Feeds

Open source's ardent admirers take but don't give

Free riders' self-defeating logic

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

Open...and Shut Open source went mainstream long ago. It's a pity, then, that it's still so poorly understood by many of its most ardent admirers.

For example, ask a gaggle of IT executives, as Accenture recently did, why they're heavily adopting open-source software — and adopting heavily, they are: 50 per cent of those surveyed are "fully committed" to open source, while 69 per cent plan to up their investment in open source, and a full 38 per cent plan to migrate mission-critical software to open-source alternatives in 2010.

Their responses?

Improved code quality (76 per cent), better reliability (71 per cent), and lower software maintenance costs (71 per cent). These figures are corroborated by Forrester's own survey data.

Great numbers, right? Well, yes — until we add in one additional data point: 29 per cent are unwilling to contribute back their code modifications to the relevant communities.

This isn't necessarily a problem. After all, open source doesn't require everyone to contribute back, so long as a critical mass of interested parties contribute back and thereby keep projects from stagnating.

But it does call into question the benefits these IT executives hope to glean from open source.

Consider: if an enterprise modifies an open-source project and doesn't contribute back those changes — and work to get those changes accepted into the main code body — then it is left to maintain that software on its own. Not only does this raise the cost of maintenance on the software, but it also potentially eliminates — or, at least, minimizes — the benefits of code reliability and quality.

Not all developers are created equal, after all, and there's no guarantee that your engineers who hack the Linux kernel, for example, are going to do so as well as Google's Ted Ts'o or Novell's James Bottomley.

Interestingly, these two developers sparred over this very issue at LinuxCon in Boston, Massachusetts, this past week, as The Reg reported. Google has come under fire for allegedly forking the Linux kernel with its Android project, for failing to contribute Android changes to the mainline Linux code thereby setting up itself, and the wider Linux community, for prolonged inefficiencies and incompatibilities between the two.

While Google promises to contribute the Android code back, it doesn't seem to be in a hurry to do so. And why would it be? As long as Google isn't concerned with the added cost burden — which it clearly isn't, citing Android development costs as "immaterial" — then it is perhaps to Google's advantage to keep Android's code open ... yet not easily copied.

Google, for its part, isn't gushing to Accenture about software-maintenance cost savings, and almost certainly feels that it can deliver equal or greater reliability and quality than can the core Linux kernel development community. It has been hacking the Linux kernel for years for its core search and other products. Google groks Linux.

Google, in other words, isn't talking out of both sides of its mouth when it comes to open-source adoption. It understands the costs associated with going it alone in Linux development, and is prepared to accept those.

I wonder, however, if the IT executives surveyed by Accenture have taken a good, hard look at their conflicting beliefs on how open source helps them, and what they're willing to give back.

Is this a problem? No, Linux Foundation executive director Jim Zemlin told me over lunch at LinuxCon:

Everyone ends up giving back, even if they start out by forking a project and trying to go it alone. Over time it's simply not sustainable to fork and maintain a project on one's own, and companies eventually figure that out.

Savvy CIOs should recognize that the benefits of open source scale with one's participation in open source. According to Zemlin, they may not understand this from the start, but they eventually get it, as IBM, Intel, and others did.

There are benefits to be had from free-riding on open-source communities, to be sure. But the benefits are multiplied when an enterprise actually participates in an open-source community, rather than simply borrowing from it. ®

Matt Asay is chief operating officer of Ubuntu commercial operation Canonical. With more than a decade spent in open source, Asay served as Alfreso's general manager for the Americas and vice president of business development, and he helped put Novell on its open-source track. Asay is an emeritus board member of the Open Source Initiative (OSI). His column, Open...and Shut, appears every Friday on The Register.

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
IRS boss on XP migration: 'Classic fix the airplane while you're flying it attempt'
Plus: Condoleezza Rice at Dropbox 'maybe she can find ... weapons of mass destruction'
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
New Facebook phone app allows you to stalk your mates
Nearby Friends feature goes live in a few weeks
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.