5. choosing opensource.html

<!DOCTYPE html>
<html>
  <head>
    <title>LINGI2401 - 5. Choosing Open Source</title>

    <meta charset="utf-8">
    <style>
      @import url(https://fonts.googleapis.com/css?family=Yanone+Kaffeesatz);
      @import url(https://fonts.googleapis.com/css?family=Droid+Serif:400,700,400italic);
      @import url(https://fonts.googleapis.com/css?family=Ubuntu+Mono:400,700,400italic);

      body { font-family: 'Droid Serif'; }
      h1, h2, h3 {
        font-family: 'Yanone Kaffeesatz';
        font-weight: normal;
      }
      .remark-code, .remark-inline-code { font-family: 'Ubuntu Mono'; }
    </style>
  </head>
  <body>
    <textarea id="source">

class: center, middle

# LINGI 2401 : Open Source strategy for software development

Lionel Dricot
lionel.dricot@uclouvain.be
lionel@ploum.net

@ploum - @ploum@mamot.fr

???


---
class: center, middle

# One thing you learned from last week
???
Everybody should have a different one

---
class: center, middle

#Calendar
- November 6th : Thomas Lambot, rLoop
- November 20th : Anthony Lessuisse, Odoo

---
class: center, middle

#About the class

- Written instructions for the project are now on the Github repository
- I recommend you to "watch" the github repository
- The keybase chatroom is deprecated

???

because I'm currently disconnected, I can't add you to the room. 

---
class: center, middle

"Don't ask how to do it, ask what the objective is. Then do what you think is the best."

---
class: center, middle

"Never ask for permission, ask for forgiveness."

---
class: center, middle

"As long as you deal with humans, everything can be negotiated. Always."


---
class: center, middle

#From 0 to 10, what's your perception of free software philosophy?

(0) I don't want to use free software at all

(1) I prefer to avoid free software when possible

…

(5) I don't care about the philosophy. I just care about the software quality.

(6) I favor free software only if they are at least as good as proprietary software

…

(9) I use proprietary software only when there's no alternative

(10) I'm Richard Stallman, I never use proprietary software

---
class: center, middle

#3 teams
- Seller 1
- Buyers
- Seller 9

---
class: center, middle

#Buyers

- Call for tenders : a 10.000k€ software contract for a huge company.
- Write specifications

---
class: center, middle

#Seller 1 and Seller 9

Your team are competing for this tender. Prepare your arguments, your unique selling point but also what services are offered with the software.

---
class: center, middle

#There's one catch…

Seller's 1 solution is open source. Seller's 9 solution is proprietary. 

---
class: center, middle

#First round
- Seller 1 present its solution.
- Seller 9 present its solution.

---
class: center, middle

#Second round
- Round table with a representative of each team.
- Other can help in the background.

---
class: center, middle

#Buyer chooses a solution
- The choice must be motivated

---
class: center, middle

#Conclusion of the exercice

---
class: center, middle

#How to choose a solution?
- Cost
- Meet the requirements
- Support and maintainance
- Vision

---
class: center, middle

#1. Cost

Total Cost of Ownership (TCO)

???
https://en.wikipedia.org/wiki/Total_cost_of_ownership

Including hardware, migration, training, resarch, salaries. Very complex. It was heavily used by Microsoft in the 2000 to argue that using Linux was more expensive because Linux engineers had higher salaries.

In reality, it is nearly impossible to compute it. To have a really good picture, you should also compare it with the supposed benefit of the solution.

In the end, everything is money. Doing business is mainly trying to convert everything to an amount of money.

---
class: center, middle

#2. Meet the requirements

In theory, it means checking all the list from the specifications (cahier des charges).

???

In reality:

1. Specifications cannot cover everything
2. Speciications are, most of the time, not written by the future users
3. Specifications might be contradictory

---
class: center, middle

#3. Support and maintainance

That's where the real job begins

???
- There's a really thin line between support and developing custom softwares for your users
- Support doesn't scale. The more users you have, the more support you have to hire.

