Larry Augustin, CEO of SugarCRM and open source luminary was my guest on the Open Network Podcast today (you can listen in the player below). Joined by my fellow Network World bloggers, Amy Vernon and Mitchell Ashley – we discussed the recent controversy around SugarCRM’s latest release. Is it in fact open source? Is it open core? Why should you care? Why do so many people in the open source community seem to care?
Right from Augustin’s own mouth let’s get this out of the way: SugarCRM’s Sugar 6 version follows the same source-code distribution as its previous versions. (around the 7:50 minute mark in the podcast).There is an open source community version, which is free and open source. There are two other versions – the professional and enterprise versions, which are licensed under a commercial license and are not open source. Those versions include features not included in the community versions (in the case of Sugar 6, this includes a new user interface and some security, mobile, and reporting features.) But Sugar gives you the source code when you license the commercial versions. You are free to modify it (which is what most open source users really want, though very few actually make any changes), but with its commercial license, you are not free to distribute those versions. So the product does not meet the definition of open source, though it’s not exactly closed source, either. Sugar’s approach goes beyond what many other companies do.
In regard to the controversy around Sugar 6, Augustin attributes it to two factors:
As to the first factor, on July 13, Schneider was quoted in an article in Internet.com saying: "Open source doesn't mean free and was never really meant to mean free. Open source runs through everything we do, it enables us to be transparent and gives customers more power. We are an open source company and it's why we're better than proprietary companies."
Schneider was making the point that a developer doesn’t have to give open source code away.When the original open source definitions were conceived (and Augustin was there for that), they did not demand that open source had to be free, as in without cost. Just the opposite Augustin says that the reason the term open source was adopted was to recognize the fact that there would be companies who were going to make money selling open source software. Anything with the word free in it would pose a problem. Schneider also wasn’t saying that the pro and enterprise editions of Sugar 6, sold under a commercial license, are open source. Even if the source code is given to the customer, that alone does not make it open source. It makes it commercial software in which you have the source code to use under the specific license terms.
The issue of open core is another matter. Augustin frankly doesn’t like the term open core. He thinks it has served as a lightning rod for an issue which has already been settled via the definition of the term open source. Augustin says part of the issue may be that the term open source has become so trendy today -- even Microsoft is embracing it. (In all fairness, Microsoft has had two of its own licenses get the stamp of approval from the Open Source Initiative, keeper of the Open Source definition, and a database of qualifying licenses. So Microsoft isn’t necessarily wrong to apply the term open source to software it distributes under those licenses. ).
But because open source has reached this critical mass, there are more commercial companies making money from open source. And there are more developers submitting their code to open source forges content to givd away the code for free. Therefore open source in the minds of many means “free.”
Augustin says that the very success of these commercial open source companies selling commercial versions of their products allows them to support their communities better. (He’s not alone, former mySQL CEO Marten Mickos is preaching the same sermon.) I agree. Selling the commercial version in fact makes for stronger, better funded, more resourceful communities. In turn these communities better support the open source version and make the commercial version better. It is truly a win-win symbiotic relationship.
He thinks that those who claim that Sugar’s open source users are treated as second class citizens are off base. There is nothing about open source definitions that say an open source version and a commercial version have to be equivalent. The open source version gives people the ability to change and do what they will with the product
Augustin believes that every software company in the world will have to embrace open source in some form or another. Commercial versions can have features not available in the open source version. Again, I agree.
In addition to our podcast and this article, Augustin has written a response on Martin Schneider’s blog,CRM Outsiders which you can read at http://www.crmoutsiders.com/2010/07/15/some-thoughts-on-open-from-sugarc... .Augustin has also agreed to come back on the show and talk about open source and the cloud soon, so stay tuned for that.
As co-founder and Managing Partner at The CISO Group, Alan Shimel is responsible for driving the vision and mission of the company. The CISO Group offers security consulting and PCI compliance management for the payment card industry. Prior to The CISO Group, Alan was the Chief Strategy Officer at StillSecure. Shimel was the public persona of StillSecure as it grew from start up to helping defend some of the largest and most sensitive networks in the world.
Shimel is an often-cited personality in the technology community and is a sought-after speaker at industry and government conferences and events. His commentary about the state of security, open source and life is followed closely by many industry insiders via his blog and podcast, "Ashimmy, After All These Years" (www.ashimmy.com). Alan is now also a regular contributor to The CISO Group’s security.exe blog and podcast. Follow him on Google.
Alan has helped build several successful technology companies by combining a strong business background with a deep knowledge of technology. His legal background, long experience in the field, and New York street smarts combine to form a unique personality.
Disclosure: The CISO Group sells a software-as-a-service PCI compliance application called SAQPro. The company is independent and does not represent any other vendor's products as a reseller.
Policy on comments: Respectful discussion is welcomed! However comments that use inappropriate language, consist of name calling or personal attacks, or include accusations of wrongdoing are not appropriate. Those comments will be deleted or edited.