Slashdot Mirror
How To Approve the Use of Open Source On the Job
New submitter Czech37 (918252) writes "If you work in an organization that isn't focused on development, where computer systems are used to support other core business functions, getting management buy-in for the use of open source can be tricky. Here's how an academic librarian negotiated with his management to get them to give open source software a try, and the four phrases he recommends you avoid using."
"Open Source," "Free [Software]," "Contribute," and "Development" appear to scare managers away.
Old saying. Nobody ever got fired for buying IBM. Nobody ever got fired for buying Microsoft. Nobody ever got fired for buying SAP. It's a simple cover-your-ass game.
Managers, unless they have a very special bond with the company (like, say, they built it from the ground up) don't give a shit about the company. They care about their ass. And when the question is whether to blow a million of company money for software they don't know jack about but has a big name behind it, or to save the company a million bucks using software they don't know jack about but has no name to it, they blow them money.
Because they needn't explain why they did it. It's IBM/MS/SAP, how should he have imagined that it's no good?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Contribute = Obligation
Development = Cost
In small businesses - often the best foot in the door for open source software is a pet project, something you can do transparently to design something to show management about the advantage of the software has over more traditionally licensed fare. Being able to speak the language of IT management helps - Cost of Ownership, Return on Investment, being able to present facts based on license costs is also helpful - management listens to dollars and sense, followed by legality.
Of course, if your business deals with large vendors who have a stake in keeping things locked to Microsoft, Oracle, IBM or HP - you are fighting a steeply uphill battle.
Avoid terms with negative connotations, such as "GPL" and use the more acceptable term, BSD. As a hiring software developer, I know of what I speak.
When I tried this with bigger companies, it was H*** on earth to try them to embrace Open Source. One of the business managers simply doesn't understand the concept of a free lunch.
However, with every SMALL company I ever worked for, introducing Open Source software...was a blessing from above to them, it's free, it's cheap...and the programmers are enthusiastic idealistic & proud of their work, so bugs gets fixed faster and new features are introduced frequently as opposed to the commercial bug ridden bloatware where companies are afraid to admit ANY wrong doings as they're afraid of liabilities and such.
I've been using Blender (3d Software) for over 10 years now, making a living of it, and all the commercial alternatives are slowly fading away with their fanboys. Long live Open Source, it really is true freedom.
What this world is coming to - is for you and me to decide.
Point out its inside your routers etc. so it's not harmful and actually works.
APK
P.S.=> This should be the LAST thing I would tell you "Open SORES" people (as I am a Windows fan as you mostly all know probably, but I don't dislike Linux & have used it for years myself: I just disliked "FUD" b.s. lies spread here about it vs. Windows, ala "Linux = Secure, Windows != Secure" for years here when the real truths are any of them can be security hardened quite well, AND, the more used an OS is on ANY platform, the more it will be attacked - ANDROID's showing the WORLD that's true, albeit, only now... I said it for years vs. the b.s. artists here is all beforehand)
However: "There 'tis" - Use your heads & point this one out along with any other good ideas that pop up... apk
It seems like the best bet is to not raise the question in the first place. Management doesn't need to know that Apache is free, for instance. And there are commercial and free versions of Nagios, Tripwire, Sendmail, and so forth. We have over half of our prod servers running Red Hat, for which we buy maintenance, but in the lab we run CentOS. The Open Source community realizes that companies have a compulsion to spend money, and there are companies that will sell you free software (think about that phrase for a minute...) to satisfy this requirement.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
See subject-line & extoll a virtue of less 'cost-per-unit' of each router: Goes over big on that end too (with 'business types' - think about it, if YOU were running the place & it was YOUR money).
APK
P.S.=> Remember the crowd you're addressing isn't so much about tech, as they ARE about "Benjamins/DeadPresidents" & stock value - demonstrating a savings from "R&D" goes a LONG ways... apk
Was my point & I can say it, I've DONE it: Saved costs of buying routers using machines that were dual homed + netconfig software to do it on Linux (no licensing fees etc./Free OS etc.)... was easy to setup, acts as a NAT router nicely in fact.
