Twitter
Advertisement

Open source is not dead

Latest News
article-main
FacebookTwitterWhatsappLinkedin

Ever since the Heartbleed bug wreaked havoc, people have started believing that open source is not secure anymore. In an exclusive interview with Dirk-Peter van Leeuwen, Senior Vice President & General Manager, Red Hat, Asia Pacific, Krishna Bahirwani explores how true that is and what the future of open source will be like for India and for the rest of the world.

Q. How much of a hole has Heartbleed created in terms of confidence in the open source industry? When TrueCrypt went down, I believe that it hit the open source industry in a bad way.

DP: Well, I’m not convinced that it did. Honestly, I think it goes to prove that open source is very resilient against these issues because security issues occur daily with any product. It is not a unique event that there is a leak somewhere or vulnerability elsewhere. The key difference I think is that in open source everybody can see the leak; it cannot exist without anybody knowing like it can happen in Microsoft where it can exist for years and nobody can find out because nobody knows. In open source it is completely different. When Heartbleed happened, everybody knew. The resolution was instant. We had very little turnabout time in fixing it. At Red Hat specifically we have a Security Response Team where we have people waiting in case this stuff happens and we respond quickly and close the leak which is unique to open source in that sense. In Microsoft if you’ve noticed, they will announce the fix at the same time that they announce the vulnerability. So it may look like there never was a risk but you don’t know what you’ve lost. If you compare that to what happened in Heartbleed, I would say that open source is so much better than any proprietary vendor.

Q. What differentiates RHEL from other Linux distributions?

DP: I don’t think you can compare Red Hat to other Linux distributions because we are not a distribution company. We have a business model on Enterprise Linux. But I would compare the other distributions to Fedora because it’s a community-driven distribution. The commercially-driven distribution for Red Hat which is Enterprise Linux has paid staff behind it and unlike Microsoft we have a Security Response Team. So for example, even if we have the smallest security issue, we have a guaranteed resolution pattern which nobody else can give because everybody has volunteers, which is fine. I am not saying that the volunteers are not good people, they are often the best people in the industry but they have no hard commitments to fixing certain things within certain timeframes. They will fix it when they can. Most of those people are committed and will immediately get onto it. But as a company that uses open source you have no guarantee about the resolution time. So in terms of this, it is much better using Red Hat in that sense. It’s really what our business model is designed around; to give securities and certainties to the customers who want to use open source.

Q. Where do you see the future of Linux in India going?
DP: Specific to India, I think the journey has been very interesting. We’ve had a large adoption of open source across enterprises. In the last three years specifically, if I have to pick up verticals, we have seen an increased interest from Telcos and FSI – two primary adopters of proprietary technology looking at how they can transform into open source solutions. One has to clearly look at sending across a message that while every corporation or vertical in India is looking at adoption of open source, the choice of whether to go for Red Hat Enterprise Linux which is certified and provides the support of the entire ecosystem to function within a secure environment versus a normal distribution has to be clearly evident.

Q. What role does RHCE or RHCSS play in the Red Hat ecosystem? The certification itself makes a difference. Because when you do a systems administration Linux course which is offered by the Linux foundation, it is meant to apply to every distro of Linux. But when you go into the details of each distro, there are differences which make each one of these platforms unique and I feel that with the RHCE you are trained to perform on one platform, you know that one platform well enough to be able to go ahead. Is the encryption the same in the RHEL as it is in the other Linux distributions or do you have something special?

DP: While I agree with you regarding the certification aspect, in terms of encryption, we have secure-enhanced Linux right, which is fairly unique. It has tight security which is one of the reasons why even governments use it.

