Opinion: Reasons To Shun Open Source-ry

Nov 29, 2003 (06:11 AM EST)

Read the Original Article at

Linux is not ready for the enterprise.

When I argued that point a month ago, I didn't really believe it. But I took the position to make a point about the need to properly justify IT decisions. Over the years, I've seen many IT executives lose their jobs or trash their careers because they made a decision that was obvious to them but could not be effectively defended to upper management or internal auditors.

A month ago, I believed that Linux was ready for the enterprise. How could it not be? It was being used by enterprises.

However, my opinion has changed and it has changed dramatically based on feedback from that column and talking to a wide variety of users. Now I wouldn't deploy this stuff in my own small company, let alone in an enterprise.

To many, open source isn't a technology or a product, it is a religion and just like dot-com fever, it will cause people to make foolish, unjustified decisions that will cost them and their employees their jobs, and cause big problems for their companies.

I now honestly believe that Linux and open source are big, bald-faced lies perpetrated on the industry by itself. This isn't the first time; the dot-com boom was like this as well. How many credible people told each other with a straight face that profit didn't matter? This seems much too similar to "free software" to me.

Let me clarify that I am not talking about those of you who have successfully deployed Linux as low-cost Unix, running packaged software. Nor am I talking to those who fully understand what open-source products can and can't do. The products can do much of what Unix products do--in most cases they are the same packaged software products and even cost the same. I met many open-source users who are talented, articulate and well founded. These people get it, and I wish I had one-tenth of their skills.

Much of what these informed people had done impressed me. These experts approached the decision process in a measured fashion, and after they considered Microsoft, decided to use another platform for good reasons. They didn't cover up problems, but addressed them. Many ended up with BSD instead of Linux simply to avoid all of the controversy associated with Linux while gaining similar benefits.

Many also deployed packaged products and had evaluated the Linux distributions based on the support from the packaged software vendor before making their choice. Not a single one of these impressive users argued that open source was free. They all had set expectations properly, and exceeded those expectations and performed solid, defensible work. One of the most impressive deployments is 1,000 AMD Opteron servers running mission-critical applications. The deployment is rock solid and resulted in well-documented savings over the Sun SPARC hardware that was previously doing the job.

Virtually all of the solid open-source deployments were Unix migrations. One of the top decision criteria was that the deployment and support teams were already expert in Unix, so the transition to BSD or Linux did not open the staff up to technical problems they were unprepared to face, or create problems with people that didn't want to learn new toolsets.

In the end, these successful deployments were defined by the experienced, technology-agnostic people who deployed them. It was also very clear that their views, experience and approach were in the minority of those that wrote to me after my last column.

I'll admit much of what follows could be called Fear, Uncertainty and Doubt. While FUD is something vendors do to discredit each other, my sources were experienced users of open source and Linux products. FUD can be an effective marketing tool, but it doesn't fix the problem. That being said, here are some of the key issues I believe are being covered up.

  • Too Much Litigation Risk: Not only is there risk from the SCO lawsuit, but I also received reports of many lawsuits brought by employers against their own employees for overzealous inclusion of the employers' proprietary code in open-source distributions.

    The SCO lawsuits, at the very least, show that discovery is incredibly easy with an open source product. In order to sue for intellectual property violations, you often have to get your hands on the source code of the defendants' products. That requires convincing a court to force the defendant to turn over the source code in a process called "discovery"; that process can be difficult.

    The pain associated with getting hold of proprietary source code is one of the things that limits intellectual property lawsuits for commercial software. But with open source software, the code is already available, out in the open.

    IBM, despite its representations that there is no risk, is not taking on the related liability of its clients. In fact, of contracts reviewed by the Yankee Group, only Microsoft has language that provides for this indemnification. Given the risk, I think every software vendor should provide indemnification for intellectual property risk, open source or not. There should be much more information on how to avoid this increasing exposure. If I'm concerned about being sued, I want information on how to protect myself, and not from someone who lacks legal experience or doesn't face a similar level of exposure.

  • Job Risk: Giga Information Group recently identified offshore outsourcing as one of the biggest trends in our industry. It singled out open source as the strongest technology driver for offshore outsourcing. I don't know about you but I'm not planning on moving to India any time soon, and I have a hard time feeling comfortable backing an initiative that puts my clients' jobs at risk, let alone my own. I have a feeling that if my clients lose their jobs to lower-paid workers overseas, I'm going to lose my income base. I don't see that as a good thing.

  • Behavior: Too many people think it is OK to use inappropriate language and behavior when arguing their point. Worse, when people go to open source forums with legitimate questions, they are often pilloried or subjected to some kind of hazing process. Many open-source developers respond as if new participants on a site are interlopers.

    I've blasted Microsoft and Dell for behavior that is trivial in comparison, so I don't see any point in treating open source differently. To my mind, there is no excuse for bad behavior.

  • Free: In many e-mails, the word "free" was used to describe open-source products. Some went so far as to say that paying for "ones and zeros" disgusted them. Frankly, I started to wonder if these folks slept through the dot-com years, or if they could even spell "economics." Labor costs money, as we've learned over time. It is clear that open source is a strong, low-cost replacement for Unix, and that most packaged applications for Linux and BSD cost the same as their Unix counterparts. The savings with open-source software mostly come from being able to use Intel and AMD server hardware rather than the more expensive proprietary servers required to run most Unix operating systems.

    But if management is expecting open source projects to be free, how do you exceed that expectation? The big enterprise software companies don't give away their applications, not even for Linux and open source. Assuming you want to advance in your company, why put yourself at risk by setting an impossible expectation? Here's more e-mail input from people who've used the products: Linux has lousy user interfaces; no roadmap or clear escalation path; incompatibilities between distributions; IBM, HP and others are all usurping the process.

    All platforms have problems. My concern is over what appears to be a user effort to cover up these problems. In the end, I see open source at a crossroads. The open-source community can either step up and address its faults, or continue to work furiously to cover them up and go the way of OS/2. I truly hope but sincerely doubt enough of you will make the right choice.

    Rob Enderle heads the Enderle Group, a company that will formally launch in September of 2003. He has been an external IT analyst since 1993. He is contemplating building an open source-free saferoom in his solar-powered home. He can be reached at