Keynote #2 – Simon Phipps on what’s driving open source

Simon Phipps opened the keynote by explaining how Richard Stallman got sick of vendors not making source code available. By the end of the 1990s, there was a crisis. The web was emerging as a force for tremendous change in the topology of how information was spread around the world, and the choice of Apache here was crucial in opening the web. OSI was formed in 1998 to open gateways to open source with the mission of de-emphasising the ethical imperative, and a focus on practicalities such as education and building understanding.

License choice evolution

The original drivers of open source were to provide a stack of web server software – and this led to business model innovation; where you don’t have to rely on selling source code to generate revenue. Phipps explained how licenses are the ‘constitution for the community’ (attributed to Eben Moglen), and that the sign of discord in a community is when people start to care about what licenses are being used.

Phipps covered trends in open source licensing, and explained that there has been a move to ‘plus’ licenses; a base license is given and then additional rights are granted. Open source licenses are now also avoiding copyright assignment – which helps to sidestep acrimony in a community where one umbrella partner has an unequal stake in the project/source code. It is clear that Phipps is also a strong anti-patent campaigner; he explained how open source licenses are now also including umambiguous wording for dealing with patents to stop the problem of ‘parallel filing‘; where developers are encouraged by their employing organisation to patent their ideas and methods for solving computing problems as they undertake development. He was adamant that any open source licenses in the future need to contain explicit patent language.

He went on to categorise the classes of open source license that exist;

  • Class A – is unrestricted – you can use the code to create any work, and there are no restrictions on licensing. Examples are BSD and Apache. This is a ‘market creating’ license.
  • Class B – is file based – the files derived from commons must use license B, while files added may use any license. This is a ‘community protecting’ license.
  • Class C – is project based – all files in project C must use license C if derived from project C. This is a ‘transparency imposing’ license. Examples of this are GPLv2 and GPLv3.

Phipps explained that it is easy to scare businesses about open source licensing. They are terrified of having to release their source code – and want to hold on to it. The approach of businesses is changing though and instead of ‘vanity licensing’ companies are now realising the benefits of having wide, far-reaching communities – such as reduced barriers to the re-used of code. Hence we’re seeing a shift to ‘market creating’ liceses such as the Apache license as the governance structure of open source communities change.

Open source foundations

Phipps showed how corporations are increasingly thinking about open source as a way to bring together the commity rather than as a marketing tool. This has driven the need for open source foundations. He explained that the role of a foundation is to manage fiscal and other financial resources – such as trademarks, copyrights, staff and to act as an enable for governance, infrastructure provider and liability firewall for community participants, providing legal protection against litigation, and identifying risky contributions and patent rights.

Software patents

Phipps explained how a lot of companies use software patents for profit; fat patent troll companies exist whose sole business model is to buy patents and then explit them by demanding money from those they believe are infringing their patents. He emphasised the threat of dual filing – where a colleague working on a project will file a patent, the company will go bankrupt, the patent portfolio will be purchased and then used for litigation. Phipps argued that open source needs protection from litigation.

Some of the attempts to get around this include;

Patent pools – are not a lot of use according to Phipps; control can still be exercised by a dominant party as to who has the right to use the patent pool and gave the Google/Oracle example as a case in point.

  • Convenants – a way of contributors saying that patents generated by a community can be used by anyone – “any implementation of standard x is immune to a patent suit”. These are generally a good thing.
  • Software licenses – these are the best defence against parallel filing as they contain language that explicitly grants license over patents – and provide retribution against aggressors
  • Patron – a patron is able to stand up to the patent troll companies that exist simply to acquire patents and then demand money from those they believe are infringing the patents.

Cloud computing

The cloud means many things – including internet accessed storage, remote APIs, web app toolkits, essentially every kind of computing plus a network. Open source is everywhere. Software in the cloud needs the involvement of many parties to succeed, and this is giving rise to new business models. Companies like CloudBees take open source components and remodel them into service offerings; the differentiator here is the way the components are combined rather than the source code itself.

