Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Profiting from Open Source Software

Posted by michael on Tue Dec 07, 2004 01:15 PM
from the step-2-is-always-the-problem dept.
Businesses Software Linux Business
Secret Santa writes "Alex Salkever has written an inspiring and Linux-friendly piece about Martin Roesch -- how he went from writing open-source software to building a multimillion dollar company. Excerpt: 'Sourcefire is one of a growing number of small software players that have built new businesses around open-source code. Their business models contain various mixes of proprietary and open-source software components and span the software gamut, from other security companies such as Tripwire to database outfits such as MySQL and desktop-computing offerings like Xandros. Most are still small, with revenues well under $50 million.'"
+ -
story
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Profiting from Open Source Software 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Or (Score:4, Funny)

    by Billly Gates (198444) on Tuesday December 07 2004, @01:20PM (#11021000) Homepage Journal
    You can add spyware to your app and sell it to download.com in order to make money .... cough ...cough

  • At last! (Score:3, Funny)

    by Neil Blender (555885) <neilblender@gmail.com> on Tuesday December 07 2004, @01:20PM (#11021005)
    This article defines "2. ????". Dare I read it?

  • Open Source Business (Score:5, Interesting)

    by StormReaver (59959) on Tuesday December 07 2004, @01:23PM (#11021034)
    I run a small, and growing, side business in addition to my full time job. I target only Linux, and refuse all other jobs.

    My first product worked so much better than the alternatives, and cost so much less to implement, that I have no problem making good money this way.
    • I target only Linux, and refuse all other jobs. This will be your failure. I'm happy your business is growing and may soon support you without the need for a seperate full time job. However, please remember the number one rule of consulting... Always use the right tool for the job. Do NOT try to shoe horn the job into your chosen tool of choice. Doing so will eventually lead to failure.

      • Re:Open Source Business (Score:5, Insightful)

        by Daniel Dvorkin (106857) * on Tuesday December 07 2004, @02:31PM (#11021969) Homepage Journal
        I target only Linux, and refuse all other jobs. This will be your failure. I'm happy your business is growing and may soon support you without the need for a seperate full time job. However, please remember the number one rule of consulting... Always use the right tool for the job. Do NOT try to shoe horn the job into your chosen tool of choice. Doing so will eventually lead to failure.

        Ehhh, there's also the matter of different levels of resource allocation. If doing a given thing for a single platform takes x effort, then for a one-programmer shop, doing it for n platforms takes damn near nx effort. If GP poster is happy working only on Linux, and the services he provides have a wide enough market, there's probably enough room for expansion without him having to target other platforms. Now, if he were running a larger consulting firm, I'd agree with you that he's foolishly limiting himself, but it doesn't sound like that's the situation here.
      • The number one rule of consulting is:

        If you aren't part of the solution, there's good money to be made prolonging the problem.

        http://www.despair.com/consulting.html [despair.com]

      • This will be your failure. ... Always use the right tool for the job.

        So he only accepts jobs where Linux is the right tool. Problem solved.

  • Sourcefire reseller reporting. (Score:5, Interesting)

    by mpathetiq (726625) on Tuesday December 07 2004, @01:23PM (#11021042) Homepage
    I am currently employed by a Sourcefire reseller and must say that I really enjoy working with the company. The philosophies of most of those employed by SF fall squarely in line with my philosophies, so that helps. They don't seem... evil. Plus - they have a cool office, that helps, right?

    • Re:Sourcefire reseller reporting. (Score:5, Interesting)

      by happyemoticon (543015) on Tuesday December 07 2004, @01:35PM (#11021201) Homepage

      I read an article a few days ago by Ted Turner of all people. He openly deplored the oligopoly that's strangling America's business while discouraging competition and innovation.

      The companies which seem to have made it big in the past year or so (like google [google.com] have done so probably in large part because they didn't turn into a big wad of shellac like Yahoo - that is, because they're not evil. It's funny that the business innovation which is turning out to be strong enough to trounce the big boys even in this environment is Good. You see it in other places too, like In & Out Burger, where the workers are fast, happy, efficient, and very well compensated (general managers make like $80k+, so I'm told). Sheesh, this almost makes a man optimistic.

      That said, beating Yahoo isn't as big as beating IBM. Yahoo only had a couple of years to get established, IBM's been pushing out tills since before World War II. And because I know there are trolls out there, I don't think even the USPO would let somebody patent Good.

