Phil Agre: Organizational boundaries and the rising tide of standards.
The great paradox of standards, familiar to anyone who understands the Internet, is that standards and customization are not in conflict. To the contrary, a standard often supplies a platform or building-block from which customized products can be made. So long as companies have identified accurately where the dividing-line between standardization and customization should fall, and so long as this dividing-line stands still long enough for new standards to actually take hold, the rising tide of standards will facilitate greater outward diversity even as it reduces diversity behind the scenes.
This explains why non-GPL open source projects (like Apache) are so valuable: they are the base on which other projects (commercial or open source) can be built. In fact, this is already occuring; Oracle and IBM already have their customized web servers built on top of Apache; it’s integrated into Mac OS X; it’s firmly entrenched in the embedded market.
If Userland started writing Frontier today, it would make the most sense to write it as an Apache module. (In fact, they already have some funky integration going where it can render static pages, which Apache can serve up, while Frontier handles the dynamic content.) Why write an entire web server from scratch when you can get all that framework (what Phil Agre calls the “sedimentation of standards”) for free, debugged and tested by millions of users around the world? Write your own code in a portable language and compile it under Windows, Mac OS X, Linux, BSD, and anywhere else Apache can run.
On a larger scale, this is what Apple has done with Mac OS X. They took a solid, debugged, open source foundation and built a whole bunch of their own cool stuff on top of it. They tried for years to build a next-generation operating system from the ground up, and failed. Finally they realized that solid, next-generation operating systems were all around them, just begging to be used. All it took was getting over their “Not Invented Here” syndrome.
Doc Searls is also thinking about open source, foundations, and business models.
In Philadelphia, where I grew up and lived for many years, we had a stadium/arena/theater called the CoreStates Center, named after a local (as banks go) bank. In 1998, First Union took over CoreStates and slashed thousands of local jobs, causing quite a bit of bitterness. They also, naturally, renamed the CoreStates Center to the First Union Center, which local residents affectionately nicknamed the “FU Center”.
Then, just a few months ago, and after a long and bitter struggle, Wachovia successfully took over First Union, and will presumably be renaming the stadium once again. Locals have already gleefully taken to calling it the “FU2 Center”.
I still think John Robb is way off the mark about open source, and getting further off the mark by the hour. Now he’s claiming that selling commercial software is the only way for programmers to make a living. Um, “day job”, anyone? I am currently (thankfully) employed doing professional training. Before this, my day job was consulting. Before that, working on vertical market custom software that we sold for $50,000 a pop. Before that, writing code for minimum wage for professors (work study program) to help pay my way through college. Through it all, I’ve had a desire to spend my free time giving a little something back to the worldwide community by writing open source software and, recently, open source books. Why does John insist on buying into the media myth that open source is anything more complicated than that?
Update: John has since removed the comment that my previous paragraph links to, and Google’s cache is one day too old to catch it. Wish I’d saved it, or quoted it more fully.
Meanwhile, John is now saying that Apache is in trouble because he saw a graph that appears to show Microsoft making quick gains at Apache’s expense. This is extremely misleading, bordering on propoganda; he is not telling you what this graph is measuring (it is not measuring overall market share, although it appears to be), and he is not showing you the context in which this graph is presented. Click here to see the graph in context. Note in particular this graph (from the same page), which shows than Apache’s market share for active servers has been holding steady for months, while Microsoft’s market share has plummeted in recent months. Why? Because Microsoft had a bunch of “installed” IIS servers that their owners didn’t realize were installed, and after Code Red, people cleaned up their act and disabled all the IIS boxes they weren’t really using.
Speaking of Code Red (remember that?) Netcraft has some fascinating statistics about how many SSL IIS sites have remote root holes. (Scroll 2/3 down the page, to the “Web Server Security” section.) When Code Red hit, more than 60% of SSL IIS sites were vulnerable to some form of remote root. (This doesn’t even count all the unknown boxes just sitting there with a default install. Somebody cares about these boxes; SSL certificates from trusted authorities (which won’t cause scary messages in your users’ browsers) aren’t free, so presumably these are servers on which people are running real businesses and trying to make real money.) Those numbers were down to 20% in October, thanks to the constant pounding of media attention we got after Code Red and related worms. Gee, thanks. 1 in 5 Microsoft-based ecommerce sites are wide open. God help us if Microsoft really does gain any more market share.
Emacs 21.1 for Windows has been out for a while. Can’t imagine how I missed it.
Dilbert: It’s a free country.
Can’t imagine who this reminds me of.
Jenna Jameson is a practicing Catholic. Can’t imagine her confessions.
§
I am no longer accepting public comments on this post, but you can use this form to contact me privately. (Your message will not be published.)
§
firehose ‧ code ‧ music ‧ planet
© 2001-8 Mark Pilgrim