APK
P.S.=> There's routers with Linux cores in them too http://www.bing.com/search?q=r...
Plenty of "pretweaked" firewall & router OS based on it too or ready to do what I did decades ago (1999-2000) tuned to do the job -> http://en.wikipedia.org/wiki/L...
... apk
Was my point & I can say it, I've DONE it: Saved costs of buying routers using machines that were dual homed + netconfig software to do it on Linux (no licensing fees etc./Free OS etc.)... was easy to setup, acts as a NAT router nicely in fact.
APK
P.S.=> There's routers with Linux cores in them too http://www.bing.com/search?q=r...
Plenty of "pretweaked" firewall & router OS based on it too or ready to do what I did decades ago (1999-2000) tuned to do the job -> http://en.wikipedia.org/wiki/L...
... apk
So in other words, put Open Source on the table just like any other software. Don't try to differentiate it as "Open Source", because if you do, decisions makers and stakeholders will wonder why you're putting extra effort into justifying it.
Put it up with a support contract and necessary consultants just like any other piece of software and you'll get approval.
I'm out of my mind right now, but feel free to leave a message.....
and they are typically correct
otherwise free software isnt free, you have to take perfectly good machine with working software package, take the time to remove all that reinstall free software that may or may not do the job (IE bill makes a presentation on MS office and java office pukes the formatting right in front of the customer), Then who is going to support it when it doesnt work? Are you going to hunt bugs all day, don't you have a job to do? Who is going to retrain everyone, I know OS's are fundamentally similar, but Jesus move an icon and Mary can no longer function?
non software company's don't want to deal with that, they want to go to dell.com, choose a box click the option for MS office and be done with it. Its cheap, it works with everybody else, just about everyone knows how to use it, and it doesnt take months to restructure your entire IT system ... for what? A political statement.
exactly lay out the facts:
product A is owned by commercial company with billions of dollars and developers backing the product
product B is written by some really smart people in their free time that may help you on a forum or in an IRC chat room if they can
Not where I'm working (a giant company). On the contrary, we are rather suspicious of commercial solutions — because their costs tend to run up pretty quickly (we have a large user-base) and their license terms often enough turn out to be rather enslaving (Oracle is particularly scary in this regard, from what little I've overheard from the company lawyers).
Sure enough, free software has its rough edges, but so does the commercial kind. And we have enough bright people to fix the problems (bugs or missing features) in the open-sourced packages, whereas with the proprietary stuff you are usually at the mercy of the vendor. We still use some commercial programs, but, when choosing a software solution, the program being proprietary is a negative, rather than a positive factor.
I wish, it remained possible to get the source for the commercial packages as well, but with modern attitudes towards theft of intellectual property as well as the wide-spread propensity to use the terms "free" and "open source" interchangeably, this is not an option...
In Soviet Washington the swamp drains you.
Agreed. I take a dim view of managers that demand I "sell them" on what I think is the right choice.
It's their job to make decisions wisely, not my job to force what I consider wise decisions down their throat. I try to be honest about the pros and cons. If the choice lies within my authority, I try to make the best choice. If it's within their authority, then I hope they make the best choice. If they don't, that's their problem.
I guess this response must reek of someone who has little patience for foolish managers, and other job prospects if necessary. So be it.
Its easier to get forgiveness than permission.
Not always. Not everywhere.
My first instinct when a geek summons up a Slashdot meme to make his case is to do precisely the opposite of what he suggests.
In my experience, showing a side-by-side demonstration of performance followed by the price will get your foot in the door. From then on, deliver and keep foot out of mouth. The low cost of setting up a demonstration of FLOSS makes this fairly simple with no need for a line-item on any budget.
For instance, in one school, I discovered the paid ILS was not working two years after it had been bought. The supplier just didn't bother to fix the problems. I installed KOHA in 15 minutes and showed it to the librarian. Within days, the supplier of the paid system made its stuff work. Several years later, that same supplier was doing the same with another school. It's software would not accept the supplied "key" after weeks of discussion. I installed a FLOSS ILS and in short order the paid supplier fixed its problem. The sad thing is that both schools paid $thousands more to get similar performance to a FLOSS application that didn't let closure of the source code or anything else get in the way of performance. It's just so much simpler to use FLOSS from one end to the other.
