It’s rare for any sector of the tech industry to be widely considered as noble or altruistic today. However, with open source software, this is still very much the case. But what is open source exactly?
Open source, as its name suggests, is a field of software development in which the source code for tools, projects, and programs is made freely available to download, modify, and share. Given it's free-to-use with no restrictions on how you do so, it's become widely used among cash-strapped startups and smaller firms.
Another important element of open source is that, because the code is publicly available, anyone can tweak it. As a result, a thriving and active open source community has developed, with countless developers collaborating on projects and sharing ideas.
Open source components have crept into virtually every piece of technology on the planet, whether it's the Linux operating systems that power data centres and cloud services, the Android software behind some of the world's best smartphones, or enterprise development tools like Puppet and Jenkins.
Why is open source so popular?
Perhaps the easiest answer to this question is that open source software costs nothing. Looking around, one can find cheap alternatives for popular paid products, such as Blender for 3D computer graphics, or LibreOffice Writer for word processing. In this way, open source programs are inherently more accessible, as one can make use of them without the need for a budget or special permissions.
The main driving factor behind open source is the idea that as development projects are enhanced and accelerated, the wider the pool of people involved becomes, with developers of varying skills and abilities contributing their own expertise and experience.
This principle of cooperation is helped along by the inherently international nature of projects shared on the internet, with programmers from all over the world collaborating to ensure that finished code is the result of as dedicated and diverse a team as possible.
Sharing couldn’t be simpler for most open source projects. The complete source code is usually posted publicly via code-sharing platforms like GitHub allowing anyone to examine it and make changes. By keeping projects openly accessible in one place, developers can ensure collaboration is as organised as possible while keeping it organic, and achieve impressive results in short timeframes.
Although allowing so many people to interfere with the source code may be seen as risky, allowing additional scrutiny in the form of an extra pair of eyes - or often enough, several pairs of eyes - boosts the chances of flagging up any bugs. Moreover, open source software lends itself to tighter security, in light of the additional help at hand to shape it or process any problems.
For programmers and developers, the benefits of releasing creations as open source software include increased feedback and collaboration. Your peers are free to change and improve your code, adding features you may not have thought of or simplifying it to make it more efficient.
Common wisdom also holds that open source software is more secure - after all, the more people reviewing and working with a piece of code, the more likely it is that any potential errors or security holes will be spotted.
On the other hand, the fact that the Heartbleed bug went undetected in the OpenSSL code for so long, means the theory isn't exactly foolproof. It's also possible that rogue developers could use open source to spread malware.
There are a number of issues with open source development, most notably its steep learning curve. Less-seasoned developers may struggle to get to grips with open source projects, and those involved are often highly technically-minded professionals, or the most dedicated of enthusiasts.
The history of open source software
Optimising storage infrastructure for DevOps practices
Maintaining IT infrastructure to best support application services
The roots of open source lie in the origins of software and of computing itself. First pioneered by scientists, researchers and academics, the field was predicated on the free and open sharing of knowledge and information.
One of the ways in which programmers shared their code was via computing books and magazines, which featured full reproductions of source code for readers to copy and use. This became particularly popular with the rise of home computers like the Commodore 64 and ZX Spectrum, which could be used to create basic games.
As software development became more commercialised, and competition amongst developers increased, the prevalence of open source code saw a decline. Despite this, hobbyists have continued in the tradition of writing open source software, even as giant software firms have dominated the sector.
As more and more computers became connected to the internet, programmers started sharing their code with each other online. This led to a substantial increase in the number of available open source projects, and eventually to the creation of the Linux kernel by Linus Torvalds.
The term 'open source' was first adopted by advocates of these principles in 1998. It grew steadily in popularity and sophistication over the next few years and although open source software was previously known mainly to hardcore computing enthusiasts and programming geeks, it has now achieved a wide level of visibility and acceptance, both in the public eye and within the enterprise community.
How do companies make money from open source?
Given open source is freely available, you might be wondering how companies like Red Hat and Canonical make money from it.
While organisations that specialise in open source products don't generally make money from sales of the software itself, many will offer an enhanced version of their product that enterprises can pay to use, as is the case with Red Hat Enterprise Linux (RHEL). These commonly include greater flexibility, more features, easier management and maintenance options, and generally better interoperability with a range of other platforms and services.
Another tactic often used by open source vendors is to provide the software freely, but to withhold official support and other additional services from companies that haven't taken out a contract. Since business IT relies on minimising downtime as much as possible, strong support is essential making this tactic very effective.
Why contribute to open source projects?
There are many reasons why people choose to contribute to open source projects. One of the most obvious ones is the sense of generosity and community spirit it creates; many developers simply want to help build cool stuff and will contribute to projects that they think are useful and worthwhile.
Some coders are more utilitarian about the process than others. For example, if a developer is using an open source tool in a particular project, they will often tweak or improve it over the course of their efforts. Those improvements are then circulated to the rest of the software's developers and users, resulting in gradual iterative improvements.
This also applies to companies that use open-source components, who will often contribute large amounts of code to open source projects as a by-product of their own internal development cycles. Some companies will also task developers with contributing to existing open source projects out of sheer altruism, but this is considerably rarer.
What's more common is companies gifting tools they've developed internally to the open source community. Part of this is a purely practical effort to outsource the continued development and iteration of these tools to the community at large, but there's also an element of giving back to developers by giving them access to sophisticated software.
Is open source safe?
In theory, the more people you have reviewing code throughout a build there more security holes and errors will be uncovered and fixed. However, no matter how many pairs of eyes the code runs past, human error can and will persist.
The potentially fatal flaw with free and widely-shared code is that the vulnerabilities are by default also reused. The most popular open source libraries are embedded into thousands of applications, and if one line of code within a library contains a vulnerability, anything that utilises it will be weakened as a result.
It’s still best practice to check over open source code, even if it’s from a trusted source and seems to work, to check for logical errors and anything else that might have been overlooked in its creation.
Save time, money and protect your mid-market business with strategic workforce solutions
Effectively handle your technology needs with superior capabilities to secure, manage, and support business PCs
Even when vulnerabilities are spotted, a fix takes on average 68 days to be rolled out. Users may think that the creator or developer is responsible for fixing their code, but if the code works for the developer, it's not certain they will revise their work.
The perceived sense of security around open source software adds to the problem. Ultimately, developers who build the code aren't interested in whether their library is suitable for your business, they are concerned with the success of the library itself. Rather than blindly integrating open source code into applications, businesses must carry out their own checks to ensure code is safe.
Open source code can be safe to use with a change of perspective, shifting from the viewpoint that it's faultless and foolproof to an approach which exercises caution and security.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2023.
Jane McCallion is ITPro's deputy editor, specializing in cloud computing, cyber security, data centers and enterprise IT infrastructure. Before becoming Deputy Editor, she held the role of Features Editor, managing a pool of freelance and internal writers, while continuing to specialise in enterprise IT infrastructure, and business strategy.
Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.