Slashdot Mirror
Open Source E-Business Solutions?
Thor Sigvaldason asks: "I work for one of the largest companies in the world (PwC). Some of the powers that be have recently decided that we need to do the E-Business thing in a big way. My mandate is to determine who can provide this. Yeah, yeah, I know; php4 compiled as an Apache module will do everything you ever need. I've been running Linux since the pre-1.0 days, and still can't figure out why people would boot to anything else. That's not my point. Most big clients need a 1-800 number to settle their frazzled nerves. There are millions of dollars being spewed into e-commerce as we speak. But where is the OpenSource equivalent of Broadvision, NetPerceptions or someone like them? The market is really, really ready. Do you need help with an IPO? Have I missed the relevant URL's?" Sounds like a void some brave entrepreneurs might want to fill.
I worked for PricewaterhouseCoopers up until about three months ago. Anyone from PwC can tell you why PwC does not use OSS, and does not as a rule participate in its development. The Liability. Which vendor does PwC go after when something goes wrong? If PwC does the implementation work using open source software, and things go wrong and PwC gets sued, who do they go after?
...) is responsible for any damages caused by using the system(s). If it is open source, then the client is going to say "But you recommended this stuff to us... there is no vendor" Heaven forbid that PwC actual help develop the OSS - that would make their exposure even worse.
You should read a PwC contract. The contract will say that PwC is not liable for anything that happens as a result of the consulting services, and that the vendor of the software (Microsoft, SAP, Oracle
For those of you that have read one of these contracts, or like me has prepared them, you will understand why PwC does not use OSS.
The business model of the Big Five parterships is a Dinosaur. They lack the swiftness and ability to truly get into "e-business". At the top are parters that are so far removed from the business that they are only capable of maintaining client relations (which, I admit, they do well). At the bottom is the young, untrained multitude of consultants that swarm on each project, learning a little as they go and working their little asses off without the benefit ot training or experience.
/* THE ANONYMOUS COWARD E COMMERCE SYSTEM */
/* securely copy the cc number, omitting dashes, crlf, etc */ /* prevent buffer overflows */
/* length check */
/* checksum: double every other digit,
/* match card against blacklisted values */
/* if mod10 is not zero, fail! */
#include \
#include \
#include \
#define BLACKLISTS 2
#define INVALID -1
#define VISA 1
#define AMEX 2
#define MASTER 3
#define NOVUS 4
#define UNKNOWN 5
#define BLANCHE 6
char *cardTypes[6] = {
"Visa", "American Express", "MasterCard",
"Discover/Novus", "Unknown", "Diners/Carte Blanche"
};
char *blackList[2] = {
"0000000000000000", "2121212121212121"
};
int isValidCCNumber(char *ccNumber)
{
char *cardNo, *tempPtr;
char tempStr[20];
char ckMask[16]="2121212121212121";
int cardType=5;
int count, x, ckttl=0;
tempPtr=cardNo=malloc(250);
for(x=0;x248) break;
*tempPtr=ccNumber[x];
tempPtr++;
}
*tempPtr=0;
if( ( strlen(cardNo) > 16 ) || ( strlen(cardNo) left) */
while( strlen(cardNo) != 16 ) {
sprintf(tempStr,"0%s",cardNo);
strcpy(cardNo, tempStr);
}
* if doubled number has two digits, use sum of digits (18 = 9).
*/
for(count=0; count9) x-=9;
ckttl+=x;
}
for(count=0; countBLACKLISTS; count++)
if( strcmp( cardNo, blackList[count] )==0 ) return INVALID;
if( ckttl % 10 ){
return INVALID;
} else {
return cardType;
}
free(cardNo);
}
/* Pay Me Now */
For a long, long, time, they have denigrated free software because the (rather incestuous) relationships where consultants and vendors of both software and hardware is beneficial to all.
Something like a "Free R/3" might be somewhat tempting insofar as it would allow consultants and hardware vendors to have bigger shares of the "pie."
On the other hand, this would require that they actually become "technology" consulting firms, which seems rather unlikely.
If you're not part of the solution, you're part of the precipitate.
