How Should Open Source Development Be Subsidized?

"Open source maintainers are exhausted and rarely paid," writes TechCrunch's editorial manager. "A new generation wants to change the economics."

An anonymous reader quotes their report: [Patreon] is increasingly being used by notable open source contributors as a way to connect with fans and sustain their work... For those who hit it big, the revenues can be outsized. Evan You, who created the popular JavaScript frontend library Vue.js, has reached $15,206 in monthly earnings ($182,472 a year) from 231 patrons... While Patreon is one direct approach for generating revenues from users, another one is to offer dual licenses, one free and one commercial... Companies care about proper licensing, and that becomes the leverage to gain revenue while still maintaining the openness and spirit of open source software...

Tidelift is designed to offer assurances "around areas like security, licensing, and maintenance of software," CEO Donald Fischer explained... In addition, Tidelift handles the mundane tasks of setting up open source for commercialization such as handling licensing issues... Open Collective wants to open source the monetization of open source itself. Open Collective is a non-profit platform that provides tools to "collectives" to receive money while also offering mechanisms to allow the members of those collectives to spend their money in a democratic and transparent way.
TechCrunch warns that "It's not just that people are free riding, it's often that they don't even realize it. Software engineers can easily forget just how much craftsmanship has gone into the open source code that powers the most basic of applications...

"If you work at a for-profit company, take the lead in finding a way to support the code that allows you to do your job so efficiently. The decentralization and volunteer spirit of the open source community needs exactly the same kind of decentralized spirit in every financial contributor. Sustainability is each of our jobs, every day."

Free is free.

[AHuxley]

You doing that after work. On weekends. For the community.
Work in your free time so the programs you support do one thing and do it well.
Dont have a lot of free time? Consider the work and support needed for the next systemd.... before starting a project.

Re:

[Anonymous Coward]

I agree to a large extent, after all it was the developer who chose to start working on their project and nobody forced them to.

However, it's not quite that simple. I personally write software that I want to use myself, but I add features that users request or that I think users would want, even if I don't want them myself. This vastly increases the development effort, and software I could write quickly to meet my own needs ends up being hugely time consuming. It can become rather stressful, and it would

Re:

[arth1]

However, it's not quite that simple. I personally write software that I want to use myself, but I add features that users request or that I think users would want, even if I don't want them myself. This vastly increases the development effort, and software I could write quickly to meet my own needs ends up being hugely time consuming. It can become rather stressful

Then don't do it.
If it's important enough, someone else will pick up the ball, or design a new and better ball. If it isn't, it isn't; don't let your vanity get in the way.

Re:Free is free.

[lkcl]

You doing that after work. On weekends. For the community.

Work in your free time so the programs you support do one thing and do it well.

*NO*. this is extremely dangerous advice, for certain classes / types of projects: those with extreme complexity. you're no doubt familiar with the adages and articles that have made the rounds here on slashdot: the ones about attention span (how it takes 20 minutes to recover from interruptions), about information retention (the "7 things in your head" myth), and so on.

an article that *hasn't* made its way onto here in the 15+ years i've been on slashdot is the difference between, and purpose of, electrical and chemical neuron memory. electrical is the short-term "immediate" memory. it's what you lose if you get hit on the head. chemical memory is long-term retrieval and it's much more difficult to access ("it's on the tip of my tongue", "just sleep on it", "author syndrome" and so on).

what happens is that things that you can't recall and those things you're not recalling regularly are swapped over during sleep. it's why you can remember things if you're working on them regularly, and why if you're struggling to remember something you can do so the next day (it's also why not getting decent sleep before exams is not a good idea).

you should by now have the basics of why i'm posting this, but it's worth explicitly writing: certain kinds of complex tasks, which require *significant* information retrieval and cross-referencing, as well as creativity *and* engineering, are just far too much for any human being on the planet to achieve without ***FULL TIME*** focus.

reverse-engineering is one such task. it literally took me six to eight weeks in some cases to find a single bit amongst hundreds of packet replays, that one bit being responsible for whether it was possible to proceed to the next packet or not. that was six to eight weeks FULL TIME at 12 to 14 hours a day.

and that resulted in me going into serious, serious debt... which i'm still paying back, over 12 years later! why? well... was any fucking fucking fucker paying me to do that work? was anyone fucking well giving me money to do that work? no they fucking well weren't. and when that work was released under GPLv2+ licenses, what did people do? they went "oo thank you very much, i'll have that, it saves my business an absolute fortune"... completely failing to reward or compensate me for that work. some other free software projects actually even blatantly copied my work (used it as a template) and failed to give credit so it's not even *known* that i did that work.

several people in high-profile projects - myself included - have not been properly compensated for our work, and gone into serious, serious debt as a result. the gentoo developer who ended up with USD $40,000 of credit-card debt and had to get a job with *microsoft* of all companies. the GPG developer who ended up with USD $10,000 of debt despite the fact the GPG is one of *the* most widely-used security programs around!

