Once More unto the Breach

It's been a while since I last blogged here as I continue to post to my Network World blog when I've something to say. Here's a quick summary of what I've been posting over the past year.

• The Role of FOSS Foundations
  Clean IP management and neutrality encourage collaborative development.
  There’s an excellent discussion begun over the past few days on the value of foundations in the free and open source software (FOSS) world. It includes people calling into question the Apache Software Foundation’s role, promoting foundations, and discussing the broader role of FOSS foundations. This was my take.
• Do Lawyers Ignore Copyright Law?
  Creating software versus creating contracts and a little irony to start your week.
  A view on the irony of lawyers ignoring copyright law to make the practice of law easier for them, while making software developers lives more complex.
• Software Discipline and Open Source
  Software discipline is critical to successful community development
  Good software is developed by good software developers. It involves a discipline not found in most programmers. Rigorous version and configuration management, checklists for style and review, “desk” checking reviews before commits, automated (continuous) builds, and fully automated test frameworks are all necessary steps to successfully, reliably delivering executable software that works. I argue that scaling a software project (open or otherwise) is impossible without this discipline.
• Peace and Harmony between FOSS contributors and lawyers
  Version 1.0 of the The Harmony Documents Launch
  Harmony is an effort that was begun and shepherded by Amanda Brock, the general counsel at Canonical, makers of Ubuntu Linux. The intent was to create a small collection of consistently-worded contribution agreements (both licenses and assignments) for free and open source projects to use to reduce the friction such agreements can cause when they’re encountered for the first time by corporate counsel unfamiliar with FOSS licensing. The first version of the work was published in July, 2011 and this was my take on it.
• Re-inventing SuSE and Three Futures for Mono
  Imagining the potential for Mono going forward
  In June 2011 we saw the rolling announcements out of Attachmate as SuSE gets spun into a separate organization with a return to Germany and Mono employees (along with many other Novell employees) finding themselves on the outside looking in. Here were three ideas for the future of SUSE and Mono.
• The End of the Symbian Foundation
  The end of the Symbian Foundation was in sight before it ever began.
  My analysis of how the Symbian Foundation failed before it ever got going properly.
• Red Hat Obfuscation is a Tempest in a Teapot
  Voting with one’s pocketbook and one’s feet is exactly what software freedom is about.
  I encounter another reference in the mainstream analysis about Red Hat “obfuscating” their work on Red Hat Enterprise Linux. This really is a tempest in a teapot, and I outline why I think that's so.
• Solving the Apple App Store Incompatibility with the GPL
  What’s needed is a little legal linguistic grease to enable the two orgs and their differing goals to slide by one another.
  Here was an idea for all open source legal experts to gnaw on and solve for the community. I saw that Apple pulled down the VLC media player because of the conflict between the GPL and the Apple App Store terms of service. I think there are easy ways around the GPL software on Apple Appstore debate.

I will keep posting collections here from time to time to keep readers abreast of what I'm writing in other places.

I was invited last Summer to blog at Network World and have been a bit remiss in keeping up on the home blog. Here's the list to date. Several ideas I think are very worth capturing with respect to the discussion around open source community, business, and IP management

