Last Updated: July 5, 2019

Maintaining Open Source Technology: Foundations, Corporations and Two Guys Named Steve

This post on Medium by Nadia Eghbal pointing out the precarious situation of open source infrastructure is absolutely spot-on.

The world is dependent on a very small number of people who are taking care of things in their spare time, and we have no reasonable way of rewarding them for it. Even the foundation model–Wikimedia Foundation, Mozilla, etc–is relatively untested. We know corporations can maintain infrastructure over generations (look at the phone system, railways, etc) but we don’t know if non-profit foundations supplying critical infrastructure have the same potential for longevity or are unstable against various perturbations, particularly turnover of key personnel

“Open source infrastructure” is a really good term for the most critical components. The world wouldn’t stop turning if we lost emacs or vi–which are important and open source, but not infrastructure–but there are infrastructure components that would be fantastically expensive to replace: Perl, for example, which doesn’t even get a mention.

Bitcoin is an interesting example, because the blockchain technology it was based on was supposed to be completely distributed and immune to capture by a central authority, but the sparseness of resources actively contributing to Bitcoin Core has made it unstable. This should be a cautionary tale for anyone depending on open source infrastructure… and everyone is depending on open source infrastructure. We’re fortunate with regard to Bitcoin that this is happening relatively early in the history of blockchain tech, so it hasn’t had time to become a deeply embedded part of Internet infrastructure.

I don’t have any brilliant solution to this issue, but ActiveState is definitely part of the conversation, and our role in the Perl community should be considered in the light of this reality. We are incredibly fortunate to be part of deep and broad community that has grown up around the language in the past several decades, but we need to make sure that that community will still be vibrant and sustainable decades into the future. We don’t want “the duct tape of the Internet” to fall into the position of being dependent on “two guys named Steve”, the way OpenSSL turned out to be.

Tom Radcliffe

Tom Radcliffe

Tom Radcliffe has over 20 years experience in software development, data science, machine learning, and management in both academia and industry. He is a professional engineer (PEO and APEGBC) and holds a PhD in physics from Queen's University at Kingston. Tom brings a passion for quantitative, data-driven processes to ActiveState. He is deeply committed to the ideas of Bayesian probability theory, and assigns a high Bayesian plausibility to the idea that putting the best software tools in the hands of the most creative and capable people will make the world a better place.