April 2008

I’ve been thinking about this statement from Sun/MySQL’s Marten Mickos:

“There’s a difference between organizations that have more time than money and organizations that have more money than time.”

I coming to realize that OSS users split into three, not two, categories:

  • A] An organization that has more time than money
  • B] An organization that has more money than time but is used to getting what they need for free and is comfortable enough with OSS to rely on their own skills
  • C] An organization that has more money than time

While Marten has grouped categories “B” and “C”, I think it’s important to separate them out. And truth be told, I think category “B” users are more likely to act like category “A” users when a purchase decision to be made. BTW: There is likely an aspect of “how business critical is the application running on OSS” that needs to be overlayed on this user categorization. But that’s for another post.

For OSS vendors, it’s an uphill battle to get a company in category “A” to spend on a product or subscription. On the other hand, nearly all “early stage” paying customers will come from category “C” users. But over time, the growth of users in category “C” who haven’t been converted to customers is outstripped by revenue growth targets that the OSS vendor has. This happens at different points on the revenue curve for different markets (i.e. operating systems vs. app servers vs. content management). I’d venture a guess that the inflection point for most OSS vendors is around $50-100M/year in revenue. From this point forward, the race is on to convert category “B” users into paying customers. Based on my discussion with customers that fall into this category, converting to paid customers is easier said than done. The whole “it’s certified and supported” story falls on deaf ears. These customers have been running the OSS product for years and haven’t found the need for a support contract, so why get one now?

Recently MySQL was in the news for implementing a strategy squarely focused at category “B” users (even if Marten and team wouldn’t classify the move as black and white as I do here). But look around and virtually every leading OSS vendor (SpringSource, Zenoss, MuleSource, etc) has implemented some form of an “incentive” to convert category “B” buyers. In most cases it’s a product that is only commercially licensed or only available to paying customers.

There is absolutely nothing wrong with this strategy. I am actually a fan of it because it’ll drive an order of magnitude more revenue than trusting in the goodness of user hearts (…you know the companies who have money but you’ve taught them they don’t need to spend with you). I’m sure some OSS purists will tell me that I’m wrong. I could very well be. Or maybe their company is still selling into category “C” users? I’d say time will tell, but the shift towards closed-source, or otherwise gated offerings from open source vendors leads me to think I should bet a beer on this one.

What do you think? Is Marten correct, or are there 3 buyer groups as I’ve described?

BTW…I respect Marten’s thinking around OSS enough that being proved wrong at his hands or his thinking won’t leave scars ;-)

Via Nick Carr’s posting today. The McKinsey survey suggests:

  • The software industry technology innovations of the past 2-3 years are nothing compared to new technologies we’re about to see
  • This innovation is likely driven by SaaS/PaaS and Web Services/SOA with 31% and 25% of respondents selecting them as the most important trend impacting their business. Open source received 8% of the votes from 857 respondents, just above 7% for “Software industry consolidation”
  • Currently 65% of software spending is through traditional license/maintenance models, with 19% coming from subscription/on-demand. These figures are “expected” to shift to 58% & 21% respectively by 2009.
  • The majority of this shift toward subscription-based models is coming from companies with <100 employees.
  • The top three criteria for selecting SaaS vendors are: “deployment speed, ease of Integration”, “vendor track record in SaaS” and “Costs”.
  • Overall, control of software decisions split 83% / 17% between centrally controlled vs. business unit controlled. This split grows as the company size increases. For example, it’s down to 67% / 33% in companies with > 25,000 employees.

Lots of other good info (you can read more here). I wonder that last data point will impact OSS adoption. It’s probably a net positive for applications that business users interact with. Not sure if a business unit decision maker cares as much about middleware decisions though.

In a move that makes perfect sense, Black Duck Software acquired Koders. Most of you know Black Duck as a company that helps businesses manage the legal risks around using OSS inside of their company or product. In many cases, Black Duck really helps managers and corporate lawyers get a handle on just how much OSS is being utilized at their company. According to Black Duck,

“…for example in technology M&A, where from 2005-2007 Black Duck products and services were used for due diligence of transactions with a total value exceeding $30 Billion.”

That’s a shockingly high figure. Wow. Kudos to Black Duck.

The Koders acquisition makes sense because more and more developers are developing by reusing code from external code repositories like Koders. Being able to tap into this source of code (pun intended) will help improve Black Duck’s code scanning capabilities. As a result, this acquisition will improve the level of information (and protection) that companies using OSS have at their disposal, whether the source being leveraged is from a traditional OSS project or an online code repository such as Koders.

This Wired story has some very interesting comments on Amazon’s Web Services (AWS) business. The first point was news to me:

“And the idea that AWS is mostly about wringing extra bucks (especially off-season) out of Amazon’s data centers? “We’ve far exceeded the excess capacity of our internal system,” Amazon’s Jassy says. “That ship sailed 18 months ago.”


“I’d be surprised if no one else does this,” Bezos says, pausing for effect. “It’s a really good idea!” And there may be an ace up his sleeve. Any economist will tell you that a commodity business — storing and processing data, for instance — is a mug’s game, with prices that plunge inevitably toward the cost of production (in the case of bits, pretty close to zero). That’s music to Bezos’ ears. “Commodity businesses don’t scare us,” he says. “We’re experts at them. We’ve never had 35 or 40 percent margins like most tech companies.””