• Of Coffee Houses and Code Communities
  We can learn a lot about successful community building from Starbucks
  Brian Proffitt has a great article on the difference between communities and crowdsourcing and how companies still often get it wrong with respect to their community building by treating them as a group that will get things done. I came across a good model for this separation of ideas quite by accident and it differentiates between the co-creation of the asset and the co-production of the community.
• Makers, Users and Buyers of Open Source Software
  Understanding your relationship to a project lets you ask the right questions.
  More and more is being written about governance and license compliance and open source. The FUD of lawsuits continues unabated. Simon Phipps has an excellent post on trying to break out of the conversational frame that some use around compliance and governance. I try to frame a participants relationship to a project so they can best understand what they do (and don't) need to care about.
• How to Talk to Your Lawyer about Open Source Software
  Lawyers know surprisingly more than they think about open source software.
  If you’re a developer that wants to use free and open source software then sooner or later you’re going to need to talk to a lawyer. Many developers have a working understanding of software intellectual property, but unfortunately software copyright is a space fraught with exceptions and edges and ambiguities. Karen Copenhaver came up with a great way to explain open source to a lawyer, and I managed to find the recording of it again.
• It’s Not That Complicated
  Too much is being made of FOSS licensing complexity.
  We seem to be seeing a rise again in the discussions surrounding free and open source software licensing complexity, and the fear that open source may infect or taint your software. I'm tired of it. It's just not that complicated to maintain a clean IP environment in software development.
• Please Don’t Confuse Standards with Open Source Software
  While standards and FOSS may overlap, they can’t be merged into one mega concept
  Some people want to merge the idea of free and open source software with standards, and indeed open the discussion into one of “open standards.” This confuses two ideas that are very different once you get beyond the idea they both involve collaboration in a technology community.
• Open Source: No one is working for free
  To understand the economics of open source, look to the R&D of collaboration.
  People continue to wonder how to make money in the free and open source software world. It’s dressed up in discussions of how one makes money when you give away the software for free, or why developers are working for free. It can likewise lead to a management backlash of not contributing to FOSS projects because some think their developers are working on FOSS instead of their own work. I take another run at explaining why the economics is in a business's best interests.
• A FOSS project isn’t necessarily a software product
  For FOSS the question isn’t just build vs. buy but also borrow versus share.
  Confusion often reigns over how to judge free and open source software (FOSS) as people investigate using it in their businesses. Do they use Red Hat Advanced Server? Fedora? CentOS? Should they use the community edition of the Alfresco content management server or buy the product? How does one judge the “software” and whether it’s “right” for one’s business? These are all questions that confront developers and IT managers as they encounter the FOSS world. I try to tease it apart for people so they understand the difference between a product for sale and an open source project.

Enjoy!

The CodePlex Foundation has re-branded itself to the OuterCurve Foundation. There continued to be confusion between the Foundation originally sponsored by Microsoft and the Microsoft forge site (codeplex.com). In June the Board decided it was time to rebrand the organization to clear up the confusion. [Most recently we were given credit for some excellent sponsor work the forge did in the open source community, so we knew the rebranding work was still necessary.]

We worked with a professional agency (Protobrand) and investigated a number of names that conveyed attributes we wanted to have associated with the Foundation. We wanted the name to support our efforts to build credibility for the Foundation within the open source community, and make the Foundation an attractive investment for additional sponsors. And of course we also had to find a name where we could own the urls. In the end we chose the OuterCurve Foundation. We hope it conveys our goal of helping the expanding universe of companies using open source to contribute to the communities they care about and to create their own.

A number of press articles have positioned us as "putting some distance between Microsoft and the Foundation" as the rationale for the rebrand, and I want to emphasize that the distance we're hoping to create is between the forge and the Foundation. We have an excellent working relationship with Microsoft as our founding sponsor. The Codeplex name was originally chosen as there was thought to be more affinity between the forge and the Foundation but it proved not to be so. Not every plan is flawless in its entirety.

The rebranding also coincides with our anniversary. The Foundation is now a year old. In that year, the interim Board put an initial governance structure in place, hired core staff (Paula and I) and we have accepted the creation of two galleries and a half dozen projects. More are on their way. The mission hasn't changed. The Outercurve Foundation exists to provide a software IP management process and project development governance to enable organizations to develop software collaboratively and encourage the growth of the open source software as a development methodology. It's an exciting time.

