Re: [kde-community] A new home for Mozilla Thunderbird at KDE?

2016-04-26 Thread Mirko Boehm - KDE 

> On 26 Apr 2016, at 19:54, Boudhayan Gupta  wrote:
> 
>> There's also the problem that Thunderbird is a massive codebase with
>> few people working on it, and built on technology that's predictably
>> legacy (Gecko will ultimately die in favor of Servo; also nobody at
>> Mozilla seems to like XPCOM or god forbid XUL for years now). These
>> pose significant hurdles to the Thunderbird project I'm not convinced
>> it can scale, even with our help.
>> 
>> Incubator, yes. Project cemetary, no. I think cost/benefit and outlook
>> say 'no' here.
> 
> I'm going to second Eike here. My gut feeling says Thunderbird is
> going to go the way of Apache OpenOffice, and we'd just be a graveyard
> for it, not an incubator.

+1. -1 for adopting Thunderbird. 

Unless a large group of contributors show up spontaneously that is really 
enthusiastic about working on it. 

Cheers, 

Mirko.
-- 
Mirko Boehm | mi...@kde.org | KDE e.V.
FSFE Fellow, FSFE Team Germany
Qt Certified Specialist
Request a meeting: https://doodle.com/mirkoboehm



___
kde-community mailing list
kde-community@kde.org
https://mail.kde.org/mailman/listinfo/kde-community

Re: [kde-community] user stats for Neon

2016-04-14 Thread Mirko Boehm - KDE 
Hi!

> On 14 Apr 2016, at 15:16, Jonathan Riddell  wrote:
> 
> A while ago Albert gave a talk at Akademy about collecting some data
> on our users.  This got me thinking and with Neon I wanted to see how
> many installs we had.  Our package install software will check for new
> versions being available and I could count the IPs of this check but
> that's very unreliable.  Canonical counts IPs from the NTP ping at
> boot up but of course it's only useful at best as a relative metric of
> numbers of installs not absolute numbers.  So I added a machine-id to
> the URL it checks which is the unique value set at install time by
> systemd (/etc/machine-id) so now it has a good idea of being able to
> count the number of installs.
> 
> But KDE cares about privacy and it's in our Vision and I don't want to
> be accused of violating that.  But currently I can't see how this can
> violate users privacy any more than an IP address can so I'm curious
> to hear what arguments might come up against this.

I believe that as long as we are transparent about it, this should be fine. 
Maybe, just maybe, there could be a way to turn it of for very 
privacy-sensitive users.

Cheers, 

Mirko.
-- 
Mirko Boehm | mi...@kde.org | KDE e.V.
FSFE Fellow, FSFE Team Germany
Qt Certified Specialist
Request a meeting: https://doodle.com/mirkoboehm



___
kde-community mailing list
kde-community@kde.org
https://mail.kde.org/mailman/listinfo/kde-community

Re: [kde-community] Results from the Mission Survey

2016-07-29 Thread Mirko Boehm - KDE 
Hello Thomas, 

> On 29 Jul 2016, at 01:04, Thomas Pfeiffer  wrote:
> 
> I'm sorry for taking so long with the survey analysis (analysis and 
> documentation of survey results always end up taking longer than expected), 
> but now finally I've prepared a presentation of the results of the first 
> round of analysis of the survey I did for input on KDE's Mission statement.
> This is just plain results, no interpretation.
> I said "first round" because I'm ready to do perform further analyses if 
> these results leave important questions open (if they can be answered from 
> the data, of course).
> If you'd like me to dig deeper somewhere, feel free to tell me!

Excellent work, thanks. And there are some interesting insights already. 
Besides minor differences, contributor and user interests are pretty much 
aligned, for example. Or that we are good at retaining long-term contributors.

> If anybody would like to get the raw data to do their own analyses, that's of 
> course possible as well.

I would definitely be interested in the raw numbers. How can I access them?

