Are there any notable examples of business disasters directly attrutible to open-source software?

Question

In "enterprise" environments, I've observed a strong prejudice towards proprietary software. Even in large business that use Java, it is unusual to find MySQL or PostgreSQL, and WebSphere and WebLogic are strongly preferred over JBoss or Tomcat.

This is very understandable. While many developers prefer Tomcat or Postgres to WebSphere or Oracle DB, they are not the ones that make the final decisions in these matters. Whoever does make the decision regarding which DBs and application servers will be used in production will find that the licence fees seem quite small compared to being fired for choosing the free software that caused something really, really, bad to happen.

I'm not asking the question of whether Postgres is as good as Oracle. That's not the point. Oracle doesn't get chosen over Postgres after a careful considerations of features and benchmarks. Postgres doesn't enter the conversation, because free software isn't trusted in certain places.

I'm curious if this lack of trust came about in response to any specific events. So my question is this: Are there any documented cases of business calamities (failures, significant loss of revenue, significant loss of corporate data, etc.) that were shown to be the result of deficiencies in open-source software?

Clarification: If you have experience with enterprise level companies that fully embrace OSS, that have to prejudice in the matter but make choices based on the needs of the particular situation, then Good for you! Your experience doesn't change the fact that other enterprise companies have a very different attitude, and my question is valid even if these companies are in the minority.

The question is based on a dubious assumption that "enterprise" businesses do not trust free software. That's false. — quant_dev, Aug 12 '11 at 14:32
Well, my experience may not be as broad as yours, @quant_dev, but I have observed significant lack of trust of MySQL, Postgres, JBoss, and Tomcat in the enterprise. But I've never heard of developers not trusting these products. — Eric Wilson, Aug 12 '11 at 14:37
@Job I didn't ask, "Why not select OSS?" In fact, I tried to make it clear that this was not my question. I'll make the actual question bold to help those that read too quickly. — Eric Wilson, Aug 12 '11 at 14:54
Two close votes, no downvotes, and no comments on why this question should be closed. Help me out here, I did my best to specify that I'm not asking open-source vs proprietary. — Eric Wilson, Aug 12 '11 at 14:56
@FarmBoy: I think the close votes are appearing because this is not a question that can have a single answer, it could very easily devolve into a long list of anecdotes and stories and possibly urban legends and unsubstantiated FUD. I think the upvotes are because this is an *interesting* question (well, *I* think it's interesting even if it's not truly answerable). — FrustratedWithFormsDesigner, Aug 12 '11 at 14:59
@FrustratedWithFormsDesigner Fair enough, I guess asking for documented examples is similar to asking for stories. — Eric Wilson, Aug 12 '11 at 15:11
Lots of big companies with "enterprise" scale environments use both Tomcat *and* MySQL. The assumption that they don't is just wrong. — Qwerky, Aug 12 '11 at 15:33
"The question is based on a dubious assumption that "enterprise" businesses do not trust free software. That's false." ... I'd disagree, but since you speak for all enterprise businesses I guess its pointless. — , Aug 12 '11 at 15:33
@Qwerky Well, there is another lots that don't consider Tomcat or MySQL, and my question is based on the premise that, rather than me having imagined these companies, I have worked for them. — Eric Wilson, Aug 12 '11 at 15:48
@FarmBoy In that case your opening statement should be "In the following companies I have worked for ......, there is a strong prejudice towards proprietary software. Even in the following large business I have worked for ...... that use Java, MySQL or PostgreSQL weren't used, and WebSphere and WebLogic are strongly preferred over JBoss or Tomcat." — Qwerky, Aug 12 '11 at 15:55
There has to be some bias in the enterprise, because there are a lot of proprietary software companies making a lot of money with no end in site. — JeffO, Aug 12 '11 at 15:56
"licence fees seem quite small compared to being fired for choosing the free software" -- More likely, they are buying support; Proper claims of platform compatibility, phone support, consultants and incident management. It takes a lot of people and a lot of money to keep a database up and running, and having a direct line that **will** be answered is worth its weight in gold. — Sean McMillan, Aug 12 '11 at 16:06
@Sean McMillan. It's perfectly possibly to buy support for Free Software. See Red Hat. — TRiG, Aug 12 '11 at 16:35
Red Hat support is so expensive you might as well be buying proprietary software. — maple_shaft, Aug 12 '11 at 17:22
Close vote (really a migrate vote) because it should be on a different SO site, this is not programmer specific, it's software specific. No downvote because it's a good question. — DKnight, Aug 12 '11 at 17:44
@FarmBoy, what prompted you to ask this question? What do you plan to do with the answer? Just because you are right does not mean you can win the fight. — Job, Aug 12 '11 at 17:55
@Job To your first question: curiosity, and the idea that others would share my interest in the answer to this question. To your second question: I plan to be better informed. If there were a good clear example of an Open Source failure, I would use that information to help other devs to avoid bitterness about architectural decisions that they don't like. I'm not currently in a fight, and I wouldn't think that this info would help in that case. — Eric Wilson, Aug 12 '11 at 18:08

score 10 · Answer 1 · answered Aug 12 '11 at 14:43

10

Are there some prejudices, yes perhaps in some cases. For large organizations however this path to expensive proprietary application servers and other expensive software suites given them some advantages and securities that some rarely think about.

