DEV Community

Donald Fischer for Tidelift

Posted on • Updated on • Originally published at

Open source creators: Red Hat got $34 billion and you got $0. Here's why.

In the aftermath of IBM’s announced acquisition of Red Hat for $34 billion in the largest software deal ever, countless VC investor, stock analyst, and industry hot takes have hit the interwebs.

None of that "thought leadership" addresses the most salient question to most open source maintainers: Red Hat got paid billions selling what you created, and you got paid jack. 😡

How the hell did that happen?

Picard facepalm

Prior to co-founding Tidelift, I was the product manager for Red Hat Enterprise Linux during its creation and early years of growth. I’m intimately familiar with why it works for Red Hat, and why it didn’t work for you.

Now it’s time to let you in on the secret, so you can fare better next time around.

What Red Hat knows

Red Hat unbundled the traditional enterprise software business model.

For the first several decades of the commercial software industry, when you bought a commercial software product, say a database from a vendor like Oracle, you got:

(a) a license to copy, install, and run that code

(b) a support and maintenance agreement to ensure you are successful doing so, today and in the future

Red Hat saw, earlier than most, that the ascendance of open source made the need to pay for code go away, but the need for support and maintenance grew larger than ever.

Thus Red Hat was never in the business of selling software, rather it was in the business of addressing the practical challenges that have always come along for the ride with software.

Who’s going to keep that software patched and secure? Red Hat will.

Who provides legal protection and indemnification? 👋 Red Hat.

Who gets all the individual open source components working together, and keeps them working for years to come? Yep, the 🎩 people again.

Red Hat doesn’t sell a work product they created alone (after all, you actually created it, isn’t that how we got here?). They sell promises about the future of a collection of software that someone else wrote, and the solutions (people, process, methodology) that make those promises come true.

Contrary to conventional wisdom that “support doesn’t scale," providing those assurances is a model that scales very well indeed. Red Hat has a gross profit margin of ~85% and an operating margin of ~25% on over $3 billion in annual sales. In other words: they make a lot of money doing this.

How do you get in on that game?

As an open source developer, you created that software. You can keep your package secure, legally documented, and maintained; who could possibly do it better? So why does Red Hat make the fat profits, and not you? 🤔

Unfortunately, doing business with large companies requires a lot of bureaucratic toil. That’s doubly true for organizations that require security, legal, and operational standards for every product they bring in the door.

Working with these organizations requires a sales and marketing team, a customer support organization, a finance back-office, and lots of other “business stuff” in addition to technology. Red Hat has had that stuff, but you haven’t.

And just like you don’t have time to sell to large companies, they don’t have time to buy from you alongside a thousand other open source creators, one at a time.

Sure, big companies know how to install and use your software. (And good news! They already do.)

But they can’t afford to put each of 1100 npm packages through a procurement process that costs $20k per iteration.

Red Hat solved this problem for one corner of open source by collecting 2,000+ open source projects together, adding assurances on top, and selling it as one subscription product.

That worked for them, to the tune of billions.

But did you get paid for your contributions? 😖

We can fix this, together

We think there’s a better way that borrows from Red Hat’s business model, but then takes it to a whole new level. That’s why we created Tidelift.

Here’s our logic:

  • Companies need assurances around the software they use, open source or otherwise, and they are happy to pay for it
  • The creators and maintainers of open source are the best suited to provide those assurances for the very software they wrote and maintain
  • To make it work, companies need a simple way to buy standardized assurances from all the maintainers together, and maintainers need a shared "business stuff" service

Tidelift opens up the system and levels the playing field, so that as a maintainer you can provide the same kinds of assurances that Red Hat provided, but for your own package.

With Tidelift, open source teams create their own solution—security, licensing, and maintenance for their package—alongside many other open source packages in an easy-to-consume bundle that companies can constructively engage with. Subscribers get their problems solved, not for a little corner of open source, but for all of it. And the maintainers who create the software they use? They get paid, starting with over $1m already committed. Win-win.

Now that you know, next time you can get paid, too.

Meanwhile, to our friends at Red Hat: do not go gentle into that good night. ❤️

Top comments (6)

rhymes profile image

Hi Donald, thanks for the detailed explanation!

To play the devil's advocate: RedHat is also in the business of doing a thing that a lot of OS developers don't want to do or are not equipped to do (and you mentioned it): maintaing the code forever and ever (or at least til the terms in the agreement).

Back in the days (many years ago), when I was active in the local .NET community and open source wasn't much of a thing in the Microsoft world, I had a conversation many with a Microsoft MVP who hated open source. I was already playing with Python and other opensource tools and he wasn't impressed. What he told me is that he disliked open source because him and the company he worked for wanted (I'm serious) "someone to sue if things went south". Most OS developers are not incorporated and some companies, sadly, would rather rewrite the tool from scratch (or steal it without you knowing it) then to have to deal with a freelance "nobody".

What you guys doing at Tidelift is very interesting and much needed :-).

I wonder if there's also some evolution in the landscape of licensing models because I feel there has to be some improvement there too. What do you think?

dff_55 profile image
Donald Fischer

I do think there is plenty of room for innovation with licenses. On the other hand, I fear that many of the recent "new license" discussions have been attempts to solve a business model problem with legal technology, while there may be simpler and more constructive approaches. My Tidelift co-founder Luis Villa wrote on this topic recently here, in case you're interested to check out another perspective.

rhymes profile image

Yeah I agree with you and your co-founder. Adding license confusion is not the solution. Changing a license means getting the company lawyers involved which makes it more work for the company which doesn't really help anyone.

Maybe Redis Labs is able to pull it off because Redis is such a pervasive (and sometimes essential) tool in software stacks, but it won't work for everyone.

dff_55 profile image
Donald Fischer

The central point of my argument is that unlike earlier enterprise software businesses, Red Hat never sold code. Quoting myself: "Red Hat was never in the business of selling software."

During its heyday, Red Hat did more than any other company to advance the cause of open source, including demonstrating a scalable business model. That enabled Red Hat to productively employ many open source contributors over the years, including many of my closest friends and collaborators, and invest untold amounts in open source projects. Still, it's an incontrovertible fact that most individuals whose code became part of Red Hat's enterprise products never saw a dime for it.

My opinion is that we should learn from the best parts of Red Hat's business model, and seek to improve it to better align incentives between creators and users of open source. I'm putting my money where my mouth is by working every day to make that possible.

bgadrian profile image
Adrian B.G.

As a developer interested in OSS, capable of maintaning a few small tools/libraries, and searching for its place on the market, Tidelift sounds interesting.