Sunday, June 27, 2010

Did you know?

There are some of my overseas friends that are genuinely surprised when they visit my homeland Malaysia, to find that people are actually civilized, not swinging from tree to tree in loin cloths. To these people, with a sense of pride I even venture to tell them "We even have an healthy OpenSource movement !". That being said, this is not a posting about pride.

As I was driving back home I thought about the point of this post, what I wanted to say. I guess I just wanted to let my other Python and OpenSource audience or brothers on the other side of the globe know what is the state of acceptance of Python and other OpenSource technologies in most of the corporate sectors over here. I summarized this list after talking and being turned down by a few corporate companies recently for employment. Here goes ...

Did you know ...

  1. Most of the corporate customers, banking sectors, basically the people that matters still think that most of the OpenSource technologies such as Python, Ruby, MySQL is unsecure and reject it based on that? "unstable" is the word they use. PhP which runs probably the majority of the websites in the world is shunned for security reasons while they force their standards of using Java for all of their internal applications!
  2. While some banks accept that they cannot be a total island and reject OpenSource technologies, they require all components you use in a project to be listed down.  I don't know why, probably they want to scrutinize the list and make sure that everything is secure before accepting any "unstable" application. This vs. the fact that M$ Products all around that are used all around their establishment which do not even reveal any of the components used in their products!
  3. All of these guys complain about the fact that languages like Python should not be used based on the fact that it's not officially supported and at the same time accept Java? Ermmm .... I do hope that Oracle signed an agreement with Sun before buying it that it will never close down support for Java even if it gets unprofitable. 
  4. Almost all of the major financial institutions that I know of that reject OpenSource use products based on OpenSource such as F5, HP and Bluecoat to run their daily operations. Should I be afraid now?
It is my hope that since this blog has a audience of somewhat more than 3 people that the CEO or the decision makers of these institutions chance upon this blog and realize how flamingly stupid their decision for rejecting OpenSource based on these FUD is.  At least if you want to so damn secure then you should be fair and insists that all of your products such as M$ products reveal all of their components and source code so that you can audit it (If you really have so much resources to audit all of the things you use). When you succeed in doing that then the good thing is after that you can set up your own freaking software company. Come on, meet me half way here I would really like to believe that the people which I trust to take care of my money at least know their mouth from their asshole when it comes to the apps they are using to run their daily operations!

For No. 4, don't you think that since these Products use the same OpenSource tools that you rejected, that they would also be unstable or unsecure? When will you learn that it's not the tool you use that makes the app unstable, IT'S HOW YOU BUILD OR PROGRAM IT????? Then based on this logic all of those applications should be rejected too right? Why don't you?

After thinking about it for some time, I decided to start working with some local Universities to educate their students by offering my time to do small projects. I am meeting up with a lot of resistance but I am optimistic. Although my small ship is sailing alongside behemoths like M$ who sponsor everything from labs to the tissue our snot nosed university graduates use to wipe their nose with, the acceptance is growing. More of these students are and have heard about OpenSource technologies at least and a few of the major education institutions have started to accept OpenSource technologies.  

To change the whole apocalyptic outlook for being an "OpenSource consultant" now, fresh graduates will need jobs waiting for them. Show them that it pays to pick up this knowledge or study and they will. Now, the few misfits that dare to venture down the OpenSource hole, always have this unemployment cloud hanging over their heads when they graduate. Herein lies a problem. If this was to go right, these students who invest their time and energies needs jobs, good high paying jobs when they go out and dare to put the current deal breaker word "OpenSource" on their resumes. For that to happen, we need some MNCs out there to start realizing that the space between their ears would be better employed to think with instead of the hole where excrement comes out from.  I really hope that this slap on the face really lands on the right audience as I really hope that one day Malaysia too can come out of this intellect and choice stranglehold that some proprietary vendors think of putting us in.

I would like one day to be able to proudly exclaim "This app was built using OpenSource technologies" like the way it should be instead of having to hide behind generalizations or something out right lying.


MattBD said...

Sadly, the mistaken belief that open source software is inherently unstable or insecure is prevalent everywhere.

My employer is a large UK-based international insurer that's listed on the FTSE-100. Last year I got fed up of concurrency problems at work where we were using an Excel spreadsheet to record customer's details - basically because we were sharing a spreadsheet between many people, then if we set it so more than one person could use it at once, people would forget to save it till they closed it down and changes were overwritten and lost, while if we set it so only one person could use it, we were forever waiting for someone else to finish up, and someone would inevitably go to lunch with it open, locking everyone else out.

In an attempt to resolve this I wrote a Python script using the xlrd and xlwt modules to create a Tkinter GUI to enable us to add new entries without having to open the spreadsheet itself - by using this method the changes were only made when the new entry was submitted, making concurrency problems far less likely. I then enquired about getting Python installed on people's computers so they could all run the script, but was told we could not do so. Part of the reason was that they maintain a number of software packages for installation that have all been thoroughly tested, and Python wasn't one of these so it would have to be fully tested, something which I can understand. However, they also said that there were security issues with open-source software, which I completely disagree with - in my experience security through obscurity just doesn't work, while open-source software has consistently been more secure.

A better solution would have been to use a relational database (I was thinking that once it was working I would migrate the data to an SQLite database and create a new version of the script to update the database, as well as a second script to export the database to a spreadsheet), but I suspect MySQL would have been rejected for the same reasons, and while they did allow some use of Microsoft Access, they were trying to avoid paying for new licenses.

So I don't think that attitude is limited to Malaysia - it's widespread in the UK too.

lowkster said...

MattBD: Sorry to hear that the same scenario plagues your experience. Does it really make a difference so much if huge organization stands behind the software as a sue target if things goes south?