Walmart’s big open source investment

Walmart’s backing of the Hapi project, an open source Node.js framework, represents a significant financial commitment (over $2m). Why would Walmart be investing in open source options when it could simply pick up some proprietary code from elsewhere? Eran Hammer, a senior developer at Walmart labs lays out some of the reasons for us in a recent blog post. Key to the argument in favour of open source spending is return on investment and as Hammer explains, for the decision to make financial sense first required them “to develop success parameters that enable us to demonstrate the value”.

Once the ROI becomes quantifiable, the expense becomes much easier to justify. Walmart is ready to work in the open precisely because it recognises that it get’s a lot of value for its money that way. In fact, by Hammer’s assessment “by paying developers to work on Hapi full time, we get back twice (or more) that much in engineering value.” Read Simon’s thoughts and interpretation in his Infoworld article.

SAP’s open source journey continues

The stand of German IT superpower SAP might have seemed like a surprising addition to this years OSCON. Announcing its sponsorship of both Cloud Foundry and the OpenStack Foundation, the firm is committed to adding support for its SAP HANA in-memory database to both platforms. In addition, SAP was also promoting its own open source project OpenUI5, a substantial JavaScript UI library it previously delivered as a proprietary project under the name SAPUI5.

In previous articles, Simon has explored the idea of a seven stage model of open source adoption by large corporations. SAP’s latest moves to embrace open source more fully demonstrate its progression into the middle stages of the ladder. Whilst there’s still a long way to go, this progression is a welcome development. Read Simon’s full article on InfoWorld.

Is Microsoft To Blame For Malware?

The action law enforcement services have taken against the GameOver-Zeus malware syndicate is great news for a change. In the UK, this was communicated with typical tabloid alarmism, framed as “two weeks to save the world” instead of “unusually effective action by law enforcement”. As a result, UK publications have been posting self-preservation information for their readers.

The BBC’s instructions start with the statement “If your computer does not run Windows, stop right here.” Users of other operating systems like Linux or ChromeOS have nothing to worry about this time, even if they are increasingly likely to be targeted elsewhere. As a result, some have asked whether Microsoft is to blame for all this malware. Continue reading

Digital First Aid

The Digital First Aid Kit is a project from Digital Defenders in partnership with the Electronic Frontiers Foundation providing advice concerning a variety of different digital emergencies. Covering everything from establishing trust through to handling account hijackings and DDoS attacks, the web page provides a comprehensive introduction to digital security issues for the uninitiated. For the less technical reader, this is a great resource for  clarifying some of the complex technical language surrounding digital security. Perhaps you know someone who would benefit from reading it? For a fuller overview, check out Alexandra’s ComputerWorldUK site review.

Welcome to the Open Source Golden Age

Perhaps it seems like open source has stopped being relevant in the GitHub era? People just “do” open source without needing to get involved with all that messing around with licenses? Certainly that’s the view Matt Asay put forward in his recent InfoWorld blog, closing his thoughts with the following summary:

we find ourselves today… in the midst of the post-open source revolution, a revolution in which software matters more than ever, but its licensing matters less and less.

Nothing could be further from the truth; open source’s predominance today shows us that it is in fact enjoying a golden age of success. If it seems like much of  the furore and debate around software freedom has gone quiet of late, it’s not because the issue of licensing has become irrelevant, but because the solutions we’ve decided on and used have proven to be effective.

To the extent that GitHub gets used as a storage space for code, its likely that it will continue to have a high number of unlicensed projects kept there. In actual fact, failure to specify a license carries its own legal consequences, open to abuse when entered in to out of ignorance. For effective developer collaboration for commercial purposes however, choosing the right license creates a low-friction environment where permission to innovate is given in advance.  Read Simon’s full response to Asay’s post in his latest Infoworld Article.

Non-profit status denied; moving on

Recent news that Yorba was denied non-profit status by the IRS adds weight to the observation that the American government appears to be rethinking it’s position on the role of open source software. When viewed alongside March’s denial of non-profit status to the OpenStack Foundation, the decision looks even more like a deliberate change in direction.

Whilst non-profit status has been bestowed on open source software foundations before now, it seems that due to the prevalence of the open source method and the “software freedom” concept, the IRS has come to regard them as normal and now requires that communities demonstrate even more justification before they can enjoy non-profit status.

At first glance this might seem like grim news for open source foundations, but is it? Perhaps what’s really valuable is not simply having the status of a non-profit, but having the shared rules within an open source community which protect it from troublemakers and which are usually formulated as part of the process of becoming a non-profit.

If the main benefit to non-profit status is actually just as a sign that a community has maturely considered the rules by which it which protects community member rights, creates a permissionless environment and ensures best practice governance, perhaps there are other ways we can achieve the same ends.

For more detail, read Simon’s full InfoWorld article.

Heartbleed and Lessons Learned

HeartbleedWe’ve had some time for the shock of the Heartbleed announcement to sink in and there’s a lot to consider. While the first impressions might be about the serious, exploitable bug and the repercussions of its abuse, the incident casts light on both the value and risks of open source. Continue reading