Alan Cox is generally referred to in the open-source developer community as a "kernel hacker" -- someone whose programming responsibilities cover the Linux kernel, or core, itself. His role of organising and applying improvements is vital.
At an interview with ZDNet UK in Swansea he spoke on the latest challenges for Linux at the high- and low-end, the arrival of revolutionary 64-bit hardware and why it's hard to argue with the economics of open-source software.
Q: Bob Young said in an interview recently that he doesn't see Linux becoming a mainstream desktop operating system, but will control things from behind the scenes by taking over the Internet. What's your view on desktop Linux?
A:Last week I was talking to somebody who was looking to replace 20,000 desktops with Linux. That's not by any standard unique. What's happening at the moment is that people who are looking at it tend to have a very definite application set, and they're looking at it as a case of, I can kit out one office with Windows, or I can kit out vast numbers of systems with Linux, with StarOffice. If you want a staff licence for a huge company with support, you're still looking at £100,000 maybe, at most, and that's first-class support. So the difference between that and the Windows world is astronomical. There are a lot of cases where they say, I've got this collection of desktops, which I can say this software, this software, yes, I can do that with Linux. Then they've got other desktops where they're running things like Sage, which, there's no way of running Sage on Linux at the moment so those people are stuck on Windows. But there are people out there and they're looking. And as that desktop market grows there will be more incentive for people to sell software to it. So hopefully that will begin to build a cycle in which more and more software becomes available on the Linux desktop. Will Linux be able to provide a consumer desktop for people?
In time. In many ways the consumer market is the hardest to crack. One of the problems is, it's an interesting question whether the consumer PC market in its current form will actually survive. If you look at what the large number of people want, they want the Web, they want the Internet, they want email. And what they think of as the Internet is actually quite limited. They don't want a PC, they want a box. They'd kind of like it so that if it goes funny they can just press the off button and nothing odd will happen. They'd prefer it too stupid to catch viruses. It doesn't need to be able to do all sorts of fancy things, so why make it virus-capable, so to speak. In the gaming world, as the games consoles get better and better and the competition is increasing in that area, the game prices are going to go down to the level of PC game prices, so if you're just a gamer, why buy a PC? So I could see in a few years' time owning a home PC becomes kind of like the Black & Decker DIY kit -- it's something people have because they enjoy that kind of thing, not something people have because they want to get on with certain specific tasks. At the moment there are a lot of people who have a computer because they want email or have a computer because they want the Internet, and more and more people are starting to address that with appliances, some of which are Linux-based, some of which are not. So I'm not sure how relevant the home market is in the longer term. One of the main draws of the PC has been its ability to adapt when new applications -- like the Internet -- arise. Could specialised devices really have the same appeal?
Some of the adaption is important. But at the same time, the new things are becoming more and more Internet-focussed -- it's not a new application you've got, it's a new toy on the Internet. You didn't upgrade your PC software to do online travel booking, you discovered that Yahoo! now does it. You didn't upgrade your PC in order to start participating in online auctions, you just pointed your browser at eBay or wherever. And that's more and more becoming the case. Where you do need simple applications, there's a lot of evidence that Java can deliver the simple applications. And the set-top boxes get faster and faster so Java is less and less a barrier. A lot of Linux start-ups have gone bust in recent months. Does that bother you?
Not really. You look at the market and a large number of dot-coms went out of business, both proprietary and open-source ones. And one thing you'll see absolutely in common, the ones that survived in each case are the ones with credible business models and good management, particularly good financial management. Basically the people who are running competent companies will survive. How far would you like Linux to go in the operating system market, ultimately?
I would like to see it go as far as it can and is still useful. There shouldn't be one big worldwide operating system like there is with Microsoft, people's needs are very different in different situations. Eventually something will come along and replace Linux, but the good thing about open source is that when that happens, people will still be able to take Linux and build code on top of it. A good example of the flexibility of Linux is in internationalisation. Because it's open source, anyone can pick that code up and adapt it, and do it with all their own cultural nuances. At one point Iceland had a problem because Microsoft looked at it and said, here's a small country, we won't be doing an Icelandic version of Windows anytime soon. This was unfortunate for Iceland as they are rather attached to their language, having spoken it for more than 1,000 years. So some guys took Linux and translated it into Icelandic. What do you think of the recent draft protocol from the IETF (Internet Engineering Task Force) regarding how bugs are reported? Some people felt it had been unduly influenced by Microsoft.
It's Microsoft-influenced in a way. It's a hard problem. There are two arguments: one is that you keep your mouth shut so that the bad guys don't find out about it. The other way is that you go out and tell everybody about it right away, so that people can protect themselves. Under the Linux vendor-sec, the Security Auditing Project, there are time limits and if it isn't fixed by then, the bug will go out, because the bad guys will find out about it whether it's public or not. And if something is already public, it goes out straight away. Hopefully the IETF protocol can come up with not rules, but good guidance. Do you feel it's tending in a good direction so far?
It's too prone to let things run and run and run. I once reported a bug to Sun, and it took them over a year to fix it, and that was a security hole. If the vendor hasn't fixed the bug in 28 days, then tough -- after that you're not reporting bugs, you're covering up for a company's incompetence, and there's a very big difference. Besides being a kernel hacker, you're a bit of a cult figure or role model among open-source developers. Are you aware of that, does it affect you at all?
Not particularly. I try and avoid those situations. I don't tend to lurk where people can find me. See Part I: The future of the Linux kernel and open source