the only reason why certain critical software projects (openssl for example) actually started to get funded a few years back was because of shellshock, heartbleed and other serious vulnerabilities. companies started to realise that they were making an absolute fortune but were spongeing off of peoples' expertise and not properly paying them to be able to do the work to fix even basic security vulnerabilities.

so no. it is NOT the case that everything can be broken down into the unix maxim "do one thing and do it well". certain classes of engineering projects simply do not succeed until they have reached a particularly high level of internal complexity (DCOM is one extremely good example, i won't go into details like i have in the past).

to imply that *all* free software projects can be broken down into small tasks that can be done "in people's spare time" is to completely misunderstand software engineering and to do free software

Re:

[Anonymous Coward]

I find your attitude strange. To the best of my knowledge, no one is compelling you to work on open source software and there has never been a promise by anyone to pay you for your work on open source software.

You're terribly naive if you believe corporations, many of which are filled with unethical people, will pay you for something that they can get for free. If you really want to get paid, you should have refused to do anything until it was agreed that you would be paid. Barring that, another way to get

Re:Free is free.

[lkcl]

Oh shut up, you live in Taiwan, you need like 50 dollars a year to live there.

actually it's around USD $1200 a month ($400 for rent, and food for myself and my family is around $700, because things like butter cost around USD $3 for 250 grams, and a 1L bottle of milk is around USD $4). if i was in taipei city that would be around USD $3,000 or above, as rent there is about the same level as shenzhen, london and cambridge.

Re:

[drinkypoo]

You're in Asia and consuming dairy like you live in the West? What other expensive ways in which you're refusing to integrate are driving up your cost of living?

Re:

[NicknameUnavailable]

Are you kidding? Dairy isn't exactly a luxary - eating healthy isn't something you should expect people to give up to have the privilege of spending their lives writing free shit for you. Hell, if he takes his family out to eat 7 days a week at a nice restaurant it still wouldn't be out of line with the level of work he's doing. "Open source" isn't supposed to translate to "slave labor." People should be rewarded for pursuing their passions when those passions benefit others - God knows one guy in a per

Re:

[NicknameUnavailable]

What most of the world does is irrelevant, besides which he has kids which suggests it could be for them. If you do quality work you deserve a quality lifestyle, just because you find something you enjoy doing doesn't negate that.

Re:

[drinkypoo]

"What most of the world does is irrelevant, besides which he has kids which suggests it could be for them"

Who it's for is irrelevant because it's not healthy for children, either. What most of the world does is relevant, not only because most of the world has children.

Re:

[NicknameUnavailable]

This conversation has diverged significantly from the substance of the post you had originally responded to. How someone spends their resources is irrelevant, the resources they get should be comparable to the job done.

Re:

[drinkypoo]

How someone spends their resources is irrelevant, the resources they get should be comparable to the job done.

The resources they get are comparable to the value of the job done. If they did it for themselves, then they got the software. If they did it for someone else, then they should have done it for money, or other compensation. No one is entitled to profit simply because they performed work. If the work they did was really valuable to someone, they would have paid for it. QED, they are getting fair value for their work, whatever they are getting.

If you want people's needs to be met, I'm with you. If you think p

Re:

[NicknameUnavailable]

What he's describing is something many people benefit from. Just because corporations are the standard way of receiving compensation for work done doesn't make them the only way, or even something remotely fair to the people doing the work. In fact, the only thing corporations really have going for them is their own stability in the modern economic environment, they are often slow to innovate (not as bad as educational institutes, but not that far ahead either,) resistant to change/adaptation, and most im

Re:

[sfcat]

"Are you kidding? Dairy isn't exactly a luxary - eating healthy isn't something you should expect people to give up"

What's healthy about eating dairy? It's a lousy way to get calcium or vitamin d, and literally only certain WASPs and their descendants have the gene for digesting dairy in adulthood. Don't get me wrong, I love butter, but I don't imagine that it's health food. Most of the world consumes very little dairy, all of it cultured.

Well, cultures that don't consume much dairy are generally shorter, less healthy and die earlier. And its absolutely the most efficient way to get calcium but seeing as you need calcium for your brain to function well, you might not realize it. I'm sure you think taking vitamins is the best way to get calcium but most of that calcium will get passed right through you as we are not evolved to digest pills. And you can't digest milk because you stopped drinking it at some point (probably before or during c

Re:

[drinkypoo]

Well, cultures that don't consume much dairy are generally shorter, less healthy and die earlier.

The longest-lived and healthiest people on the planet eat little dairy [time.com].

And its absolutely the most efficient way to get calcium

That is a total falsehood [harvard.edu].

I'm sure you think taking vitamins is the best way to get calcium

That's because you're an assumption-making moron. I said literally nothing about supplements.