  • Money in OSS? (Score:4, Informative)

    by quamaretto (666270) on Tuesday December 07 2004, @01:24PM (#11021062) Homepage

    This must be wrong. Bill Gates told me there isn't any money in open source software. The guy probably stole the money from SCO.

    But seriously, there's not much meat to the article. Basically, what it says is:

    • This is the guy behind Snort and Sourceforge
    • He started a company and now he's making money
    • His clients appreciate the open-source nature of the product
    • He has to please the open source community, who in turn support help him support and improve the software
    • Profit!
    As if none of us would have suspected that there is money in open source software. I don't see how the article is that relevant, seeing as most of us here have heard of Red Hat.
    • No no no!

      Look. I said that there is no money from Open source software. I did not say there was not money from owning it and suing everyone on the planet who did not pay SCO.

      Sco has made alot of money owning free software. Get with the program.

    • Re:Money in OSS? (Score:5, Informative)

      by WaterBreath (812358) on Tuesday December 07 2004, @01:48PM (#11021340)
      This is the guy behind Snort and Sourceforge

      He's behind Sourcefire, not Sourceforge. Though his open source software is stored in the Sourceforge repository.

      Though it is probably superfluous to point it out here at /. there's a big difference. Sourcefire is a company that sells proprietary interfaces to open source security software. Sourceforge is a repository for open source software and a focal point of the open source community.

    • Re:Money in OSS? (Score:5, Interesting)

      by ackthpt (218170) on Tuesday December 07 2004, @01:51PM (#11021386) Homepage Journal
      Profit is in support.

      Besides, open source keeps you honest. If developers see shitty coding practices it will out and/or be cleaned up, rather than swept under the rug.

      Also good for software enhancement as it's more democratic this way. Pretty much anything I've ever come up with, on my time, I've released with the code. Though I doubt much of it has made it's way to sourceforge. I'd only care if someone slapped their name on it and claimed it as their's, particularly if they were selling the product commercially.

      Profiting from Open Source Software 101:

      Make a good idea real by coding it
      Release it as open source and solicit volunteer coders and code managers
      Contract your services for installation, training, technical and general support
      Profit!
    • As if none of us would have suspected that there is money in open source software. I don't see how the article is that relevant, seeing as most of us here have heard of Red Hat.

      Unfortunately, most of "us" don't know how to read a financial statement, and wouldn't know that Red Hat still isn't very financially stable, and their "profitability" comes from accounting tricks. For me, I was impressed by the article. It seems like they have a somewhat solid footing, which is very very rare for a company prod
      • Your assumption that there are plenty of other profitable open source companies is wrong.

        Timesys [timesys.com]. MontaVista Software [mvista.com]. Trolltech [trolltech.com]. SuSE [www.suse.de]. IBM's Linux ventures [ibm.com].

        My current employer uses and contributes to open source software, although we're a proprietary software company -- using OSS tools for infrastructure functions saves us money, and contributing back reduces our software maintenance costs. My last employer is a member of the above list. They survived the bust, and I've heard rumors that they've starte
    • There's not much meat in your comment, either.

      Sometimes, articles aren't news, and aren't meant to be in-depth technical discussions. Sometimes (especially in a fluff rag like Business Week) they're just articles featuring someone or something.
  • ...I have no problem with open source software.

  • Isn't that the dream? (Score:5, Insightful)

    by YetAnotherName (168064) on Tuesday December 07 2004, @01:27PM (#11021103) Homepage
    Make a package that everyone loves (starting as open source), then either get bought up by some company for your copious skills at making such a well-loved package, or making a proprietary add-on ... it's something I've failed doing time and time again. I'm glad to see that it does indeed work from time to time, else we might see fewer and fewer contributions to open source than we do.

  • The effects of patents (Score:5, Interesting)

    by Anonymous Coward on Tuesday December 07 2004, @01:33PM (#11021172)
    This is timely; I was just thinking about a similar thing this morning. Back in the 1980's and 90's, one could start up a software company which filled a niche, and take it to profitablility and even an IPO, without the usual VC BS. Borland comes to mind, but there are many other examples. All of this was before Software Patents really came along.

    I haven't seen anyone doing this lately; at least, not outside of Open Sourced efforts. It seems like if you go the closed source, proprietary route these days, you'd better have a good deal of cash to fight the Patent Wars against the freeloading lawyers who come along. I can think of several examples. Yet no one seems to target the Open Source Companies and try to shut them down. So it seems like this is the only way the little guy can hope to win, without having to bend over for the VCs.

