The Business Case for Open Source Software

An anonymous reader writes "An InfoWorld blog entry makes a business case for open source software, and attempts to explain the business benefits of OSS to management and business owners. The primary benefits the piece uses to argue in favor of OSS include no licensing fees, and no license keys. The article also argues that OSS results in freedom from 'ownership' by software vendors. 'Never again will you fear the BSA (Business Software Alliance) knocking on your door wanting to perform a software audit. The BSA even takes out advertisements on Google search pages for and up to $200,000 reward a disgruntled ex-employee can receive for reporting your company to the BSA! That's quite a powerful motivator...'"

OSS

[Savage-Rabbit]

The primary benefits the piece uses to argue in favor of OSS include no licensing fees, and no license keys. The thing I like the most about OSS is that I have everything at my fingertips with OSS, they only delay is the time it takes to download stuff and install it. When you are workign with proprietary tools it's the same, you do have everything at your fingertips, except you also have to wait for the license costs to be approved by the bean-counters. Somehow I feel that I get things done quicker with OSS because I can bypass a whole layer of corporate bureaucracy. On the other hand quality of OSS software can be low, documentation often sucks and user friendliness is also an issue although with some proprietary stuff such as certain Oracle products for example user friendliness is nothing to cheer about either and I have seen proprietary software that made me wonder where people get the nerve to demand money for such crap.

Re:OSS

[kebes]

To my mind this is the actual problem with OSS. Accountability is nill. With MS products the same defects are there (though less so as it turns out (predictably)), but in their case at least we know who to blame and can expect the product to be fixed. With OSS I see no way to assure that.

That's not even remotely true. You expound the myth that there is accountability in proprietary software, whereas there is not with OSS. In reality, after you pay for your proprietary software, you have absolutely no guarantee of bug fixes, and no guarantees that changes to the product won't break backwards compatibility (e.g. "mutate"). Don't like it? You can either stick to the current version, or buy the next version, or pay them more money for support contracts that make guarantees.

With OSS, after you freely download the software, you also have no guarantees of bug fixes or interface stability. Don't like it? You can stick to the current version, or freely download other versions, or pay those who make the software for support contracts that make those guarantees, or pay a third party to make those guarantees, or hire people in-house to modify the code to suit your needs, or contract a third party to make those code changes, or port your data to a different software product.

In any case, it's up to a business to evaluate their software needs on a case-by-case basis. But please stop spreading this "because you pay for it there is some guarantee of accountability" myth. Anyone who has tried using phone support for commodity software, or who has read through an EULA, knows this to be a joke.

Re:OSS

[99BottlesOfBeerInMyF]

On the other hand quality of OSS software can be low, documentation often sucks and user friendliness...

Yeah and the documentation and user friendliness of closed source code often sucks too. Just because the software is open source is not some magical bullet. Gee the boss wanted a database but I downloaded a Web browser, but it's open source so that's okay right? It's not like you still don't have to perform due diligence when choosing software and evaluate every package based upon its merits and risks and your use cases. It is just that you have to recognize that open source software is an option for many use cases and often a very good one. The real issue is so many morons who can't understand that there is a different business model and you don't have to buy everything in order to use it.

Another problem I foresee for OSS software is that it may tend to mutate over time without strict controls or much in the way of accountability.

With open source software you have the code and can always compile it the way it used to be or hire someone to. You can hire someone to do a fork if you need to. With closed source software you just have to go along with whatever the vendor wants to do and if they don't want to keep offering an old version just for you or make some change you need you're screwed. Open source wins in this category and arguments that it doesn't seem absurd to me.

What works today may not work tomorrow and when things in your corporation start breaking whose throat are you going to choke?

Choke? When MS decides it no longer wants to support a given language or feature in the software you have whose throat are you going to choke? It makes no difference if you are using software from an organization, or paying from support from a given commercial entity or paying outright for it, except with open source you have a few more options. This situation is not different. If a product stops supporting what you need and is moving the wrong way, open or closed you look at other options and offerings. With open source you have the added option of paying some random contractor to keep the software you have running the way you want.