And you can't digest milk because you stopped drinking it at some point (probably before or during college)

I consume dairy all the time, so I can digest it just fine. However, I am not a moron, so I can acknowledge that it might not be a healthy behavior even though I am engaging in it. Sorry about your cognitive dissonance!

Also, fuck you for using open source software and then trying to deny the folks that built that software basic food stuffs.

Aww, you're cute. But that's not even vaguely close to what I'm doing. He was complaining about his h

Re:

[Anonymous Coward]

literally only certain WASPs and their descendants have the gene for digesting dairy in adulthood

Why not just say white? White northern Europeans adapted to digest lactose in adulthood, long before there were Anglo-Saxons or Protestants.

Re:

[dcw3]

I don't think you know what you think you know about dairy consumption.
https://en.wikipedia.org/wiki/... [wikipedia.org]

Re:

[grep -v '.*' *]

Consider the work and support needed for the next systemd

Oh GOD, there's not enough drugs in this world to envision and design another Yet-Another-SystemD. Please save us from this horror. Oh, the humanity!

No, wait : that's not a bad idea after all. We could call it DSystem, also design and implement it half-assedly, and if we're really, REALLY lucky they'd cancel each other out, just like matter and anti-matter.

I'm moving to *BSD -- no reason. Also, and just for fun, going to install and try Devuan. (Can you tell how much I enjoy systemd?) Really, it's g

Re:

[AHuxley]

One new thing that can do many, many hidden things :)

Re:

[angel'o'sphere]

Depends what your goal is, this is a stupid advice.

In most jurisdictions work contracts (can) demand that work that you do outside of ordinary work hours fall under "copyright" of your employer, more precisely: your employer has the right to demand that you hand them out and can distribute them how ever he sees fit. Of course he has to compensate you for that, and of course you don't lose your "moral rights" (and probably you can still distribute them under a FS/OS license in your own name).

Re:

[pjt33]

In most jurisdictions...

Citation needed.

Re:

[angel'o'sphere]

There is no citation needed.
I live in such a jurisdiction, and most likely you do, too ... just check your work contract.
I once had such a contract.

Re:

[pjt33]

My contract is pro forma because in the jurisdiction where I live the majority of terms of employment are negotiated by trade unions and chambers of commerce and then passed into law by the government. But anywhere in the EU that kind of claim should be laughable because a personal project is clearly not work for hire: your employer hasn't asked you to do it, hasn't assigned you time or resources to do it, hasn't contributed to the spec, ...

Re:

[angel'o'sphere]

Union and center of commerce contracts are not converted into law, why would they?
A contract between a union and part of the industries is enough.

a personal project is clearly not work for hire
But the employer reserves the right to convert it into a project for hire and has the rights to use it if he compensates you accordingly AND if it is written in your work contract. You probably missed that part of my argument.

Re:

[pjt33]

Union and center of commerce contracts are not converted into law, why would they?

Maybe not in the jurisdiction where you live, but my point from the beginning has been that you're extrapolating from that jurisdiction when you shouldn't. For example, the current "collective agreement" for consulting and market research companies [www.boe.es] (official website of the Spanish state), which applies to all companies in the sector in Spain unless there's a regional one to override it or the employee and employer have negotia

Re:

[angel'o'sphere]

that the moral rights belong to someone other than the natural person who created the work
You mix up copyright with moral rights.
The moral rights _always_ stay with the creator.

Again: you miss the point which I pointed out now several times: it is a question of your contract, not a question of law. Your contract can define that your work outside of your working hours fall under copyright of your employer (you retain moral rights). However if he wants to claim it, he has to compensate you for the work hours

Re:

[Anonymous Coward]

If we're talking about subsidizing software, why does it even have to be FOSS? If there's a more self sustaining way of producing software that helps people in a non-profit or even for profit manner, why not look to that instead?

We need the FOSS software because we have seen the risk of having things that we can't look into. Software companies put in spy systems like Microsoft Telemetry or the Android spyware Chinese manufacturers add to their phones. Governments insist on ways to break the cryptography and we can never see them without the source code.

Unfortunately, Microsoft, together collaborators like ESR, have convinced us that we don't need strong copyleft any more. It was copyleft which sustained Linux as a single coopera

Re:

[Humbubba]

If I'd a point to give, you'd have it. This is well thought out, opinionated and insightful. Might not see eye to eye, but that's all the better. Well done.

Re:

[DontBeAMoran]

You may not consider $182,472 a year hitting it big in your country but in a lot of places that would afford you pure luxury.

Re:

[Drethon]

You may not consider $182,472 a year hitting it big in your country but in a lot of places that would afford you pure luxury.

In places in the US that is true too. Where I am you can live comfortably and still save money with a quarter of that every year, anything more can pretty much go to luxuries.

