PDF version of this report
You must have Adobe Acrobat reader to view, save, or print PDF files. The reader
is available for free
download.
Open Source
Copyright 2019, Faulkner Information Services. All Rights Reserved.
Docid: 00021049
Publication Date: 1910
Publication Type: TUTORIAL
Preview
"Open source" denotes a type of software in which the source code is
made freely available and may be modified and distributed at will.
Until recently, enterprise officials generally eschewed the use of open
source software, believing the systems were inferior in quality
and support to those featuring proprietary code produced by
established developers like IBM and Microsoft. Attitudes, however,
are changing thanks to the advocacy of the open source community.
Report Contents:
- Executive Summary
- Definition of Open Source
- State of Open Source
- Why Select Open Source
- Recommendations
- Web Links
- Related Reports
Executive Summary
[return to top of this report]
"Open source" denotes a type of software in which the source code
is made freely available and may be modified and distributed at
will.
| Related Faulkner Reports |
| Linux Operating Systems Tutorial |
| LAMP & WAMP Basics Tutorial |
Open source is distinguished from "closed source" or "proprietary
software" in which access to the source code is denied. Most
commercial software, i.e., software that is sold or made available
for a fee, is closed source.
While the term open source was coined in 1998 when Netscape released the
source code for its Web browser Navigator, the concept of freely shared
software has been around since the 1950s, particularly among computer scientists
working in academia. But "as computing systems became more complex, as
software development became more costly, and as markets for computing products
expanded, by the 1960s computer companies often bundled hardware products with
the software required to operate them and sold them together."1
One notable exception was IBM, which in the 1970s released its VM/370
operating system complete with source code, thus enabling customer personnel
(systems programmers) to add, delete, or modify OS functions at the System/370
Assembly Language level.
Until recently, enterprise officials generally eschewed the use of open
source software, believing open source systems were inferior in quality and
support to systems featuring proprietary code produced by established developers
like IBM and Microsoft.
Attitudes, however, have changed, especially as software heavyweights like
Microsoft, IBM, Oracle, and SAP actively participate in the open source community.
Citing advantages like a lower total cost of ownership, analyst Ben Balter
declares that "Open source is in your best interest, whether you’re an individual, a
corporation, a small business, a non-profit, or a government agency."2
Definition of Open Source
[return to top of this report]
Open source means more
than free access. The definition of open source, as advanced by the Open
Source Institute3, also prescribes the terms of distribution:
1. Free Redistribution
The license shall not restrict any party
from selling or giving away the software
as a component of an aggregate software
distribution containing programs from
several different sources. The license
shall not require a royalty or other fee
for such sale.
Rationale:
By constraining the license to require
free redistribution, we eliminate the
temptation for licensors to throw away
many long-term gains to make short-term
gains. If we didn’t do this, there would
be lots of pressure for cooperators to
defect.
2. Source Code
The program must include source code, and
must allow distribution in source code as
well as compiled form. Where some form of
a product is not distributed with source
code, there must be a well-publicized
means of obtaining the source code for no
more than a reasonable reproduction cost,
preferably downloading via the Internet
without charge. The source code must be
the preferred form in which a programmer
would modify the program. Deliberately
obfuscated source code is not allowed.
Intermediate forms such as the output of a
preprocessor or translator are not
allowed.
Rationale:
We require access to un-obfuscated source
code because you can’t evolve programs
without modifying them. Since our purpose
is to make evolution easy, we require that
modification be made easy.
3. Derived Works
The license must allow modifications and
derived works, and must allow them to be
distributed under the same terms as the
license of the original software.
Rationale:
The mere ability to read source isn’t
enough to support independent peer review
and rapid evolutionary selection. For
rapid evolution to happen, people need to
be able to experiment with and
redistribute modifications.
4. Integrity of The Author’s Source Code
The license may restrict source-code from
being distributed in modified form
only if the license allows the distribution of
“patch files” with the source code for the
purpose of modifying the program at build
time. The license must explicitly permit
distribution of software built from
modified source code. The license may
require derived works to carry a different
name or version number from the original
software.
Rationale:
Encouraging lots of improvement is a good
thing, but users have a right to know who
is responsible for the software they are
using. Authors and maintainers have
reciprocal right to know what they’re
being asked to support and protect their
reputations.
