|
Other than altruism and advertising, I would have one very good reason to open source: not losing the source code. This happened to me once. I wrote a program called BitFont and never provided the source code. My floppies deteriorated or were thrown out and I would love to have some parts of the source code that I would have a hard time replicating, but it's gone, gone, gone! The source is not archived anywhere.
|
|
|
|
|
Yes very good point
Of course now you can create private GitHub repos too and that helps.
But yes I’ve lost software source on old hard drives and CDs too.
|
|
|
|
|
Wow!
Your really thinking serious about this.
I tried to develop several ECommerce platforms, was going to post it on Github to see if I could get some momentum going with it, but decided not to. What changed my mind was how many Angular plugins I was using, where the author gave up on it and abandoned the code. Then I had to abandon their plugin for it was no longer compatible with future version of Angular. Angular was changing so fast, that these authors couldn't keep up with Google and it's shear size compared to a single developer. And that's just a small plugin.
I have a friend that develops low tech construction tools, and does quite well. I choose to develop software, and my friend runs 200x circles around me money wise. I love coding, but these low tech devices are much easier to develop and bring to market than software, and are easier to sell and cash in on. So now I sell my friends low tech stuff and I do quite well, but I still write software, hoping to cash in one day.
People don't want to pay for software and think it should be free. Just like music, books, etc. But people will pay for solutions or systems based on software, if you can prove it will raise their bottom line 30% more, and increase consistency or accurately.
I'm working on a Windows app that several customers wanted, for sending freight out of the warehouse to the destination. It was suppose to be a custom solution for one customer, but I changed my mind and decided to try and make this solution an asset, something I can sell over and over again, and not limit it to a single customer. I'm going to connect the data for this project to AWS, and make it cloud compatible, suggested by my friend that works for Blizzard/Activsion, who is helping me with that part.
I'm not going to waste time setting this up on GitHub, nor make it open source. And I have changed how I think about my app, where it's the data and how it's structured on the cloud that has the value, and the app just allows one to use the data effectively. Then the app can be ported as a web based app as well for low volume users and a monthly fee of $15.
This is a good post and thought to think about. I think for software engineers who think more like an engineer, GitHub or open source licensing is the way to monetize their work, instead thinking like a capitalist, and using other methods to monetize their work.
Nice Post!
If it ain't broke don't fix it
Discover my world at jkirkerx.com
|
|
|
|
|
Thanks for joining the conversation. Great post!!
jkirkerx wrote: Angular was changing so fast, that these authors couldn't keep up with Google and it's shear size compared to a single developer. And that's just a small plugin.
Yes, so true. It's crazy how much work it can be to just support one component within some ecosystem.
jkirkerx wrote: So now I sell my friends low tech stuff and I do quite well, but I still write software, hoping to cash in one day.
Very interesting and very cool that your friend creates those tools. I would love to know what the tools are and how much they sell for. If you can, provide a link.
jkirkerx wrote: But people will pay for solutions or systems based on software, if you can prove it will raise their bottom line 30% more, and increase consistency or accurately.
You have nailed it with that statement. You are totally correct. You have to give them something that they can see themselves making $$ with. I believe my SaaS will do enable that exact thing -- help others save user's encrypted remote data data easier (and then retrieve it). That's why I'm trying to protect it but I also want to share it.
jkirkerx wrote: I'm working on a Windows app that several customers wanted, for sending freight out of the warehouse to the destination.
Sounds very interesting, good luck to you with your endeavour.
Thanks again for posting. Great stuff.
|
|
|
|
|
https://troxellusa.com
He makes the trowels, knee pads, floats. He bought two urethane machines that can cast urethane floats with handles in house now. The rest of the stuff is made off shore, and offered as a one stop shopping center, like the diamond blades, but are his designs. Can't make them here at that low of cost.
I made his original website technology, and he complained that my technology wouldn't sell more than $10K a month, and I told him it wasn't my technology but his marketing strategy. So we parted ways on web technology and I started several online stores to prove me right in which I did. I sell 5x more a month online than he does now, but he banked me and got me started in which I'm thankful. Well he wanted to see who was right in this experiment.
Selling online is much harder than you think, and is not an easy task. I had to overcome 13 other sellers or competitors to get a seat at the table, and I'm number 3 now. I also sell bowling supplies because I'm a bowler and love the sport, but that market became over saturated with new sellers trying to copy what I did, and I'm watching them fail rapidly over the last 4 months. They bought too much inventory and can't sell it now, and they need the cash to pay for the inventory, so they lowered their prices to just below cost to save themselves and their credit scores. They didn't understand market dynamics and accounting in general, and didn't save their profits to build a bank to pay for higher quantities of inventory when markets are moving at higher velocities. They basically bought Barb-ques when they were hot at the end of the cycle, and the market for them cooled off and they got stuck with 100s of them like Walmart did. So all those YouTube videos showing successful people cashing in are fake, and only line the authors pocket with cash.
If it ain't broke don't fix it
Discover my world at jkirkerx.com
|
|
|
|
|
The people who pushed the Open Source narrative were complete idiots who destroyed a growing cottage industry for third-party development.
