Originally Published: Thursday, 11 May 2000 Author: D.H. Brown Associates
Published to: featured_articles/Featured Articles Page: 1/1 - [Printable]

Why Open-Source Software Matters to End Users: Countering Locked-Up Data and Locked-In Obsolescence

In April of 1999, research firm D.H. Brown Associates published a rather controversial study of operating systems, criticizing Linux for its lack of high-end features, while praising the operating system for Web-based management features present in some distributions. Today, D.H. Brown releases a study discussing the benefits of open source software, and what makes it the critical enabler of the Internet.

   Page 1 of 1  

Open-source software (OSS) is important to end-users since it is a critical enabler of the Internet, as much of the code that drives the Internet derives from OSS. In fact, all Internet, intranet, and extranet applications depend on OSS, since many servers on the Internet are built using at least some OSS for operating system, web server, mail, and other Internet infrastructure functions. While it is possible to construct the Internet and web applications completely with proprietary software, OSS counters the proprietary grip of vendors who lock up data and lock in obsolescence. OSS ensures that the web remains open and based on open standards.

Web computing fundamentally depends upon open access because more contacts lead exponentially to more potential value creation. For example, Bob Metcalfe, inventor of Ethernet technology, asserts the value of any number of interconnections - computers, phones, or even cars - potentially equals the square of the number of connections made. By developing reference implementations, OSS maintains open access to programming interfaces and data formats by accelerating interoperability at the communication, data, and management levels. In the same way, OSS also ensures conformance to standards.

OSS offers many advantages to customers who require freedom of use and distribution. This applies not only to the technically adept who need to customize software for specific environments, but also to those who desire a choice of vendors for technical support. Another benefit of popular OSS is reliability built on technical excellence due to widespread peer review.

However, OSS is not without its risks. Today, OSS offers good-enough scalability for many partitionable workloads. However, it does not scale to meet the demands of large shared-memory workloads such as traditional database or transaction processing. Also, OSS does not offer the most advanced technology or high-end function. Indeed, leading-edge capabilities arguably present too much risk and cost for ubiquitous and open web computing. Customers should consider their requirements and capabilities carefully when choosing between proprietary solutions and those based on OSS.

OSS matters because key elements of the web's foundation depend on OSS such as: Linux (34% of Internet servers), Apache (60% of HTTP web servers outside the firewall), BIND (100% of web address resolution), and Sendmail (70% of Internet mail traffic). Additionally, OSS such as MySQL and PostgreSQL are becoming popular low-end Internet databases. OSS web application servers such as Enhydra and Zope are beginning to penetrate the market as well. And finally, new projects in enterprise resource planning (ERP) and customer relationship management (CRM) are in the conceptual stage.

OSS is good news for end users since it reduces prices, increases freedom, extends standardization, and improves quality. OSS eliminates the risk of depending on a monopoly provider of a solution that locks end users in, often incurring high tolls, upgrade fees, and single-source technical support.

End users should evaluate the use of OSS in their web computing strategies and consider extending their use of OSS for competitive advantage.

The Payoff for End Users

Customers have many opportunities to gain advantage by using OSS, especially in web computing.

