I founded OSS Capital, a new kind of investment platform firm which exclusively invests in, accelerates and starts commercial OSS (COSS) startup companies. We were the lead investor in the DEV seed round back in the fall and have been partnering with the team here to grow as a leading COSS company.
I also founded KubeCon and have been involved in the Kubernetes project since the early days and open source software in a variety of roles.
Ask me anything.
For further actions, you may consider blocking this person and/or reporting abuse
Eden Federman -
Bogomil Shopov - Бого -
Luc Gagan -
Emil Pearce -
Once suspended, asynchio will not be able to comment or publish posts until their suspension is removed.
Once unsuspended, asynchio will be able to comment and publish posts again.
Once unpublished, all posts by asynchio will become hidden and only accessible to themselves.
If asynchio is not suspended, they can still re-publish their posts from their dashboard.
Once unpublished, this post will become invisible to the public and only accessible to Joseph Jacks.
They can still re-publish the post if they are not suspended.
Thanks for keeping DEV Community safe. Here is what you can do to flag asynchio:
Unflagging asynchio will restore default visibility to their posts.
Top comments (45)
Hi Joseph, thanks so much for doing this AMA! Do you have any advice for a developer who's new to open source? I've wondered often how OSS teams manage pull requests, roadmaps, and sourcing contributors, but the furthest I've gone into OSS myself is a single pull request.
Hi Anna! The wonderful team at GitHub (a COSS company) put together this resource: opensource.guide/starting-a-project/
Hope this helps you on your journey into the exciting world of OSS!
IMHO it's ironic that GitHub preaches about the superiority of FLOSS but then ... doesn't make GitHub itself FLOSS. Like wth.
movedtogitlab
I'm curious about your thoughts on a couple failures in commercial open source that come to mind for me:
RethinkDB
rethinkdb.com/blog/rethinkdb-shutd...
Famo.us
deprecated.famous.org/
It is never fun to reflect on the failure cases, but they do exist. I think failure in the case of open source really boils down to adoption: if no one uses the project it is "dead". This does not mean that the code ceases to be executable, hosted, available and even perhaps depended on by some other library or service or system or application.. somewhere.. out there in the ether.
On COSS side, a given COSS company can "fail" by running out of capital, ceasing to find a business model that works, dysfunctional teams, executing in a bad market.. many of the same reasons proprietary / closed core companies fail.
In the more nuanced context, I think COSS companies in failure happen because the lack of developer communities. COSS largely thrives in areas where the developer ecosystem around a given platform/product/layer in the stack is developer friendly/active/vibrant... where it is not, there is a higher likelihood of failure, IMHO. There are many exceptions to this, but in general, I'd say this is largely the case.
Hi Joseph! I know commercial open source ventures tend to center a lot on SaaS and web/devops frameworks, but have you seen anything commercially viable or interesting outside of web-developer-targeted open source software, or any movement towards commercial open source hardware?
YES! Commercial open source hardware is an exciting area.
Here are two companies in the RISC-V ecosystem: en.wikipedia.org/wiki/RISC-V -- that we are thrilled about:
en.wikipedia.org/wiki/SiFive
hex-five.com/
Hi Joseph,
Thank you for doing this AMA! How do you see the Kubernetes landscape evolving in 2019? Last year seemed to be about Kubes-as-a-Service offering from multiple cloud providers. Do you think eventually the easiest play will be to not roll your own cluster, and use the hosted offerings?
K8s is simultaneously becoming harder to learn, easier to run and more complex. Fun times!
Hosted offerings are maturing, but as are installers, products and many embedded offerings.
I expect more adoption exponentially across the board and K8s continuing to be abstracted away by higher level Operator tooling APIs, control planes, functions called via code itself/compilers and product centric services that totally hide the complexity.
K8s will become the replacement for EC2 style computing, but create far more efficiency and benefits than the cost of its complexity demands.
Hi Joseph, thanks for doing this AMA and KubeCon! I'm curious as to what criteria you use to evaluate the feasibility of COSS startup. Are there specific attributes you look for as an indicator for success?
Absolutely. We plan to write specifically about this soon. Much of the data we look at that influences thinking here is: oss.cash/
Stay tuned for a blog / podcast here soon.
Hi Joseph!
Do you work with many companies that are not yet COSS, but intend to open-source their software? I feel like the discussions involved in making a company COSS from the beginning are different from the discussions about transitioning into making their existing products open source.
I'm wondering if you have any thoughts on the differences between the two situations, and if you have any tips on how to more effectively dissolve friction from people who are feeling like they'll lose existing value if the code is made open-source?
I have spoken with a large number of founders who have or are or might be seriously considering evolving into COSS from an existing proprietary company.
The primary considerations/drivers for this are:
In almost all these cases, if you think about the tradeoffs long enough in a given context, open source of a core technology becomes quite compelling.
Hey Joseph, I'm curious about your thoughts on the relationship of security and OSS. On the one hand, the "many eyes" philosophy suggests that OSS is a boon to security, while incidents like the Equifax breach suggest we are still faced with problems in this space. I'm personally hopeful for more sophisticated vulnerability scanning technology as a solution, but I'm curious what you think.
I believe the Open Source paradigm holds the potential to unearthing some of the best kinds of potential solutions to the worlds security problems.. on many levels. Network security: en.wikipedia.org/wiki/Snort_(softw... .. Data security. Hardware security: en.wikipedia.org/wiki/RISC-V ... Password security. Vulz/app-level security and more.
