 All right, so yes, I was gonna say are you familiar with this who knows what this logo is right? Wow. Oh, wow Okay, amazing. All of you do Well, it's a hard bleep bug, right? And the reason I'm starting my talk about it is the heart bleep by has well first of all It's a bug that had a huge impact, right? And one of the examples is 4.5 million medical Records were actually lost their confidentiality, right and the other big number attached to that bug Is the actual estimated cost to the industry, which is 500 million dollars, which is a sizable amount of money I'm gonna be talking quite a bit about money in this talk because even though I know this is something as a community We don't really like to talk about that much when we talk about sustainability and open source You kind of have to talk about money So it was a huge bug that had a big impact And what it really did is it was at least I I see it as a pivotal moment in How open source was perceived by the tech industry and that for three reasons The first one is it really showed that open source is everywhere, right? The open SSL library that had that bug was well, you know is in roughly two-thirds of active sites on the internet, right? the other aspect is it was a open source is in at critical Areas, this is a crypto library, right? It's not some fancy UI or something like this. It's something that Is is is critical to how the internet works and then the last part and the one that was probably the most Sort of surprising to everyone was well What caused that bug and one of the biggest reason for that bug is how undefend underfunded? Sorry, the whole open source ecosystem is and we learned that basically open SSL was one person full-time plus a roughly $2,000 per year of budget right And so this would have triggered a Pretty large conversation in the community about sustainability And we started hearing stories of maintainer breakdown burnout maintainers being tired of working on open source projects And that's also at the same time that we started to really look for solutions for that and so one of them first things that Me software open source maintainers looked for is how they could actually use existing solutions that were designed at other For other for other things and then software open source itself and use it to sort of make their open source practice more sustainable So one of the first app well system that was used Was patreon patreon who was originally designed? for artists to try to create a meaningful revenue stream for artist work and One software developer and open source developer in particular Avenue the creative ujs Was able to really organize Himself a solution where People who were using of u.js were really interested to Fund his work on it and that led to him Being able to do that roughly $17,000 monthly to work on their project full-time, right? So that's a really nice success story for Sort of like an open source maintainer. Thank you working on on Full-time and open source But you know the kick is is it really reproducible and the answer to that is not really right? This is sort of like a one-off success story, and it's not really a Common solution to the problem of open source sustainability So we've seen a lot of other things one of the interesting solution that is Right now for this problem is get coin And get coin is interesting because it's actually a whole ecosystem of tools designed to help open source maintainers make money or make a living out of their work it's come it's those Two or three different products one of which is actually also called get coin since and that makes it a bit confusing It's both the product both one product and the company itself and what get coin is it's basically a github issue market So if you have a software bug That you want someone to work on on an open source project you attach a bounty to an issue And then open source developers can come and contribute to that issue send a poll Pull request and once that pull request is merged. They actually get paid in ether coins because a blockchain, right? and so that get coin in 2018 gave away about a half a million dollars of bounties And so another part of that get coin ecosystem is codefund Which is an ad network that is So-called ethical the ads are contextual. They're not based on tracking users and they're focused on Displaying ads on websites of open source projects and of course one of the Big value is for a hiring purposes, right? If you're looking for developer. It's a open source project is a great place to Put an ad about the open positions at your company So that has been making roughly ten thousand dollars in monthly revenue and redistributing six thousand of those to the community of maintainers of open source projects of course when you talk about Software there's always the VC route, right? And I know this community is not a community that particularly is inclined to Go the VC route But nonetheless with all of the acquisitions and sort of like excitement around the red hat acquisition around lots of IPOs for large Sort of open source based companies It's still something that's a solution and there's even now a sort of dedicated fund in the making called OSS capital Which is basically trying to fund open source projects to turn them into large business was valuable exits for the VCs Another exciting solution is open collective so open collective was started as a It's a way to help communities Self-organize and fund themselves and it sort of came around roughly at the same time as the All of this questioning in the open-source world around Sustainability, and so it has really surfed that that wave and has been really Helpful around the open-source community what it does basically is it provides a Infrastructure legal and accounting infrastructure for open source projects to be able to accept funds And redistribute them to the developers or the people actually working on the project Open collective has one really big success story, which is webpack Which in 2017 made $250,000 off of the platform And has made $400,000 a yearly funding last year And what's really interesting? It's a win-win story because its biggest contributor, which is Trivago the hotel booking European website Has gotten a lot out