  • Freedom from dependence on proprietary lock-in. By making the source code available and by forcing suppliers to contribute enhancements back to the community, the open-source approach ensures that data formats and application programming interfaces (APIs) are known and accessible to all developers and customers. Competitive forces in an OSS environment hold proprietary vendors in check, making them conform to the open standards in widespread use. For example, popular Internet programs that employ open source code and that use open standards are TCP/IP, BIND (web address resolution), Sendmail, and Apache (leading web HTTP server). No proprietary vendor has a lock on these pieces of the Internet software stack1.
  • True interoperability standards. Building on freedom from lock-in, OSS guarantees that protocol, data, and system-management interfaces are available to all. This openness allows multiple suppliers to offer competing solutions, while retaining interoperability and its associated benefits for customers, integrators, and third-party software developers.
  • Customizability is a benefit of OSS. Access to the source code allows customers and solution providers to customize the software and optimize it to their particular solution. Such customization can enhance performance, functional capabilities, or interoperability with other software. The advantages of customizability are best exploited by the technically adept who are willing to manage their customized code.
  • Popular OSS gets exposed to peer review on a large scale, making it in general more reliable than closed software for low-end solutions or Internet infrastructure workloads. OSS has not been proven more reliable than traditional enterprise software, such as high-end, RISC-based UNIX, OS/390, or Oracle for large-scale workloads.
  • Linux and widely used Internet OSS(e.g., Apache) tend to get faster security fixes due to the fact that many people work on the code. Even the best effort of a closed software vendor will not match the size of a large OSS development team. The fact that many more people are looking at security issues will enable quick identification of a fix by someone from that large pool of talent. Additionally, OSS exposes users to much less risk of secret security holes or back doors, since the code is widely scrutinized. Users may not gain reliability and security benefits from new or less popular OSS offerings, since some maturity is required to build community support.
  • Customers get a choice from a menu of vendors for technical support. Paid technical support is a principle OSS business model. The availability of the code allows many vendors to offer technical support for widely used OSS. Resulting competitive pressures force vendors to offer high quality technical support. With proprietary software, the owner of that software nearly always is the sole source of technical support.
  • The fact that many university computer-science students learn OSS, makes development skills available for popular OSS. The wide availability of skills significantly reduces barriers for Internet developers, a fact that has enabled much of the most widely used software in the Internet software stack to derive from the open-source approach.
  • True OSS is free to use and copy without restriction. As long as developers return modifications to the community in accordance with the open-source license, customers may freely copy, redistribute, and resell OSS. Care must be taken with certain licenses (e.g., GNU's General Public License, GPL), so as not to directly mix OSS with development of proprietary software. However, proprietary solutions may be built on GPL software.
  • The initial price of packaged OSS is generally lower than for proprietary software. Since the code is available and multiple suppliers offer packages, competition drives down prices. Moreover, OSS packages may be bought once (or downloaded from the Internet for free) and copied as much as a customer or solution provider needs, further driving down initial costs. This is particularly valuable in replicated solutions such as branch offices or points of sale.
  • Customers also get to participate in the process of setting standards and requirements if they choose. This lies in stark contrast to proprietary software enhancements, into which customers often have little input and must depend on a single vendor for development. Standards committees, while defining open software, move terribly slowly. OSS allows broad community efforts to set standards and enhancement schedules as skills and requirements allow.
  • The most important aspect of OSS enables development of a reference implementation equally available for all, which ensures that different software solutions or parts of a solution can interoperate at the communication, data, and management levels. An open reference implementation licensed under an open-source license is important to avoid the fragmentation that occurred with UNIX. Since the reference implementation is open and equally available to all, no competitor has an advantage using that code base over another due to issues of access and ownership. In addition, having this open reference implementation accelerates development and ensures conformance to standards.

Customers face significant risks using proprietary software due to dependence on a single supplier.

  • High cost - Customers may face steep prices, upgrade fees, and tolls.
  • Locked up data - Data may get locked into obsolete, closed formats, which increases the difficulty of importing that data into a modern system.
  • Locked-in obsolescence - In certain segments, closed software is losing market share to OSS. Two examples of this are the erosion of second-tier UNIX markets to Linux and the declining popularity of proprietary HTTP web servers in favor of Apache.
  • Dependence on a single vendor's technical support - Proprietary software usually has a single source of technical support, which may be unreliable.
  • Bugs - In comparison with popular OSS, proprietary software may have more bugs, given the challenges of software development and the lack of open peer review.

Users should consider several decision criteria when deciding to extend their use of OSS:

