The Open Source Business Model

Much of the software that powers the world’s largest companies, protects our personal data or encrypts national security information is open to the public. Anyone can download the source code behind Facebook’s user interface, Google’s Android operating system or even Goldman Sachs’ data modeling program, and use it as a building block for a totally new project. What’s more, lots of this software is actually developed collaboratively, created and maintained by an army of thousands, from unpaid volunteers to employees at competing tech companies. This is the collaborative world of open-source software, where code is written and shared freely. If individuals catch a bug or see an opportunity for improvement, they can suggest changes to the code and thereby become a contributor to some of the biggest software projects on Earth.

Red Hat, founded in 1993, was the first to figure out a successful business model, which relies upon selling support services for its operating system, Red Hat Enterprise Linux. Anyone can download the software for free, but if businesses want technical support and greater security, they’ll need to buy a subscription.

After decades of commercial success, IBM officially acquired Red Hat in 2019 for 34 billion dollars. It was the largest software acquisition in history. It’s really groundbreaking, and it just shows the power and success of open-source across the world, across the industries.

While Red Hat’s 100 percent open-source model has been hard to replicate, other companies like database program MongoDB and integration platform MuleSoft, rely upon an “open-core” model, meaning the basic features are free, but add-ons and other useful elements are proprietary.

As these companies have racked up multi-billion dollar valuations, there’s no doubt that on the enterprise level, there’s big money in open-source.

As for the individual developers, the hobbyists who contribute to and maintain open-source projects just for fun, their path to profitability is much less clear.

A lot of them are volunteers and they do this in their free time, in the evenings and on the weekends. But sometimes these “just for fun” side projects end up becoming widely used, critical to the internet infrastructure that we generally take for granted. Certain projects get so popular and so widely used that, you know, they’re in every product. They’re used by every company. And then this result of like, you know, massive Fortune 100, Fortune 500 companies building their businesses on top of this code that’s written by hobbyists for who knows what reason.

Now, companies are taking note and helping to formalize new funding models. In 2019, GitHub rolled out their Sponsors program, which allows developers to give and receive recurring donations for their work. We already have some people who are making their full living on GitHub Sponsors, so they don’t have another job. People prefer the freedom of being able to just follow my interests wherever they go and solve whatever problems I think are interesting. It’s still early days, but if funding models like GitHub Sponsors pay off, we may see a new class of software engineers eschewing traditional tech jobs in favor of independent, open-source work.

As one might imagine, problems can arise when critical systems are based on software that’s maintained by unpaid volunteers with no professional obligation to see to the maintenance of the project. This issue came to a head in 2014, when the security vulnerability dubbed Heartbleed was found in OpenSSL, an open-source encryption technology that’s used by the majority of web servers to protect user’s personal data.

The flaw has gone undetected for about two years and has exposed millions of usernames, passwords and possibly credit card info as well. They left this lock capable of being picked because they didn’t write the code quite right. And when they looked into it, the OpenSSL team was tiny. It was just a few people, who were mostly working on donations, and their donations had started to dry up. And understandably, these incredibly talented programmers had a hard time justifying spending full-time on this, even though it was one of the most important building blocks of the entire Internet. Ultimately, organizations like the Linux Foundation pulled together to provide financial support for OpenSSL, as well as other critical pieces of underfunded open-source software.

The disaster has served as a wakeup call for an industry that still largely relies upon unpaid labor.

Related posts:

I woke up with sleep still in my eyes, which was a nice change from the tears, but I knew they would return sooner or later. I do dream deeply, no matter how little sleep I actually get. And I must…

I happened to make a mistake a couple of days ago. Nothing too big, but it made me stop and reflect on how I might do better next time. And that made me think about the steps I took to figure out…

Superframe is a content creation studio offering a start to finish service for communicating your brand to your clients through amazing computer generated content, state of the art web platforms and…