

What Open Source Can’t Do - adamsmith
http://www.xobni.com/asmith/archives/80

======
wheels
The technical infrastructure of the major open source projects would make a
small startup cry. It's certainly not out of the reach of Open Source. Just
knowing the infrastructure required to keep the KDE project ticking, it's far
beyond what Xobni would have to deal with.

If we're thinking in terms of "Open Source applied to services", well,
Wikipedia. That's a pretty big website thinger there. I'm not sure I'd want to
stare down the sysadmins of WikiMedia an inform them, "No guys, no, see,
you're not really hosting..."

------
bootload
_"... Ask yourself: what open source software exists that solves a big problem
in a large market? ..."_

Linux kernel?

~~~
systems
I think he meant to say "Ask yourself: what open source software exists that
solves a big problem in a large market?" ... then host it and provide it as a
service ...

~~~
bjelkeman-again
Yes, I agree with your addendum. This is what we have done with Akvo.org.
Nearly 3 billion people do not have clean water to drink or adequate
sanitation. That is what I call a large market and a big problem. We have
taken the open source approach to try to address this from an internet service
point of view. Even though we haven't released any code yet, we have several
big players investigating using our platform and software for boosting their
efforts in the development aid space. Maybe we are doing something right.

------
m_eiman
So what he's saying is that software doesn't run itself? Hardly news, is it?
Running the software has nothing to do with it being open source or not.

Sensationalist headline, but it seems that it's the only kind of headline that
works on the web these days.

------
snprbob86
I think a more interesting question is: can we work around this?

I really don't know what the state of P2P or decentralized systems are, so
tell me if this sounds crazy or not. Maybe someone could develop a secure,
trusted, reliable system for distributed execution of sandboxed code which
relies on the BitTorrent sort of sharing is caring strategy. That'd be pretty
sweet :-)

~~~
m_eiman
Building the system would be easier than solving the problem of knowing who to
put in jail when it gets infested with the usual junk that tends to end up in
anonymous systems.

But it'd be useful, so please go ahead and solve it :)

~~~
snprbob86
Or, just maybe, a system such as this would prove once and for all that it
just isn't worth trying to control, censor, and otherwise police the internet.
A hacker can dream, can't he?

~~~
m_eiman
Well, -someone- is going to jail when The Authorities find illegal content
(whatever that means, the concept seems to be expanding quickly) on your
computer. Would you prefer it to be you, or the one responsible for it? Unless
you can solve that problem, I'm pretty sure you're going to have trouble
finding people to volunteer.

As for policing the internet, I think that personal responsibility for your
actions needs to apply even when you act using a computer. The consequences of
your actions should to be reasonable though, and not like what we're seeing
now with file sharing lawsuits.

~~~
eru
Plausible deniability at least as strong as freenet provides it, could help
somewhat.

~~~
m_eiman
It might, but I don't think it will.

That kind of defense hasn't worked very well in filesharing cases (or has it?
at least I'm under the impression that it hasn't), and is even less likely to
work if the offense is more severe. Like when the infamous "terrorist
networks" put things there, or the kiddie porn people. At the very least
you'll get hit for aiding the baddies.

~~~
eru
In freenet you generally can not see what is stored on your node (i.e. PC)
because it is encrypted. To make this work, a freenet 'URL' more or less
contains the key to decrypt the content it references.

~~~
m_eiman
Sure, but you're still helping someone do something by taking part in the
network. If that someone is doing something illegal, you're well on your way
to getting in trouble. Especially if most of the activity in the network is
illegal, then it'll be hard to argue that you didn't know what could happen.
It's pretty much what killed Napster, although in that case it was the company
that ran the network that got shut down.

I suppose it'll have to be a serious problem for someone to make the effort of
finding and decoding the data, but I don't doubt that sooner or later someone
will decide that it's worth it.

If there's going to be processing of the data, and not just storage, the local
node will need to have access to the encryption keys. That should make the
work of the investigator easier. With enough cunning trickery it'll probably
be hard to find them, but with access to the hardware I have no doubt that
it's doable.

Hm. So the work needs to be done in a virtual machine that is given access to
a local file storage and the freeserve (let's call it that, sounds nice)
network. The vm needs to query the network for tasks to be performed, download
the data for the task, process it, and upload the result.. Should be a fun
project to design it.

Fairly simple. Except for all the technical and legal problems :)

~~~
eru
You should have a look at the freenet documentation. They thought about all
those problems already. (And your guesses about their solutions are partly
right, partly wrong. For example your node does not have to know the keys and
no VM is necessary.)

~~~
m_eiman
If you're going to do any processing on the data you're going to need to
decrypt it, and then you'll need the keys. And unless you -really- trust
random people on the net, you'll probably want to run that processing in some
sort of sandboxed environment. I went one step further and put it in a VM,
since that should be easier to close down.

Just running a Freenet node doesn't it of course, but I was thinking of the
'peer-to-peer servers in the cloud' thing.

