maintainability

From Kicksecure
< Dev
Jump to navigation Jump to search

This page discusses the practical limitations of implementing certain features within the Kicksecure project due to maintainability concerns.

Introduction[edit]

While the ambition to innovate is always present, some desired features may be unrealistic to implement due to various constraints. For instance, the initiative to develop a hardened kernel has been stalled due to limited resources and the complexity of the task.

Related Development Philosophy[edit]

Kicksecure's development philosophy emphasizes maintainability and aligns with the following principles:

Existing Maintenance Load[edit]

(Whonix is mentioned here because maintainers of Kicksecure are also maintainers of Whonix.)

The Issue of Open Source Funding[edit]

One of the core challenges is the absence of a sustainable Open Source business model, as discussed in Open Source Business Models. The Kicksecure project, like many others, struggles to find a stable income stream to support even a small team of full-time developers.

Lack of Automated Testing[edit]

Automated testing is a wanted feature since 2018 if not earlierarchive.org. A contributor has implemented CI testing for derivative-maker image buildsarchive.org but the actual testing of the images, upgrading, various platforms is a huge task and isn't implemented yet.

If automated testing (CI) was implemented then it might be possible to maintain more things since less time would be required for testing.

The High Cost of Custom Solutions[edit]

Venturing into projects like maintaining a custom (hardened) kernel, for instance, is beyond what is considered manageable, given the current resource constraints. The history of security, privacy, and anonymity-focused operating systems is littered with projects that are no longer updated and can be considered abandoned:

This pattern is not exclusive to security-focused distributions; a quick review of Linux distributionsarchive.org shows that many have been discontinued.

Tails on Maintainability[edit]

The Tails project shares similar views on the maintainability of Linux distributions. Their insights are well-regarded and align with Kicksecure's experiences:

Many, many Live system projects — including a few ones that aimed at enhancing their users' privacy — have lived fast and died young. We explain this by their being one wo/man efforts, as well as design decisions that made their maintenance much too costly timewise and energywise.Tails: Focus on low-effort maintainabilityarchive.org

The Reality of Open Source Maintenance[edit]

The discontinuation of Linux distributions is often attributed to various factors, including health issues, financial constraints, burnout, and the perception of insufficient impact or appreciation. Below are some testimonials from Open Source maintainers detailing their experiences:

Practical Examples[edit]

working system is much easier to debug than a dead one[edit]

philosophy that a working system is much easier to debug than a dead onearchive.org

Conclusion[edit]

In light of these challenges, to safeguard the sustainability of Kicksecure, features that demand high maintenance will not be pursued.

See Also[edit]

We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!