  • Is the OSS solution good enough? A customer must look for congruence between business requirements and OSS solutions. Additionally, a customer must understand if an OSS solution under consideration is technically capable of solving the current and future business problems. If a mission critical application must never fail, a customer may want to consider using OSS for at least part of the solution. This is especially valuable when a proprietary alternative vendor has a poor reputation for technical support and the OSS solution offers multiple, strong support alternatives.
  • Does the solution require customizability by the customer or by the solution provider? Would access to the code allow for competitive advantage in configuration, performance, or flexibility? Many packaged software solutions offer the customer relatively little control of the configuration parameters (or the ability to hide them, such as OSS-based server appliances do). Certain solutions, such as scientific and technical computing, can yield dramatic improvements in performance when the solution developers have access to the source code of the operating system and infrastructure.
  • What are the price considerations for replicated solutions? OSS tends to be priced much less than proprietary alternatives. More importantly, it can be freely copied after downloading or purchasing the first copy. Additionally, OSS such as Linux and Apache require less hardware to yield the same performance for smaller workloads than Windows NT or traditional UNIX. Many small websites run on redeployed Intel 486 machines using Linux. A solution based on UNIX or Windows NT would cost much more.
  • What is a customer's ability to control the use of the source code in-house and utilize it for benefit? Does a customer have appropriate technical skills through in-house staff, a consulting firm, or a trusted services vendor? With rare exception, end users do not want to manage customized code. A customer's IT team does not want users changing the code in many different directions simultaneously, creating multiple "forks" or source trees to support. However, OSS can benefit IT and end users if the IT department retains control over the code while responding to end-user requirements. In fact, OSS may allow for quicker response time, since there may be many people around the world working on these requirements. It is better for the customer to depend on a solution provider or consultant to manage the code, working with these experts to get optimal business process results from the solution. This is an example of the "software as a service" business model.
  • Will the OSS solution scale over time to meet a growing business's needs? OSS scales well for certain workloads such as web and Internet workloads, scientific computing, and any readily partitionable workload using cluster software. However, most OSS is not scalable for shared-memory-optimized workloads such as large-scale transaction processing and databases.
  • Does the OSS solution provide enough functional capability and is its community of developers developing new capabilities? Evaluating the functional capabilities, planned enhancements, and the strength of the development community are key in evaluating use of OSS. A strong OSS project with a vibrant community is important for future enhancements.
  • Finally, what is the strength and breadth of vendor support? Customers must understand what options are available for technical support and the breadth of application support built on the OSS solution. In some cases, such as with a kiosk, a large application portfolio may not be required. On the other hand, general-purpose database server solutions are best built on platforms with widespread application support.

OSS Stack Description and Use Examples

As end users consider extending their use of OSS, evaluating its value and applicability to their business problems, they should focus on the areas of the software stack where OSS is both popular and strong. Significant segments of the Internet infrastructure stack are built from OSS, including operating systems, HTTP web servers, Internet infrastructure and development tools, e-mail, file/print services, parallel clustering, and low-end databases. Emerging areas include web application servers, e-commerce application suites, ERP, and CRM.

Linux and the Berkeley UNIX family (e.g., FreeBSD) are examples of open-source operating systems that are popular on the Internet for web serving. Linux has about 34% of the web servers outside of the firewall, according to a Netcraft (www.netcraft.com) survey. BSD holds a percentage in the low teens. These operating systems originally gained popularity due to their capability to use inexpensive or redeployed hardware to set up a web or other Internet site, as well as their use in universities. (See www.linux.com and www.freebsd.org for a wealth of information about the history, current projects, vendors and many other items relating to these operating systems.)

Apache is the most popular web HTTP server with 60% of the web servers outside of the firewall according to the Netcraft census. Apache became popular due to developer support, availability of skills, customization by solution and middleware providers, and price. Popular web application servers such as IBM's WebSphere and the open-source Enhydra are built on Apache. Apache has several projects underway to extend its capabilities particularly in the Java space with Jakarta. (Apache's website is www.apache.org.)

BIND is an open-source program that performs 100% of the web address resolution on the Internet. BIND stands for "Berkeley Internet Name Daemon," and is the de facto Internet standard for translating host names into IP addresses. Every time an Internet user types in a URL, such as www.dhbrown.com, that URL must get translated into a TCP/IP address such as 204.145.253.137 to get to the site. (BIND's site is at www.isc.org/bind.html.)

"Sendmail" handles an estimated 70% of the e-mail traffic on the Internet. Sendmail was the original Berkeley UNIX mail handler and has been instrumental in allowing the Internet to become a productive communication vehicle from its earliest days. Sendmail, Inc. was founded to provide commercial support for Sendmail and build value-add products such as their Sendmail Switch product line and boxed Sendmail solutions.