1) Support: Typically when a large corporation has million dollar software the support is built into the contract. I don't need to delve into the advantages of having application support.

2) Leverage: Expensive proprietary software, especially niche software have fewer clients and independent users. If a large corporate client decides not to renew a contract then it can seriously affect the bottom line of the vendor. Many of them use this leverage to push for features and fixes that they may not be able to influence into open-source software. The argument for open-source states that the large corporation can contribute its own changes and features into the project for the good of all, but that would involve developers time which they try to avoid.

3) Security: And I don't mean as in encryption and firewalls and stuff. Open source projects come and go, some are widely supported and surpass the proprietary software. Many fail or just lose contributors over time. If they are stuck with this software for 20 years down the road is the open source community going to continue to support this? With proprietary software, the money you pay as a client encourages the vendor to stay in business as long as you continue to pay him.

As far as a story where open source blew up in my companies face, a long running project that was started on an uncommonly heard of ORM mapper that was open source. The project just stopped as the main contributor died or something, then the company was left with an expensive refactoring effort to move to a proprietary library. It happens and these kinds of scenarios scare the crap out of large corporations.

answered Aug 12 '11 at 14:43

maple_shaft

26,401
11
57
131

3

Can you give specifics on the ORM story? Or is this an urban legend? – Eric Wilson Aug 12 '11 at 14:47
1

http://www.telerik.com/products/orm.aspx from http://www.schematrix.com/products/schemacoder/default.aspx – maple_shaft Aug 12 '11 at 14:57
+1 for at least giving a story which is what the OP asked for. Of course, asking for stories is still close to a "list-of-stuff" type question, but this is an interesting one. – FrustratedWithFormsDesigner Aug 12 '11 at 14:58
NVM, my story is false, I forgot SchemaCoder is proprietary too! For some reason I remember back to it being open source? And the website is back up too so maybe it was brought back. – maple_shaft Aug 12 '11 at 15:03
1

What was wrong with SchemaCoder? Did it break, or did it work perfectly but your company just got nervous because the project went inactive? – Robert Harvey Aug 12 '11 at 15:05
@Robert, Their were bugs cropping up in the generated code and its support for mapping stored procedures sucked immensely. After a while they (I think it might have been just one guy in his moms basement) just stopped dealing with it. A decision was made to go proprietary and widely used. – maple_shaft Aug 12 '11 at 15:11
6

I think the "widely used" (proven) part is key. Many companies use tools like jQuery and nHibernate, and don't think twice about it. – Robert Harvey Aug 12 '11 at 15:14
2

Its possible to purchase a support contract for both Tomcat and MySQL. They are also pretty secure products and are going to be around for the forseeable future. If either suddenly packed up then an awful lot of people would be in trouble. – Qwerky Aug 12 '11 at 15:35
Sooo.... since the example is also proprietary which suffered the same pitfalls that you described for open-source, shall we anull points 1 and 3? Those are more a matter of how well established the software is. Also the amount of leverage a company has over project is also inversely proportional to how established it is, open or no. – Philip Aug 12 '11 at 15:58
4

All the points you cite are valid concerns, but *all are independent of the propietary/free question*. You can get support for free SW (paid or unpaid), you can get new features (by paying someone, if need be), and proprietary software projects can fail or be abandoned as well. I'd say free SW actually wins here, because at least you can do it yourself (or hire/contract someone) if you really need something. – sleske Aug 12 '11 at 16:05
1

@sleske, I am not necessarily FOR proprietary software, I am just arguing the counterpoint because few others are. Corps have lots of money to spend on IT generally, and they LOVE to throw money at third-parties to do as much IT for them as they can, be it data centers, the cloud, support and sofware. They don't even like to do their BREAD AND FRIGGIN BUTTER in house anymore, look at Nike for an example of a truly HOLLOW CORP. They don't even make their own damn shoes! Nike is the end-game for large corporate IT and while they can hire a team to support their favorite open source projects – maple_shaft Aug 12 '11 at 16:25
... they generally won't because they want as little responsibility as possible while making the same amount of money. Even if it is more cost effective to do it in house, they will almost always prefer to pay somebody instead. – maple_shaft Aug 12 '11 at 16:26
2

Well, when a corp goes down (as many have in the history of IT), their users are pretty out of luck. At least with open source, you get code escrow for free, without bringing Lawyers into the mix. – Paul Nathan Aug 12 '11 at 17:00
1

WRT to Nike: It is arguable whether they outsourced their bread and butter business: Taking the point that their comparative advantage is not in manufacturing but in design and marketing, outsourcing is probably the right decision for them. Whether this is the case in all cases of outsourcing, is another point. – Owe Jessen Aug 12 '11 at 17:17

score 5 · Answer 2 · answered Aug 12 '11 at 14:50

I haven't ever heard of any problems that were the result of using an Open Source product. I think the reason for the concern isn't due to some historical failure, but something else.

