The Open Source Movement has Failed

The Open Source Movement has Failed. The title is intentionally provocative. Clearly, the open source movement — all of the people who contribute to open source projects and the agencies and companies that support them — has been successful on several levels.

The internet is built on open source software. That’s pretty amazing! Of course there is the issue of critical dependencies, specifically: “a project some random person in Nebraska has been maintaining thanklessly since 2003." There are documented instances of such people pulling their projects and breaking things, including several with Javascript's Node Package Manager and a relatively minor oversight with major implications for OpenSSL.

Linux, in particular, can be seen as a huge success for open source. According to Linux Statistics 2026: Desktop, Server, Cloud & Community Trends, half of the cloud runs on Linux, as do nearly all of the top web servers, including the likes of Amazon, Facebook, X, and YouTube, and all of the top super computers. And, of course, Linux runs on most anything, including all Android phones and Chromebooks, most all Amazon devices, video streaming sticks. The Linux kernel alone—not counting the various distros (“flavors” of Linux for the uninitiated)—has over 34 million lines of code contributed by over 11,000 developers. That’s pretty successful!

One odd stat, though: Linux runs less than 4% of desktop computers.

The open source movement has driven huge innovations such as software containerization and packaging. Package managers can be problematic if they contain compromised or flawed dependencies, or if that random person in Nebraska keels over or just quits. Bad actors capitalize credulity and market opportunities by incorporating malicious code into nondescript parts of the software supply chain, such as happened to WordPress.

Developers and managers need to be conscientious and methodical. As with any project, you’ve got to manage your dependencies. How difficult that is and capabilities required to do it are important considerations.

The open source movement made code more modular and reusable. While APIs (application-program interfaces) have been around for a long time, they really took off when some major tech companies needed to integrate their products into their customers’ systems. Then the co-author of HTTP defined the REST architecture, making APIs easy for anyone (within reason) to build.

And, of course, the open source movement has produced LOTS of great software. Best open source software of 2025 provides some prime examples—although I was disappointed that the didn’t include Nextcloud. More specific to current hype, researchers at Georgia Tech and MIT concluded that open source AI performed as well as closed, proprietary models at a fraction of the cost.

Open source adoption is “near saturation” but is still increasing, according to the State of Open Source Report, with over half of organizations reported increased use of open source in 2025. At the same time, some companies are pulling back from open source: Google trying to force all Android software to be distributed through Play. Bambu Lab trying to force all customers’ 3D print jobs to use its infrastructure. Cal.com’s response to AI finding security flaws.

All of these violate the spirit of the open source movement but also a fundamental rationale: Openness leads to better code. AI is contributing to that in the view of some by making it more economical to find and fix security issues. And, closing open codebases betrays the movement:

Our community deserves access to the code that runs their communities. And the best defense against AI-powered attacks is AI-powered defense, deployed by as many people as possible, against code they can actually read.

In spite of all of these successes, there is a long (in Internet time) tradition of pointing out the failure of open source business models. The open source “manifesto,” The Cathedral and the Bazaar: Musings on Linux and Open Source by an Accidental Revolutionary (1999), was roundly and thoroughly criticized as soon as it was published.

More recently, numerous commentators have pointed out that everyone wants free (as in “free beer”) software but no one wants to pay for “free, as in speech” software (props to Richard Stallman for that critical distinction). A classic is the 2015 CIO magazine article that starts by quoting an Andreessen Horowitz partner rehashing the flaws of the open source business model and ends by suggesting that SaaS (specifically Microsoft 365) will kill open source.

Just in the last year or so…

• https://blog.open-source-economy.com/open-source-every-business-model-failed-9022dff11832 suggests a rather complicated fix for the broken business model, specifically the issue that most contributors don’t part of donations to support projects.

• https://lucumr.pocoo.org/2023/12/25/life-and-death-of-open-source/ recommends a closed-then-open license, particularly for SaaS. Subsequent discussion on Y Combinator’s Hacker News, included one commentator (throwawaaarrgh) noting that:

An "Open Source Company" is, by definition, nonsense. It's trying to combine two completely ideologically separate things … your business can't be dependent on that open source to make a profit. … Most people don't care about your software license. They just want to use a product that makes their life easier. And that's what a business is supposed to do. Open Source is a distraction from that aim.

• https://marcindudek.dev/blog/wordpress-manifesto/ calls for a revolution in the WordPress portion of the open source movement that “forces core to become genuinely lean, fast, secure and SEO-aware, draws a clean line between core/plugins/themes, and opens the contributor pipeline to people who actually want to fix things.”

• https://www.ictworks.org/open-source-software-trap/ bemoans building “a movement that’s structurally impossible to sustain.” The author lays out the “7 Deadly Sins of NGO Business Models,” which basically come down to not being market-driven. “Our obsession with open-everything has created organizations that are fundamentally incompatible with financial sustainability. … [W]hen your intellectual property is freely available to everyone, you have nothing left to monetize when the grant money disappears.”

So, the open source movement has failed in spite of its success. But, I don’t believe it has failed in all of the ways catalogued above. Or, more accurately, the liturgy of failures flow from a broader collective failure of mindset that is laid out in a classic, pre-Internet book (yes, a book!) on high-tech marketing. I'll address that in the next blog post.