Lockheed Goes Open Source. Blankenhorn Hates It.

A Tin Foil Hat

Courtesy CycleDog, Licensed CC-BY-NC

I was really pleased to read the announcement that Lockheed Martin’s social networking platform, EurekaStreams, was released as an open source project today. Lockheed is a very conservative company, and while they’re happy to use open source internally and on projects for their customers, this is their first experiment with actually running a project themselves. I think it’s a big deal, not just for Lockheed Martin, but for large corporations who are considering a more open, more innovative approach to software development. And yet, Dana Blankenhorn hates it:

I don’t see anything in Eureka Streams I can’t do in Drupal, or a number of other high-quality open source projects that have existed for years. Lockheed has reinvented the wheel — why?

So here’s the nice thing about the open source community: competition. If I think I’ve come up with a better way to solve a problem, it can easily compete with the incumbents. Low barrier to entry, we say. Let the best ideas win. Unless, apparently, the best ideas come from a company I don’t like.

Then things start going sideways:

The author of Eureka Streams, who goes by the name Sterlecki at Github, has left no previous tracks there. Linkedin lists the same picture as belonging to Steve Terlecki, a Lockheed software developer.

The stuff’s legit, so we’re left again with the question of motive. Is the military-industrial complex reaching out to open source, is this just proof of press reports showing our spy efforts have more bloat in them than a Macy’s Thanksgiving float, are we being co-opted, or am I just too suspicious?

Wait, what? Open source advocates have, for years, been trying to encourage more code to come out from behind corporate skirts. Where companies can build business models around governing and supporting open source projects, we want them to take the plunge. If more code is open, that makes everyone smarter. And that, my friends, is exactly what Lockheed Martin did today. Someone who probably never contributed code in their lives just gave the community a project they’ve been working on for months, or even years. I think that’s amazing. In return, this brave developer gets painted as a nefarious secret agent out to steal our thoughts and bug our laptops. Or whatever.

So here’s the great thing about open source: we can prove Blankenhorn wrong. They use the Apache license, and it’s on github. We can go through the code and find backdoors, secret plans, and mind-control rays. This reminds me very much of the reaction to the release of SELinux. Conspiracy theories everywhere, but code is auditable and now it’s in the mainstream Linux kernel. Do we really want to throw out these contributions, when code doesn’t lie? When it’s so easy to ensure there’s nothing nefarious inside?

You can feel however you like about Lockheed Martin or the US Department of Defense. You can choose to contribute to the project, or not. You can choose to use the software, or not. But is it in the community’s interest to summarily dismiss contributions based on those preferences? Lockheed’s thousands of developers are sending up a trial balloon. If they fail, we lose access to those developers forever.

I think this kind of fearmongering is exactly what prevents large corporations and government agencies from releasing their code. These knee-jerk reactions harm the open source community at large. We pride ourselves on our meritocracy. A 14-year-old in his mom’s basement is the same as a 30-year-old Lockheed developer is the same as a UNIX graybeard. You are just as good as your contributions. We need to welcome Lockheed’s contributions, not throw them back in their face. Whether the project is useful or not, they’ve enriched the open source community. Let them succeed or fail on their own merits. If they do fail, we hope that they’ll do better next time. Maybe this is a Drupal-killer. Who knows? Let’s give it a try.

  • http://twitter.com/flafeer Firoze Lafeer

    Since when do we reject a project because it does something that other projects have done? Was Drupal the first open source WCMS? Not even close.

  • Oceansmademe

    I actually don't get the comparison to Drupal. I'm not too familiar with Drupal but looking at it's capabilities from the web site it is a very robust CMS. Eureka from their description is a micro blogging tool that uses OpenSocial and supports Google gadgets. I feel like he is comparing apples and a soda bottle.

  • http://risacher.org/dan/ Dan

    From watching the short promotional video, I'm guessing that Eureka Streaks is not a pure competitor to Drupal, but rather to Jive Social Business Software (formerly Clearspace).

    Clearspace (I believe) is the underlying software for MilBook, and A-Space, and probably similar efforts across the Defense and Intell communities.

    There are OSS products that try to fit in that niche, (elgg [php], Pinax [python/django], Crabgrass[ruby/rails]) but, in my opinion, some competition is welcome, particularly for the java/jetty crowd.

  • http://itknowledgeexchange.techtarget.com/IT-watch-blog/how-lockheed-martin-learned-to-stop-worrying-and-love-the-tarball/ How Lockheed Martin learned to stop worrying and love the tarball – Enterprise IT Watch Blog

    [...] software in one way or another for a long time, and Dana’s reaction isn’t atypical. As Gunnar Hellekson recalled, the same skepticism greeted the NSA’s contributions to SE-Linux, many of which were later [...]

  • http://onepeople.org/node/2147 OnePeople – Open Source Pork

    [...] facile cliché of “military contractors” with “ties to government”. As I’ve said before, you can feel how you want about the DOD or the government, but it doesn’t have anything to [...]

  • svartalf

    @Oceansmademe: You can accomplish the functionality in question (after a fashion, that is…) with Drupal and some plugins. Same goes for Joomla!, Liferay, and a few others. The problem is that using a CMS to accomplish this is something of a kludge, coupled with the fact that only probably Liferay and a few other high-end CMS' would handle real business sized loads with it- partly beacuse the CMS' in question are using lighter-duty software to do it with (not knocking PHP or Python based stuff as I use it- but the Java stuff tends to handle higher loads per server and scales a bit nicer when you deploy it…), and partly because you're hacking it together with that sort of thing. Dana's comparing apples to rocks here and doesn't get he's missed the point. Sadly, Dana does this from time to time- much like most other pundits. Dana's just in our camp instead of the others'.

  • http://twitter.com/obfuscurity Jason Dixon

    Honestly, the people over at Drupal, Plone and <insert OSS CMS here> that think their CMS is the end-all be-all solution need to wake up. We (the crew over at OmniTI) engineered a custom CMS product from spec for one of our customers that was easier to use, more secure, highly scalable, and included features the OSS versions don't have at a fraction of the resources (time and cost) it would have taken to retro-fit one of their products.

    I'm not trying to promote OmniTI. I'm pointing out that the OSS CMS projects out there aren't near as polished, scalable or infallible as they would lead you to believe. They're in an arms race against each other, but aren't really interested in what the customer wants.