Don’t blame security breaches on open source technology – the problem is lack of oversight:

A hacker attack recently shut down the ad service OnRamp completely. In an official statement posted on its forums a few weeks ago, OpenX, the parent company of OnRamp, questioned the security of open source technology.

Another one about how to deal with OSS usage of your developers.

Open source strategies:

From time to time I advise a software vendor on how, whether, or to what extent it should offer its technology in open source. In summary, I believe:

  • The formal differences between “open source” and “closed source” strategies are of secondary importance.
  • The attitudinal and emotional differences between “open source” and “closed source” approaches can be large.
  • A pure closed source strategy can make sense.
  • A closed source strategy with important open source aspects can make sense.
  • A pure open source strategy will only rarely win.

Good stuff – for software vendors.

Pushing back against licensing and the permission culture – Luis Villa:

The open license ecosystem assumes that sharing can’t (or even shouldn’t) happen without explicit permission in the form of licenses. What if “post open source” is an implicit critique of that assumption – saying, in essence, “I reject the permission culture”? If so, license authors might want to consider creating options that enable people to express that opinion.

I had no idea… what about Public Domain, though?

Via a comment on sogrady’s post here.

Cloud Foundry, Forking and the Future of Permissively Licensed Open Source Platforms:

A week ago today a minor skirmish broke out on Twitter between Apprenda – purveyor of PaaS software – and advocates of the open source Cloud Foundry project, originally created by VMware. The major point of contention concerned forks; specifically forks of the Cloud Foundry project.

[...] Compatibility, ultimately, is the key to determining whether the forks which are so beneficial to development are a problem for customers. Java, for example, had multiple distinct implementations, which ensured competition and thus continued innovation to benefit customers. Compatibility, meanwhile, was tested regularly by a set of tests known as the TCK, or Technology Compatibility Kit. Without a passing grade, in fact, a given implementation could not use the name Java, and thus would not be acceptable to customers. This seems to be similar to the path Cloud Foundry, for one, is pursuing with its Cloud Foundry Core compatibility test.

Permissively licensed platform technologies – good or bad?

One Server Per Person

January 14th, 2013

One Server Per Person:

I have always been a bit curious of the open source communities support of Google. I have even seen distros include “web apps” that launch a browser to open Google Docs or Gmail. I can understand the reasoning, to a point. Good desktop applications are difficult to come by on Linux, (seriously, you can’t argue this point, don’t try.) while Gmail is an absolutely best of breed email client. However, given that you use a Linux desktop for the control over the platform it gives you, it is a curious choice to relinquish that control, especially over such personal information as email, to a closed source solution that just happens to be hosted on a server instead of your local machine.

I like the idea of personal servers (after all this blog is running on a personal server) to keep control of one’s data, however in my opinion just thinking about it in terms of “one physical (or virtual) server per person” is way too limiting.

If anything, the way to take this forward is to build a suite of personal services (mail, calendar, storage, messaging, compute, whatever…) that are distributed and secure. You likely have several devices that are always on, with cellphone, NAS, tablet, and maybe a webspace or hosted server somewhere. Now let’s build virtual services that are ignorant of where they run, and and are built with privacy, security and availability as primary design considerations (with usability and manageability not to be ignored either). That way, your personal cloud services can run anywhere, and everybody can have one.

It’s been a while I read something about Open Source in the enterprise, so here you go:

As the saying goes, free software is not free, and using open source software requires that organizations understand the legal framework of open source.

via Open Source Software: Compliance Basics And Best Practices.

Open Source Facial Recognition

September 5th, 2012

Following Facebook’s Shut Down Of’s Facial Recognition API, Lambda Labs Debuts An Open Source Alternative. Free to use, and Open Source? Very cool, but I doubt that’ll work out financially, unless the guys have very soon have very deep pockets, or a credible products that larger companies will want to pay money for. Good luck!

PS: I didn’t see Open Source code on their website, nor a mention of when they would release the code.

Great Bloomberg interview with Cloudera CEO Mike Olson on open source and big data.

Via the 451 group

Unix Philosophy in the DB World

November 8th, 2010

There’s a good article about the Unix philosophy in the DB world from the beginning of the year, remarking the importance of simple and standard protocols for the upcoming breed of NoSQL DBs. I thought this is a good follow-up to last week’s Open Source Databases, so here you go!

Matt Benjamin writes about the OSS DB ecosystem in Open Source Databases Have Come of Age, including NoSQL. Good summary!