high fidelity

(I can only barely forgive myself for that title. I hope you can manage as well.)

After my previous post about Fidelity and Firefox, Rafael pointed me at another article about Fidelity’s adoption of Firefox. A gem from that one, emphasis mine:

Recently the center began testing the open-source Firefox browser, an alternative to Microsoft’s dominant Internet Explorer. Charlie Brenner, a Fidelity senior vice president in charge of the center, says the idea came from engineers in his department who were using it at home and liked Firefox’s advanced features, such as the ability to open new browser windows in tabs rather than in a whole separate browser, and its promise of being more secure from hacker attacks than Explorer.

Someone else agrees with, or is perhaps experiencing, my current theory on enterprises and our software: we’re better off trying to get to enterprises via users, and not the other way around. Dunno if the same logic holds for other disruptive software, especially our open source cousins, but I think that the following three-step plan is probably as useful as many wordier ones that are getting funding and publicity today:

  1. Make it easy for users to try and love your software where they can most comfortably do so (e.g., at home).
  2. Make it them wish they could have it elsewhere (e.g., at work).
  3. Help them sell it to the people who can make that wish come true.

I could easily write paragraphs upon paragraphs about each of those bullet points, talking about things like minimizing change cost and playing to the unique scaling strengths of open source communities, but you can all probably imagine what it’d look like. And I don’t have to type or edit your imaginings, so we all win.

Of course, I am not a millionaire entrepreneur success story, teenage software genius, proven technology futurist, or even venture-funded experimenter, so it’s quite likely that you can get better advice elsewhere.

halos and security holism

A nice article about Fidelity and open source has two things that I find especially nice, in this one paragraph alone:

The Mozilla Firefox browser was an eye-opener, added Mike Askew, who also works in the technology center. A head-to-head comparison of Firefox and Internet Explorer showed that both had about the same level of security vulnerability, but ”the time needed to fix vulnerabilities in Firefox was much less,” Askew said. That experience led Fidelity to look at open source more intently.

First, I do quite like to hear that our success is making people look at other open source offerings more seriously. It’s not a primary goal for the project, but it’s one of the nice unintended consequences that we get as a bonus.

Second, I like to see people evaluating security characteristics of software in a more nuanced way than simple advisory or vulnerability count. Not all bugs are equal (as is perhaps obvious now, in the throes of the WMF vulnerability, though that’s not an IE bug), and even with severity weighting you are still faced with what are likely even more important questions. Chief among them might well be “how long am I likely to be exposed once a bug is found, or publicized?” If you believe that history is a useful, if imperfect, guide, then something like this vulnerability-window study might be of interest. If not, then you’ll have to do more research, which I very much hope you’ll publish.

capitalizing

He resists falling in to the trap of predicting Portland means 2006 will be “the year of Linux desktop,” but is confident it can capitalize on the buzz that Mozilla’s Firefox has created around open source software on the desktop. Firefox has gained 11.51 per cent of the browser market in the year since its release.

I will be very interested, as Mozilla’s representative to the Portland summit, to follow this effort. I don’t think that most of the people in that 11.51% (I love the precision there!) use Firefox because it’s open source, or perhaps even know that it is. Well, I’m being pretty generous here. I’d be surprised if more than 0.51% used Firefox because it was open source, and I’d be very pleasantly surprised to discover that more than a few percent knew that it was, and what that meant.

I do hope that a growing understanding of the value — to more than just the Mozilla project — of the Firefox brand will help alleviate some long-standing issues here, but even more I hope that the “rest” of the open source desktop can learn from what we’ve done well and poorly, and use that to inform their own path. That’s not a guarantee of success for anyone, to be sure, but it seems like something that would be of interest to those projects. (I have a bit of trivia about that very interest from the Summit, but that’s a whole other story.)

As an aside perhaps of interest to nobody, I think that the “open source desktop” is much much more interesting these days than the “Linux desktop”, with the possible exception of OLPC, and that it’s a lot easier to switch the OS after you switch the parts that touch the users. (The flowers, in many cases, remain standing.)