IRC logs for #trustable for Tuesday, 2016-09-27

*** faybrocklebank has joined #trustable08:35
*** lc_ has joined #trustable09:09
*** lc_ is now known as locallycompact09:10
*** laurenceurhegyi has joined #trustable09:18
laurenceurhegyiI have had a stab at the Project Summary here:
laurenceurhegyiAny comments/feedback on this are very welcome, of course.09:34
locallycompactI don't think it's fair to use subjective in that sense. Subjectivity is essential for classification, reason, etc09:45
locallycompactI would say the problem is the opposite09:46
leeming" We need to change this, and there currently does not appear to be any work on this in the open domain." , no work seems a little strong...little work, is more fitting imo09:52
*** ctbruce has joined #trustable09:53
leemingthere are small niche FOSS projects scattered around, but most are 1 man projects or abandoned/not updated09:54
*** ctbruce has quit IRC09:54
laurenceurhegyilocallycompact, can you elaborate? My angle there was that it is too subjective to have people performing compliance verification. Move subjective than having a tool do it.09:54
*** ctbruce has joined #trustable09:54
leemingthe thing that is true, however, is the integrated CI pipeline of trusted/SCE09:54
leemingbut thanks for the draft laurenceurhegyi :P)09:54
leeming:) *09:54
leemingoops, the lack of integrated CI pipeline projects**09:55
*** ctbruce has quit IRC09:56
laurenceurhegyilocallycompact, by that I mean elaborate on: <locallycompact> I would say the problem is the opposite09:56
locallycompacthaving a tool do it doesn't prove anything unless what happens is intelligible to you and you are convinced of its correctness09:56
laurenceurhegyileeming, ok, ta, I'll amend.09:57
locallycompactthere are plenty of objective verification methods, the problem is there is no mechanism by which you can verify the whole process subjectively09:57
*** ctbruce has joined #trustable09:59
laurenceurhegyiare those methods widely used in compliance verification in SCE, locallycompact?10:08
locallycompactDid we decide what compliance is yet?10:10
laurenceurhegyiOur research so far has been based on the working assumption of compliance and requirements being the same thing (or, at least, functioning in the same way for the purposes of our work).10:17
laurenceurhegyiIt would be helpful to agree on a common definition of what Compliance is. I know the question was asked on the Mailing List.10:18
locallycompactthen I would say yes, most projects that need a minimal amount of assurance generally use objective methods like test suites.10:19
locallycompactdefinitely the goto thing is tests10:20
*** ctbruce has quit IRC10:23
*** ctbruce has joined #trustable10:23
laurenceurhegyiYes, ok.10:25
laurenceurhegyiBear in mind that this an overview and a self-confessed simplified viewpoint. In fact, I have ended up writing a 'Problem Statement' as much as a post saying 'This is what we are aiming to achieve' (because we don't yet know that, of course).10:25
laurenceurhegyiPerhaps I have over-simplified in saying it is 'too' subjective.10:25
*** ctbruce has quit IRC10:27
*** ctbruce has joined #trustable10:27
leemingany ideas -
paulsher1oodleeming: wrong channel, maybe?10:44
* leeming looks at the channel..10:44
leemingnope, said I would post here10:44
paulsher1oodah, ok10:45
leemingthis is for the sandboxlib integration10:45
* paulsher1ood can't help, sorry10:45
leemingand you got me all excited with that ping10:45
paulsher1oodsorry again :)10:46
paulsher1oodif this is bwrap specific, maybe ask where the devs for that are?10:48
leemingi think this is more mount specific tbh10:49
leemingand sandboxlib10:50
leemingalso, the devs for bwrap seem not to have tested/care about debian users :(10:50
paulsher1oodseems a bit harsh. have you raised an issue on bwrap?10:53
leemingregarding some of the stuff, yes10:54
leemingif this current issue turns out to be a bwrap one, i will add it to my list10:55
locallycompactfleshing out some documentation
*** ctbruce has quit IRC12:06
*** ctbruce has joined #trustable12:07
*** laurenceurhegyi has quit IRC13:04
*** ChrisPolin has quit IRC13:05
*** ChrisPolin has joined #trustable13:41
*** laurenceurhegyi has joined #trustable13:44
*** persia__ has quit IRC15:01
laurenceurhegyileeming, earlier you said: <leeming> there are small niche FOSS projects scattered around, but most are 1 man projects or abandoned/not updated.15:03
leemingi did15:04
laurenceurhegyiIt'd be useful to list these, to give us a view of all the other relevant projects.15:04
laurenceurhegyiThe current landscape, so to speak.15:04
*** persia has joined #trustable15:04
leemingI am unsure how to disseminate that information... as I've previously mentioned15:05
leemingI have already shared in private, just not publically15:05
laurenceurhegyiI'm talking about projects in the public domain only.15:08
leemingwhat i said, still stands15:09
*** faybrocklebank has quit IRC15:35
*** ctbruce has quit IRC15:52
paulsher1oodleeming: two questions: 1) can the output be presetned in such a way that no confidential information is leaked?15:58
paulsher1ood2) are you confident that the outputs is fit for public scrutiny (e.g. contains no deliberate falsehoods, isn't deliberately biassed, isn't unreasonably controversial etc)16:00
*** mdunford has quit IRC16:00
leemingit depends on how public discourse is defined... all the contents are open, but the fact of a collection is customer owned... or at least that is a similar model to my previous work was16:01
paulsher1oodmaybe ask (someone to ask) your customer for permission?16:01
leeminglike single bits of personal information about yourself.. just a name or an age is fine,.. but if I public a set of this information? well that is crossing into grey area16:01
laurenceurhegyiI'm happy to ask the customer. I think it would add value to this project.16:03
laurenceurhegyiFor clarity, my thought process when asking earlier was: Trustable Software project should be identifying the current landscape, and (potentially) identify what each project aims to do, and give a short reason as to why we have chosen to research that project further or not focus on it, on a case by case basis.16:05
laurenceurhegyiAs we don't want to miss something which is currently out there.16:06
locallycompactWorth noting: One of the major weaknesses of baserock is it stayed theoretical for too long, and we are only now figuring out major problems with the design after having tried to use it on a real project for several months.16:13
paulsher1oodand that coming from a theorist :)16:14
jmacsRelevant to that, I've just dug out two examples of Mustard being used (not something I can share, unfortunately)16:14
jmacsI'm planning on trying them out to see if they'd fit in with opencontrol16:14
paulsher1oodironically, one of the things mustard was used for was GENIVI compliance... and GENIVI is an open source organisation, but given that the compliance spec was and remains private, the instance could not be made public.16:16
*** locallycompact has quit IRC16:37
*** ChrisPolin has quit IRC16:38
*** ChrisPolin has joined #trustable16:40
*** paulsher1ood has quit IRC16:47
*** paulsherwood has joined #trustable16:47
*** locallycompact has joined #trustable16:53
*** locallycompact has quit IRC17:11
*** ChrisPolin has quit IRC17:11
*** lc_ has joined #trustable17:12
*** laurenceurhegyi has quit IRC17:12
*** lc__ has joined #trustable17:22
*** lc_ has quit IRC17:22
*** lc__ has quit IRC17:32
*** leeming has quit IRC19:35
*** leeming has joined #trustable19:36
*** ctgriffiths has quit IRC19:44
*** ctgriffiths_ has joined #trustable19:45
*** ctgriffiths_ has quit IRC20:24
*** ctgriffiths has joined #trustable20:26

Generated by 2.14.0 by Marius Gedminas - find it at!