Subject: Re: Nessus 3.0's failed community
From: "Stephen J. Turnbull" <>
Date: Wed, 30 Nov 2005 10:20:51 +0900

>>>>> "Michael" == Michael Bernstein <> writes:

    Michael> Also, under those circumstances, every time you hire
    Michael> someone from the community you'll be diminishing the
    Michael> public sphere, and the effect will be noted very quickly.

Typically adversely, often accompanied by verbal attacks.  Putting
bread on the table of the big contributors' families is a sin in the
eyes of many in the (overall) community.  :-(

N.B.  I think everybody here on FSB recognizes the tension between
serving your customers and serving your community, and that here the
discussion is about how to handle that tension responsibly.  But
adverse publicity that attends any shift of resources or leadership
from the community to a corporation has to hurt, both the community
and the firm.

FWIW, I suspect that an important factor in the Nessus case is that
Nessus is a focused, specialized application, not a platform.  With a
platform like GNU/Linux, on the community-origin side, or Eclipse, on
the corporate-sponsored side, everybody can have it their way by
contributing the module they want most.  Along the way they'll note
and help fix bugs in the platform.  And because a platform is such a
broad thing, there are plenty of shallow bugs, and of course "plug-in
architecture" means most extensions have no more depth than the sheet
of paper you print the API on.

But in the case of a focused application, the better it gets, the
harder the bugs are, and the more satisfied the majority of community
users are.  They are necessarily going to lose interest in working on
a "good-enough" project and lag in the competence to do so.  The
corporate interest isn't in fixing the UI warts that bug the
relatively casual "community users", it's in "big wins" that only the
(usually corporate) industrial strength users are willing to pay for.
Thus, corporate and community interests diverge.

