Here are some of the open source-related headlines this week — so far:
EOS Directory sponsor Optaros has launched a completely re-designed site with lots of Web 2.0 capabilities to showcase their Next Generation Internet (NGI) expertise.
Jeff Potts at ecmarchitect.com also has some comments about the new Optaros site. As always, special thanks to Optaros for their support of the EOS Directory.
Talk about a provocative headline! But suddenly, recession talk is all the rage amid rising U.S. credit woes and sinking earnings in the financial sector – at least for now. And what about tech? Well, if IBM’s unexpectedly strong 24% increase in Q4 earnings is any indication, things may look especially good for open source.ZDNet’s Open Sources blog asks if IBM’s results are due to open source?
“Should this count as an open source win, a validation of the open source concept?I think it should. But there’s more to it than that.IBM long-ago unified its product lines under Linux and open source. Through projects like Eclipse it has learned how to share basic costs and add value for its customers.
Sounds to me like IBM has learned to leverage both the developer and customer communities for the benefit of all — including Big Blue. It’s worth noting that IBM’s results have a sizable foreign currency component, which means non-US customers made a significant contribution to the bottom line.On the other hand, ZDNet’s Hardware 2.0 blogger Adrian Kingsley-Hughes post — “Is open source recession-proof?” — offers a different take.
“Well, first off, I think that any business model that relies on volunteers could certainly see interest decline if times get tough. … The flip-side of this though is that being an active part of an open source project is a lot different to spending all day on YouTube or Flickr …”
One reader, Slashdot’s SatanicPuppy, responded this way:
“Far from being bad for OSS, recessions are GOOD for OSS. You lose your job, and freelance while looking for another one…What are you going to use? Companies have a need, and no budget to fill it with commercial software…What are they going to use? Sure, if you specialize in zillion dollar OSS deployments, you’ve got problems (problem #1: You’re mythical), but the true strength of OSS isn’t in giant deployments, but in filling in the gaps…When the gaps get bigger, there we are.”
Last week’s post on open source CEO forecasts for 2008 didn’t spend much time worrying about a recession. But what about you? How will an economic slowdown affect enterprise open source companies? Will they fare better, worse or the same as closed source firms? Post your comments below.
Product news and other items from the past week:
And while it’s not strictly-speaking enterprise open source, here’s a wonderful item from the Wall Street Journal’s BoomTown quip-tress Kara Swisher on the ongoing Microsoft-Yahoo merger rumors:
“Here’s what is going on and has long been going on: Microsoft continues to cast about for a viable Internet strategy, as it always does, and Yahoo is probably the numero-uno solution on its business development fix-it list.Why? Well, the software behemoth just can’t catch Google in the lucrative search-ad market no matter how hard it tries and how much money it spends.If it presumably put together it and No. 2 Yahoo, then presto chango, a real horse race.But that’s kind of like stitching together Bill Richardson and Dennis Kucinich and getting a potential front-runner for the Democratic presidential nomination.”
The headline “Open Source Code Contains Security Holes” on an InformationWeek article has grabbed a lot of attention. Two more blog posts on the topic:
And today there’s a followup blog post by “Security Holes” author Charles Babcock and a response from Paul Beach, a developer and administrator for one of the open source projects mentioned in Babcock’s original article:
Still missing is an answer to the key question: do open source applications have more security flaws than closed source? The Department of Homeland Security, sponsor of the open source testing, states the estimated error rate at one security flaw for every 1000 lines of code among tested open source software. How does this compare to closed source? Coverity’s announcement makes no mention of closed source error rates.Can someone cite some statistics showing a difference between the two types? Post your stats, sources and comments below.
The tech press and open source blogosphere shifted into overdrive today on the news that software security firm Coverity — at the behest of the U.S. Department of Homeland Security — had released the results of security tests on a number of popular open source applications. You can see some of news and comment here:
In the last item, I give Dana Blankenhorn credit for pointing out the obvious — identifying security flaws is a good thing — and open source projects may be more likely to get fixed quickly than their closed source counterparts. For an in-depth look at the whole issue of government-sponsored software security testing (it’s not just about open source), check out these articles from SDTimes:
So here’s a point to ponder and comment upon: do you worry more about security issues with open source software than you do with proprietary/closed source code? Post your thoughts below.