With MS products the same defects are there (though less so as it turns out (predictably)), but in their case at least we know who to blame and can expect the product to be fixed. With OSS I see no way to assure that.

With MS software you can report bugs and they may or may not be ignored. If you pay for support, they are less likely to be ignored. This is in no way different from open source software, except they tend to be better about fixing bugs in general and in a worst case scenario I can take bids from different people to solve the problem. I have several outstanding bugs with Adobe and they've been in the last three revisions of one of their products on every platform they support. When you do something the application crashes. My company spends significant money working around that flaw. The fact that they are closed source is helping us how? Unless we offer them significant money, they don't care. The only real difference is if it was an open source product, we could have an engineer internally fix it or we would have multiple choices of hiring someone else to fix it, thus costing us less.

The solution to the competitive model of OSS for the Big Vendors is very simple.

I think you're failing to understand the real wins of open source software.

EULAs and license numbers are not the biggest differentiators between OSS and closed source commercial software. OSS is fundamentally a more efficient model for users for software. With closed source software you're always somewhat locked into one vendor, even if it is only being locked into one vendor for improvements. With OSS you always can take competitive bids, thus getting better prices. With closed source software the vendor charges what they think will maxi

Re:OSS

[e-scetic]

Don't like it? You can stick to the current version, or freely download other versions, or pay those who make the software for support contracts that make those guarantees, or pay a third party to make those guarantees, or hire people in-house to modify the code to suit your needs, or contract a third party to make those code changes, or port your data to a different software product.

Or simply post a bug report, or correspond with the programmers to resolve the problem. This is definitely not something you can do with Microsoft.

With OSS you at least know who helped build the product. You have names, contact info, ways to communicate with the movers and shakers. With closed source you usually never get anywhere near a programmer.

Re:OSS

[Master+of+Transhuman]

"(if OSS hoses your network, who you going to sue?"

Bullshit.

Marcus Ranum annihilated this argument in his "Stupid About Software" rant.

Of course, you're right that management ACTS that way - but it's all CYA. Nobody ever sues a software company for non-performance of the software. They just pour more good money after bad trying to make it work - until they either get something half-assed working or they abandon the project and start all over again with some other vendor.

Re:My experience

[MMC+Monster]

I'll take this as sincere and not a troll.

Get a new lawyer for the company. The GPL states that whoever has access to the executable should have access to the source. You said yourself that you only wanted to release the executable within the company, so the GPL doesn't really apply.

As for gcc, if you modify gcc itself and send out copies of gcc outside your company (which is *extremely* unlikely; if you have resources to do that, you are not in the right field.), then you may have to release source. Otherwise: gcc is a tool to compile a program, just as pencil and paper are tools to write the program. You are not bound by the GPL on what you write. Now, if you link to a library that is GPL (not LGPL) licensed, you have to release source to whoever gets the executable.

Business Case? How about home case?

[Technician]

The primary benefits the piece uses to argue in favor of OSS include no licensing fees, and no license keys.

When WGA started up, I started looking at Linux again. Business has some incentive. So does home users. We have 3 machines running Ubuntu now. We have one Windows ME laptop and one MS XP Home machine. The XP machine will be the last to migrate. It's just waiting on a port of Turbo Tax. There is no plans at this time for Vista due to the Anti-Piracy effort gone overboard. I don't buy booby-trapped software. I expect software to just work without complications. Vista is loaded with complications.

Re:Business Case? How about home case?

[Technician]

It is more noticable in XP then in Vista. It seems like every 2 weeks I am installing WGA, in Vista it must be happening in the background because I havent noticed anything yet.

In XP it is a add on patch. In Vista, it's built in on the ground floor. Do a google search for Vista false positive. Pick any item on the first google page. They all relate to WGA problems on Vista.

Re:Business Case? How about home case?

[Technician]

And has doing all of what you described been worth saving $200?

Far from it. On the other side. A copy of XP.. good for one install. A copy of MS Office.. good for one install. We work on desktop machines once in a while, but are road warriers. Not buying 2 extra copies of XP and not buying 3 upgrades of MS office twice on 2 machines from 97 to 2000 to 2003.. There is more.. Not updating the AV for the 3 machines and not buying Photoshop Elements on at least one machine. I'll leave it up to you to figure the cost of 3 copies of MS office (any version) 3000, 3 copies of retail XP with or without new hardware, and at least 1 copy of Photoshop Elements, and AV software for 3 machines.

