People keep asking me, “Why does open source matter in 2026?” And I go, “Come on, it’s 2026. Everything you use runs on it. That’s like asking why plumbing matters. You don’t think about plumbing until shit’s literally coming up through the floor.”
That’s what open source is now. It’s not some hippie developer thing where blokes in sandals share code because they believe in the commons or whatever. It is the infrastructure. The Linux Foundation — and look, I know, foundations, very sexy — they put out research saying open source is the backbone of mission-critical systems.1 Banks, hospitals, governments, all of it.
And the companies that actually have proper open source programs? They report better software, happier developers, and more control over the stuff they depend on. Funny how that works. You pay attention to the thing holding your house up, the house stays up. Revolutionary concept.
Europe figured it out
Now here’s where it gets properly interesting. Europe — and say what you want about us Europeans, at least we’re thinking about this — Europe has figured out that if five American companies control all your digital infrastructure, you might be a bit f*cked. “Digital sovereignty” as we call it. Sounds fancy but what it actually means is: “We’d rather not have our entire country’s IT collapse because some billionaire in The White House had a weird Tuesday.”
The EU is pushing open source specifically because we don’t want to be completely dependent on a handful of foreign tech giants.2 And honestly? I think this is the way. That’s not ideology, it’s just not being stupid.
AI needs an audit trail
And then there’s AI. Oh, AI. Everyone’s favorite topic that nobody actually understands (me neither). Here’s the thing with open source and AI — when the code is open, you can actually look at what the bloody thing is doing. You can inspect it. You can reproduce results. You can adapt it to your own situation instead of just trusting that the black box is doing something reasonable in there.3
Does open source automatically make AI “safe”? No. Of course not. Don’t be silly. But it does mean that when someone says “trust us, our AI-driven thingy is fine,” other people can go, “Alright, let’s have a look then.” And that’s worth something. That’s worth a lot, actually, when governments are writing regulations and everyone’s worried about AI doing weird shit.
The bloke in Nebraska
People love to go, “Oh, open source, anyone can see the code, that means hackers can find the vulnerabilities!” Yeah, and so can the people trying to fix them, you absolute walnut.
The real question in 2026 isn’t whether we rely on open source — we do, massively, it’s settled — it’s whether we’re actually funding it and maintaining it properly. Because for years, critical infrastructure has been running on code maintained by like one guy in Nebraska in his spare time. OpenSSF — that’s the Open Source Security Foundation, keep up — they’ve been banging on about this,4 and there’s real industry money going into it now.
Plus with AI helping find vulnerabilities, open ecosystems are both the attack surface and the defense surface. It cuts both ways. So maybe, just maybe, we should pay the bloke in Nebraska.
The suits want numbers
And finally — and this is the bit that shuts up the suits — open source makes money. Not in a “let’s hold hands and sing about freedom” way. In an actual, measurable, “our quarterly numbers are better” way.
The Linux Foundation found that commercial open source companies are outperforming their closed-source competitors on multiple business outcomes.5 Especially in infrastructure software. Lower lock-in, faster iteration, better leverage over your own stack. Companies love saying they want those things. Open source is how you actually get them. Turns out the pragmatic choice and the principled choice are the same choice. How about that.
The 2026 answer
So look, the 2026 answer is dead simple: open source matters because it’s the practical foundation for control, resilience, transparency, and not getting completely stitched up — in a world that’s increasingly run by cloud monopolies, geopolitical chess matches, and AI that nobody fully understands.
It’s not idealism anymore. It’s just common sense. And if you still don’t get it, I can’t help you. Go ask your plumber.
- The Linux Foundation surveyed hundreds of companies in 2025 and found that the ones with dedicated open source teams build better software, have happier developers, and get more say in the tools they depend on. Turns out “paying attention to the foundations” is a strategy, not a hobby. (report) ↑
- The European Commission published a study in 2025 arguing that open-source AI gives Europe a way to build its own technology instead of renting it from American giants. Their words: it offers “transparent, reusable and cost-effective tools” that let organisations deploy AI on their own terms, rather than on Silicon Valley’s. (report) ↑
- The 2026 International AI Safety Report acknowledges that openly available AI models are a huge benefit — especially for smaller players who can’t build their own from scratch. But it also flags the obvious trade-off: once you release a model into the wild, you can’t take it back, and its safety guardrails are easier to strip out. The whole report is basically one long argument about where to draw that line. (report) ↑
- The Open Source Security Foundation — backed by the likes of Google, Microsoft, and Amazon — published their 2025 annual report detailing how they’re spending real money on finding vulnerabilities, training developers to write safer code, and building tools that make the whole ecosystem harder to break. It’s the closest thing we have to an industry-wide admission that ignoring open source security was a terrible idea. (report) ↑
- The Linux Foundation looked at how commercial open source companies perform compared to their closed-source competitors and — surprise — the open ones are worth more, raise money faster, and have better exit outcomes. Especially in infrastructure software, which is most of the boring stuff that actually keeps everything running. (report) ↑