On the XO Laptop

On Open-Source and silver bullets

leave a comment »

I just got a note from an IBMer with some interesting questions:

So, in a nutshelll, this is what I was looking to get insight from you on. I wonder, do you have (or does it exist) a set of “general” silver bullets that argue against open source for applications, outside of the Linux OS? For example (and this is off the top of my head)…

  1. Open source is typically limited to a small developer community, limiting functionality, quality, etc.;
  2. Open source solutions typically have higher risk of failure compared to standard software solutions;
  3. Open source solutions lack support, unless paid for (which, when looking at the TCO, often results in no cost savings in going with open source);
  4. Open source solutions pose greater security risks (see #1)
  5. etc.

I am hoping for something we can share when a customer says “we chose Linux, which is open source; why would we not choose open source for our enterprise applications, as well?”

This, by the way, is how I spend much of my working day. I get emails and phone calls posing questions, or giving me tasks, and I have to do my best to answer them. Some are quite routine queries about a process detail. Others are more complicated; for example, I was once asked to write a brief history of operating systems for use by our sales folks.

I usually deal with such general queries by suggesting we set up a phone call so I can dig into the details before attempting an answer. I have often found that underneath such a general query there are just one or two particular questions that need an answer. For example, perhaps one of the client’s executives has asked about security issues in a particular package, and that is really the only issue that need be addressed.

But, mainly as an exercise, let me see what I say in just a few minutes, in a general sense. This will not be a “canned” answer. I will make it up as I write it, though I keep in mind the words relayed to me by one of the attorneys I work with often. He said that one of his best law school professors would often tell the class that:

It Is Not Forbidden To Think.

Re (1)-(3) it is hard to make general statements about open-source. Each situation must be reviewed on a case-by-case basis.

Programming is much like cooking in that the quality of the experience depends more on the chef than on the ingredients. Good chefs can work with bad ingredients, but bad cooks will usually produce bad food no matter how good the ingredients. Similarly, with code it matters more who wrote it than how it is licensed.

Re security, though again it is hard to generalize, on balance Linux probably has the edge. It is based on Unix, which was designed from the start to be multi-user. Microsoft, to its credit, has worked very hard to maintain compatibility ever since the first version of DOS. Their problem is that DOS was designed for a single user, and not as a multi-user system.

However, most of our middleware products are written in Java, which is equally robust on all platforms.

The important thing, as is always the case, is to do what is best for our client. Most solutions these days are neither fully open-source or fully proprietary solutions written by a single vendor, but rather the appropriate “hybrid” mix of components that best meets the client’s needs. We use many open-source components in our own products. Most of them are there because they are recognized as the best implementation of an open standard or are of such quality that they have become the de facto standard. Apache’s http server is a good example of the former, and Apache Log4J is a good example of the latter.

I had lunch with a CEO last Friday. When a similar question came up, I mentioned that several years ago I gave a keynote at a conference in St. Louis that was attended by a number of developers and execs from large enterprises. I learned during a discussion that their developers would often test and prototype applications using open-source, but would then deploy them using commercial-quality code such as WebSphere. He agreed, and said he had seen similar cases in several large financial institutions in which he had worked.

One of the advantages of using IBM products is that the open-source components we include are tested against, and with, all the other components we put into our products. We integrate the open-source stuff with our own code to produce the right hybrid mix. One of our value-adds is all the testing we do to make sure everything works together. In some cases we provide a well-defined migration path; for example, you can start with WAS CE (Websphere Application Server Community Edition in IBM-speak) and then move up to full WAS, and so forth.

I could go on a bit more, but I think you get the idea.

I will send my colleage a link to this blog post, as I’ll be leaving on vacation myself shortly, and so might not be able to talk to them tomorrow. I will also have a follow-up call.

There is one thing I haven’t written here, and that he doesn’t know yet. When I looked him up in our corporate directory, I learned he works mainly with one very large client, and I happen to know of some activities of an open-source nature we have done with that client. There is also a low probability that my colleague would know of this activity, and I will thus be able to provide him some insight into his own client.

That is another fun part of this job. Not only do I get asked some interesting questions, I happen to know a lot of the answers.


Written by daveshields

December 21, 2007 at 5:14 am

Posted in xo-laptop

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: