How did you get started working in the software industry?
Martin Pool: Pretty standard, probably: I had a C64 and then an Amiga as a kid; I did an Engineering degree at the University of Queensland and worked for a couple of software companies in Brisbane. I could see that free software was going to be revolutionary, and I moved down to Canberra to work at Linuxcare doing Linux services. The last couple of years I've been working on various Linux-related things at HP.
Subscribe to Builder Magazine
This article first appeared in Builder Magazine. To subscribe to the free quarterly magazine visit our subscription centre.
Why did you decide to develop open source software?
MP: Many years ago I downloaded a copy of GNU emacs and GNU cc (onto 3.5in floppies!) and I was just amazed that people were writing and giving away all this great software. So part of it was reciprocity: the GNU compiler people have given me so much, so I'm happy to be able to give them something useful in distcc.
Later on, I was using Windows and got really frustrated by the limitations and bugs in the system. It would crash, or give some stupid error, and as a user there was nothing you could do: you couldn't fix it, and there wasn't even much point trying to report bugs.
Linux had bugs and limitations too, but at least you could find out what was going wrong, and there was some hope that it might get fixed.
For somebody learning the technology it was just great to be able to pull it apart and see how it works. I got a buzz from making a tiny kernel change to print my name at startupÃ¢â¬"I think this is the standard first hack.
I sometimes wonder whether if the Microsoft monopoly had not been so harsh and the technology so poor, then people might not have been compelled to switch to Linux. I think the boom in open source has partly happened as a counter-reaction to the Windows monopoly, and partly because the net makes it so easy to cooperate.
Microsoft are now shipping GPLed software! That's a little amusing after all the nasty things they've said about the GNU GPL, but it's basically a good thing. Just about all technology companies are now working in open source to at least a small degree. This is a remarkable change from just five years ago, when most people were very skeptical that it would ever take off. Seeing Microsoft ship open source software is a bit like seeing the Berlin Wall fall. After so many years of denial and propaganda, they're finally saying (very quietly) -you know, a bit of freedom can be good".
In 2003 you won the Technology award in the Australian Open Source Awards for distcc. How does it feel to get official recognition from your peers in Australia?
MP: It was nice to get the award. It means even more to me when individual developers and particularly people who are doing free software write and say they like it.
Why did you decide to start distcc?
MP: We had a spare machine, and I was working on some large software trees that took a long time to compile. I kept thinking it would be nice if there was a way to use the spare hardware to speed up my work, but nothing available seemed to fit the bill.
One morning I just woke up with the design in my head. I suppose I'd been dreaming about it. I explained the idea to Tridge [SAMBA creator Andrew Tridgell] who said he didn't think it would work, so of course I had to prove him wrong.
What is your role at HP? What does your typical day include?
MP: I work for the group that produces Itanium servers, and I think the majority of our customers are running Linux. I think we may be the first major computer platform where the de-facto standard OS is open source.
I work on manageability software for Linux on HP server hardware. It's based on the open-source OpenPegasus framework. This is about letting you use open protocols to interrogate and control servers while they're on line, to find out about errors or warnings, upgrade firmware and so on.
During a typical day I do some development work and also try to fix some general Linux bugs to improve the customer experience on [the] IA64 [platform].
Has the SCO lawsuit against IBM changed the way that you accept or review code?
MP: I don't think SCO's FUD should scare people away from developing or using free software.
Every project I've worked on has kept a record of who committed each change and when. The provenance of every line of code is on the public record, as with most projects. I think there is probably already adequate documentation for the kernel; it will just take a while to unfold in court.
I know several projects have dropped support for SCO systems, or are thinking about it. I don't think I would personally spend my time supporting them.
From what I've read about the case, I think Linus [Torvalds] is right: -SCO are full of it". I've never seen a case of a free project copying some proprietary code, but I've heard of several proprietary projects copying someone else's either free or proprietary code.
What are some of your pet peeves about the open source model?
MP: What probably peeves me most is the attitude of entitlement in a small minority of users, who place lots of demands on developers without contributing either technically or financially.
Hardware support is still not as good as it should be: installing Linux on a laptop or getting free drivers for some hardware can be frustrating. It's definitely improvingÃ¢â¬"I got an HP photo printer for Christmas and it basically worked out of the box with Linux and the Gimp. I hope that that in 2004, manufacturers will really deliver on making everything work well with Linux.
I suppose the economic model for open source is an ongoing experiment. All other things being equal, it's better in many different ways for users to have access to the source of their programs. But it can be hard to build strong businesses on that. It's getting better: people are finding different things that work.
What advice can you give developers who want to make their software more secure?
MP: As Bruce Schneier says, security is a process: you need to design well up front, but also be responsive to bugs and communicate well with the community.
Read as much as you can to try to avoid repeating other people's mistakes. David Wheeler's Secure Programming HOWTO (www.dwheeler.com/secure-programs/) is a good place to start.
One thing that should be said more often is: don't make your program security-critical if you can avoid it. For example, distcc can use OpenSSH as a network transport, so that all compile jobs are sent across a strongly-encrypted and authenticated channel. This pattern is also used by CVS and rsync, amongst others. Not only does this make the connection more secure, but it also means distcc can basically not worry about network attacks and rely on SSH.
What advice would you give to other developers who want to get involved in open source software?
MP: A good way to start is to report or try to fix bugs that you find when you're using free software. You can learn a bit about how the software works and how the community works, and you might even get your bug fixed. Free software maintainers will often be very happy to hear problem reports, if you include useful information and do it politely. It's good to be clear about your motivations for a particular project.
Sometimes you just want to play and learn, which is fine, and your work doesn't need to be practical. Sometimes you want to build something useful, or gain fame and fortune, and that ought to shape what you work on. It's better to solve a small problem that hasn't been fixed before, than to write yet another mail client or announce a grandiose project that's never complete.
Keep in mind the limits on your time. If you're doing it in your spare time you need to identify a problem where you can get something working in just a few thousand lines of code, or you'll probably give up before it works.
What do you like doing when you're not in front of a computer?
MP: I like spending time with my girlfriend and riding a motorbike.