    So, my question to the community is this: Are they any modern examples out there where an individual can successfully go it alone these days (all the way to IPO)? And if not (or if these are the exceptions), to what degree is this due to Software Patents?

    My suspicion is that there aren't any, or at least many, modern examples these days of people being successful without the money to create one's own patent portfolio and defend themselves, legally. And if this is indeed the case, it's a superb example of how software patents have hurt the industry, rather than helped it.

    • A bigger problem is the lack of tax-sheltered savings for small companies. You cannot "save-up" money very efficiently, because at the end the year the tax man takes so much of your savings.

      So you are forced to go begging for any capital you might need to expand. And small companies are forced to try to spend all profits by the end of the year to avoid taxation.

      What we really need is something like an IRA for small companies, to save money tax-deferred, until there is a big enough pile to make the inv

      • I wish I could mod this up. The game is much more competitive and you need to move much more quickly. You can't let an idea incubate for five years or someone who DID raise VC will beat you.
  • From the article: "Anyone could look at the software's underlying code, but reselling Snort was proscribed under the rules of its open-source license." This is, of course, not true. You can sell snort, as long as you provide the source code as well. Perhaps the author should take a look at the GPL, it's a really quick read. /me sighs
    • and it's a common misnomer in the OS world that people think that GPL provides them some protection from someone else coming along and selling it. Anyone can sell it for any price, as long as they provide the source. People need to learn how to read.
        • If you improve some GPL software (even if you don't) you can sell it for profit but you must include the source and the GPL license with every copy (or an offer to provide said items). You do not need to give anything to the original authors (though they would probably appreciate a donation). If anyone buys the software from you they can then sell it just like you are selling yours (or they can give it away for free).

  • Seems to me... (Score:3, Interesting)

    by Otter (3800) on Tuesday December 07 2004, @01:35PM (#11021203) Journal
    1) The article could just as easily be titled "Failing to Profit from Open Source Software".

    2) What it seems to suggest is that hybrid models combining some open-source goods and a general use of the "open-source culture" with some proprietary products is the way to go, especially for a product where you can't expect to create a lucrative consulting business.

    3) I suspect 2) works a lot better when you market to businesses than if you tried to sell to individual users who are allergic to paying for software and have a sense of "You owe it to The Community!" entitlement that corporate users lack.

  • How... (Score:3, Interesting)

    by Foktip (736679) on Tuesday December 07 2004, @01:36PM (#11021210)
    How can a company that makes a front-end for Snort be worth $100 million!

    Anyways, there you have it folks. Free engineering from a large community. Thats what the buisnesspeople want out of open source. And the profit comes from making the interface.

    But... is it possible for Interface design profit to sustain code design in the long run? Once open source interfaces catch up, will this niche remain?

    • No UI folks in OSS? It's a cultural thing. (Score:5, Insightful)

      by Tackhead (54550) on Tuesday December 07 2004, @01:55PM (#11021425)
      > How can a company that makes a front-end for Snort be worth $100 million!
      >
      >Anyways, there you have it folks. Free engineering from a large community. Thats what the buisnesspeople want out of open source. And the profit comes from making the interface.

      Great developers seldom make great user interface designers. The skillsets are wildly different.

      Great developers solve problems and scratch itches. They're not so great on making it usable, because they don't need usability to scratch that itch.

      How many times have people whined about, say, how hard it is to set up video capture on Linux, only to be shot down with an arrogant or condescending "Hey, luser, I didn't write this for you, if you don't like it, code your own!"

      "Well, fine, but I can't!", screams the UI dude. Because great UI designers aren't only "not great developers", many "aren't developers at all!". Some UI folks work on a project from genesis to release without ever seeing a line of code; they just talk to humans, mock up UI designs on storyboards in Photoshop (sorry GIMP fans :), take prototypes to humans, watch the humans use the prototypes, talk to the humans some more, and then come back with long lists of changes for the developers to make.

      Does that sound like "fun" for anybody here? Let's face it - UI design, prototyping, and testing is a time-consuming job, and there are very few "fun" things about it (when compared to, say, coding on a problem you think is really interesting).