Some of the coverage:

• Dana Blankenhorn: CodePlex Foundation becomes OuterCurve
• Joab Jackson (NYTimes): CodePlex Foundation Called OuterCurve
• The Register: MS-backed CodePlex Foundation morphs into Outercurve [And no, Paula doesn't gush about things.]
• DJ and H-Online: CodePlex Foundation becomes Outercurve Foundation

Companies have been concerned about software license compliance with respect to free and open source software for some time. Part of this is due to simple competitive FUD designed to frighten people away from using FOSS or to sell services and tools around it, and part of this was due to genuine concern with license compliance when lawsuits appear because of violations. The Linux Foundation announced the Open Compliance Program at LinuxCon in Boston today to help companies understand and manage such compliance needs. I describe and comment on the program on my CodePlex Foundation blog.

The past few weeks have seen a resurgence in the debate over whether or not open core is a valid open source business model or not. There has been a lot of passionate and pragmatic discourse from lots of knowledgeable people (Phipps, Ingo, Mickos, Aker, Aslett, Proffitt, O'Grady).

I add my take on the debate on the CodePlex Foundation blog.

I just posted my opening thoughts on the current debates over software freedom versus open source software as a foundation for a discussion about open core as a business model. They are over at the CodePlex Foundation blog. Please discuss there rather than here.

It was brought to my attention that the FSF has re-posted its CodePlex Foundation commentary from last Fall on the day it was announced that I took the position as technical director at the Foundation. I'm not sure that anything has been added to the new commentary. Re-reading the FSF re-post, I can't but point back to my original response. I will add a couple of clarifications:

• CodePlex.com is a Microsoft owned and staffed forge that encourages the development of open source software based on Microsoft technology. The CodePlex Foundation is a separate not-for-profit software foundation to enable and encourage the development of open source software in the commercial world. Microsoft is the founding sponsor of the Foundation. There will be other sponsors. I work for the Foundation, not Microsoft.
• The naming confusion was not the most inspired move, but reflected an earlier idea for the Foundation. It will be resolved over time, and hopefully the confusion with it.
• The CodePlex Foundation is completely free and open source software license agnostic. The Foundation is also technology agnostic. If you want to use AGPL or GPLv3 or BSD or EPL, the Foundation has no opinion and will happily support your project or gallery. If you want to run on Mac OSX, Linux, Windows or all three, the Foundation likewise doesn't have an opinion.

The CodePlex Foundation has taken a while to get going, but there are already six projects across two galleries, some of them non-Microsoft. Paula Hunter joined as executive director last March, and I arrived a few short weeks ago. It's early days yet. Rome was not built in a day.

Pax.

I saw from Dana Blankenhorn's blog post the other day that the Eclipse Foundation has once again published its excellent annual survey of Eclipse usage in the world. This is an annual survey that is always interesting because it shows the rise of many free and open source software projects beyond the Eclipse world and their subsequent competition with each other and the traditional products in the marketplace (e.g. Windows, Oracle). There were 1696 completed surveys this year to last year's 1365, i.e. there were almost 25% more respondents this year.

Dana caught sight of a trend noted by Ian Skerrett in his blog post announcing the survey:

Trend #7. Open source participation seems to be stalled. In the survey, we asked a question about the corporate policies towards open source participation. In 2009 48% claimed they could contribute back to OSS but in 2010 only 35.4% claim they could contribute back. Conversely, 41% in 2010 claimed they use open source software but do not contribute back but in 2009 it was 27.1%. Obviously not a trend any open source community would like to see. I am not sure the reason companies would become less restrictive in their open source policies. Any insight or feedback from the community would be appreciated.

The question as asked in the survey reads differently to me: What best describes your organization's policy towards the use of open source software? (Choose one.) Possible answers were:

• Does not allow the use of any open source software (1.4%)
• Uses open source software, but does not interact with open source project communities in any way (35.6%)
• Uses open source software and contributes back (through bug reports, code, resources) to at least one open source project community to help improve the quality of the projects we consume (30.7%)
• Contributes significant development resources (contributors, committers and/or maintainers, project leaders) to at least one open source project community in order to help influence the evolution of the projects we consume (7.7%)
• Has a business model that relies on open source software for its success (11.4%)
• Individual, not affiliated with an organization (9.2%)
• Don't know (4.1%)

There hasn't necessarily been an increase in participants that say they can't contribute, but rather that they don't contribute back. Dana and Ian both ask why this might be the case. Looking to the demographics, there may be a number of reasons.

