Recommended
More Related Content
What's hot
What's hot (19)
Similar to The Tragedy of Open Source
Similar to The Tragedy of Open Source (20)
More from ke4qqq
More from ke4qqq (19)
Recently uploaded
Recently uploaded (20)
The Tragedy of Open Source
- 1. The Tragedy of Open Source David Nalley ke4qqq@apache.org David.Nalley@citrix.com @ke4qqq
- 2. #whoami • Director, VP Infra; The Apache Software Foundation • PMC member of Apache {jclouds, CloudStack, Incubator} • Employed by Citrix in the Open Source Business Office
- 3. A few items of historical note
- 5. Shellshock
- 6. GnuPG
- 9. Pony Factor
- 12. Tragedy of the Commons
- 13. And we are so close… • “Software is eating the world” – Marc Andreessen. • Open Source now the defacto model for cloud, big data, $newtech • “Open Source software is eating the world” – Dr. Ibrahim Haddad, Samsung • “You can’t build a product today without open source.”
- 15. Some contrast
- 18. A few ideas • So much opportunity to become part of a critical software project • Core Infrastructure Initiative • Make a case that your organization must invest – Pay a vendor – Contribute upstream
- 19. • David Nalley – ke4qqq@apache.org – David.Nalley@citrix.com – @ke4qqq
Editor's Notes
- Apache web server, Tomcat, Cassandra, Hadoop, Spark, and ~200 other projects
- Anyone recognize this logo? Heart bleed is a security bug disclosed in April 2014 in OpenSSL library, which is a widely used implementation of the Transport Layer Security (TLS) protocol. Heartbleed may be exploited regardless of whether the party using a vulnerable OpenSSL instance for TLS is a server or a client. Forbes columnist Joseph Steinberg wrote "Some might argue that [Heartbleed] is the worst vulnerability found (at least in terms of its potential impact) since commercial traffic began to flow on the Internet."
- Shellshock – one guy Chet Ramey Flaw existed for more than two decades ESR: enough eyeballs, all bugs are shallow Stephen Bellovin CS prof at Columbia Univ. eyeballs more consumed with new features than quality
- GNUPG – one guy
- Codehaus had lots of projects that called it home. Codehaus had a number of donors, but ended up spending 1,000 per month more than budget, partially because of their own success.
- Sustainability is something that I care about a lot. Bitergia – elephant factor In my role as a director of the Apache Software Foundation, I get about 70 reports monthly from projects at the ASF, and sustainability is something I look for closely. If a project ceases to remain viable, that is a problem; and we have a process called the Attic for dealing with code from a community that has ceased to function.
- CloudStack 12; hadoop 13; httpd 9; cordova 8.
- Linux 11; php 7; - git 1; openssl 2; perl 3. ruby 4. GIT vs SVN – 1 vs 7
- 1833, the English economist William Forster Lloyd published a pamphlet 1968 ecologist Garrett Hardin a situation where individuals acting independently and rationally according to each's self-interest behave contrary to the best interests of the whole group by depleting some common resource.
- TVs, Cameras, phones, refrigerators….
- Where do we go from here:
- Google - In the past year, Google has likely dedicated more developer time to optimizing font sizes, colors, icons, and other trivial visual details of their ads and apps, than the OpenSSL developers have spent over the lifetime of their project.
- The Website for Arbys - a restaurant which sells horrible roast-beef sandwiches, is developed and maintained by a team of well-paid professionals, who do this as their day job. In a week, the development of the Arby’s website likely receives more developer resources than OpenSSL does in a year.