Q. How do you believe that open source is encouraging innovation?

DP: Red Hat came first as a disruptor to the existing establishment – we disrupted UNIX, we disrupted Windows and everybody said that well, they are just playing around with code and you can’t take this seriously. In the meanwhile, we proved it otherwise and now every single enterprise is using Linux as a platform. So what we’ve done as a company is that we challenged the establishment and we’ve made available to them some solutions in open source that were previously not available in open source. They were only available in proprietary. We have now taken a leadership role in IT. Open source is now defining trends in IT – cloud computing is a great example there. We are the key contributors in cloud with OpenStack and we have also acquired Ink Tank – the company behind Ceph, the most popular system for OpenStack. That also changes the way that people now deal with storage because the whole storage ecosystem that we were previously using has now become totally commoditized. We created a software layer which addresses specific requirements. The hardware can be any standard hardware – it can be an Intel box, it can be the oldest box you have, it can be the newest one – the layer above will manage it and that’s really what we do now with storage.

Open source is disrupting the market tremendously. It previously disrupted the traditional software side, now we are disrupting the hardware side because not only is storage changing, but with software defined networking, everything can get virtualized now. Virtualization was previously something where VMware had some market share, but we have passed that stage long ago. We got Kernel-based Virtual Machine or KVM, which is way more solid, way more integrated into the kernel layer and therefore a better virtualization solution.

Take that to the next step and you start taking what telcos do – all the functions that you currently still buy; you know the black boxes that you pay a lot of money for to the establishment – all of that goes into software and that becomes completely software defined network.

There is no specific need any longer to buy specific hardware brands. You can use any standard hardware and have all the functionalities. The same goes for storage and it will continue that way until everything becomes a virtual solution. Container technology has the same story. Software development now goes in a whole different direction where you no longer look at virtualizing an operating system and everything inside it. The applications with the key components it used become a container and they become compatible across platforms. There is no longer one vendor deciding what the customers want.

The customers have become extremely smart in knowing how to use software, not to name specific customers but in general, the Amazons, the Googles, the LinkedIns and the Facebooks of the world decided that what they needed for their environment was not something that any vendor could supply to them. So they went into the open source community, they got people to work and help and build solutions and those solutions have now been adopted as what we call cloud computing. Just like with Linux, we now do it with cloud computing in OpenStack.

We bring it to the market in way that is packaged for them to use and to have all the security that they need from Red Hat. But effectively, there is no longer one proprietary vendor that dictates this because the customers no longer accept this; they no longer like to be told what to do. Crowd funding is a great example of a phenomenal impact of how things are being developed, funded and brought to macro.

That’s what gets you into DevOps – where you can very quickly develop and deploy but the other good thing about it is that you can very quickly fail. So the risks are smaller in effect because if you fail you can quickly start again because if you make an application and it doesn’t work and you’ve spent a couple of weeks perhaps making it, a couple of months even.

Previously, you would design things for years and get every single thing ready and then decide how you will deploy it and distribute it and your investments were huge over the many, many years and then you would wonder whether you would get returns or not. But with the cloud environment, you can develop something overnight and if it kicks off, the next day you could be a millionaire.

Q. How does Red Hat enable choice instead of control? Is Red Hat in any way customer driven?

DP: Yes, absolutely! We have solutions such as OpenShift, our DevOps offering to the market where people can go online and get a complete development environment which has been designed specifically for the cloud. You can create your application, deploy it and put it into any app store the next day and if you find that there is a big uptake on it, you can actually distribute it to a different app store somewhere else in the world. You can buy more capacity from whoever offers you capacity and your deployment is so much easier than having to buy datacenters or offices and buildings. All of this has already been made possible due to open source. It’s only open source that has given this agenda because if any proprietary vendor would have been able to control it, they would have controlled it and monopolized it and it wouldn’t have taken off at this speed. That’s what I really like about Red Hat. Choice has always been the cornerstone of our existence; it’s what we have always done. We have always offered choice to our customers. We don’t own any Intellectual Property Right over anything that we supply which makes us even more unique because if you look at other companies that sort of embrace open source, they always do it half-heartedly. They are using it as a marketing tool to get their customers to see that they are actually buying an open source solution but effectively it is their way of locking the customer back in. They combine some open source component with proprietary and that results in a lock-in the end.