Everyone says you get more with open source. So here you go — ten CEOs of open source companies offering their views on the enterprise open source outlook for the New Year. Sponsored by the Open Solutions Alliance (OSA), the CEOs of member companies responded to four questions about open source issues for 2008. Some sample prognostications:1. What will trigger increasing adoption of open source in the enterprise in 2008?
“There will be an increasing confluence between the open source and software as a service models. These are the two most powerful trends in software today, and while they’ve traditionally been seen as separate, parallel developments, they are rapidly combining to create the new business model for enterprise software. The combination is not just at the development level – BaaS companies adopting open source technologies to lower the cost of operations and R&D – but more importantly, on the distribution side.” — William A. Soward, CEO, Adaptive Planning
2. What is the biggest challenge for the open source software industry in 2008?
“More lawsuits will be brought against large corporations and technology companies in 2008 as open source advocates step up enforcement of the APL v2, v and other open source licenses.” — Doug Levin, CEO, Black Duck
“Figuring out business models that will produce viable, long term software companies rather than ‘flash in the pan’ ubiquity plays. Merely racing to see who can give the most away to a buyer who will take as much as the can get before paying money will not produce viable software companies.” — Javier Soltero, CEO, Hyperic
3. How big an effect will licensing have on open-source software in 2008?
“Open source licensing will continue to bother enterprise users but the dissemination of best implementation practices including license management will reduce this issue somewhat.” — Michael Grove, CEO, OpenIT Works
“We don’t see much impact here. Customers continue to get educated about the code they use and about open source licensing in general, so FUD will have less of a factor than in the past.” — Kim Polese, CEO, SpikeSource
4. What will be the biggest surprise in open source in 2008?
“During ’08, the pressures CIOs will face to drive greater business innovation with a fixed (or low growth) IT budget will conspire to challenge every possible traditional software license. The 80% of the IT budget used to maintain existing or legacy systems must become more productive in order to satisfy the business goal of improved innovation.” — Brian Gentile, CEO, JasperSoft
“The biggest surprise in 2008 will be to see Open Source players register three-digit growth rates!” — Bertrand Diard, CEO, Talend
Get the complete list of questions and responses from the Open Solutions Alliance (OSA) site. (PDF)
Quick roundup of open source items making news over the last week or so:
Looking into the crystal ball to forecast the future is difficult on many domains, but specifically also in the fast moving Open Source domain. We tried it anyway.
- Continuous consolidation is going to happen in the commercial software vendor scene. This will create room for successful open source vendors.
- Open Source adoption in the enterprise will continue, in the application infrastructure space the use of Open Source is already common sense, but more and more Open Source solutions will be viable candidates also for typical business solution domains. It has started with Business Intelligence and Enterprise Content Management, it will continue with Customer Relationship Management.
- Web 2.0 and Enterprise 2.0 will continue to be Open Source plays mainly and accelerate adoption of Open Source in the Enterprise even more.
- Open Source vendors will also consolidate, we will see the rise of new Open Source “Ueber” providers, similar to RedHat.
- More commercially available products will be based on Open Source software, this will boost the usage of Open Source components but also the related “assembly methodology”, as applied by Optaros, Alfresco and others.
- Commercial vendors will continue to increase the viability of their offerings by open-sourcing critical components and platforms.
- Open Source companies will continue to look for the holy grail of “how to make money with Open Source” and invent new creative license and subscription models.
- New open standards such as Open Social or Google Android will be the base of many new Open Source project and initiative.
So, to summarize, we don’t expect 2008 to be a year of revolutions but rather of numerous important evolutions.
Welcome to 2008! But before we look ahead, let’s consider this item from last year:Top 10 Websites in the U.S. — Monthly Averages
||Unique Audience (000)
||AOL Media Network
||Fox Interactive Netowrk (aka MySpace)
||Apple (includes iTunes)
Source: Nielsen Online, NetViewWhat struck me about this list was how crucial open source software was to the success of many of these sites — maybe even those two in third and fourth place that begin with “M”. Certainly there will be more open source in use during 2008 at firms and sites large and small. It should be a banner year.Here are a few more end-of-the-year items of interest:
Open source solutions provider OpenLogic just announced the Open Source Census, “a newcollaborative initiative to quantify the global use of open source inenterprises.”
