Facebook and the Case for Open Source
From my perspective, the most interesting thing about the recent leak of Facebook source code is what a non-event it was. As such it’s one of the strongest arguments for open source that I’ve seen in a while.
The leak garnered a lot of attention to a large extent for the same reason that news wires light up nowadays every time that Steve Jobs breaks wind. Facebook is the hype superstar of the moment, so any story involving them is newsworthy. On top of that, a source code leak has the veneer of the illicit, another journalist magnet. But if we take a sober look at the possible negative consequences, none of them appears particularly daunting:
- Security. Someone could analyze the source code and find security leaks, hack into my profile and send my wife those pictures of me in a compromising position with a stripper, a circus clown and a underage tax accountant at my buddy Moose’s bachelor party. (If, of course, I were married and had a friend called Moose.) But these were the same arguments that were made about products like Firefox, and the reality has turned out to be quite different. It’s generally accepted nowadays that the widespread scrutiny made possible by open source yields more secure software.
- Competitive advantage. But surely a competitor will come along and steal all Facebooks good ideas! The truth is that the value of most web applications is more in the community, user experience and backend infrastructure than in the actual source code. User experience can be “reverse engineered” just by using the site. Source code is no help whatsoever in putting in place a scalable server park. And it should be obvious that building a community has everything to do with innovation, timing and network effects and nothing at all to do with specific lines of code.
- Business model. So maybe the source code will help me to strip out ads or otherwise undermine Facebook’s business model? Well, no. The source code that leaked (in PHP) is server-side code that is used to generate client-side code (with healthy dobs of JavaScript). For ad blocking it’s the client-side code that matters, and that’s open source by definition.
- Sloppy code. I might not want my source code to be subjected to public scrutiny if I’m ashamed of it. At the end of the day this is another argument for open source since it forces you to clean up your act. Sloppy code has its price whether or not anyone else ever sees it. In any case, the Facebook code looks pretty enough to me.
To my way of thinking there’s almost no downside to a site like Facebook publishing its source code. The upside is significant, not least the complete elimination of the risk of bogus “stories” like the source code leak attracting the media’s attention.
4 Comments »
Trackback URL RSS feed for comments on this post.
Leave a comment
Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>
“For ad blocking it’s the client-side code that matters, and that’s open source by definition.”
No it’s not. It is surprising you don’t understand the basis on which the code you are using has been built. Open source is about copyright and permission. It’s about having rights to take, modify and use the code. Being allowed/able to view the code is absolutely not the same thing.
Comment by Anonymous — 8/15/2007 @ 9:41 am
Fair point. What I meant is that the availability of source code is a big part of open source, and it is this that makes ad-blocking possible. If every webpage were delivered as an opaque Flash movie (SWF) for example, with embedded ads (god forbid), then blocking ads would be a whole whack harder. But I should have been clearer about the fact that making source code available is not sufficient in order for something to qualify as open source.
Comment by Matt — 8/15/2007 @ 11:29 am
>not least the complete elimination of the risk of bogus “stories”
>like the source code leak attracting the media’s attention.
Are these bogus stories doing any harm though? At the end of the day its just more free publicity.
Comment by Ian Thomas — 8/15/2007 @ 11:55 pm
i sincerely doubt its sloppy code. the difference between myspace and facebook is the difference between sloppy code and good code (among other things). i agree with all of your “rebuttles.” the problem is that its still intellectual property that they can do with what they wish. if you’re going to debunk this, then you’re going to have to argue against the whole music, film, and literary communities as well.
Comment by Nachtkriecher — 10/18/2007 @ 12:31 am