Pro/Cons of Open Source


This page describes the pros and cons of open source software (OSS) in an objective manner and clarifies common misconceptions and myth.

Truth about Open Source Software

Omnipresence

Open Source Software is widely used in industry, government, academia, and in most consumer products. Big software companies like Google, Facebook, Microsoft, Intel, and IBM contribute use and actively contribute to open source software [1] [2]. The UK government and NHS encourages the usage of open source [3] [4]! The Linux operating system is widely used in consumer products like mobile phones, smart TVs, or car entertainment systems [5]. Open source has and is transforming the world [6].

Legality

Albeit often free, the use of open source software is legal and the source code is licensed and often backed up by intellectual property and patents. More than 2,600 companies including large players like Microsoft contributed their intellectual property to the OpenInventionNetwork defensive patent pool to protect open source development from lawsuits. There exist various licenses that are considered to follow the open source mentality. As user it is important to comply with the license terms, however, most terms are relevant when modifying the source code.

Support

Many open source software products are developed and supported by companies; particularly, big software packages like the Linux kernel. Often, a version of the software can be installed by end-users for free but typically comes with limited (best-effort) support. Companies that rely on open source software for their day-to-day business contract the original software developers or third-party providers similarly as they would contract companies selling proprietary software. The main differences between open source software and proprietary software in terms of support is that 1) it prevents vendor lock-in: you can change the contractor for support in case you are not satisfied; 2) there is basically no end of life of individual software as it theoretically can be supported forever.

Reliability & Security

Reliability of software and security are often intertwined as defects (bugs) in the software may lead to various phenomena and data loss but also cause security concerns. There have been various studies that investigated these factors for open source software and compared it to proprietary software. Generally, OSS is not less secure and reliable as proprietary software, individual and widely spread software packages like Apache or Linux have proven to be more secure than similar but proprietary software [1]. Google took drastic measures by banning the use of Windows for security reasons [2]. A key benefit of OSS is the transparency that comes with the publishing of the code enables a rapid reaction to security threads and allows end-users to track the existence of bugs in their deployed version and allows them to apply hot-fixes individually [3]. This transparency also fosters trust in the software and actually maximizes privacy [4].

Compatibility

Open source software is often compatible with proprietary software in that sense that data can be exchanged between these products and that open source software provides similar functionality. Linux distributions come with extensive software archives that contain 1,000 of software packages for various purposes. Available lists can help to find replacements [1] [2] even for expensive proprietary software [3]. However, when software uses a complex proprietary file format for data exchange compatibility may be limited; however, managing such formats on the long-term often imposes challenges by itself, as access to such data may be limited in the future even with proprietary software.

FAQ

How can a company or developer make money when licensing their software under an open source license?

In fact, “So it is that almost every technology company, including Microsoft, is shifting over to open source for its development.”  [1]. These articles here and here describe how companies make revenue.

Isn’t exposing software disadantageous for security reasons?

Indeed, sharing of source code exposes the concepts and algorithms used and potential weakspots. “The principle of open design states that the security of a mechanism should not depend on the secrecy of its design or implementation.” [1]

As open source software can be inspected by developers throughout the world, these issues can be found effectively and resolved. Proprietary software has a similar rate of bugs than open source software, therefore, just because they cannot be seen, security issues exist there as well. For instance, cryptographic algorithms like AES have undergone substantial research effort to verify their correct behavior. Secretly developed cryptographic algorithms are often only protected by the secrecy of the approach as they are have not been analyzed as thoroughly.

Further reading