Not to start this post off on a down note, but wandering around OpenSource World I couldn’t help but think I was attending the last LinuxWorld Expo.

I’m not sure where the show lost its way, but the once huge conference was just a shadow of its former self. OSCON has become the main show for open source, and with Linuxcon coming up in a few weeks I can guess why the hardcore Linux crowd stayed away.

For example, the Linuxcon keynotes will include Linus Torvalds and Mark Shuttleworth. The first keynote at OpenSource World was a replacement speaker from Dell who simply went through their standard cloud computing slide deck. The hall was so empty they removed about 200-300 chairs from the back before the next speaker to keep it from looking so sparse.

Not a good sign.

I did actually have some fun at the two sessions I attended. The first was Brian Aker’s Drizzle talk.

As most of you know, Drizzle is sort of a return to the MySQL roots. It is designed to be a small and extremely fast database for use on web sites (yes, I’m oversimplifying so check it out if you need more). Being sort of a ground-up re-imagining of MySQL it tries to take the best of the older platform with an eye on the future. For example, Drizzle is being designed solely for 64-bit architectures on machines with lots and lots of RAM, the assumption being that once the project is ready for production that will be the default system anyone would want to use for it.

What I really enjoyed was his strategies for getting the community more involved in the project. He related a story of when MySQL started growing and they realized that everyone in the community who was a serious contributor had been hired by the company. I hope to adopt some of his ideas for community involvement in Drizzle for use with OpenNMS.

The second session was a panel hosted by Larry “Dark Lord of Open Source” Augustin on open source compliance. As Chris Dibona says “All Panel Discussions Suck” and this one was no exception.

The thing I hate about panel discussions is that there is little give and take between the audience and the panel members. For example, there was a lot of talk on concerns of using open source inside an organization with license compliance, compatibility and things like that, when the truth of the matter is that as long as code doesn’t leave an organization, open source software is pretty close to public domain. The rules don’t usually kick in until it is distributed (as the license is normally enforced under copyright law) and so many organizations can see huge benefits from taking and using open source software internally.

But I wasn’t able to ask about that.

Two of the panelists seemed to have a real solid understanding of open source software. Tim Golden, of Bank of America, brought up something near and dear to me: work for hire.

At OpenNMS we make a large portion of our revenue from custom development. All the work we do gets put back into the product, so the client gets exactly what they want out of OpenNMS and we get to make OpenNMS more powerful.

However, most standard contracts have a “Work For Hire” clause that states the client owns all the code, so we have to either remove it entirely or rewrite it extensively to make it more in line with the ideals of open source software.

He also brought up this scary concept of “residual knowledge”. It would seem logical that if I am doing work for a client and I come up with an idea during that time that I should own the idea. But what if that idea was triggered by some confidential knowledge I obtained from the client? Do they have any claim to future work based on it? Apparently this is a hot topic within cloud computing since previously confidential business practices get more exposure. It was a term I had not heard of before and one that I plan to keep an eye one (plus adding a new “residual knowledge clause” to our contracts).

I also was impressed with last minute panel replacement Steve Wretling, from Kaiser Permanente. Kaiser seems to have a real grasp of how to deploy open source within their environment and they have put in place processes to take advantage of it.

So, overall, while I hated the format I enjoyed the session.

The next keynote was by Debra Bowen, the California Secretary of State. She is a good speaker and very tech-saavy, but she has also been branded a Luddite due to being outspoken in her criticism of electronic voting machines. The stories she told were scary, and it made me value the optically scanned paper ballots still used in parts of North Carolina.

Then the fun began. I met up with John Mark Walker, Michael Coté and Luke Kanies for lunch. John Mark is starting a new venture promoting open source on Windows, Coté was unusually quiet, and this was the first time I’d met Luke.

I think I know why Coté was quiet.

Let’s just say if you ever need to kill a couple of hours, put me and Luke in a room and press “Go”.

I found Luke to be quite charming, and we found a lot of things in common between his team’s creation of Puppet and our team’s work on OpenNMS. We both can talk at length about a variety of subjects. But we are also very different: he’s skinny, I’m fat; I eat animals, he does not, etc.

Based on my experience with the morning panel discussion, we thought that ours should have more audience interaction and I think it went okay. We had a few people walk out and Luke says he saw one person sleeping but for the small crowd that stayed (and stayed awake) I hope they got a little something out of it. I had fun.

That evening Luke and I met up at the View Lounge at the top of the Marriott and continued our discussions on everything from open source, running a business, popular culture and shoes. We were joined by filesystem hacker extraordinaire Valerie Aurora and later by Michael Coté.

Val came up with a game to name three topics of conversation that should be banned when geeks meet socially. Last year her three were computers, the election and the financial crises. The new three became computers, health care, and social networks.

Hence the discussion about shoes.