In another school, the CD that bore the "key" was missing/lost and an expensive bit of software could not be made to run and the supplier would not bend. He wanted to be paid again for the same performance. We replaced the OS and the application with GNU/Linux and Moodle and several other FLOSS applications and had better and more agile IT thereafter. FLOSS is the right way to do IT for education. We are in the business of educating, not making monopolists rich. We don't owe them an extravagant living.
Most managers who have had any dealings with a software rollout know two things:
First is that they won't actually get what they think they have specified
Second is that there will be problems (see point #1), overruns, differences between what's required and what's delivered and that getting the software functional is only a small part of the job. The rest is integration, training the users, supporting the thing for 5+++ years, implementing upgrades and bug-fixes
These managers also know that once a project has been signed off, the money has, just that moment, been spent. Companies don't think of money, they think of budgets - so once you have gone through the approvals process and got your budget and your go-ahead the project is effectively a sunk cost, but one that has not yet delivered anything. As a consequence the manager in charge of the project will be deemed to have failed if he/she needs to go back and ask for more, in order to deliver the project.
So, in their minds they want insurance - and indemnity - above all else. Even above cost savings. They want to know that in return for $<megabucks> that when things start to go wrong, their commercial relationship with "the vendor" entitles them to get support, advice, expertise, fixes, customisations, training, documentation and upgrades. Those will all form part of the cost-case and whoever approves the case will expect, maybe even require, that those items are included and form part of the contract. As they know that there will be the need to call upon those services. If all they get for using "free" software is a pile of code, then that is usually the smallest part of the project and often the least expensive, too. The real cost, over the project lifetime comes with all the extras and services they get from their vendor - but which "free" software is very poor at providing, and absolutely does not guarantee.
If you go to get approval for a project of any significant size, not having included those items will mark you out as, at best, a newby and at worse: completely unsuitable to be managing a project. It's like if you buy a car. The cost of the vehicle is only one aspect. The cost of servicing, fuel, taxes and depreciation are major factors that should be included in the plan. That they aren't is just an indication of how poorly most people approach a major purchase - and why they'd never make a project manager.
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
On THIS site? They likely do already. In fact - I'd be VERY SURPRISED *if* there aren't guys here doing what I did already in their businesses (as it's a cheap out, & routing can be done easily this way (& even use the box for other production work too - routing's no "huge task" for an internal network)).
* Per my subject-line above though? You could also POINT OUT that those routers SHOULD be cheaper than ones licensing other OS to run them - for a Per-Unit cost savings on them (provided they're cheaper & can do the same job... & they can do the same, but it's a matter of costs).
Sense tells me you could sell a router cheaper using Linux onboard than licensing ones to raise the per unit cost of said routers.
APK
P.S.=> Have YOU forgotten WHERE it is you're @? I hate to say it, but... "THIS IS SLASHDOT" (home of the Open SORES Penguins online (imo @ least))... apk
The web service stuff is in AGPLv3, and GPLv3 and AGPLv3 are separate licenses. The only ways they're connected are that most of AGPLv3's wording is copied from GPLv3 and that the GPLv3 has an explicit exception for linking to AGPLv3 code.
and you have no company to make a data confidentiality agreement with
Why can't you execute a data confidentiality agreement directly with the main developer as an individual contractor?
And without a repro, and bad data to test with, the need for the fix is not obvious.
If a patch is made with the intent to correct misbehavior, this implies that a cause of the misbehavior has been found. And once a cause is found, it shouldn't be too hard to generate fictitious data that likewise trigger the misbehavior.
exactly lay out the facts:
product A is owned by commercial companywith billions of dollars they spend on their many lawyers and developers backing the product who spend most of their time designing licensing features which not only make it likely you will meet the lawyers but also interfere with your normal legal use. BTW never call support; they just use it as an excuse to check licenses and they try to "monetize" bugs by selling consultancy.
product B, apart from it's excellent commercial support from RedHat and IBM who actually do fix things from time to time, is written by some really smart people in their free time that may help you on a forum or in an IRC chat room if they can.
