Savio responded to Dave’s criticism of Cisco’s approach to open source software, which recalled this post from Matt Asay in which he outlined the large amount of open source software used within Cisco’s ASA and PIX security appliances.
Dave’s criticism (and is should be noted that Dave is an executive at Vyatta, an open source competitor to Cisco) is not that Cisco is using open source software within proprietary products but that it is failing to pass on the benefits to its users, either in the form of cost reductions or access to the code.
Savio noted in his response (which raised the question of whether Cisco is a “leech”) that Cisco’s use of open source may have enabled it to focus its attention on other differentiating features, passing on a related benefit of the use of open source to its users.
Dave is unconvinced. In his response to Savio’s response he maintains that benefit is simply a matter of taking a buy versus build approach in which the cost of ‘buying’ the software is zero, and that Cisco is not passing any “open source benefits” to users.
It would appear from Dave’s earlier post that the open source benefits he would like to see are the ability to modify and fix the code if the user chooses to, as well as the ability to contribute to that code. He previously wrote:
Specific questions I would ask myself about any company “using” open source:
1. Did the company in question pass on the costs saved in development to me?
2. Is the majority of the code open to me for modification if I want to, or is the open source wrapped up in so much proprietary code that it really isn’t standalone. In other words, it’s great that a company would use something like Apache as the web server in its products, but just getting the source code to Apache isn’t really interesting if the rest of the code in the product is otherwise closed.
3. Can I fix bugs in the code myself?
4. Will the company take back contributions from me so that I don’t have to keep fixing bugs in the code myself?
5. Does the company contribute back in the form of patches, marketing, documentation, etc?
That’s the back story. There are two quick points I wanted to make.
The first is that, while Dave notes “if you’re complying with the appropriate license terms, I don’t have a problem with that”, if we assume (as Dave does) that Cisco is abiding by its obligations, then he is effectively asking Cisco to go beyond those obligations in passing on “open source benefits” to users.
Dave also noted that he sees business benefits in being more open, which brings me on to the second point. I wrote recently about the five stages of engagement in open source communities, as described by the Eclipse Foundation.
|From Public photos|
It would probably be fair to say that Cisco is currently at stage two (1, USE in the graphic) in this five stage process (“The vendor begins to make use of open source software internally as part of its ongoing research and development process, realizing that it can save money on non-differentiating code and improve interoperability”).
In my experience companies quite quickly see the benefit of moving from there to contribute to and then champion open source development, which would be likely to deliver the benefits Dave is looking for.
However, it is also my experience that vendors have to see and understand the benefits of doing so for themselves – they cannot be cajoled by criticism into being more open. Cisco is at least heading in the right direction. Labeling it a leech is not going to help.