What is open source?

What is open source software and how do vendors make their money?

Though nowadays it's rare for any sector of the tech industry to be widely considered as noble or altruistic, there's one area where this is still very much the case: open source software. 

Open source, as its name suggests, is a field of software development in which the source code for tools, projects and programs is made freely available to download, modify and share. Given it's free to use with no restrictions on how you do so, it's become widely used among cash-strapped startups and smaller firms.

Another important element of open source is that, because the code is publicly available, anyone can tweak it. As a result, a thriving community has developed around open source software, with countless developers collaborating on projects and sharing ideas.

Related Resource

Understanding your open source risk

Open source libraries can introduce vulnerabilities to your code

Download now

Open source components have crept into virtually every piece of technology on the planet, whether it's the Linux operating systems that power data centres and cloud services, the Android software behind some of the world's best phones, or enterprise development tools like Puppet, Jenkins and Chef.

However, there are a number of issues with open source development, most notably its steep learning curve. Less-seasoned developers may struggle to get to grips with open source, and a result, many individuals involved in these projects are highly technically-minded with a substantial body of work behind them.

The main driving factor behind open source is the idea that as development projects are enhanced and accelerated, the wider the pool of people involved becomes, with developers of varying skills and abilities contributing their own expertise and experience.

These principles of co-operation often involve developers across the globe deciding to work in tandem, while the code is shared among a community, and edited by many at the same time.

In open source projects, the complete source code is shared publicly usually via code-sharing platforms like GitHub allowing anyone to examine it and make changes. A by-product of this is that it's impossible to charge money for the software in question, as anyone can download and implement the project's code. On the other hand, this means that you can get feedback, assistance and collaboration from a much wider pool than if you were developing as part of a standard team, meaning you can get better results in a much shorter timeframe.

Although allowing so many people to interfere with the source code may be seen as risky, allowing additional scrutiny in the form of an extra pair of eyes - or often enough, several pairs of eyes - boosts the chances of flagging up any bugs. Moreover, open source software lends itself to tighter security, in light of the additional help at hand to shape it or process any problems.

The cooperative nature of open source projects can often produce better end results, with experts pooling their energy, time, resources and insights to produce a better outcome. Having people from different industries with different sets of skills gives open source projects the blend of diversified skills, talent and experience that other projects might lack.

We have seen open source technologies used as the backbone for everything from office software, like word processors and image editors, to whole operating systems and server platforms.

The other benefit of open source code (depending on your view) is that it is completely free and can be downloaded and compiled by anyone. Open source programmes and technologies lack the high licensing fees slapped on products built by proprietary vendors. This helps widen the pool and makes such tools accessible to more people.

The history of open source software

The roots of open source lie in the origins of software and of computing itself. First pioneered by scientists, researchers and academics, this field was predicated on the free and open sharing of knowledge and information.

Over the next few decades, the tendency for developers to share ideas declined with the emergence of commercial powers and a more competitive ethos. But there yet remained a handful of devoted enthusiasts and hobbyists adamant on continuing to write and distribute open source code, despite the increasingly corporatised nature of the software landscape.

One of the ways in which programmers shared their code was via computing books and magazines, which featured full reproductions of source code for readers to copy and use. This became particularly popular with the rise of home computers like the Commodore 64 and ZX Spectrum, which could be used to create basic games.

As more and more computers became connected to the internet, programmers started sharing their code with each other online. This led to a substantial increase in the number of available open source projects, and eventually to the creation of the Linux kernel by Linus Torvalds.

The term 'open source' was first adopted by advocates of these principles in 1998. It grew steadily in popularity and sophistication over the next few years and although open source software was previously known mainly to hardcore computing enthusiasts and programming geeks, it has now achieved a wide level of visibility and acceptance, both in the public eye and within the enterprise community.

Related Resource

Understanding your open source risk

Open source libraries can introduce vulnerabilities to your code

Download now

Why is open source useful?

The most appealing aspect of open source is that it's completely free. It wouldn't be much of a challenge, for instance, to find free alternatives to relatively pricey flagship packages, such as Microsoft Office or Adobe's expensive software suites. 

