Welcome to Upstream 2024: Unusual ideas to solve the usual problems
11:00 AM - 11:20 AM EST
A recent Harvard Business Review study found that open source is worth $8.8 trillion. To put that in perspective, the US interstate highway system is valued at only $742 billion and the entire U.S. electrical grid is valued at only $1.5 - 2 trillion. So, in a world where open source has become one of the most valuable pieces of infrastructure we have, why is open source health and security still not a solved problem? In the wake of the recent xz utils hack, where an unpaid and underappreciated open source maintainer was taken advantage of by an extremely sophisticated hacker, Luis Villa will use this opening talk to make the case that our current way of “fixing” open source health and security is simply not working, and that we need to explore new ideas that match the value of what we’ve created. We’ll surface some of the best ideas we’ve heard through the course of the day.
Fireside chat: The value of open source software
11:20 AM - 11:50 AM EST
“How much is open source worth?” is an age-old question. Thanks to new work from professors at Harvard and University of Toronto, it is also a question with a new, creative, and important answer. In this fireside chat, Luis Villa sits down with Frank Nagle, assistant professor in the Strategy Unit at Harvard Business School, to discuss the recent paper called The Value of Open Source Software that Frank co-authored. This paper concluded that open source is worth $8.8 trillion dollars.
Government carrot, government stick: Exploring two contrasting approaches to improving open source security
2:35 PM - 3:15 PM EST
Governments are starting to believe that their traditional hands-off approach to open source no longer makes sense. But what then? Europe is providing examples of both “carrot” and “stick”: providing incentives to people and organizations to do more security work (i.e. the carrot) or penalizing them for not doing the work or after security incidents happen (i.e. the stick). In this fireside chat, Tidelift co-founder and general counsel Luis Villa sits down with Fiona Krakenbürger from the Sovereign Tech Fund and Mirko Boehm from the Linux Foundation Europe to discuss the impending CRA legislation in the EU (the biggest government stick to date) and the Sovereign Tech Fund’s “carrot” approach to funding open security.
About Luis Villa
Luis Villa is co-founder and general counsel at Tidelift. Previously he was a top open source lawyer advising clients, from Fortune 50 companies to leading startups, on product development, open source licensing, and other matters.
Luis is also an experienced open source community leader with organizations like the Wikimedia Foundation, where he served as deputy general counsel and then led the Foundation’s community engagement team. Before the Wikimedia Foundation, he was with Greenberg Traurig, where he counseled clients such as Google on open source licenses and technology transactions, and Mozilla, where he led the revision of the Mozilla Public License.
He has served on the boards at the Open Source Initiative and the GNOME Foundation, and been an invited expert on the Patents and Standards Interest Group of the World Wide Web Consortium and the Legal Working Group of OpenStreetMap.
Recent speaking engagements include RedMonk’s Monki Gras developer event, FOSDEM, and as a faculty member at the Practicing Law Institute’s Open Source Software programs.
Luis holds a JD from Columbia Law School and studied political science and computer science at Duke University.