I've been EXTREMELY impressed with Zope, which has been made Open Source by Digital Creations. It's based on Python, which unfortunately I haven't learned yet, but just playing with Zope, I can say it puts web application frameworks like Domino or MS Site Server to shame. I did see on digicool.com that that they have phone support contracts for Zope, and they're primarily a consulting shop, so I'm sure they'd be able to build a strong E-commerce site using Zope, to your specifications, offer phone support for years afterwards, etc. I am in *no way* affiliated with Digital Creations (I wish I were!), it's just that I've been truly impressed with what they've done with Zope.
Actually, I don't at all see how the differing nature of business processes affect the adoption of OSS. After all, it's not like MSSQL is naturally more flexable than, say, Postgres. Indeed, OSS can more easily be customized for a variety of situations precisely because it is modifiable.
But, I doubt we'll see a lot of OSS in e-commerce too. Just for different reasons.
It seems to me that because it is the nature of business to be competitive, it is against the corporate mindset to trust a large part of the business to a co-operative effort. The suits I've talked to are more likely to view these endeavors as being necessarily quid-pro-quo: the logic seems to be that if they're not paying top dollar to have someone put this stuff together for them (right down to the software level), it's suspect.
I expect it's an unfortunate side effect of the elusive nature of software systems. A lot of executives view techs like mechanics: they don't know what we do, they don't care, they just don't want their engine to jump out of the hood and land on the road, and they expect to pay for the privilege. If I told you I knew a mechanic who doesn't charge for parts... well, that'd be weird. Corp types think the two things are equivalent.
Bottom line: pick a product that meets your requirements, don't pick your requirements based on your selection (IS Project Mgmt 101).
Unless of course you're working in the real world where some clueless suit reads something in Computerworld, and decides that the hot new product du jour is their strategy.
At GM, the word on the street is that GM is not refreshing Unix boxen for using Unigraphics, and are instead moving to Micros~1 Windoze NT. Why? Because NT workstations are supposed to somehow be cheaper than HP-UX and Solaris boxen, despite the fact that operating and and administrating these boxes isn't going to be any cheaper. Factors like stability, reliability, and performance are being completely ignored. According to UG Solutions, NT is the greatest thing since sliced bread, therefore NT is the now the preferred solution of choice.
<sigh>
My journal has hot
It might also be that the people in large organizations setting the "standards" and controlling procurement also take into account the dinners at Morton's, World Series tickets, and other things that big-ticket proprietary software alesmen throw at them. Open Source solutions may be technically equivalent or better, but wheels like to be greased.
I tend to doubt there will ever be a real open source (or possibly even closed source) Ecommerce solution. There will be parts of the solution but to a large degree much of the code would have to be written customized. Really no two businesses will be using the same practice. So one companies order confirmation number will not be generated the same as another companies. No two companies will probably want to display their products the same way. I do think there will be parts that are reusable, but not the entire solution. And businesses will be unwilling to change their practices to meet something unless there's a company to help them customize. ;). Most of the rest needs to be speciallized for each company. Well more acurately each company will want it specialized.
Don't get me wrong I think it'd be a great business and could benefit from open source, but this is one of those areas that is better left in house in a corp because it will have to interact so much.
The basic compnents are already there too. I mean there are open source web servers, databases, and even page editors (like vi and emacs
Just my opnion.
-cpd
The biggest job I have as an implementor of EC software is convincing the clients that the hard part of electronic commerce is not the web site or the technology that runs it.
The hard part of setting up an electronic business is all the infrastructure stuff that has to go on in the background (ie. Shipping/Warehousing, Order Tracking, Customer Service, Credit Card Fraud investigations, Sales Tax accounting and payment (which can be a nightmare). Putting up a web site that displays your catalog of products, allows people to order from that catalog and takes and processes their credit card info is comparitively easy. Also, most commercial "EC" software solutions do none of the backend processes. They hook into what you already have (your accounting software does have public api's/views right?) with custom code (written by the vendor's $$$ consultants) and they are far from free (sometimes into $ millions).
OK, now to the free, open source E-commerce software running on a free, open source web server. First, read the article at http://photo.net/wtr/thebook/ecommerce. html. This provides far more detail than I have time to write here and is the best reading I could recommend to someone considering purchasing commercial EC software. Second you can get the software (it's all source code, it's in TCL) at http://arsdigita.com/free-tools/shoppe. html. Third, you can see the software in action on an ancient solaris box at http://mitpress.mit.edu.