“Enterprises will be able to scan any of their computers and contribute the scan results back into The Open Source Census database [and] the basic anonymous aggregate data collected through The Open Source Census will be provided for free on a web site. This aggregate data will list the number of times each project has been installed on computers across all participating enterprises.”
The plan starts with the release of the Open Source Discovery application under the new Affero GPLv3 license plus an effort to enlist developers, software firms and ISVs in support of the project.About time, too. Everyone seems to think an initiative of this type is long overdue. Shane Schick’s Computerworld (Canada) blog notes the unreliability of both Canadian and US software piracy figures — which are statistical estimates — because the groups simply ignore open source applications. Remarking on the census, he adds:
“This would be a lot more accurate than the market forecasting that the Gartners, IDCs and Forresters of the world do. … For an industry that is focused on the management of information, it’s surprising how willingly IT professionals are to be left in the dark about the true state of the market.”
More posts on this topic include:
Are you in the dark about open source? Post a comment and tell us what you know — or don’t know — about the open source usage in your organization.
The GNU Affero GPL (GAGPL) Version 3 and the companion Affero GPL version 2 licenses released last week provide for public access to source code (modified or not) running on a network server. The current GPLv3 license does not cover this specific scenario, hence the new license version.To give an example, if you are browsing the latest hosted social media application and it displays the GAGPLv3 license, you should be able to locate and download the source code for the application you are using. You might have to pay a fee — remember the “free” in free software means freedom to copy, not the price — but you will have the source with the modifications to use as you see fit, subject to the other stipulations in the license. As developers adopt this license, will it cause web sites to rethink dependence on open source components?Palle Pedersen’s blog post “Is AGPL (Affero GPL) the Doom of Google?” has a lengthy analysis of the issue. He notes:
A wide adoption of the AGPL would change a current standard practice for creating a web application, where the developers start with a few pieces of GPL software and then modify the software until it suits their needs. With AGPL software in the mix, a business decision would have to be made on whether to use AGPL software and make source code for modifications and additions available – or to avoid AGPL software and spend more time developing software which can be kept out of the hands of competitors and potential hackers.Larger companies, e.g. Google and Yahoo, are actually among the best positioned to live in this new world. They can carefully evaluate the trade-offs on a case-by-case basis and can introduce processes to make sure that AGPL code does not sneak into places where it should not be.
It will be interesting to watch the rate at which this new license is adopted. One source for tracking open source license adoption rates is Black Duck Software’s Open Source License Resource Center. Read the Free Software Foundation’s announcement of the new license here.
Having spent some days with Gartner and some 3’500 CIOs and IT decision makers at the Fall 2007 IT Symposium in Cannes it became obvious that open source has become “business as usual” now in the enterprise. There was one session specifically focusing on Open Source but there were numerous sessions, specifically in the Web 2.0, portal, collaboration and social software domains that were covered extensively. And interestingly, if the analysts didn’t mention open source alternatives, the audience asked for them. Open source products mentioned often were Drupal, WordPress, Roller, SugarCRM, Alfresco as well as JBoss. One interesting comment from Andrea di Maio was that apparently US government organizations are more aggressively pushing for open source than their European counterparts.Side note: Spending a few days in the warm and sunny South of France sounds like a nice side effect of joining a conference. but sadly enough, none of the conference rooms had windows. When I was telling this story coming back to the office, somebody asked: “So given they didn’t have Windows, they all were on Linux?”
Congratulations to the Dojo Toolkit for releasing 1.0 this week.As described in the SitePen Press Release:
Also shipping with Dojo core in 1.0 is the Dijit framework for widgets (including support for accessibility and internationalization of widgets, as well as programmatic widget creation), and the DojoX set of extensions (including CometD and Dojo Offline). Finally, the Dojo packaging system and D.O.H. unit testing harness demonstrate the maturity of the project from a development management / engineering perspective – it isn’t just about adding more features but making those features usable for development projects who adopt Dojo.