There's an increase in the percentage of financial services participants over the years (6% to 6.8% to 8.4%). This is a group that has historically been careful in how they contribute and where. The IT crowd is also interesting because using FOSS means that they don't need to figure out how to talk with the accounting department to create a PO for a software trial to solve a problem, but turning it around to the contribution side of the equation, they also don't need to figure out how to find a lawyer to ensure they're giving back in an appropriate manner.

There's an increase in the number of students over the last two reports (8.6% in 2007 down to 8.1% then to 9.8%). This number may be the more interesting set of numbers because the fewer students, the higher the contribution status it seems in the graph (p. 27 in the 2010 report). There are absolutely students that contribute and whose contributions are deeply valued by a number of open source communities, but as a rule, they would be less experience developers and are faced with the learning curves of the project, the technology, and the growth of their own programming skills. This has significance in terms of things that are accepted by the community. They also may simply not know how to contribute as many FOSS repositories do a poor job of delivering the guidance to develop a vibrant community that encourages new developers to join.

All in all, the survey is always a great piece of work and the other trends it finds in it's developer community are always interesting.

All: I've joined the CodePlex Foundation starting Monday, 17 May as the Technical Director reporting to the executive director. My responsibility is to set the strategic technical direction of the Foundation, and work with the gallery managers and project leaders on a day-to-day basis. I'm excited about this. I believe the CodePlex Foundation has a great role to play as we continue to see more and more commercial organizations participate in open collaborative software development.

The CodePlex Foundation exists to encourage and support the creation of more open source software, specifically working with commercial organizations. People have shared software since we started programming computers. The sharing bandwidth used to be mag tape sized packets and conference schedule delivery rates. Now we have the Internet which changed the dynamics and economics dramatically. Historically, software foundations tied to free and open source software grew to support a particular licensing scheme or project technology community. I think the CodePlex Foundation complements existing organizations quite nicely. The Foundation is an excellent opportunity to broaden the contribution base from commercial organizations and I want to ensure processes and education are in place to enable those contributions.

My first order of business will be to meet with the existing gallery managers and project leads to begin to put in place any process and services they urgently need. From that point forward it will be to help define and shape the rest of the project and IP management processes that are needed to make the Foundation's value proposition a reality for new sponsors and contributors.

A few friends and colleagues have asked what it means for Microsoft's open source initiatives. I don't know. I certainly don't speak for Microsoft. The CodePlex Foundation has a very straightforward mission and I work for the Foundation. Microsoft is the first and founding sponsor, essentially putting their money where their mouth is with respect to managing their own contributions. I expect there will be more sponsors and participants over the coming year and my goal is to enable them all.

[Update (19-Nov-2010, 15:41 GMT): Voici une traduction en Français par Philippe Scoffoni.]

[Update (11-May-2010, 10:37): Matt Aslett posted commentary on this post at the 451 Group CAOS blog.]

Debate continues on whether open core business models are a winning strategy with a capital "w" or not, and whether customers care. Matt Aslett's recent excellent posts continue the discussion. The big concern for those that criticize or express concerns is that customers are mis-lead, essentially that there's a bait-and-switch free-versus-product or a deliberate lack of clarity in the marketing around the product value.

I want to take a different approach to the discussion here. Before we had Internet-sized bandwidth on which to collaborate around software, traditional software business looked something like the first diagram. R&D delivered product. Marketing delivered messages. Sales and marketing managed and qualified leads through a pipeline and if the product solved a customer problem properly, a market was made and you could measure the profits.

The Internet happened, dramatically removing friction from the process of collaborative software development and delivery. Developers could share the economic cost of software creation (innovation and construction) and large repositories of useful building blocks were born and made available through these project-focused communities. The Web accelerated the early Internet trend.

