Open source defined

OSS Evangelism

So you have used some open-source programs at home, you have read our articles extolling the virtues of OSS, and now you are trying to get open source adopted at your place of work. Here are some of the objections you may run across, and some counter-arguments you can use:

l No-one uses OSS Astonishing as it may seem, there are people who still insist that OSS is some kind of weird niche inhabited by half-a-dozen sweaty teenagers, a couple of overweight geeks and no-one else. In the real world, of course, it is used by every sort of business, up to the biggest corporations such as IBM. Look at Linux and its steadily increasing market share; look at relational database management system MySQL, with more than five million installations worldwide, many of them using the open-source licensed version of the program. In fact, you may well already be using OSS without realising it if you have a corporate website (not a very big ‘if’ these days). That’s because Apache, the world’s most popular web server, is open source and, according to the latest Netcraft survey, runs 70 per cent of the active websites in the world, compared to just 22 per cent running Microsoft’s IIS. Use Perl on your Unix systems? That’s open source too. PHP on your website? Open source again. And so on and on and on.

l OSS is not professionally written It is true that some pieces of OSS are hacked together by, well, let’s be charitable and say ‘less advanced’ programmers. But all of the largest projects have teams of extremely talented developers working on them; indeed, some of the world’s best programmers. You only have to look at the performance of the software to grasp this – Apache, again providing a great example: rock-solid, blindingly fast and easily extensible.

l OSS is more vulnerable to security breaches Actually, the opposite is true. First, the source code is available for all OSS software and hence open to ‘peer review’, unlike commercial products. As soon as someone works out how to open up a hole in OSS, there are multiple developers who can all work on fixing that hole, so security vulnerabilities are often fixed before notifications of them even appear on the websites. What about the question ‘cannot some hacker just add “bad” code to the software since it is open source?’ Well, yes they could, but so long as you download code from a trusted site, such as the project’s own, you will be fine. All the large open-source projects subject any submitted code to scrutiny before accepting it into the main body of code, to avoid just such pranks.

l We cannot get any support for open-source programs This one used to be true, at least partially, but nowadays you can get paid-for support for pretty well any significant open-source program, either from the original developers or from third parties set up specifically to offer such support contracts. And remember, there is a whole community of users out there, many of who will have documented any problems and solutions on their own websites. Google is your best friend. In practice, community-provided support for OSS is often better than that provided by large corporations for their proprietary alternatives.

l The documentation for open-source programs is not adequate Again, this used to be the case, and may still be true for small projects. But for any sizeable open-source development, the documentation is usually very good; there are people on the development team whose entire job is documentation. And for the most popular projects – from Apache to Postfix (the open-source mailer) and from PHP to Samba (the Windows-compatible file and printer sharing package) – there are one or more books available, frequently from O’Reilly & Associates, a publisher that stands firmly behind the notion of open source.