Bryan Cantrill gave a talk that included how difficult it was to take something that wasn't originally intended to be open source and then open source it. I think it was something at Sun before they were acquired by Oracle (iirc Cantrill laments how Oracle effectively un-open-sourced the project). I've watched hours of Cantrill on youtube, I'm having trouble finding which video it was. I can't explain it myself but I remember my takeaway was "wow that's a lot more complicated than I thought."
Edit: Child comment has the video. Starting at 20:17, "We wanted to open source the system. So why didn't we? What was the problem? Well, the problem was that it's a deeply proprietary system."
I'm a PM at Microsoft that worked on open-sourcing PowerShell. As Windows PowerShell, it's a built-in Windows component, and the number of assumptions that could be made because it was both closed-source and part of the OS were immense. Even getting it to build outside of the rest of the operating system was crazy hard. Then figuring out to install it in a supported way was hard, and only then did we get to start figuring out how to eliminate usage of private APIs and start doing legal reviews.
And we're "just" a language runtime and a shell shipped in the OS. I can't imagine how hard it would be to unwind the proprietary bits of something like a GPU architecture running in a tightly integrated SoC with multiple vendors who are all deeply protective of their IP.
I say this all as someone who has been a proponent of open source for 15 years. And all the work was absolutely worth it, and deeply rewarding from a personal perspective.
But I can't say it would probably make the same sense for Nintendo to go through that effort with Pokemon or the N64 architecture.
Thank you for this story, it's very inspiring. I'm sure they will find something good they can open source eventually, even if it isn't those two things.
I don't have time to rewatch it now but I believe the point of the talk was to promote Illumos as the true community-driven open-source fork after Oracle dropped the ball. This is exactly what I'm talking about: the community is often happy to pick up the slack and cover for the failures of these companies, but only when given the opportunity. Yes it's a lot of work, a lot of conversations and a lot of corporate politicking. But how can anyone get started when the relevant parties are not willing to even present an opportunity?
With many companies easing into open source recently, we have seen that just isn't true. If we're still trying to spread the idea that the community is dumb and is going to ruin everything and will remove value from the product if they get access to the code, that assumption is going to be tested now regardless of what they do, and it probably will keep happening because the incentive for leakers and illegal aftermarket sellers is not going to go away. Note that I don't include them as part of this community.
"Not gaining something from it" != "Afraid to do it"
The decision to open source is not as dichromatic as it might seem. In between the "yes we want to open source" and "no we don't" there is a huge chasm of "IDGAF".
That chasm is also occupied by others such as these subcontractors who are careless with security policies and end up causing the leaks. Is that the space they want to stay in? I don't think it is. And if they decide to move towards any direction, I hope it's the "yes we want to open source" direction so that the leakers don't have anything to go after anymore. They may even become good open source citizens in the end.
I don't think that's a relevant part of the consideration process. Open source is not a security strategy. Breaches happen at companies who open source their software too.
Edit: Child comment has the video. Starting at 20:17, "We wanted to open source the system. So why didn't we? What was the problem? Well, the problem was that it's a deeply proprietary system."