Subject: Re: Computer Survey on perceived advantages of Open Source
From: Adam Turoff <ziggy@panix.com>
Date: Fri, 13 May 2005 15:45:21 -0400

On Fri, May 13, 2005 at 12:19:14PM -0700, Cliff Schmidt wrote:
> There are certainly a number of ways to measure risk, but I'll just address one:
> IMO, it is riskier to build an application against a proprietary MySQL
> feature/API/query language than to build an app against Oracle's
> SQL-92/99 implementation.  

Aha!  You're using vendor lock-in vs. standards adherence as a proxy for
open/vendor owned/proprietary.  Sorry, but that's a specious argument.  

The problems with vendor lock-in occur with any technology, regardless
of how it was created.  In this example, you could drift away from
standard SQL support and start relying on vendor-specific features
whether you are using Oracle, DB2, Sybase, MySQL, PostgreSQL or even
SQLite.  The business model is totally irrelevant.

You could make an equally compelling argument for the converse: better to 
use MySQL and its implementation of SQL-92[*] instead of Oracle+Extensions.

[*] Or the subset of SQL-9x that MySQL implements; ISTR MySQL does
    everything shy of stored procs.  Sorry, but I didn't check 
	standards compliance among database vendors this week....

> I guess what I'm saying is that I feel that
> many users think that just because a vendor open sources a product,
> you don't have to worry about lock in.  

Right.  The open source label isn't some form of magic pixie dust.  
Open source doesn't trump vendor lock-in.  

That doesn't prevent "vendor lock-in" from occurring in community-run
open source projects, either; look at PL/Perl and friends.

> My point is that when you
> venture outside of broadly adopted industry standards you (for all
> practical purposes) are just as locked in with a single-vendor open
> source solution as with a single vendor closed-source solution.

...and that issue is orthogonal to the model behind an open source project.

So, how a vendor run open source project de facto *worse* than a
community run one, or a proprietary replacement?

> On 5/13/05, David Fetter <david@fetter.org> wrote:
> > That, too.  The main branch of PostgreSQL will never become
> > proprietary because too many people own copyrights to pieces of it,
> > and not all will agree.
> 
> Yes -- this was my main point.  I think projects like PostgreSQL,
> Mozilla, and the dozens of projects that make up the Apache Software
> Foundation and (not as much, but getting better) the Eclipse
> Foundation are about as non-proprietary as you can get.  I just wonder
> if the average user sees as much of a difference between these
> projects and the vendor-run projects as I do.

Actually, I would argue the reverse.

MySQL rewrites every patch contributed to the project, so they maintain
copyright, and preserve their right to dual-license the software.

PostgreSQL, on the other hand, still takes community contributions,
which leaves at a greater risk for a SCO-style submarine copyright
infringement battle.

In that respect, where is the lesser risk?

-- Adam