Re:

[drinkypoo]

There are literally only a handful of places in the USA where that's not enough money to become a homeowner. SF, NY, etc. That's good money. Some people made millions through stock options in the last big tech bubble and that has affected some people's notions of what good money is. It's not fuck you money, but we have too much fuck you in our society already.

Re:

[NicknameUnavailable]

Depends where you live. In rural areas more than 100k is essentially free of any financial burden - in cities it might well take 300k to break even on bills.

Re:

[pjt33]

in cities it might well take 300k to break even on bills

And caviar suppliers can get very upset when you're late paying their bills...

I've seen the complaints about raising minimum wage to $15/hr in California. At 80 hours a week, that would give $60k. So if it takes $300k just to pay the bills, either you're doing it wrong or everyone working minimum wage in SF and LA shares a flat with two other families.

Re:

[NicknameUnavailable]

If you're putting in 80 hours a week you need about 100k just to cover living expenses which arise from lack of down time (another 100k if you count the inevitable medical expenses.)

Re:

[JackieBrown]

This is dumb. Why do you think housing and pricing for goods would stay at a flat rate if you raised the minuim wage.

If anything, SF and NY are great examples of what happens of how everything cost more when you have so much money in a local area.

Re:

[pjt33]

I think a "whoosh" may be in order. My point is that if a raise to $15/hr would mean that people have to work 400 hours a week to "break even on bills", current minimum wage would require working more than 400 hours a week. And since there are only 168 hours in a week, I'm pretty sure OP was confusing luxuries with bare minimum essentials.

Make it easy for companies to contribute. Sell it

[raymorris]

I've spent several years being paid to do open-source development full-time. The Moodle project made it easy for my organization to contribute. In fact, that's mostly what the maintainers did - maintain the community and developer documentation, not write the code.

First, the software is modular. One can write a Moodle module without touching the rest of the code, or even understanding it. The Apache web server and Linux kernel are similarly modular, and I've been paid to write modules for both.

There are example modules of various types, and how to showing how to develop for Moodle.

There is a well-maintained forum, both user forum and developer forum.

Unit tests are included and easy to run.

Utility functions are included, so you don't have to know *how* Moodle does things, the internal functions, you just call "add block" and Moodle adds your block to page.

All of the messaging welcomes participation and contributions.

All of these things encourage business, government, and non-profit organizations to contribute - meaning paying their employees to contribute.

What Moodle didn't do was offer the ability to BUY Moodle directly from the people who run the project. You CAN sell GPL software. You just can't prevent other people from selling it under a different name. The government agency I worked for probably would have purchased it if they could have. Competing proprietary software sells for thousands of dollars per year, so $500/year, or $200/year, would have been seen as super cheap. Even though we could get the same product for free, I would have encouraged them to buy a copy, and I think they would have done so.

  Moodle allows you to DONATE, but as a government agency we weren't allowed to just give away tax money. We WERE allowed to purchase software, and there was no law that we couldn't buy software if similar software is available for free.

These companies sell Moodle support

[tepples]

Your agency could have bought expert support for Moodle from a U.S. support partner [moodle.com].

Could have. Cost more, contribute less

[raymorris]

I started to mention that program. The official partners are listed on the Moodle page, can use Moodle trademarks, and send a portion (10%?) of sales back to Moodle HQ. That's a good program.

Because they had (needed) a Moodle developer in-house, third-party support wasn't what they needed. They explicitly did not want to slowly become dependent on a vendor. Buying support through an authorized vendor would have cost them more than paying $500/year, and Moodle HQ would only get 10% of it or so.

That said,

Prestige

[wolfheart111]

I'd take that over money any day :)

I like prestige, and need groceries

[raymorris]

Myself, I enjoy prestige. I like that my name is in the kernel changelog.

I NEED money. I HAVE to eat, and my kid has to eat.

Prestige is nice, money is required. Given the choice between no money and lots of prestige, or the opposite, I'd take the money, so my kid can eat.

I was fortunate to be able to get paid to work on open-source for several years. I'd like to do that again, but due to changes related to globalization I don't think that's very likely to happen. Not for me at this point in my career.

Very early in my career, it occurred to me that if I wanted power, fame, and money, I should start with fame. Being very well known carries with it a degree of power - even Instagram models and other "social influencers" have the ability to influence others by being well-known. If you well-known for being very good at something, being an expert, that's more power - Stephen Hawking influenced a lot of people, and his opinions could sway others. Heck, even being really good at basketball set Dennis Rodman on a path to influencing international relations. Not deciding them, but influencing them. Once you have game and influence, it's not that hard to leverage those to get money. Especially if you're well known for being very good at something, people will pay you to do that thing - or write books about it. So fortunately you don't have to choose between prestige and money, long-term.