Big data

Big data is leading to the attitude that ‘software doesn’t matter’. Companies like Twitter and Facebook are releasing the code that they use internally – they don’t regard it as a differentiator anymore. Their offering, their competitive edge – is in the platform they provide, not the source code that delivers it. Their real assets are their operational skills. There is also a benefit to these companies in sharing the software¬† – it enriches their business and business model. Opensource is a component to business success – when you’re Twitter you don’t sell your software.

Future of Open Source Initiative

Phipps talked about how OSI is evolving, and how they want to invert OSI – so that the community is first rather than the board of directors. They will soon be restructuring and providing individual and corporate membership classes. He invited people to be part of the solution.

Footnote: I was very lucky to be able to sit next to Simon at the conference dinner, and found him to be an engaging and very knowledgeable conversationalist. One of the topics we discussed was that the general public doesn’t have an understanding of direct causality; they can only see cause and effect in one step. Hence, demonstrating to lay-people how privacy or rights are slowly eroded step by step by seemingly unrelated actions is a very difficult thing to do. It’s not that people are apathetic or don’t care; they just don’t comprehend the multiple steps of causality involved.

http://webmink.com/2012/09/11/oss2012-keynote/

Open Source Systems – Day 1

For Day 1 of Open Source Systems, I chose to attend the business networking stream rather than the research-oriented Doctoral Consortium, and got to learn more about a number of different companies and their products.

Gurux

Gurux is a Finnish company, who use open source software (and hardware) for smart metering. Founded in 1998, they specialise in the software and protocols that do smart metre reading. Their main products are GuruxAMI – which runs on Raspberry Pi hardware (under Arch Linux – I asked). The Raspberry Pi is used as a collector, and can be deployed from 10 metres to over 1 million metres. Looking at the cost of deployment, and the cost of the smart metre that I was charged for in Australia (AUD100+), they are on to something. It was interesting to note that they want to use Raspberry Pi as a home automation platform, akin to AMX and Extron, using RS232 and RS486 over USB. They find it very easy to develop metering for open protocols, but proprietary protocol monitoring can take a lot longer to do.

Eranea

Didier Durand from Eranea spoke about the services that they offer in taking old proprietary systems written in COBOL and rewriting them using open source technologies such as Java. He opened by explaining that there are over 200 billion lines of COBOL active in the world, with over 30,000 large applications still in active use – every person interacts with a COBOL application at least 12 times a day for purposes such as telephone billion. These systems are doomed to obsolescence and very expensive, and by rewriting them in open source, the company saves money in the long term. Because COBOL and Java are used side by side, the methodology is riskless, and particularly suited to large corporation with poor tolerance for risk, such as banks.

PrimeKey KPI

Tomas Gustavsson from PrimeKey Solutions spoke about the open source PKI products that his company works on. Their business model is that the software is free, and that clients pay for support and the development of new features. They generally have large projects, and the sales cycles are quite long. They do work all over the world, and in particular for the telco sector.

  • http://signserver.org/
  • http://ejbca.org/

They are also involved in the ORIOS project, which is backed by the Knowledge Foundation;

An overarching goal of this project is to improve understanding within organisations of Open Standards, Open Source Reference Implementations, and the ecosystems around them. This will be done by developing a reference model of necessary and desirable features of an Open Standard, and how Open Standards and their implementations can be utilised by small companies in different usage contexts.

Monty Program AB

Monty Widenius presented on MariaDB, the open source fork of MySQL. MariaDB was started in February 2009 after Monty’s exit from MySQL / Sun, and he drove MariaDB development. The purpose of MariaDB is to ensure the continuation of the MySQL database, and the company employs most of the core developers of MySQL. MariaDB is a very technical company, and only does 3rd level support. It uses the Hacking Business Model – the company is owned by the employees.

