Open Source's 2014: MS 'cancer' embrace, NASDAQ listings and a quiet dog

Shame and coming late can be good things ... right?

Ho hum. Another year, another slew of open source announcements that prove the once-maligned development methodology is now so mainstream as to be tedious. Running most of the world’s most powerful supercomputers? Been there, done that. Giving retailers the ability to deliver highly customized paper coupons to consumers based on warehouse inventory nearby? So 2013!

And yet in 2014 we had a few events in open source that managed to surprise us, and suggest an even brighter future.

The dog that didn’t bark

The biggest open source news of 2014 actually isn’t. News, that is. As Red Hat storage executive Neil Levine opines, the “dog that didn't bark” in 2014 was the fact that "no major enterprise platform launched this year that wasn't built with [open source software]".

In fact, as Cloudera co-founder Mike Olson declares: “No dominant platform-level software infrastructure has emerged in the last ten years in closed-source, proprietary form.” Even proprietary platforms such as Amazon Web Services are built almost entirely from open source components.

Open source goes public

Which is why it’s so significant that we got our first open source IPO since 2007, when security vendor Sourcefire went public on the back of the popular Snort project. Prior to Sourcefire only two other open source companies made it to the public markets, both in 1999: Red Hat and VA Linux.

Of those three open source vendors, only one remains as a public company: Red Hat. VA Linux imploded soon after its offering, and Sourcefire was acquired by Cisco in 2013.

Which is all the more reason to celebrate the arrival of Hortonworks, which soared to a billion-dollar valuation on its first day of public trading (after falling from its previous billion-dollar valuation on the private markets).

While it’s nice that the IPO made its executives rich(er) - many of them made millions as part of the JBoss and SpringSource acquisitions by Red Hat and VMware, respectively - the real importance of Hortonworks’ IPO is that it paves the way for many more open source companies to become independent peers to Red Hat.

Linus’ Law: Given a large enough beta-tester

and co-developer base, almost every problem

will be characterized quickly and the

fix will be obvious to someone

Previously, the best an open source company could hope for was to be snapped up by the proprietary maw of a Cisco or VMware, as Red Hat didn’t have the money to blow $300m on a money-losing vendor of free stuff. Roughly $100m was more in its range, as the acquisitions of Inktank and Qumranet suggest.

Now there’s hope that we’ll have more open source companies getting to a billion-dollar revenue stream, rather than selling early. With Cloudera (Hadoop vendor), MongoDB (my previous employer), DataStax (primary developer of Apache Cassandra), and others lining up for IPOs, the future looks very bright for open source companies to stand alone.

Everybody hurts

For years we’ve laboured under the false assumption that “given enough eyeballs, all bugs are shallow". Or, rather, we assumed that everyone else was scanning for those bugs, obviating our own need to participate in open source.

Of course, the “shallow bugs” theory - also known as “Linus’ Law” - actually goes like this: “Given a large enough beta-tester and co-developer base, almost every problem will be characterized quickly and the fix will be obvious to someone." So it’s not a simply a “don’t worry, be happy” kind of sentiment.

But it’s also no substitute for putting your own eyeballs on the code, as the Heartbleed and Shellshock bugs suggest.

Both bugs exposed gaping vulnerabilities in the OpenSSL cryptographic software library and the Bash Unix shell, respectively. Both caused the market to doubt open source’s inherent safety.

And rightly so, as it turns out.

Sponsored: Minds Mastering Machines - Call for papers now open

Biting the hand that feeds IT © 1998–2018