After awhile we split up and Coté and I continued over sushi and sake. I always enjoy talking with him because he is an analyst who used to be a programmer. I think he gets where I’m coming from. The best technology salesperson I know is a guy named Doug Gilkey who has an advanced degree in aerospace engineering, and in much the same way Coté is one of the best analysts in the management space since he’s been there.

All in all I’m glad I came, but I don’t think I’ll be back. I can’t make Linuxcon this year, but perhaps next, and OSCON is apparently returning to Portland so I might have to combine a trip to that show with visiting clients in the area.

But I gotta buy some new shoes.

I didn’t make it to OSCON this year (thanks for everyone who voted for us for the CCA, by the way, even though we lost out again to Firebird) and I am quietly thankful for it, because it seems like the conference kicked off a new round of hyperbole and hypocrisy from the fauxpen source crowd and I’m going to try to stay out of it (instead of any kind of rational discussion, this round seems even more full of ad hominem attacks).

I’ve been labeled both an open source purist and a zealot simply because of my assertion that the term “open source” is defined by the open source definition. And while no one calls me a pragmatist, only a pragmatist could have kept a company like OpenNMS going through good times and bad without investment.

Heck, I’m even pragmatic about open source – in the realm of enterprise network management nothing works better, but that doesn’t mean it works for everything.

But no matter how successful we are, someone will think we aren’t successful enough. Luckily, I haven’t spent much of my life worrying about what others think, and we have been so busy lately that I can easily lose myself in helping our customers and our community.

However, at the risk of boring my three readers, I wanted to share an epiphany I had at dinner Thursday night.

We were discussing open source and I reexamined why a number of commercial open source companies see so little contribution that they resort to calling their users “leeches” and free loaders.

It is just natural that in a gift economy like open source, those who give back in a substantial fashion will be few. I’m am always grateful for any positive contribution while having the expectation of none. OpenNMS enjoys a wide range of contributors, enough so that I would never feel the need to refer to our community as leeches. I was wondering what was so different about us from other companies.

The answer came to me straight from Dan Ariely’s fine book Predictably Irrational. In it he talks about “Social Norms” versus “Market Norms” with an example from a day care center in Isreal:

A few years ago, [Uri Gneezy of UC San Diego and Aldo Rustichini of the University of Minnesota] studied a day care center in Israel to determine whether imposing a fine on parents who arrived late to pick up their children was a useful deterrent. Uri and Aldo concluded that the fine didn’t work well, and in fact it had long-term negative effects. Why?

Before the fine was introduced, the teachers and parents had a social contract, with social norms about being late. Thus, if parents were late — as they occasionally were — they felt guilty about it — and their guilt compelled them to be more prompt in picking up their kids in the future. (In Israel, guilt seems to be an effective way to get compliance.)

But once the fine was imposed, the day care center had inadvertently replaced the social norms with market norms. Now that the parents were paying for their tardiness, they interpreted the situation in terms of market norms. In other words, since they were being fined, they could decide for themselves whether to be late or not, and they frequently chose to be late. Needless to say, this is not what the day care center intended.

Vibrant open source communities operate under social norms. I am often approached by people who say that they really love OpenNMS, but then they sheepishly admit that they don’t buy support or contribute in any other way. They tend to smile when I say that I’m cool with that – just finding our work useful makes my day and they’re probably not a good fit as a support client in the first place.

But the open core realm operates under market norms. If some restaurant is handing out free food samples, rarely does one feel guilty about taking some. In much the same way, when users see a company that sells commercial software, there is no obligation associated with taking the free stuff and being done with it.

So the problem of leeches is one of their own creation, and as research has shown, once you set the basis for interaction based on market norms, it is hard to move back. This may be one of the main reasons a least one such company seems to be changing its message away from open source.

Once again, I’m just thinking out loud, and in that vein let me state that I’m thankful OpenNMS still seems to be operating under social norms. I’ll work hard to keep it that way.

… are greatly exaggerated.

It’s funny, from my small corner of the world it seems like the GPL is under attack of late. First, back in March, esr questioned the usefulness of the license. And now a lot of discussion has built up around a post by Benjamin Black comparing the GPL to DRM. Since I am nothing if not fashionable, I felt I should throw my opinion into the mix.

I have to disagree with Mr. Black’s premise that

it [the GPL] acts as a virus to force the release of ever more source. the gpl serves to rigidly control what you can and cannot do with software covered by it, and is thus the license equivalent of digital rights management

The GPL is a rather simple license, and I don’t view its requirement that changes to GPL’d code must also be GPL’d as “rigidly controlling” what one does with it. I can run GPL’d code on any device I want. I can modify GPL’d code any way I want. I am free to do whatever I want with GPL’d code as long as any changes I make are given to whomever I share the code. Heck, if I don’t share the code the license doesn’t apply, since it is based on the making of copies (copyright) and not possession.

