Ford Foundation Report on OS

56 views

Skip to first unread message

Mark Tarver

unread,

Apr 15, 2017, 2:56:33 PM4/15/17

to Shen

This is definitely worth a read

https://fordfoundcontent.blob.core.windows.net/media/2976/roads-and-bridges-the-unseen-labor-behind-our-digital-infrastructure.pdf

Some great quotes.

Our modern society runs on software. But the tools we use to build software are buckling under increased demand.

Also interesting stuff on OpenSSL which was chronically underfunded.

Having worked with the Department of Defense, Marquess saw how critical OpenSSL was, not just to their software, but to other industries around the world, from enterprise to aeronautics to health care. Until that moment, he had “always assumed, (as had the rest of the world) that the OpenSSL team was large, active, and well resourced.” In reality, OpenSSL wasn’t even able to support one person’s work.

My impression was post-HeartBleed, this had been fixed. However

After Heartbleed, OpenSSL finally got more of the funding it needed—at least for now. They currently have enough money to pay four full-time employees for three years. But a year and a half into that funding, Marquess isn’t sure what will come next. Marquess said that Heartbleed was a boon for them, admitting it was a “little ironic” that publicity had helped elevate their cause.

But after funding runs out and the world moves on, Marquess thinks they could be back in the same situation as pre-Heartbleed, and perhaps even worse: the client work that took Marquess years to build has dried up, since the team works full-time on OpenSSL right now and no longer has time for contracts. Marquess himself is approaching retirement. He is the only person willing to handle the business and operational tasks associated with OpenSSL, including taxes, sourcing client work, and managing donors. The rest of his team prefers to focus on writing and maintaining code. He can’t hire someone else into his position when he retires, either, because he currently doesn’t take an income. Marquess remarked, “I don’t know that we can hold this together for more than a couple of years”.

Some good quotes by OS devs.

“ In the early days of the open source movement there were relatively few projects and in general most people using a project were also contributing back to it in some way. Both of these have changed by likely uncountable orders of magnitude. .... [A] problem is the growing imbalance between producers and consumers. In the past, these were roughly in balance. Everyone put time and effort in to the Commons and everyone reaped the benefits. These days, very few people put in that effort and the vast majority simply benefit from those that do.

Hynek Schlawack, a Python Software Foundation fellow and contributor to Python infrastructure projects, frets about a future with a wider demand base but only a handful of keystone contributors: “ What frustrates me most is that we have an all-time high of Python developers and an all-time low on high quality contributions.[...] As soon as pivotal developers like Armin Ronacher slow down their churn, the whole community feels it immediately. The moment Paul Kehrer stops working on PyCA we’re screwed. If Hawkowl stops porting, Twisted will never be on Python 3 and git. So we’re bleeding due to people who cause more work than they provide. [...] Right now everyone is benefitting from what has been built but due to lack of funding and contributions it’s deteriorating. I find that worrying, because Python might be super popular right now but once the consequences hit us, the opportunists will leave as fast as they arrived.

Ryan Bigg, who writes documentation for the software framework Ruby on Rails, announced in November 2015 that he was quitting all open source work, explaining: “ I do not have the time or energy to invest in open source any more. I am not being paid at all to do any open source work, and so the work that I do there is time that I could be spending doing ‘life stuff,’ or writing. It is not fair to expect me to do even more work outside of my regular work, and then not get fairly compensated (time or money) for it. It's also a great recipe for burnout and making me just generally grumpy

The whole thing is well worth a read and puts the challenges of developing Shen into perspective. We're actually doing well above the average. If my reading is right, we're in the 1% bracket because 6 years after introduction, we are moving forward thx mainly to SP and the people supporting it. IOW, it's not just us who find there is a problem with OS economics.

Sadly I still don't see a solution in the report. I think the younger generation will be middle-aged before we see anything like a collective solution.