1
I’m at OSBC (Open Source Business Conference and sat through an interesting session run by Chris DiBona, Google’s Open Source Program Manager, and Dirk Hohndel, Intel’s Chief Linux and Open Source Technologist (Intel is an investor in Likewise) (his blog: http://www.hohndel.org/communitymatters/). The topic: “Where’s the Risk, Exactly?” Meaning where is the risk to organizations that are using and developing with Open Source Software.
The risk question, as the CEO of an business with an Open Source business and development model, is one that that I’m asked with some regularity. Chris and Dirk certainly got the details right I’d like to add on with actionable information. I worry at times that overloading the uninitiated with the minutia of the ins/outs of OSS licensing can freak out mainstream organizations that are considering moving to OSS. And if you believe the analyst numbers presented in a couple of the keynotes, our economic climate is accelerating Open Source adoption in organizations of all sizes so this is an important time to help folks figure out how to correctly use and develop with Open Source.
The licensing minutia does matter and if you get it wrong, particularly if you’ve not even tried to get it right, this can lead to pain and misery and even the loss of a job if you’re a technology leader and this badness happens under your watch. That said, it isn’t difficult to get it right and here is some actionable advice to organizations that are considering Open Source Software for the first time:
1. Get a pragmatic, Open Source savvy attorney and listen to them. I can make an excellent referral to ours if you like. If the attorney you’re working with advises you that it is risky to use open source it is probably safe to say that they are not open source savvy.
2. Get a business oriented and Open Source-experienced project manager. There are details that need to be gotten right and someone that has experience in these areas will help things go smoothly for your project.
3. Scan your code. Here is one company that does this:
http://www.blackducksoftware.com/
There are others. I won’t be surprised if you are surprised by the results of your first scan. Dirk has a test that is a good one: do your developers have illicit MP3 files on their computers? What makes you think that this isn’t true of illicit code snippets that they have downloaded? It is just the same, I assure you. This is good hygiene even for commercial software companies; as I said you’ll be surprised at what you find.
4. Train your developers on the basics of how to do Open Source the right way. If you are a small company this can be less formal. If you are a big company your lawyers will appreciate a fancy, formal, and detailed program.
5. Operated in good faith to do the right thing. Contribute back when you are required to and meet other license obligations as appropriate. If you don’t you can get a community of pissed of developers and then not-necessariy friendly lawyers that may, and rightly so, make your life more complicated than you wish.
6. Work with quality Open Source Software vendors. Like Likewise. [Sorry for the quick plug.] Your life will be simpler in the long run.
Hope this helps!!
Barry
PS: Loved a couple of things from the Ron Hovsepian’s (Novell CEO) keynote:
- 67% of prospects/customers rank interoperability between Linux and Windows as one of the top factors in selecting a server OS. Amen.
- Interoperability is one of the key issues for Linux in the data center. Double amen.
Back to top