Fog Creek Software
Discussion Board




Best argument against OS I've seen.

In this interview ( http://www.crn.com/48159.html ) Martin Taylor says it all about the open-source myth of the many eyeballs:
"Just because you have more people looking at the code does not guarantee a level of quality, because those people might not be the most-qualified people to do code review."

Let's face it. How many people who use Linux actually read the source code? Of those who read it, how many actually are *very good* programmers, let alone *masters*?

RP
Wednesday, February 25, 2004

Let's face it. How many people who use Windows actually read the source code? Of those who read it, how many actually are *very good* programmers, let alone *masters*?


Wednesday, February 25, 2004

"How many people who use Windows actually read the source code?"

More than Microsoft might like, according to recent news :^)

Steve Jones (UK)
Wednesday, February 25, 2004

This argument goes both ways. Does a closed source software vendor make any guarantees about the level of expertise of its employees?

As a software buyer I'm interested in functionality, support and price. OSS can score pretty well in all of these categories. I'm not saying that OSS as a development model guerantees high-quality software, but it CAN produce amazing stuff.

Jeroen
Wednesday, February 25, 2004

So we all seem to agree that the fact that the source is "open" is completely irrelevant to the end user?

Just me (Sir to you)
Wednesday, February 25, 2004

In practical terms and for the majority of users, yes it is.

RP
Wednesday, February 25, 2004

We can maybe agree that with regard to the security/quality of code, open source is irrelevant to a user.

But, what about *support*, especially when a team/vendor dissappears?
A few closed-source companies are really responsive to users... but most bury themselves behind layers of bureacracy, and even if they *do* listen they don't make any sign of it.
Open source is generally a lot more responsive, assuming enough competent developers.

The biggest argument against OS to me is, how the heck do I support myself financially if I do it? I don't buy the "sell yourself as a consultant" thing, that sounds like crap.

Aaron Lawrence
Wednesday, February 25, 2004

Depends who you're selling it to.

If you're selling it to someone that is willing to install and build it themselves, maintain it themselves and so on, then you can't charge very much.  Probably nothing at all (though see Red Hat et al).

If, on the other hand, they want it installed, configured and maintained and they want it supported afterwards then yes you can charge what the market can stand.

As for the many eyes 'myth'.  It isn't the only reason for Open Source (much as the FSF would like to think it is), and for some products it does work very well.  Open Source exists as a simpler and generally kinder licencing model than the 'free' licence of GPL.

Simon Lucy
Wednesday, February 25, 2004

"Open source is generally a lot more responsive, assuming enough competent developers."

Wouldn't it be fare to say that it is really all over the place, from brilliant to awfull? Hey, isn't that just how the other half lives as well?

Just me (Sir to you)
Wednesday, February 25, 2004

As I've said before, the philosophical background of Open Source is an academic one and this aspect has its origins in peer review.  I suspect telling a group of scientists that peer review was worthless since you can't guarentee the quality of your peers might draw some interesting replies - a stony silence might be the best you could hope for. 

The key factor is that open source doesn't guarentee an efficient peer review process - it just makes it possible. 

As to the advantages to the end user well I can think of two. The first is that I trust code that has the *possibility* of code review more than that which doesn't.  Which means either a well known company or FOSS.  The second is what happens if a company goes bust  -  with FOSS at least the project can continue. 

Finally, a few months ago I asked a question on a similar thread which no one answered - so I'll ask again.  The single biggest  software expenditure I'm responsible for is the maintenance of a membership database.  What would be the difference, if any,  if the suppliers had used open source tools and made it open source.

a cynic writes...
Wednesday, February 25, 2004

"The single biggest  software expenditure I'm responsible for is the maintenance of a membership database.  What would be the difference, if any,  if the suppliers had used open source tools and made it open source. "

The answer seems obvious: If you had the source to your DBMS, what would you do with it?