For people early in their careers, or stagnating, making significant contributions to open source can add some prestige to their resume, which can definitely lead to more money. Once or twice in interviews I've had the good fortune to be asked of I was familiar with certain software and been able to say I've helped write that software, I've contributed to it. Someone asked if I know LVM (a major part of the Linux storage stack), I mentioned that I'm the maintainer of the Linux::LVM Perl module. (Which needs a new maintainer, btw, and probably a rewrite to the API).

Re:For U

[wolfheart111]

"The first time I changed the world, I was hailed as a visionary. The second time I was asked politely to retire. The world only tolerates one change at a time. And so here I am. Enjoying my "retirement". Are you a retired Visionary... ? Of course this part :( "Nothing is impossible, Mr. Angier, what you want is simply expensive."

"Free" software isn't free

[Tony Isaac]

This is an unusual recognition that free software isn't actually free. I love free and open source software, I use it regularly, and have contributed to open source efforts. But one thing the FOSS community sometimes forgets is that creating software costs time and money, lots of it...at least, for anything that's any good. SOMEBODY has to pay for it. If somebody is motivated to pay for it, great! We ALL benefit! But if nobody wants to pay for it, maybe it isn't worth so much, or maybe it needs to be...sold

Re:

[TheRaven64]

But one thing the FOSS community sometimes forgets is that creating software costs time and money, lots of it.

No it doesn't. This is something that the FOSS community explicitly acknowledges. The difference between Free and Proprietary software is that FOSS acknowledges that copying software doesn't cost money. The premise of TFA is flawed, because a lot of people are paid to develop FOSS, but they're not paid to produce copies of it. If someone wants a feature added to a FOSS program or library, then they can pay either the original author or someone else to develop it and that's how a huge amount of FOSS is f

Re:

[Tony Isaac]

FOSS acknowledges that copying software doesn't cost money

This is a simplistic view.

If the software's "user" is technically-inclined, and perhaps willing to modify the source code of the software he copied, then in a sense the copying didn't cost the author any money. But if the software is intended to be used by large numbers of people, including those who are not so technical, then copies do indeed cost money, in the form of customer support and bug fixes for disparate configurations.

Now, it would be nice to have an easier mechanism for 1,000 people to each pay for 1,000th of the cost of developing a new feature

I think you just invented software license fees.

Why should it be subsidized by anyone?

[brainchill]

Ok, you got past the clickbait ..... basically my answer is why should it be subsidized by anyone, UNLESS, they have a vested interest in seeing changes/core features added to whichever part of the software that they are particularly interested in ...... so the answer is .... the people working on the projects in their spare time for fun, do it as long as it's fun for them, and when it isn't, when it starts feeling like a job, either find someone that values your contributions and get them to pay you to wor

Re:

[sfcat]

Ok, you got past the clickbait ..... basically my answer is why should it be subsidized by anyone, UNLESS, they have a vested interest in seeing changes/core features added to whichever part of the software that they are particularly interested in ...... so the answer is .... the people working on the projects in their spare time for fun, do it as long as it's fun for them, and when it isn't, when it starts feeling like a job, either find someone that values your contributions and get them to pay you to work on it, or stop and do something else.

Because most of the folks who use that FOSS aren't aware they are using it, but you better believe that if that software breaks they get upset. The folks who use those libraries should be buying maintenance contracts on that software. That was the original business plan for FOSS. Of course, plenty of folks never contribute either with code or maintenance contracts.

The funny part of all of this, is that currently there is a lot of recognition by the business powers that be that bad software is now a ser

Re:

[ChatHuant]

The folks who use those libraries should be buying maintenance contracts on that software. That was the original business plan for FOSS.

But this business plan creates all the wrong incentives. If you want to make money from maintaining your open source software, you need to make maintenance necessary - but if your software is good enough to begin with, people won't need maintenance, and you won't get paid.

On the contrary, that creates an incentive to make the software buggy and incomplete. Businesses will need to hire you to fix issues and develop missing features. Also, if maintenance is too easy, a business could just hire some cheap int

Re:

[sfcat]

The folks who use those libraries should be buying maintenance contracts on that software. That was the original business plan for FOSS.

But this business plan creates all the wrong incentives. If you want to make money from maintaining your open source software, you need to make maintenance necessary - but if your software is good enough to begin with, people won't need maintenance, and you won't get paid.

On the contrary, that creates an incentive to make the software buggy and incomplete. Businesses will need to hire you to fix issues and develop missing features. Also, if maintenance is too easy, a business could just hire some cheap intern to manage your software. This creates an incentive to make the barrier of entry to maintenance high enough - for example via bad documentation and obscure features.

I agree with you actually. Stallman was no business genius. The way I see that this could work would be if the malware insurers would require and fund this type of work but I have my doubts that that would happen. It makes way to much sense. Really there needs to be a cost to not having maintenance support in place to businesses and the only way I see that happening is via insurance requirements to get malware insurance. That might be a good way to go as I see every larger business putting costly proce

Re:

[cas2000]

The folks who use those libraries should be buying maintenance contracts on that software. That was the original business plan for FOSS.