of it in terms of visibility and it has helped them hire Really good top engineers, so it's an it's an interesting model where Developers actually get funded and able to work full-time on a project and the companies funding them actually really getting something out of it and actually a Trivago was also really happy about the work the technical Source code work that was done who which really helped some of the work that we're doing The problem open collective has however is a long tail problem Which is that pretty much all of the money goes to like a few projects and then after that it's Very little to a lot of projects Late last year Open collective added back your stack to its offering so back your stack Is just a little piece of software that goes on github Looks at your organization on github Looks at all of the packages that you have and and builds a dependency tree of All of the software you're using As an organization all of the open source software you're using as an organization and then Let's you Well compares that was the ones that are on open collective and then basically Let's you either choose to fund some of those or give a lump amount that is redistributed to all of the projects you rely on and That's a similar Solution to the one that tide lift Has created But tide lift Has sort of like a red hat business model, but for the long tail of open source projects so basically what it does is It you know on using the same sort of like software that back your stack does What it does is it looks at all of the open source software you're relying on and then offers security updates maintenance and guarantees basically Around the open source software that you use for a fee and it then uses that fee to pay the actual Maintainers working on those projects to keep them updated and secure So that's the idea. It's a similar business model than red hat except for like a much larger well from much smaller projects And well, it's really brand new and so we don't really have a good idea of How effective and how impactful it's going to be in the ecosystem So we talked about a number of different solutions that have emerged over the last couple of well three four years around Making open source projects more sustainable And what I want to do quickly now is Look at sort of the issues that we have with these three projects And there was these well four or five projects I talked about and and then sort of like proposed a larger solution to that problem and So those three issues are the first one is one of scale, right? So I'll go into that shortly the second one is one of misaligned incentives between open source projects that are becoming professional projects and developers relying on those projects and then the third one is just a question of Whether it's a good idea to actually limit sort of open source practice To a few subset of developers and not bring it to developers at Lodge I don't know if you've seen this really nice small videos sequence that explained that the American debt a Couple of years ago. It was a YouTube video Made by what we can't really see it here But it's made by a website called the demonocracy info and they were really kind to let me use those graphics to sort of Make the point about scale So that is a hundred dollars bill, right if you stack A hundred of those you have ten thousand dollars and that is The monthly revenue of code fun the ad network where we're talking about before Now if you stack together a hundred of those Bills you get one million dollars And that is the amount of money that open that open collective has redistributed over a year And it's the same amount also that tight lift has committed to pay developers So that sounds like a sizable amount of money But let's compare that to the worldwide developer population Which is estimated to be roughly around a bit above 22 million developers in the world Half a bit more than half of them are full-time and you have sort of like a third ish that are quite time and non-professionals are sort of like the rest So if you do some quick back of the envelope math You're going to see really quickly that the numbers are astounding So if you account for 12 million Full-time developers and you take an average of pay of $65,000 per year We can sort of discuss whether that's a bit too high or a bit too low But it actually gets me to a nice round number at the end. So please bear with me Okay, so that gives us 780 billion dollars spent in wages for full-time developers in the world per year Right if you add to that 6 million part-time developers at 35 K a year, right? And you add that it gives you a total of one trillion dollars per year and developer wages, right? So let's have a look at what that means in comparison to the kind of money that these solutions are providing right now So if we stack a hundred of those million dollars onto a palette, right? We get a hundred million dollars Okay, so to get to a billion we need ten of those palettes all right And if we make a square of ten by ten of those palettes now we get ten billion dollars worth of bills All right, and so to get to a trillion dollar while we have to stack a lot of those Right a hundred of them Okay, so if you compare With the little person that's you know over there down here, right? And the the one million dollar amount that open collect open collective is collecting and you compare that to the sheer size of Developers in the world and how much money actually a pain to developers. It is a really really really really tiny amount So the second thing That to me is a bit of a problem was the open that the solutions that we've been looking at and focused on to solve open-source sustainability is What a DH H Coles well refers to is misaligned misaligned incentives And he talks quite a bit of that about that in a blog post of Hills called the perils of Mixing open source and money. It's an old post But I think it's sort of like the crux of the process really interesting Which has to say that one of the key values of open-source is it's actually built by people who are trying to scratch an itch Right solve a problem that they have in the particular context that they're in and then once that problem is solved Move back on to the core of their business