Share
My Open Source Experience Podcast
Are Legislations Good or Bad for Open Source?
Season 2, Ep. 7
•
Governments around the globe have been recognizing that open source code is a core dependency in every modern software solution. Whether or not it is a good thing that is still a question. But one thing is for sure, if you are involved in an open source project or selling a product or service that depends on one, this will affect you!
In the commercial world, when something goes wrong with a product or service that a company provides, the company is liable for damages. So, what happens when a solution that contains open source code fails? And especially, what happens if the bug or vulnerability was introduced by the open source component? Who is liable? Is it the developer? Is it the open source community? Is it the company who used the code? Or?
In this episode of the My Open Source Experience Podcast, Ildiko and Phil are chatting with Amanda Brock. Before becoming the CEO of OpenUK, Amanda used to be a lawyer. With that background, it is no surprise that she keeps a close eye on the legislations and regulations that governments have been creating around open source. The group talks about this ongoing work, and how this affects people and companies in the ecosystem.
In this episode, you'll learn more about topics, such as:
- CRA (Cyber Resiliency Act)
- PLD (Product Liability Directive)
- The challenges with some of the current regulations and what to look out for
It is crucial to help government officials and regulators understand the methods, processes and dynamics of open source communities and overall ecosystem. Everyone who's part of this ecosystem plays a role in educating those who don't have the expertise and the experience, including YOU!
Amanda's books: https://amandabrock.com/books/
More episodes
View all episodes
20. From Law to OSPOs
52:12||Season 2, Ep. 20Open source isn't just for software developers. In fact, there is a large legal community that is focusing on licenses, intellectual property, legislations and more to understand how these all apply to open source, and what is enforceable and how. However, law and legislations develop and evolve on a very different pace than technology and open source, which makes the intersection of these areas rather tricky. Have you faced any challenges throughout your journey?In this My Open Source Experience podcast episode Ildiko and Phil explore the intersection of law and open source with Ria Farrell Schalnat. Ria started out as a computer programmer, then she ventured over to the field of law, but always stayed close to tech through copyright, intellectual property, and eventually open source. Ria has a comprehensive understanding of these areas and shares some of her experiences throughout her career journey that made a difference for her and the law firms and companies she worked for.Learn more about:- Why learning is not an exercise to do alone- Conferences are often underrated, and how you can organize one yourself if there isn't any available in your area- The conflict between how laws and legislations are created and how software, open source or proprietary, is developed- Why investing in upstream work and participating in open source projects are necessary to be successful- SBOMs and cybersecurity
19. Investing in Upstream Work Is Always Cheaper
50:24||Season 2, Ep. 19Maintaining a local fork of an open source project is like maintaining an illusion. It only gives momentarily control and becomes expensive to keep up over time. Have you experienced that already?This My Open Source Experience podcast episode evolves around this topic and explores why and how to invest in open source projects, including how to pick which ones to rely on, what to consider when setting up your organizational structure, and why avoid maintaining local forks.- Austen Bryan covers the benefits of relying on OSS projects, and how to pick the right ones.- Samson Goddy talks about why roles like Developer Relations don't belong in the marketing department- Greg Kroah-Hartman shares why you don't want to maintain a local fork- Federico Gonzalez Waite talks about educating people about open source and guiding a large organization through an open source transition- Michael Dexter shares his thoughts and experience with regulations, patents. copyright laws and how they've been affecting software development and the FOSS movement- Tom Sadler shares the benefits of investing in upstream work, and why maintaining a local fork turned out to be a bad idea for his company
18. Corporate Involvement in the Linux Kernel
46:22||Season 2, Ep. 18Open source investment and involvement are still considered risky and expensive, even though there are individuals, companies and studies that say the opposite. What's your take on this?In this My Open Source Experience podcast episode Ildiko and Phil explore corporate involvement in the Linux kernel community with Greg Kroah-Hartman. Greg has been a long-term Linux kernel contributor and maintainer, being responsible for the stable branches. Greg had both personal interest in getting involved, as well as motivation from the company he worked for at the time. The Linux kernel has been a popular choice to build an operating system, and therefore corporate investment has been strong in the project with 80% - 85% of the contributors being involved in the community as part of their paid job.Learn more about:- What individuals get out of working upstream- Common mistakes and misconceptions companies have about involvement in open source projects- Cultural challenges and examples to resolve them- What successful companies did to thrive with OSS- How to be proactive to sync product and open source project deliveries
17. Increase Cross-Team Efficiency with InnerSource
47:19||Season 2, Ep. 17We often talk about collaboration in the context of open source, or at least externally to a company with partner organizations. However, especially in larger corporations, cross-team work is just as important as the teamwork itself. Working with other teams is often more complicated than it needs to be, for various reasons. These teams could be in different countries, or the company's structure might not allow them to work together efficiently. What can you do to fix that?In this episode of the My Open Source Experience podcast Tom Sadler talks about how he explored open source and InnerSource, and how he became an upstream contributor through the latter. Tom also shares how InnerSource helped teams within BBC to work together more efficiently, and how it allowed the company to work upstream as well.Learn more about:- Why and how to roll out InnerSource within a company- Metrics to measure team efficiency- Do you need an ISPO/OSPO?- What you need to know to consume open source safely and efficiently- Why you need to avoid having internal forks of open source projects