Just me (Sir to you)
Wednesday, February 25, 2004

Not have to pay for code escrow in the event that the supplier goes bust.

a cynic writes...
Wednesday, February 25, 2004

Really good troll I must say!

T-90
Wednesday, February 25, 2004

To expand slightly - we didn't take the code escrow option but a number of other organisations did.  If we did have the source available and there was no difference well - then there's no difference so what's the problem. 

Personally I'm not religious about software licensing  -  I can see advantages and disadvantages to FOSS and providing you go in eyes wide open it *can* (please note conditional) be the basis of a business. 

a cynic writes...
Wednesday, February 25, 2004

Bad Programmer's Existenz Angst at work :O

_
Wednesday, February 25, 2004

mmm...I've just gone and had a look at the interview that the original post points to.  The first sentence reads:

"As general manager for platform strategies at Microsoft, Martin Taylor leads the software company's charge to contain and eventually eliminate open-source technology."

Light dawns.

a cynic writes...
Wednesday, February 25, 2004

Being something of an OS newbie maybe someone can clear this up for me...

Most Open Source projects (Open Source Licenses?) I've seen seem to imply 2 things;

a) the source is available for anyone to look at
b) you can distribute binaries made from the source, and/or the source itself.

I'm a commercial developer.  Frankly the first option looks nice. The customer can have the source - I don't mind.  What I mind is them taking that source and distributing it further.  Even distributing it in their own organisation.  In other words I still need control over who runs the program based on my source.  While I'm all for "giving it away" unfortunately I need to earn a living as well.

So - is there a middle-ground license that allows my customers to get "open source" code, but not "freely usable / distributable" code...?

Bruce

Bruce Johnson
Wednesday, February 25, 2004

"So we all seem to agree that the fact that the source is "open" is completely irrelevant to the end user? "


Depends on who the end user is.  As a developer (Just because I'm a developer doesn't make me any less of an end user) I like to have the source to any libraries or components I might use.  In fact, if it doesn't come with the source or I can't arrange to buy it, I won't use it.  Been burned by binaries one too many times.

Dan Brown
Wednesday, February 25, 2004

Yes.  You give the customer a licence to the source code which is perpetual but you restrict them from producing derivatives of it, or selling any part of it or valuing it as an asset.

E.g.

8.2.The Client is hereby granted a non-exclusive and non-transferable licence to use and to reproduce but not to distribute or sub-licence, the software for its own business purposes, subject to any limits of simultaneous usage or numbers of copies defined by the Software Licence or the operation of the Software..

Simon Lucy
Wednesday, February 25, 2004

Thanks Simon...

Would that classify the project as "Open Source"?  Or does "Open Source" by definition imply "free" ?

Bruce

Bruce Johnson
Wednesday, February 25, 2004

If memory serves, I think the "Q" licence only lets people redistibute changes as patches. 

The FSF ( http://www.gnu.org/licenses/license-list.html ) have a list of licences with the conditions.  There's quite a bit of rhetoric involved as they push their own GPL. 

The OSI have a list of licences which qualify as Open Source ( http://www.opensource.org/licenses/ ).

Alternatively if you know what you'd like to allow and prohibit you can write your own. 

a cynic writes...
Wednesday, February 25, 2004

That would be a proprietary licence.  An Open Source licence generally lets you use the source as you wish, create derivatives, give them away and so on, the only proviso is that they have to maintain the Licence itself.

There are a class of licences that let you combine closed source and open source, for instance the MPL family of licences as used on Mozilla.  Then you can distribute the basic source of the product and put controls on some part of it, or not give them the source to that at all.

Simon Lucy
Wednesday, February 25, 2004

<nitpick>
The OPs argument is not an argument against OS, it is a counter argument to a common argument for OS.

Big difference.

