Thursday, March 4, 2010

Open Source Software: Exploitation At Its Finest

Open Source is bad for small developers, bad for business users and amazing for big software vendors. As far as innovation for humanity is concerned, the jury is still out. As far as I can tell, so far, most innovations were produced by proprietary/closed innovation organizations. Examples are the computer mouse, graphical user interface, iPhone, all NASA and government agencies innovations etc…

Open Source seems to expedite development in the domain of generic, commodity-type software projects such as databases, operating systems etc... This is expected. I mean upon stumbling on a great innovation, why would a rational human being developer give it away for free when they can benefit from it either by licensing it to big companies or starting their own? Would you?

Now, why would a corporation whose sole existence is to maximize shareholder profit by selling software such as Microsoft and Google adopt Open Source? If you notice, in the beginning, Microsoft opposed Open Source, but later, when they "saw the light", they changed their position.

Of course, it is naïve to think that these corporations are doing it from the goodness of their heart and their community spirit. We know that a corporation's mandate is to maximize profit. This can be done either by increasing revenue or lowing costs. Obviously, they see something in Open Source that dramatically enhances both approaches to maximizing profit.

But before I get into the principle of it, let's take care of the business user first and see the effects of Open Source.

Open Source Software and Business User's Perspective
From a business user's perspective, although it seems to be cheaper to use Open Source at the start, what is often overlooked is the total cost of ownership (TCO). Despite the utopian belief that underlies Open Source that somehow developers work for free, even Open Source developers have to make money to live. One way they do it is by charging for support later. So for the business user, the ride is not free. There's no free lunch. They will have to pay for support later, thus increasing the total cost of ownership (TCO).

In addition, the TCO of Open Source is further increased by the need to customize further and resolve the widespread integration and versioning issues that plague Open Source software.

Now, if the business user requires security, it doesn't look too good either with Open Source. What worse security can someone have when the source code is open for any hacker to study and exploit? Yes, one might argue that this is neutralized by the illusion that anyone also can read the code and figure out the exploitation, but this remains theory as it is rare that a developer would go through every line of code looking for hack-ability.

So if a hacker knows that your company is using an Open Source software, he or she would go study the Open Source of that project that is available on the web and figure out a way to hack it, then launch my attack on your server. Usually, big software vendors who use Open Source software projects on their servers add their own proprietary code to seal off any vulnerabilities. But does the average business user have the resources to research and do this?

On the legal side and business disrupt-ability, the other big issue for users is the risk involved in indemnification. Pardon me as I could not find a better example, Open Source software is like a woman who have slept with many men and no one knows who the real father of the baby is. It is touched by many and no one is responsible. There's a big litigation risk as we saw in the MySQL court case.

Here's how it would go. Some developer somewhere would copy someone else's code and paste code into an Open Source project where he or she infringes on that patent holder. Trouble comes when this patent holder realizes the infringement and goes to court. All copies of the software that contain the infringement code will be ordered to cease and desist bringing the business to a halt. It is like opening a can of worms.

A business customer needs a single point of accountability, they want to focus on their own business. These business customers don't have time to fuddle with the code. Open Source is created by many where no one is responsible. This is unacceptable in the business world from a user's perspective who are not software vendors themselves and don't know anything about opening the source code and tweaking the code. They would still have to pay someone to do it, thus, increasing the TCO again.

Looking at the above points, one can conclude that from the user's view, Open Source seems like a gimmick where they're enticed by the free software upfront, but later suckered into paying for support, integration fixing, customizations and a possible huge lawsuit that could pop its head at any time. Even worse yet, desisting from using the software until a court case is decided. The effect of which is worst if the software happens to be a Line of Business (LOB) software for the business.

Contrast the above with proprietary software where there's a single point of accountability, protection against indemnification and litigation, support included, minimal integration problems, reasonable security and always maintained, organized and up-to-date all in one upfront price.

Back to Big Software Corporations and Open Source Software
With the tweaking of the GPL license (copyleft) into the BSD and Apache licenses, and naturally so, to accommodate business and their natural purpose of making money, Open Source became the best and the most clever exploitation gimmick for big software corporations.

That could explain why Microsoft shifted to using Open Source on a few projects. I say the best exploitation gimmick because it serves big software players the following major purposes:

1. Open Source software expedites software development to a much faster rate than closed software development. This is because it uses the power of the crowd, the many developers to slave for free and use their creative genius so the software company can eventually charge/benefit from the product as is allowed by the modified BSD and Apache license.

2. The best of both worlds. Software companies can now use the fast development speed by the slaving of the many and also include their own proprietary important pieces closed in the same package. What more can a software company ask for?

3. Free or cheap labor, the dream of every corporation. Before, exploitation was limited to physical goods, now, thanks to Open Source software, it is extended to software. Big software companies used to value and pay premiums for a lot of talent. Now, they get a lot of project work done for free by the many slaving developers in the community and hire and pay for fewer talent. Brilliant!

Open Source Gives Monopoly to Big Software Vendors and Eliminates Small Ones
As we notice, the major Open Source projects find their way to the laps of major software corporations. Examples are Red Hat Linux, MySQL. Corporations, rightfully so, always find a way to make money. That's their natural purpose. But in this case, they're collecting the fruits of the hard work of the many poor developers who contributed to the innovation of the project under the guise of Open Source and "freedom" etc...

This puts big companies light years ahead of the small software companies who don't have the same marketing power to get their projects publicized. They will lag in innovation because they won't attract the huge developer base to work on their little Open Source projects for free.

Open Source Software Undermines the Software Development Profession
Before, what was sought after was local talent. Now, with Open Source software, it has become a commodity. This happened because of the availability of Open Source software offered for free by some poor developer somewhere in the world. Therefore, the value of a software engineer in general is diminishing. Standards and certifications have to be put in place. For example, software engineers should be licensed for different classification levels of software development engagements. I see that as the next natural path in the software industry to neutralize this downgrading effect of Open Source software.

Open Source Software Puts Local Economies At an Unfair Advantage With Countries of Large Idle Populations
Winning by sheer numbers. A professional developer is a developer who gains an income and a living out of his or her skill. However, if you are a developer with no job with another million like you in a poor country then your profile perfectly matches that of an Open Source developer who has a lot of spare time to undercut other paid developers and offer free "open" code.

Therefore, countries with large populations of idle developers will gain the advantage and put all the local talent out of work by offering free code for the taking. It is simple economics. Of course, large corporations don't mind free products and labor as globalization and Free-Trade got them used to.

As a matter of fact, the need arose to morph an Open Source license out of the original restrictive GPL license just for exploitation. It is called the BSD or the Apache license. These licenses allow for including proprietary software side by side with Open Source software.

By promoting and using Open Source, developers are shooting themselves in the foot and are the biggest losers in the Open Source game.

Software is becoming more important in our lives and taking on more critical role. It is time for a standard Software Developer License to develop software to stop the madness.