•  
•  
•  
•  

 

Open source versus proprietary software: a discussion

It may be argued that open source software has, in recent years, begun to move into the mainstream marketplace previously dominated by "shrink-wrapped" products such as Microsoft's Windows operating system and Office productivity suite. The most often cited examples of alternative open source applications include the Linux operating system (www.linux.org), the OpenOffice suite (formerly Sun's Star Office, www.openoffice.org) and Mozilla's Firefox web browser (www.mozilla.org). Evidence for the increased awareness of ­ and interest in ­ open source can be seen in the gradual proliferation of articles in the mainstream media¹. Even the British government is taking an interest, concluding in an October 2004 report that open source is a "viable and credible alternative to proprietary software"². However, there remains a great deal of confusion surrounding open source software, not least on the issue of what differentiates open source from "free" software, or, indeed, the fact that there is such a difference.

To gain a better understanding of open source and its implications, it is useful to consider its origins. In 1984, Richard Stallman founded the Free Software Foundation³ and launched the GNU project (www.gnu.org/gnu/), with the aim of producing a free operating system that would be entirely compatible with the proprietary Unix system. Stallman also laid down some new rules for the licensing of this software, based around that he calls "copyleft". Essentially, anyone has permission to run the software, copy it, modify it and distribute modified versions ­ so long as they do not add any restrictions of their own. In fact, selling modified versions of software licensed under the GNU General Public License (GPL) for profit is also permitted. Herein lays the most common misconception surrounding "free" software. According to Stallman's own Free Software Foundation website, to properly understand this philosophy you should think of "free" as in "free speech" not "free beer". In other words, the GPL is about freedom.

By 1992, Stallman had completed almost all of the necessary components of his operating system ­ including a shell, editor, compiler and assembler ­ all except the kernel. The kernel is the program at the heart of the operating system that allocates resources to the other programs that you run ­ without it, the rest of the system is useless. However, around the same time, a Finnish student named Linus Torvalds ­ then running a system called Minix on his own machine ­ began work on his own operating system⁴. The result of his work was the Linux kernel, which he released under the GPL. Soon, the Linux kernel, which was further refined by other members of what may be termed the "open source community", was being distributed with the GNU operating system across the globe.

The fact that Torvalds' and Stallman's source code was freely available to other interested programmers ­ allowing them to improve upon it ­ is central to the open source philosophy. This idea is perhaps most succinctly expressed in the proposition: "Given enough eyeballs, all bugs are shallow", coined by Eric Steven Raymond in his paper The Cathedral and the Bazaar⁵. This idea is also one of the most compelling arguments in favour of open source software. With an army of willing volunteers, from a wide range of technical backgrounds, bugs in open source applications are dealt with quickly and efficiently. Fixes are made available immediately, most commonly by means of the Internet, and at no cost to the end user. The fact that those developing open source software are doing so out of a personal interest, or need for a particular application themselves, means that they are extremely motivated to produce the best, most stable and secure software possible.

By contrast, commercial, proprietary software is produced by a selected group of developers with a much more narrow range of expertise. Their primary motivation is their salary. An example of where this approach may have resulted in less secure software might be the recurring problem of buffer overflow in Microsoft Windows products ­ such as those recently exposed in Windows' processing of JPEG images⁶. Some proponents of the open source model of software development might argue that such a "blind spot" ­ which may be considered a security risk if the overflow condition can be exploited to execute malicious code ­ might never have arisen if Microsoft products were not developed in such a resolutely "closed source" environment.

In The Cathedral and the Bazaar, Raymond goes still further in extolling the virtues of open source development over more "traditional" methods. He proposes that "treating your users as co-developers is your least-hassle route to rapid code improvement and effective debugging". "Effective debugging" would include the detection and correction of security flaws as well as logical errors and other bugs, so does that make open source software more secure? Microsoft disagrees. By keeping its source code under lock and key, the Seattle-based corporation claims that it is not exposed to hackers and is therefore more secure. However, it may be argued that Microsoft's own jealously-guarded dominance over the home and business software market, coupled with its increasingly arrogant-looking insistence on closed source practices, make it an all-the-more attractive target for hackers, script kiddies and virus writers.