and if we really start separating This and have on one side developers that are open source developers focused on creating open source code And on the other side developers which are consumers of that open source code, and we sort of lose sort of this value And it's interesting to see that if you look at developers working on the Linux kernel You actually see that 97 sorry 93% of them 92% of them Actually working on the kernel as part of their job and So we tend to look at the focus on finding solutions for the 7.7% that are up there And I agree that the Linux kernel is probably like a bit special But it's to say that like we're really looking at both from a sort of money perspective and from an actual Real-life perspective we're too focused on this Small area up there and not on the big picture and the last you know the last point is Open source is actually really really cool. I mean I guess this is the case for pretty much everyone that's in this room But I owe my whole career To my involvement with open source. I've met like a lot of my friends in that in that place I've learned pretty much everything from working in the open-source world and I don't I Sort of like I find it I would find it really sad if we suddenly decided that this was only something that a really small percentages of open-source developers would have access to and not developers at large So was that said well, we need to find a solution to a More general solution to make open-source accessible to more To more developers than just the ones that are focused on open-source And for that we need to better understand what the true value of open-source is I'm sure you've all seen this diagram at some point, right? It's you know, it's this classical flow diagram where you have Problems and coffee coming in right and engineer is sort of like handling that and has as output a Solution hopefully and also as a byproduct sarcasm So what happens when we are more specific and turn that for a software engineer? Well, nothing changes nothing much changes except the solution is Encoded in code like that's what the output is So let's look at what happens when we have a Software engineer working on open-source code. Well, what happens is the output? As open-source code that suddenly goes into this, you know, large pool of commons And in this large pool of commons, we have other engineers working And also outputting open-source code, right and they usually come was a different coffee pot and different set of problems and As they start working together There are all of these New things that happen you have conversations between companies that otherwise wouldn't have talked together You have mentoring that happened of younger developers by more senior ones You have networking that happens at events like this one and and other events in the industry And all of this Actually, if you remember the sarcasm byproduct I mentioned before all of this actually creates a whole bunch of byproducts right all of all of these interactions and all of these Conversations and there are actually plenty of these And they touch a number of different aspects of software development And you can actually regroup them in sort of like four large categories Which are byproducts that? Impact the project itself that you're working on you know a classical one is you get better documentation You improve code quality by working in the open with more people on the project then you have a number of Byproducts some people call those like second order consequences that actually impact individuals right Working on open source. I mean we all know that like it levels you up It helps you with your soft skills It has a whole bunch of really interesting impact at the individual level and it has also lots of impact at a team level by increasing efficiencies for example or also Concept they really like that we can't talk about today because we won't have the time which is called a knowledge spillover and Finally, it has really positive impact as I talked about was the Trivago example before For the companies themselves who have engineers working in open source And I just quickly want to give you two examples of that the first one is Recent research by Professor Frank Nagel from a Harvard Business School that Has shown working that teams working on the Linux kernel that actually contributing back to the project Are twice as effective on their own work that teams that are just freeloading, right? So that's not like 20% more effective, right? It's actually you know and in the researchers actually really interesting to read and it's it's it's really deep work And it accounts for a whole lot of variables that it correct But it's really making teams a lot more productive And then Well, I'm well aware that Facebook is in the news a lot these days for pretty bad things, but outside of that When it really made a push To drive open source what created software and projects like a react It actually started having Asking questions to new recruits as to what had made them sign up For the job and 75% of new recruits at Facebook Actually said that Facebook's open source program was one of the key reasons why they had taken the job So all that to say that when we look at open source We often look at the actual code itself as the value, right? But it turns out that there's a huge amount of value in the process itself And that we've been really bad as a community to a realize that and be Figure out how to capture that value To me the solution to open source sustainability is helping companies understand that value And Actually help them leverage it right so show them show the companies what's in it for them When they have engineers contributing and that's it folks. Thank you So we have time for a few questions We welcome questions Up there. Yep. Oh, I I deliver Sustainability What you did there, this is all good and great for companies which can afford to give and have part of open source as part of their Workflow that are large enough, but what about like in my community most of the Ecosystem is actually made up of very small companies as in one man two man people Companies like how can they also give back to open source? That's a good question. I don't have a good answer to that