Open Source

It's expected that pretty soon we all will hear about the next big "tech" IPO, which will create a mass of instant millionaires and billionaires. And these newly rich will have made their fortunes, at least partly, by leveraging Open Source and the efforts of unpaid volunteers.

I'm often asked, "Doesn't that bother you?" Ignoring the implication that somehow I "deserve" something due to my involvement when there are, of course, multitudes of people more deserving than I, I can honest answer, "No, not really." 

Yesterday I learned that, along with Karl Fogel and Mike Godwin, I was elected to serve on the Board of Directors (BoD) of the Open Source Initiative (OSI). I consider this a great honor, joining the ranks of the great FOSS luminaries of this esteemed organization.

I am also very excited by the changes and the challenges that the coming year holds for OSI, as they... we move to a member, representational model. This is, of course, the logical outcome from OSI moving from being the stewards of the Open Source Definition, to being, for lack of a better term, stewards of Open Source itself. There are, after all, quite a number of open source foundations out there, including the ASF (which I'm also on the BoD of, as well as President), the FSF and Outercurve (which I am on the BoD as well). But just as all these FOSS entities share a common license type, there are also other shared concepts which are core and central to the whole milieu of Open Source, a sort of common ground. And OSI is ideally suited to serve as the focal point for that common ground, a "United Nations" kind of entity.

As successful as Open Source has been, it is clear that there is still much to be done... much FUD to be cleared away, much more "evangelism" to be done, and fostering the continued use of FOSS methodologies outside of the traditional "software development" space. And I'm proud to be part of an organization which is wholeheartedly behind all those efforts, and more.

Exciting times ahead indeed.

Geir posts this interesting blog entry. If Sun and others are really interested in figuring out how to improve the situation within the JCP, especially in really encouraging community involvement and interaction, I wonder who-oh-who could they possibly ask?

I've been asked to speak at the CDC next Monday regarding Open Source. It will be 2 sessions, with a "lunch and learn" break in between. I haven't been to Atlanta since ApacheCon US 2007, so it will be a nice opportunity to get back down there, even if only for a day.

Over the last several weeks, M&As have been the main news of choice. IMO, the Oracle/BEA, Sun/MySQL and even SpringSource/Covalent aren't the most "interesting" ones regarding what-it-all-means-for-open-source. The reason is simple: for the most part, the mindsets of the companies are very, very similar.

Look at Oracle/BEA. Here you have a large proprietary company buying a smaller proprietary one. I mean come on, how much more boring can you get? What about Sun/MySQL? Well, here you have a company (Sun) who is really trying hard to "be" the open source company, buying a company that is an open source company. Again, as far as alignment of philosophies behind open source and how it relates to your business, the two mesh relatively well. Same with SpringSource and Covalent, except the alignment is very, very meshed at the get-go.

So when proprietary buys proprietary, or open source buys open source, it's really a big yawn-fest. The believers keep on believing, and the non-believers keep on being skeptical.

That's why the Nokia/Trolltech and, even more importantly, the Microsoft/Yahoo scenarios are, at least for me, the ones worth their weight in popcorn. When a company perceived as "closed source" or "proprietary" takes a huge interest in open-source based (or "open source friendly") companies, then it makes me sit up and take notice.

Of course, those whose existences thrive on FUD look at all this as an attempt to destroy open source by these companies; that a commercial proprietary company's only reason for obtaining an open source company is to divide and conquer. But maybe, just maybe, these companies are finally figuring out which way the wind is blowing, and want to re-align themselves, to see open source not as competition, per se, but as complimentary.

At least, that's the optimist in me talking...

PS: Of course, ALL of the mergers/acquisitions are interesting in other ways as well... but I'm just looking at them from an open source PoV.

In case you haven't heard, SourceFire has "acquired" (their term) the ClamAV Open Source Project. In case you are as puzzled as many people are about what this means, they have provided a nice FAQ to answer some questions...

The FAQ states that they bought the "project" (whatever that means) as well as the trademarks associated with the project and whatever copyrights were held by the "five principal members of the ClamAV team." But the big question is what does SourceFire intend to do with it? They certainly can't take ClamAV and put it into a proprietary closed-source project, since they don't own all the copyrights. I'm sure they could take a substantial chunk, but pulling out the stuff they don't own with what they do would be quite an undertaking. So I'm guessng they will be investing in continued development of the ClamAV code and project, which continue to be under GPL. Of course, this is familiar territory for SourceFire, since their start was with Snort, so it will be interesing to see how the licensing of ClamAV might change based on what was done with Snort.

While following the current SOA Flamewar going on, I also found my way to a somewhat recent ServerSide thread regarding Terracotta's licensing, and whether it was "real" Open Source or not. This, of course, degraded to, in many postings, a Apache License vs. (L)GPL license discussion, and which was "better."

