How Open Source Has Turned the Software Industry Upside-Down

Mitch Wagner
Prime Reading
Mitch Wagner, Executive Editor, Light Reading
1/7/2019



Open source has transformed how the software industry works. Open source makes the cloud possible. And adopting open source changes how companies do business, driving greater transparency and frankness.

Without open source, you don't get the cloud. "Open source made it cheap and easy to build services you could rent to people," says John Graham-Cumming, CTO of Cloudflare Inc. , which provides security and performance services for online businesses. "It's hard to imagine making something like WhatsApp or Netflix if they had to license Windows Server, Visual Studio and other proprietary tools." (See Cloudflare Wants to Protect the Whole Internet Legacy Apps, IoT, the Works.)

Cloud operators need to be able to customize code to deliver necessary performance and capabilities. A vendor would say no to that kind of custom coding, or charge a prohibitive price, Graham-Cumming says.

"There are many things that it would have been too expensive to build if you had licensed the code from someone else," he says.

Cloudflare uses a bank of lava lamps to generate random numbers required for secure encryption (See Cloudflare Protects Data With Lava Lamps.)
Cloudflare uses a bank of lava lamps to generate random numbers required for secure encryption (See Cloudflare Protects Data With Lava Lamps.)

The freemium business model popular in the cloud depends on open source for its economics, says Ben McCormack, who was Evernote Corp. 's chief of staff when we spoke to him in mid-2018. He's since moved on to Google (Nasdaq: GOOG).

Evernote offers a free tier of basic services, with paid levels for additional capabilities. It's built on open source software including MySQL, Linux, Apache Tomcat, Puppet and Ansible. The service migrated in 2017 to Google Cloud, which is built on open source software and is a leading open source champion. (See Evernote Gives Itself High Fives, Completes Migration to Google Cloud.)

Evernote chooses open source primarily for its technical benefits. But price was important too, and the cost is essential to Evernote's business model. "The economics of freemium don't work if you're paying massive licensing fees," McCormack says.

And adopting open source breeds openness in other areas, says Graham-Cumming. In the proprietary software world, code is a competitive advantage and companies guard the secrets jealously. But in the open source world, it becomes a competitive advantage to share code promiscuously -- as if Coca-Cola publicized the secret recipe for Coke.

"From Cloudflare's perspective, we don't believe any of our code is a long-term advantage," Graham-Cumming says. The company has no compunction about giving away secrets through open source, although it does acknowledge the need to keep some information private, such as cryptographic information, for security reasons.

Open source involvement "becomes part of our brand, part of our [employee] recruiting efforts, and part of our customer recruitment," Graham-Cumming says.

Cloudflare's value isn't in the software it runs, but in the service it provides, Graham-Cumming says. "If we handed you the code, you'd have a hell of a time operating it," he says. Indeed, that very problem is why it's difficult to open the source code for large projects, which require knowledge of operational experience and integration.

Cloudflare does keep some code proprietary. Often, open source code is so specific to an individual company's business logic that nobody will be able to use it, so there's no sense in open sourcing it. Also, opening source code can be expensive -- it's not enough to just put the code out there and walk away; you need to be committed to working with the people that use the code, Graham-Cumming says.

Open source encourages organizations to open themselves in other ways, says Graham-Cumming. "At Cloudflare, we err on the side of being open as we can." That includes talking about mistakes. "If someone shows you their code and admits errors, it creates trust."

For example, Cloudflare wrote about its experiences with the serious Cloudbleed data leak in "nauseating detail," Graham-Cumming says. (See Cloudflare Bleeds Bad News – & Good.)

Later, Graham-Cumming was asked by one of Cloudflare's salespeople to visit a competitor's customer and discuss the experience. "I thought, 'What am I doing here, I am going to talk to this customer of one of our competitors about how we screwed up?'" he said.

Graham-Cumming discussed the incident in great detail with the organization's development team. Later, he asked an executive from of the organization whether the executive just wanted to hear Cloudflare's "horror story." But the executive replied that they had read Cloudflare's blog and were impressed by the company's transparency. "And now they are our customer," Graham-Cumming says.

Related posts:

— Mitch Wagner Follow me on Twitter Visit my LinkedIn profile Follow me on Facebook Executive Editor, Light Reading

(0)  | 
Comment  | 
Print  | 
Copyright © 2019 Light Reading, part of Informa Tech,
a division of Informa PLC. All rights reserved.
Privacy Policy | Cookie Policy | Terms of Use