Q. Why do you believe that open source gives better programs as compared to proprietary vendors?

DP: The beauty of open source code is that developers are aware of the fact that everyone is looking at their code and so they develop the code to be clean and well documented because there are a lot of credits to be given to good developers. If you are in an open source environment, everybody sees what you do. The programmers and their codes are more exposed to each other. It becomes a part of their pride. It’s no longer the result that counts as much as the actual code that counts. That makes them act accordingly, otherwise they lose credits. There is a lot of honor in open source.

Q. Is there any particular reason why open source is lacking in particular spaces like music, for example?

DP: One of the things you need to understand with open source is that it’s part of the reason why Red Hat exists. Not everything is attractive but some things are really, really needed. And specifically in the area that we operate, we have thousands of developers because there are certain parts of the code that need to be written which are not considered attractive in the open source community but they are extremely important for the success of the solutions. So we employ those people to make the code that is required, then we open source it; that is what we always do.

The answer to your questions lies a little bit in that. It is not the sharp end of technology, it is not something very new and people are often not that interested in making it. There are so many ways of distributing music and so many ways of listening to music that you are not really doing anything ground breaking if you make something like SoundCloud – which is open source and already exists.

We definitely sponsor the open source community in doing these sorts of projects and nobody is stopping anybody from developing a solution that they require. With the way the industry is growing, we will probably pick up on it and follow it but it all boils down to popularity and demand.

Q. Why according to you is open source such a disruptive force?

DP: Red Hat initially had to challenge the establishment but now we are at a point where we are taking on the leadership role and that is transformation. Look at what happens now in OpenStack. All the traditional proprietary companies like HP and VMware are all raising their hands and saying we want to do OpenStack too. We are suddenly getting a lot of heat from the success of open source. It’s disrupting the business of proprietary vendors. Now they realize that the market is going the open source way and that they need to position themselves in a way that ensures that their customers don’t move away from them.

This is the principle of ‘If you can’t beat them, join them,’ right? So that is the reason why you suddenly notice the very odd ones joining the OpenStack community like VMware announcing something that is totally contrary to what they have ever done and probably questionable in terms of whether there would be any good coming out of it. But more than anything else it is marketing and positioning to make sure that they don’t lose their market share. So I think that is a proof point of open source taking more and more ground from the proprietary establishments and therefore you will see more and more 100 per cent open source solutions.

Q. Do you see a lot of unfair play in the closed source market with customers being arm-twisted by proprietary vendors?

DP: I wouldn’t call it unfair play because I am not close enough to it but what I do see is the ability for people to be able to choose is not always there and that is a very important thing for open source; to at least look at the alternative and give people the option. Closed source restricts the competition if you don’t look at the alternative being chosen. This is especially true in Government and Government tenders. It is important that they are structured in a way that they don’t design themselves completely into Microsoft.

Q. Do you believe Governments need to be going the ‘China’ way by adopting open source?

DP: Open source can definitely play a big role in securing Government confidential data. There is indeed a problem with the security issue and we see in countries like China where the Microsofts and the Oracles of the world are way less welcome than before especially after the Snowden case and they do get paranoid about what they are getting into by using it.

So that is more a technical aspect about not having a choice for open source. The commercial one is where you see Governments spending too much public money on things that could be done way cheaper with open source. So it’s a matter of politics and spending community money in the right way. Should Governments really pay millions to proprietary vendors? I don’t think so because what you are getting in return for it doesn’t really own up to what you’re paying.

That’s disruptive as well and nobody likes saying that. China propagates something called BAT – Baidu, Alibaba and Tencent, China's top three Internet companies. They are being heavily propagated in China and their solutions are being provided.

Find your daily dose of news & explainers in your WhatsApp. Stay updated, Stay informed-  Follow DNA on WhatsApp.
Advertisement

Live tv

Advertisement
Advertisement