Archive for June, 2007

The Open Source sales cycle

I’m in tatters in Geneva, with a sore need to hit the bed before an early wake up and a set of important meetings tomorrow at some UN organizations, but I just couldn’t resist blogging what a guy told me today, while talking about the typical Open Source sales cycle:

Getting in touch with Open Source companies and having them provide information and sales support can be painful .The typical Open Source sales process is much like flying a low-cost airline. It’s simple, it’s safe, it’s effective and gets you where you want to go: you can try the software yourself, you can see what the costs are, you can do your math. However, don’t expect pre-booked seats or free booze: getting a sales guy to visit you is like asking for a glass of Krug Grande Cuvée on Ryanair.

I have to say I don’t fully subscribe to that. But the guy has a point.

Sourcesense in the press

The link-o-sphere is being kind to us as of late. Sourcesense has hit the press in a number of places, that is in chronological order:

  • yours truly was interviewed by the National Center for Information Technology in Public Administration. The interview is in Italian, so if you don’t grok Dante’s mother tongue I’m afraid you’re out of luck (Google’s automatic translation is funny but nearly useless). The title is “A development model for Open Source in Public Administration”, and it’s basically my take on why Open Source in the public sector makes sense only if the approach is comprehensive and geared towards nurturing communities and ecosystems, rather than just duplicating pieces of software all over the place. That’s the usual Open Development mantra, with a public sector twist.
  • I have been featured on Matt Asay‘s new blog for his “Open Source CEO” series. More on this later, when I’ll try and add a few comments on what I’m starting to consider as the Open Source value chain, based on (surprise!) participation and ecosystems.
  • Our partnership with Black Duck Software has been officially announced. I’m really, really happy to work with these guys, as I think their services make a lot of sense to the Open Source enterprise: IPR is going to play a significant role in the marketplace, and tools like Black Duck’s are going to make a huge difference.

The Sourcesense drum is beating. Which means more travel ahead for my poor tired back. But boy, this is getting to be real fun!

The OSI crackdown: too little, too late?

I had the pleasant surprise to stumble into the post from Michael Tiemann stating that it’s about time for the OSI to defend the Open Source brand against abuse. I can only applaud what the OSI seems to be about, even though my initial comment was along the lines of “about bloody time”.

You know how disturbed am I by that side of the so-called “Commercial Open Source” that’s trying hard to push the limit of what Open Source actually is. To me, the issue is very clear: as much as Open Source is not a proper trademark, there is at a very least a sound ethical reason to consider as Open Source what the OSI (who has come up first with the term) defines as such.

I can understand some of the gripes floating around the Net today: the OSI is far from being an open organization, and the license approval process could definitely get better. Still, let’s be fair: a good part of the industry has been getting a free ride by somewhat abusing the marketing power of what the OSI has been able to build during the years. And don’t even get me started with how a sizable chunk of the open source market has swept under the rug not only the letter but also the spirit of Open Source, which is really about building cooperative process to share knowledge (and make money out of it) whereas most players nowadays are doing all they possibly can to open the source (because that’s their only chance to have a position in the market) and close everything else.

Failing to recognize the role of OSI and the binding definition of Open Source is both unfair and unethical: given the sheer amount of money floating around all those “open source” companies, I start to think they really should consider getting together and find a new marketing term that effectively describes their business model (something along the lines of “we’re fine getting you access to the source code, but that’s almost it”). Shouldn’t bee too hard and will make things much more clear to customers.

As per the OSI, question is “now what?”: the bad guys are already waving the flag of Open Source not being a trademark, and I’m afraid it could well be too late to try and enforce the OSI definition. It would be nice, though, to run an awareness campaign, making sure that the world knows who’s been fathering the Open Source Definition, what is its rationale and what can be considered Open Source. It would be nice, at the same time, to let everyone know what is NOT Open Source according to the definition, and how final users might be able to tell the real Open Source from the “source available” counterparts. This is a battle I’m more than willing to fight, so if help is needed, just count on me.

AGPL: another nail in the diversity coffin

I had a friend in high school, the sole child of aged and overly protective parent. On the warm Italy seaside most youngsters are in shorts and sandals since April, but my mate had to wear sweaters in July, and socks on the beach. The poor boy wasn’t allowed to have unhealthy food (or, for that matter, any kind of food outside regular meals), while we were happily indulging in afternoon sundaes and fries. On Saturday nights we significantly helped breweries make or exceed their quarters, while the unfortunate guy was strictly on non-iced, still water or orange juice at most. Don’t ever mother mentioning coffee or – God forbid – smoking or sex, while we… well, we were young and eager for fun.