---
class: center, middle

#4. Vision

Software is now a continuous process. Your customers want to be prepared for the (unexpected) future.

???
Selling the vision might the most important aspect of your sales.

---
class: center, middle

#That's theory

In reality, you are dealing with humans…

???
People buying your solutions will probably choose you for unrationnal reasons. But they need to be able to justify their choice afterward to their boss/stakeholders. The price/specifications discussion is usually only a retrofitting logical tool to justify a choice made by meeting and discussing unformally.

---
class: center, middle

#You are also unrationnal!

???
You can be bought with things as simple as drinks, freebies or a cool party.

---
class: center, middle

#What about Open Source?

---
class: center, middle

#Open Source advantages

Let's find them together!

---
class: center, middle

#Open Source advantages

- The code source can be audited
- No licensing fee
- No vendor lock-in
- Allow you to take part in the community
- Transparent bug reporting and security update
- Open standard or, at least, transparent implementation

---
class: center, middle

#Open Source disadvantages

Let's find them together!

---
class: center, middle

#Open Source disadvantages

- Sometimes hard to find profesionnal support
- Usually harder to use
- Uncertainity about the future
- No clear responsibility

???
It should be noted that uncertainity also apply to proprietary software. It is more a matter of trust than a hard fact.

---
class: center, middle

# A note about UX


???
Historically, open source software were not focused on UX. It is still frequent to have open source software with outdated UX or with tons of options in order to please everyone.

---
class: center, middle

#Specifications may force the use of Open Source

It might be a technical choice

???
For example, you may want to audit and modify the source code.

---
class: center, middle

#Microsoft Shared Source Initiative

- Launched in 2001 to counter the Open Source interest
- Only selected customers have access to some part of the source code
- Source code only for reference, cannot be modified/compiled
- Evolved as an umbrella term for different initiative

???

https://en.wikipedia.org/wiki/Shared_source

---
class: center, middle

#NSA Backdoor in Windows

- Exporting cryptography software from the US is seen as "weapon exportation"
- The US government want backdoors in most software (including every Windows since 95)

???
https://www.computerworld.com/article/2521809/government-it/nsa-helped-with-windows-7-development.html

---
class: center, middle

#There's no such things as a "secured backdoor"

- 2016 : San Bernardino shooter used an iphone
- Apple refuses to help FBI access the data

???


https://www.apple.com/customer-letter/


---
class: center, middle

#How to be sure there's no backdoor?

???
Open Source?  Open Source is a necessary condition but not sufficient!

---
class: center, middle

#FBI Backdoor in OpenBSD
- At least, everybody could find them
- Nobody found them. It is not sure if it was a legend or not.
- Very complex backdoor mainly through reducing entropy and allowing sidechannel attacks
- Even The De Raadt, founder of OpenBSD, thought it was a credible claim

???

https://arstechnica.com/information-technology/2010/12/fbi-accused-of-planting-backdoor-in-openbsd-ipsec-stack/

Note that the backdoors were never found. It is currently believed that FBI mostly pre-computed a subset of key to ease attack.

---
class: center, middle

#Open Source seems a key component of security and privacy

But let's talk about it in another lesson.

---
class: center, middle

#Open Source for public services

Why would it be good?

---
class: center, middle

#Open Source for public services

- Control is not granted to a private company
- Economy is mostly local
- Citizens can audit what the governement software do
- Do you want your governement work with backdoors

???
Example in Belgium : https://en.m.wikipedia.org/wiki/Operation_Socialist 

---
class: center, middle

#Limux
- Started in 2006
- Migrating 15.000 employees of the city of Munich to Linux
- Main problem: compatibilty with MS Office documents
- Not clear if they saved money or not

???

https://en.wikipedia.org/wiki/LiMux

---
class: center, middle

#The main issue with open source is… compatibility

Let's talk about interoperability in a further course.




---
class: center, middle
# Discussion time








    </textarea>
    <script src="https://remarkjs.com/downloads/remark-latest.min.js">
    </script>
    <script>
      var slideshow = remark.create();
    </script>
  </body>
</html>