summaryrefslogtreecommitdiff
path: root/open-source-101-pms.txt
diff options
context:
space:
mode:
authorSarah Sharp <sarah@thesharps.us>2016-04-05 04:39:22 -0700
committerSarah Sharp <sarah@thesharps.us>2016-04-05 04:39:22 -0700
commit7d4c683a94eb91f89c5024736aaf257e24d66e91 (patch)
treefb601bd9ff9826592402b5672b1ee1f181438ae0 /open-source-101-pms.txt
parenta4f67694f4a9b4c29b7dea24e4af5ac64a016517 (diff)
downloadcorporate-foss-training-7d4c683a94eb91f89c5024736aaf257e24d66e91.tar.gz
corporate-foss-training-7d4c683a94eb91f89c5024736aaf257e24d66e91.zip
Flesh out arguments for FOSS for PMs.
Signed-off-by: Sarah Sharp <sarah@thesharps.us>
Diffstat (limited to 'open-source-101-pms.txt')
-rw-r--r--open-source-101-pms.txt64
1 files changed, 64 insertions, 0 deletions
diff --git a/open-source-101-pms.txt b/open-source-101-pms.txt
new file mode 100644
index 0000000..64da5c2
--- /dev/null
+++ b/open-source-101-pms.txt
@@ -0,0 +1,64 @@
+1. FOSS quality
+
+1a. Security Myths:
+
+Anyone can see open source code, so it's easier to create security exploits.
+
+CVE data shows Microsoft products have more critical venerabilities than Linux
+products:
+
+http://www.cvedetails.com/cvss-score-charts.php?fromform=1&vendor_id=33&product_id=&startdate=2011-04-04&enddate=2016-04-04
+http://www.cvedetails.com/cvss-score-charts.php?fromform=1&vendor_id=26&product_id=&startdate=2011-04-04&enddate=2016-04-04
+
+Hiding code does not make a product safer.
+
+
+1a. Maintainability
+
+Car manufacturers get most of their software stack from third-party vendors who
+put all the security liability on the manufacturers. There is no incentive to
+update or keep their software secure. Since, car manufacturers have such a long
+ramp-up time for safety approval and they have to maintain the car software
+stack for 7-10 years, they are turning to open source.
+
+http://embedded-computing.com/articles/the-car-its-about-integration/
+
+"What's not so obvious is that as complexity grows, the ability to innovate
+shrinks. Why? Because if more and more of your development time and resources
+are spent managing development options, associated requirements, and integration
+testing, less time, money, expertise, and creative energy are available for
+invention."
+
+"Open source maintainership is for life."
+
+
+
+5. Cost of technical debt
+Talk dollars
+
+Android devices vs kernel versions and dates (as of March 31, 2016)
+
+Android Version |API Level |Linux Kernel in AOSP |% of Android devices |Kernel release date |Latest stable version |# of patches to port
+--------------------------------------------------------------------------------------------------------------------------------------------
+1.5 Cupcake |3 |2.6.27 | | | |
+1.6 Donut |4 |2.6.29 | | | |
+2.0/1 Eclair |5-7 |2.6.29 | | | |
+2.2.x Froyo |8 |2.6.32 | | | |
+2.3.x Gingerbread |9, 10 |2.6.35 | | | |
+3.x.x Honeycomb |11-13 |2.6.36 | | | |
+4.0.x Ice Cream San|14, 15 |3.0.1 | | | |
+4.1.x Jelly Bean |16 |3.0.31 | 8.1% |2012 | |
+4.2.x Jelly Bean |17 |3.4.0 | 11.0% |2012 | |
+4.3 Jelly Bean |18 |3.4.39 | 3.2% |2013 | |
+4.4 Kit Kat |19, 20 |3.10 | 34.3% |2013 | |
+5.x Lollipop |21, 22 |3.16.1 | 36.1% |2014 | |
+6.0 Marshmallow |23 |3.18.10 | 2.3% |2015 | |
+
+sources:
+http://android.stackexchange.com/questions/51651/which-android-runs-which-linux-kernel
+http://developer.android.com/about/dashboards/index.html
+
+QUESTION: Do phone manufacturers choose to use an older version of AOSP so they
+can run on cheaper hardware? Or is the above chart just showing the aging of
+older phones?
+