There FTFY. Really, the 90's called and they want their anti-open source shilling back.
Well.. from my experience:
Me: "BOSS!! I got this server program for FREE!! Or do you want to purchase MS 5 ACL for $860???"
Boss: "HELL!! Why you still sit there!? Go fucking install it until overtime! But don't charge fincance for your overtime!!!""
Easy...
"No support contract."
Thus what they see is the possibility of problems that take days or weeks to resolve, while getting told STFU NEWB on some mailing list.
That's the experience many clients have had with FreeBSD, for example.
Futurist Traditionalism
Particularly the STFU NEWB part. This is exactly the reputation open source software has.
exactly lay out the facts:
product A is owned by commercial company with billions of dollars and developers backing the product
product B is written by some really smart people in their free time that may help you on a forum or in an IRC chat room if they can
You hit the nail on the head. That is one of the big problems indeed.
exactly lay out the facts:
product A is owned by commercial company with billions of dollars and developers backing the product
product B is written by some really smart people in their free time that may help you on a forum or in an IRC chat room if they can
You hit the nail on the head. That is one of the big problems indeed.
There is sometimes overlap between the two groups. For example, Linux.
Project leaders usually come to me with a vague and changeable list of requirements, a very short turnaround time, and no budget for anything other than wages.
- Writing from scratch takes too long, plus the requirements change too late in the game
- Buying off-the-shelf means squeezing blood out of someones stones, and is not customisable
- Evaluating several open source solutions and taking the best, then modifying as needed hits the sweet spot
The only time I really needed to put a strong case forward to switch to open source was when I took over an in-house solution just after I started this job. The new requirements were simply too much, the deadline too close, and I had too many other things to do to realistically change the custom written code on time. I found a mature open source solution with an active developer and user community which was far more capable and customisable than anything I could single handedly accomplish. I told management that if it didn't do what we needed then in the worst case we could always fall back to the old in-house solution (god help me). Best decision ever, saves me hundreds of hours ever year. I still add the odd feature or bug fix when needed and submit back to the community, but usually by the time we think if it someone else has already done it for us.
Having basically no budget means I couldn't accomplish half my job without free or open source software.
Human Rights, Article 12: Freedom from Interference with Privacy, Family, Home and Correspondence
True. Those are good pieces of software.
Wait, so they do work, and you have to pay them? What a scam!
Except for the really edge cases most SAP installations cover the exact same grounds. What are the chances that, for example the accounting, which is strictly governed by laws, is radically different from one shop to the next? In few cases a shrink wrapped solution would have done the job too.
And provided it works, what's wrong with that?
Except that you are billed around half a million for the "integration" efforts.
What SAP sets itself apart from shrink wrapped solutions, is integrating with existing legacy or non administrative systems. For example the sales order triggering an entry in the production system. But in the case of SAP that definitely will not be cheap and you are effectively contracting software development work out to SAP. This is all fine and well when you are a shop that has totally no background in software development. But then you can also contract it out to a different and cheaper developer.
I assume you wouldn't have to train users when implementing other system, either made in-house or bought?
Yes you need to provide some guidance. But wasting a day of a room full of IT professionals on how to fill out a spread sheet like form, so they can log their hours. This includes on how to install the application, log into the SAP, typing in values and hitting submit. With the added excourse why basics of account and why logging hours is useful. You know something that one page e-mail would have done with a "I mananger comand you to log your hurs" and here is the step by step explanation. The entire thing at the tune of 10 thousand bucks to train something like 200 people. Not to mention the fact that hours where logged beforehand.
and remodel your business processes around the paradigms those tools are designed
Except that deploying SAP also meant that most processes where changed around anyway, so yea whatever.
I have seen 3 SAP deployments, two first hand and one second hand. There is some benefit in using SAP as a one stop solution, but it will definitely not come cheap.