Security considerations aside, another persuasive argument for open source software is the cost. Total Cost of Ownership (TCO) is an increasingly important factor to be considered when making any major software or hardware purchase. Simply put, the TCO should express not only the initial cost of purchasing the system, but also the ongoing costs incurred by continuing to maintain and support the system ­ the "lifecycle of costs". For any IT system, this will conceivably include training costs (for both end users and support staff), maintenance contracts with suppliers and future upgrade costs. The upfront licensing costs of proprietary software would appear to make open source software ­ which is essentially "free", unless there is a charge for distribution ­ the clear winner in terms of cost of ownership. However, in practice, the advantage may not be so clear cut. Taking the broad example of making a choice between Linux and Windows operating systems in an enterprise environment, Microsoft would argue that choosing Windows, with its out-of-the-box functionality and familiar, consistent-looking GUI interface, results in a lower TOC in terms of IT staffing costs⁷. This sentiment is echoed by many high profile business people, including Barclays Bank's Chief Technology Officer, Kevin Lloyd, who cites "terms of service" as the main reason behind his recent decision to choose a Microsoft desktop over Linux alternatives⁸. It must also be considered that, whilst there are free distributions of Linux available, most corporations will prefer to purchase theirs from one of the big players in the open source market, such as Red Hat, IBM and Novell, who provide product warranties and service agreements ­ for a fee⁹.

Just as vocal, however, are those who believe that open source software offers a considerable saving over licensed proprietary software. Indeed, the UK government's October 2004 report² also concluded that "adoption of Open Source software can generate significant savings in hardware and software costs". It was also suggested that a typical hardware refresh period for open source systems was 6-8 years (for a Linux system), compared with a 3-4 year period for Windows-based systems. If this is the case, the effects on the total cost of ownership for Linux systems are likely to be significant.

Of course, in the final analysis, it may be argued that the merits of open source versus proprietary software are largely academic: what really matters is whether anyone uses them. Whilst market share is clearly not an indication of quality, nor any vindication of dubious marketing techniques¹¹, it does serve to put the issue into perspective. It is clear that Microsoft dominates the home PC and business workstation market with their operating systems and productivity software. Application server products such as SQL Server and Exchange are also in widespread use. However, there are a number of key areas in which open source alternatives have a significant ­ or greater ­ market share than that of any proprietary software. The most often cited example of this is the Apache web server, most commonly found running on Unix or Linux-based systems. In this area, the open source Apache product has a clear, and long-established, lead over its nearest competitor, Microsoft's Internet Information Services (IIS) with market shares of 67% and 21% respectively¹⁰. In this case, the differences in cost (Apache is free, whereas IIS requires at least one Windows Server license) and frequent questions regarding the security of Microsoft's product¹² appear to make Apache the preferred choice of web server for most users.

Figure 1: Netcraft December 2004 Web Server Survey

By way of contrast, the web browser market is entirely dominated by Microsoft, with its Internet Explorer accounting for between 90-95% of the most popular browsers over the last couple of years (quite clearly as a result of the company's bundling of IE with Windows and forcing the once dominant Netscape all but out of existence). However, the Mozilla Foundation ­ spun off from the remains of Netscape ­ has recently released the first "complete" version of its new pared-down, standards-compliant browser, Firefox (www.mozilla.org/products/firefox/). Due perhaps to the combination of its small, fast, efficient design, fervent support from the open source community¹³ and a long list of security vulnerabilities in the comparatively bloated Internet Explorer, Firefox has already made significant gains.

Figure 2: Most Popular Browsers: OneStat.com Nov 2004

It is difficult to say what the future holds for open source software. On the one hand, the financial might and marketing scruples of the proprietary software giants, such as Microsoft, would seem to suggest that open source alternatives will remain just that ­ an alternative to the dominant proprietary offerings. On the other hand, the increased interest in, and awareness of, open source can only bode well for its future proliferation. As the example of the Apache web server demonstrates, it is imminently possible for superior open source products to triumph over their bloated, bug-ridden and arguably over-priced proprietary competition. And the evidence suggests¹⁴ that Microsoft knows this all too well...

Bibliography

• The Cathedral & the Bazaar
• How Geeky Are You?