I met PHP core contributor and security expert Anthony Ferrara at the PHP BeNeLux '13 conference. He is a Senior Architect at NBCUniversal on a team that works a lot with Drupal. In this first part of a three-part interview, we sat down to talk about open source as an ethos and how it affects business. In the next two parts of our conversation, we talked about the consequences and practice of the Four Freedoms that define open source software, and the security of PHP as a programming language. I'll be releasing those soon and updating the links here, too.
Anthony is a prominent member of the PHP community and contributes a great deal of tutorials and materials "to help people understand complex topics in simple ways". His blog, about PHP, security, performance and general web application development is at http://blog.ircmaxell.com/ and his YouTube Channel at http://www.youtube.com/user/ircmaxell.
The slippery slope to open source
Like many open source contributors, Anthony got his first small hit of open source (helping a friend with a website, in his case), then went a little deeper (built his own website). The point of no return was probably when he figure out how to fix performance limits on his site and gave the code back to the open source project in question, Joomla. Once they saw his code, the platform's maintainers asked him to come in and help. "In about 6 months," explains Anthony, "I went from releasing my first bit of open source code to becoming a core contributor to a major open source platform." He worked on security, maintenance, and performance for the Joomla project for a few years. Antony has now been a PHP core contributor for roughly two years at this point, but also advises and contributes to other open source projects, including Drupal 8.
Experts are made not born
To make a meaningful contribution to an open source project, you don't need to be a "rockstar". Good ideas and honest efforts make a real difference. "There is so much work to be done. The people doing the bleeding-edge stuff don't usually have time to do other stuff. Even if you started with a platform yesterday, you can make meaningful contributions." Beyond code there is still so much to do: quality assurance, testing, bug reports and validating bug reports by reproducing the problems. "People underestimate how much of a help that all is," and the impact that kind of help can have on a project. It's not about being a star,"The people who are 'famous' weren't famous a year ago. The reason they got famous was because they went forth and put the effort in. They stood up and said: 'I'll do that'. They're not some complete genius who the community picked out and said, 'That's the guy we want to follow.' It's because they have put in that time, that effort, and they have earned that respect." Experts are made not born.
Open source and proprietary coexistence
"I use a variety of things from open source video editors to programming languages. I'm a huge supporter of Linux. Until recently, I only owned Linux computers. I recently had to adopt a Windows machine, but not out of choice ..." he says while making an inscrutable expression. "I am a huge believer in the open source movement, but I am also a believer in open source and proprietary living side-by-side. I am not a zealot; I am pragmatic. One example is large data. When you get to extremely large database sizes, it doesn't make sense for the open source community to spend time and effort trying to support that when there's maybe only a couple hundred users in the world who need that kind of scale. In niche markets, proprietary software can be a benefit to open source projects by alleviating some of the burden of edge case support."
Now that companies like Red Hat, Acquia, and Canonical offer commercial support for open source projects and "s long as the corporate backing and the open source project play nice together, the only people who win are everybody."
Building better with open source
The difference in approach between proprietary and open source software is highlighted by where the investment is made: "If you go with a proprietary product, you spend a large amount up front and then you have to use it [as is]. Whereas if you go with open source, you don't spend nearly as much up front, but you'll spend a little bit more over time [for ongoing work on the product], but that little bit more that you're spending is directly attributable back to you because you're making it do exactly what you need as opposed to changing what you need to [match] what the [proprietary] tool does."