In my opinion, you pick a license depending on your ultimate goals for the redistribution and usage of the software. In some cases, an AL-type license is the best choice; in others, something (L)GPL-like makes more sense. There is no one license to rule them all.

Yet this distinction seems to be lost on too many people, including people who really should know better. The idea that, no matter what, one should always choose (L)GPL is crazy (and I use (L)GPL in this example because, almost without exception, that is the exact claim made).

I like the AL, and it is my preferred license, simply because of the fewest restrictions it places on the code, the developers and the end-users. If one defines "free" as "having fewest restrictions or limitations" then an Apache-type license is "freer" than others. Look at it from another perspective, and imagine that one's license defines freedom of movement. The AL says that one can go forward and reverse, left and right and diagonal. Basically, the moves of the Queen in chess. Other licenses place restrictions on the software; limitations that affect distributors, developers, or users. They take away some freedom of movement: you can no longer go diagonally, for example.

Also, I like the fact that the AL is business friendly; that it encourages the usage of the code by commercial entities with almost no strings attached. It's been said that the AL license is the most "business friendly" open source license around, which I would agree with. But others believe just the reverse. And by following the ServerSide thread, I was reminded of (and pointed to) Fluery's "Business Friendliness" blog entry of 2004 which makes that claim.

Personally, I don't see how that could possibly be the case. Fluery claims that his example shows that AL is bad, creating forks, and (L)GPL is good because it prevents (or, at least, discourages) them. Well, IMO, the ability to create forks is a foundation of Open Source, but we'll let that slide. What is ironic is that he bashes the AL for allowing what he specifically did for Axis: taking the code and using it as he wished.

He also states that he had "no professional interest in giving this code back to our competitors." But since it's under the (L)GPL, isn't it "available" anyway? And certainly wouldn't that be a valid excuse for other commercial entities to not even look at a (L)GPL implementation in the first place? And isn't it just slightly hypocritical to claim the superiority of a license that forces others to do what you specifically decided not to do ("give" your code to your competitors)? The AL allowed him to do exactly what he wanted with the code in his particular circumstance: use it as a basis for their implementation and then not provide any patches back to the original community; the (L)GPL would not have. It certainly would not have allowed him to relicense under the AL. If you can go from the AL to the (L)GPL, but not the reverse, I'd say that one has more degrees of freedom, wouldn't you? And recall that this was a business decision. Seems you have more options on which decisions are available to you with the AL, dontcha think? And look what happened: a commercial entity grew and prospered and the Open Source community did as well (Axis got better, additional Open Source projects took foot, etc...).

What we see with many, many, many AL projects is that the threat of "proprietary" forking does not happen. Those commercial entities give back to the community not because they have to, but because they want to. The trust and altruism inherent in the AL is reciprocated. Sure, there are times when that doesn't happen. In which case, the hope and intent is that, by using an AL project to base your implementation on, you have no compelling need to waste resources on implementing "features" which defeat open standards. In other words, yes, you fork the code, but not the open standards and protocols that they implement... which sounds like a good deal to me. Good enough, at least.

Much is being made of Sun's decision (finally) of open sourcing Java, and I find myself happy and pleased about it, but not super excited by it. I mean, had it been done a few years ago, I don't think there would have been a dry eye in the house, and that people would have been jumping up and down in enthusiasm. But a "real" free Java is hardly new news anymore (note: Harmony is no longer in incubation, we graduated it last month (Oct 2006)). The excitement is over the trend, and in the hopes of even better cooperation within the free Java community. Certainly this opens doors that had previously been tightly closed.

Much is also being said about Sun's decision to go with GPLv2, and many people were hoping that other open source communities would be jumping all over Sun for that decision. I think they are disappointed that, for the most part, communities are agreeing that, despite what license they like, the choice of license was Sun's to make, and that GPLv2 is a fine enough license, thank you very much.

Yes, a free Java will help Java, the language. But I still believe that the success of Java (the language) is not so much to do with the language design itself (certainly, various scripting languages such as Ruby and Python avoid some of those warts and are, from a language-design PoV, "better") but rather the robustness of the JVM itself, as well as the "universal" availability of it. But I also expect to see other languages get a substantial kickup now that a "free" JVM is available for them to use.

Well, I'm back from OSCON and the trip itself wasn't as bad as I had anticipated. I flew NorthWest out there (and back) and on the outgoing flights there were delays out the wazoo. But I didn't miss my connection and was able to get some reading done, so it wasn't all that bad. What was bad is that I missed a dinner meeting with Raven Zachary of The 451 Group, but was able to meet him late that night for drinks at the DoubleTree bar.