Yeah, I don't have a good answer to that like that Frankly, I do you do wonderful sponsor meet-ups. It's inexpensive compared to most other forms of Sponsorship and it still gives value to the community by helping to bring together developers and supporting their In-person engagement. So if you are a small shop, but you still want to give back to open source Buying something delicious for your local meet-up group can be a great way to give back and if you're on a budget You go to the local supermarket and buy lots of snacks. It works. I'm just saying Other questions No, lovely human at the front Hi, thanks for the talk. So I really like the illustration that you made with the stack of bills comparing the open source community versus the rest of the industry But I believe the small stack was mostly the examples that you listed, right? Yeah, mostly. Yeah, I was yeah, that's that's correct I mean, for example the small stack the $1 million was the amount of money that open collective is redistributed So but then you mentioned Facebook open source program. I know Google has some a lot of companies have that Do you have the numbers for what already exists for from the companies to you know, have That that's that's a that's a great question. I don't have the numbers and they would be really interesting to get So basically I think the question is sorry because I sort of interrupted the in the last bit of your question But I feel like the question is how much are companies actually contributing in human resources? Basically, I don't have an answer to that. I think it's a good question and I think that This is what we should tend Towards right is get more companies contributing on the scale of these large type companies I Don't have an answer to what number that actually is But I think it's sorry I'm interjecting because I used to work for a big company that I don't open source program office And it was one of the ones you mentioned I think it is a reasonable thing for us to talk to our friends who are at big company Open source programs offices and ask them to publish data on that Because a lot of them are getting Great recruitment value out of saying we have great support for open source software So if they're actually able to publish metrics against what those contributions are that's gonna look better than would be employees I will talk to former co-workers Wonderful, I'm not trying to bo guard your cue. No, that's great. That's that's that's better actually we have One minute one last question I imagine First of all nice talk nice presentation. Thank you. I work at a rather small company We've got six developers. No thing like quality assurance Assurance whatever, you know what I mean Do you think that for such a small company? investing into open source makes sense So that's well, it's it's a similar question as the one we had first I Think it does But I think it actually needs a real strategy behind it I've seen a number of small companies Actually use their open source practice as a way to get clients So it sort of depends what kind of company you are a few Building software for others or if you're building software yourself I think I mean there's a whole life cycle of where it when it makes sense for a company to invest in open source and usually small comps most like early-stage startups are not usually a good In a good position to do that. It just doesn't really make sense. But if you're Building software for other companies, it could be a strategic advantage To show that you're building open source It could help on a marketing way or it could also help you design solutions that can fit multiple of your clients and open source those solutions and then Actually be able to make larger margins By resigning that same solution to different companies. So there's lots of tactic It's really like tactical sort of thing you want to do. Do we have time for an extra one? So first of all, thank you great talk. I really enjoyed it and and I have a question I'm actually dealing with with a corner of the software market that is still not quite familiar with open source Can you understand me? I can barely hear you actually you have this Okay, okay, yes, and So what I see is like a lot of like people don't understand these licenses people are afraid and we're now doing an open source project in this area And I think for some this This is actually a bit scary that this is happening. So what would you? What is like best practice to convince people that this is that I mean people will have to move right people We have to change their their business model to some degree But that this is not a bad change or that people can actually benefit from it Yeah, so I think that the fastest answer to that is that is the same problem the companies that are in those markets Facing it's a similar problem that the one that they're facing was digital transformation in general And so it should be tackled at the same time And if it's done properly can even help leapfrog a number of companies that have done digital transformation Before but haven't actually moved to more of like an open source model for developing software Does that work as a quick answer we can talk after the Okay, I have a shameless plug. I wrote away. Sorry. I Could do this. I mean I'm gonna do the shameless plug to after you so I wrote a white paper with some collaborators from the fintech open source foundation called the business business value benefits of open source for Financial services firms which are traditionally extremely conservative and all of the arguments in there about why it is important for financial services firms to Adopt open source contribute to open source operate in an open source way will be equally applicable to I think really any industry So if you have conservative folks at your company, the text is CC by Copy paste remove add in your industry reuse and use it to convince the right people At L. Hawthorne on Twitter, I will tweet it at you. I will email it to you There's my phone number send me a signal a WhatsApp a DM or something I'm Leslie. Oh, hi. I'm Leslie. Yes That's Laura. All right. And so my shameless plug was I actually do that as a living as a consulting business So you can reach out. Thank you, Toby