Many large and small web and e-commerce sites use OSS as a key part of their solution. Yahoo runs its site on OSS using FreeBSD, Apache and MySQL. Salon.com, a popular news media site, uses Linux, Apache with software written in the open PHP language. linux.com is one of the most popular sites for Linux and OSS. eMusic, one of the most popular sites selling music, uses Linux and Apache - its application is written at least in part in the OSS language Perl. myhome.com, a popular home-furnishing web store, uses Linux, Apache, and OpenSales' OpenMerchant, an OSS e-commerce application. These sites and many others use OSS due to the cost advantages, customizability, and support benefits highlighted above. Some sites have from hundreds of thousands of hits to millions of hits per day. Many more Linux and OSS-built sites are smaller and deployed on inexpensive hardware.

A good site with many customer references using Linux and other OSS is www.m-tech.ab.ca/linux-biz. In addition to using Linux and OSS for end-user solutions, many of these customers, including ISPs and networking companies, use Linux, Perl, and other OSS tools for their in-house Internet and software development.

OSS offers a strong file/print solution that is highly reliable and free - Samba running on Linux. Samba is an OSS suite that provides seamless file and print services to Windows, Linux, UNIX, and other System Message Block (SMB) and Common Internet Filesystem (CIFS, the latest SMB initiative) clients. Samba is freely available under the GNU General Public License. Samba server software runs on Linux, Windows NT, many versions of UNIX, and other operating systems. (See www.samba.org for more information.) Small companies and departments in larger companies typically use Samba for file/print interoperability among Windows, Windows NT, Linux, UNIX, and other systems. It is also used in large and/or complex deployments. Customers using Samba include Cisco, Sony, US West, United Railway Signal Group, and Weston Vinyls PLC.

Linux with the Beowulf parallel cluster solution is being used in many technical computing applications. The Beowulf Project was started at CESDIS, which is operated for NASA by USRA, in the summer of 1994 with the assembly of a 16-node cluster developed for the Earth and space sciences project (ESS) at the Goddard Space Flight Center (GSFC). The project quickly spread to other NASA sites, other research labs, and universities around the world. A long list of government laboratories and universities using Beowulf for various scientific and technical computing projects is available at www.beowulf.org. Notable examples include Oak Ridge National Lab, Los Alamos National Laboratory, and the Geneva Observatory. Additionally, several oil industry firms have been looking at or moving to Linux with Beowulf. These technical solutions use Beowulf, Linux and Intel hardware to gain up to a 10 times price-performance advantage vs. RISC or other technical clusters. Armeda Hess was one of the more notable adopters using Dell systems.

E-commerce and departmental database servers may be built with the open-source databases MySQL or PostgreSQL. These databases are typically used for serving up dynamic web pages and for small company or departmental workloads. OSS databases are not yet ready for large-scale, traditional database processing such as IBM's UDB or Oracle can provide. They also do not support transaction processing at this time. While OSS databases are used for low-end solutions and do not yet compete for large-scale or transactional workloads, improvements are forthcoming. It will be interesting to see how far up into the enterprise these OSS databases go.

As of late 1999, roughly 15% to 25% of Linux servers have a database installed on them. The traditional databases, such as IBM's UDB, have recently began to ship on Linux. Most of these are presumed to be OSS databases on smaller Intel servers.

MySQL has an interesting business model that releases the older version of MySQL as a free open-source application and charges for the current release. This is much different than a closed software business model such as Windows NT, where each new release gets more expensive and the older releases rarely, if ever, get a price reduction. Rather, vendors drop support for older versions of closed software as quickly as they can.

Customers of MySQL include: Expo2000 (web ticket sales), several focused search engines, and reportedly, eToys (a large, online toy e-commerce site). More information on MySQL may be found at www.mysql.com.

PostgreSQL users include: Austria Telefon and Country Codes, PIPSE Information System Co. (Retail POS), and Sur-Guard Security Communications (for project tracking and a time sheet utility). PostgreSQL's website is www.pgsql.com.

Web application server software is an emerging area for using an open-source solution such as Zope and Enhydra. Traditional vendors - such as BEA, IBM, and iPlanet - sell web application server software to extend basic HTTP servers, adding support for servlets, enterprise Java, and XML. A couple of OSS alternatives, Zope and Enhydra have emerged, offering the benefits of OSS to end users and solution providers who want to leverage the unique business proposition and value of OSS. Especially interesting is the price: an OSS solution is free, while the traditional vendors charge up to $10K-$35K per processor for their web application servers. The OSS web application server offerings today appear to offer less functionality for the enterprise than the traditional vendors, but no one can yet predict how their functionality will evolve in the future.