They’re even talking about “participative communities” over in the .NET universe as the alt.net movement (insurgency?) gains momentum. Martin Fowler’s Bliki summarized the AltNetConf in Austin, TX a few weeks ago. He describes key participants as “a group of long-time users of Microsoft technologies who feel that their development philosophy has been getting out of sync with the perceived orthodoxy from Redmond.”Highlighting their shared approach to software development methods (think agile), Fowler addresses a key topic — the relationship between software providers and software users:
“A participative community is different, they don’t just want the vendor to listen and provide suitable products – they want to participate in the development of new products. It’s just such a participative community that’s taken the initiative in the Java world. JUnit, IBatis, Spring, Hibernate et al didn’t come out of the vendors, but were developed by “customers”. One of the things about the nature of the software industry is that many customers are every bit as capable of producing vital products as vendor companies, especially when combined with the community and ethos of open source.The great question ahead for Microsoft is how to engage with a participative and opinionated community like this. Treating such a group as an opponent will result in the loss of valuable products, and more importantly the capable people connected with them. Engaging with a community like this brings great opportunity. I would argue that the participative community around enterprise Java has saved the enterprise Java platform. A big challenge for Microsoft in all this is that this means finding a way to accommodate with open source development. …One other issue in a community like this is that it’s a community that doesn’t equate criticism with animosity. Many vendors suffer from the belief that anyone who criticizes them is their enemy. In truth often your friends are at their most valuable when they are critical.”
It will be interesting to see if Microsoft can be “open” enough to accommodate the alt.net movement. Given the caliber of the people involved, Microsoft’s loss would be open source’s gain. -
Just in time for Halloween, here’s a warning about scary enterprise apps and a reminder that it takes a community to build a decent solution.Matt Asay’s Open Source blog on CNET highlighted a terrific post by Khoi Vinh, design director for NYTimes.com. Vinh’s Subtraction blog takes on the “freakish” design qualities of many enterprise applications.
“Enterprise software, it can hardly be debated, is pretty bad stuff. The high-dollar applications that businesses use to run their internal operations … are some of the least friendly, most difficult systems ever committed to code.This is partly because enterprise software rarely gets critiqued the way even a US$30 piece of shareware will. It doesn’t benefit from the rigor of a wide and varied base of users, many of whom will freely offer merciless feedback, goading and demanding it to be better with each new release. Shielded away from the bright scrutiny of the consumer marketplace and beholden only to a relatively small coterie of information technology managers who are concerned primarily with stability, security and the continual justification of their jobs and staffs, enterprise software answers to few actual users.”
Vinh goes on to savage the latest Lotus Notes 8 ad campaign — “freakish” is too mild a term for it. Read the whole “If It Looks Like a Cow, Swims Like a Dolphin and Quacks Like a Duck, It Must Be Enterprise Software” post for more. Matt Asay’s point is simple — open source enterprise applications have at least a chance of being better thanks to the community processes underlying open source development. And if IT departments began using their own community of users to shape development … who knows what might happen?
Research and consulting organizations don’t get much attention from prospective customers by saying everything is fine — “status quo.” So a firm like Saugatuck Technology can be forgiven for a bit of headline hyperbole when talking about the impact open source will have on enterprise IT management over the next three to four years. But “Open Source as Disruptive Influence” (research notes PDF, free registration required) makes a strong case for the impact open source is having on both enterprise IT organizations and the software and services vendors that sell to them. Saugatuck says:
“Thirty-two per cent of user enterprise executives expect that by YE 2010, more than half of their key on-premise software will be open-source.This massive growth in adoption is one reason why open source software is rapidly becoming one of the most disruptive influences seen on IT and business – for users and for vendors. Open source is changing the way user enterprises perceive, buy, and use software. And as a result, open source is changing the way IT vendors and service providers develop, license and support software …Open source is first and foremost a development methodology, not a product, a technology, a single license scheme, or a business model. Open source’s key advantages for users and vendors derive from its community-driven development model. The greatest benefits will go to those who understand this and use it to their advantage.”
I’ve been thinking about “community-driven” development for awhile now. Far too many organizations simply don’t trust their customers or their employees enough to let them truly collaborate on creating new products, despite ample anecdotal evidence that this makes better products and more loyal customers. Ask any developer pursuing an agile development methodology what their user collaborators say about the process and the outcomes.This thinking applies to more than software. “When Rebuilding Confidence Becomes the Priority” (subscription required) in Monday’s Wall Street Journal highlights the need to involve the community in the product to survive a near-disaster.
When development delays of the giant Airbus A380 superjumbo drove launch customers to revolt, A380 program executive Mario Heinen “threw open Airbus factories and invited customers into planning sessions. “We shared details I can’t imagine other companies presenting,” he says.” While his moves helped restore confidence in the project, how much better would it have been if Airbus had more closely involved those customers all along?So here’s a question for the IT execs in the audience: does using open source mean involving more than a community of developers? Can the larger user community within an organizations be a trusted part of the open source process? Please post your responses and comments below.
