The Open Source Business Model
Much of the software that powers the world’s largest companies, protects our personal data or encrypts national security information is open to the public. Anyone can download the source code behind Facebook’s user interface, Google’s Android operating system or even Goldman Sachs’ data modeling program, and use it as a building block for a totally new project. What’s more, lots of this software is actually developed collaboratively, created and maintained by an army of thousands, from unpaid volunteers to employees at competing tech companies. This is the collaborative world of open-source software, where code is written and shared freely. If individuals catch a bug or see an opportunity for improvement, they can suggest changes to the code and thereby become a contributor to some of the biggest software projects on Earth.
So how is open-source monetized, when the product is basically given away for free?
Selling support services, subscriptions and/or commercial versions
Red Hat, founded in 1993, was the first to figure out a successful business model, which relies upon selling support services for its operating system, Red Hat Enterprise Linux. Anyone can download the software for free, but if businesses want technical support and greater security, they’ll need to buy a subscription.
After decades of commercial success, IBM officially acquired Red Hat in 2019 for 34 billion dollars. It was the largest software acquisition in history. It’s really groundbreaking, and it just shows the power and success of open-source across the world, across the industries.
The Open-Core Model
While Red Hat’s 100 percent open-source model has been hard to replicate, other companies like database program MongoDB and integration platform MuleSoft, rely upon an “open-core” model, meaning the basic features are free, but add-ons and other useful elements are proprietary.
As these companies have racked up multi-billion dollar valuations, there’s no doubt that on the enterprise level, there’s big money in open-source.
As for the individual developers, the hobbyists who contribute to and maintain open-source projects just for fun, their path to profitability is much less clear.
How people make money in open-source?
They don’t.
A lot of them are volunteers and they do this in their free time, in the evenings and on the weekends. But sometimes these “just for fun” side projects end up becoming widely used, critical to the internet infrastructure that we generally take for granted. Certain projects get so popular and so widely used that, you know, they’re in every product. They’re used by every company. And then this result of like, you know, massive Fortune 100, Fortune 500 companies building their businesses on top of this code that’s written by hobbyists for who knows what reason.
GitHub Sponsors Program
Now, companies are taking note and helping to formalize new funding models. In 2019, GitHub rolled out their Sponsors program, which allows developers to give and receive recurring donations for their work. We already have some people who are making their full living on GitHub Sponsors, so they don’t have another job. People prefer the freedom of being able to just follow my interests wherever they go and solve whatever problems I think are interesting. It’s still early days, but if funding models like GitHub Sponsors pay off, we may see a new class of software engineers eschewing traditional tech jobs in favor of independent, open-source work.
The contribution is green but not the grass
As one might imagine, problems can arise when critical systems are based on software that’s maintained by unpaid volunteers with no professional obligation to see to the maintenance of the project. This issue came to a head in 2014, when the security vulnerability dubbed Heartbleed was found in OpenSSL, an open-source encryption technology that’s used by the majority of web servers to protect user’s personal data.
The flaw has gone undetected for about two years and has exposed millions of usernames, passwords and possibly credit card info as well. They left this lock capable of being picked because they didn’t write the code quite right. And when they looked into it, the OpenSSL team was tiny. It was just a few people, who were mostly working on donations, and their donations had started to dry up. And understandably, these incredibly talented programmers had a hard time justifying spending full-time on this, even though it was one of the most important building blocks of the entire Internet. Ultimately, organizations like the Linux Foundation pulled together to provide financial support for OpenSSL, as well as other critical pieces of underfunded open-source software.
The disaster has served as a wakeup call for an industry that still largely relies upon unpaid labor.
