Depending on where you fall in the spectrum of open source support this article’s title has you either fuming, just curious, or already in agreement with me before even seeing the reasoning below. This article is the product of my many attempts to voice my concerns with those in the open source and FOSS movements. What I’ve found is that if you wish to have a real discussion about the fairness or merit of those ideologies you will most likely deal with zealots who condemn you for even thinking contrary to it. Zealots, who by the way, are not software engineers. Furthermore, I think this snap response by many in this community is detrimental to FOSS’ momentum.
To be clear: I am a fan of FOSS and open source software. What I’m not a fan of is the disparaging attitude for any software that does not fit into its narrow description. Open source software is great at helping others to learn programming, or allowing individuals to modify existing code bases in order to fit specific needs. It is also hard to argue against the privacy and security aspects of it, but an argument does exist (which I discuss below). To summarize: FOSS is a good thing, and if we lived in a world in which EVERYONE shared their talents and the products of their labor for free, I would be one of the loudest proponents for it. Since that is not the world we live in I have two specific problems with FOSS / open source ideologies:
1 — Software is a complicated product that deserves the engineering title ascribed to many of the people who work on its development. Software is built on the giants of the past, and there are many pieces of software today which continue this legacy. Creating good software is VERY complicated. It is akin to rocket science in terms of complexity. Regardless of your competences as a programmer, time is your most important asset. Time costs money.
What FOSS implies is not that you are not paid for your software, but rather that your software’s internal guts and all that makes it work, can be freely viewed by all. To understand why this is significant we need an example of this same expectation in another field.
So let’s use a lawnmower. For a lawnmower to follow the FOSS ideology, it would need to have the blueprints, parts list, raw materials list, method of assembly, and detailed build instructions. The raw materials will need to be freely available to you. You will need to own the machinery necessary to build parts, but fortunately almost everyone has this machinery and they are becoming more affordable every day. Now only IF you can freely build your lawnmower from scratch is it considered FOSS. You could be a mensch and go buy one though. I think we can all see the absurd nature of this thinking. Some might criticize this example by saying it isn’t directly analogous to software, but that would be my point precisely! In the situation where you can build your own lawnmower and everything is given to you to make that easy, how does the engineer who created the thing get compensated? How is that person’s labor protected? How many people do you think are actually going to buy a lawnmower? Think about any other profession and whether or not they would do something similar to this? Would a plumber come to your house, and show you exactly how they are doing what they are doing, and then point you to tutorials that explain why they are doing what they are doing? Do they do this for free?
Of course not!
Does this mean that no one does this? Certainly not! It is, however, a personal decision up to the individual and is done out of the goodness of their own heart. It isn’t the product of an ideology that insists they do it less they be immoral or unethical. Now think about this: Software is complicated and it takes a lot of time to be developed. Why should something that a programmer who spent years, months, days, or even hours working on be yours for nothing?
FOSS does not mean free of charge, but it does mean that once someone has bought the software they are free to modify it, redistribute it, and share it. There are exceptions to this spelled out in various licenses, but ultimately, if the source code is available, nothing prevents people from exploiting it. However by sharing efforts we can increase the speed of development in many cases, and this is a great and noble pursuit. However, this sharing must be made voluntary, as it is in every other profession.
2 — The claims that FOSS software is more secure and private. If you are a competent software engineer with a good amount of time on your hands, you absolutely can make good on these claims. You may have to learn about a few APIs, systems, etc. but you’ll be able to prove it for yourself. This doesn’t mean every programmer. This means those proficient in the programming langauge(s) the software was was written in. Being a programmer doesn’t mean you understand everything at first glance. Time, once again, is your greatest asset. Encryption, in particular, is a complex subject that people specialize in. Being a programmer doesn’t mean you will be able understand and validate claims made by experts in these fields. Being capable is the first part, but to verify all of the software you use represents a massive investment of time. Time in this case is just as important as the ability to comprehend and analyze the code.
Furthermore, for 99% of the world’s population they have no way to validate those claims. They have to have faith that the people who are the programmers know what they are doing, haven’t overlooked anything, and that they have good and positive intentions. You may have more people to have faith in than a proprietary based piece of software, but you have to trust them just the same. So with proprietary software you have to trust the company who made it. With open source you have to trust the independent individuals claiming it is secure, private, and good (who can also be part of a company).
The average user does not really benefit here. It is arbitrarily the same to trust a company, who is legally held liable, or a group of individuals, which they have never met, known nothing about, and who are not legally bound to the software. (However, many open source software companies are legally bound. These companies tend to make money on enterprise services and support.)
I don’t claim to fully understand every facet of FOSS or open source initiatives, but as a software engineer myself these have been my two biggest complaints. I can see the virtues of FOSS, but I just don’t agree with how it’s implemented. My intention in writing this is to drive a discussion that either dispels these concerns, or creates a way to work beyond them.