5. No Discrimination Against Persons or
Groups
The license must not discriminate against
any person or group of persons.
Rationale:
In order to get the maximum benefit from
the process, the maximum diversity of
persons and groups should be equally
eligible to contribute to open sources.
Therefore we forbid any open-source
license from locking anybody out of the
process.
6. No Discrimination Against Fields of
Endeavor
The license must not restrict anyone from
making use of the program in a specific
field of endeavor. For example, it may not
restrict the program from being used in a
business, or from being used for genetic
research.
Rationale:
The major intention of this clause is to
prohibit license traps that prevent open
source from being used commercially. We
want commercial users to join our
community, not feel excluded from it.
7. Distribution of License
The rights attached to the program must
apply to all to whom the program is
redistributed without the need for
execution of an additional license by
those parties.
Rationale:
This clause is intended to forbid closing
up software by indirect means such as
requiring a non-disclosure agreement.
8. License Must Not Be Specific to a
Product
The rights attached to the program must
not depend on the program’s being part of
a particular software distribution. If the
program is extracted from that
distribution and used or distributed
within the terms of the program’s license,
all parties to whom the program is
redistributed should have the same rights
as those that are granted in conjunction
with the original software distribution.
Rationale:
This clause forecloses yet another class
of license traps.
9. License Must Not Restrict Other
Software
The license must not place restrictions
on other software that is distributed
along with the licensed software. For
example, the license must not insist that
all other programs distributed on the same
medium must be open-source software.
Rationale:
Distributors of open-source software have
the right to make their own choices about
their own software.
10. License Must Be Technology-Neutral
No provision of the license may be
predicated on any individual technology or
style of interface.
Rationale:
This provision is aimed specifically at
licenses which require an explicit gesture
of assent in order to establish a contract
between licensor and licensee. Provisions
mandating so-called “click-wrap” may
conflict with important methods of
software distribution such as FTP
download, CD-ROM anthologies, and web
mirroring; such provisions may also hinder
code re-use. Conformant licenses must
allow for the possibility that (a)
redistribution of the software will take
place over non-Web channels that do not
support click-wrapping of the download,
and that (b) the covered code (or
re-used portions of covered code) may run
in a non-GUI environment that cannot
support popup dialogues.
Note: The Open Source Definition was originally derived from
the Debian Free Software Guidelines (DFSG).
State of Open Source
[return to top of this report]
Open Source Is Ubiquitous
On February 3rd, 2018, open source celebrated its 20th anniversary,
maturing from a suspect software category to wholesale enterprise acceptance. As analyst
Steven J. Vaughan-Nichols observes, "Every company in the world now uses open-source software. Even
Windows is now built using open-source techniques.
And if you ever searched on Google, bought a book from Amazon, watched a movie
on Netflix, or looked at your friend’s vacation pictures on Facebook, you’re an
open-source user."4
Misappropriation of Open Source
Like closed source
systems, open source systems are vulnerable to abuse. "Open", after all, means
open to everyone and open
source systems can be exploited by bad actors owing to the fact that their
licenses are not permitted to discriminate against persons or groups.5
Sustainability and Wealth Inequality
With so much of our information infrastructure relying on open source
software, there is growing concern about open source sustainability. As analyst
Danny Crichton observes, "Open
source maintainers are exhausted and rarely paid.
Engineers around the world pour their sweat and, frankly, their hearts into
these passion projects that undergird all software in the modern internet
economy. In exchange, they ask for nothing in return except for recognition and
help in keeping their projects alive and improving them."6
This spirit
of volunteerism may change as open source contributors realize that they are, in
effect, unpaid employees of giant tech companies like Microsoft and Google. As
analyst John Mark explains, open source was supposed to "[undermine]
entrenched monopoly powers and [establish] a more equitable approach to building
wealth around the tools that would power humanity in the 21st
century. It was about the democratization of software and would smash what we
then called the ‘digital divide.’ That premise was entirely false. [Not] only
did open source not stem or stall the redistribution of wealth and power
upwards, but rather it aided and abetted the redistribution of wealth and power
upwards.
