Information freedom for open source users.

Cloud.com was officially launched today as an open source cloud provider.

The company’s open source CloudStack, which is available today, is designed to reduce the complexity of building the cloud infrastructure. Cloud.com, which has received more than $17 million in funding, said its solution “accelerates the deployment, management and configuration of multi-tier and multi-tenant private and public cloud services for enterprises and service providers.”

It is an open source solution but is not exclusive to open source hypervisors. It supports Xen, KVM and VMware out of the box and will support multiple hypervisors and toolsets, said chief marketing officer Peder Ulander.

Cloud.com was founded two years ago as VMOps and is led by Sheng Liang, who developed the Java Virtual Machine at Sun and co-founded Teros, which was acquired by Citrix.

Originally, the Cloud 1.0 stack was focused on Xen and virtualization management. However, as the industry evolved, executives saw the need to support multiple open source and proprietary hypervisors and to enable enterprise customers and service providers with a full suite of software to deploy private and public clouds.

Cloud.com is not trying to compete head on against the likes of Amazon EC2 – but it is equipping service provider allies that want to do so — Tata Communications is one of Cloud.com’s service provider customers, for instance.

The Cupertino, Calif. company says that 98 percent of the Cloud.com stack is open source under the GPL 3. The rest of the code is proprietary custom connectors for linking in Cisco and EMC systems, for instance, Ulander said.

Ulander, formerly at Monetvista and Sun, said the Cloud.com Platform has a the muscle to provide service providers and enterprises with a hybrid solution for both public and private clouds. He noted that the stack offers network and storage virtualization management.

According to Cloud.com:

“Today, enterprises and service providers trying to build their own IaaS clouds face a daunting challenge. First they must integrate a patchwork of software including hypervisor, management software, user interface, network virtualization and storage management,” according to one statement issued by the company.

“Once the software stack is put together they are faced with a costly requirement to build using specialized storage and networking equipment that supports proprietary extensions required by hypervisor vendors.

” Cloud.com Platform provides an integrated solution for delivering virtual datacenters as a service – delivering all of the essential components used to build, deploy and manage multi-tier and multi-tenant cloud applications in a simple to install software package.”

In the wake of Google’s purchase of BumpTop, with its unique user interface, and BumpTop’s decision to close down its work on Windows and the Mac OS, the question needs to be asked.

Will the Chromium OS remain open source?

As you can see from the video above, this has always been the promise. The Chromium source code is freely available. Just like Linux, on which it is based.

(Our Zach Whittaker saw BumpTop, which debuted at the 2007 TED Conference, last year, and was very impressed.)

The promise of open source has always been that it stirs open innovation, and no company believes in that more firmly than Google. But when Google needed something to get it over Apple, which had sued HTC over its use of multitouch, it bought the solution.

So now why should it share? Especially with Apple, which based its Mac OS on Linux.

Google launched the first version of Chromium late last year, but while Android has proven popular with manufacturers, no one has yet announced any plans to use Chromium. Some blogs, in fact, are already speculating that Android is the final destination for BumpTop. not Chromium at all.

Which leads to the larger question of differentiation. How does Google turn Chromium into something unique, something separate from Android, with its own value proposition? Especially if the Android team can just grab cool, new stuff like BumpTop and throw it onto a phone?

How does Google control BumpTop so it remains a unique experience? How does it keep out all the “baby Bumps” that may kluge parts of it together with other stuff and build incompatible, even proprietary, knock-offs?

The only answer to those questions is to close the code. I would dearly love to be wrong on this, but I don’t see another way for Google to maximize the value of the buy.

Tell me I’m wrong. (And tell me why.)

Regardless of the merits of a case against open codecs Ogg Theora and VP8 for patent infringement a very important question remains unanswered.

Who will pay the lawyer bills?

NoSoftwarePatents founder Florian “Floyd” Mueller (left), who was last seen here being panned for fighting the Oracle acquisition of mySQL, fears it may be Apple.

“While Microsoft doesn’t try to force any Android phone vendor out of the market, Apple uses some of its own patents very aggressively in order to prevent such companies as HTC from providing certain functionality at all,” Mueller wrote me late last week.

“It’s important to see the difference from the perspective of competitors and consumers: the worst thing that can happen with patents is if vendors, especially leading ones, use their patents for exclusionary purposes.

“Should Apple be a contributor to the patent pool Steve Jobs mentioned, that would be very bad news because then the objective may very well be to prevent any commercial use and distribution of Ogg Theora and other open-source video codecs.”

Mueller has long been concerned with the patent status of open source codecs, writing at FOSS Patents after Google announced VP8 would be open source that multimedia is a patent minefield.

It doesn’t matter whether it’s Google or any other vendor or a FOSS project: there’s no such thing as a multimedia data format that anyone can absolutely guarantee to be unencumbered by patents.

This is one reason Mueller, who started in this business as a 16-year old computer journalist in 1986, launched his campaign against software patents.

All this makes the pending decision in Bilski vs. Kappos, still unknown at this writing, so important. A decision that encourages Apple to proceed, especially against Google, may make for the biggest lawsuit of all time.

The FUD attack launched against Ogg Theora and VP8, the very idea that they violate patents, is not aimed at the courts, but at the W3C, which held a conference on the coming HTML5 standards last week in Raleigh.

While audio and video files are currently handled through object tags, HTML5 will support standard audio and video tags, support for which will be defined in the browser.

Microsoft and Apple are carrying the water of the content industries, which fear that losing control of the technology under which content is displayed results in losing control of the content itself. That control is expressed through the MPEG LA licensing body.

The $5 million license fee for the H.264 codec required by MPEG LA acts as a barrier to entry, both a financial and moral one. A licensee that doesn’t follow Hollywood’s rules could have its license pulled, and thus its product.

The money is chump change for Microsoft, and the barrier a good thing.  It’s a matter of principle for open source.

HTML5 is where that principle is being contested. The W3C policy is not to accept a royalty-bearing, proprietary technology into the Web standard. That’s why video has, until now, been a function separate from the browser.

The attack came now because Mozilla, makers of Firefox, only wants to support truly open codecs under HTML5. Google’s move to open source of VP8 is also said to be preparatory to making it the default codec in Chrome.

If open source becomes the default for HTML5 in Chrome and Firefox (and Opera too) Hollywood loses its technical control. Thus the dark claim by Jobs that a ” patent pool is being assembled to go after Theora and other ‘open source’ codecs now.”

The case is a nonsense.

If Ogg Theora were subject to patent, why would those patent holders allow nearly 160 million downloads (at last count) of the VLC Player, which contains it. Then there’s the question of whether any software patent is valid — we’re still waiting on a Supreme Court decision in Bilski vs. Kappos to settle that question.

Apple and Microsoft have made their money on video by doing what the video owners want. They want to control the Web’s video technology. So Microsoft will only support H.264, Apple darkly mutters about patent suits, and the W3C is supposed to knuckle under, making a proprietary technology part of the Web standard.

If pressed, I have no doubt that a suit would be filed. But even the filing of a suit does not always represent a desire to go to court, only a willingness to do so as part of a larger negotiation.

The suit would magically disappear if H.264 became the Web standard for video, and everyone who wanted to watch a video online were forced to have their software license that codec from MPEG LA.

That’s the issue squarely facing the W3C now.

More great news for Linux distributors Red Hat and Novell, which prevailed in a patent infringement case brought by IP Innovation.

IP Innovation, a unit of Acacia Research and holder of multiple patent portfolios, alleged that the two Linux companies infringed three patents that protect computer GUIs that span multiple work sites and that allow users to access icons remotely, the court documents show.

According to a report published by Bloomberg news, a jury in Marshall, Texas found that the patents in question were not valid and that neither Red Hat nor Novell were guilty of infringing on IP Innovation’s intellectual property.

In a press release, Red Hat said it will “remain stalwart in resisting bogus shakedown tactics.”

Novell recently celebrated the end of a copyright infringement lawsuit brought against it by SCO several years ago.

Now that the SCO and IP Innovation cases are disposed of, it anyone else want to take on Linux?

Increasing popularity of open source cloud infrastructure platforms such as Eucalyptus, OpenNebula, Nimbus, Xen Cloud Platform and OpenQRM has raised hopes that open source can establish a stonghold in the IaaS platform space.

Still, some open source advocates maintain that Amazon, Microsoft, Google and Rackspace will continue to control and build out a proprietary public cloud infrastructure until the open source community collaborates more closely.

So says Sam Ramji, vice president of development of Sonoa Systems, who let his views be known at the Linux Foundation’s recent collaboration summit. “The cloud will be open when the community gets together and builds a cloud infrastructure,” Ramji said.

While much of the software running private and public clouds is open source, proprietary vendors are firmly in control, Ramji said, noting that APIs from Amazon, Google and Microsoft are defining the public cloud landscape.

Ramji, the former head of open source at Microsoft, noted that there have been some efforts such as the Open Cloud Initiative, Open Cloud Consortium and other Open Cloud standards efforts to advance the cause, but the undertaking needs serious corporate support.

“It’s not about technology … It’s a question of funding,” Ramji said, noting that one Bank of America IT executive runs his private and public clouds on open source software. “There has to be a financial model that shows up. [IE]Each foundation shows up to make it happen or it doesn’t make sense.”

The lack of Interoperability among public clouds is one way open source companies can gain momentum, some say.

Following a recent GigaOM forum, one author noted that “many concerns over cloud interoperability and application portability can be addressed in the planning stages and by utilizing automation capabilities from companies like RightScale. Another possibility is to use an open-source interface like libcloud, which simplifies movement between clouds.”

When Oracle bought Sun the first reaction in the mySQL open source community was to fork it.

Now PGP may need a fork following Symantec’s purchase of PGP Corp., and speculation it may favor Guardian Edge instead.

There is an important lesson in all this. The interests of open source communities and the corporations that control a project are not always the same.

For a corporation an open source project is just another puzzle piece, just another move on its board. It’s an asset. For a community, the project is more. It’s where you put your time, your loyalty. It may be where you put your love.

There are many areas where affection is given to what owners see as an asset. Sports is the most prominent. It must be heartbreaking to be a fan of the Portsmouth football club right now, given the mismanagement (or maybe worse) of a series of owners.

The fans didn’t do anything wrong. They kept coming, kept cheering, kept paying for tickets. But as a business asset the club is less-than-worthless. It has been stripped of its economic value.

For an American audience, imagine if you were a fan of the old Baltimore Colts, the Quebec Nordiques, the Brooklyn Dodgers or the Seattle Supersonics when those franchises moved? Imagine you’re a fan of whatever team is eventually persuaded (by its own interests and those of the NFL) to abandon its fans for Los Angeles?

No one has done that (yet) with an open source project, but in fact they could. Symantec, for instance, could “upgrade” paid PGP users to another product, eliminate development funds from the project, and walk away. That would be its legal right, as it would be the legal right of Oracle or any other property owner.

But where does that leave the community? My point today is that it’s in a better position than a football club’s supporters, because open source code (unlike a sports franchise or proprietary code) can have a life of its own.

So it’s important that projects do have such a life. The people of the .org, or the forge site, the user community of every open source project needs to protect its interests and keep itself organized, separate and apart from any commercial interest exploiting the code for profit.

It’s best to know that now, and take action, rather than waiting for your code base to be strip-mined and dumped the way Portsmouth was.

There are three ways to speculate about Microsoft’s latest Linux patent cross-license, this time with HTC:

1. Microsoft is pushing its weight around (again).
2. Microsoft is aligning with Google against Apple.
3. Microsoft is making peace with everyone.

(Ah, yes, the classic Boardwatch “Billgatus of Borg” cover, from my days writing for Boardwatch Magazine in 1998.)

The first is the idea that Microsoft is trying to surround Linux with patent claims, place a stranglehold on Linux, and control open source. The second is that this is all part of the “great game” among the big tech powers, wheels within wheels mere mortals could never understand. The third is that Microsoft wants to end the era of patent suits — as was done with Amazon so with Android.

But I want to look at a different question today. Why are so many smart companies signing up with these agreements? What is in them?

Microsoft has always kept a proprietary no comment on these deals, and non-disclosure is a condition on the other side as well. Outsiders have been led to understand Microsoft has some patent claims involving Linux (undisclosed)  that companies are recognizing, and that they are paying for the privilege.

But what patents? How much? What’s in the fine print? This we are never told. The game has been going on for over three years now — since the first deal with Novell — and the public is still being kept in the dark.

No doubt Microsoft believes this is in its best interest. It helps if people believe these are onorous terms, that Microsoft has everyone over a barrel, and Linux by the throat.

But I wonder. If Microsoft’s intent really is to make patent peace with Linux, not patent war, then at some point the cost of the fear (from open source advocates) outweighs its value.

Despite all these deals, despite Codeplex, despite releasing coders to work on projects like Joomla, Microsoft is still looked upon with loathing by open source advocates. (Just look at our talkbacks.) But that attitude would change, and open source would be far more willing to make peace with Microsoft, if we knew what was in those agreements, and knew they were no big deal.

You don’t think a Microsoft lawyer might want to lose one of these things inside my favorite bar, do you? I’d pay for the martinis.

When the next version of Ubuntu LTS (Long Term Support) ships tomorrow there will be hundreds of open source applications ready for it, Canonical has announced.

LTS versions of the software ship every two years and are often aimed at software developers. A full list of companies supporting the new release is available here. In keeping with the company’s habit of alliteration the new version is known as Lucid Lynx.

In addition to claiming leadership with open source desktops, Canonical’s aim with the new release is to make it more attractive to proprietary solutions. Adobe, IBM, and VMWare are mentioned specifically in the release.

As always, we at ZDNet are all over this. Sam Diaz notes the software will have new features supporting clouds. Adrian Kingsley-Hughes is asking if the new software will lure the social crowd.

I’m most interested in ease of installation for the full stack.

I have a dream (a wonderful dream) that users could go to a single page, select the applications they want added to their distro from a menu, then download a custom stick through BitTorrent they might plug in to unbrick their box.

Gaining support for such a solution from small resellers would be swell. It would be great if an Indian entrepreneur can get some used hardware, take orders, load a stick, test the results and deliver it to customers. He’d have the whole world on a plate.

Maybe starting here, starting now, everything’s coming up roses.

Just weeks after Linux lost the support of Songbird, a music application, a new Linux browser has debuted.

It’s a version of Firefox Fennec for the Android phone.

It’s a “pre-alpha” release, announced by Mozilla developer Vladimir Vukicevic on his personal blog. He gave a link from which you can download the current build.

It’s not for grandma, or for casual walking around, he writes. Some of the limitations:

• Bugs might require you to reboot the phone.
• It’s a memory hog.
• There’s still an app exit and relaunch on the install.
• It does not support links from other apps.
• You will need Android 2.0 or above, and the phone needs to be OpenGL ES 2.0 capable.
• You have to install it on the phone’s internal memory, not the SD card.

Most of this stuff will be fixed as the developers go along. Vukicevic calls it “a pre-nightly build (even earlier than pre-alpha).” Don’t say you weren’t warned.

But still. Wa-ha-ha-ha. Candid software. Nudge, nudge. If you’re a man of the world, squire, you might like to give it a tumble. One of the best contributions you can make to open source, as a non-programmer, is to try out new code.

Like Google before it, Facebook is now coming under increased scrutiny over the meaning of the term “open” in an online world.

Open software is good. Open data? Maybe not so much.

The traditional software argument is that unless you’re using the AGPL. unless everything is open including your secret source, that you’re not really open, that you’re just pretending to be. Open is just another word for nothing left to lose.

I have never bought that. Open source is not the same thing as free software, which was one of the first lessons I was taught when I took this beat. (Richard Stallman got on me personally about it.)

Open source is a continuum of choices, ranging from Stallman’s Free and Open Source software (FOSS) ideal through Microsoft code that is under tight restrictions. Open source was born in reaction to FOSS, and in opposition to it.

Early on I devised an open source incline to illustrate the range of choices available. As the need for community contribution increases you go down the incline. As your proprietary control over the code increases you go up the incline.

Later I amended this into the open source development incline, taking a variety of development models into account.

The point about most code intended for online use is that it is not usually at the bottom of the incline. Even Google is not at the bottom of the incline, although it’s an open source citizen in good standing. Google does not support the AGPL.

