One of the biggest objections I have to the typical VC or IT analyst view of the world is this concept of “open source strategy”. If you talk to an analyst or a VC, there is this conviction that open source is some special magic that gets folks working on your project for free, and makes things “disruptive”. The reality does not bear that out. First and foremost, the typical customer (as in, “probably 99% of customers”) could not care less if something is “open source” or merely “free”, except in rare cases (like some Web apps). Why? Because having access to the source isn’t useful:
It takes a large degree of sophistication to modify an application in a way that keeps it from breaking when you try to upgrade it.
- A developer trying to tweak an existing codebase which is unfamiliar operates at a very low efficiency rate.
- Only the best run OSS projects have things like code standards in place (the same can be said of closed source, of course); the majority of the open source code that I’ve personally looked at was an absolute nightmare.
- Most IT shops barely have the resources to keep the lights on, let alone spend time inspecting source code to ensure that it doesn’t have bugs, security holes, etc.
In other words, actually leveraging the source code itself is not happening for the overwhelming majority of shops.
Secondly, take a look at the actual numbers. The bulk of people who contribute to most major open source projects are being paid by their employers to work on that project during their 9 – 5 hours. Even more telling, those paid workers perform an overwhelming majority of the commits to a typical project. The “just so story” of the army of hackers sweating away in their nights and weekends to produce great code for the love of humanity… it’s a myth for the most part.
Thirdly, this classification of software into “open source” and “closed source” is bogus. The status of the code itself (closed or open) is merely an attribute, an adjective, and hardly the most important one. Do you really think that the typical IT department (based on the information I’ve provided) really cares if it is “open” or “closed” source? Not really. The adjectives they care much, much more about are “TCO”, “ROI”, “ownership headaches”, “does it do what we need?”, “support options” and “upfront cost”. Who cares if it is “open source” if it is a huge pain in the neck? What IT manager is going to turn down the solution that best meets their needs because it isn’t open source?
Here is a good example. My employer is a Microsoft Certified Partner, so we get most of the Microsoft apps for free. We will never make use of the source code to an open source app for the reasons stated above. For us, open source apps are equivalent to the Microsoft apps, because they have the same licensing price point (free) and the only guaranteed advantage of open source (access to the code) is useless to us. Even for companies that pay for software, with the exception of certain “enterprise class” vendors that charge a mint, the cost of a software license is a wash compared to the cost of maintenance, integration, and other TCO items in most cases. Compare MySQL to SQL Server, for example… unless you have a large data center, the few thousand for SQL Server is peanuts, unless your company is broke (in which case, you have bigger fish to fry).
Finally, the concept of “open source” is quickly being demolished by Web apps and SaaS, which do a neat little end run around the GPL. Look at Google. Google has done some absolutely amazing things to the open source that they built their empire on. But they rarely even talk about it in general terms, let alone release the actual source code. While I am not a fan of the GPL for personal reasons (I prefer BSD and MIT style licenses, and I have released a number of items under MIT license myself), I understand the motivations behind it; it is designed to coerce a particular behavior from those who profit from using GPL’ed code. By not actually redistributing the applications (and therefore not triggering the requirement to release the source code), people who are in these *aaS scenarious are just as closed source as any proprietary vendor, but they have the benefit of starting with someone else’s code. It’s basically stealing according to the spirit of GPL, but not the letter.
Here is where open source really makes a difference:
- Startups with little or no working capital (the person trying to start a business on their nights and weekends)
- Companies that have the brains and need to make a giant application, and can use open source as the basis for it (Google with their homebrewed stuff is an excellent example)
- A select few applications (usually written in dynamic languages) which are well architected and allow the end user to customize functionality in a way that upgrades to the base system can still be made
As you can see, there is very little evidence for this concept of an “open source strategy” in the trenches, because whether or not an application is open source is just not relevant to the typical business or user.