Fast forward a few years: I ate pretty much anything barely edible on planet Earth (indeed, it shows), and I’m happily enjoying and digesting it. My friend has horrible stomach pains if he ever dares to try anything fried or seasoned beyond a few drops of olive oil. He has a point in mentioning how his cholesterol is definitely much better than mine, yet he knows that if someone sneezes within 50ft, he will be visiting his doctor in a couple of days, and most likely stay in bed for the next month.

Why am I telling you all this? The recent AGPLv3 announcement, which Fabrizio is saluting, is reminding me of how being overly protective ends up with more harm than good. It’s all about the ecosystem: being healthy and robust requires being exposed to a world that has bacteria and viruses in addition to vitamins an proteins: closing the ASP loophole is just another way of building a sterile environment where cross-pollination can’t really happen.

The general argument in favor of AGPL is that there are a number of organizations who are happily modifying and extending GPL software to build Internet services on top of it, without contributing their modifications back to the community, and this goes against the “free software” spirit, whatever that is. The “quid pro quo” paradigm commercial Open Source companies love so much, unfortunately, has quite a few misconceptions and downsides when taken to such an extreme:

  • it’s going to make life a living hell for all those who will need to track and publish modifications to their applications, effectively driving people away from Open Source. Google might have enough resources to perform the additional oversight, but what about smaller shops?
  • there will be a lot of Catch 22 situations, where local modifications happen to include code that cannot be redistributed. And it doesn’t take much: most commercial Open Source companies out there are selling their professional versions with strict licensing terms that forbid redistribution. What then?
  • most of local modifications and patches will have no value to the general community anyway, either because they are a bunch of spaghetti code written to connect to a local system, or because it’s just a bunch of custom business rules that don’t quite apply elsewhere. What’s good in having them available?
  • the horrible AGPL wording is likely to be a nightmare for legal departments. Defining “redistribution” in GPL is hard enough, good luck understanding what does exactly section 13 mean:

    Notwithstanding any other provision of this License, if you modify the Program, your modified version must give all users interacting with it remotely through a computer network (if your version supports such interaction) an opportunity to receive the Corresponding Source of your version by providing access to copy the Corresponding Source from a network server at no charge.

    What does “remote interaction through a computer network” exactly mean? Who exactly is a “user”?Can a “user” be a computer interacting via a Web Service? Are employees users? What about “access from a network server”? The only consequence is more wealth for lawyers.

Of course there is a way out of this mess: buy the commercial license and get read of the AGPL woes. But then, let’s be honest and call a spade a spade: “closing the ASP loophole” has nothing to do with keeping the software free, it’s just a tool to turn more free users into paying customers. Or, quoting Fabrizio again, getting rid of:

“[...] leeches, that suck the soul of open source for their pure benefit. They make money, while others work for them for free, to make them rich. Rich without returning anything that could benefit the community of whom they are parasites”

Unfortunately, as much as I generally agree with Capo, this statement is both unfair and dangerous. It is unfair, because most of what Fabrizio is calling leeches (Google, for one) are indeed giving a lot back to the community (in kind, cash and liberally-licensed code, in the Google case). It is dangerous because we need a diverse ecosystem to thrive, which means we need leeches and parasites as well. Everyone plays a role in the environment, as the traditional software industry has known for ages: every Tom, Dick and Harry over there is publicly fighting piracy, yet it doesn’t take much to have them admit they just love how piracy eventually turns free riders into paying customers. The value of a free customer is less than negligible, and even Tim O’Reilly agrees.

As a market guy, I believe in market forces: you can’t build marketplaces and ecosystems with legal ties, but you can educate your customers and make them good community members using sound business reasons. Keeping local modifications and maintaining them through community releases is as painful as expensive, and companies are slowly but steadily understanding that. The commercial Open Source world should try to ease the contribution process, letting customers and partners know that feedback is welcome and handed promptly. Note that this is much easier said then done: it will be a happy day when a major commercial Open Source provider (I will protect the sinner, for now) doesn’t let a massive threading problem, with a trivial patch attached, rot in their issue tracker with no feedback whatsoever after nearly a week.

Adoption is key, and nurturing communities is hard: having users jump through hoops is a shortcut which is more likely to scare them away rather then turn them into paying customers. The AGPL, or any kind of license (ab)using Open Source dynamics to force transition to a commercial license without taking market and Open Source fundamentals into consideration, is only going to make matters worse, impacting sustainability in the long run.