You're speaking out of your arse. Free Software never had any kind of business plan, "original" or otherwise. It isn't now and never has been about business - it has always been about software freedom: the right of users to see, modify, and redistribute the code of any software they use...and for anyone they redistribute to to ALSO have those exact same rights to do what

Non-commercial licence

[bug1]

I feel the FOSS community would be in a much healthier place if it allowed non-commercial licenses, provided the software available under standard commercial FRAND terms for those non-commercial users.

If the price of paying for a commercial license is cheaper than paying lawyers, i think there would be much higher license compliance, and much would be used to promote further development.

Unfortunately this will never happen with the support of the FOSS community, there is too much self interest by corporatio

Re:

[serviscope_minor]

If the price of paying for a commercial license is cheaper than paying lawyers

It doesn't work like that. The company lawyers always want to read the license, no matter how cheap or expensive the software. It's easiest by far wiht F/OSS with standard licenses because the lawyers (if they're any good) just go "yep I know this, accept".

Pizza!

[bobby]

And beer!

By targeted ads

[jader3rd]

Track users behavior, targeted ads to them, and let the corporations pay for it all. That's how the profitable open source companies work.

How about freeing up some of that $7.5B?

[tlambert]

How about freeing up some of that $7.5B?

That's what Microsoft paid for GitHub.

Re:How about freeing up some of that $7.5B?

[PolygamousRanchKid]

How about freeing up some of that $7.5B?

That's what Microsoft paid for GitHub.

. . . but why did Microsoft buy GitHub . . . ?

The Economist has an interesting opinion on this:

https://www.economist.com/the-... [economist.com]

Microsoft assures users the service is safe under its stewardship, but many are wary. When Mr Ballmer spoke of developers, he had a specific sort in mind: those using Microsoft’s tools to build projects for Microsoft products. He once called open-source Linux a “cancer”, which would spread uncontrollably. In a sense, his words proved prophetic: today, open-source software is everywhere, from websites to financial markets to self-driving cars. Under Mr Nadella’s leadership, Microsoft has embraced open-source development. In buying GitHub it hopes to gain the trust of developers it once spurned. But some wonder if the change is complete, or if Microsoft will use its newly bought dominance of open-source hosting to push its own products. Alternatives to GitHub—some themselves open-source—wait in the wings. If it is not careful, Microsoft may find the developers it just paid so much to reach slipping from its grasp.

Re:

[swillden]

As the article says, there are plenty of alternatives waiting in the wings. Github got big because of network effects; everyone used it because everyone else used it. But the effect is weak in this case. If a competing service can offer some moderately-significant advantage, projects will move. If Microsoft makes Github harder for non-Windows projects to use, or even just stops improving it, another service will become the default home for open source projects.

I think Microsoft understands this.

Common models don't cover all projects

[Octorian]

One of the most common business models I see people talk about, is the good 'ole "give away the code, but sell support." There are many variations of this approach, but they pretty much all rely on an assumption that you're making software that's useful to large companies with cash to burn.

However, in the huge field of "end-user application software," I have yet to see anyone offer up a viable business model. You're not going to be selling any nebulous "support," and there's a pretty good chance that your u

Re:

[sfcat]

One of the most common business models I see people talk about, is the good 'ole "give away the code, but sell support." There are many variations of this approach, but they pretty much all rely on an assumption that you're making software that's useful to large companies with cash to burn.

However, in the huge field of "end-user application software," I have yet to see anyone offer up a viable business model. You're not going to be selling any nebulous "support," and there's a pretty good chance that your users will never be contributing developers. Just about the only approach I can think of (besides donations) is to make said software "paid" on some sort of app store, and hope that only a minority of your users ever find a way to get around that paywall.

You must be new here then. I guess you've never heard of QT. Their model is that you must purchase the software if your software is proprietary and you don't have to if its not.

Re:

[Octorian]

I've heard of Qt since the late 90's, and use it every day. Its an application development framework, not end-user application software. So yeah, Qt has a model to support itself.

But please tell me, again, how exactly one makes money off of F/OSS "end-user application software" built using Qt?
I'm waiting...

Re:

[dryeo]

Bounty systems and similar. Community raises X amount to finance a project or developer (who should have a reputation of carrying through) says that if the community can raise X, he will do this amount of work. I know of at least one small company making a living for a couple of developers and a developer/manager this way.

Re:

[sfcat]

I've heard of Qt since the late 90's, and use it every day. Its an application development framework, not end-user application software. So yeah, Qt has a model to support itself.

But please tell me, again, how exactly one makes money off of F/OSS "end-user application software" built using Qt? I'm waiting...