Trust is a fundamental element of security. The worlds largest "on-demand hack me network" for companies (HackerOne) reverse engineers many elements of Open Source in terms of disaggregating a unit of work across anyone on earth in service of connecting the best hackers with the top companies who want to be hacked.. to identify the best vulnerability solutions. Incentivizing them with bounties. HackerOne is doing extremely well. I think a purely commercial open source version of HackerOne (where the core infra/runtime was an open source project) could be very successful. Interestingly, the CEO of HackerOne is a friend and an incredible Open Source veteran: en.wikipedia.org/wiki/M%C3%A5rten_...
Thanks for doing this! What are some common misconceptions about COSS?
Hi Mac! I'd say the biggest misconception is that "there is no open source business model". While OSS itself is certainly not a business model, I believe there are several business models that COSS companies implement - that work well, some better than others in many situations. Empirically, over the past 15 years, "open core" has proven to work the best, but it is not a binary thing like most frame it. It is a spectrum/gradient. More here: medium.com/open-consensus/2-open-c...
When we were investigating the pros and cons of going fully open source and leaning into the business, I definitely found a general sense of closed-mindedness towards the types of business models available for companies built around open source.
Since we're consumer-facing and fairly atypical in that sense, it was even less talked about. But learning up on the common thought patterns like open core, etc. really gave a good jumping off point for thinking about the whole thing.
Ah I see. Thank you for your response!!
What do you think about the new Firecracker tech announced at re:Invent? github.com/firecracker-microvm/fir...
Hey JJ, thanks for taking the time to join us. My question—
How do you explain how/why "open source software eats everything" to someone who is not very tech savvy?
I spent plenty of time over the holidays talking with friends/family about DEV being open-source, so I'd love to hear your approach and major talking points when talking about the opportunity of COSS.
Hi Joseph, thanks for doing the AMA. I'm curious what makes a potential COSS a good investment for your company? I can think of stuff like solid tech, community involvement/popularity perhaps, but I'm sure the list is longer than that 😉
Hey JJ! Thanks for doing this AMA. What advice would you give to a newer software developer about getting involved in commercial open source?
Hey Ali! Getting involved effectively depends on what your goal is, but diving into the exciting and hyper-growth world of COSS as a new software engineer could be helped by a couple things, I think:
1) Learn about some of the largest and most successful COSS companies that build large software product businesses fundamentally on specific exciting OSS projects! This can serve to offer perspective on the business side of things and the general magnitude of the space at least at the higher end. To support this, I'd encourage folks to look at this spreadsheet: oss.cash/
2) Read Heather Meeker's book "Open (Source) for business": amazon.com/Open-Source-Business-Pr... -- we are deeply honored to have Heather as our founding partner at OSS Capital.
Oh awesome! Thank you so much -- great resources!
How practical (or irrational) are fears of a budding startup going the open source route from having business logic stolen from competitors?
In fact, you should encourage competitors to use, collaborate, build products around and standardize on your open source project. Open source transforms the very idea of competition to one of validation, partnership, expansion, distribution and value creation.
Thanks for doing this JJ.
Has your thesis or expectations changed at all since you officially started OSS Cap?
What has gone as expected and what has surprised you?
Hi Ben! Thanks for having me.
Our thesis has remained the same: OSS Capital focuses exclusively on investing in and helping COSS companies.
I have, however, learned a few things over the past few months in our infancy:
1) The world is still far from understanding the magnitude and profoundness of COSS as a highly categorizable thing. We have a lot of educating to do, even with $70B+ in COSS M&A/IPOs/PE events in 2018 alone.
2) The world is still far from looking at COSS from a data-driven perspective and making conclusions from that data. A lot more people need to see this spreadsheet: oss.cash/
3) The COSS category is likely to be $10T+ (trillion) over the next 15 or so years. I originally thought it would be somewhere around $3-5T, but it is much bigger than that. I plan to blog soon on (conservative) data projections to support this.
4) There are far more COSS startups out there than we can invest in (even the absolute best ones at the earliest stages). :-( ... This is only true because we do not yet have billions of dollars to directly invest ourselves (this is a function of how large the COSS space is and our age), but stay tuned over the coming future! Constraints breed innovation!
5) Our thesis has only gotten broader and more expansive: software ate the world, OSS is eating software, OSS is then eating everything else: cloud (Kubernetes), hardware (RISC-V), etc... It is even more exciting on a daily basis to have the privilege to help founders build and grow the next leading COSS companies!
Looking at the chart, I see clearly RedHat dominating the market, generating half of the outcome. Why should I - as an investor - put my money in other companies than RedHat?
Don't get me wrong on that: I love to see more money being put into Open Source companies - I even work at a OSS Shop (we built among other things GPG4Win, the windows integration for GnuPG). But I see, that being Open Source comes more with a price, than it helps.
From our perspective, commercial open source has become more interesting and viable in the market in the past year or so.
It's hard to say if the right people are finding us now, or the macro trends have shifted, but it's easier to get people excited about the open source component of our future. But still hard to tell if that's sample bias based on things that have changed in our world.
I get the sense that the slowing down of blockchain mania has helped.
I am the founder of OpenDomain - we have donated domains worth millions to Open Source projects over the last 20 years. Domains including Drupal.com, OsCon.com, Xmpp.Org, Ecmascript.Org, FosDem.com, Schema.Org to Google, and WebPlatform.Org to the W3C. Unfortunately, we have not gotten a lot of love from OSS, so we are thinking about ending the project. We would love your opinion if we should continue. I am considering selling all my current domains (NoSql.Com, Free.TV, Xg.Org, 4NY.com, and more) to fund a new open source project: CharityCoin. CharityCoin is a 'Better bitcoin', where part of the mining goes towards charities. We won the techstart blockchain hackathon becuase we have a better PoW, but I am concerned about creating another altcoin because of the recent drop. Is there still room to create a new Coin? We also have a great idea on how to do an ICO without all the headaches.