Companies began to form around some of the projects and for the past decade and a half there's been confusion as people debated how to make money when you give away the software, or the other side of the economic equation around variations on why people work for free. This has unfortunately led to the idea of community and customer interaction akin to the following diagram. The community is jammed into the middle of the customer pipeline. The community gives stuff to R&D which still delivers product. Marketing now messages to customers AND [worse] the community, and the company tries to "convert" the community into customers.

This probably started around the time that MySQL AB observed they had a paying customer for every thousand downloads. This mis-set expectations in a fundamental way. People assumed causality. It created false metrics around driving downloads and improving conversion rates. (We'll come back to this ....)

Marten Mickos (while CEO at MySQL) observed that the early community has time but no money while the later community has money but no time, and that his customers are in the latter bucket. This is the start of a better model for understanding community and customer. Let's use the "time is money" line as the division between community and customers because by forcing the separation of the two groups we can add clarity to both and the things a business would need to do differently with each.

Instead lets treat the community (time but no money) as a completely separate entity from the customer pipeline (money but no time). The community members engage with R&D over the project. They engage with marketing in a conversation about project direction, and ancillary things like translations in other markets. Customers are qualified through the pipeline based upon the product.

Indeed you can start to see how to think about these different groups of people using different well understood and documented processes for community development and sales channel management.

This allows you to clearly address each groups's selfish needs.

Community	Customers
They have time but NO money	They have money and no time
They want a problem solved and look to the project	They want a problem solved and look to the product
They can’t be converted	Your Community is the litmus test of solution viability.
They can contribute time, so: What do you want them to do? What do you need to enable? What do you need to let them know?	You manage leads through the qualification pipeline and conversion process like any other customer-focused sales process
They will not waste time, so the project needs to solve a problem for them before they will invest themselves in it

Product for customers is clearly differentiated from project and community. How the product is differentiated depends upon the company and the value proposition to customers. At it's simplest, the product may be a supportable and maintained collection of software, certified to run on specific supported platforms and with particular applications, and trivially installable. The product may be the support and maintenance itself. Some companies pack more "enterprise ready" marketable differentiated features or attributes into the product. Others (e.g. Red Hat, JBoss, MySQL) develop a valuable network offering that includes support, maintenance, certifications, additional warranties, monitoring, indemnifications, and the like into a single subscription model. Regardless, there is well-defined value that solves a customer's problems.

Companies like Alfresco and Hyperic and JBoss all saw conversions in the pipeline because potential customers came to the web site, learned what they needed to learn, downloaded the appropriate things to try, and used the community as a litmus test of the solution before returning (self-qualified) to buy product.

This visualization also clears up debate about "open source" and "community". Some companies publish their product source code under open source licenses and never try to develop a real community. There's nothing wrong here if indeed they're running a more traditional software business model and don't care specifically about enabling the community to directly engage with the project. Publishing the software is a sign of strength and confidence in their product and their ability as a company to satisfy customers with a valuable solution that is more than just the software.

Some companies also develop large successful communities without ever publishing their product software. This is why community building is so important for your company and why community development is an essential ingredient in your solution pitch to customers. Communities historically anchored your customers. Communities create knowledge, expertise and experience, all necessary to provide a complete solution for your technology pitch to the customer. Communities create advocates and evangelists to spread awareness about your solution. Communities create enormous inertia in the status quo around your technology. This is why companies like Microsoft invested millions in developing the Microsoft Developer Network (MSDN). It has taken more than a decade for other Internet communities around interesting open source projects to wear down the inertia inherent in MSDN. Likewise, IBM has invested enormous amounts of money in the IBM Developer Network, incorporating free and open source software to meet their solution needs and value propositions to their customers. With open source projects relating to your company, the community is anchoring your solution.

This is the real "conversion". The community enables customers. It is correlative not causative. Community members that have solved their problems using your technology base will carry their excitement, knowledge, and commitment into new places where customers exist. With well organized open source communities, the community now fronts your technology to new customers as well as later anchoring customers once they exist.