In the aftermath of IBM’s announced acquisition of Red Hat for $34 billion in the largest software deal ever, countless VC investor, stock analyst, and industry hot takes have hit the interwebs.
None of that "thought leadership" addresses the most salient question to most open source maintainers: Red Hat got paid billions selling what you created, and you got paid jack. 😡
How the hell did that happen?
Prior to co-founding Tidelift, I was the product manager for Red Hat Enterprise Linux during its creation and early years of growth. I’m intimately familiar with why it works for Red Hat, and why it didn’t work for you.
Now it’s time to let you in on the secret, so you can fare better next time around.
Red Hat unbundled the traditional enterprise software business model.
For the first several decades of the commercial software industry, when you bought a commercial software product, say a database from a vendor like Oracle, you got:
(a) a license to copy, install, and run that code
(b) a support and maintenance agreement to ensure you are successful doing so, today and in the future
Red Hat saw, earlier than most, that the ascendance of open source made the need to pay for code go away, but the need for support and maintenance grew larger than ever.
Thus Red Hat was never in the business of selling software, rather it was in the business of addressing the practical challenges that have always come along for the ride with software.
Who’s going to keep that software patched and secure? Red Hat will.
Who provides legal protection and indemnification? 👋 Red Hat.
Who gets all the individual open source components working together, and keeps them working for years to come? Yep, the 🎩 people again.
Red Hat doesn’t sell a work product they created alone (after all, you actually created it, isn’t that how we got here?). They sell promises about the future of a collection of software that someone else wrote, and the solutions (people, process, methodology) that make those promises come true.
Contrary to conventional wisdom that “support doesn’t scale," providing those assurances is a model that scales very well indeed. Red Hat has a gross profit margin of ~85% and an operating margin of ~25% on over $3 billion in annual sales. In other words: they make a lot of money doing this.
As an open source developer, you created that software. You can keep your package secure, legally documented, and maintained; who could possibly do it better? So why does Red Hat make the fat profits, and not you? 🤔
Unfortunately, doing business with large companies requires a lot of bureaucratic toil. That’s doubly true for organizations that require security, legal, and operational standards for every product they bring in the door.
Working with these organizations requires a sales and marketing team, a customer support organization, a finance back-office, and lots of other “business stuff” in addition to technology. Red Hat has had that stuff, but you haven’t.
And just like you don’t have time to sell to large companies, they don’t have time to buy from you alongside a thousand other open source creators, one at a time.
Sure, big companies know how to install and use your software. (And good news! They already do.)
But they can’t afford to put each of 1100 npm packages through a procurement process that costs $20k per iteration.
Red Hat solved this problem for one corner of open source by collecting 2,000+ open source projects together, adding assurances on top, and selling it as one subscription product.
That worked for them, to the tune of billions.
But did you get paid for your contributions? 😖
We think there’s a better way that borrows from Red Hat’s business model, but then takes it to a whole new level. That’s why we created Tidelift.
Here’s our logic:
- Companies need assurances around the software they use, open source or otherwise, and they are happy to pay for it
- The creators and maintainers of open source are the best suited to provide those assurances for the very software they wrote and maintain
- To make it work, companies need a simple way to buy standardized assurances from all the maintainers together, and maintainers need a shared "business stuff" service
Tidelift opens up the system and levels the playing field, so that as a maintainer you can provide the same kinds of assurances that Red Hat provided, but for your own package.
With Tidelift, open source teams create their own solution—security, licensing, and maintenance for their package—alongside many other open source packages in an easy-to-consume bundle that companies can constructively engage with. Subscribers get their problems solved, not for a little corner of open source, but for all of it. And the maintainers who create the software they use? They get paid, starting with over $1m already committed. Win-win.
Now that you know, next time you can get paid, too.
Meanwhile, to our friends at Red Hat: do not go gentle into that good night. ❤️