[softwaredoug]

> But many of these companies experience difficulties with respect to their business models, as can be seen from a bevy of recent licensing schemes that attempt to straddle the line between open source and proprietary.

It's not clear to me that Open Core has really failed. Case in point, Elastic just IPO'd for billions and has an open core. In their case they completely develop their project. Their community is something of a user community, and the contributor community is heavily Elastic managed.

Sure those in the contributor community might complain about how hard it is to contribute, but 99.9999% of the community is more in the 'user' end of the spectrum and appreciate the stability of having a single company's vision and backing

I'm not sure its in the spirit of open source, but that's not the question. The question is about effective business models.

(more fundamentally 'open core' can mean so many different models it may be becoming meaningless)

[bragh]

The problem with Elastic is that their security features are not in the open core and so people tend to skip on that by not even rolling their own IP whitelisting/authentication with a reverse proxy. This results in a huge information leak ending up in the news every few months and you having to explain to your sysadmins and IT that no, Elasticsearch is not insecure as a product, it's just how those people at SoLoMo PwnMeNow Inc. used it.