But what about data? Who decides the status of online data? Does that decision lie with you or with the company hosting the data?

Facebook has defined data as software and released its work into the wild, saying it’s just following the tenets of open source.

When you look at open vs. closed in a software world, open sounds marvelous. Look at it in a data frame, as in your data is open unless you say not, and Senators spy a privacy violation. Especially if, until recently, you’ve been defining yourself as a private network safe for kids, not an open part of the regular Web.

It’s pretty easy for software to move up and down the open source incline. For data it’s proving problematic.

The seizure of Jason Chen’s stuff for getting his hands on a pre-beta iPhone took me back 25 years, then dropped me back into the present.

Back in the spring of 1985 I was preparing to join Newsbytes, an online news service then hosted at The Source, but there was a problem with our other hire, Englishman Steve Gold.

He had just been arrested.

Steve was, like me (and like Jason) a freelance writer. He was doing some security work for the old Prestel network, and hacked into it. For this he would stand trial, be convicted, and live in legal limbo for years until the Law Lords finally overturned it.

The question on that spring day of 1985 was whether Steve was a risky hire. Emphatically no, I said. Why, he’s a made man. If you’re not willing to skate on thin ice to do your job, that would be a problem.

Flash forward 25 years. It seems little has changed. Judging from his blog, Jason has the kinds of obsessions, like video games, associated with my son’s generation. He’s like Steve.

But this is not a story that resonates at all with open source. A proprietary vendor feels that its secrets have been compromised. It wants people to ooh and aah when they see the new iPhone has two cameras, that you can hold it up and engage in videoconferencing.

Frankly, my dear, I don’t give a (well I live in Atlanta, what else was I supposed to say?).

It is true that if someone got their hands on the next HTC or Motorola Android phone, there might be a stink. But it would not be that great. The Android code, the capabilities it supports, are transparent and available. Vendors can choose among the options.

Is there any such thing as pre-release code in the open source world? All repositories have some, but the word for such code is buggy. It’s worthless. Pre-release code gains value only after it’s tested and accepted formally into the code base — in other words when it’s released. We need find no code before its time.

Here at ZDNet Open source, I have long known that our most popular stories are straightforward announcements of code releases and new features. My co-blogger Paula Rooney is great at getting those stories in to us and you show her your love for it. Numbers don’t lie.

The kind of stuff I specialize in — asking questions of vendors, readers, and government — stirring up controversy, it’s not so popular with y’all. But going undercover to get behind a curtain, grabbing untested products before they’re ready, that’s not really a story in an open source world.

Back in Steve Gold’s home of old blighty, this whole case is being laughed at. The American press is said to be in the tank for vendors, and its reaction to the Chen case is being cited as an example of why British reporters are just better.

I know that’s still true in one case. But how do y’all feel about it?

Open source is a product of the Internet, and its success rides on Internet values.

A key Internet value is low switching costs. (Well, no switching costs.) So when the costs of switching are low or non-existent, an open approach is going to win out over time.

(Amazon sells these wooden Maxim train switches for just $9.99. For two! How do you like those low switching costs.)

Google groks this. The secrets to their success are open. Everyone who wants to knows about their use of low cost PCs, about their dark fiber purchases, about their concern over energy costs. Many of their key algorithms are also open.

No, not the “secret search source” — but having that would just let outsiders manipulate results. Open is not a suicide pact.

Facebook also groks this. Its opportunity came when rival MySpace was bought by Fox, which wanted to tie the social network’s audience to its brands. With switching costs being zero, Facebook began benefiting immediately. They learned the lesson.

All of which makes statements like this from Mark Cuban, that Microsoft can benefit from buying Facebook, ridiculous. (As ridiculous as the Mavs falling 3-1 behind a seven seed.)

Switching costs are too low for any proprietary embrace to work. Open source credibility matters more than anyone imagines. So open must be the mantra, even when introducing something no one else has.

Traditional business analysis holds that switching costs are never zero, and that they are constantly rising. This is not true on the Internet, and this benefits those companies that are most open.

I can go to Bing right now. They do a good search service. And you can switch to Gizmodo just as quickly. That’s why I am dancing so fast.