Don't try to differentiate it as "Open Source", because if you do, decisions makers and stakeholders will wonder why you're putting extra effort into justifying it.
Well, why put the extra effort into justifying it, then? What's the real answer? Is it because I have been brainwashed to like it, and must turn everything into OSS just because it's so awesome?
Good idea, but incomplete:
exactly lay out the facts:
product A is owned by commercial company with billions of dollars and developers backing the product
product B is written by some really smart people in their free time that may help you on a forum or in an IRC chat room if they can
Product C is free, maintained by a mid sized company, and they sell support contracts
Product D is proprietary, owned by a company that might be bought by the competitors, who may or may not keep supporting your product
Product E is a great software product, proprietary, but your company is not in the target market, so licensing and support don't match your needs
Product F is proprietary, and you might need small development tasks on top of the product. Only can buy from the owner.
Product G is free, and you might need small development tasks on top of the product. You can buy from the developer, build your own, contract, whatever.
Add to that, whether there is an easy way out should the unthinkable happen (end of life for products). Does the software support industry standards? Are there alternative implementations of these standards? Have you tested compatibility?
I'm not hiding the technical or strategic advantages some proprietary products might have over free ones, but they are stated everywhere, only trying to lay out more aspects you need to care about.
I think regarding the article you just need to do your job, and lay out all the things you consider. Free software is almost always better in the long run, but it's only sensible to lay out everything you considered, so others can make the best decision.
In corporations (especially the Fortune 100-500 & yes, I've been there/done that) see subject-lline above. You wouldn't use all the diff. distros of Linux for routing. Just a single one can do it. As far as certs go, if something gets the job done and the person adminning it has proven himself, why bother with a cert that costs the company money sending an employee to get it if they don't need it since they understand it fully! That'd be wasteful of said monies (unless its in their contract or employment agreement to get said training that is. That happens too). Ash-Fox: What are corporate bodies out to do and make? See 1st word of my subject-line above. That IS their "bottom-line" objective.
'academic librarian doesn't know how to proofread or use spell-check'
A lot of the reason I got into the more technical end of things is because Microsoft was useless for support. Early on I had a modem that was conflicting with the mouse serial port (remember I/O addressing and IRQs?) yes that was long ago. After several phone calls they couldn't fix the issue. I broke down, read the manual (yeah remember those), and fixed the issue myself.
Years later getting a strange BSOD on an enterprise system. Called up MS on our support contract. They had no idea why. After much digging and research found that their patch broke a particular driver. So, if I have to solve all my own problems anyway why not run software that's free?
The reality is that's the same response you get 99% of the time from commercial closed source vendors as well. It's just cloaked in different wording. You have a problem, you contact support, it's been outsourced to some scripted call center. You hassle with several of them, maybe you get escalated. You have a known issue, it'll be fixed in some point release in an undefined future timeline. Or it's not a core feature, but you can pay an hourly support fee to have a developer address the issue. So, you just got the same answer from your support that you got from the OSS mailing list, NEWB we'll fix it when we feel like it.
I deal with a mixed house, plenty of OSS and proprietary software. Both have advantages in their realms. If you are using a popular OSS package at least there's plenty of information available on the internet about other people's solutions to problems with it. If you are using a popular commercial product, it probably has knowledge bases or adequate support to help with edge cases. However, if you are using an almost orphaned OSS package or a small commercial product or niche market product... good luck to you.. they all are lacking.
[quote]MS SQL Server vs. PostgreSQL is not even a fair comparison. Postgres is fine for a small project. But it does everything in an excessively complex way that doesn't add anything useful. [\quote]
I'm sorry, but you can't read this sentence and keep a straight face. You really think Postgresql is the winner for doing things in obtuse excessively complex ways? Your experience or opinion differs from mine. MS SQL Server has nice GUI tools, perhaps that makes it appear less complex. But you are talking about relational database systems and complaining that they do complex things....
I've used both, still use both, like everything there's pro's and con's.
Yea, well - I know PLENTY of "paper MCSEs" in my day - all the certs in the WORLD didn't make them experienced hands-on or even GOOD @ problem solving... yes, it happens, & I am SURE You know that.
