2 days in Brussels.
0 celebrity motivational speakers.
0 cost to get in.
It’s the most relaxed tech conference I’ve ever been to. Part of this is because it happens on a weekend, in your own time. But another part is because it’s not really a conference at all, but a giant open source meet-up. Dig a little deeper and it’s actually the location for about 40 global open source communities to get together. These are the devrooms where tracks are organised by their own open source communities. A meet-up of meet-ups.
There is a rigid and relentless speaking schedule like other conferences but there is no registration and no entry fee. Entry is on a first come, first served basis. And there are plenty of full rooms. This year especially I got turned away from about 5 rooms. But there are also lots of people milling about, talking, coding, drinking beer. All of this helps reenforce the relaxed feel. And you get to meet with friends you haven’t seen in a while. I had some great chats (and steak) with Rob Lazzurs and friends.
Free and open source software to give it its full title, or FLOSS for those in know, is what the meet-up is about. It’s because of this that it attracts lots of geeks. And not so much of the geeks in suits (or maybe geeks in chinos if you work in USA). Even the enterprise geeks are in a minority unlike most tech conferences. Instead the focus of the conference attracts the geeks who contribute to open source projects. This brings with it a different vibe, kind of like an alt-techconference vibe. I love it.
So FOSDEM is a mirror of open source itself. It’s free. It’s all about the grassroots. It doesn’t have any marketing but has lots of value. It has diverse content. It is a network of communities. And it is put together by community volunteers.
Some of the largest open source projects have commercial organisations that sell services that surround the code. These organisations help drive adoption of open source to enterprises by selling help and support and sometimes exclusive “enterprise” features. You can see the same big names that sponsor other conferences — Google, RedHat and AWS for example. Beyond this their influence is subtle. Thankfully there are no “sponsored talks” like other conferences that act like product placement advertising for companies. They are a more natural part of the community at FOSDEM. For example one Terraform talk was given by a community guy who was comparing the maturity of Terraform to the maturity of Puppet — but during the talk he called out the Hashicorp CTO who was in the audience.
Trending Open Source
The popularity of open source products can be correlated to the popularity of FOSDEM devrooms. From what I seen this year that means Cryptocurrency, Go, Postgres, Containers and Configuration Management are hot. This is no real surprise,
- Containers remain one of the most hyped and popular technologies.
- Some think that Configuration Management has peaked given the rise of container orchestration tooling such as Kubernetes but the Container Management devroom was still filled out.
- Postgres remains the most popular open source database having strong appeal for relational-store, document-store and enterprise needs.
- Go is an interesting one. I haven’t seen much adoption of Go with businesses yet. But it has jumped in popularity, seemingly driven by developers.
- And cryptocurrency is almost certainly the hyped technology of 2017, breaking outside of tech circles to appeal to the mainstream.
Lessons from the History of Unix
I’ve been thinking recently about the immaturity of the software profession. It’s a very young profession, just an infant compared to ancient professions such as medicine but also to industrial revolution industries such as the automotive and utility sectors. We have an extremely high degree of change in software technology. And so engineers are always looking forward to the next new thing. Because of this, engineer’s don’t spend much time thinking about the history of software. But FOSDEM had a whole track devoted to history which I think is a brilliant antidote to the faddism of tech.
The History of Unix talk is a great case study. We think of software having a short half-life. 5 years maybe. 10 years at most. However, the first Unix code was created in the early 1970s. That’s 45 year old code. Diomidis Spinellis who gave the talk has put together a github repo that has all extant PDP, Unix Research Edition and BSD unix source code history from the 70s to the latest FreeBSD. This repo is a fascinating source for the evolution of Unix.
Much of the thinking from the early 70s lives on in today’s Linux distributions — kernel, filesystem, virtual devices, pipes, filters, shell, C, dynamic memory, virtual machines, regular expressions. Apparently some code even still lives. You can see the overlap by comparing the architecture diagram from today with the one from the Research Edition of 1971. What can we learn from this? For me, it’s the success of joining many smaller simpler things and the effective use of abstraction and modularity.
And it isn’t just good designs or code that was decided early. Documentation in Unix distributions remains such high quality because of early decisions about manual pages. Early on distributions mandated this documentation and enforced deletion of any user commands that didn’t have man pages. Clearly draconian but effective.
Monero, BitCoin 2.0?
Cryptocurrency has broken into the mainstream in 2017. We now see over 100 cryptocurrencies that can be mined, traded, stolen and (sometimes) used for purchases. Investors are clamouring to invest in the next Bitcoin. VC firms are backing new cryptocurrencies and Independent Coin Offerings (ICO) have entered investor conversation. And of course open source is vital to cryptocurrencies.