Eric Debois
Wednesday, February 25, 2004

Agreed -  please note however OP's error.

a cynic writes...
Wednesday, February 25, 2004

This isn't an argument against open source, as much as it is a damper on the zealotry of people like Eric S. Raymond.  Open source is very good in many ways, but those ways aren't always what the crazies think they are.  Or more that many OS advocates incorrectly prioritize the advantages.  I really should say "advocates" instead of "crazies" :)

Junkster
Wednesday, February 25, 2004

RP, that logic from which spring the argument you've quoted is pretty sound. However, the law of Your-Mileage-May-Vary always applies.

There are plenty of orphaned source out there (that used to be commercial closed-source, used by many commercial users) that are now open sourced. They are orphaned in the sense that the company who's doing the open source didn't contribute to building a community of interested programmers who will chip in fixes, evaluate one another's work and work together towards common upgrade milestones. When you end up with an orphaned software, the source code is out there, but no one is looking at it.

There's also software so large and boring, hardly anyone would be interested in reading the code, unless the community was so large that someone is bound to be so interested that he or them might make a good contributor or code fixer. It really depends on the situation.

If an open source project was implemented using a fairly high level programming language (say Zope) or the percentage of C/C++/assembly is kept to a minimum (OS2 is all assembly, Linux kernel is mostly pretty readible c), or the amount of bad coding is kept to a minimum, careless bugs can still be accessible and found by contributing editors.

So as an argument against OSS, it won't deter interested parties (who are willing to put in the effort) from open sourcing their software.

Li-fan Chen
Wednesday, February 25, 2004

Scientists are paid to discover things, not create things. That's the first reason peer review in academia does not extend to software development.

Second, code in software companies does get peer reviewed. It gets peer reviewed by professional developers who spend a lot of time understanding a particular code base.

> The single biggest software expenditure I'm responsible for is the maintenance of a membership database.  What would be the difference, if any, if the suppliers had used open source tools and made it open source.

The difference would be that the developers who created the DB would not get paid, while your business presumably continues to make a profit.

Exactly why is it wrong for software developers to get paid?

x
Wednesday, February 25, 2004

Li-fan Chen:
Isn't Zope a CMS built in Python?

RP
Wednesday, February 25, 2004

Since the developers currently get paid from the annual maintenance money, they would presumably continue be paid in the same way.  Unless of course there is some hitherto unnoticed requirement in the Open Source Definition? 

The point I was trying to make (he says, beating his head lightly into his desk) is that the business model of getting most of your money from a long term maintenance contract is already in place.  Therefore whether the code is closed, open, free, unfree, half-free or locked up in the safe except on alternate Wednesdays doesn't make the blindest bit of difference. 

If I was talking about a shrinkwrap program then the position would be different.  But I'm not - so it isn't.

On a calmer note, I agree that any decent company will have it's own internal code review.  The problem then being establishing a reputation as a decent company.   

a cynic writes...
Wednesday, February 25, 2004

It's not correct that the "business model of getting most of your money from a long term maintenance contract is already in place."

For people who develop software, that's just not true. In particular, developers of very good software, where it's easy to use and requires no annual maintenance, would receive no income.

This is where Raymond and his minions reveal their true motivations.

> Therefore whether the code is closed, open, free, unfree, half-free or locked up in the safe except on alternate Wednesdays doesn't make the blindest bit of difference. 

It makes a lot of difference. It really does.

x
Wednesday, February 25, 2004

What you've just said explains clearly that "leak" of Windows source code. Look at the logic: Microsoft knows it will eventually open-source windows. It's facing a barrage of incoming fire because of alleged vulnerabilities on it's code.
What's the remedy? Hurry up what's innevitable, show a bit of your own code, because you just know it's that good to withstand peer review in the wild, and then cry foul, to cover up the tracks.

Damn, these things make so much sense once you start thinking about them....

RP
Wednesday, February 25, 2004

Two things:

1. The guy in the interview works for Microsoft so the interview = marketing.

2.  The best reason to support open source software is that it gives Microsoft a sh!t fit.  Microsoft lowers prices and try to make a better product.  For me FOSS isn't about some do gooder free the code from da man approach, it means I get lower prices on some things.