16. Finding That Business Value
46:47||Season 2, Ep. 16If you want your company to be successful you need to deliver value to your customers or you do'n't have a business. Using open source software is appealing, since the source code is available online free of charge. However, as much as it is available to you it is also available to others. So, what's your differentiator? What's your business value?In this episode of the My Open Source Experience podcast Austen Bryan, Ildiko and Phil dig into the challenges of incorporating open source into business, with intention. Austen has a software engineering degree along with an MBA, which has been giving him a very comprehensive insight and knowledge about the software ecosystem. Before moving to Defense Unicorns, he worked for the United States Air Force with a focus on acquisitions, and gained deep insight into how government agencies operate, including the supply chain for software and other resources. Austen learned about open source while he was working for the government, and now he's with a company that based its entire business on open source. So, why and how do they do it?Learn more about:- Defense Unicorns, and how they leverage and embrace open source- How to find business value around open source software- Benefits that don't come in the form of money and income- How to decide whether or not you should open source any of your projects
15. The Nuances to Business Success with Open Source
42:56||Season 2, Ep. 15Building a business strategy is hard in general, and when open source becomes part of the equation it can get even more challenging.In the recent past there were multiple examples of companies changing the license on their open source project to something less or not at all open. This is often harmful to the companies themselves and the pattern is always harmful tot he open source ecosystem.In this episode of the My Open Source Experience podcast Gregory Kurtzer and Kelsey Hightower share their experiences to dig deeper into the challenges and solutions to building a business around open source.You will learn the following:- How to evaluate if your company is ready to get involved in an open source project or open up one of their internal ones- Why it matters who owns an open source project's trademark- Why is lock out sometimes worse than lock in- How to identify the business value when relying on open source projects- How to figure out which open source project is viable to build a business around- Empty promises don't work long term
MOSE Shorts - 18: Bidets and Decisions
12:44|In this segment of the My Open Source Experience podcast, Kelsey Hightower shares his current adventures, which includes a home improvement project.As Kelsey is now advising startups, rather than working in 9-5 jobs, he highlights the importance to keep your energy and drive, no matter when you retire, and how someone can't stop sharing once they started.While Kelsey talks about his adventures to install new bidets in his house, he also drives analogies to software development and decision making. Always remember before you start refactoring something:- You need to be careful to avoid breaking things- It needs to be backwards compatible- It needs to look better than beforeKelsey and Phil draw an analogy and describe engineers being somewhere between tradesmen and artists. Can you relate?But, does Kelsey have any working bidets in his house yet?
14. Open doesn't Always Mean Accessible
48:11||Season 2, Ep. 14By definition, open source projects and communities are supposed to be accessible. And while the code is always openly available, the remaining parts of the ecosystem might be further out of reach than you would thinkIn this episode of the My Open Source Experience Podcast, Michael Dexter, Ildiko and Phil explore the open source ecosystem from two perspectives: business and accessibility. Businesses rely on open source software, soemtimes unknowinlgy, all around the globe as digital infrastructure doesn't exist without it any more, and yet, making it integral part of the business strategy is a constant struggle for companies. And yet, even when companies and individuals reach the point of investing their time, money and resources into open source projects it appears to be more difficult than it is supposed to be. Michael, Ildiko and Phil are discussing these challenges and digging into how to address them.Learn more about:- The relationship between open source and business interests- The fragility of funding in the open source ecosystem- The role of open source foundations- Stages of involvement in open source projects- Maintainer shortage and how to bring people (back) into open source projects13. Start Early and Always be Prepared for Change
42:14||Season 2, Ep. 13When people get introduced to open source later in their life and career it can be a bigger adjustment that is hard to do, and that's when individuals start to struggle. When you introduce open source in a large organization, the effect multiples very quickly.This My Open Source Experience podcast episode is diving into the stories and effects of getting introduced to open source in different stages of people's lives and in various circumstances:- Samson Goddy talks about his experience with open source as a kid, and * How the Sugar Desktop environment was instrumental in him gravitating to technology and communities * Why kids need a hands-on experience with how technology works rather than access to tablets and smartphones that just work- Clare Dillon shares her work with academic institutions as well as InnerSource Commons. Learn about * Why it is crucial for university students to get in touch with open source * How universities work on adding open source to the curriculum and research activities * Methods to successful and less painful change management * The SCARF Model- Federico Gonzalez Waite talks about his experience at the Mexican government as he participated in rolling out open source, and help agencies to build their own tools and solutions. Learn about: * How to navigate change through a large organization * The impact that open source had in Mexico as well as in the Latin America region