October 17, 2011 By Susan Perschke | Network World
Most FOSS (Free and Open Source Software)
is D-I-Y (Do It Yourself)
It is written by programmers, for programmers.
Programmers, government agencies and competitive companies choose FOSS when they need innovation. They choose FOSS for the same reasons they send their staff to Lowes, Home Depot, Staples, and FedEx Office (formerly Kinko's)... to get things from which they can inexpensively fashion unique solutions that make them more efficient.
Why do it yourself?
Like the 1920's
, the "roaring" 1990's overheated the economy as everyone clamored for the latest computer technology. While the cost to produce the technology itself dropped like a rock, insatiable demand for related services drove the human costs through the roof. The tech bubble inevitably burst
The ubiquity of cheap computing power and laissez-faire economic policies had spawned financial instruments too complex for reliable risk analysis. So a few years later, the financial bubble burst as well, putting us in our current "Great Recession"
financial titans still have much more money than time so they continue to buy highly polished commercial software, layoff most of their tech staff, and pay companies like Microsoft, Oracle and SAP enormous amounts for licensing and support. What choice do they have? A major failure could put them out of business very quickly.
But "the 99%"
of people, governments and companies, just as in The Great Depression, can no longer afford those high-priced finished products. With layoffs, virtually frozen wages, and less disposable income, Americans now have more time than money. Survival depends on finding new, more efficient and cost-effective ways of doing things.
Is FOSS Secure?
Any retailer with a glass storefront will tell you that police strongly recommend the glass be kept clear of obstructions and the store interior be kept lit after hours so anyone can see in. Transparency is the best deterrent to crime as well as the best way to spot crimes in progress.
That's the principle FOSS security is based on -- transparency.
If you were a careless or malicious programmer, which kind software would you prefer to put your dangerous code in? Closed, where few if any can find it, or Open where anyone can find it and you don't know who or how many will?
It's as simple as that.
The same reasoning combines with speed of development to account for the explosion in scripting languages where the source code couldn't be more accessible.
The explosion of freely available information makes the ubiquitous concept of "security by obscurity"
a complete fantasy promoted to sell software.
Then how do you separate the wheat from the chaff?
FOSS is like an open bazaar or swap-meet with free or virtually free stalls. Anyone with programming skill can distribute their work.
In today's economy, the unemployed can learn how to program with countless free resources on the web. They then can create things others will want and distribute them to thousands. They build up a "portfolio" of work on their blogs and web pages. If they're good, they gain a reputation that gets them hired or allows them to build their own company selling software and/or services.
Here's how to find the best of the best...
- The less you know about programming, the more discriminating you should be. Look for mature, widely used software like Firefox, Ubuntu Linux, and the LibreOffice suite.
- Search the internet widely for reviews, comparisons, bug reports and questions on forums. The later will give you a feel for how widely used the software is as well as the kinds of bugs it has and how easy they are to fix or work around.
- A NOTE OF CAUTION!
Judge bugs by their quality, not their quantity!
All software has bugs! Because expensive commercial software is not open, its bugs are not as widely documented as those in free and open source software. You'll find a lot more bug reports for FOSS. If you study them, you'll find many are duplicates as many websites republish bugs listed elsewhere.
- If you're not an experienced programmer and are worried about a program that does what you want but is new or not that widely used, find an experienced programmer friend, staffer or consultant who can read the language and get them to scan the code.
- Is it well organized or is it confusing?
- Are there suspicious looking sections?
- Prefer software with the most downloads.
- Quality ratings are not as reliable as number of downloads.
- New software will usually have higher ratings due to its small number of downloads and reviewers.
- A high number of downloads/day factors in to longevity.
- New or obsolete software will tend to have lower counts.
- If two programs have similar numbers of downloads and downloads/day, then check the ratings but don't put much stock in small differences. Look for low vs high.
Labels: linux, open source, quality, reliability, security