When you use a commercial product for some task, and something goes wrong, you usually have someone you can call for support. That person (and company) usually has a vested interest in helping you resolve the problem, because if they don't help there's always the threat that you will stop giving them money.

With an open source product, whom can you call or contact? The community? Since you haven't given them anything for the use of the product, there isn't anything you can threaten to take away. You can file a report and hope that it's fixed in the next release, but it's very difficult to pass on a sense of urgency to a nebulous community of people volunteering their own time.

So, the open source product can be vastly superior to a commercial alternative, but at least in my experience, in a corporate environment where you have to plan for contingencies if something goes wrong with it, not having anyone to get support from is a big deal.

That's the barrier I've always seen.

+1 The people who make the decision are usually pretty high up in the food chain, and want someone to blame/lean on when things go wrong. It's all about covering your back. — Qwerky, Aug 12 '11 at 15:37
That should be the Corporate Tag Line, "It's all about covering your back" :) — maple_shaft, Aug 12 '11 at 16:28

score 3 · Answer 3 · answered Aug 12 '11 at 14:54

3

I suspect that companies like Oracle are more relatable to other "for profit" companies; they can't imagine that an organization could turn out a product that's as good as Oracle without also having a profit motive. Of course, PostGres isn't entirely non-profit; there's a whole ecosystem of service providers available that will sell you support.

If you really want to know what the Achilles heel of any product is, you can do a Google search for "[name of product] sucks." It works for any product, including Oracle's. In PostGres' case, you find Postgres DDL Transaction Control Sucks, in which someone describes a hypothetical situation where data was lost on a test server. Of course, losing data is possible on any SQL database if it is mis-handled.

All that said, I haven't heard of any real calamities that have befallen companies because they decided to use an open source database. The quality of the software available in that space is quite good, rivaling and (in some cases) exceeding their commercial counterparts.

answered Aug 12 '11 at 14:54

Robert Harvey

198,589
55
464
673

"I haven't heard of any real calamities that have befallen companies because they decided to use an open source database" Hmmm not necessarily a calamity yet but read up on how Facebook and their unholy struggle with getting MySQL to scale massively. – maple_shaft Aug 12 '11 at 15:06
1

@maple: Ah, but MySQL isn't really "open source," is it? Well, I suppose it technically is, but after Sun bought MySQL and Oracle acquired Sun, MySQL was never really quite the same after that. It's not hard to figure out why. – Robert Harvey Aug 12 '11 at 15:09
I guess there is different levels of "open source". When the primary contributor of an open source project is a large corporation with a vested interest in the long term direction of the project, then you will see many of the independent contributors get snuffed out like the geek at the jocks party. Look at the Android project for a perfect example of this behavior. That and Oracle ruining everything it lays its hands on... – maple_shaft Aug 12 '11 at 15:15
2

'MySQL isn't really "open source,"' -- No **True** Scotsman would do such a thing. – Sean McMillan Aug 12 '11 at 16:09

Owe Jessen · Answer 4 · 2011-08-12T17:32:53.047

To counter the argument of OSS as risc factor I like to give the counter-example of SAP, which is often cited as a major factor in insolvencies of small and medium enterprises - one example is given here: http://www.intl-spectrum.com/article/359/Migration_to_SAP_from_U2_Causes_Bankruptcy_of_Company.aspx

This claims to be a list of the top 10 corporate IT failures: http://www.computerworld.com/computerworld/records/images/pdf/44NfailChart.pdf

It lists introductions of SAP products three times.

score 1 · Answer 5 · answered Aug 12 '11 at 16:38

It's a case of using what is popular/established versus new and presumed less tested. Has anyone gotten fired for using Apache? I'm sure a few websites running it have been hacked to the point of costing money, but did they blame Open Source or those responsible for a poor installation? What is the ironclad propriety alternative?

The question is an attempt to defend one solution, so what is the problem?. Your company doesn't want to use open source software and their arguement of instability is not substantiated by any anecdotal evidence. Create a side project and prove they're wrong. They can pay you the money they save on licensing fees.

Most companies don't publish bad news, so you're lucky if you can get the dirty version from the street.

Are there any notable examples of business disasters directly attrutible to open-source software?

5 Answers5