      Corollary 1: Due to the nature of the work, most UI designers tend to want to get paid for it.
      Corollary 2: ...and therefore, spend most of their time in commercial shops, where they don't have much contact with OSS developers, even if OSS developers wanted their contributions in the first place (which, as a browse of any Linux-PVR thread will reveal, they don't :)

      > But... is it possible for Interface design profit to sustain code design in the long run? Once open source interfaces catch up, will this niche remain?

      Bottom line: You cannot assume that open source interfaces will ever "catch up" with their commercial equivalents, because the gap between UI designer and "open source coder" is cultural, not merely technical.

      OSS is a magnet for developers. The community holds no similar attraction for UI designers.

    • wow, you mis-read that article bad.

      Free engineering from a large community. Thats what the buisnesspeople want out of open source
      It's the same guy that made Snort to begin with, and he's still contributing/leading the development of the software.

      And the profit comes from making the interface.
      Umm well, where to begin, lets start right over here [sourcefire.com] where we see it's not just a front end, but hardware to run the application as well. Oh and look, they have other things that don't use snort, or other OSS proj

    • I am on a first name basis because I sat through a dog & pony show he did at SANS last year...

      They work pretty hard on Snort. It works really well. I can make it work really, really well for my net. Thanks! It sounds like you resent that they incorporate users' patches and such. That's the point of Open Source. If you don't like it, fork it. It's cool that they can make this great tool available to us, do some value-added work and profit. They aren't shipping Snort as cripple ware, a teaser, or

  • R & D vs. Maintenance and Support (Score:5, Insightful)

    by Donny Smith (567043) on Tuesday December 07 2004, @01:44PM (#11021302)
    Software industry is moving to subscription model anyway - once it completes the migration, open source and closed source will cost the same.

    Some here mention RH "making money off OSS" - they are because others are debugging and developing for them (they do have their own contributors, true) but for less popular OSS apps if you have to develop and debug by yourself and you collect maintenance and support money only, how do you do research and development within the same budget? You can't innovate significantly on a shitty budget - you can only GPL-code what has been done by someone else.

    Those who charge for maintenance and support alone can't by definition be much more cost-efficient from closed source competitors who do the same (perhaps the OSS guys wouldn't spend on ads and lawyers, but apart from that, I just don't see why would OSS be more cost effective - at least not to the 99% of corporate customers that aren't interested in the code itself).

    And RH-like companies' ability to make money off OSS is proportional to the lock-in effect they can create with their distribution or application. If transparency and portability between different versions of Linux becomes 100%, then price becomes the only remaining differentiation which pushes the distros in deadly price competition.
    Just imagine how easy it would be to ask RH for a discount if you could migrate your Oracle on RH to Oracle on Debian in an hour, or move from one OSS firewall to another by simply loading the exported settings into another tool...
    • ``Software industry is moving to subscription model anyway - once it completes the migration, open source and closed source will cost the same.''

      Nope, OSS will be cheaper. There are various reasons for this.

      First off, retail price being the same, OSS is cheaper. If you want new features, bugfixes, or other changes, you can do it yourself or go with the lowest bidder. With proprietary software, you would have to pay whatever the copyright holder charges you.

      Secondly, OSS is prone to fewer risks than propr
  • OK, Marty Roesch is a big-name guy, but I would like to hear about relatively lesser-known people starting a profitable business with OSS.
  • I must say this stuff is just rediculous. We have been profiting on open source software for almost 5 years. Taking Linux PC's, configuring them for average people (internet, java, music, etc.) and selling it. People completely underestimate the frustration with Windows. I think to succeed in in the business of open source it depends more on a business sense and less on a demand by the market. Seems the people I know who use Linux are so afraid to let a Windows user get lost that they don't push it. Quite t
  • Source "fire" is a funny name for a company. It must be American.

  • SourceFire = okay, not great (Score:5, Interesting)

    by Morrigu (29432) on Tuesday December 07 2004, @02:29PM (#11021944) Homepage Journal
    Having done some work with SourceFire's products (I worked on a contract that accounted for a majority of their total deployed IDS boxes in existence at one point), I have mixed feelings about the company. Yeah, meeting Marty is cool, and the pink pig T-shirts are cute, and it's worth some amount of geek points to say that I've used their stuff. But the products they sell and the company itself suffer from the exact same problems that plague all other IT companies.