I'm not even going to read the article.  Next time send me a glossy brochure, Microsoft.

Mike
Wednesday, February 25, 2004

I too wondered about the many eyes argument. On one of the open source projects I have contributed quite a bit to, I put a comment in the source along the lines of "A $25 reward  with be given to the first person to email me at the following address..."

There are over 100 developers on the active project and over 10,000 active users.

The reward has stood unclaimed for 3 years now.

Dennis Atkins
Wednesday, February 25, 2004

"The reward has stood unclaimed for 3 years now."

Like, if I saw that comment, I'd actually email you.  I suppose being on the Internet these days makes everyone a bit cynical.

Anyway, the "many eyes" argument misses this point.  I run Linux but I've never looked at the source code.  I'm not a kernel developer.  However, IBM has kernel developers -  Red Hat has kernel developers - SUSE has kernel developers - Debian has kernel developers - SYSGO (embedded Linux) has kernel developers - The National Security Agency has kernel developers - The Chinese government has kernel developers - Open Source Development Labs has kernel developers...  I could keep listing companies and organizations all day.  These are organizations that pay people to work on the Linux kernel.  Is that a lot of eyes looking at (and working on) one codebase? -- hell yeah.

Almost Anonymous
Wednesday, February 25, 2004

x

I was referring to a very specific case.  Look through the archive at Joel's piece "five worlds". The two nearest to what I'm talking about are "consultingware" and "internal".  i.e. a specialised application with a very limited market.  A lot of the current features grew out of custom extentions for various organisations.  I agree that shrinkwrap is a whole different ballgame.

Now let's say I had access to the code.  Is it likely that I'll try to rewrite it myself and kiss my career?  Or our organisation suddenly change from a professional institute to a rival firm and breach its royal charter? Or is it more likely the CD would sit in the back of the filing cabinet and I wouldn't worry about our suppliers going bust? 

a cynic writes...
Wednesday, February 25, 2004

correction

That should read "...rewrite it myself and kiss my career goodbye."

Sod it I'm going home.

a cynic writes...
Wednesday, February 25, 2004

  Ok.  Linux is always brought up as an example of OSS that has a lot of developers, and indeed that's true.

  But Linux is one of the  few good OSS in this situation.  Most of OSS have a small development team doind 99% of the work, with an eventual contribution of somebody outside of the core group.

  Note, I'm not saying that these aren't good software, but that "releasing the source-code to improve your software with the contribution of thousands of developers from all over the world" is, in most cases, a myth.

Ricardo Antunes da Costa
Wednesday, February 25, 2004

"...in most cases, a myth."

I totally agree on that one.  Although I've seen a number of small projects (take the programming language Io for example) that has a small following of developers.

There is always a chance that your small project will gain some developers.  It really depends on the project -- some projects are more likely than others.

Almost Anonymous
Wednesday, February 25, 2004

RP, I think the sentence could be worded better, but yes Zope is a CMS system, Python is the language in question.. The sentence was regarding Zope.

Li-fan Chen
Wednesday, February 25, 2004

Most open-source software is crap, and so is most closed-source software.  The "many eyes" argument is not the real problem with open source software.

The biggest problem companies have with OS is lack of support.  Apart from the dozen or so top OS products, there is virtually no official (contractual) support for OS software.  (At least to my knowledge.)

To those who say "but you don't need support, you've got the source," I say you don't get it.  For every bug and feature you want fixed/implemented, you can (1) ask the project developers to do it and hope they get to it in an acceptable timeframe; or (2) pay someone to do it (current staff or outsourced).  Either of these options can easily exceed the price of a support contract.

There are, of course, exceptions.  It's nice to have that flexibility -- the option of being able to fix/build it yourself vs. have someone else do it (paid or not, under contract or not).  And of course I'm speaking from a business perspective.

Should be working
Wednesday, February 25, 2004


Yes, IBM, Red Hat, SUSE and Open Source Development Labs pay developers to examine the source code or, more correctly, to do development.