The education alone on learning to install, service, and configure Linux has been worth the $200 alone. The first install was to learn about it. The second and 3rd install was for the apps that came with it that work and are not limited function demos. I didn't even need Roxio or Easy CD Creator to burn the next ISO. Oops, forgot to include that in the savings.

Re:My experience

[Silver+Sloth]

Anybody who thinks that Linux is covered by

GPL, or the Gnu Protective License hasn't talked to a lawyer, let alone understood the rights conferred under the GNU General Public License. I think we've both just fed the troll.

While here in India...

[jkrise]

the business case for Open Source Software in the enterprise market is already well established. Some reasons:
1. The average IQ of the 'EDP Manager' .... (or should I say IQ of the average EDP Manager) seems much higher than elsewhere... so he can't be fooled forever.
2. Closed source software is so very expensive, enterprises choose to build their own systems; and they mostly choose J2EE and Eclipse. The LAMP stack is packing up with amazing velocity as well. ROI can be seen in a single year, with many apps.
3. Not much of lock-in has occured already - very few companies have data locked in .doc formats... not many firms have BI or Analytics... so leap-frogging ain't a big issue.
4. The hardware specs are roughly 10% in the OSS space.... and that matters a lot as well.
and lately:
5. It is getting more and more cumbersome pirating Closed source s/w - be it OSes, Office, SQL or whatever. Most EDP mgrs over here have been on the same company for a decade on average; and they're pretty amazed at what OSS can do.

A recent Java conference (paid, mind you) had over 10,000 attendees! RedHat is doing very well... not many people know or care about Novell... many state govts. have mandated and stipulated Open Source specs...

Somehow, people this part of the world do not seem to wait for Gartner reports or NYT articles before experimenting with OSS.

The EFF and Activists may come knocking

[tezza]

'Never again will you fear the BSA (Business Software Alliance) knocking on your door wanting to perform a software audit.'

You may however have the EFF or activists wanting to inspect your code.

Re:The EFF and Activists may come knocking

[Sique]

The FSF activists will come and demand a look at your software if and only if you start to distribute the software. I guess if I started to sell selfburned XP or Vista CDs on eBay or from a table at the street corner, there will not only the BSA come upon me.

The FSF will never look at your computers for the installed and used software at all, because the GPL allows the unlimited use of the software everytime and everywhere. It's just the process of modifying and distributing where they want a look (and if you just put the CD with the sourcecode into your distribution, they won't even call).

Linksys actually distributed a modified version of the Linux kernel together with some tools and utilities, and thus Linksys, which got the software under the GPL, had to comply with the GPL as soon as they were selling it in a modified form.

Oh, nice FUD

[Tim+C]

"Never again will you fear the BSA (Business Software Alliance) knocking on your door wanting to perform a software audit."

It's funny, but when *I* say "Nice business, be a shame to see it audited..." people start talking about calling the cops if I don't leave immediately.

Seriously though, FUD is FUD whoever it comes from; just because they do it doesn't mean it's ok for us to do it too.

Re:My experience

[Zonk+(troll)]

Although we met several technical challenges along the way (specifically, Linux's lack of Token Ring support and the fact that we were unable to defrag its ext2 file system), all in all the process went smoothly. You've used Windows too much. ext2/ext3 do not need defragging. If you insist of defragging, then use XFS and run xfs_fsr to defrag.

So you can imagine our suprise when we were informed by a lawyer that we would be required to publish our source code for others to use. You need to get a lawyer that has decent reading comprehension. You only have to distribute the source if you distribute the binaries outside of the organization.

It was brought to our attention that Linux is copyrighted under something called the GPL, or the Gnu Protective License. GNU General Public License.

Part of this license states that any changes to the kernel are to be made freely available. The GPL is only a distribution license, not an EULA. If you don't distribute it outside of the organization it doesn't apply.