DRM, on the other hand, exists to lock digital works to a particular device, or to limit the number of copies one can make, or to otherwise limit what one can do with the code.

Mr. Black’s viewpoint seems to be that the GPL should exist to empower users and that it is wrong for developers to have much, if any, control over their work. He states “the license intended to protect the rights of users is instead being optimized for the rights of developers”.

Huh? This seems a little insane to me. Software licenses in general are designed for the developers (publishers) of software, not the users of software. As far as I know the GPL puts no restrictions on “use”. As the creator of a piece of work, shouldn’t I have some control over it? If I wish to share it with others, don’t I get to create the rules by which this sharing occurs?

The problems he raises are not licensing problems, but management issues, specifically community management issues.

I visit a large number of companies each year. Some clients have serious limitations on internet access, whereas others are very wide open. I was at one client where I was talking with the director of the management group, and I pointed out that I was very surprised at how open their internet policy was. He pointed out that if there was a employee spending time surfing for porn or playing World of Warcraft, that wasn’t a technology problem but a management problem. It wasn’t necessary to limit the technology. I should point out that he had an amazing group of productive people working for him.

The same thing applies to the GPL. The GPL is not flawed nor is it overly controlling. It is just one set of rules that the creators of software can adopt. Don’t like it? Don’t use GPL’d code. As a contributor to an open source project, you can choose whether or not to contribute. It is a management issue to insure that your community it happy with what you do with the code. It is them you have to satisfy and no others. A license doesn’t help you do that.

There is a lot of discussion that the Apache license is better for open source projects. That most certainly is not the case with OpenNMS. We have built an amazing platform that is highly scalable, and all we need now is a small amount of investment in order to work on the webUI and make it easier to use and more attractive. If we were under a permissive license there would be nothing preventing a company with a couple of million in VC from taking our work, finishing it, and making a huge profit. Heck, they wouldn’t even need to release their final product under an OSI-approved license at all. Is that fair to the developers? Is that even fair to the users?

In my very first post on the subject of open source in business, I went over a number of business models, including the dual-license model. To me, the dual-license model is a great compromise – as long as 100% of the code is available under an open license, it should not be considered wrong for a company to also generate revenue from another license, like MySQL used to do. The only caveat I had was that some developers would not be happy with that arrangement, and thus it might reduce the amount of contribution.

MySQL used to require that any contribution they accepted also include the copyright. We found that to be a little restrictive – what if you contribute a cool algorithm you came up with but you also want to use that in another program? Shouldn’t you be able to own your code?

So we were happy to discover the Sun Contributor Agreement which implements the idea of dual copyright – the project gets the copyright to the contribution and the author retains the copyright to their work. This was acceptable to our team – it may not work for everyone.

Since the copyright to OpenNMS is now wholly owned by The OpenNMS Group, we are considering offering a commercial license for the platform to other companies who wish to build a custom management solution. Any code we write, however, will also be published under the GPL. This is a promise we have made to our community as well as the governing body of that community, the Order of the Green Polo. They trust us to use any revenue we make to better the product, and a dual-license may be the best way to accomplish this quickly.

But while the GPL works for OpenNMS, sometimes a more permissive license is better. In fact, some of the work we are doing with another project will be published under the Apache license. As the developers of the code we wish to have some say in how it is used, and our choice of license allows us to do that.

Mr. Black seems to take issue with this. It seems like he wishes to be able to commercialize others work so that he can decide “who gets paid” versus those that create the software. Since the GPL makes this difficult, it must be wrong and we can compare it to DRM. His definition of free is close to public domain, and anything else is too restrictive. I have to disagree and insist that there are shades of grey from commercial software with content under DRM to the public domain, and that the GPL is much closer to the latter than the former.

My three readers of this blog know that I’m pretty particular about the use of the the term “open source“. It’s not that I’m an open source zealot, but the term has a specific meaning that has been diluted over the last couple of years. Since the value of OpenNMS is nicely summed up with “open source” I am loathe to allow its meaning to be changed.

It is with some pleasure that I’ve noticed that one of the fauxpen source companies in the management space, Zenoss, has made some subtle changes to their corporate message over the last few months.

From a press release last April, which leads:

Zenoss Inc., the leading commercial open source network and systems management provider

Note the prominent use of the term “open source”.

Now flash forward to June:

Zenoss Inc., the fastest-growing alternative to the “Big 4” for enterprise network and systems monitoring

While the term “open source” still appears throughout the press release, there is much less emphasis on it.

Today, this came through my reader:

Zenoss Inc., provider of the next generation alternative to legacy enterprise IT operations management solutions

Note that “open source” was only used once in the main article.

I take this as a good sign. I’ve never really had a problem with the “open core” business model – I think that all commercial software will move to this model eventually – but I hate it being called “open source” for a variety of reasons I won’t repeat here.

