Slashdot Mirror
Oracle Attacks Open Source; Says Community-Developed Code Is Inferior
sfcrazy writes "Oracle has a love-hate relationship with open source technologies. In a whitepaper (PDF) for the Deparment of Defense, Oracle claims that TCO (total cost of ownership) goes up with the use of open source. They're essentially trying to build a case for the use of their own products within the government. 'The skill required to successfully and economically blend source code into a commercially viable product is relatively scarce. It should not be done directly at government expense.' Oracle also attacks the community-based development model, calling it more insecure than company developed products. 'Government-sponsored community development approaches to software creation lack the financial incentives of commercial companies to produce low-defect, well-documented code.'"
That is the most insulting demonstration of hubris from Oracle I have seen in a very long time.
Can't we just call them advertisements like the waste of time they truly are?
the pot calling the kettle black
Larry, wake the fuck up you dumbass.
Half your product line was developed through open source programmers.
Stupid mother fucker...
Wasnt the kernel of their unbreakable linux open source as well?
If an experiment works, something has gone wrong.
And just what fraction of Java was community-developed?
As usual, when a company makes this kind of claim, my first thought is 'yeah right', and my second though is that it's mostly FUD to convince people to buy the crap you make.
And, if my limited exposure to Oracle Beehive and a few other things means anything ... Oracle can produce some major-league shit code on their own. That stuff was complete garbage, wasn't even what I'd call a beta, but it was being sold as if it was solid and ready for business.
Lost at C:>. Found at C.
You said "Government-sponsored community development approaches to software creation lack the financial incentives of commercial companies to produce low-defect, well-documented code."
What you really meant was "Unlike proprietary, hidden commercial code, Government-sponsored back doors in software can't be found in the traditional, open-source, many-eyes, well-documented code.
But that probably doesn't rake in the profits, does it?
Support FSF: Stop thinking with your wallet, and think with your imagination. (cc/non-commercial)
There are many other types of incentives and I have rarely done my best work for strictly financial ones. When contributing to an open source project you have to think that somewhere someone will look at the code you write and have the ability to publicly shame you if you do something truly stupid. Standing, respect, whatever you want to call it, is a big motivator for many people. If the same thing happens in many businesses there *may* be consequences, but often as long as it works well enough to collect the customer's money it ships. Personally, I've found more fugly code turds in various closed source projects than I've touched than in the open source world.
First they ignore you, then they laugh at you. Then they fight you, then you win.
As we will see, total cost of ownership (TCO) for open source software often exceeds that of commercial software. While minimizing capital expenses by acquiring “free” open source software is appealing, the up front cost of any software endeavor represents only a small fraction of the total outlay over the lifecycle of ownership and usage.
I had a similar discussion once with an engineer. We were looking at the numbers and I doubted some of the numbers. the engineer replied, "Well, that number came from somewhere!"
Me: "Yeah, out of someone's ass!"
Financial numbers are not physical constants where there's empirical evidence to back it up like say 'g'.
And the thing is, there aren't necessarily lies. You can apportion costs in many different ways and still adhere to FASB and to IRS rules.
tl;dr: Let me at those numbers and I'll prove that any Oracle solution costs way more than any F/OSS solution - and it'll pass FASB and IRS muster.
Open-source documentation is like an insomniac cat. Theoretically it exists somewhere, but no one's ever seen it.
And remember, in this paper Oracle is pandering to risk-averse goverment "managers" in order to get money from them.
Oracle: "We're buying Sun. Next step is to dismantle (MySQL,) close (Solaris, Java,) dissolve (OpenOffice) and generally disrupt all of Sun's open source properties that we can."
Community: "What? You can't do that!"
Oracle: "Watch us!"
Community: "Well, we'll just fork it."
Oracle: "S---! The forks (MariaDB, Percona, OpenIndiana, LibreOffice) and their pre-existing competitors (Linux, FreeBSD, Dalvik) are getting more popular than our versions! READY THE FUD CANNONS!"
Says the company that borrows from an open source project and puts the word "unbreakable in front of it..... In any case I suppose their point is supported by the fact that current government spending on proprietary software is soooo efficient. :S
Community developed code is insecure! Community developed code is inferior! Open source must be exterminated! Exterminate! Exterminate!
Of course in the show the Daleks are supposed to be a huge threat, but they're also kind of laughable. Slow, clumsy, thrown together using whatever crap happened to by lying around at the time.
So i guess that kind of fits Oracle and its software as well.
This Space Intentionally Left Blank
Do you expect them to say open source has a lower TCO? They are bidding/positioning themselves for contracts. If you were a real estate agent on a client interview and asked about a competitor, would you give them a glowing review? I doubt it.
There are many factors which contribute to TCO and the code itself is just one piece.
Security, both OpenSource and Oracle have fallen short in this area. In some cases Oracle has left security bugs sitting for a very long time. Sometimes until called on it publicly. However, with open source your relying on the code maintainers to put in a fix quick. Alot of times they do but that depends on the software and how actively supported it is. Sure, you can modify the code yourself but that affects TCO.