Obviously, these people never had to work to support themselves and believed that giving away software was an intelligent business model.
As a result, few of us can make any monies off our endeavors leaving most such development to the hopes of many that by delivering core programming without charges will allow for the development of paid extensions.
I imagine some have been lucky with following this model but how many?
I have already produced three commercial products with none being able to attain any monetary benefit, though all of my products are unique unto themselves, with one of them competitively priced against the 2 major vendor products.
This being said, the Open Source paradigm has allowed all of us to study different types of development paradigms while also gaining access to software we would have had to originally buy.
However, the Open Source paradigm should have been thought through better with an understanding to the consequences of destroying profit-making enterprises.
But all this has now been lost with the only option being that everyone start building their products as "shareware", which was once popular in the 1990s and early 2000s, leaving Open Source to code-snippets and concept code...
Steve Naidamast
Sr. Software Engineer
Black Falcon Software, Inc.
blackfalconsoftware@outlook.com
|
|
|
|
|
I agree with your astute assessment of the situation 100%.
It does feel as if the OSS movement was more than just about sharing but was more about disabling the ability of sole devs to earn income from those things they create.
The way they created that system was either a spectacular mistake or a genius-level subtlety for destroying ability to earn income from software. I'm not sure which.
|
|
|
|
|
Considering what both the Republicans and the Democrats have done to our nation in the past 30 years, I wouldn't be surprised if this was a first step in undermining what was once the crown jewel of American industry...
Steve Naidamast
Sr. Software Engineer
Black Falcon Software, Inc.
blackfalconsoftware@outlook.com
|
|
|
|
|
The most obvious valid reason to release code as OSS if you are a stand-alone developer is that it will add credibility to your CV.
Then not only you can claim that you know how do/use X, and there is also tangible proof of it. And a better CV means higher pay.
Another not so obvious reason, if you give out the source code then paying customers will be easier to lure in because if you stop
working on it, they are not left with a binary blackbox which they cannot use/fix.
Now, you may argue that the latter is not OSS but it depends on what your business model is. OSS is a distribution stragegy
that may, or may not, make sense for you business.
A typical scenario where it makes sense is if you are selling hardware, e.g. an IoT for a niche market. At my current company
we are using an LTE router with specific hardware I/O, which runs OpenWRT customized by the vendor. They can, and do, give us
almost(*) all of the source code because their advantage is the hardware, not the software.
(*) and I wish it was really, really, really all of the source code. I stumbled the other day on a bug from an OSS library that
our vendor uses, but that is bundled together into a binary blob with their own private code. If I had the full source, the
fix would have been done by me that very same day. Without it, I have to wait 6 months (at least) for them to make a new distro release.
|
|
|
|
|
I started an open source project on Github back in 2014.
Its initial purpose was to share some of the techniques I used to replace the STL with a library that was more tailored to C++ embedded projects.
Over the years it became more and more popular around the world and now I have many hundreds of users registered on the project's Slack group. Over time (nearly 9 years), feature requests and my own additions have turned it into a major project that can take a significant amount of my spare time, to the point where it could easily be my full time job. I've tried to monetise by asking for sponsorship, so I can earn my living from the library, rather than fitting it around the day job, but sponsorship only brings in beer money. Developers are keen to financially support the project, but their managers can't see the point of paying for what they're already getting for free. I've tried offering 'paid support', but there were few takers.
I have to admit that I have become very cynical of the whole business of companies using my unpaid work to boost their productivity and profit, on a project that, if I were creating it as part of a full time role, I would be paid very well for. I'm feeling like I am just an unpaid employee to most companies.
I can easily see why some projects are pulled or abandoned.
|
|
|
|
|
Thanks so much for sharing your real story.
Your post is fascinating to read and you really conveyed the feelings that come with putting so much into a work and have it succeed (being accepted and used a lot and helping devs) while not really being able to taste the true success that should be yours. I'm very sorry that has happened.
I think this statement you made really sums it up:
John Wellbelove wrote: Developers are keen to financially support the project, but their managers can't see the point of paying for what they're already getting for free.
That's really terrible.
Unfortunately, yours is the story of OSS that I've discovered the most and it is very sad.
John Wellbelove wrote: I have to admit that I have become very cynical of the whole business of companies using my unpaid work to boost their productivity and profit, on a project that, if I were creating it as part of a full time role, I would be paid very well for. I'm feeling like I am just an unpaid employee to most companies.
I'm very sorry for this. I wish there was a way you could now flip the switch and force all those people who are using it to pay a reasonable fee or else the software would evaporate from their systems.
John Wellbelove wrote: I can easily see why some projects are pulled or abandoned.
Additionally terrible is the fact that those devs who have pulled their stuff have ended up suffering at the hands of social media telling them that they are the terrible ones. It's such an upside down system really.
Thanks again for sharing such a great (and emotional) story.
|
|
|
|
|
I think here needs to be a corporate culture shift in their view of open source software. If they don't start to support it, then quality OSS projects will start to disappear or stagnate.
|
|
|
|
|
Bit late to this discussion but...