The hardest issue for MariaDB is getting the word out out it. For companies, Oracle can be hard to work with and expensive. Monty explained that their strategy is “to be seen to be doing something without doing anything” – ie creating an illusion that MySQL is doing good, but they are running the product into the ground – ie they want to keep the market share by getting customers to go to an Oracle product, and in the end kill MySQL, but without you noticing it.

Bitergia

Daniel Izquierdo of Bitergia explained the services they offer in analytics around open source projects, and the specialist support they offer to development forges. Their services are useful when you have different developers working on different parts of the code base. They are a young startup company, and the graphs they demonstrated showed a lot of insight.

  • https://github.com/metricsgrimoire
  • https://github.com/vizgrimoire

IT grapes

IT grapes are a Tunisian software development company, and they were one of the winning Software Freedom Day teams in 2011. I didn’t realise how active Open Source was in Tunisia, but the country has a huge and active open source community.

Open Source Business panel

Tony Wasserman led a panel on open source business models, and explained that some companies want and expect to pay for IT support. This is a solid business model – as everybody has to eat. He went on to explain how open source drives innovation by reducing entry barriers. When you start out, you can use free and open source software. Then when you go commercial and grow, you can buy a commercial license and commercial support. He also showed how leading open source products are at least as good as their proprietary counterparts, but in the open source sector the user community has a stronger voice. Many businesses are now evaluating whether to use proprietary or open source tools and the things they are looking at for overall return on investment include;

  • Evaluation issues for adoption of open source software
  • businesses are looking for best value for money
  • Licensing issues
  • Fitness for use
  • Comparison with commercial products
  • Product quality
  • Support and training
  • Corporate IT policies concerning use of open source
  • Management of updates
  • Integration with other software

Keynote #1 – Italo Vignoli on LibreOffice and The Document Foundation

Italo Vignoli outlined in his keynote how LibreOffice is moving from an ‘umbrella’ model of contribution to a ‘mixing bowl’ model of contribution – and the importance this places on diversity of volunteers and contributors. He explained how the Open Office code base was donated in 2000, and that by 2005 build dependencies were very complex. This was the responsibility of the company in charge of the project – Sun – and they weren’t solving the problem. The community’s voice was not being heard.

“Patience is a virtue, but not an inexhaustible resource”

The Document Foundation was born. Their objectives are

  • TO promote free software
  • To promote SW user freedom
  • To promote document freedom
  • To promote open standards
  • To develop Libre Office
“Membership is by doing”

The reason they didn’t want one major company to sponsor the new foundation was that a big company always leaves their “imprint” – the company’s objectives can be in conflict with the community’s objective. When you have a main sponsor you end up blocking the discussion at a certain level.

They have a great group of developers. When LibreOffice was first forked, there were 20 developers looking at over 10 million lines of code. They had another one within three hours, then over 500 additional developers since. The most trivial hacks were translating the comments in the code from German to English – otherwise there was no hope to starting to do more development. They had a few presentations and hackfests – pasta hacking at hackfests – eating spaghetti, hacking code! They made it fun – it was a gimmick¬† – “we all hack together”. Community is made by balancing fun and work together – working together and laughing together. If the people who are doing easy hacks today are still in the community in two years, they will be able to tackle more complex patches.

Contributor model

  • Occasional – easy hacks, small patches – 300 volunteers
  • Regular – easy hacks, large patches, small features – 150 volunteers
  • Core – 50 paid/volunteers – large features

LibreOffice has experienced incredible growth of new code committers – cumulative commits over time is extraordinary. SuSE and RedHat are important, but volunteer commits account for nearly a quarter of commits. They have achieved a good level of independence from a single corporate sponsor. By sheer numbers, volunteers are 75% of the developers. The Document Foundation charter ensures diversity by stating that no more than 30% of the codebase can come from a single company.

Their future plans are to have OpenOffice on each platform;

  • Cloud: LibreOffice OnLine, based on HTML5
  • Mobile: LibreOffice OnPads – Android code is currently compiling

They also want to grow the ecosystem by using certification to recognise contributors for the value they add, particularly in migration.