Depending on where you fall on the spectrum of open source support you are either fuming, just curious, or are in agreement with me before even seeing the reasoning. This article is the product of my many attempts to voice my concerns with those in the open source and FOSS movements. What I’ve found is that if you wish to have a real discussion about the fairness or merit of those ideologies you will most likely deal with zealots who condemn you for even thinking contrary to the ideology. Zealots who by the way are not software engineers. However, I think this snap response is detrimental to FOSS gaining more momentum.
To be clear I am a fan of FOSS and open source software. What I’m not a fan of is the disparaging attitude for any software that does not fit into that narrow definition of what is acceptable. No one can argue against the virtue of open source software helping others to learn programming, or to modify existing code bases to fit their needs. It is also hard to argue against the privacy and security aspects of it, but an argument does exist (which I discuss below). To summarize: FOSS is a good thing, and if we lived in a world in which EVERYONE shared their talents and the products of their labor for free, I would be one of the loudest proponents for it. Since that is not the world we live in I have two specific problems with FOSS and open source ideologies:
1 — Software is a complicated product that deserves the engineering title ascribed to many of the people who work on its development. Software today is built on the giants of the past, and there are many pieces of software today which continue this legacy. Creating good software is VERY complicated. It is akin to rocket science in terms of complexity. Regardless of your competences as a programmer, time is your most important asset. Time costs money.
What FOSS implies is not that you are not paid for your software, but rather that your software’s internal guts and all that makes it work, can be freely viewed by all. To understand why this is significant we need an example of this same expectation in another field.
So let’s use a lawnmower. For a lawnmower to follow the FOSS ideology, it would need to have the blueprints, parts list, raw materials list, method of assembly, and detailed build instructions. The raw materials will need to be freely available to you. You will need to own the machinery necessary to build parts, but fortunately almost everyone has this machinery and they are becoming more affordable every day. Now only IF you can freely build your lawnmower from scratch is it considered FOSS. You could be a mensch and go buy one though. I think we can all see the absurd nature of this thinking. Some might criticize this example by saying it isn’t directly analogous to software, but that would be my point precisely! In the situation where you can build your own lawnmower and everything is given to you to make that easy, how does the engineer who created the thing get compensated? How is that person’s labor protected? How many people do you think are actually going to buy a lawnmower? Think about any other profession and whether or not they would do something similar to this? Would a plumber come to your house, and show you exactly how they are doing what they are doing, and then point you to tutorials that explain why they are doing what they are doing? Do they do this for free?
Of course not!
Does this mean that no one does this? Of course not! It is however a personal decision made by the individual and is done out of the goodness of their own heart. It isn’t the product of an ideology that insists they do that. Now think about this: Software is complicated and it takes a lot of time for GOOD software to be developed. Why should something that a programmer who spent years, months, days, or even hours working on it be yours for nothing?
FOSS does not mean free of charge, but it does mean that once someone has bought the software they are free to modify it, redistribute it, and share it. There are exceptions to this spelled out in various licenses, but ultimately, if the source code is available, nothing prevents people from exploiting it.
However by sharing efforts we can increase the speed of development in many cases, and this is a HUGE good thing. However this sharing must be made voluntary, as it is in every other profession.
2 — The claims that FOSS software is more secure and private. If you are a competent software engineer with a good amount of time on your hands, you absolutely can make good on these claims. You may have to learn about a few APIs, systems, etc. but you’ll be able to prove it for yourself. This doesn’t mean every programmer. This means those proficient in the type of programming the software was based on. Being a programmer doesn’t mean you understand everything at first glance. Time, once again, is your greatest asset. Encryption in particular is a complex subject that people specialize in. Being a programmer doesn’t mean you will be able understand and validate claims made by experts in these fields.
Furthermore, for 99% of the world’s population you have no way to validate those claims. You have to have faith that the people who are the programmers know what they are doing, haven’t overlooked anything, and that they have good and positive intentions. You may have more people to have faith in than a proprietary based piece of software, but you have to trust them just the same.
So with proprietary software you have to trust the company who made it. With open source you have to trust the independent individuals claiming it is secure, private, and good (who can also be part of a company).
The average user does not really benefit here. It is arbitrarily the same to trust a company, who is legally held liable, or a group of individuals, you have never met, and known nothing about, and who are not legally bound to the software. (However, many software companies are legally bound who create open source software. These companies tend to make money on enterprise services and support.)
— — —
I don’t claim to fully understand every facet of FOSS or open source initiatives, but as a software engineer myself these have been my two biggest complaints. I can see the virtues of FOSS, but I just don’t agree with how it’s implemented. My intention in writing this is to drive a discussion that either dispels these concerns, or creates a way to work beyond them.