1) you have a job that pays you, like academia, or you're a student and you write something that you don't have the time or inclination to turn into a commercial product - 'cos you have a job.
2) you write something in the course of a bigger job, a utility or a library or an interface to some other library (e.g. C++ front end) that has no commercial value in itself and, as others have said, you're happy to share and show off.
3) you've written something that you thought you could make some money from but it was unsuccessful. There is actually quite a bit more to commercial success than just building the better mousetrap. Publishing as open source might yield some crumbs from an otherwise failed adventure.
I've done all 3...
|
|
|
|
|
I understand that there were changes to minimum key size for code signing certificates that increased from a minimum 2048 bits to a new minimum 3072 bits on June 1, 2021, and a need to put the certificate/token on a compliant hardware device (such as a USB stick).
The sites I visited ask anywhere from USD$90 to $USD$299 for the USB stick (which sots about USD$3 or less). Does it cost that much to make batches of USB sticks compliant? I cannot imagine that.
In past years, I paid less than USD$100 for a 2-year code signing certificate (I use them on my NuGet packages). Now it is USD$300 or more. Per year. And if I opt for multi-year to lower that price by a little, they don't bill once a year for the committed amount. They bill for every year up front.
For an individual developer putting out open-source binaries (like NuGet packages or some other app), that is prohibitively expensive.
If anyone has more insight on why the huge price jump for just making the key length longer and providing a cheap USB stick, I'd love to hear it.
Thanks
|
|
|
|
|
|
Does Let’s Encrypt issue certificates for anything other than SSL/TLS for websites?
...
Email encryption and code signing require a different type of certificate that Let’s Encrypt does not issue.
That might be something to do with it.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Pete O'Hanlon wrote: Is there a reason you can't use Let's Encrypt[^] or Cloudflare[^]?
Good question, and one I had earlier.
SSL certificates for websites are not the same as code signing certificates. Neither of them offer code signing certificates, only SSL certificates for website https use.
|
|
|
|
|
It's the most mind blowing profitable business racket: let me sell you a number! Certificates are essentially a number and there is no chance of running out of them. Now they don't even sell those; they lease them for a year. Isn't that genius?
Mircea
|
|
|
|
|
I get what you're saying, but surely you realize it's not just the "number" they sell you; it's the whole trust chain that has to be in place before yours can be trusted.
|
|
|
|
|
I know, but it's still funny. Reminds me of that game: "You say a number. If I say a bigger number I win."
Mircea
|
|
|
|
|
The verification part is quite extensive, if done properly. My previous employer had code signing certificates: The issuer demanded lots of official documentation as a proof that the company was the one it claimed to be, it required phone numbers that they could call to specific persons and ask them for a secret password etc. etc. Lots of this verification could not be automated, but required a lot of manual work. You are not paying for the USB stick, but for the work of verification that you are you. (They may have been doing a lot of checks that you never noticed or knew about.)
Maybe there are certificate authorities that are a lot more sloppy/lenient in their verifications. But as an authority, they have a great responsibility, comparable to that of a passport office. Your passport is a proof of your identity, guaranteed by the passport office. The code signing is a proof of the code's source, guaranteed by the certificate authority.
An email certificate doesn't prove much: It proves that the mail originates from one who received the certificated sent to address someone@somedoma.in. Nothing about the person, organization etc, only the mail address, which is implicitly verified by the certificate being sent to this email address. All can be done automatically, with no manual operations. So an email encryption certificate should be very cheap, or free.
|
|
|
|
|
That makes sense. But since the one who issued my previous code signing certificate did that already, the renewal cost should be a lot lower.
|
|
|
|
|
I am an IT Manager. My department produces OEM software among other "normal" IT tasks. Our software is used to create USDA inspection data. We are required by the government IT Modernization mandate to maintain a Code Signing Certificate in addition to regularly scanning our code for security weaknesses and vulnerabilities. We use AppScan for our code scanning and GlobalSign for our CSC's. My point is that in some instances, there is an absolute requirement to obtain and maintain the Code Signing Certificates as well as code scanning. Without the Code Signing Certs, Windows Defender, AVG, and the other AV software will either disallow installation and operation, or even delete the files outright at times. Yes it is expensive, but is a cost of doing business for some of us.
|
|
|
|
|
ok, that makes sense RE: paying for all the work to do the manual verification etc, but that doesn't address why they charge the same year in year out.
why not a lower fee for successive years.
If your going to buy a new cert and you get all the verification done, your not going to change much of what was verified every year. You MIGHT have a slight change in staff rotation, but that could be handled by getting the old person to get in touch, provide the existing password or whatever, then hand over to the new person.
In my mind $300 for the first year (Because of all the work) then $100 per year continuous after that, with perhaps a re-verification once every 5 years or something similar.
|
|
|
|
|
trønderen wrote: You are not paying for the USB stick, but for the work of verification that you are you
And likely third party audits that insure that company is actually doing what they claim.
|
|
|
|
|