Open source software is big news right now.
We’ve heard from big-name corporations who support it and oppose it. A number of high-profile intellectual property battles concern it. And you probably know an open-source zealot who’s spent some time extolling its virtues.
According to the Wikipedia, "The debate over open source vs closed source (alternatively called proprietary development) is very much a religious war." So it’s not surprising that there’s a lot of misinformation floating around about open source, clouding the issues. This article seeks to set aside the religious arguments and dispel some of the misconceptions by explaining what open source is and exploring its advantages and disadvantages.
I won’t claim to be unbiased: I think open source software is a good thing, and has an imporant place in the tech sector. I will, however, claim to be on neither side of the fence: I believe that closed-source software has its place as well, and that the industry will benefit most from cooperation between the two. Further, I believe that most people, once in possession of the facts, will reach a similar conclusion.
What is Open Source?
The "source" in "open source" comes from source code. Computers understand a language called machine code that consists of very simple instructions written in ones and zeroes. (Think of the ones and zeroes as the alphabet and the instructions as words or statements.) The instructions tend to be simple things like, "Take these two numbers and add them."
It’s tedious to write complex software out of such simple instructions. So, various "higher-level" languages have been invented over the years: Languages that look a lot more like a human language, but are still structured so they can be translated into machine code by a program called a compiler. These days, most software is written in one of these languages, and those human-friendly instructions are referred to as source code.
A handy side effect is that I can’t look inside a program on my computer (such as Microsoft Word) and see how it works: All I’d see is machine code, effectively gibberish. Source code is valuable intellectual property because it tells anyone who’s interested how to make a product. Compiling the source code protects that secret and is often considered critical to a company’s competitive edge.
Actual opinions vary on exactly what "open source" means, and how broad a category it defines. At its most basic, the definition is simple: It’s software for which the source code is publicly available, free of charge. In addition, most open source licenses allow anyone to use the product and to modify and redistribute the source code free of charge. The terms vary from product to product – there are a lot of open source licenses out there – but all open source licenses allow free-of-charge, legal access to the source code in some form.
Common Aspects of Open Source Software
While open source projects vary widely in nature and in the terms of their license agreements, the following are true of most established open source products:
- Centralized organization. Open source projects are often volunteer efforts. Since anyone can download and modify the source code, an open source product may have developers all over the world working on it. However, there is usually a central person or organization overseeing the development, testing, and release of new official versions of the product, which means that new releases work much like new releases of any software.
- Fee-based support. There is money to be made in open source, and some is in customer support. Although users can find help on public forums and mailing lists, many major open source projects have one or more companies (sometimes the company that oversees the project itself) that provide support for a fee.
- The user is the developer. Because source code is available, and because open source users tend to be more tech-savvy to begin with, users of a given open source product can be actively involved in its development and testing. The greatest advantage of this is that when a user finds a problem, he can — and sometimes will — fix it. As open source’s popularity increases fewer users will aid in development, but non-technical users can always submit bug reports and suggest features.
What isn’t Open Source?
The following are not true of open source software:
- It is free in every way. Open source products are governed by numerous open source licenses. The most common are variations on, "Here’s some source code, do what you like with it," or, "Here’s some source code, but use and redistribute it only under certain conditions." As with any software, it is your responsibility to know the terms governing your use of the product and abide by them.
- It is unstable or poorly managed. Most open source projects are centrally coordinated. Often there are two types of release: "experimental" releases designed for those who don’t mind a little instability, and full releases that have been thoroughly tested and are at least as stable as their closed-source counterparts. Of course, stability varies from product to product and release to release, open- or closed-source.
- It is hard to use. Like other software, open source products run the gamut of usability. The Firefox Web browser is a shining example of a usable open source product, and if you haven’t replaced Internet Explorer with it yet you’re missing out (and endangering your online security unnecessarily). On the other hand, server tools (such as the Apache Web server) often expect a certain amount of technical knowledge. It’s worth noting, though, that difficult-to-use open source products often have free or inexpensive companion tools that provide a more intuitive user experience. Ultimately, you should evaluate product usability on a case-by-case basis regardless of its license, keeping in mind additional factors (such as companion products) that might affect your evaluation.