For programmers and developers, the benefits of releasing creations as open source software include increased feedback and collaboration. Your peers are free to change and improve your code, adding features you may not have thought of or simplifying it to make it more efficient.

Common wisdom also holds that open source software is more secure - after all, the more people reviewing and working with a piece of code, the more likely it is that any potential errors or security holes will be spotted. On the other hand, the fact that the Heartbleed bug went undetected in the OpenSSL code for so long does throw some doubt on this theory.

How do companies make money from open source?

Given open source is freely available, you might be wondering how companies like Red Hat and Canonical make money from it.

While organisations that specialise in open source products don't generally make money from sales of the software itself, many will offer an enhanced version of their product that enterprises can pay to use. These commonly include greater flexibility, more features and easier management and maintenance options.

Another tactic often used by open source vendors is to provide the software freely, but to withhold official support and other additional services from companies that haven't taken out a contract. Since business IT relies on minimising downtime as much as possible, strong support is essential which makes this tactic very effective.

How are open source projects built?

There are many reasons why people choose to contribute to open source projects. One of the most obvious ones is the sense of generosity and community spirit it creates; many developers simply want to help build cool stuff and will contribute to projects that they think are useful and worthwhile.

Some coders are more utilitarian about the process than others. For example, if a developer is using an open source tool in a particular project, they will often tweak or improve it over the course of their efforts. Those improvements are then circulated to the rest of the software's developers and users, resulting in gradual iterative improvements.

This also applies to companies that use open-source components, who will often contribute large amounts of code to open source projects as a by-product of their own internal development cycles. Some companies will also task developers with contributing to existing open source projects out of sheer altruism, but this is considerably rarer.

What's more common is companies gifting tools they've developed internally to the open source community. Part of this is a purely practical effort to outsource the continued development and iteration of these tools to the community at large, but there's also an element of giving back to developers by giving them access to sophisticated software.

Is open source safe?

In theory, the more people you have reviewing code throughout a build increases the chances of security holes and errors being uncovered and fixed. However, no matter how many pairs of eyes the code runs past, human error can and will persist.

The potentially fatal flaw with reusable code is that the vulnerabilities are by default also reused. The most popular open source libraries are embedded into thousands and thousands of applications, so if one vulnerability exists in a single piece of code, all of these are immediately vulnerable to the same exploit. 

Even when vulnerabilities are spotted, a fix takes on average two years to be rolled out. Users may think that the creator or developer is responsible for fixing their code, but if the code works for the developer, it's not certain they will revise their work.  

The perceived sense of security around open source software adds to the problem. Ultimately, developers who build the code aren't interested in whether their library is suitable for your business, they are concerned with the success of the library itself. Rather than blindly integrating open source code into its applications, businesses must carry out their own checks to ensure code is safe.

Open source code can be safe to use with a change of perspective, shifting from the viewpoint that it's faultless and foolproof to an approach which exercises caution and security.

Featured Resources

Unleashing the power of AI initiatives with the right infrastructure

What key infrastructure requirements are needed to implement AI effectively?

Download now

Achieve today. Plan tomorrow. Making the hybrid multi-cloud journey

A Veritas webinar on implementing a hybrid multi-cloud strategy

Download now

A buyer’s guide for cloud-based phone solutions

Finding the right phone system for your modern business

Download now

The workers' experience report

How technology can spark motivation, enhance productivity and strengthen security

Download now


Golang XML parser vulnerability could enable SAML authentication bypass

Golang XML parser vulnerability could enable SAML authentication bypass

15 Dec 2020
How to automate your infrastructure with Ansible

How to automate your infrastructure with Ansible

2 Dec 2020
Log-On Wave for IBM Z simplifies highly virtualized environments

Log-On Wave for IBM Z simplifies highly virtualized environments

16 Nov 2020
The IT Pro Podcast: What COVID-19 can teach us about open data
Data & insights

The IT Pro Podcast: What COVID-19 can teach us about open data

30 Oct 2020

Most Popular

WhatsApp could face €50 million GDPR fine
General Data Protection Regulation (GDPR)

WhatsApp could face €50 million GDPR fine

25 Jan 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

21 Jan 2021
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

12 Jan 2021