Not listed but a really common reason for continuing to use Y over X is when, regardless of the original choice, the cost of switching doesn’t approach justifying any marginal differences.
This seems to be what the article meant by “Our custom internal solution is good enough”, except that that wording excluded the possibility of one’s current external solution being good enough.
I think “We made the choice before X was a thing” could be added. Switching solutions can be very difficult in a long living product, especially if X is an essential part of it.
What about “X may be slightly better, but we have years and years of experience with Y”? It could be a sunk cost fallacy (i.e. a bad reason), but a higher level of comfort may also improve confidence in being able to deploy the technology securely and scale it properly, hire experienced folks for it, etc. This means technology Y is not objectively more secure, but it may be subjectively more secure.
Just as an example, I’ve been asked many times why my company uses FreeBSD for its CDN, with the assumption that there must be some dumb reason we didn’t choose Linux. No, we do regular Linux vs FreeBSD production tests (which I’ve helped analyze) and FreeBSD is faster for that workload. For a long time we just avoided this question. I finally got approval to mention it in a footnote in my last book (SysPerf2 page 124).
I didn’t know that they regularly measure because all I found before basically said “the people who designed the CDN liked FreeBSD” (assuming that this does refer to Netflix).
Not listed but a really common reason for continuing to use Y over X is when, regardless of the original choice, the cost of switching doesn’t approach justifying any marginal differences.
This seems to be what the article meant by “Our custom internal solution is good enough”, except that that wording excluded the possibility of one’s current external solution being good enough.
I think “We made the choice before X was a thing” could be added. Switching solutions can be very difficult in a long living product, especially if X is an essential part of it.
What about “X may be slightly better, but we have years and years of experience with Y”? It could be a sunk cost fallacy (i.e. a bad reason), but a higher level of comfort may also improve confidence in being able to deploy the technology securely and scale it properly, hire experienced folks for it, etc. This means technology Y is not objectively more secure, but it may be subjectively more secure.
It introduces unnecessary complexity for little or no gain.
I didn’t know that they regularly measure because all I found before basically said “the people who designed the CDN liked FreeBSD” (assuming that this does refer to Netflix).