I do have to wonder what is driving this change. Could it be that they are finding less traction with the term “open source” in the marketplace? Could it be a backlash from open source advocates who explore their product only to find out that they have to pay high per node prices for the “real” software? Or could it be pressure from the VCs to start making serious bank as the five year window is closing rapidly?

In any case, with all of the marketing money these companies have you would think they could build on the the “open core” brand without having to degrade ours. They still have “open source” all over their website, but I am hoping this is the start of a move toward something a little more legitimate.

At OpenNMS we get to work from home a couple of days a week, but I’m really glad that most of us get together in office as well. Not because it makes us work any better or harder, but because the side conversations can be a lot of fun.

Today, Ben and I got into a debate about the new Palm Pre and its ability to sync with iTunes.

The Pre connects to the computer via USB and identifies itself as a Palm Pre. However, in “media sync” mode, the mass storage device changes its identity to reflect an iPod. This allows one to sync their Pre with iTunes as if it was an iPod.

The debate was over the question: is Palm breaking the law?

I don’t know enough about USB to know exactly how Palm is achieving this, but if they are returning a string that says “Apple iPod” that would be a trademark violation. However, if they are returning just a number, say “1291” then it gets a little murkier. Some might claim it is the same (since 1291 represents an iPod Touch) but I don’t. In one case it is an obvious abuse of trademark, but in the other it is more of a compatibility hack.

I expect in the next week we’ll see the official responses from Apple and Palm (with the Pre’s release this week and WWDC next week). It should be interesting.

What does this have to do with open source and freedom? A lot, actually. While the digital age makes it a lot easier to copy and move information, it also allows vendors to control a lot more, too. Think about Apple’s DRM in iTunes. One reason I buy all my music from Amazon is that I have a number of non-iPod devices and I want to make sure I can play the music I purchase on them as well. Even when DRM went away at the iTunes Store I still buy from Amazon.

It reminds me of the time (back in 1993) when Garth Brooks wanted to make it illegal to resell CDs, since people were taking them home and recording them. Can you imagine a car company saying “you can buy this sedan but you can never sell it”? It doesn’t make sense.

For example, if I buy an iPod, a Linksys Router or a PS3 and I want to hack the hell out of it, I should be able to do so. Now, I don’t expect the vendor to support me should I screw up the device, but they shouldn’t be able to prevent me from using something I own, pretty much anyway I want. There are certain notable exceptions – I shouldn’t be able to buy a DVD, copy it and sell the copies – but that is a copyright issue and not a property rights issue.

This case will be important since proprietary software and hardware vendors have a vested interest in keeping open source out of their playground. Sometimes the only way to get something I have purchased to work with free software is to come up with a hack, and outlawing such hacks would be unfortunate.

The Palm Pre/iTunes case is a bit different, since it is hardware hacking software (and proprietary hardware and software at that) instead of the other way around. It will be interesting to see how this plays out.

Apple may be magnanimous and comfortable with its monopoly and ignore it, but more than likely it will take steps to block the “media sync”. In either case Palm wins: it gets to sync with the most popular management program out there or it can claim Apple thinks that the Pre threatens the iPhone. Either will draw even more attention to the Pre.

UPDATE 1: Aaron points out on Twitter a Sega v. Accolade case that might have precedence.

UPDATE 2: Looks like it is 1993 all over again, with game manufacturers wanting a cut of used video games sales. Sheesh.

One of the things I love about my job is that I get to meet a number of cool people. One of them, Mark Taylor, turned me on to a post by Georg Greve of the Free Software Foundation – Europe.

It echoes a number of things I’ve written about recently, although with much more clarity and coherence than I can muster.

In “It’s time for the community to take charge of its brand” Georg concisely explores topics that I rambled on for post after post. These include the fact that there is no substantial difference between the terms “Free Software” and “Open Source”, and that abuse of the term “is harmful for all companies and commercial endeavours in Free Software, as it weakens the ability to communicate an essential part of the unique sales proposition.”

I feel that pain every time I’m asked about the OpenNMS “enterprise” version.

While much of the article hit me as preaching to the choir, one bit was absolutely brilliant. Instead of referring to the users of open source software as “leeches” or “free loaders” he calls them “hermits”. I love it.

Like it or not, open source software has a large social component. Webster defines a hermit as “one that retires from society and lives in solitude”. Perfect. It doesn’t have a built in negative connotation (as in “blood sucking leeches”) but it does express the fact that using open source software without being a part of the community makes the experience less than what it could be. It’s much kinder – there is always hope that a hermit will come back down off the mountain – but with a leech all you want to do is remove it and kill it.

Of course, because Georg is part of the FSF, expect a number of ad hominem attacks labeling him crazy like that Stallman fella. His reasoning is so sound it is probably the only option his critics have.