Furthermore, after reviewing this GPL our lawyers advised us that any products compiled with GPL'ed tools - such as gcc - would also have to its source code released. This was simply unacceptable. You seriously need lawyers that can read. Take a look at OS X. It's compiled with GCC and it's not GPL.

I think the biggest thing keeping Linux from being truly competitive with Microsoft is this GPL. Its draconian requirements virtually guarentee that no business will ever be able to use it. Read the full text of the GPL. Read the full text of the Windows XP EULA and the EULAs on all of the updates you have to apply to not get 0wn3d. Which is draconian? Hint, it's not the GPL.

Same here, and more...

[mangu]

When you are working with proprietary tools it's the same, you do have everything at your fingertips, except you also have to wait for the license costs to be approved by the bean-counters

This is one of the two main points for OSS that I have experienced. The second important point is that with OSS your system is able to survive the vendor. Where I work we have a 400000 lines VAX-FORTRAN software that we are struggling to migrate. Although we do have the Fortran source code, migrating it to any other Fortran is very costly, we have the choice of doing it ourselves or pay about $250k to outsource the job.

I think our experience shows the importance of going all the way in OSS, the operating system, utilities, compilers, etc are just as important as the applications. That's why we are migrating our system to g77 on Linux, instead of using one of the several commercial Fortran compilers whose vendors claim VAX compatibility.

Re:Same here, and more...

[senatorpjt]

Where I work we have a 400000 lines VAX-FORTRAN software that we are struggling to migrate.

Yeah. And, I bet that when those 400,000 lines of code were written, the idea of DEC folding was about as plausible as the idea of Microsoft folding.

"Cut and Paste" troll alert...

[advocate_one]

originals are Here and here...

Re:The FSF and Activists may come knocking

[tezza]

Seeing as some kind soul modded my original post as Flamebait, I'll take another post to say I probably wrongly singled out the EFF, whereas I probably meant the FSF.

In this thread you can see an employee[1] of FSF (novalis atsign fsf.org) asking for submissions about the Linksys software. This is not out of simple interest in what is running. It so that they can build a case to ask Linksys to prove they have complied with the various licensing terms of the open source software incorporated in their device.

For the other people out there who might mod this down, here is a more comprehensive list:

* Theo de Raadt On Firmware Activism - requiring firms to open linked code

* And the whole SveaSoft debacle - Is Sveasoft Violating the GPL? - Please note this entailed multi-party activism with external people deciding to leak SveaSofts code

-----------
1 - someone claiming to be at least

Flamebait?

[cgenman]

It's quite different over here. It's not just a question of experimenting with OSS, it's a combination of seeing the job as deciding between presentations from different vendors and being averse to taking personal risks.

As I mentioned, it seems like people have stopped doing their own research and now mainly choose between different schpiels from different vendors. Vendor 1 selling you something for 100,000 dollars, and vendor 2 selling it to you for 50,000? Clearly if you go with vendor 2, you've saved the company 50,000 dollars a year. No need to point out vendor 3, who doesn't have a substantial sales team but who sells something identical for 5,000 dollars per year, or an OSS solution which might need 1,000 dollars per year worth of tweaks. Or maybe it makes sense for you to write your own. We generally have a 2-vendor solution, and nobody can fault you for choosing the better of the two, right?

The risk-aversion deepens. In corporate US if you create a product that everyone else is making, your job is reasonably safe even if it tanks. And, in fact, simply because everyone else is making it, it's likely to tank. On the other hand, if you create something original (i.e. something with an open market) and it tanks, it's more likely that your career will bear the brunt of that mistake. OSS is currently viewed a lot like that. Taking risks is largely regarded as a negative, and certainly regarded as a dangerous career move.

One does not experiment with OSS, because one does not experiment. One either knows for sure, or one contracts a vendor who will bear the brunt of the responsibility when things might go wrong.