Lutris (www.lutris.com) commercializes Enhydra and offers OSS community support, technical support, and professional services. Also, VA Linux, Red Hat, and TurboLinux are partners of Lutris. While Enhydra has only been released to the OSS community in January 1999, it already has hundreds of developers contributing, ensuring future functionality enhancements. Recently, Enhydra 3.0 was released, which includes support for an enhanced XML compilation that offers additional speed. Enhydra customers include FedEX, Huffy Sports, and Time Warner Communications. Enhydra's website is www.enhydra.org.

Digital Creations (www.digicool.com), an Internet consulting firm, provides commercial support and services for Zope. Zope can help a customer create dynamic web applications such as portal and intranet sites quickly. Zope comes with support for membership, search, and news. Zope currently does not support Enterprise Java Beans (EJB). Bell Atlantic Mobile, NASA, the U.S. Navy, and Digital Garage (a Japanese entertainment e-commerce site) all use Zope. Zope's website is www.zope.org.

OpenSales' OpenMerchant software offers an alternative to a web application server that provides solutions for product display control, cross- and up-selling, order and inventory management, and search tools. By building object, transaction, and other web-application-support features into a set of Perl applications and tools, one can create e-commerce applications without needing a web application server. This is an interesting approach, particularly for B2C low-end and medium transaction workloads. It remains to be seen how this approach scales to B2B and larger-scale transactional workloads.

MusicNow, which owns the Woodstock.com site, uses OpenMerchant for its online retail offerings. It was able to coordinate multiple vendors during the live Woodstock '99 event through customized OpenSales services. Shipper.com runs its InstantShip.com operation on the OpenMerchant platform. MyHome.com, a resource for home furnishings and design, has been fully integrated and customized on the OpenMerchant platform to support over 1,400 retail items. The portal's interface has been designed by OpenSales to integrate real-time web inventory into an existing warehouse system. More information can be found at www.opensales.com.

Enterprise Resource Planning (ERP) is a new area in OSS - FreeERP and Open Resource Planning projects are now underway. FreeERP aims to provide a complete large-scale accounting and business-management system with integrated Rapid Application Development (RAD) tools. It uses an n-tier client-server approach with XML middleware (XMM-Lib), a Linux back-end, and any front-end (e.g., GTK, KDE, Mac, BeOS, PalmOS, Win32, or web).

Open Resource Planning (OpenRP) is in the conceptual stage at the moment. OpenRP aims to provide a modular, multi-layered, client-server application that is designed as a resource planner for enterprise solutions, including (re)manufacturing and supply chains.

These projects are in the conceptual stage of development, so it remains to be seen how they will impact the markets that purchase traditional software to solve these business problems. Depending on the business model and quality of talent these projects have, however, they certainly have the potential to penetrate the low end of this space over the next few years. More information can be found on VA Linux's Sourceforge website (www.sourceforge.com) by performing a search for ERP.

And finally, there is a customer relationship management (CRM) open-source project: OpenSourceCRM. The OpenSourceCRM project intends to build a complete, robust, and easy-to-use suite of CRM applications that comply with the open-source definition. This project is also in the conceptual stage. Future impact on the market is unknown and depends on development and marketing talent, support, and commercial adoption at the low-end to start. Additional information can be found at the Sourceforge website (www.sourceforge.com) by performing a search for CRM.

1 The Internet software stack includes the operating system, system infrastructure software (e.g. web server, mail), middleware (e.g., databases), and applications (e.g. customer relationship software).

D.H. Brown Associates, Inc. A summary of this report is available to all of our subscribers free of charge. Sponsors of our collaborative programs in Systems software (SS) and Web-Enabled Enterprise Infrastructure (WEEI) receive the full report as part of our comprehensive services. Those interested in the program should contact Bill Moran, Research Director, Open Systems at moran@dhbrown.com or 914-937-4302, ext. 230.

This research paper is copyrighted by D.H. Brown Associates, Inc. All rights reserved. Published with permission from D.H. Brown Associates. For more information about this and more research from D.H. Brown, please visit their research page.





   Page 1 of 1