Understanding open source

If you want to get a great understanding of why open source software is such a powerful phenomenon, read Jan Stafford’s interview with Julie Hanna Farris of Scalix Corp. and follow it up by downloading Tim O’Reilly’s podcast presentation, “The Software Paradigm Shift,” on ITConversations.com.

Both speakers make the point that open source’s strength lies not so much in its licensing model or lower cost as in the fundamentally different approach to development. Open source software must be modular to developed by a far-flung community and that modularity is what enables open source programs to be created and modified so quickly. In fact, Linus Torvalds has said that if he had to develop the Linux kernel in the closed, stratified environment typical of commercial software companies, he never would have delivered Linux quickly enough to be meaningful to the user community.

The development world has talked about making software modular going back to the days of 4GLs and, later, object-oriented programming. It’s a noble objective but the development processes of commercial software companies discouraged the practice because software was always delivered in one big clump – or release – that lived in the market until an update was due. There was basically no incentive to develop in a modular fashion.

Open source software is under constant development by thousands or even millions of programmers around the world. If the software isn’t designed to incorporate constantly slipstreamed improvements and fixes, the whole model breaks down. That’s the beauty of open source. It is designed for continuous improvement.

O’Reillyl refers to recent developments at Google, Amazon and others to support his point. Google’s news, maps, local and Froogle services are in seemingly constant beta test, undergoing refinements as they serve users. With Google Maps, Google published interfaces that allowed developers to extend the platform for new applications. For example, GasBuddy.com extends Google maps to allow users to search for cheap gas in their vicinity. Housingmaps.com combined CraigsList.com home and apartment listings with Google maps to help you pinpoint attractive properties in your area. Amazon’s Yellow Pages beta pinpoints nearby businesses and provides rich information about them.

It’s certainly a new approach to software development and one that promises exciting innovations. However, I’m not sure corporate IT organizations will be as enchanted with perpetually modified software as developers are. IT groups value consistency and management. Many would rather have a single version of a package deployed across the company – even if it’s an older version – than have different iterations springing up everywhere depending which fixes and enhancements users and administrators had downloaded.

It’ll be an interesting push/pull. There’s no doubt that modularity and open development increase the speed at which new ideas reach the market. But corporate IT isn’t usually as interested in innovation as dependability. The willingness of enterprises to embrace this new approach to development will have a lot to do with how effectively open source is assimilated into the enterprise.

Cisco in denial

You have to wonder why companies don’t learn from the mistakes of their predecessors. Cisco has been in hot water with its users and the media this last month over security problems in its software. The vendor released a boatload of fixes for various OS and applications problems last month and then recently and then issued a cease and desist order against a former employee who revealed a serious flaw in the IOS operating system at the Black Hat conference this month. User reaction was predictable. People wonder why Cisco is in denial over these problems instead of moving proactively to fix them. In the case of the IOS flaw, the patch had actually been available for months. Why not use the opportunity to tell users to upgrade their software?

Shades of Microsoft and Intel. When Microsoft became the target of security sleuths who pointed out vulnerabilities in Windows, the vendor first reacted by attacking its accusers. It was only after multiple reports of flaws emerged that Microsoft turned the problem into a PR advantage by announcing it would dedicate the company to making its products secure.

Similarly, when Intel was the subject of embarrassing revelations about flaws in Pentium chips in 1994, it waited six months to acknowledge the weaknesses. Much to Intel’s surprise, users and media who had pilloried Intel for months flocked to support the company once it fessed up. The Pentium problems are only a distant memory now.

Cisco should learn from Microsoft’s and Intel’s mistakes. Software is imperfect and prone to bugs. Good companies learn from their mistakes and are direct with their users. No one will criticize Cisco for admitting its problems and rededicating itself to do better. Why wait?