Qt is nice; I like it too. In the case of end-user FOSS software, it would usually be a support contract. Not saying its a good business model but there it is. The other model is a limited free version and a paid full version. As long as there are not any statically linked GPL libraries, this is all legal. If you are using a JVM (or other interpreted or VM based) language, this isn't even an issue. All the GPL really enforces is that you can update GPL binaries inside of your application.

For end-user

Re:

[skids]

The FOSS projects (other than base OS) that I am most closely involved with in using where I work fall into this category... but it's been hard to sell buying those support agreements to management. Either we're using a project because it "costs nothing" and we're ignoring the availability of support to back up our local talent, or we use a non-FOSS project (with its support) because management seems to consider for-pay software more reputable... and they will even prefer some third party supporting someon

That's easy....

[GerryGilmore]

...those entities that benefit the most from open source software - be they large commercial enterprises or government agencies - should be the ones to contribute the most.
To be fair, many companies and government agencies (SELinux, etc.) HAVE contributed back in many ways, but what seems to be missing in most of their projects is any desire to deeply investigate some of the core under-pinnings that are taken for granted until they blow up in some very visible fashion (Heartbleed, anyone?) instead of crea

HTTPS allows client-side caching

[tepples]

In the case of http caching, HSTS, cert pinning, etc all BROKE caching.

I'm not sure what you're getting at here. Nothing related to HTTPS affects client-side caching in any way. Besides, Chrome phased out key pinning by version 67 anyway in favor of Certificate Transparency because it was too easy for someone to exploit a misissued certificate for hostile pinning (source [google.com]).

HTTPS breaks only intermediate caching by intercepting proxies. There are cases where operators of intercepting proxies have (ab)used their position to insert advertisements into documents that a user is view

Re:

[turbidostato]

"...those entities that benefit the most from open source software - be they large commercial enterprises or government agencies - should be the ones to contribute the most."

In fact they do. The problem is that corporations are such pathological structures that they can't help themselves.

Some years ago, it came into fashion the term "coopetition": companies identify where are they really competing and what's just scaffolding (i.e.: infrastructure software) where they could cooperate instead.

They idea is so

Idealy you shouldn't need that

[Casandro]

If your code is so complex that you need significant amounts of work just to maintain it, you have done something wrong.
Free Software means that your users are able to use and change that software, if it's to complex you're robbing your users of that possibility as maintaining a fork would be to expensive for them. This makes your software just "Open Source", but not truly "Free" (as in speech).

Taking money is of course OK, but as with every software project, it should have a fairly well defined "end" after

Re:

[El Cubano]

If your code is so complex that you need significant amounts of work just to maintain it, you have done something wrong.

As with many things, it depends. If the code in question is a static HTML content generator, a GUI toolkit, a media streaming library, maybe a database driver, etc. then you are correct. However, if the code in question is a cryptography library, an authentication library, or an image processing library (a good one with lots of capabilities like ImageMagick or GraphicsMagick), then the domain will dictate a great deal of the complexity.

I have been involved in some security work and I can tell you that not

Re:

[lkcl]

If your code is so complex that you need significant amounts of work just to maintain it, you have done something wrong.

i replied to this already (and moderators reacted badly to plain simple facts and the detrimental consequences that had for my health and my family's well-being, so i'll have to repeat it again). certain classes of (desirable) technical designs / problems are simply not possible to implement in "simple" ways. you just can't. these include things like dynamic name-registration / publication / defending services (like nmbd and sadly zeroconf which is nearly identical to nmbd), NT Domains Interoperability,

Re:

[dwpro]

I wrote a 'simple' app to roast coffee for a niche coffee roaster on Android. Probably 150 hours of work. Subsequently Google has changed the way background services run twice, completely killing my app. I have made a total of $20 for my work, and I'm hard pressed to figure out how to sing and dance for Google to respect their tyrannical battery saving requirements for an app that needs constant communication over USB for 15 minutes, even as a hobby passion. Where did I go wrong?

It shouldn't

[Anonymous Coward]

Money corrupts projects. Everything I've seen money thrown at gets hooked on income. Before you know it point becomes making money instead of writing code.

Cost recovery basis, not insane lust for infinity

[shanen]

Repeating the ancient suggestion, but I think OSS would best be developed on a per-project basis recovering the costs, NOT speculating on infinite profits. The specific solution approach I would recommend would be a CSB (Charity Share Brokerage), where the wannabe donors would each buy a $10-share in the projects they want to support. If enough donors support the project, then it gets funded.

The CSB would hold the money and provide project-support services to earn a percentage of the budget from the success

Re:

[pjt33]

Obviously there are implementation details, but the overview in your first paragraph isn't entirely dissimilar to Kickstarter and similar crowd-funding platforms. The main difference seems to be the accountability structure you propose, which certainly sounds like it could be an improvement on Kickstarter.

