About a-team Marketing Services
The knowledge platform for the financial technology industry
The knowledge platform for the financial technology industry

A-Team Insight Blogs

Tech Matters with Pete Harris: Risk and Reward in An Open Source World

Subscribe to our newsletter

I just read the latest from Michael Lewis, and while I can’t say I’m fully in agreement with regard to his “rigged market” position, I did find Flash Boys to be a pretty good basic description of high frequency trading and the technologies that underpin it. It was not, however, the main HFT focus that caught my attention but rather the couple of pages it devoted to chastising Goldman Sachs for its attitude to open source.

Goldman – as detailed in a chapter devoted to its one-time employee Sergey Aleynikov, who was subsequently found guilty of source code theft – is seemingly a significant taker but never a giver back when it comes to leveraging open source. That apparently had a bearing on Aleynikov’s sense of right and wrong when he emailed the code to himself, which cost him an eight year jail sentence.

The giver and taker dynamic of open source was of course highlighted recently by the Heartbleed Bug that affected the OpenSSL code used for (supposed) secure web transactions. It seems that while the code is very widely used by many big name e-commerce sites, it is maintained by just a handful of IT geeks, all working for free in their spare time. One of them made a simple mistake and introduced the bug, and no one was around to spot it. Hence the concept of software quality through community peer review – a central tenet of the benefits of open source – was dealt a major credibility blow.

Since Heartbleed came to light, steps have begun to be taken to address the open source quality issue, most notably by the Linux Foundation setting up the Core Infrastructure Initiative to financially reward developers for working on key pieces of open source software. Given that it’s backed by the likes of IBM, Google, Facebook, Cisco Systems, Intel, Microsoft and VMware, it gives one an idea of how important open source is to the major providers of IT to the world, and perhaps who else may have been net takers from the community.

For those that leverage open source for revenue generating and secure applications – and in the financial markets Goldman is hardly alone – then some simple best practices need to be considered. For starters, determine whether the source code is backed by commercial support services, such as those provided by Red Hat for the Linux operating system and JBoss middleware, and other open source systems software. Alternatively, it is important to establish what real, active and effective community exists to maintain and enhance the code – a process that all those users of OpenSSL clearly fell down on.

Getting back to Goldman, it’s interesting to note that it is active (giving, at least through offering its time and experience) in another facet of open source, that being open source hardware as exemplified by its membership of the Open Compute Project. Set up in April 2011 by Facebook, the OCP is now a broad community with a mission to “democratize access to the best server, storage and data center technologies available” through “openly sharing ideas, specifications and other intellectual property.”

At its roots, the mission of the OCP is to reduce costs of purchasing and operating data centre hardware. Facebook alone reckons the initiative has already saved it $1.2 billion in costs. Corporate members – 150+ at last count – now include IT heavyweights like Intel, Arista Networks and Microsoft, while financial markets players apart from Goldman include Bloomberg and Fidelity Investments. Through a new tiered model, corporate members typically contribute money, time or IP to secure membership at different levels.

Already, the OCP has published specifications for server motherboards (including some specifically for typical financial services workloads), storage and equipment racking. Specs for data centre networking are also being worked on.

The Open Compute initiative is just one of a number of ‘open’ IT thrusts that are gaining momentum as a result of strong corporate champions and focused goals and efforts. The Open Data Centre Alliance and OpenStack – for cloud computing – and OpenPOWER – to advance IBM’s POWER chip architecture (now its getting out of the x86 space) – are a couple of examples. Hopefully through these types of initiatives, Heartbleed will be shown to be an isolated incident, and not the tip of an iceberg.

Pete Harris is Principal of Lighthouse Partners, an Austin, TX-based consulting company that helps innovative technology companies with their marketing endeavors. www.lighthouse-partners.com.

Subscribe to our newsletter

Related content


Recorded Webinar: Best practice approaches to integrating legacy data with the cloud

Acceleration of cloud adoption, increasing demand for digital transformation and real-time data management have led financial institutions to rethink their data infrastructure to enable more agile operating models that can respond faster to change and make data a competitive advantage. For many, integrating data from legacy systems and data across the business landscape with a...


Mackenzie Investments Selects Bloomberg to Manage ESG data

Mackenzie Investments, a large Canadian investment management firm, has selected Bloomberg to manage its ESG data. The data vendor’s cloud-based Data License Plus (DL+) ESG Manager will be used to host the acquisition, management and publishing of multi-vendor ESG data, allowing the firm to implement ESG investing approaches more efficiently and develop more sophisticated ESG-focused...


Buy AND Build: The Future of Capital Markets Technology, London

Buy AND Build: The Future of Capital Markets Technology London on September 21st at Marriott Hotel Canary Wharf London examines the latest changes and innovations in trading technology and explores how technology is being deployed to create an edge in sell side and buy side capital markets financial institutions.


Regulatory Data Handbook 2023 – Eleventh Edition

Welcome to the eleventh edition of A-Team Group’s Regulatory Data Handbook, a popular publication that covers new regulations in capital markets, tracks regulatory change, and provides advice on the data, data management and implementation requirements of more than 30 regulations across UK, European, US and Asia-Pacific capital markets. This edition of the handbook includes new...