Consider
that
Amazon, Google, and Facebook "built their entire business model on open source
software, and they have paid very little in license fees to software vendors.
That’s their secret. They all applied the lesson very early on that the way you
build profitable businesses is to start with a foundation of open source
software, hire a team of smart engineers, and build your way to glory." After a
slow start, Microsoft, too, began to embrace this formula.
Compounding the problem, tech firms and others are
free to integrate open source into proprietary, i.e., paid, services.7
How the open source community chooses to combat this
"wealth inequality" is to be determined. Members may seek financial compensation for
their work, or they may abandon open source projects.
Open in the Middle
Some open source purists argue that commercial interests are violating the
spirit of open source by employing it as a type of middleware, flanked on either
side by proprietary, i.e., non-open, code. Their complaint, as articulated by
analyst Thierry Carrez is that "the growing share of code running operations for
[computing, storage, and networking] infrastructure software is almost always
kept private. The glue code used to provide users access to this infrastructure
(what is commonly described as "cloud computing") is more often than not a trade
secret. And if you look to the other side, the desktop (or the user-side
applications in general) are still overwhelmingly driven by proprietary
software."
Citing Amazon Web Services and Android as examples, Carrez asserts that this
open in the middle phenomenon matters because "as an AWS user, you don’t have
transparency: you can’t really look under the hood and understand how AWS runs
things, or why the service behaves the way it does. As an Android user, you
can’t really engage with Android upstream, contribute to the creation of the
software and make sure it serves your needs better tomorrow."8
Big Tech Open Source
While some see problems with Big Tech’s embrace of open source, others see a
positive influence. Analyst Adrian Bridgwater reports that Mathias Golombek, CTO
at Exasol, an analytics database company, believes that commercial software
providers, particularly Big Tech, help open source developers by exposing their
technology ideas. Examples include Twitter with its Bootstrap project – which is
today the de-facto standard for website development – and Facebook’s Presto
project.
For its part, Microsoft contends that, “Enterprises can help accelerate the
adoption and usage of open source by getting an open source solution in more
customers’ hands. This doesn’t just mean our own open source solutions. In
Azure, making open source ISVs successful is one of our top priorities. With
Databricks, Red Hat, NetApp, Canonical, Docker and more, we have proven we can
turn technology from our open source partners into Azure consumable services
complete with billing, commerce, go-to-market support and more."9
Why Select Open Source
[return to top of this report]
For those enterprise officials who remain resistant to open source software
(in some cases, stubbornly), the proponents of OSS point out the following:
1. Open Source Promises a Lower Total Cost of Ownership
As analyst Ben Balter observes, "Using open source software yields a lower
total cost of ownership when compared to closed source and proprietary
alternatives. Adopting open source software generally has a lower up-front
cost (because the software often comes at no cost or relatively low cost), and
shifts the cost center from licensing (an operating expense) to customization
and implementation (a capital expense). Additional costs like training,
maintenance, and support are sunk costs. You’re going to be paying for
both regardless of [whether] the software is open or closed source, the cost
often being baked into the license in the case of commercial, off-the-shelf
software (COTS). What makes open source unique is that you’re not paying
for the right to use the underlying intellectual property."10
2. Open Source Is Often More Secure Than Closed Source
It’s known as Linus’s Law: "Many eyes make all bugs shallow." With
proprietary software, only the developers and maintainers are "on the lookout"
for software defects. With open source software, dozens (or even hundreds)
of programmers are scrutinizing the code. As a result, open source
problems are generally detected and resolved more quickly, thereby improving
security.
In addition, open source customers can apply software patches immediately. They do not have to wait for closed source vendors to address business-critical
problems.
3. Open Source Is Endorsed By Major Software Developers
Firms like Microsoft, Apple, IBM, SAP, and Adobe are active within the open
source community, thereby legitimizing, if not encouraging, the deployment of
open source software.11
4. Open Source Is Customizable
Unlike a closed source system in which a customer has to petition the
controlling vendor for enhancements (or even bug fixes), open source customers
can implement new functions and fixes at will.
5. Open Source Systems Normally Employ Open Standards
By utilizing open standards, open source systems are usually more compatible
– and interoperable – with other software, even closed source systems and
applications.
