Feedback loops and financial pressure
A comment to one of Jesper's blog posts reminds me that although money isn't the only motivator around, it's often the easiest one to use when predicting behaviour.
I am a huge believer in feedback loops. If you can set up a situation such that good behaviour is automatically rewarded, and bad behaviour is automatically punished, you've got a self-policing situation - a feedback loop - where your desired behaviour is almost certain to occur.
On the contrary, if pain is not felt by the person or department causing that pain, the pain will continue.
Most workers in business will be able to point to a case where pain is being caused (by some other department), and where there is clearly no effort to cease the pain, because it's not being felt by the person causing it.
But it's equally true of companies themselves. When you choose to buy from a company, consider whether their business model - the way they make money - builds from solving your problems, or from continuing their existence.
I used to use Red Hat as the primary example here - they make close to no money on delivering their OS to you, and make all their money from selling support and consulting services. It wouldn't take an MBA candidate to realise that they can make more money by concentrating more on their consulting, and less on developing a solid and complete product to begin with.
I'll say right now, I haven't seen any sign that Red Hat have deliberately kept their OS crappy to encourage more support calls, or that they've deliberately dumbed down features in order to sell high-priced add-on services. But the financial pressure - the weight of "where is our next buck coming from?" - is always going to push them in that direction. What pushes back? Their good natures.
This past week has reminded me that antivirus vendors - some of them, at least - are also firmly wedged into a position where their financial pressure pushes them to do things that are counter to their customers' wishes, relying on them being good people, rather than merely good businesses. Antivirus vendors benefit from the continued perception that the OS is unsecure, and that you need to buy something new every month to make it secure again.
Is there a business model for an antivirus vendor that would have them working to help the world build more secure operating systems and applications?