieGoGo perk amounts. [3]
It was only after the community found out about the factory direct sale that Jolla admitted to anything. There was extreme backlash from the community for being lied to, and eventually to stop the extremely negative PR, Jolla offered a partial refund for contributors. Their CEO even showed up for a token apology, it was lip service at its best.
In May this year, they offered backers 50% of their contribution back as a refund, with the other 50% being refunded in 2017 with "our financial situation permitting."
I think it would be better just to remove all references to Google servers from Android code and maybe install Play Services while blocking them from connecting to Google (for compatibility with Play Store apps). I don't understand why they decided to rewrite UI wih C++. Is not Java easier to use than C++?
And as a result native Sailfish apps won't run on Android. I doubt there will be many people writing them if OS share will stay low.
Sailfish is nothing like Android, its a continuation of Nokia's old Meego platform, its built on the same tech stack which closely mirrors what you have running on a desktop Linux machine.
There is no JVM unless you install the Emulation layer yourself.
I'm sad that the US keeps pushing other countries away from our platforms, but I do think better competition will come out of it.