I second this motion. I can attest to the FDA and DoD as being insane to work with or for on several levels. They both need ridiculous amounts of paperwork, much of which is useless. But since someone at the govt said its needed, we must document it, record it, and store it for quite some time. We still are managing insane amounts of PAPER paperwork.

And its not just that which goes into our final sale product, but the equipment itself. We have varying levels of holds while parts are validated, but it can get as long as 90 days, where any part that is sold with an unvalidated piece of equipment must sit until the whole validation procedure is complete. Thats inventory that cannot be sold, employees paid well before a sale, and real estate that is wasted on making the feds happy.

This is why nothing is cheap. The fiasco we call the feds.

Sadly the single user Linux/BSD versions are horrid and borderline useless. The decent ones are all 25/50 license packs minimum. Trust me, every month I pester them all about making at least the CLI version available for sale at the standard $40-50/yr cost that the full Win32/Win64 versions cost. Nobody is sofar. I would prefer to release my repair shop from needing a copy of Windows on any of my repair systems, since ALL other tasks can be done in Linux (or BSD for that matter, and Solaris).

1) That is a non-issue because you will fall into two very simple (across the board) methods. Either release a new package or if you are using something akin to Loki's Update tools, then it is implied that you will be using that tool to update the application (I see the latter to be more useful for companies too lazy to sell their software and update it with a repo).

2) Good point. But since we all trusted Microsoft at one point and many of us no longer (from a coding quality standpoint that is), that will be the case with another hapless company due to lazy auditing procedures.

Although, on your second point, which is an amazingly spot on point that we techies are going to have to solve, didnt Fedora run into that issue not too far back? If I am not mistaken, a new set of keys were reissued, but I am not certain as to what else. Perhaps that is a lesson we could learn somthing from. Or maybe not.

Great post though, Shadow.

Actually, don't forget that of the two most mainstream distros -- Fedora and Ubuntu, any sane user has ZERO need for a package or repository that:

A) Doesnt scrutinize the living snot out of each contributor.
B) Doesnt enforce digitally signing of the packages.

And yes I do mean ZERO. Flash, Java, all FLOSS supported, all FLOSS unsupported, etc can all be attained thru SAFE channels. I must say that Ubuntu's were more blatantly in the user's face, but the Red Hat variants certainly have them too.

Though, personally, after not using Ubuntu for a few releases now, I cannot say if they are setup by default to nag the snot out of an unsigned package or repository, but Fedora and RHEL do (and thus CentOS).

To me this should be a simple reinforcement of WHY the old bearded ones act the way they do. But this is hardly a slam on linux, but rather of gnome-look's pathetic acceptance policies, and the need to utilize proper repos and packages.

Had to say it.
Thanks much,
Andrew.