I learned most of the stuff that Philip espouses the hard way. He is certainly not humble but I would have killed for that kind of info 18 months ago when I busted my toe on each and every stumbling block associated with online commerce!
Oh, and it all runs on Linux as well.
The installer takes the administrator throught an intensive Q&A session, asking everything from what user will be running MiniVend to what background colors you want your default pages. It loads up sample data and starts up a fully-functional store that you can use as soon as it's installed.
There's a lot more to MiniVend. I've looked at it only briefly, out of curiosity, and I have yet to give it a thumbs-up or thumbs-down (as if anyone would care :) I'm just throwing it out there.
RP
I recently have been hacking with Apache JServ and GNUJSP.
;-)...
The combined force of Java servlets on one hand, and content/presentation separation of JSP (and maybe XML with Cocoon, which I haven't really played with yet) seem to me like an ideal e-commerce solution, as any existing infrastructure can be tied to a Java API these days.
But, as much as I appreciate the work of the Apache Java people, I believe an extra layer of abstraction is needed, a web-application Java API. Wouldn't be nice if any score of developers and small companies could sell/license specialized Java classes that could be dropped in the same web-application framework?
I'd really like to see a company that would support such a standard, collect and standardize the different classes, and compensate the developers appropriately. So, for example, a small company could develop a shopping-cart class. Then, the 'brokerage' company would tie in this class with the rest of the application and sell the entire application to a client, providing support: the developers of the shopping cart class would get a pre-agreed-upon share of the sale and support fees. And of course, to create more competition they could also license the same class to any number of 'brokerage' companies...
Does anybody else out there want something like this? It's not exactly open source, it's more like open API/standards, but hey, small-time developers have to eat too
I think part of the problem that you'll be encountering is people not wanting to put something weird on X86 hardware. I've had very tough times telling people that yes, free operating systems can provide really great service. One thing I've seen is that companies are not as afraid of SCO or BSD/OS as they are of Linux, might have something to do with the longstanding corporate backing, but X86 OS'es other than NT are tough to push. If you are at a point where BSD/OS is acceptable, you might suggest FreeBSD or even OpenBSD to get in the door. You can make the claims that since they're based on 4.4BSD (lite-2/etc), that you have a similarly stable code base, remind them of the last time they saw big bad things about BSD/OS, FreeBSD or even OpenBSD. You can remind them that Wells Fargo, the US Government, Hotmail, Yahoo, CDROM.COM, and countless others use BSD based products. Its not perfect, but its a start. Getting free software in the door is the biggest step, once you accomplish that, you're almost assured a success.
They toed the PWC company line, said that only NT could deliver 100% uptime with some type of mirroring, and tried to downplay HP-UX, AIX, Solaris, and MVS, since they could only claim
:) I quit about 3 weeks before.
99.995% availability.
Thats pretty a pretty interesting figure, especially since MS can't even do it. I've checked out quite a few versions of 'Wolfpack' and it fails to do even 99% uptime in most situations.
NT also requres *4* machines do get there, and if you're running SQL7, you're SOL because it doesn't support it yet, *AND* its not instantly available either. That DB has to startup, check through possibly corrupted data, and then become available. That could take up to half an hour for a large database... It was very interesting explaining this to the manager of the DB department where I used to work at MSN. He said it was all BS, but gee, when he released his pet project, it flopped HARD and didn't even work because the DB response was so bad. (Maybe a whole slashdot article on its own) Ohwell, too bad for him
But there is a free as in free speech solution as well ... YAMS is a GPLed package that currently has a shopping interface, a store management interface, some level of inventory management, and a variety of nice features.
It was started to handle our internal needs, and outsourced because we knoew that was the best way to make it better.
Open source still has a while to go, but in the free-as-in-beer-but-free-as-in-speech-soon area is OpenMerchant, which will have its source released this month, supposedly. Go to http://www.opensales.org for more details. It promises to be professional and easy to use. (says them.) I would wait for it.
Visit
IBM has many of the core Apache developers in their Research Triangle Park facility.
Also, the guy that invented PHP is now employed by IBM's apache group.
Seems like a no-brainer to me.