Wall Street’s best guesses for AWS’s 2007 revenue don’t even reach $100 million.

I scoured Amazon’s 2007 annual report to see if there was any additional data on the size of the AWS business. No luck. About all I could find is that Amazon’s expenses for “Technology and content”, which is where AWS expenses would be counted, were up to $715M ($818M if you include the cost of stock compensation to employees in the “technology & content” group). If the AWS business has grown beyond using the excess capacity of Amazon’s internal systems, it wouldn’t surprise me if 5-10% of that figure was associated with AWS. And based on the comment from Bezos, I’d probably uplift the expense estimate on AWS by < 25% to represent gross profit. All told, we’d be around [717M x ((5% + 10%)/2) x 125% =] $67M in revenue by my back of the envelope estimate. Not bad for 2007 (if my math is close to reality)…would love to know how big 2008 is considering that all the cool kids are using AWS.

Marco Barulli from Clipperz reached out to introduce their online password-manager. I’d been looking for a good solution for some time now. While their Password manager seems pretty cool, especially the Direct Logins feature, I’m more intrigued by how Marco and team will apply this technology to other areas.

Clipperz had originally used the term “zero-knowledge web application” to describe Clipperz’s approach to managing sensitive data via/over the Internet:

“We simply meant that Clipperz knows nothing about its users and their data!”

It appears that the term “zero-knowledge” has a previous meaning, but I can’t think of a better term right now. How is an application a “zero-knowledge” application?

“1. Host-proof hosting: In order to avoid storing readable data on the server a zero-knowledge web application should encrypt and decrypt the data inside the browser.

2. Hide nothing: … Therefore full access to the source code of the application is required.

3. Prevent code changes: … Therefore it’s of the utmost importance to implement the necessary measures to stop any attempt to modify the code executed by the browser.

4. Learn nothing: … As a consequence of the “learn nothing” mantra, every zero-knowledge application should be completely anonymous, or at least it should make it impossible to relate the real name or email of a user to his data.”

I’d consider #1 and #4 to be must-have capabilities in a world where we access applications and data residing on a 3rd party cloud vendor’s infrastructure. This is true for personal data and for corporate data, (difficult to say which would be more important). I don’t know if Amazon, Sun, IBM, Microsoft or any of the other current/future cloud providers offer capabilities to address #1 and #4. If not, Clipperz is available under the AGPL or commercial license ;-).

Additionally, I see a use for Clipperz technology at virtually every SaaS company. It’s somewhat surprising that companies have been storing corporate data on servers belonging to Google, SugarCRM, Salesforce.com, Yahoo/Zimbra, without these capabilities.

Mark Hinkle, VP of Business & Community Development at Zenoss reached out to bring me up to speed on Zenoss.

Zenoss provides software for network, server and application management. Zenoss Core is a community offering licensed under the GPLv2. Customers can purchase support around Zenoss Core, or purchase Zenoss Enterprise Edition, available under a commercial license. Zenoss also has specialized offerings for xSPs that need to manage hundreds/thousands of clients.

Zenoss announced the following news today:

  • Added 32 new paying enterprise customers in 1Q08
  • Counts over 100 paying enterprise customers including SugarCRM, Rackspace, Disney, Georgia Tech & Instinet
  • Over 3,500 active deployments (i.e. potential future paying customers)
  • Establishing a development center in Austin, Texas…virtually the Mecca of IT management software development

I asked Mark to speak a little about their competition. Mark stated that Hyperic and Zenoss are complimentary. Hyperic is able to dive deep into the application and server stack, while Zenoss delivers a heterogeneous, broader, view of the IT environment. And while GroundWork and Zenoss offer competing capabilities, there is enough interest in open source IT management products that they are both growing.

Then Mark talked a little about OSS & closed-source IT management vendors meeting up at Barcamp. Mark said (near quote):

“…everyone realized that it’s not practical to say we are going to ‘replace HP or BMC’. So, we started thinking about how OSS products could compliment closed-source products that are widely used today.”

I really like the approach of complimenting current products. It demonstrates that the OSS vendors in question are spending time and resources adding value versus “fighting the good fight against closed-source software”. Customers aren’t about to rip-and-replace anytime soon. The future of IT will be found in a mixture of both the closed-source and OSS product and business models.

The more I hear about OSS vendors with a GPL’d community product and a commercially licensed enterprise product, the more I’m convinced of this inevitability…almost as others are convinced that SaaS and/or a support business model is the inevitable end game for the software market. Time will tell…

Just read about the launch of “The Open Source Census“. This is the next step in OpenLogic‘s efforts to get a better sense of which OSS products are actually used in enterprises. Until now, the OSS product usage data we’ve seen has been from surveys of people who likely don’t know the extent of OSS usage across their company.

So, time for you all to participate:

  1. Start here
  2. Take inventory of OSS packages installed
  3. Upload the results (anonymously) to The Open Source Census
  4. Review the consolidated results from others

The results so far: 231 machines have been scanned and a total of 52,354 installations of 650 unique OSS packages have been found.

It’ll be interesting to see the results in a few weeks.

Kudos to sponsors OpenLogic, IDC, Collabnet, Holme Roberts & Owen, Navica, Olliance Group, Unisys, Open Solutions Alliance and Open Source Business Foundation for making this happen!

Next Page »