Language Selection

English French German Italian Portuguese Spanish

Why Phonon is a broken wheel

Filed under
KDE

In the discussion the approach taken by the Phonon abstraction layer which the Phonon project is advocating for inclusion in KDE4 also came up. I have held back blogging about Phonon for some time to avoid flamewars, but I don't want to have efforts like OSDL delayed due to setups like Phonon being promoted or thought of as a workable solution for the issues faced. Let me start of with a brief introduction to the area of multimedia frameworks.

First of all multimedia frameworks are very complex systems, handling very hard technical problems in order to cater for issues ranging from problems from dealing with the analog past (for some technical information in this field I recommend fourcc.org), a forest of media formats with different traits, a host of features/deficiencies in hardware and a wide range of other software solutions to interact with like sound servers and legacy systems. On top of this you add performance and latency requirements, network protocols and multiplatform issues. In the end you have a problem space where even those who have worked on the issues for many years need to keep their head clear when designing the framework.

Multimedia frameworks are also by their nature abstraction layers themselves, trying to abstract away all the demuxers, muxers, decoders, encoders, cameras, soundcards, sound systems, network protocols and various types of filters into a coherent and userfriendly API.

Now to get back to why I think Phonon is conceptually broken. First of all it is destined to fall into one of two traps. Either its API become so high level and limited that application developers will shun it due to a lack of features, meaning that you have an API useful for doing 'ding' sounds in standard applications, but anyone wanting more powerful operations will feel its a bigger hindrance than a help. On the other hand if they actually try to implement a feature set that is big enough to at least satisfy a subset, of for instance music player writers, then they will be forced into accessing things so deep in the frameworks that the operations become so framework specific that generalizing them away into a common API will at best be a kludge and at worst produce various broken behaviour changing depending on framework chosen.

Phonon also falls short in many other areas.

Full Story.

More in Tux Machines

Security Leftovers

  • Security updates for Thursday
  • Security Tips for Installing Linux on Your SysAdmin Workstation
    Once you’ve chosen a Linux distro that meets all the security guidelines set out in our last article, you’ll need to install the distro on your workstation.
  • Fedora 26 crypto policy Test Day today (2017-03-30)!
  • Open-source developers targeted in sophisticated malware attack
    For the past few months, developers who publish their code on GitHub have been targeted in an attack campaign that uses a little-known but potent cyberespionage malware. The attacks started in January and consisted of malicious emails specifically crafted to attract the attention of developers, such as requests for help with development projects and offers of payment for custom programming jobs. The emails had .gz attachments that contained Word documents with malicious macro code attached. If allowed to execute, the macro code executed a PowerShell script that reached out to a remote server and downloaded a malware program known as Dimnie.
  • A scramble at Cisco exposes uncomfortable truths about U.S. cyber defense
    When WikiLeaks founder Julian Assange disclosed earlier this month that his anti-secrecy group had obtained CIA tools for hacking into technology products made by U.S. companies, security engineers at Cisco Systems (CSCO.O) swung into action. The Wikileaks documents described how the Central Intelligence Agency had learned more than a year ago how to exploit flaws in Cisco's widely used Internet switches, which direct electronic traffic, to enable eavesdropping. Senior Cisco managers immediately reassigned staff from other projects to figure out how the CIA hacking tricks worked, so they could help customers patch their systems and prevent criminal hackers or spies from using the same methods, three employees told Reuters on condition of anonymity.
  • NTPsec: a Secure, Hardened NTP Implementation
    Network time synchronization—aligning your computer's clock to the same Universal Coordinated Time (UTC) that everyone else is using—is both necessary and a hard problem. Many internet protocols rely on being able to exchange UTC timestamps accurate to small tolerances, but the clock crystal in your computer drifts (its frequency varies by temperature), so it needs occasional adjustments. That's where life gets complicated. Sure, you can get another computer to tell you what time it thinks it is, but if you don't know how long that packet took to get to you, the report isn't very useful. On top of that, its clock might be broken—or lying. To get anywhere, you need to exchange packets with several computers that allow you to compare your notion of UTC with theirs, estimate network delays, apply statistical cluster analysis to the resulting inputs to get a plausible approximation of real UTC, and then adjust your local clock to it. Generally speaking, you can get sustained accuracy to on the close order of 10 milliseconds this way, although asymmetrical routing delays can make it much worse if you're in a bad neighborhood of the internet.
  • Zelda Coatings
    I assume that every permutation of scams will eventually be tried; it is interesting that the initial ones preyed on people's avarice and dishonesty: "I will transfer millions to your bank account, then you share with me" - with subsequent scams appealing to another demographic: "I want to donate a large sum to your religious charity" - to perhaps capture a more virtuous but still credulous lot. Where will it end ?

Tizen and Android

Linux and Linux Foundation

Mesa and Intel Graphics