Still: I see your "pov", but it DIRECTLY CONFLICTS with their TRUE "bottom-line" - Profit.
How?
Well E.G.-> They aren't giving away raises, & they aren't "giving away" training to all people!
(That's a fact I am SURE you've seen - I've gotten that training paid for on the job before... but you learn FAR MORE on your own, by far, actually using the tools (be it in sysadmin work, or moreso coding solutions (where YOU are truly, the inventor, not just using the tools others wrote for you to merely use)).
See subject-line: Since you've got 1 thing absolutely right - what CAUSES most of the hassles in this world? Money... there's a reason "Follow the Money" exists as a phrase (it's true).
"Management NEEDS THAT BONUS" is usually who gets the biggest slices of the pie (out of Marketing no less on budgets and bonuses - makes me ill almost - being paid to LIE or twist things, getting paid more, vs. actually BETTERING THINGS being paid the most or creating the things that make you profits (any engineering)).
APK
Consider the scenario:
Product A has technical features X,Y,Z
Product B has technical features X and Y (not Z).... but it's OSS!
Most decision makers will then ask, what's OSS? And when you get into the weeds of explaining nuanced differences in licensing, they'll quickly decide that the features outweigh the license benefits.
I'm out of my mind right now, but feel free to leave a message.....
One of the big problems is that people actually believe that stuff. In this reality, "backing the product" doesn't mean accepting blame or necessarily fixing your problems with it, or in fact anything guaranteed useful.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
As a professional (& a decade++ as an amateur before it) + did pretty well @ it (even getting some decent amount of notoriety in trade shows, technical publications, newspapers, etc. over time 1996 onwards).
I definitely HAVE seen guys with paper certs NOT be able to solve problems I could (and DID for them, which was WHY I was hired... as well as brought into meetings to outright DESTROY potentially "invading" contracting firms by said bosses too.... why? They told me they were out to take MY job & those of my fellow workers... I could have NO GREATER INCENTIVE & never failed @ it... had to).
As far as how outright crookery goes in companies for bonuses and such? Well - personally, I don't feel that anyone who doesn't DO THE ACTUAL JOB IN DESIGN & PRODUCTION should get a cent (as they didn't DO any REAL ACTUAL WORK...).
* "There's the way it OUGHT to be, & there's the WAY IT IS...."
APK
P.S.=> People wonder WHY our nation's going to shit? That's a BIG PART of why - the incentive to do a job REALLY really well, just isn't there, when scumbags that don't do SHIT (& are related to the largest stockholder OR were frat buddies with the owner or are part of some fraternal sect or religion etc.), DO get it (for doing squat)... apk
They're alright - I went the path of actual degrees though (MIS & CS later after that one). You can't TEACH someone to be a natively GOOD problem solver imo. You either have it, or you don't. Thing is, I think ANYONE can do it, if you regularly "exercise" having to actually DO it. Practice, makes perfect, & perfection is a ROAD (not a destination)... either certs or degrees are more-or-less, a way of (imo @ least) saying "this person has 'X' level of 'expertise' @ this type of work over this much time" & the GPA is merely a quality index indicator. Is it a GOOD one? Depends mainly on IF the person actually did the work (or cheated,, or paid off profs, & YES I HAVE SEEN BOTH HAPPEN in academia) really, and how natively GOOD they are @ problem solving skills (resume trackrecord does the rest). Not every guy with a cert is a "Paper MCSE", but there ARE those, & you too have seen 'em!
APK
P.S.=> I agree - the world is NOT fair (far from it)... a lot of "it's not what you know but WHO YOU KNOW" b.s. that is DESTROYING the USA - how can I say that? Well - simple (as as mgt. gives you guff on) - "LOOK @ THE RESULTS OF YOUR PERFORMANCE!" (but it's not mgt. really - it's boards of directors looking for the "big payola" in bonuses in publicly held companies - burning them TO THE GROUND for that "Holy Dollar" since MONEY HAS BECOME THEIR GOD (figures when you have a 2" penis & money is the ONLY way to get women, lol))... apk