> With this, I leave you to the graphs and numbers, hoping that the results 
> will help us make confident decisions about our Mission statement (I think 
> they do).

Thanks, all the best, 

Mirko.
-- 
Mirko Boehm | mi...@kde.org | KDE e.V.
FSFE Fellow, FSFE Team Germany
Qt Certified Specialist
Request a meeting: https://doodle.com/mirkoboehm



___
kde-community mailing list
kde-community@kde.org
https://mail.kde.org/mailman/listinfo/kde-community

Re: We now have an Advisory Board

2016-10-03 Thread Mirko Boehm - KDE 
Hello!

> On 2 Oct 2016, at 17:26, Thiago Macieira  wrote:
> 
>> Feel free to talk to them about the possibility and get them in touch
>> with the board (or with any of us if it feels more adequate).
> 
> The LF is a non-profit.


A nit-pick - the LF is a trade association, not a non-profit/not-for-profit 
entity. Eben Moglen wrote about why this matters here: 
https://www.softwarefreedom.org/blog/2016/apr/11/lf/ 


In our case, I do believe that this makes the LF an even better candidate to 
invite to the advisory board.

Best,

Mirko.
-- 
Mirko Boehm | mi...@kde.org | KDE e.V.
FSFE Fellow, FSFE Team Germany
Qt Certified Specialist
Request a meeting: https://doodle.com/mirkoboehm

Re: Telemetry Policy

2017-08-16 Thread Mirko Boehm - KDE 
Hi,

before this gets completely out of hand: The cited German data protection 
regulations are often misunderstood, even by people that pose as experts. They 
are also often (mis-)used as killer arguments to support political or personal 
opinions. If we start collecting telemetry data, we should get an assessment by 
a lawyer (!) that the way we handle the data is correct. However, it can 
certainly be done correctly and in a way that protects individual privacy and 
supports the improvement of our software.

Technical argument: If IP addresses are a concern, would it be an option to run 
them through a one-way hash function on the client side before submitting the 
data?

Best,

Mirko.

On Wed, Aug 16, 2017 at 11:08 AM Volker Krause > wrote:
On Wednesday, 16 August 2017 10:21:11 CEST Ben Cooksley wrote:
> On Mon, Aug 14, 2017 at 11:40 PM, Volker Krause  > wrote:
> > I agree on the proposed wording changes, so focusing on your technical
> > points below.
> >
> > On Monday, 14 August 2017 11:53:17 CEST Ben Cooksley wrote:
> >> I've got two technical notes here:
> >>
> >> 1) All products should fetch details on where to submit telemetry data
> >> from an online configuration file similar to
> >> https://autoconfig.kde.org/ocs/providers.xml 
> >> 
> >>
> >> This would give us the capacity to version the telemetry server api,
> >> and potentially even "kill" telemetry submissions from older
> >> application versions if needed.
> >>
> >> 2) No software product should use the QNetworkAccessManager family of
> >> classes due to known defects in it's operation within some versions of
> >> Qt which cause infrastructure problems.
> >
> > The current implementation uses QNAM, but actually has code to handle HTTP
> > redirects correctly (with unit test coverage), I assume that's the issue
> > you are referring to? This also has been tested all the way back to Qt4.8
> > as part of the existing deployment in GammaRay.
>
> That's one of the considerations yes. I'm hopeful that nothing else in
> it will be found to be broken behaviour wise but have much more faith
> in KIO here.
>
> > I don't mind adding the extra indirection with the configuration file,
> > although just from the XML I don't see yet what that would provide beyond
> > HTTP redirects. Are there certain information (e.g. the app version)
> > passed already as part of the request for the configuration file? Or can
> > there be conditional aspects not currently present in the above example?
>
> The extra indirection is basically to give us the option to shift the
> endpoint elsewhere at some point without having to keep the old one
> alive even as a redirect.

Isn't that just shifting the requirement for the "stable" endpoint to the
configuration one? But if that's easier we can of course add that. Are there
any formats/standards you have in mind for this, or any parameters the GET
request should contain?