I spent my time mostly split between the Covalent booth and the ASF booth. It was very nice seeing so many people again. One bad thing about living on the East Coast is that so many people I know live on the other side, so I only get to hang with them not as often as I'd like. I'd never move, but if I did, that would be one big reason to do so. A bunch of us grabbed dinner in downtown Portland and then headed back to the convention center. Of course, we took the wrong line, so we needed to back track and grab the right one. And we're the people you trust to write code. Most likely, we were all still distracted by the young woman playing pool at the restaurant/bar.

I also met with Rachel Chalmers (also of the 451 Group) and Steve O'Grady (from RedMonk), for the more traditional analyst meetings. My talk went OK, although I had a bunch more content than time, so I had to breeze past like about 5-6 slides.

As for OSCON itself, I really enjoyed the sessions I attended, and the show itself seemed to draw a nice size crowd. It's a darn shame that the wireless connectivity was as bad as it was. Helpful hint: if you want to provide wireless, do it right and contact Cliff Skolnick of Toaster.Net, et.al.

As expected, I regretted not being able to stay longer. Next year, I'll need to plan some more time out there, and buy an extra ticket so I can take Eileen out with me and spend some time just sightseeing.

Next week I'll be suffering from cramped legs and a sore back as I'll be flying cross country to attend and speak at OSCON. Flying is no longer a fun event, at least for me. In fact, it's hardly tolerable anymore, what with the long lines and the packed flights. Plus, as I've mentioned before, my productivity goes way down when traveling, which I find just as painful.

Still, events as cool as OSCON make it worthwhile, so despite me whining about getting there, I'm really looking forward to attending the conference. I have a short session on Wednesday (4:30pm) regarding LAMP and I'll be manning the ASF booth and the Covalent booth when I can.

But I still wish that there were at least some good open source related conferences in Baltimore... We really do have a nice Convention Center.

As posted some time ago, I've been hacking away on Telaen, a "new" PHP-based Email client, designed to be easy to use and administer (with no big dependencies). It's nice having some smaller projects to play around with in addition to larger ones, I think. Anyway, after several weeks of development we released version 1.1.0 of Telaen this morning.

Check it out.

In honor of March 1st, and my birthday being only 10 days away, Team Telaen announces the first official release of Telaen, a small yet powerful PHP-based Webmail system.

It's always neat to have at least one small, fun project to work on, and Telaen is one of those for me.

The January 2006 issue of Linux Format had a nice article regarding the topic of Women in Open Source. In addition to others, I was interviewed for the article and they used a few of my quotes in there, which was nice. Of course, this got me thinking about diverity in Open Source even more so than usual, and although I agree that the female population is not adequately represented, there appears, at least to me, an even more obvious under-represented minority: African Americans.

Although it's true that, at least in the US, African Americans as a whole are a smaller minority than women, when I look at the various Open Source projects, and especially when attending conferences, there is a much smaller percentage of African Americans than one would expect.

Why is that?

Not to take anything at all away from the valid desire to increase diversity in gender, I wonder what can be done to increase the diversity in race...

I'm having fun working around with Telaen, which is a simple yet powerful webmail client built using PHP. The nice thing about it is that it requires a very barebones PHP build: no MySQL, IMAP, etc, yet it fully supports POP3 and IMAP, and has support for folders, HTML email, etc...

It's an offshoot of Uebimiau, which I liked and did some patches/development on, but that project seems to have stagnated, so a few of us started Telaen. Just this weekend I released our 2nd release candidate. A number of Uebimiau users seem pretty happy that we've kick-started development and support again. It's a nice little project.

Almost every programmer runs into that question on at least a weekly occasion: When writing something, do you build it from scratch or do you take something that already exists and adjust it for what you need? The availability of Open Source makes this an even more viable question, and one which is usually answered via the latter.

As much as I enjoy the craft of designing and coding from start to finish, I also find it worthwhile to take and existing project, and enhance it in ways in which I, and I hope others, find useful. A good case in point was a webmail interface.

I had created an original work, in PHP, and it did a fine job. When I started thinking about releasing it to the world, research showed that there were already a large number of such applications. The vast majority were way to "heavy" for my tastes, until I came upon Uebimiau. The design goals of this little project were the exact same as mine, and so I decided that instead of putting energy into improving my version, why not help this project, which at the time seemed to be suffering from neglect.

So I fixed some code, made some improvements, folded in improvements proposed by others and started releasing the so-call "Jimjag" patches of UM, which seemed to be warmly received and used. I'm up to patchlevel 3 and hope to release patchlevel 4 some time this month. The UM community also seems to have seen a re-birth, now that people are seeing that a few of us are still taking care of the application.

Again, we see how Open Source takes something which, at least in part, is a selfish desire ("I need something so I'll use this") and turns it into something good. Open Source is the alchemy of development and community, turning lead into gold.