E-Business is nothing but a marketing term. It means absolutely nothing on its own. Before looking for tools, you've got to define what you mean by E-Business.
Just guessing, but PwC probably isn't looking for shopping cart-type apps. You're probably looking more for customer relationship and customer account management-type apps. So, you've got to figure out how to interact with your existing back-end systems.
Yes, Apache+PHP (or, Apache+mod_perl, Apache+JServ, Zope, ...) can probably handle this job, but you're legacy system vendor might also offer tools that work better.
Bottom line: pick a product that meets your requirements, don't pick your requirements based on your product selection (IS Project Mgmt 101).
Thus sprach higg.
I'm currently working on a project called SmartWorker. It uses Apache, mod_perl and MySQL (we're working on full compatibility for other databases) to make online applications and sites easy to write. The backend has become really stable lately, and we're improving it a lot.
:)
Check out www.smartworker.org for more info!
And it's completely open source
"Code free or die!"
I also work for PricewaterhouseCoopers (the accounting firm with the longest name...) doing R&D and have many times tried to push through Linux and/or Open Source solutions only to be told, "Forget it, those products aren't on our list of approved platforms."
It doesn't matter than I can show the solution will be cheaper, better, more reliable and more configurable, and even give them examples and show them places where its being used for much larger projects that what we're doing. I can't use it simply because it's not Windows NT, or just barely maybe they'll let me use Solaris if I can come up with a good enough argument why NT simply won't work at all.
In a lot of Big Corporations, it's not whether or not the solutions exist, or whether they work, it has more to do with whether they fit the approved mentality of the company. In the case of PwC, because of the way management works, I suspect it also has to do with whether or not the vendor is in good with one of the partners who makes decisions on what technology to use.
Linux is making some inroads, and so are other Open Source products, but never, ever in my experience, in any "production-quality" service. I suspect this is similar in most other Big Business companies.
This comment is partially a venting of frustration at seeing the company spending literally millions of dollars on proprietary solutions to do what a $5000 Linux PC with a few hours of PHP programming can accomplish, (hence the Anonymous Coward posting - you might think you recognize me, but you probably are wrong) but it's also an attempt at commentary or questioning on how some companies can get so big that they can stagnate and ossify on the inside to the point that no truly new directions ever get taken, yet somehow still maintain enough moemntum or simply have so much money that they can't die, or at least give the appearance of undead.
So why is it that smaller companies who are willing to take risks and invest in new technologies don't run circles around these older corporations who aren't and put them out of business? Is it just the name recognition? Is it just the tremendously deep pockets and the fact that money begets money? How is it that PwC in particular, and very likely many other companies in this industry as well, can position itself as a technology consulting company when it isn't willing to invest in new technology for itself? It would be interesting to see how many companies who position themselves as "technology consulting firms" have an list of internally-mandated software titles from which there is allowed no deviation, yet claim to understand all the latest technolgies and fads.
I work for IBM. I work for IBM e-business. I, in fact, am a large part of the 'steering' of those people who answer that elusive 1-888 number.
I don't even know where to begin, other than to say this - e-business does not exist.
e-business is a phrase coined by IBM's marketeers to describe the combination of content hosting services with live customer service. The actual software involved varies across the board. There is an open-source e-business solution, it's called perl, and we use the hell out of it.
I deal with really, really large and expensive web sites. We use really, really expensive computers. The software is simply not the issue - it's all vanilla crap, db2 and netscape web servers, IIS, domino, whatever, there's nothing special about any of it.
Yes, it can all be done with apache on linux boxes.
You don't pay a million bucks for apache on a linux box, tho - you pay a million dollars because, and this is something everyone needs to understand about corporate computer provisioning, you are in bed with your customer. Our largest customers? Sears, Macy's, etc - we have existing contracts with all of them for all sorts of stuff. They're used to giving us money, and they are pals with the people with whom they sign the contracts.
And that, folks, is how business in the real, 2.5 billion dollar a year, world works.
--
Suddenly Anonymous E-Coward
There is a package that seems to be under development called "OpenSales", an open-source e-commerce solution. It is being developed by IdeaLab.
/09/29/2048229.shtml.
:)
Magic-SW also looks interesting.
Here's a link to a Slashdot post about the above, you might find some of the responses helpful: http://slashdot.org/articles/99
Personally, I'll keep using XEmacs, apache, perl, php, and MySQL as my "e-commerce solution".