But that is different from the original claim of the open source movement; that developers would just magically contribute for the Good of the Community (while others pocket the profits.)

The paid positions by those companies actually demonstrate why open source as a philosophy is crap. Developers need to be paid. It then becomes a question as to whether they get paid for their own work, or get paid by pimps earning revenue from other activities.

x
Wednesday, February 25, 2004

Cynic, I don't know where you've spent your life. Yes, there are plenty of firms that, if they had access to the source code, would flick the original developer and his "support contract," not to mention developing a competing product.

It happens all the time.

x
Wednesday, February 25, 2004

In the charity, non-profit & small business sector.  Which is a larger market than most people realise.

I wouldn't trust a large or even medium size firm to play the game - but at the end of the food chain I work in there are  neither the technical skills nor the business acumen to  become a competitor.  To give an example of one previous workplace, I can't quite imagine a charity which promotes fostering in the third world suddenly becoming a database company - perhaps you can. 

In the end, I pay our money for the ability to ring up a developer when there's a problem and get it sorted out.  And I do have pretty direct access to the developers.  I doubt that it would be cheaper to cheat and buy in a developer who'd have to learn the code first as opposed to talking directly to the guy who wrote it. 

In the end I'm not advocating our suppliers Open Source  - I really don't care.  However, I do think in small vertical markets the very real business disadvantages of OS are minimised - and they pretty much disappear altogether when writing applications for internal use. 

a cynic writes...
Thursday, February 26, 2004

Cynic, you're a decent guy and you probably mostly work with honest people. Sadly, the rest of the world is not like that at all.

x
Thursday, February 26, 2004

>>Cynic, you're a decent guy and you probably mostly work with honest people. Sadly, the rest of the world is not like that at all.

i.e. "it's nice you're an honest guy. Since I'm not, I'd rip you off in a heartbeat - so would everybody else since everyone is as honest as I am"

X's inner voice
Thursday, February 26, 2004

I think that last one (from "X's inner voice") was uncalled for. 

I don't believe x is dishonest, he just doesn't trust other people with code.  We disagree - it's allowed.

a cynic writes...
Thursday, February 26, 2004

Where is the issue. Let's see ... I can buy package A and get the source code (and can change) or I can buy package B and not.

Who would choose B?

You could say it depends.

If an egregious bug or user interface  issue arises how  would you rather respond to an internal client: 1) we have sent the request to company B and we are waiting for their response; or 2) we are fixing now and expect a release in X time.

I would rather choose 2.  My talent, experience, knowledge are now necessary. Choice 1 might require me to be able to wait and use a phone.

What kind of person would choose 1?

Me
Thursday, February 26, 2004

I've just finished setting up four computer labs at work with a total of 184 machines. The teachers machine in each room is attached to the college network on a second NIC, whilst the other 45 machines are simply networked peer-to-peer in a workgroup including the teacher machine. The teacher machine was only attached to the college network for about half-an hour to transfer files from another teachers machine.

Every machine is now affected with MS Blast.exe

Somewhat miffed, I went to our sysadmin, and asked him why the hell he hadn't managed to clean the domain of MSBlast a year after it had come out.

The explanation was apologetic but chilling. There is not a single machine on the network with MS Blast.  It's affecting the switches. Marconi no longer supports the switches and is not issuing any software upgrades.

Now if the source code was available somebody might have been able to issue a patch.

Stephen Jones
Friday, February 27, 2004

>> "it's nice you're an honest guy. Since I'm not, I'd rip you off in a heartbeat - so would everybody else since everyone is as honest as I am"

Thus you highlight the dichotomy of open source advocacy. My arguments have been concerned with defending creators against other people stealing their work.

Me, you seem to be arguing that a customer would choose the cheaper option. The answer is that of course they would prefer the cheaper option. Customers always do. Sellers have other interests.

x
Friday, February 27, 2004

*  Recent Topics

*  Fog Creek Home