> I'm also concerned that we could potentially run into issues if the
> system doesn't do any GET requests. From what I recall unless the
> server and client support a specific RFC then redirecting POST
> requests isn't something one can rely on here (your code might handle
> this properly, I certainly wouldn't trust QNAM to do so given their
> stance on optional behaviour in HTTP RFCs)

Correct, QNAM doesn't support POST redirects itself. But since we deal with
redirects ourselves anyway, that's not really an issue. On the server I
haven't run into issues yet, even the super primitive HTTP test server built
into PHP can handle it. POST redirects aren't particularly elegant though, as
you are sending the payload multiple times. So the extra GET might be a better
solution anyway.

Regards,
Volker


--
Mirko Boehm | mi...@kde.org | KDE e.V.
FSFE Fellowship Representative, FSFE Team Germany
Qt Certified Specialist and Trainer
Request a meeting: https://doodle.com/mirkoboehm



signature.asc
Description: Message signed with OpenPGP

Re: Collecting requirements for a KDE-wide instant messaging solution (was: Re: radical proposal: move IRC to Rocket.Chat)

2017-08-16 Thread Mirko Boehm - KDE 
Hi Thomas,

thanks for this issue forward with a rather constructive approach!

> On 16. Aug 2017, at 03:20, Thomas Pfeiffer  wrote:
> 
> I have now cleaned up  https://notes.kde.org/p/KDE_IM_requirements 
>  by removing
> duplicates, removing all discussion / comments (so only plain requirements are
> left) and rewording most requirements to that they have a somewhat common
> wording.
> 
> The next step will be to turn this into a Kano survey which will be used to
> prioritize them (will do that tomorrow).


I think this is exactly what is needed. The requirements collected right now 
are a superset of anything anyone could ever wish for. I am really interested 
in seeing them prioritised and the bottom 20% of them scrapped :-)

Best,

Mirko.
--
Mirko Boehm | mi...@kde.org | KDE e.V.
FSFE Fellowship Representative, FSFE Team Germany
Qt Certified Specialist and Trainer
Request a meeting: https://doodle.com/mirkoboehm



signature.asc
Description: Message signed with OpenPGP

Re: Survey for prioritization of requirements for an IM/chat solution for KDE

2017-08-18 Thread Mirko Boehm (KDE) 
Hi,

> On 18. Aug 2017, at 02:11, Thomas Pfeiffer  wrote:
> 
> I've finally managed to enter all of our proposed requirements for a KDE-wide 
> primary IM/chat solution into a tool for creating Kano surveys:
> 
> http://www.kanosurvey.com/?id=3959 
> 
> The Kano model [1] categorizes features not just in "must have" and "nice to 
> have" but into five categories along two dimensions.
> This results in a more holistic view on the requirements, at the expense of 
> making the survey quite long because participants have to rate each feature 
> on 
> two dimensions.

I walked through the questionnaire and filled it in. Looks good overall.

Here are some comments:
It may make sense to split the "FOSS clients available for desktop (at least 
Linux/BSD + Windows) as well as mobile” into 3 for Linux, Windows and mobile. I 
personally care for Linux, OSX and mobile, and not in the least for Windows, so 
this was difficult to answer.
"Client has low resource usage (so most likely no web or electron apps)” 
combines two things that are initially unrelated. Of course I want low resource 
usage, but I also want a web app for platforms where no native clients are 
available.

It did not take very long to fill in the survey. 

Thanks!

Mirko.
-- 
-- 
Mirko Boehm | mi...@kde.org | KDE e.V.
FSFE Fellowship Representative, FSFE Team Germany
Qt Certified Specialist and Trainer
Request a meeting: https://doodle.com/mirkoboehm

Re: Telemetry Policy

2017-08-17 Thread Mirko Boehm - KDE 
Hi,

> On 17. Aug 2017, at 01:46, Thomas Pfeiffer  wrote:
> 
> Hi Valorie,
> Even if opt-out for some data is legally and even morally fine, it does not
> align with the values we communicate to our users:
> Unlike Mozilla's Mission, our Vision mentions privacy explicitly, and we're
> striving to make privacy our USP.