6. Open Source Prevents Vendor Lock-In
Perhaps the biggest advantage of open source is customer freedom. Customers are not "locked in" to a particular vendor’s products, upgrade plans,
and update schedules. They are also unaffected by a vendor’s decision to
withdraw support.
As analyst Matt Hartley explains, "let’s say
you’re using a proprietary publishing application. One day, the company
releases a new version and explains that going forward, older [files] … won’t
be supported by the new version. This means if you have an older version
on one PC, and the latest version on [a] second PC, they can’t exchange files
due to compatibility issues. The company’s motivation is for you to run
the latest version of the software on BOTH computers. Had the company been using open source software, the file format would
have either remained unchanged between software versions or the ability
to import the older files would have been provided."12
7. Open Source Software Support IS Available
Analyst Matt Hartley reports that "In the open source world, especially in
terms of enterprise applications, there are numerous open source support companies willing to help. Many open
source projects have commercial support available. And if a project
doesn’t, often you can find a separate company that provides paid support for
most open source applications."13
8. Open Source Developers Can Make Money
According to the Open Source Initiative, "[Developers] can sell services
based on [their] code (i.e., sell [their] time), sell warranties and
other assurances, sell customization and maintenance work, license the
trademark, etc. The only kind of profit strategy that is incompatible
with Open Source is monopoly-based sales, also known as ‘royalties’."14
Recommendations
[return to top of this report]
"Upstream" Improvements
Enterprises that consume open source software have an implied obligation to
give back to the open source community by:
- Reporting bugs
- Supplying fixes15
Use Due Diligence When Selecting Open Source Software
When selecting open source software:
- Learn about the team sponsoring the open
source application or system. Inquire about their future plans. - Contact current customers and ask about their
open source experiences. - Check the Internet and trade publications for
relevant software reviews. - Identify and investigate any incompatibilities
with existing enterprise software – open or closed. - Establish what level of support is available,
either from the team or commercial support organization. - Contact local universities for possible advice
and assistance. Many universities use open source software, and some
have a commercial open source operation.16 - Consult with the enterprise’s general counsel before making any open
source commitments.
References
1 "What Is Open Source?" WordPress.org.
2 Ben Balter. “Six Motivations for Consuming or Publishing Open Source Software.” opensource.com. December 9, 2015.
3 "The Open Source Definition (Annotated)." Open Source Initiative.
4 Steven J. Vaughan-Nichols. “Open Source Is 20: How It Changed Programming and Business Forever.”
ZDnet. February 2, 2018.
5 Open Source Initiative.
6 Danny Crichton. “Open Source Sustainability.” Oath Tech Network. June 23, 2018.
7 John Mark. “Why Open Source Failed.” Medium.com. July 30, 2018.
8 Thierry Carrez. "Open Source in 2019." Open Source Initiative. July 30, 2019.
9 Adrian Bridgwater. "The Impact of the Tech Giants
on Open Source." Forbes. September 7, 2019.
10 Ben Balter. “Six Motivations for Consuming or Publishing Open Source
Software.” opensource.com. December 9, 2015.
11 Ibid.
12 Matt Hartley. “Why Use Open Source Software?” QuinStreet Inc. December 14, 2015
13 Ibid.
14 Open Source Initiative.
15 Ben Balter. “Six Motivations for Consuming or Publishing Open Source
Software.” opensource.com. December 9, 2015.
16 “How to Choose Open Source Software.” NIBusinessInfo.co.uk.
Web Links
[return to top of this report]
- Open Source Initiative: http://www.opensource.org/
- US National Institute of Standards and Technology: http://www.nist.gov/
About the Author
[return to top of this report]
James G. Barr is a leading business continuity analyst and
business writer with more than 30 years’ IT experience. A member of
"Who’s Who in Finance and Industry," Mr. Barr has designed,
developed, and deployed business continuity plans for a number of Fortune
500 firms. He is the author of several books, including How to
Succeed in Business BY Really Trying, a member of Faulkner’s Advisory
Panel, and a senior editor for Faulkner’s Security Management
Practices. Mr. Barr can be reached via e-mail at jgbarr@faulkner.com.
[return to top of this report]