Blog· 7min June 27, 2022
For the uninitiated, open-source software is software with source code that anyone can inspect, modify and enhance. To appreciate ethos behind it, check out my favourite bread-based analogy [1], which seems appropriate given the baking habits introduced to many households in recent years, at least here in the UK!
In this article, we will debunk some common misconceptions about open-source software and provide our views on best practice.
Myth #1: open-source software (OSS) is only developed by students as a hobby
Reality: some of the biggest open-source contributors are large software companies such as Google, Microsoft and IBM. Many skilled and experienced professionals contribute to open-source projects, not only for professional advancement but for intrinsic intellectual motivations.
Investment in open-source projects has risen considerably in the last 2 decades; one study identified in 2004 only 9 firms producing OSS raising venture funding, this had risen to 110 firms by 2015. [2]
Myth #2: OSS is not widely used
Reality: Use of open-source software is widespread, with many components that are often ‘unseen’ or hiding in plain sight. For example, Chromium is used in 64.5% of web browsers 3. Linux is another well-known example.
Open-source software supports a wide range of use-cases, from server software, development tools, web browsers, scripting languages, workflow, desktop / devices and many more.
Myth #3: OSS is inferior to closed source or proprietary software
Reality: Open-source software is acknowledged as a strong mechanism to achieve many corporate goals:
Myth #4: OSS it is less secure
Reality: The availability of source code makes identification of security risks easier and more transparent.
Specialisation in software has the ability to improve quality; engineers are focused on smaller problems for a larger audience. This is particularly true in cryptography where "don't roll your own crypto" is a key principle.
The ability to report and fix bugs enables everyone to share in the benefits of the wider availability.
Myth #5: the risks are greater
Reality: A degree of risk is unavoidable whether you are using closed or open-source software. There are sensible steps you can take to avoid a couple of common pitfalls:
1. Avoid thinly maintained or out of date software:
2. Ensure a robust supply chain for access to open-source software:
Myth #6: there is no support available
Reality: commercial support for OSS is widely available through specialist companies. You may also choose to support OSS in-house. Either way, you can augment this by community support, providing an excellent service model.
So, now we’ve dispelled the myths, let’s have a look at some best practice.
There are some best practices that any organisation should adopt when using open-source software:
As I hope we’ve explained, open-source software is mainstream, robust and can help achieve corporate goals.
In many cases, OSS relies on a community of users who continually help improve the quality and advance the code, giving engineers ‘skin in the game’ rather than being passive users.
This sense of community is an essential ingredient. Just listen to episodes of the Form3 .tech podcast focussing on Hashicorp and Cilium that bring this to life. For long term sustainability, companies like Form3 collaborate to ensure open-source software continues to improve, for the benefit of all.