Slashdot Mirror
Brian Behlendorf interview on Forbes.com
Brian Behlendorf, of Apache fame (and all around nice guy!), talked to Forbes.com about O'Reilly's new project, sourceXchange
Read the interview for the full details.
← Back to Stories (view on slashdot.org)
Well, they did put squirrly code on their site. My screen got filled with javascript errors, and the java applet never ran. I'm using Netscape 3.04 and Linux.
"You cannot uncook Mushoo pork once is has been cooked"
Sure you can. Feed it back to the pig! (Ok, you then have to use the poop as fertilizer...)
The same answer works for "How do you unscramble an egg?"
Ooh, a sarcasm detector. Oh, that's a real useful invention.
>FDT: Why should a company pay for software it will not control?
First off, most companies pay lots of money for a whole lot of software they don't control. I work for a company that develops proprietary software, and we certainly pay substantial amounts for development tools, revision control, word processing, etc. over which we have little or no influence. If there's a bug in that software that requires workarounds or (worse) may lead to a problem with our software, we're out of luck.
Paying for bug fixes or new features in open source tools might be less expensive than buying proprietary stuff, and would allow us to exert more control over the issues that matter to us most. Would sponsors be exerting control over the direction of development? Of course they would be! But that wouldn't necessarily make the software less useful to others; at worst it could be forked.
Ooh, a sarcasm detector. Oh, that's a real useful invention.
Move it forward then quickly push it back. Boy, this is starting to be a slow morning for me playing shuffle board...
Just because you're paranoid, doesn't mean they're not after you!
Security through obscurity can be used to supplement other security methods, but by itself it does not make things secure. If the only thing making something secure is security through obscurity, one sufficiently-determined person (or 'bot even) will destroy its entire security model. OTOH, STO can be used on top of other methods. But it really shouldn't, since peer review is an excellent way to find things that weaken your security method which you might have missed. If STO is a significant part of your security, than it's a significant part of something that's non-existant but for the temporary ignorance of others.
So I took a look at the source. I would be ashamed to have such a page on my site. Lots of fancy garbage to do nothing. Has CSS (which doesn't seem to do a thing with any browser currently available) as well as a lot of font codes in the text (both size and face specified).
Several very long lines. Erratic indentation. Randomly placed comments. The fact that it depends on JavaScript doesn't say much for the mental brilliance of Forbes' readers -- IMHO no one with any sense trusts a public site to run unchecked code like that.
If you go to the end of the article you accomplish two things:
- You increase Forbe's banner impression revenue
;) - You get to read a nice summary of open source defense mechanisms
I really liked the example of "Briux" but I fearAll in all it wasn't a bad article. Just turn off Java before you get to the site unless you are running Windows 95/98/NT.
"You cannot uncook Mushoo pork once is has been cooked" -- wiseman
http://fudge.org
Oh, it was fine, Brian (but you know they will always try to trap you that way :)
I liked the emphasis on the "whole product" theme from Geoffrey Moore's book. Too many people read Crossing the Chasm and miss that, yet it's really the most important thing among many interesting things he says.
"Open Source" as a whole is starting to cross the chasm, and you can see how that affects the view of those who judge it from the outside. This is why KDE/GNOME, Samba, 24x7 support, boxes with red hats, VMware and so on are attracting attention more than equally interesting developments like ipchains, Beowulf and the GIMP. The former have more direct relevance to the departmental desktop managers that the slick trade magazines talk to. And that is one of the early steps in crossing the chasm to the mass market.
Now, it may be that Wintel PCs and to a lesser degree Macs continue to dominate the market, but just as there was always a large slice of personal vehicle drivers who chose pickup trucks and vans, it may not be long before the SUV of operating systems comes along to occupy the same kind of middle ground (with less pollution and more driving stability, to be sure!).
The branding issue is of less importance, though it was quite prominent in the published part of the interview. Branding is a given, not an option, in my view, but it got the (admittedly limited) attention of the marketeering world in the last couple of years.
Strong branding doesn't save your butt if the product isn't good or isn't differentiated. Remember the Peanut (PCjr)? Hmm. How about New Coke? That was a good one. There was certainly no problem with Prodigy's brand identity, or dBase, or OS/2 (sorry).
Again, this is not to dismiss the importance of branding, but just to suggest it's a necessary but not sufficient condition for success. One of the interesting things is how the Open Source/free software world has evolved a sort of organic approach to branding. I mean, that Penguin. Or, that slash and that dot.
And don't forget that despite a brilliant branding strategy,
Bill Gates Is My Evil Twin.
I thought the article was a little flimsy really, but my attention was more focussed on the litle applet to the right. Although it seemed to be running fine the little puck doodad remained stuck to my cursor and wouldn't slide forwards - Anyone else manage ?
-- Oh Well
"FDT: Why should a company pay for software it will not control? "
When I saw that my first thought was that a lot of company already pay for software they don't control. Do you think anybody else than Microsoft control Windows or any other proprietary software??? In the case of open source you can control the software you use by paying for the first version and modifying it to fit your needs afterwards. What you can't control is the diffusion of the software and the evolution of the software outside of the enterprise (but that still let you use your own version if you want).
With proprietary software you don't control the distribution if this is not an in-house product, neither do you control the evolution.
I personnaly think that the eXchange model let you have less control over the software that in-house development but that will probably cost you less money that in-house development. On the other hand you have more control than over a proprietary software and probably for less money in the long run (it's cheaper to pay a developper to add one feature than to pay MS 1000 or 10000 licenses for this feature you need), and for less money if it allow many company to express their needs and pay a part of the project.
"The obvious mathematical breakthrough would be development of an easy way to factor large prime numbers." Bill Gates,
....not to give interviews before 9am in the morning! =)
Brian
I think that's likely if a project only has one sponsor. But I just don't see that as a problem. Why would we want to resist bowing to a companies demands? After all, if they are the sole source of requirements, then that is exactly what should be done. I guess I just don't see your point, here.
However, it seems that sourceXchange is anticipating that some (most?) projects will be funded by several parties (and possibly many partise). I think this would provide a lot of balance. It might also make requirements gathering much more difficult. Well just have to see how it goes.
Seems to me like a good point BB is making that both open and closed source have its place. Security actually DOES work through obscurity.
God did not appoint us to suffer wrath but to receive salvation through our Lord Jesus Christ --1Thes5:9
Check out the first question in the article. It goes to the heart of the matter:
FDT: Why should a company pay for software it will not control?
They won't, not in the long run. sourceXchange is kidding itself and so are any developers who sign on. When a company lays down cash as a sponser, they're expecting something. A developer who accepts this cash, no matter how much they espouse open source and its freedom, will know this deep down and eventually bow to the company's demands, direct or indirect. It's human nature not to bite the hand of those who feed you.
I believe that as an open source developer begins to rely on cash payments from a company (like using the casholine to help make car payments, pay rent, or buy food), they will become less and less likely to turn off the casholine spigot by ignoring a company's demands.
"We're sorry, but the website you're trying to reach has been disconnected."
grrr...
-- $SIGNATURE