Re:My experience

[przemekklosowski]

The parent article is wrong on several levels, and frankly the mix of arrogance and ignorance suggests a troll job. My Bait-O-Meter is pegged on red, but what the heck, in the interest of keeping the record straight, here are some corrections:

Although we met several technical challenges along the way (specifically, Linux's lack of Token Ring support and the fact that we were unable to defrag its ext2 file system), Linux has Token Ring support for at least six years now (http://www.linuxtr.net/). Similarly, ext2 filesystems do not need to be defragged, normally, and even if the poster hit some specific usage patterns that resulted in problems attributable to ext2, making kernel mods to ext2 would be the wrong thing for a consultant to propose. Finally, even if it miraculously weren't so (e.g. because the poster brilliantly spotted a simple fix to ext2 that everyone else missed), the idea to keep this fix private happens to be misguided on both technical and moral grounds, even if GPL wasn't an issue. This is so, because the filesystem code is a critical infrastructure, and due diligence requires it to be carefully rewieved. Not publishing it would prevent a peer review by the people who know the area much better than the poster, even if we assume that he is competent in fact.

GPL, or the Gnu Protective License. Nuff said, after a legal consultation they still have no clue even to the proper name of the GPL. I guess failing on the preliminaries makes further progress difficult...

Furthermore, after reviewing this GPL our lawyers advised us that any products compiled with GPL'ed tools - such as gcc - would also have to its source code released. [...] Although we had planned for no one outside of this company to ever use, let alone see the source code, we were now put in a difficult position. We could either give away our hard work, or come up with another solution. Yes, they got the meaning of the license completely wrong, too. It is widely known that a) compiling code with gcc does not require making the source available, and b) GPL requires making the source available only if the binary is distributed to the public.

Although it was tought to do, there really was no option: We had to rewrite the code, from scratch, for Windows 2000. So, they wrote TR and ext2 for Windows (snicker).

I may reconsider if Linux switches its license to something a little more fair, such as Microsoft's "Shared Source". Until then its attempts to socialize the software market will insure it remains only a bit player. 'Shared Source' essentially means that you can peek at MS code, but it doesn't mean that you can go ahead and deploy modifications. More importantly, most Intellectual Property rights are retained by Microsoft, How can anyone complain about IP loss in GPL and at the same time propose Shared Source, is a mystery. Oh, but it is a troll. OK then.

FUD

[utnapistim]

Never again will you fear the BSA (Business Software Alliance) knocking on your door wanting to perform a software audit.

As I see it, this is actually one instance where you only fear something if you've done something wrong; I mean ... why should you fear an audit if you're using legal software?

I am using Linux at home almost exclusively, but for business cases, I've seen the following scenarios:

• small company with legal software (Windows network), the small one being audited by BSA (and nothing bad happening).
• small company with illegal software (also Windows network), got a big fine and then switched to Linux (instead of buying Windows) as a legal alternative;

Either way, if you use proprietary software as a business, you should buy it (its part of your running cost, if you want that software).

Also, the entire entry does not take into account the TCO of Linux, which can be a decisive factor. I'm not talking here about Linux versus Windows (though there is that), but I've seen Linux dismissed in our company in favor of SUN/Solaris machines and HP/AIX due to a much higher maintenance/configuration cost for Linux.

Why wait?

[Svartalf]

TurboTax has DRM that messes with your machine in ways that can trash it- in and of itself
that merits changing off of the product for a comparable solution.

TaxCut doesn't seem to do this and works completely correctly under WINE and CrossOver,
even down to printing the forms. I've done my taxes for the last 4 years without needing
to reboot into XP. No hassles once you've got the web foundation fonts installed in WINE.

It just simply works. It's not as good an answer as a native version of either tax program,
but I suspect you may be waiting another couple of years for that to happen. Why wait if
that's the only hold up for you?

Re:Don't come a knockin

[ajs318]

Which would be fine. But most people's definition of "stealing" does not include "paying for it, then mislaying the receipts".

Re:Not the same thing though-Incorrect.

[zotz]

"I think the point you're missing is that in both cases there's an implicit threat hanging over anyone who uses their software."

Actually, I think it is you who missed the point I made. To my knowledge, no one has ever had problems if they are a simple user of a GPL program. Now the story is different for those who make and distribute or sell copies and for those who make or sell derivatives.

If you know of people getting in trouble for simply running GPL programs, I would like to hear about it.

all the best,

drew