Home Open Source Companies urged to develop open-source use policies

Companies urged to develop open-source use policies

As more companies start using open source software (OSS), either knowingly or unwittingly, a policy for managing these assets, that takes into account both the advantages and pitfalls is vital, a seminar in Melbourne was told this morning.

Organised by law firm DLA Piper, the event was addressed by Bill Weinberg, a senior director at Black Duck Software, which provides advice and information on OSS management, and Alec Christie, a partner of the law firm DLA Piper Australia. (Pic above shows Christie and Weinberg).

The content was styled to provide an introduction to open source and how it could, and should, be managed, with Weinberg dwelling on the nature of open source software, while Christie spoke about the legal aspects surrounding its use.

Weinberg, who has been associated with open source for a long time, outlined the nature of OSS, and how it differed from its proprietary counterparts. He touched on free software and how it differed from open source, always a good point to mention as there is considerable confusion over this.

Weinberg did not advocate for OSS in any way. But he pointed out that from a pragmatic point of view, one had to get used to seeing its use in the enterprise. It was therefore better to know the nature of the beast, he said. As an example he pointed to a statement made by Carl-Eric Mols, the head of OSS at Sony Mobile Communications, wherein Mols said that more than 80 per cent of the software used in Sony's handsets was open source.

"Apart from phones that are running Windows or Blackberry's operating system, every single phone has open source software to a smaller or larger extent," Weinberg said.

Touching on the security aspects of OSS, Weinberg said that in view of the two major scares this year - Heartbleed and the Bash bug - one could not lay as much store by the famous phrase about free and open source software that "many eyeballs make bugs shallow" as one once did. But he pointed to a study by the firm Coverity that had found that line for line, open source code has a lower bug density.

Christie made it plain that he was more inclined towards the use of proprietary software. But again, he said he was pragmatic about the fact that more and more companies were using open source software. The technology consultancy firm Gartner has estimated that half the companies which had dipped their toes in open source would face challenges due to the lack of FOSS policy and management.

Prior to the seminar, Christie mentioned one case, of a company that was ready to go to market with a product catering to a niche area of the tech industry, and with the advantage of being 18 months ahead of any rivals. But an audit just before going to market revealed that lots of open source software had been used in the product and nobody knew the implications. A million dollars later, things were ready to go - but more importantly, Christie said, a lot of that time advantage was lost because of the last-minute hassles.

He outlined the various ways that OSS could enter one's company, for example from code contributed by developers to whom a particular job had been outsourced. Else, there could be OSS in acquired code and this was often the case when one company merged with, or acquired, another.

Christie dealt with both what he called the restrictive and permissive open source licences and pointed out that the copyleft licences were "very diverse, even for American drafting".

He gave a fairly comprehensive account of the complexities in open source licensing, a point illustrated by Weinberg earlier on when he pointed to the licence for "Beerware" where the author only wants anyone who uses his software and considers it useful to buy him a beer should they meet.

Christie urged the use of licences that were considered kosher by the Open Source Initiative. While there are hundreds of different open source and free software licence, only about 60 meet the 10-point test of the OSI.

In conclusion, he said an OSS policy should cover the relationship it had with proprietary software; a company should be aware of the different rules for different licences and decide on its attitude to code contributions. There should, preferably, be an OSS compliance officer, and reporting and record-keeping was paramount, he added.

Black Duck appears to be confident about the need for services in the ANZ region such as those it offers to the extent that its sales manager for the ANZ region, Martyn Reeves, and a marketing manager for the Asia-Pacific region, Keiko Hirano, were also present at the seminar.

LEARN NBN TRICKS AND TRAPS WITH FREE NBN SURVIVAL GUIDE

Did you know: Key business communication services may not work on the NBN?

Would your office survive without a phone, fax or email?

Avoid disruption and despair for your business.

Learn the NBN tricks and traps with your FREE 10-page NBN Business Survival Guide

The NBN Business Survival Guide answers your key questions:

· When can I get NBN?
· Will my business phones work?
· Will fax & EFTPOS be affected?
· How much will NBN cost?
· When should I start preparing?

DOWNLOAD NOW!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.