Re:

[shanen]

Yes, the problem with all of the crowdfunding platforms I've heard of is that they have become too much like a lottery. An appealing proposal may be vastly overfunded, and Kickstarter doesn't care since they take their money off the front. You've surely heard about some of the disastrous results due to the lack of accountability. Kickstarter is quite careful to disclaim any responsibility for results and deny any liability. Youse pays yer money and youse takes yer chances, but Kickstarter has already gotten

What if you don't scratch an itch?

[Hairy1]

Some Open Source gets written because a developer is scratching their own itch. They have a job they want the software to do, and because you can't get any closer to the user than being the user this approach works really well. And because software developers like helping each other and getting a little thanks and credit we see Open Source grow. Some companies understand the use value and support open source projects, examples being Apache. Some do a Open Source core and charge money to earn a crust.

However

How about no

[quonset]

If you're not going to pay people for the music, movies or software they produce, don't expect someone to pay for what you produce.

Science

[TeknoHog]

FOSS is nothing more than the scientific method applied to software production: share your work so that others can verify and improve on it. Today, it also seems that FOSS largely provides the same function in society, as the basis on which technological innovations work. If society can find ways to fund fundamental scientific research, I'm sure they could do the same for FOSS (and a lot of Free software is already being written at universities). Unfortunately, it seems that scientists themselves have been

Charge, but allow distribution of modifications

[Mandrel]

Just charge for a licence to use the software in a production context, while still allowing anyone to release a fork and charge a premium, the remainder flowing back to the root of the fork tree. This retains the most important benefits of open source, while compensating the value adders.

Re:

[arth1]

Open Source has always been about creating code for the community, starting a project that solves a problem and leveraging developers from all around the world to make it as great as it can be. That's it.

"Always"? Having been around for a while, I beg to differ.
Open source was about seeing a problem or something fun, hacking some code for it, and to not be stuck with maintaining it, give the source away.

Anyone using the word "leveraging" when hey mean "using" isn't a hacker, but a bureaucratic cog in the machinery.

FOSS often suffers from "The Last Mile Problem"

[Suren Enfiajyan]

FOSS works where it can be monetized by services, hardware lockdown, or donations. Some people call it as "The Blessed Trinity". And if the software doesn't fall in the blessed trinity category then sorry, a complex FOSS software will likely fail and won't be usable except for its developers. Unpaid/volunteer (F)OSS developers are generally itch scratchers and do only the parts of programming which are fun and exciting or they need need it personally. But this is 10-20% of the actual effort and 80-90% of t

Re:

[Octorian]

One category I love to call out, which doesn't fit these categories, is plain old end-user application software. You know, the things people (who aren't developing software themselves) actually own a computer to run, once you get past the web browser.

I still have yet to hear anyone present me with a viable business model that covers this area, which is why F/OSS rarely rises to the same level of quality as anything commercial in this area. (That being said, I'd gladly pay for commercial software that runs

Through voluntary donations.

[scourfish]

If the state starts subsidizing it, they will eventually exert more control and regulation over it, and it won't be for the better.

Support Your Libraries!

[friedmud]

I started and have headed a large open source project for the last 10 years: (plug!) http://mooseframework.org/ [mooseframework.org] (quick description: think open source COMSOL on steroids).

We have a few thousand users spread across the world... but only a fraction of them contribute monetarily back to the project. We are lucky though that we are based at a US national laboratory where we are able to use government programs in support of energy research to pay for our project.

Going open source was a measured decision that took at lot of time to come to. Ultimately, we decided that creating an open platform for science was better than trying to charge license fees... and instead of taking money from our users our model is to partner with them to write proposals for joint funding. That model is working out ok so far (some years better than others!).

However: we not only create an open source library... we rely on many as well. The two biggest ones that we use are libMesh ( http://libmesh.github.io/ [github.io] ) and PETSc ( https://www.mcs.anl.gov/petsc/ [anl.gov] ). In both cases we have paid for full-time developers on those libraries for pretty much the entirety of our project. Sometimes we ask them to complete certain tasks for us - but for the most part the money is given with minimal strings attached so they can maintain their software and continue to make it better (not just for us, but for everyone).

For some of the smaller libraries we use we often fund work at universities associated with those projects. Sometimes it's a small amount of money - but we try to give _something_.

Everyone that is making money (for-profit or non-profit) while using open-source software should try to fund the projects you directly rely on as much as possible. Like many other things: even a little bit goes a long way. Open-source has never meant "you should use it and not monetarily support it"... people need $ to keep going.

Lots of options -- basic income as a start

[Paul Fernhout]

Coincidentally I posted some ideas just the other day: https://news.ycombinator.com/i... [ycombinator.com]

=====

We could have a Basic Income for all so that anyone who wanted to create FOSS could without having to take a paying job. The basic income would also recognize all the contributions to society many people make which they are not compensated for (e.g. caring for sick relatives instead of sending them to nursing homes).

Or we could have better 3D printers, gardening robots, materials extractors, portable recycling equip