Many of the big cryptocurrencies are open source software, led by Bitcoin. Take a look at the Bitcoin code in GitHub. This makes sense given the aim of cryptocurrencies led by Bitcoin is to offer a de-centralised system of currency using mathematics and independent distribution as trust. Openness increases trust. That’s not to say of course there is no need to trust with open source or cryptocurrencies. Instead trust is placed with the developers of the blockchain, cryptocurrency client or smart contracts. This is how an Ethereum wallet bug allowed Ether to be “stolen” from their blockchain.
Anyhow back to FOSDEM (it’s so easy to get distracted by cryptocurrency). I listened (along with hundreds of the other conference attendees) to a great talk by one of the Monero contributors. Monero is a new open source private cryptocurrency. XMR currently has a price of $272 and is 13th largest cryptocoin by market cap. But we weren’t at FOSDEM to hear about money.
I hadn’t heard of Monero before this. It was described as “Bitcoin 2.0”. Isn’t that what all cryptocurrencies are attempting to be? Hmmm. What is clear is that Bitcoin has significant challenges as a currency.
Bitcoin has a finite supply (by design). Hence the long and vicious block-size debate inside the community with the inevitable fork of new cryptocurrencies by those who don’t win the debate. It uses an increasingly large amount of effort to mine (by design). The downside is this means we are using an increasing amount of electricity to create new coins that only have value because of trust (not by how difficult they are to mine). Iceland is apparently using more for mining that domestic use. It’s mining has become geographically centralised: the majority of Bitcoin mining is said to be in China using dedicated hardware and cheap electricity. China has responded by recently clamping down. It also is not anonymous. Bitcoin transactions are stored publicly on the blockchain and when you transact with someone you see their identity and all their previous transactions with this identity.
Monero looks to solve these by being an anonymous, private digital currency that closely mirrors cash (the original anonymous, rate-limited paper currency favoured by privacy advocates). It uses ring-keys instead of single keys to reduce the likelihood of tracing transactions to one private key. It will in future use i2p multi layer-routing to reduce the likelihood of sender IP tracing. Their proof of work also is designed to use a lot of RAM (2Mb) to try and make it prohibitive for ASIC miners to work at scale.
So will Monero succeed? No idea. We are undoubtedly in the wild-west of cryptocurrency right now. A few people are Bitcoin millionaires. Many more want to be cryptocurrency millionaires. Eventually things will normalise into a smaller number of truly valuable cryptocurrencies. I suspect that the ones to succeed will have value outside of their backers. If Monero really did become a digital equivalent to cash and it remained anonymous, private and de-centralised this would be valuable to many.*
Succession planning is a mandatory topic for senior leaders in organisations who care about the future. So I was surprised to hear a talk about succession planning for FOSS. Of course many open source communities care about the future of their projects so they are interested in succession. But for open source this is not just leadership succession, it’s succession for anyone in a key contributor role.
Meritocracy is something often referenced within the open source community. Vicky pointed out that good as this is, meritocracy is implicitly discriminatory if merit is not defined and when there is no mentoring programme to allow others to succeed. A good point I think — meritocracy needs to be explicit and clearly described to be effective. Like Redhat did.
Funding Open Source
The XWiki founder Ludovic Dubost told us about his funding model and business model for open source. He described how the XWiki code is open source, licensed permissively as LGPL. But he has created a for-profit organisation to provide a commercial SAAS XWiki. So if you want to roll-your-own, use the open source code but if you want a cloud service operated and managed by someone else you can pay the subscription. They also provide some pay-for modules (which is a common thing with other for-profits). This is an interesting model and as more software moves to become a cloud service it’ll be interesting to see if this becomes pervasive. Ludovic also described how his company was non-VC funded because this is incompatible with open source. He told us that VC funding leads to primacy of making money for investors which is not what open source is about.
Is Open Source mandatory for information security? One speaker about Security Theatre believes that it is. There are few today who believe open source is less secure — that view has been discredited for many years. But is it more secure? I haven’t seen any evidence to support this but I do agree there is a psychological benefit to coding in the open that encourages better security practice (as well as better practices generally).
Being open does make things better. Teams who code in the open know they cannot hide behind obscurity and so it changes their approach. Developers know others will look at their code and their commit comments and so they approach it differently. This is big advantage for open source / coding in the open.
There were of course some less interesting talks. But I’m not going to focus on these because this is inevitable in every tech conference. Instead I’ll finish with one question:
Why do Belgian frites taste so much better than chips from other countries?