August 15, 2005
(Computerworld)
... a sensitive issue in the open-source community. According to Mitchell Baker, president of the Mozilla Foundation in Mountain View, Calif., "Anytime money gets into the picture, people get suspicious." Baker was explaining to an audience of open-source
developers at the O'Reilly Open Source Convention in Portland, Ore., earlier this month why she feels her nonprofit organization needs a for-profit sister company to promote and manage the world's No. 2 Internet browser, Firefox.
The money problem inside the open-source world stems from the fact that most developers who contribute to open-source projects do so for free, while some individuals build successful companies around those projects and profit from them. Paul Everitt, executive director of the Plone Foundation in Houston, which promotes the Plone open-source content management software, says, "If you want to attract developers, you can't give off the smell that someone's going to make a lot of money" while leaving the developers in the cold.
Winston Damarillo, CEO of Simula Labs LLC
Winston Damarillo, CEO of Simula Labs LLC, a venture capital business that nurtures open-source companies, acknowledges that there's "a little bit" of resentment among some open-source programmers. Damarillo, who recently sold open-source application server firm Gluecode Software Inc. in El Segundo, Calif., to IBM , proudly says, "We produced a few open-source millionaires." But he stresses that his goal is to offer the "inner core [of developers] of an open-source project to be co-founders" of the companies that Simula Labs will launch.
Zach Urlocker, vice president of marketing at MySQL Inc.
Damarillo argues that people in the open-source community have much to offer the IT industry. "The biggest loss for open-source is if developers become salaried employees instead of entrepreneurs," he says.
Open-source code can pose legal ...
... headaches for IT departments if they don't carefully manage the Byzantine licensing requirements. Paul Henderson, vice president of marketing at Black Duck Software Inc. in Waltham, Mass., claims that his company's knowledge base includes nearly 600 different licenses and their terms. He says Black Duck's ProtexIP software will analyze your code to make sure you're in compliance with the various terms demanded by these agreements.
Mark Tolliver, CEO of San Francisco-based Palamida Inc., which offers a competing product called IP Amplifier, says open-source license management tools are essential because developers slip free but licensed code from the Internet into corporate projects. And, he says, IT managers involved in mergers and acquisitions need a license evaluation tool to review code to ensure that software assets they are acquiring meet IT policies. Tolliver says that because IP Amplifier can scan your code, a logical extension for IP Amplifier in the future will be to also scan for export-control compliance and security deficiencies.
A licensed version of Black Duck's ProtexIP starts at $25,000. An ASP version begins at $3,000. Palamida's IP Amplifier starts at $5,000 per developer.
ForeScout's CounterAct security appliance
... of your network, then block the source. That's the "simple" technique used by ForeScout Technologies Inc. in Cupertino, Calif., says Ray Wizbowski, senior director of market development. Its tools detect outsiders who ping devices, sweep network ports and use other hacking techniques, then they refuse the source of those recon efforts to reach your network. The Aug. 22 release of its CounterAct 5.0 appliance software will be able to determine whether endpoint devices accessing the network are compliant with policies regarding antivirus software, patches and other conditions set by IT. Pricing starts at $12,000.