Ivan Ristić

Solid Information Technology is a database vendor founded in Finland in 1992. After operating as a pure closed-source company for 14 years, Solid announced in 2006 that it had adapted its storage engine to work with MySQL, and that it would be releasing the project as open source. The move appeared to be an attempt to capitalise on the confusion created by Oracle's purchase of InnoDB, also a MySQL storage engine. (It wasn't clear at the time what impact the purchase of InnoDB would have on MySQL.) After being acquired by IBM in January of 2008, we now hear from Solid that it will be ending further development of the solidDB backend for MySQL. The code remains available through SourceForge. It looks like the company will cease to operate standalone.

This is not an open source story, but there's an important lesson here for all aspiring entrepreneurs using, or planning to use, open source as an aspect of their business strategy. Companies live and they die. They change directions in an effort to stay afloat or grow. They get acquired and assimilated by companies with different goals. Open sourcing a product is not enough on its own; it must be accompanied by community-building efforts. Such efforts are best carried out at the time the project is announced or open sourced, because that is when the project will be in the spotlight and resources will be available. If you care about the open source nature of your project then you need to realise that the clock is ticking from the moment you go live. Sure, your company may continue to go in the same direction for many years, but you never know if a disruptive change is lurking around the corner. If you want your project to survive, you need to ensure a healthy community forms before the change takes place. Without the protective shield of the community the chances of project survival are slim.

I've been following the Trend Micro v. Barracuda Networks case with mild amusement. (A very good overview is available at Linux.com.) Here we have a case of one U.S. company suing another U.S. company over a patent; a perfectly common affair in the U.S. legal system. Other similar disputes would normally make the headlines only to be used as another excuse to protest against the U.S. patent practice, and then quickly forgotten. Not this one. It so happens that the dispute is over a functionality which is in part provided by an open source project ClamAV, which Barracuda Networks is embedding in their appliances.

Barracuda Networks decided to spin the case to present itself as the defender of ClamAV and the free and open source world and then gave enough rope for a number of open source followers (individuals and organisations alike) to join in their defence. Some have even decided to call for a boycott of Trend Micro.

This case is indeed about patents, but not necessarily about open source. Trend Micro had previously sued both Symantec and McAfee and settled with them. Neither of these products involved open source. I think that it's reasonable to believe that Trend Micro is suing the vendors who, they believe, are infringing on their patents. Is ClamAV a threat to Trend Micro? Ultimately, I don't think it is. It is true that a large number of people is using ClamAV but those people wouldn't be buying anyway. Barracuda Networks, on the other hand, is a competitor, claiming a slice of the market. And even if the suit was about ClamAV, I doubt the open source nature of the project matters. The licence and the philosophy are not a threat, the cost—free—can be perceived as one.

Furthermore—I dare say—it does not seem to me that ClamAV is infringing. The patent concerns itself with virus-detection when used on an FTP or an SMTP proxy. ClamAV does not provide this sort of functionality on its own. To infringe it would need to be combined with other components, which is what Barracuda Networks is doing in their appliances.

While I think that, as a matter of principle, we need to stand up to unreasonable patents, and this one appears to fall into the category, we should not neglect to observe how Barracuda Networks is presenting itself in this case, using ClamAV as bait to get open source supporters on its side. They are doing the right thing—fighting rather than settling—but the spin is all wrong.

Disclosure: As of February 2008 Barracuda Networks competes in the web application firewall space. I work for Breach Security, a web application firewall vendor.

Nokia today announced their intention to acquire Trolltech, the makers of Qt (a cross-platform application development toolchain, on which KDE is famously based) and Qtopia (a platform for creation of Linux-based devices). The deal will be going through provided at least 90% of the shareholders agree to it. We know that approximately 66.43% agreed so far.

In response to the news, Matt Asay writes:

"Interesting days. Will there be any open-source companies left to acquire in 2008? Who will drive forward the changes to the software world if the old world keeps devouring the new?"

The software world has already been changed, and it wasn't the companies that did it.  Companies, even those with strategies based around open source, exist to make money. In the process, such companies generate a lot of value for the community, and we should respect that. But we shouldn't be giving them more credit than they deserve. It was the open source movement that led to the creation of the open source companies—not the other way round.