This idea of no switching costs does not exist (yet) in the world of Internet clients. I admire what Jason Perlow is doing, switching entirely to Linux from Windows, but the market won’t follow because that entails high switching costs. Apple would likely benefit more from a rejection of Microsoft than Linux, despite its platforms being highly proprietary. Switching costs matter in that space.

But those switching costs can be reduced. What Google is really doing with Android is providing an iPhone alternative that is not only competitive, and similar in terms of usability, but also has open written all over it.

Over the long run a combination of being open with low switching costs is going to win. The question, then is how long that run is. After all, as John Maynard Keynes said, in the long run we’re all dead.

After the fire the fire still burns

Quoting Pete Townshend dates me, but I have seen this movie many times before. (Kitchen fire image from CNetTV.)

Venture capital enters a new space. Everyone laps it up. Then with a turn of the market the VCs are gone, or looking to cash out, and the new industry is left wondering where its future is coming from.

Even though total dollars being invested may rise for a time, the old business model of paid support in lieu of licensing only draws yawns on Sand Hill Road.

They want to hear about open source in products that sell, open source in services people buy. Open source becomes one ingredient in the stew. The good old days are gone.

I have seen this happen with PCs, with software, with multimedia, and with Internet technologies of all sorts. I have seen it happen with content, with advertising, even with blogging.  Open source was hot five years ago, but now it’s all social media or renewable energy.

This is natural. Venture capitalists are looking to get back 10 times what they put in, or many times more. If you can’t show them that they are not interested. That’s because most investments are lost. They must have hits or their business collapses.

The reaction among open source advocates is the same mix of wonder, denial, and worry I found in all those other industries. But they survived. Open source will too.

Once the shock wears off, you ask, what’ll I do? Ning decided to focus solely on paying customers, and many companies will choose to abandon their community, in whole or in part. Other companies have climbed back up the open source incline. The word for 2010 is monetization.

The irony is that the open source business model was designed for hard times. Marketing, distribution and even development costs are flattened to near-zero. Companies can become virtual. Development teams become global. No one really has to take a Silicon Valley salary.

Consolidation is another watchword in this period of evolution. The cream rises. Within each niche, the distance between the lead dog and those trailing grows. Didn’t you used to be Matt Mullenweg?

This is also where the big boys come in and get bargains. The embrace can’t be resisted, especially if you have outside investors to satisfy. Seeing the “crown jewels of the movement” swept off the board by big companies that may not understand the business model is just evolution in action.

The good news is that open source is an established force. Communities do have power, and that is not going to change. Entrepreneurs come and go, corporate strategies adjust with the times, but open source is now a permanent feature of the landscape.

This means open source values are a permanent feature of the Internet and software landscape. Companies may still choose to defy those values, but they remain as ascendant as they were when the fire burned brightest.

The power, in this case, doesn’t lie with the entrepreneurs or the business managers of open source companies, as was true with every other niche I have ever followed. It lies with users, with developers, with communities.

It lies with you. Open source has given you power, and it is up to you to use it well.

One of the most appealing aspects of journalism is that, sometimes, you get to give billionaires like Larry Ellison (right) some free advice.

Our story begins late last month, after I suggested here that Oracle was “taking OpenSolaris back.”

I got a lot of blogospheric pushback, calling me out by name. Masoud Kalali at JavaNet said I got it wrong. This spread halfway around the world, then  to NatMac, to Jessica Thornsby, and finally Alex Gorbachev demanded I stop the FUD. I wish I’d seen it.

Their main point was that the OpenSolaris license didn’t change, only the basic Solaris conditions. Point taken. But what is most interesting to me (although I could always be wrong again) is the reaction from Oracle itself.

Silence. And this silence has many customers wondering whether Oracle is interested in open source at all.

The silence is telling. It’s the dog that did not bark. Oracle is going about its business, bloggers notwithstanding, ignoring even ServerWatch’s recent claims that OpenSolaris is going bye-bye.

It reminds me a bit of politics, not in a partisan sense but in a tactical sense. That is, the first response to a charge is to ignore it. You only address it when the charge gains traction.

That is conventional wisdom, but as Democrats claim they learned in the health reform debate, that conventional wisdom is wrong.

In my own case, I’m sure a phone call from some Oracle PR maven would have gotten quick results. But that didn’t happen. There was no official request for a correction, not even an official response in the Talkbacks.

I am not saying here that it’s Oracle’s fault I got something wrong. Point is that silence is a vacuum that gets filled by others, not to your advantage. The concerns about the future of OpenSolaris are spreading rapidly to other Oracle assets, to Java and to OpenOffice.

No doubt Oracle believes that actions speak louder than words. But something I have said repeatedly here, and will continue to say, knowing that at least here I’m right, is that open source is not just business. Treating it as just business is a mistake. Open source always has an element of politics in it, because you’re dealing with communities, not just customers.

Oracle ignores this at its financial peril.

My Italian friend Roberto Galoppini has developed a new open source evaluation tool, SOSOpenSource, and Funambol has passed its tests.

Most open source evaluation tools use a corporate database of code and its licenses. They also tell you only whether code is open source, and what its license says if it is.

Galoppini, who is among those fortunate enough to make his home in Rome, Italy, is doing more:

SOS Open Source takes advantage of the abundance of information – caused by the fact that many projects are hosted and enlisted in many forges and meta-forges – and with heuristics based on experts’ wisdom give useful recommendations for decisions. The analysis returns a set of open source candidates that are robust (stable, mature and backed by a viable community), supported (either by a community or vendors) and grant evolvability (readable and maintainable code).

If you would like to see his technical points in a slideshow, here is one.

Essentially, while services like Black Duck and Palamida are most useful before you’re about to use or re-use code, and you’re dealing with lawyers, Galoppini can help you choose among open source projects to find the best long-term fit, working with developers.

Many big companies now stand on the shoulders of open source dwarves, he writes. Twitter has used 29 open source projects in its development and sent back code to 7 of them. Facebook has used 20 open source projects and contributed back to 6 of them. (Hi-ho indeed.)

That is going to solve a lot of problems for a lot of people. How many companies have committed themselves to supporting an open source project, only to see it fizzle away due to lack of community support? (Raise your hands, don’t be shy. Here, I’ll raise mine first.)

He adds that SOS Open Source incorporates over 60 tools and 8 different EU-funded projects’ findings so you can evaluate not only the license risk but the business risk in supporting open source components.

You want open source that lasts? Look to the Eternal City. Give it a whirl and see if you like it. If you do, say grazie to Signore Galoppini. He also takes Euros.

Open source activist Florian “Floyd” Mueller has riffed on a recent piece of mine concerning Google’s open sourcing of its VP8 codec.

(The art is by Roland Heath and is called “My consciousness bouncing around the light.” Thumbnail reproduced with permission of the artist.)

His point — there is no such thing as a multimedia format unemcumbered by patents.

Multimedia (audio/video) data formats and codecs are one of the worst patent minefields of all. One has to tread carefully, and some of those mines go off all the time.

Google may face legal challenges to open sourcing VP8, he writes. Apple says there is patent uncertainty regarding Ogg Theora.

Floyd cites MP3, which German police have been actively policing at trade shows like CeBIT. They’re not really acting as patent police. They’re looking for pirated content, and the means to reproduce it. But patent claims give them the power to go after everyone, even if they’re using FOSS software to encode their stuff.

I think there’s a difference between how seriously police take patent claims at a trade show and how they take calls from Hollywood to seize stuff. Patents in this case are just an excuse to enforce copyright.

But I take Floyd’s point. Digital content is a patent minefield, and each country has its own set of mines.

This still does not render the success of VLC or Google’s move with VP8 meaningless. Despite all the policing in the world the trend is toward more open audio and video formats, to less DRM, and to complex files being given the same rights in the online world as simple files like this one.

Agree or disagree?

Drupal and its commercial arm, Acquia, got a big boost last year when it was announced the White House would be using the software.

Now it’s getting a second stimulus, this time in the form of code. Yesterday, as DrupalCon was winding down in San Francisco, the White House announced it had added the following enhancements to Drupal:

• Context HTTP Headers supports new types of metadata and helps in managing cache scheduling.
• Akamai allows sites to integrate with the content delivery system of the same name, and handle increased loads when necessary.
• GovDelivery helps customize e-mails sent from a Drupal site.
• Node Embed not only improves the handling of large photo files and video content, but helps sites meet government standards on accessibility.

All these features are designed for sites that are highly scaled, in terms of both traffic and content. They help a large Drupal installation manage its content and serve users better.

They appear to be of most interest to media companies, especially scaled media companies. We here at ZDNet use WordPress, and I have no insights into what the technical people are thinking. But my guess is the tech people at many media companies are going to look more closely at Drupal with these new features.

Even Republicans. Now that the code is contributed you might just find it at a tea party near you.

The battle between Google and government widened considerably this week, with Google seeking to identify evil policies for its users and governments calling Google’s own policies evil.

(Google-is-evil logo from Scroogled and TechRepublic’s GeekEnd.)

The battle is important for the future of open source, because as governments gain effective power over Internet resources they make it harder for open source collaboration to happen in all spheres.

Sometimes, as in collaboration between criminal gangs or terrorists, that’s government’s idea. Sometimes, as in the case of an autocratic government seeking to keep knowledge of what it’s doing from reaching the world, that idea is also evil.

The governments of 10 western countries called Google evil yesterday because its street view and buzz services lack what they call privacy protections. People are clearly visible on those streets, the governments charge. Google is violating privacy, but also “data protection laws and cultural norms.”

Cultural norms? That’s one of those phrases that can make a reporter go hmmm. If every government expects to police a global network so as not to offend “cultural norms,” defining those norms arbitrarily, do we still have a global network?

Iran’s cultural norms may tell bloggers they have no right to write. Burma’s may tell users they have no rights at all. Or so the governments of those countries might say.

Are the governments supporting the good of their citizens, or just their own prerogatives? Once the questioning starts, it doesn’t end, and Google can keep the questions coming with data.

For example. You want evil disinfected, you say? Sunshine is a great disinfectant.

Google’s government requests tool is primitive, it doesn’t show numbers from China, but it’s a demonstration of what Google can do, when it wants to, to blow the lid off government hypocrisy.

Who is evil enough to demand user data from Google? We are. The United States of America. Also the U.K.. And India. Who’s most active in demanding access be removed from Google servers? Germany, India, and the U.S. again.

But also, curiously, Brazil. Brazil leads both categories. Brazil likes to say it’s the best friend open source has. Is it really, or is that love a one-way street, where open source gives and Brazil just takes, then beats open source values whenever it gets into its cups?

It’s not just Google vs. China any more. This battle between Google and governments is going to continue, on a global scale.

World War III is virtual.

Novell’s SUSE Linux has beaten Red Hat to an IBM alliance in the area of software appliances.

The two companies announced today that IBM is delivering a portfolio of “software appliances” under a variety of IBM brands, powered by Novell’s SUSE Linux Enterprise Server.

A software appliance is a quickly-deployed software stack which uses just those elements of the operating system needed for its own operation.

“They come to the customer ready to roll. In the case of IBM and Lotus Foundations, that solution can be up and running in 30 minutes,” said Josh Dorfman, director of alliance marketing for Novell.

Since launching its software appliance business two years ago, Novell has gotten 70,000 registered users, close to 5,000 independent software vendors, and built about 312,000 appliances using SUSE Studio Online, Dorfman said.

“You can use x86 and whatever the application requires. You can boot some of this stuff right off a USB stick. Lotus Foundations is in a flash memory drive. You don’t need the whole OS. You only need what your application needs. This provides customers what they need and not more than that.”

The result is a lower-cost deployment for the software vendor, a lower price for the customer, and relevance for Novell, which is helping build effective vertical market channels.

“There’s also a multiplier effect,” Dorfman said. Black Diamond Software, for instance, is building its Presto software appliance using IBM Rational Software with SUSE Linux. The relationship is profitable all around.

Software vendors can build appliances on new equipment, on used equipment, or onto USB sticks, for installation at a customer site, Dorfman said. “This is quick to value, in that you can get to value in 30 minutes.

“We’ve been recognized for our leadership in the market. We feel like we’re leading.”