~~~
eru
> If you're going to do any processing on the data you're going to need to
> decrypt it [...]

You underestimate modern cryptography. Or to give a simplified model: Imagine
you just had blobs of encrypted data that you served and the requester would
do all the processing.

~~~
m_eiman
Ah, but then it wouldn't be "services in the cloud", it'd just be storage in
the cloud.

------
defunkt
LiveJournal has been open source for as long as I can remember.

------
aneesh
"... Ask yourself: what open source software exists that solves a big problem
in a large market? ..."

Statistical software (like R), perhaps? Not sure how much it's used by
businesses though, especially with alternatives like SAS, or data mining built
into Oracle & SQL Server. Still, hosted data analysis sounds cool (with
potential complexities as well).

~~~
SwellJoe
The guys behind SciPy are doing this sort of thing (not R, specifically, but
scientific computing...they were doing fluid dynamics and geological data
analysis). It's a pretty specialized market, but one where huge sums of money
are spent. They had revenues in the millions when I left, and they only had
two big customers (and a few customers who were putting out feelers for other
options besides their current providers). Anyway, they weren't actually making
any money at hosted scientific apps yet, but they were building their data
center out and getting the contracts in place, so I expect it's a reasonable
portion of their business today.

But, if you or your co-founder isn't a PhD in the field you choose to tackle,
you'll probably have a hard time getting a foothold.

------
rflrob
_"We’d probably all be using an IM client built around Jabber."_

Depending on your circle, some do. gChat is runs off the Jabber protocol. On
the Mac, Adium is one of the best (I don't know about most popular) multi-
system clients out there. I'm also partial to Pidgin Linux.

~~~
jfarmer
Adium and Pidgin use the same underlying library (libpurple), and the lead
developer for Pidgin is an engineer at Google.

------
simanyay
I don't personally need open source blogging or news aggregator software. And
that is why I use blogger, google reader, etc.

But I do need Django, I do need libraries like ipaddr.py from Google, I do
need Linux kernel, I do need Webkit. One by one the majority of those
libraries don't solve big problems. But combined they do.

And as for developers, they can stop worrying that somebody will take their
open source code and clone their major project and start releasing chunks of
code that is actually interesting. Let's be clear, most of the code is pretty
much the same everywhere and is not interesting.

------
dejb
Actually I think that GPL almost goes as far to encourage this hosting model.
If you want to incorporate non open source code or libraries then you actually
CAN'T release that code to the world. The only way to offer people that
functionality is to host it.. and nobody else can offer a non-hosted solution.
I can see a lot of startups following this model with GPL in particular.

------
musiciangames
"There’s no doubt we’d have better software today if open source projects
could get servers and operational resources for free"

This is what heroku.com and seasidehosting.st offer. It does seem an
opportunity for super low cost of entry apps. I don't know about how either
scale if you get popular; presumably there comes a point where you have to
rethink the infrastructure.

------
harpastum
Interesting idea, but saying open source has this inherent limitation is
overreaching a bit. A much more reasonable claim would be that open source
"can't do" service-based applications (Which I'm still not sure I agree with).

"what open source software exists that solves a big problem in a large
market?" Linux, Apache, mySQL, etc.

~~~
jmtulloss
It is an inherent limitation. Time is a cost that can be donated because there
is some non-material payoff to the person that's donating the time. There's
very little non-material payoff for donating servers, bandwidth, etc.

I actually like this. It's the most obvious way to capitalize on open source.

~~~
Herring
I can't help but wonder if it's worth it. The two main problems I see are 1)
Something necessitating the AGPL & 2) Apps that don't need to be online (eg
rescuetime) & the privacy concerns associated with them (eg bush & his
telecoms).

------
dawie
SugarCRM

~~~
adamsmith
I'm not sure if you're aiming to agree or disagree, but...yes totally :)

There are many other examples of the "open source business model," such as
Dries Buytaert who runs Drupal and Acquia.

The point is that contributors to open source projects are willing to write
code for free but not willing to wear the beepers that go off when the servers
go down.

~~~
wmf
_The point is that contributors to open source projects are willing to write
code for free but not willing to wear the beepers that go off when the servers
go down._

But could you get 100 people to wear beepers if you told them there was only a
1% chance it'd go off?

(It's a rhetorical question. I've seen what ten part-time sysadmins can do; I
don't want to imagine 100.)

