Silicon Valley Cocktail Party Small Talk

Whether you scan the newspaper headlines once in a while as you pass the newsstand, or multitask with NPR in your headphones, New York Times RSS feeds to your laptop and CNN Headline News ported to your mobile phone via Slingbox, it's important to have a few interesting tidbits of recent information readily at hand if you happen to attend a cocktail party or other social gathering.

While the subject of open source software might not be the key to climbing the social ladder in many places, it would be a clear hit in Silicon Valley Extended (e.g., beyond the San Francisco Bay Area to include the Raleigh-Durham Research Triangle, Bangalore, India and other places that live and breath technology). With that in mind, here is a list of 5 important issues in open source that will likely continue to heat up over the coming months (in no particular order) and that are worthy of discussion with your tech colleagues:

1. Security of Open Source Software. When Fortify Software released its report on security in the open source software industry, it created an immediate reaction. Fortify noted that typical community open source development models and projects often do not incorporate the types of security safeguards that enterprises like to see. It was a critique of process more than security features of the software itself. While the underlying message was sound, it created an immediate reaction from (a) the open source development community, which took issue with the implication that open source software is not secure (in fact, a pillar of open source adoption has always been that it is more secure precisely because it is open and subject to constant testing), and (b) anyone else who wanted to spread fear, uncertainty and doubt ("FUD") about the open source industry. Commentators like Dana Blankenhorn recognized the overreaction by the media and others in their blog posts. Bottom line: While open source software processes are not always at the level of security typically employed by enterprises, the software itself is largely secure, and likely more secure than its proprietary counterparts.

2. Cloud Computing. Cloud computing is the availability and use of computing resources over a network when the actual machines used for processing tasks are not specifically identified ahead of time and are reassigned frequently. One fear for users of cloud computing (like Amazon's EC2 offering) is that the cloud will break and the one vendor that controls it will not be able to fix it. Even worse, user data will be stuck in the cloud. Classic vendor lock-in. As noted by the 451 Group, many believe that an open source cloud platform would reduce these risks and a number of alternatives to Amazon and the other big name cloud vendors. Bottom line: As in all other segments of the software industry, cloud computing vendors need to be aware of the disruptive capabilities of open source.

3. Mobile Infrastructure. Apple has been getting virutally all the buzz in the mobile market because of its release of iPhone 3G. While the closed nature of the iPhone's architecture has drawn heated criticism from the Free Software Foundation, it has gotten at least a temporary pass from the type of widespread critical commentary you might expect from others in the open source community. In parallel, the open source community is looking forward to LiMo and Android as the first true open source alternatives. Out of nowhere, Nokia's recent acquisition of the outstanding stake in the Symbian mobile operating system added even more strength to the mobile open source movement. In addition to the platform, we also have companies like Funambol, which has already brought a level of freedom to the mobile market that was previously unheard of. Bottom line: Open source will see rapid adoption in mobile, and they are just now getting their ducks in a row.

4. Virtualization. The recent emergence of virtualization technology presents a significant challenge to open source licensing. Virtualization enables the creation of software appliances, which combine software components into a finely tuned package. According to rPath, a one of the thought leaders in software appliances, virtualization can be used to combine operating systems, open source software and proprietary software into a single package without violating open source license obligations or subjecting proprietary code to copyleft. While the legal analysis is too new to have been well tested, it is easy to foresee scenarios in which virtualization is used to avoid they types of product interaction that would have been deemed a modification or derivative work of an open source work, and be subject to copyleft. Bottom line: The industry is just now starting to apply deeper levels of creativity in how virtualization is used, and the impact on all types of software license models, including open source, needs to be carefully considered on a case by case basis.

5. Standing to Sue in Open Source. From the open source perspective, one of the biggest limitations on enforcement of copyleft open source licenses is that the entire responsibility of enforcement falls on the copyright holder. If the copyright holder either doesn't want to pursue a license violation, or doesn't have the resources to do so, no one else can undertake that responsibility on behalf of the community. An enforcement mechanism that enables community members who lose access to source code that otherwise would have been available would solve this problem, but this would likely require a change to the copyright statutes themselves. Another option would be for the open source community to use its collective influence to urge copyright holders to either enforce their rights, or assign them for others to enforce. Bottom line: Nothing is likely to change any time soon on the legislative front, but a community body might be able to find alternative means of enforcement.

BONUS

6. Software/Platform as a Service. GPLv2 and v3 are extremely effective in applying copyleft to software distributed in the standard ways (through online download or on physical media). These licenses, however, have no effect on software used solely over a network connection without any distribution. The Affero GPL was created specifically to address SaaS and PaaS models by applying copyleft to software accessed over a network. The Affero GPL has seen modest adoption (125 projects, according to Palamida ), and Funambol CEO, Fabrizio Capobianco has been a fantastic advocate for the license including by adopting it for Funambol open source projects. Bottom line: With the growth of SaaS/PaaS, coupled with the growth of open source, more service providers will take a serious look at AGPL, which will likely increase adoption.

Please share your thoughts on the key trends in the technology industry that will impact the open source world.