1998-01-28 - No Subject

Header Data

From: Zooko Journeyman <zooko@xs4all.nl>
To: apatrizi@cmp.com
Message Hash: 925dc685bd844682f22acb54b4a7a6d0a3177d30d8105613222cb210adf9bc4c
Message ID: <199801280041.BAA19241@xs2.xs4all.nl>
Reply To: N/A
UTC Datetime: 1998-01-28 00:47:33 UTC
Raw Date: Wed, 28 Jan 1998 08:47:33 +0800

Raw message

From: Zooko Journeyman <zooko@xs4all.nl>
Date: Wed, 28 Jan 1998 08:47:33 +0800
To: apatrizi@cmp.com
Subject: No Subject
Message-ID: <199801280041.BAA19241@xs2.xs4all.nl>
MIME-Version: 1.0
Content-Type: text/plain



(A letter to Andy Patrizio of TechWeb, www.techweb.com, Cc: to
cypherpunks@toad.com, malda@slashdot.org and gnu@gnu.org.  May
I remind the audience to use the technique which will benefit
your goals rather than harm them:  politeness.)



Sir,

I beg to differ regarding your assertion in
"http://www.techweb.com/wire/story/TWB19980126S0015" that open
source code has little value.  While your article makes the
very good point that a higher level of abstraction (the API
level) is a better platform for most "interoperation" or
"extension" uses, you omit several important considerations.
I will attempt to describe three of those considerations here.



The first consideraton is that open source code is of
unparalleled value in ensuring security and stability of a
complex system.


Witness the fact that when the Pentium "F00F" bug was
discovered last year, the Linux operating system had a fix
distributed within 7 calendar days, while Microsoft took more
than twice as long to issue a fix.


This is doubly important for mission-critical systems and
triply so for security-critical systems which may be subject to
hostile attack.  Indeed, many computer security professionals
of my acquaintance say that they _will_ _not_ use a system to
protect valuable data unless they and their peers are able to
examine the source code.



The second consideration is that an open software development
model can (sometimes) generate a surprising amount of quality
code at high speed.  The pre-eminent example of this phenomenon
is the Linux operating system, which in many ways has      
outstripped comparable proprietary operating systems in    
performance, features, stability, _and_ in time-to-market.



The third value in open source code is more controversial-- it
gives your users more control over the product.  An all-too-
common business tactic in the software industry is, as Scott
McNealy calls it, "proprietary lock-in", in which a company
deliberately makes their product incompatible with competing
products in order to ensure that the customer can't use that
product in conjunction with a competitor's product.  With the
current trend towards a convergence of interoperating software
products, this tactic is becoming increasingly oppressive to
customers.                                                   


This tactic is not possible with open source code,
because competitors, customers, or free-lance hackers can use
the open source in order to make the two products              
interoperable.                                               


Needless to say, not all in the business community would
consider this last feature to be a benefit.  (Although I think
that all in the business community would consider the first two
features to be a benefit.)



I hope that this letter has been of interest to you.  I have
been a software developer, industry-watcher, and open-source-
code enthusiast for years, and I was grieved to think that your
article might deter open-minded readers from considering the
full implications of an open source code strategy.


The idea of open source code has been a "fringe" concept for
decades (see seminal open-source advocate and hacker Richard
Stallman, www.fsf.org), and I'm delighted to think that with
Netscape's move, and with the rumored possibility that Sun will
open some of its Java source, that this idea could finally get
a fair hearing before the business community.


Regards,

Zooko, Journeyman Hacker

P.S.  Among software professionals that I know, the only ones
who make USD 100K/year or more are the ones who consider
themselves to be "hackers".  :-)







Thread