South Africa-based open source document management project KnowledgeTree released KnowledgeTree Open Source Edition 3.5 under the OSI-approved GPL v3 license Wednesday, replacing the prior “KnowledgeTree Public License” for this and future versions.In his in-depth blog post about the license change, KnowledgeTree COO Daniel Chalef explains the thinking behind adopting GPLv3. Some key elements include:
“Firstly, we wanted a license that would be widely accepted by our community and the open source community at large. We did not want to risk the license we were using to be, over time, relegated to the peripheries of the open source world. We wanted to use a license that would have wide acceptance and momentum behind it. What this would mean is that our community would fully understand their rights and obligations around utilizing the software and would not be dissuaded from doing so because they felt they would need to undertake a lengthy and costly legal exercise to determine if they could use our code …We’ve also matured our thinking, built out our community, learnt a lot more about our business and now believe that a strong copyleft license is more appropriate for us: it is far more friendly to an open source community and far more likely to dissuade commercial use of the code in circumstances where profit is involved.”
I was struck by this forward-looking and common-sense approach. Speaking for the “customer” side, IT managers considering an enterprise-class open source solution for use inside the company firewall find the intricacies of some open source licensing terms can turn a simple product selection decision based on features and cost into a mind-numbing analysis of dense and often ambiguous licensing legalese.Acknowledging that easily understood terms for using open source applications benefit both the “customer” and the “contributor” communities demonstrates a clear vision of what’s important for the advancement of open source and the success of enterprise projects. Congrats to KnowledgeTree.
Here are the most recent updates and additions to listed projects on the EOS Directory:
- eZ publish — Widely used and functionally rich content, e-commerce and document management system implemented in PHP.
- Amanda network backup and recovery — Amanda is the most popular open source backup and recovery software in the world. Amanda protects more that half a million of servers and desktops running various versions of Linux, UNIX, Mac OS-X and Microsoft Windows operating systems worldwide.
- Drupal Enterprise Content Management — Content Management System ( CMS ) implemented in PHP, with a strong focus on community, social networking, and media features. There’s a large repository of add-ons and extension modules available.
And here are the most recent candidate projects submitted:
- IX Workflow Framework — The Imixs Open Source Project (imixs.org) was created to promote the development of workflow technologies based on open software standards.
- GROUP-E – GROUP-E is collaboration software which integrates groupware, project management, and business server on one platform. The solution is based on a LAMP architecture (Linux, Apache, MySQL, PHP). GROUP-E offers project management, transparent Samba (file server) integration, integration of Cyrus IMAP server with administration and personal SIEVE filters, support for SyncML 1.0, LDAP-based user management with single sign-on authentication, and LDAP contact databases.
- ZRM for MySQL backup — Zmanda Recovery Manager (ZRM) for MySQL simplifies the life of a Database Administrator who needs an easy-to-use yet flexible and robust backup and recovery solution for MySQL server.
Be sure to go in and offer your ratings and comments on new and existing projects. Plus — keep an eye out for the candidates. They’ll be published after they receive their EOS ratings from Optaros.Got a project you think is enterprise-ready and not listed in the directory? Submit your project to the EOS Directory.Got comments about the directory and the project listings? Feel free to add them below.
Monday’s big not-really-news was Microsoft’s acceptance of the European Commission’s 2004 antitrust ruling governing sharing of information about workgroup server protocols with third-party developers. Microsoft also agreed to lower the royalty rate for the information. It’s a big concession by Microsoft — but a big ‘so what?’ from the enterprise open source community.InformationWeek’s Open Source blog may have headlined it best: Microsoft Bows To The EU, Open Source Shrugs . The post also gives a good roundup of the issues.But the best quote may have come in ZDNet’s Open Source blog . Citing no benefit and a change in patent licensing, OpenOffice.org marketing lead John McCreesh said: “the EU has laboured for three years to produce this particular ridiculous mouse.”In the same ZDNet post, Optaros developer Dave Gynn made a more specific request, noting while the decision opens up internal protocols “we’re not writing code to that level. We need web service APIs, not protocol at the network transport level.”Will Microsoft ever accept the open source agenda? Stay tuned for the next round.