As a disclaimer, I have worked with PWC as a partner on some large projects (and CL before the longestnameinaccountingmerger). Your comments are spot on, and offer an insight into what is wrong with many large companies trying to do it all.
PWCs chief negotiators walked out of a 600 million euro project because the client had a safety critical system and NT was on the blacklist. PWC was asked to send their best and brightest, but they just didn't understand why NT wasn't god's gift to safety. They toed the PWC company line, said that only NT could deliver 100% uptime with some type of mirroring, and tried to downplay HP-UX, AIX, Solaris, and MVS, since they could only claim 99.995% availability. That kind of shit doesn't play to a savvy customer, and they lost the whole deal (staffing, engineering, documentation, training, project management, procurement, auditing, ad infinitum). My client got the network and telecomms bit, so I'm happy.
PWC is a traditional accounting and auditing firm, but growth in that area is limited. They are trying to expand into managing huge telecoms and IT projects as well, assuming it is all the same game. But PWC doesn't have the expertise to slap some sense into the boardroom members. So they think they are cutting edge because they have a nice deal with MICROS~1, BillG told them all other technologies are obsolete and not to ever put them into a bid. Corporate herd mentality, kills every time.
Back to the original "ask slashdot" question.
What a client is looking for, when they purchase some commercial software, is that the supplier will have a small number of people available to respond to their questions in a timely manner. This is between 5 and 20 people at the absolute maximum. There will be a frontline customer service person always answering the phones, 24/24x365. Backing them up is an account rep whose bonus comes from keeping the client happy and renewing the maintenance agreement. Internally there is 1 or 2 technical support with intense knowledge of the product and the systems it runs on, and systems it connects to or deals with. Optionally, there is one person who knows what the product does from a business perspective. Finally, if there is a big enough problem, there is one engineer who wrote part of the code and can be interrogated for tiny details or forced to fix a bug or add a feature.
That is it. Get a handful of technically competent people together on staff, and you can support any free/OSS project. You need to have the helpline person available (4 or 5 fulltime staff or 2 and pagers). There has to be an account rep to keep the PHBs happy.
Then you need 3 to 5 programmers or systems people. With OSS, everyone will have access to the source code, so fixes can be implemented to the client's whim. If a problem crops up, have one of your programmers get on usenet or IRC or buy a linuxcare contract. Chances are they can research the problem and have an answer within 24 hours.
Compare that model to where you do not have a commercial software provider under a contract to provide you with near instant fixes. At best you can hope for is to get through the often clogged helplines, and then get told your fix will be in the next service pack in a few months.
Have you ever tried to negotiate with MICROS~1 for a 24 hour guaranteed response for a critical installation of NT boxen? I have, and when we mentioned that price was no object and we wanted access to the source code or the original programmers, the droids stared at us blankly. They didn't get it. The big client wanted some custom changes guaranteed, and an iron clad contract with penalty clauses for the supplier if they couldn't provide certain functionality. MICROS~1 only dictates, and they NEVER sign a contract with a guarantee for fixes. Sun got the contract.
What PWC can do...
If PWC were to create a linux or OSS or nearly-free OS (*BSD) support group internally, they could save a fortune on support costs. PWC bids on big projects, and passes on the support costs from the suppliers (M$, Sun, IBM, CA, SAP) to the client, without being able to take a cut for themselves. If PWC is the prime contractor, they face the liability for support, and for business losses of their clients if they can't provide a functioning project. If one of their suppliers, MICROS~1 for example, decides not to fix some problem for another 1.5 years, PWC is liable for all the clients losses, and for all their size there is nothing they can do to force M$ to fix something. M$ is never under a contract to fix or guarantee their soft. With an internal OSS support group, PWC themselves can generate a response to a client almost immediately, and keep the support costs for themselves.
You just have to pass it off as a business case, and hope they take notice. Up till recently, they haven't. So do yourself a favor and find an employer who has an OSS support group and bids linux into big projects. KPMG and Anderson both support OSS at this point, and the profit is all theirs. Do the math, a 10 box server installation typically gets a US$30,000/year support contract, and a 15 person team of linux hacks can support 2000-2500 boxes.
the AC
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on