Banks 'should give back to open-source community'

"How many here have open-source developers working at their company?" Carl Drisko, Novell's Linux and open-source principal, asked the audience during a panel at the Linux on Wall Street conference in New York.

Relatively few members of the audience raised their hands, to which Drisko said, "It's pretty rare, the number of folks on the Street (Wall Street) that are making major contributions back. They are consumers of open source, but are not necessarily sharing well. We wish there were more that were going on."

In a separate talk at the conference, Larry Ryan, director of worldwide financial services at Hewlett-Packard, made a similar comment on the lack of open-source code contribution by the financial community.

"We've not seen a lot of participation yet from (the financial) community -- I would be interested to hear your opinion on why that is," he said to the audience.

Banks are generally reluctant to collaborate with other members of the financial community as they are worried about giving advantages to competitors, Ike Garrido, the director of blade server vendor Egenera, said during the panel discussion.

Competitive-advantage concerns
"What we've found is that our clients (in the financial industry) are ruthless -- they want a competitive advantage," said Garrido. "I don't see them playing nice."

Concerns over competitive advantage mean that it can be difficult to persuade companies to share code with the open-source community, as it can then be easily accessed by competitors. But for technologies that have little impact on competitive advantage, financial companies could probably be encouraged to contribute code, the conference panel agreed.

Brian Behlendorf, the founder of development software vendor CollabNet, pointed out that if companies keep their bug fixes private, the next mainstream version of the product may not include their bug fix, meaning they would have to patch the system again manually.

"If you're using open-source technology on Wall Street, unless you're completely reliant on a vendor to provide a certified version, you will probably invest extra time to fix it," he said. "What will you do with your fix? You can keep it to yourself, but if you move it upstream by passing it on to the vendor or submitting it as a patch, you know it will be available in the next version of the product. That's what drives most open-source development -- collective self-interest."

Behlendorf also said that if companies are spending a lot of money maintaining a piece of software in-house that does not give them much competitive advantage, they could save costs by releasing the source code or migrating to an open-source equivalent.

Although the financial industry seems to be particularly reluctant to participate in open source communities, Novell's Drisko said any industry sector that is highly competitive is likely to be equally reluctant.

"A lot of other industries are doing a whole lot better in terms of collaborating, but most are not competitive," he said. "For example, there are initiatives to make government systems open source and there is a lot of collaboration between universities. But the closer it comes to affecting the dollar, the less you will see people participating."

Ingrid Marson reported from New York for ZDNet UK. For more coverage from ZDNet UK, click here.

• Related stories

• Alerts

Add your opinion

Open source in the banking community Anonymous -- 27/04/06 (in reply to #120133428)

"We've not seen a lot of participation yet from (the financial) community -- I would be interested to hear your opinion on why that is,"

A simple answer to this is: banks don't use open source! There systems are too important to leave up to amatures and this is why they pay vendors who are prepared to guarantee their product.

Imagine finding a bug in a banking system and then releasing your source code to the open source community. Can anyone smell security here?

Banks cannot risk providing source code to open communities largely for security reasons. This is why such workplaces take a "closed door" approach with great pain taken to protect source code.

I am not sure why this speaker chose to focus on competitiveness. I am sure competitiveness will always play a role as with any other industry but security and stability are paramount. Unless you want to risk the money in your account to promote the open source community I think it should stay this way.

• Reply to comment
• Report offensive content

yeah but naaa fatocp -- 27/04/06 (in reply to #120133429)

I think labelling open source developers as amateurs is rather ignorant.
Not too mention, from my experience the banking sector is quite willing to use cumbersome, outdated systems and pay handsomely to keep them on life support.

Vendor guarantee (ie. someone to blame and pay large sums of money to for support) and competitive edge are really the only
valid reasons I see to benefit from closed source.

This concept of security by obscurity is based on paranoia and inadequacy. Hiding how your code really only gives you a false sense of security.
If there is large money to be chased, the bad guys won't be shy about throwing money and effort into breaking what software schemes you got.
Most security breaches are from insiders. Yeah someone walks out your front door with a zip drive full of your source code. To to guarantee that won't happen.
I have personally seen, short cuts, lazy coding, security holes left in proprietary software because they think no one will even get the source or think to try this feature.
Its a ticking time bomb.

The whole benefit of open source is that it is reviewed by your peers in your industry and by anybody who is interested. Sure the baddies see it. So what.
If its using the best, toughest security encryptions etc, then they will need a couple Big Blues handy to crack it.
Updates and patches are almost instantly fixed. Many companies now offer support for open source.
As like the article is saying, the open source products would only improve if banks et al dedicated diverted some of their own energies into it, instead of simply trying to downplay it.

I think its often just too high a mental hurdle for high profile businesses to accept the new frontier of software development.
ie. go with what you know, not what is necessarily better.

Having said all that, I'm not advocating simple using open source for everything, cause maybe that particular Monte Carlo simulation application (or whatever) that you need isn't done in open source yet, or done very well. Yes many open source projects are crap. Its no secret. But so are many many proprietary ones.
Maybe a finance algorithm is top secret. Every case must be treated individually.

But to recite "we don't do it, so we'll never do it" is just the kind of narrow thinking that sinks companies.

• Reply to comment
• Report offensive content

• Just In

• Most Popular

• Most Discussed

Reader Services

Popular Topics

Essentials