    Even though the under-the-hood technology is k3wl and using Snort sigs is l33t, the admin and management tools are frankly not up to par compared to other offerings out there. I mean, it's not as bad as ManHunt, but it still takes waaay too many mouse clicks and unnecessary repetition by a human to get simple admin tasks done. I've seen gigs of sensor data lost to DB corruption (thankfully nothing critical) and have gone through the whole oh-crap we'll-get-that-critical-bug-fixed-next-release trip with them more than once. Support is a mixed bag, sometimes excellent, sometimes okay, sometimes really slow and annoying.

    Bottom line is, companies are companies, there's nothing magical about open-source ones that make their products inherently better or more desirable for any other reason than to boost one's ego and to say that You Were There Back When. If I were recommending an IDS product line to a customer (which I probably wouldn't do anyway), I would encourage them to do some careful research before settling on SF.

  • Michael Tiemann has it right... (Score:3, Interesting)

    by Spoing (152917) on Tuesday December 07 2004, @03:17PM (#11022806) Homepage
    Love or lothe Red Hat -- either way -- go here watch this. [redhat.com] Save it. Watch it again and again. Friggen brilliant.

    Go watch it and if you're curious, read on. If not...that's good too as I'm only going to ramble a bit;

    What I take from it is that the developer should reject the impulse to build everything from scratch and build just the core tool kit for others to use. After all, you can't know what other people are thinking or what they want...even if they tell you.

    Along those lines, I look for projects like Plone that build on the work that preceeded it (Python to Zope to Plone) and make it easy to design extentions (Plone Products) that interoperate with the lower levels. I avoid monolythic projects that don't seem to be flexable enough to incorporate other toolkits. This is not pre-made integration, though. Quite the opposite.

    Having the lower levels available and modifiable (Python source of Zope and Plone) means that you're not locked into one and only one way of doing things if you need to make changes. The vendor or core developer(s) don't dictate what you do or how you do it. Yet, along the chain each part works well with the levels above and below it.

    Additional link; Erik Von Hippel. [harvard.edu]

  • The more I think about it, OSS programmers aren't pioneering a radically different way of doing business. When I get the oil changed in my car, I know what's being done, it's just that I don't want to mess with my car and possibly screw something up, so I take it to a professional I can trust. With open source software, you can check out what the program does, and then hire the professional to make it work in your system/situation.
    • I too was hoping for something more, like a business whose software was open source. But according to the article he was only able to make money on a proprietary interface to an open source product. I know that companies can live only on open source (RedHat), and I would like tp hear more about them.

    • Re:"Proprietary" (Score:4, Insightful)

      by eln (21727) on Tuesday December 07 2004, @01:28PM (#11021112) Homepage
      It usually means you get open source software to do all the difficult stuff, then put closed-source stuff on top of it as a sort of value add, then sell the whole package. Pretty much every small software company operates this way these days, because it's far easier than trying to implement an entirely new system by yourself. I can't help but thinking it sort of violates the spirit of the open source community, while still adhering to the letter of the law as put out by the GPL. I guess this is where ESR's "leveraging open source to make money" philosophy clashes with Stallman's "free software for everybody" philosophy.
      • Stallman's "free software for everybody" philosophy is utopian. While it'd be great if all software didn't cost a dime, it's neither dramatic nor heroic when you can't support your family by doing the thing you do best, write software.

        Truth be told, services and support cannot always pay for the bills, especially when you're a small company with a relatively small number of customers. Sadly, people like Stallman would rather get caught up in the political melodrama of the idea that "commercial software is
      • I see most of the money being made off of Open Source in exactly the way Stallman envisioned - service. So far as I know Suse and Redhat are publicly available, what you pay for is the service you get when you buy it from them.

      • I can't help but thinking it sort of violates the spirit of the open source community, while still adhering to the letter of the law as put out by the GPL

        That depends on if you're a realist, or a moony pie-in-the-sky idealist. The fact is that having the open stuff wrapped in a proprietary interface is good for everyone. The company is motivated to fix bugs, the software gains more acceptance, and the community is motivated to make a new interface. Everyone wins.

      • Yeah, much like getting health care from a doctor that isn't paid is good...

        If you can't make a living as a programmer, you'll have several types of programmers:
        1. Those that do it because they love it and can afford to not get paid. (the best case)
        2. Those who do it when they can but still love it. They just have to fit it in with another job to make a living. (You wanted that patch fast?)
        3. Those who wouldn't make money at it anyway.

        The vast majority with be #2s. Basically, you'll have someone who ha

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.