Linux and Open Source

Steven J. Vaughan-Nichols & Paula Rooney
Home / News & Blogs / Linux and Open Source

Open source audits still have huge potential

By | July 7, 2010, 7:07am PDT

Summary: Almost half the companies surveyed who said they didn’t distribute open source in fact had Web-facing applications that did.

A new survey from OpenLogic shows just how much potential open source auditors, like Black Duck, Palamida, and OpenLogic itself, still have in the enterprise space, despite their rising sales and profits.

The survey, which Open Logic also offered as a CSV file, showed that programmers are aware of the problem, but top management remains fairly ignorant.

  • Two-thirds of companies that are distributing open source don’t know it.
  • Only one-in-five companies are using any tools to keep track of it, even though four in five actually distribute it.
  • People who understand copyleft’s requirements are far more likely to use audit tools to identify and manage their open source assets.

The Web and mobile applications are behind this trend, the survey said. Almost half the companies surveyed who said they didn’t distribute open source in fact had Web-facing applications that did. Offshore development, the delivery of mobile apps to customers, and the addition of software to existing products are also pushing the trend.

When the audit companies first emerged, almost five years ago now, I was skeptical of how much good they could do. Now I know different. Open source is diverse, enterprise computing is diverse, and keeping track of licenses, and their requirements, should be a no-brainer for any CIO.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Linux and Open Source”

Topics

Audit, Open Source, Dana Blankenhorn

Dana Blankenhorn has been a business journalist for 30 years, a tech freelancer since 1983.

Disclosure

Dana Blankenhorn

Dana Blankenhorn has been a journalist, writer and part-time futurist for over 30 years.

At the present moment I run only a personal blog in addition to my ZDNet open source blog.

DanaBlankenhorn.Com has the subtitle The War Against Oil. In the past I have used it to write about political history, e-commerce, personal matters, some ideas related to open source, and The World of Always On, which is the idea of using sensors, motes and RFID to turn WiFi links into platforms for applications which live in the air.

My IRA account at Schwab holds a few tech shares, most notably some Intel and Applied Materials, but there are no open source companies in it. I don’t even own any CBS stock.

Biography

Dana Blankenhorn

Dana Blankenhorn has been a business journalist for nearly 25 years and has covered the online world professionally since 1985. He founded the Interactive Age Daily for CMP Media, and has written for the Chicago Tribune, Advertising Age's "NetMarketing" supplement, and dozens of other publications over the years.

Talkback Most Recent of 6 Talkback(s)

  • OSS as a strategic business enabler
    Dana - Couldn't agree more. Black Duck's research confirms many of these findings, especially prevailing lack of awareness of the fact that open source software is part of the overall enterprise software ecosystem. Open source audits are helping dispel these myths so companies can ensure compliance with their company standards. Even better news is the the growing adoption of open source software for more efficient software development. Audits are a good start. Then comes policy. Then comes managed use of OSS as a strategic business enabler. That's what our customers are doing more and more and what we see as the bright future for OSS.

    Peter Vescuso, Black Duck Software
    ZDNet Gravatar
    pvescuso
    7th Jul 2010
  • RE: Open source audits still have huge potential
    Open source about it is bank that website attacked from the site support from any soldier site to the light home page is great audits
    ZDNet Gravatar
    musdahi
    16th Sep
  • Just look no further than SCO Group ...
    Here we have SCO Group who have made a business model around IP litigation and who have as much as admitted that they were distributing GPL software for years without knowing or seemingly caring what their obligations were under the GPL license. It is absolutely astonishing how many people in high places assume that GPL=Public Domain. It is really mind boggling.
    ZDNet Gravatar
    George Mitchell
    7th Jul 2010
  • Licenses are part of the open source echo system
    Some nice summary statistics Dana. They paint a picture of an emerging IP rights vacuum in the wake of an accelerating ?cut & paste? open world. At Protecode we often see the situation you describe- developers accidentally incorporating OSS through 3rd parties such as outsourcers. As their projects bulk up, licensing management becomes a mosaic of unknown obligations. The sheer volume of code makes it virtually impossible to manage the situation manually. Automation becomes the only way to make sense of it. Companies like Protecode and Black Duck add a counter balance into the open source echo system- audit services and tools that make it practical for open source adopters to implement efficient OSS policies. And the best part is that these tools can let developers get back to what they do best- developing software- and not worry about licenses.

    Mahshad Koohgoli, Protecode
    ZDNet Gravatar
    koohgoli@...
    7th Jul 2010
  • RE: Open source audits still have huge potential
    @koohgoli@... My apologies for not mentioning Protecode in the body of the piece. I was working from memory. I do appreciate your piping up in the comments and correcting my error
    ZDNet Gravatar
    DanaBlankenhorn
    7th Jul 2010
  • Necessary and valuable tools
    These tools are very valuable. We use Palamida's IPAmplify. Its ability to identify open source libraries and packages is a huge time-saver. Even better, its ability to identify fragments of code that have been copied from open source projects is something we could never do manually.

    James Dixon, CTO, Pentaho
    ZDNet Gravatar
    jimmyed2000
    8th Jul 2010

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources