Nothing ever goes completely according to plan. That being said, it's both tempting and necessary at the beginning of the year to look ahead to where things are going. Here's a short list of things to consider as we look at the road ahead for Linux, open source and the enterprise.
Security: The list of companies and organizations that suffered security breaches last year reads like a who's who of the Internet. Not only were major social and retail destinations -- Snapchat, Wendy's, LinkedIn, Yahoo and more -- targeted, the black hats also went after numerous government agencies and educational institutions. Even tech giants with skin in the security game -- Verizon Enterprise Solutions, Oracle and others -- were successfully breached. This is in addition to the U.S. presidential election-related hacks and other non-hacker security issues, such as a poorly designed Cisco employment website that leaked job seekers' personal information.
Most troubling were breaches that weren't discovered for years, such as the numerous break-ins at Yahoo, or hacks that were first discovered by outside researchers, such as the Oracle intrusion that was first discovered and made public by security researcher Brian Krebs in August.
Although there are already several specialized Linux distributions that are designed to be booted into "live" mode from removable drives to sniff out intrusions after the fact, and to find vulnerabilities on existing installations, expect these to improve, with added open source tools. Also don't be surprised to see even more specialized security distributions developed.
Stronger security measures will also be built-into Linux and other open source projects as well. For example, the Linux distribution Debian, which is used as the base for Ubuntu, is considering making automatic updates the default for new installations -- something that once would have been unthinkable in Linux circles.
Encryption: This year encryption will be such a key issue that it deserves a place on this list of its own, although it's a subset of security.
The most worrisome problem revolves around law enforcement's insistence that encryption technologies be required to include backdoors to allow law enforcement access to encrypted data. While the majority of people in IT recognize that any backdoor would, by definition, be a security vulnerability, lawmakers don't seem to get it -- a situation that's not likely to get any better once Trump takes office. The good news is that in December the House Judiciary Committee’s Encryption Working Group came out against mandated back doors.
SSL encryption is certain to become a big issue very shortly, as the next major release of the Chrome browser, version 56.0, will issue warnings to users attempting to access websites that don't offer secure "https" connections. In the past, this would have placed an unreasonable financial burden on non-ecommerce websites for small businesses and personal blogs, which is now somewhat mitigated by the availability of free and open source SSL certificates from Let's Encrypt.
Although this does away with the expense of purchasing certificates, Let's Encrypt's certs are only valid for 90 days. There is free autorenewal software available, but it requires SSH access to install, which is usually not available on shared hosting plans. As SSL encryption becomes more of a necessity for all sites, expect to see hosting companies move to make the free installation of Let's Encrypt certifications a part of their service.
The Cloud: It doesn't take any clairvoyant abilities to predict that, whether open source or proprietary, the cloud will continue to dominate the news in the year ahead. In the private cloud, where open source projects such as CloudStack, OpenStack and ownCloud continue to grow market share, expect to see the line between open source and proprietary blur. Many open source cloud projects are released under Apache or other "permissive" licenses, which allow vendors to relicense them as proprietary. This might create a "buyer beware" situation, as some vendors replace open standards with their own closed formats, creating vendor lock-in.
Also expect to see both public and private cloud deployments to become increasingly more decentralized, with some microservices and other aspects being moved to the Internet's edge, which will not only help decrease Internet traffic, but will allow companies more control for geotargeting and the like.
Operating Systems: Red Hat's RHEL and its free counterpart, CentOS, no longer completely rule the open source server market as they once did. Although both continue to have a strong hold on traditional servers, the one to beat in the cloud is the relative newcomer, Ubuntu, According to The Cloud Market, on New Year's Day there were roughly 209,000 deployments of Ubuntu on Amazon Elastic Compute Cloud. For comparison, second place Windows had about 29,000, followed by RHEL with nearly 18,000. Ubuntu also rules the private cloud. An OpenStack user survey released in April indicated that Ubuntu server use had risen 45 percent since 2015, to 55 percent, followed by CentOS with 20 percent and RHEL with 16 percent.
While there's no reason to believe that this trend won't continue, there will be something of an unknown factor added to the mix this year. SUSE, which was once a solid Linux distribution in the enterprise market, had been reduced to something of an afterthought after being acquired by Novell in 2003. However, under the ownership of Attachmate and now Micro Focus, SUSE has slowly been regaining its footing and seems to be positioned to get back in the game in a major way. How well it does will in large part depend on HPE, which in November named the company as its preferred Linux and open source provider.
Microsoft: No need to repeat once again that the tables have turned in Redmond's relationship with Linux and open source. Suffice it to say, these days Microsoft needs open source more than open source needs it. That's not to say that Microsoft doesn't bring much to the table -- it does. Expect to see Redmond continue to contribute to the open source infrastructure. It's definitely too late for the adversarial relationship to return, now that Microsoft is realizing large profits selling open source solutions through Azure.