We seem to assume a contradiction between telemetry and privacy. I believe this 
is a knee-jerk reaction. We can implement telemetry in a way that privacy is 
not violated. In fact, I would say that it follows from our vision that we 
should do this.

Cheers,

Mirko.
--
Mirko Boehm | mi...@kde.org | KDE e.V.
FSFE Fellowship Representative, FSFE Team Germany
Qt Certified Specialist and Trainer
Request a meeting: https://doodle.com/mirkoboehm



signature.asc
Description: Message signed with OpenPGP

Re: FOSS-North

2018-03-01 Thread Mirko Boehm (KDE) 
Hi,

> On 1. Mar 2018, at 15:03, Adriaan de Groot  wrote:
> 
> While it's -8 in the Netherlands and the whole country hardly knows what to
> do, I'd like to point out it's warmer in Sweden.
> 
> There's a one-day conference, FOSS-North, to be held late april.
> 
>   http://foss-north.se/2018/ 
> 
> The CfP is still open, so we could send in one or more talks about .. stuff.
> 
> I was also approached if KDE (and GNOME) want / can staff a booth at the
> conference, where we could demo .. stuff. Whatever. Experiment with
> merchandise. Show off more Plasma 5.12 LTS improvements. Play with
> electronics.
> 
> Would anyone (other than me) be interested in submitting a talk / helping with
> a booth? (I would also use this conference as an excuse to give Sune back his
> blue KDE tablecloth)
> 
> Unfortunately, both the PIM and Plasma sprints are that same weekend, so we're
> missing a bunch of potentially interesting speakers.

FOSS-North is definitely a cool conference with its own kind of scandinavian 
crowd. I spoke there once. I cannot go this year as it is right after the legal 
and licensing workshop, and we are hosting the Plasma sprint in our office in 
Berlin :-) However I would encourage submissions and, especially if there are 
interested local people, a booth.

Cheers,

Mirko.
--
Mirko Boehm | mi...@kde.org | KDE e.V.
FSFE Fellowship Representative, FSFE Team Germany
Qt Certified Specialist and Trainer
Request a meeting: https://doodle.com/mirkoboehm



signature.asc
Description: Message signed with OpenPGP

Re: Licensing policy change proposal

2019-01-28 Thread Mirko Boehm (KDE) 
Hello,

> On 28. Jan 2019, at 13:23, Krešimir Čohar  wrote:
> 
> I don't think there are any problems with using public domain images, and 
> even if there were I'd rather view them as challenges to overcome than 
> obstacles to avoid.

This is not necessarily a question of what we think. This is a question of what 
we as a community can and should distribute. For that, we need at least 
explicit permission from the author, as in a FOSS license. There has been a 
very long debate on the use of public domain works in FOSS, and the summary 
AFAIK is “it is complicated” and “it depends on the jurisdiction”. A great 
summary can be found here: https://opensource.org/node/878: 
 "an open source user or developer cannot 
safely include public domain source code in a project."  

> 
> > These are both non-free licences and we can not ship files which can
> only be copied with their restrictions.
> 
> Why not? As far as Unsplash goes, their only restriction is not to start a 
> competing service, which is not even remotely what we are trying to do. 
> Surely that is a reasonable and acceptable restriction. It's not unlike the 
> copyleft restrictions ("freedoms") of the GPL.

Because we are a free software community.

I think we need to untangle the discussion:

The Unsplash license looks like a FOSS license to me.
The Pexel license is clearly not a free software license as it comes with other 
restrictions.
The CC0 and other public domain licenses bring in complexity without a clear 
benefit.