We have both Oracle and open source software in house. Based on our experiences i'm not sure that the open source software has a lower TCO than its more commercial alternative. The upfront costs to open source are cheaper but the long term support costs were higher. Before I get flamed, i'm talking about a particular open source product. Since i'm posting from work i'll leave specifics out of it. But the point is, just because its open source doesn't always mean overall TCO is lower. You have to do the analysis on a product by product basis and factor in both upfront and long term costs.
"Thanks to the remote control I have the attention span of a gerbil."
wouldn't Java be a example of the contrary to this?
Yes, but not the best one. The best would be Oracle's database. Despite the fact that Oracle Database Server is not the result of a 'community-based development model,' the product has a long, ugly history of vulnerabilities. For some reason it fails to be composed of 'low-defect code,' despite apparently having all the best financial incentives. The list of vulnerabilities is long and grows regularly.
The only reason Oracle Database Server has never been the victim of a SQL Slammer type exploit is that it is so expensive that most instances exist only well behind corporate and government firewalls that, if not well maintained, at least exist. Many SQL Server admins apparently don't believe in firewalls.
However, [Solaris] is more of Sun's creation than Oracle's.
Likewise with Java.
Lurking at the bottom of the gravity well, getting old
The question is who you want to pay, and what you want the cost model to be. That is, if it's something with both an FOSS and COTS option.
If you want to pay a vendor a fee, typically based on capacity + professional services, go that way.
If you want to use a FOSS technology, and pay only for professional services, go that way.
Generally I think the FOSS model is much better for customers, because:
1) The customer can scale the business without additional licensing costs.
2) The customer has the flexibility to choose any vendor (or internal staff) to do the work.
So, for example, my last startup grew to 70m users on FOSS software, with hundreds of servers, with only physical server, hosting and bandwidth costs (plus a small dev team, which I would need in any case). If I'd used a licensed OS, database, etc., that cost would have made my business not viable.
Enable 3D printed prosthetics!
There is masses of half-assed, broken, wretched and downright brain-damaged open source code out there, and anyone who claims otherwise doesn't know what they're talking about. Much of it is written as a quick and dirty hack to solve an individual's problem and then released, with scant regard to long term maintainability. Yes, there are some gems, but they are hidden amongst many many times more garbage. The good thing is you can fix it, if needed, and the software will evolve. But typically commercial software has gone through that process several times before it gets to market, because despite what people here may say about microsoft, not many people will pay good money for completely broken crap that doesn't work.
Many companies have paid ridiculous amounts of money for code that doesn't work, particularly custom and semi-custom code. The NHS in the UK scrapped a >10 billion GBP - that's 16 billion USD - national healthcare system. Vertical integrators that have a stranglehold on certain professions are often full of horrible, horrible code. Insane amounts of spaghetti code have been made by cheap outsourcing companies to go into "commercial software". Closed source has its gems. Open source has its gems. But as a broad generalization it's the pot calling the kettle black, both have a huge spread. Often it's just good vs better or bad vs less mediocre and the question to pay or not depends on whether a $50k+ worker could be 1% more effective - that's $500 - with that tool or not.
Personally I find there's a difference of layers, closed source software doesn't sell unless it looks good on the surface with user interface and hand-holding documentation, comes with buzzword compliance, feature checklists and fancy demos of the capabilities. Open source is more grab it, put it through its paces and see if it works for you. Doesn't have to be so pretty to look at, but be a solid workhorse with detailed technical documentation but often a high learning curve. It's usually more about manpower though than anything else, often you realize there's five open source developers trying to compete with a hundred closed source developers and it's not so much a better of the quality of the coders but simply about being outgunned.
Live today, because you never know what tomorrow brings
There have been many third party studies on code quality for large open source and closed source projects. Having worked on both kinds of projects I think you really overestimate the code quality of closed source. A lot of it is simply horrid.
And one of the reasons it *can* be horrid is that it's closed. There's no peer review, and certainly no customer review.
We used to get crap from a vendor that it'd cost huge amounts of money and resources to correct significant, obvious errors in their product. We would tell them "Send us the code. We'll fix it and send it back". And we meant it. For one issue, our admin team sent *them* code, saying "we think this is what you're doing. This other code is what you should be doing." (The problem was fixed, even after they said it'd be too much trouble.) The move to open source was precisely due to frustration with basic, stupid errors that we couldn't fix because we didn't have source.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
What I've found over the years is, just because you get paid to develop code for someone doesn't mean you crap unicorns and daisies. I've also found that all of the installations I've run across that were running Oracle (or DB2) really didn't need to be running Oracle or DB2. It's been overkill for every position I've worked at. Of course, they end up needing it anyway because of their crappy table design and because they're afraid to ever throw anything away when they're done with it. But if they'd been paying attention to their business process and designing their tables correctly, they could have saved themselves a LOT of money with a copy of postgres running on some Linux box somewhere!
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?