#OpenSource: Trust vs. Usage

When I published my article about open-source and the way I see it as an ecosystem, I received some – very welcome and critical – feedback from a very valued Microsoft employee and architect, who rightfully pointed out, that Microsoft is among the biggest contributors to open-source frameworks and -foundations – and still I don’t trusted them.

He is absolutely right in his analysis: I don’t trust the company and most of its products.

Let me explain that.

First, I have some history with Microsoft. I have been Microsoft Most Valuable Professional for ASP and ASP.NET for several years in a row a decade ago. And I am very, very thankful for this – I got to know many very talented and experienced people, great products, loved the atmosphere and the cultural diversity at Microsoft. I still do, at least in regard to most of the aspects I just pointed out (subtract the products, which is what I am going to explain here). Later, I was working with a small group of awesome, smart and talented people in regard to Windows Phone and Windows Mobile – I was teaching on behalf of Microsoft, wrote several very successful applications for the platform and truly loved all of this. And I still do. I even considered several times joining them as Evangelist and Architect.

I lay that out to make clear that I am by no means a hater or a disappointed fan boy or something similar. I truly love many aspects of Microsoft, I have the fullest and most honest respect for many of its employees and from a technical perspective I can understand a lot of excellence within their products (and some of the excellence is way beyond my level, to be honest).

But: I don’t trust Microsoft.

And the reason for this is: They are not an open-source company. Their products are mostly closed source. Their platforms are closed source. Azure is closed source. And their business practices are embracing closed- and proprietary source ecosystems over open-source ecosystems.

It is absolutely true and needs to be acknowledged that Microsoft is amongst the biggest contributors to open-source ecosystems. And they even open-sourced many of their own products. Thank your for this, Microsoft!

But: I don’t trust Microsoft.

My point is this: Regardless of how much valuable and excellent work you put into open-source technologies – it does not increase the trustworthiness of a proprietary environment or a proprietary ecosystem. Because it is not completely transparent. It is not completely open. There are substantial blind spots in the software and the ecosystem.

Take a picture: If you add layers of glass (open-source glass for the matter :-)) to each other, it stays transparent. But just one layer of – say – concrete or wood in between makes the whole transparent stack in-transparent. You won’t be able to see through all the layers. And that is enough, because you don’t see what is going on with that stack of glass.

Transfer this picture onto a cloud-environment, and it immediately becomes apparent: How are you supposed to trust this environment, if it is not transparently laid out? What do you trust more: The words of the people who built it, revisors and auditors? Or a community of experts, who constantly review and audit?

To me, the answer would be obvious: I would trust the community of experts (plus additional auditors and reviewers). And that is regardless of the awesome quality, the overwhelming quantity and the sum of funding that is put into open-source projects, because – again – it is a matter of trust.

What does that imply for Cloudical’s offerings?

Good question! Thanks for asking!

The same measurements need to be applied here! If we ever create a software stack (and you could bet it would be a Vanilla software stack), we would need to open-source it. Without discussion and dispute. It would be a matter of trust!

Actually, the foundation behind our Managed PaaS– and Managed SaaS-service-offerings is an open-source software-stack. It consists of SUSE-products, such as CaaSP (Kubernetes) and CAP (Cloud Foundry), plus additional scripts and tools required to roll it out and to operate it.

Although we are speaking of a service on a platform stack everyone can easily roll out on its own (well, actually, no, there is a LOT of effort and a TON of knowledge in it), we will open-source it, within the next two to three months. Because we are committed to this kind of thinking, to transparency, trustworthiness and open-source.

Thanks again for asking. And thanks for commenting – and being critical on this and with me.

And yes, I still love Microsoft. 😉