Cheers,

Mirko.
-- 
Mirko Boehm | mi...@kde.org | KDE e.V.
FSFE Team Germany
Qt Certified Specialist and Trainer
Request a meeting: https://doodle.com/mirkoboehm

Re: Licensing policy change proposal

2019-01-28 Thread Mirko Boehm (KDE) 
Hi,

sorry, but this email contains a lot of assertions that cannot stand.

> On 28. Jan 2019, at 14:28, Krešimir Čohar  wrote:
> 
> >It violates the Open Source definition, especially the rule against 
> >discrimination against use or user. This has been a long-time yardstick for 
> >the KDE community.
> There isn't any discrimination? As long as the operators of the website are 
> being truthful, no one's rights have been violated without consent seeing as 
> they were waived voluntarily. Also, if I'm not mistaken, open source =/= free 
> and open source.

FOSS licenses need to work transitively. We as a community distribute so that 
other can freely use and redistribute. Any restrictions against certain types 
of use undermine that. That is why the Open Source Definition disapproves any 
such restrictions.

> >There is. We cannot prove that we have explicit permission from the author 
> >to use or distribute the work. We also have no way of tracking that who 
> >submits the work to our channels has the right to do so. The idea of “public 
> >domain” only really works for works where copyright has expired.
> 
> Several specious arguments here.
> First, while it is hardly impossible to acquire proof that the authors' 
> rights have been waived, I would surmise that it is rarely done.

Not the point. That is like arguing you can speed if you don't get caught.

> In addition, if the operators of the website are, again, being truthful, they 
> are the copyright holders and there is simply no need to ask anything of the 
> original authors.

The creators of the work are the authors and give the license, not the web site 
operators. Unless that is the same person. You get the idea. 

> Second, no way of tracking if the person submitting the work has the right to 
> do so? Isn't that covered in the license itself? Or are you just saying that 
> we simply don't know if they're lying?

That argument was specifically for public domain works. If a work comes without 
information about the copyright holder, how can we know if we can use it? Who 
gives the public domain dedication? How can you prove it? What if the author 
changes their mind? …

> Third, I wholeheartedly disagree. Not only does the public domain cover 
> intellectual properties the rights to which have been waived (in addition to 
> property whose copyright has expired), it also covers a variety of other 
> situations, see more here: https://www.bitlaw.com/copyright/unprotected.html 
> 
So much confusion. This web site speaks about US copyright law, where public 
domain dedications exist. Our responsible legal body is in Germany.

> A great example of this are movies, television series, books with the same 
> name because titles, names etc. don't receive copyright protection (and are 
> hence public domain).

There is a difference between something not being creative enough to be 
separately copyrighted and something being public domain. From one does not 
follow the other. If we need to discuss this, there are a couple of 
knowledgeable people on this list. However I think it gets us nowhere and we 
are not the right forum for it.

Best,

Mirko.
-- 
Mirko Boehm | mi...@kde.org | KDE e.V.
FSFE Team Germany
Qt Certified Specialist and Trainer
Request a meeting: https://doodle.com/mirkoboehm

Re: Proposal: Allow REUSE compatible License Statements in License Policy

2020-01-14 Thread Mirko Boehm (KDE) 
Hi,

> On 13. Jan 2020, at 21:18, Johan Ouwerkerk  wrote:
> 
>> - current version of the draft: https://community.kde.org/Policies/ 
>> 
>> Licensing_Policy/Draft_SPDX_v2
>> 
> 
> One thing that is not entirely clear to me is what our position would
> be towards e.g. *.license files or DEP5 files as suggested by the
> REUSE spec.

My recommendation is to choose one. The more widely used and recommended option 
is SPDX. There is more tooling emerging around the SPDX format because of that. 
The REUSE specs give a choice, the focus is on “use a common, machine-readable 
format”. I suggest we use SPDX.

Best,

Mirko.
-- 
Mirko Boehm | mi...@kde.org | KDE e.V.
Qt Certified Specialist and Trainer
Request a meeting: https://doodle.com/mirkoboehm