How Do I Evaluate Open Source Software for Purchase?
Open source software is starting to look attractive to many businesses. It’s free, it’s getting a lot of press, it’s often fairly secure, and it’s not Microsoft. But it may be difficult to compare commercial and open-source software because they’re such different animals. Here are some pointers:
Cost
- Licenses: Generally, you have to pay for the license to use commercial software. You can use most open source software free of charge (though in some cases the type of use may be restricted, for example to non-commercial applications). One side effect is that you can usually download and try an open source product with no restrictions. Some products are a combination of open- and closed-source, and may fall under more than one license.
- Support: Some closed-source software includes adequate support with the software license. In other cases there’s a separate fee. Many open source products have one or more companies that provide fee-based support. As commercial vendors continue to phase out free tech support and ship fewer and fewer products with printed manuals, the difference in out-of-the-box support between closed and open source products continues to degrade. In many cases, your best option may be to locate good user-to-user forums, mailing lists, and/or newsgroups and post your questions there.
- Training: In either case, this will depend on the software’s ease of use and support costs. As mentioned above, many open source products have companion products that enhance their ease of use or installation. For example, the popular MySQL database only includes command-line installation tools and a command-line user interface. But independent developers have created double-clickable installer programs and inexpensive or free applications that simplify the process. So, if the product itself is low on ease of use, it’s worth looking around for secondary products that may alleviate the problem at little or no cost to you.
Stability & Security
Security is a high-profile issue today, and not everyone agrees on the facts. Certainly some products are more stable and secure than others. Vendors of commercial, closed-source software have to answer to users on stability and security, but these can sometimes take a back seat to features and release deadlines. On the other hand, bad press affects the bottom line and, particularly for a smaller company, a string of security problems can sink a product.
Open source projects often don’t have hard deadlines, so if a bug is discovered a release can be delayed until it’s fixed. If a security hole is discovered after release, a patch can be released quickly. And since some users are also developers, a user who discovers a problem can fix it.
Closed-source products sometimes rely on "security through obscurity." Because the source code isn’t available to the public, developers may simply hide sensitive, security-related information (such as keys used in password encryption) in the source code somewhere and hope no one will find them. The problem is that these things can be found, and given a high-profile product and enough time, someone will probably find them. Open source products can’t rely on security through obscurity because there is no obscurity. This means that for an open source product to be secure, someone who knows exactly how it works in every detail still can’t break into it. That doesn’t mean open source products are infallible. It does mean that breaking into a good open source product is often closer to an exercise in cryptography than a game of hide-and-seek.
If it seems like I’m suggesting open source software is more secure, it’s because I am. But it’s important to understand that the available data don’t agree, and I’m expressing an opinion: The forces governing open source software seem more conducive to security than those governing closed-source software. There’s nothing to prevent a commercial vendor from being incredibly security-minded, and nothing to prevent an inexperienced developer from producing a completely insecure open source product. In the end, it’s important to examine the individual products, their track records, and the people who make them.
Open Source and In-House Development
Many corporate IT departments find themselves deciding between a commercial, out-of-the-box product and a custom solution developed in-house. If you’re considering in-house development because the commercial offerings provide some — but not all — of what you need, an open source product could save you time and money. If an applicable product exists, you may be able to modify it to meet your needs. You can develop the small number of pieces you still need, and take advantage of someone else’s work for the rest. What’s more, you’ll have a product that may be updated with new, needed features in the future without having to add them yourself. And, you can combine open-source, closed-source, and in-house tools to create a comprehensive system as needed.
Conclusion
Open source software has advanced and spread significantly in recent years. In many cases it presents an attractive alternative to its commercial counterparts in both functionality and price. Those who exclude it from their purchasing decisions may be doing themselves a disservice.
At the same time, commercial software has its place and isn’t going anywhere, while "open source" is not a magic phrase that guarantees quality. In the end, you can — and should – evaluate open source options the same way you’d evaluate any software, and draw your own conclusions.
