18 minutes reading time (3620 words)

Making Software Wood

September-Wood

Software, the programs whereby a computer and the internet functions, has become one of the most used commodities since the advent of computers and the internet. Every electronic device runs on software. It is software that makes these things useful and smart to us. It is now more than ever necessary for software to be licensed in such a way that it will be as versatile and as free as wood in the hand of the user.

Wider and quicker adoption of free and open-source software will not only grant manumission for consumers from proprietary software tycoons but also enable it to be more secure, stable and reliable which in turn will provide a significant source of income to its developers.

1. What does software licensing have to do with wood?

When a carpenter-turned-software-developer, like me, decides to take a piece of wood, whether it be from the field, a lumberyard or the local hardware store, I want to have artistic license to create with that piece wood whatever I like. It is important to me that I am at liberty to use it for myself, or freely sell whatever I make with it to whoever is interested in my handy work. The new owner now again has the liberty to use what was bought in any way possible or repurpose it into something more unique. And should the owner feel so inclined, he can again sell it for profit to another buyer. The original carpenter, me, received revenue for my labor as well as the second carpenter. If carpenter B just resold the original piece for a profit, it is the consumer’s prerogative where he wants to buy. Perhaps carpenter B just made it more available to the consumer by having it in a more convenient location (this could be at the retail shop where I sold my furniture) or painted it in custom color. But nowhere in the production line does the wood come with a tag on it that says the consumer may no longer change it, sell it or even own it.

This introduction serves as a parable that explains the simple logic behind free and open-source software (FOSS) licensing. Changing careers in no way change the value I place upon liberty. This following technical explanation is in order that you will understand the various names and acronyms used. I quote, “Open source software” is sometimes also called “Free software”, “libre software”, “Free/open-source software (FOSS or F/OSS)”, and “Free/Libre/Open Source Software (FLOSS)”. The term… “Free software” has been sometimes misinterpreted as meaning “no-cost”, which is not the intended meaning in this context. (“Free” in “Free software” refers to freedom, not price.)” (Mardjan, Jahan)

As a consumer, there are many advantages that come from using software that is copyleft. Copyleft basically means you are free to copy the code with the condition that the license is left untouched, and any further distribution of the code will include the applicable license. In like manner, the developer is not left out in any way and will benefit greatly from licensing software in such a way which makes it free to use, improve and redistribute.

2. Code Transparency, Security, Privacy and Everything that goes on Behind the Scenes

There are a few fundamental freedoms that classify software as being free and open source. We will look at the second freedom first, specifically section A. “The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this.” (Stallman) Transparency of the code base is imperative to build trust and invite community collaboration. The incentive behind this is to get as many eyeballs on the code as possible. (ESR) To truly benefit from the free and open-source objective there needs to be a large enough beta-tester and co-developer base which in turn will bring about a more stable, secure and bug-free code base. (ESR)

This brings us to the point of software security and privacy. It has been debated for many years whether free and open-source software is necessarily more secure than proprietary software. The answer is not clear cut because of many variables that can negatively influence security beyond the control of the developer, but open-source software projects like Linux and Apache Server has proved over and over; when FOSS software is done right with enough feet to trample its code base it has the potential to be the most secure systems in an increasingly hostile Cyberworld.

A transparent code base has become a prerequisite for more secure solutions because of the simple fact that the code is visible to anyone everywhere and this allows for more people to track down sources of security vulnerabilities and issues are “identified, fixed and propagated” much faster and more efficiently. Updegrove states that open source software is increasingly used by defense, financial and other users that place the highest priority on security. (Updegrove) Similarly, Mardjan & Jahan found “ ...a trend towards adopting open source solutions for security and privacy protection. Governments worldwide cannot depend and trust on closed source software for their security infrastructure anymore… So open source solutions for controlling security and privacy are slowly but steadily becoming the new de facto standard.” (Mardjan, Jahan) An article by Stefan Thorpe notes “Add high security, continuous editing, and innovative upgrades to the collaborative nature of open-source, and you have a recipe for success. While some people may argue that the nature of its openness means it is impossible to keep secure, many consider the opposite to be true. Bugs are identified and dealt with quickly and efficiently by an army of global programmers.” (Thorpe) Lastly, a study done by Homeland Security to determine if open source is necessarily more secure because the code base is transparent found that open source code offers little incentive for hackers to victimize FOSS projects and that neither is less secure because “many security attacks are independent of the source code”. (Clarke, Russell, et al. 30) What they did find true however is that open source reinforces sound security practices because of the exposure it enjoys as many people that get involved and provide the users as well as the community with “reusable, secure and working code”. (Clarke, Russell, et al. 30)

Living in the Cyber-age the right to privacy has become a very hot topic as it is closely related to security. The American Bill of Rights in its 4th Amendment implies that the United States Government has the mandate to protect personal privacy. (US Const. amend. IV) In a similar way does the General Data Protection Regulation (GDPR) purpose to protect the use and movement of personal data. It states “The protection of natural persons in relation to the processing of personal data is a fundamental right.” (GDPR. Recital 1) Regardless of this, those who work or socialize on computers and the internet are being bombarded daily with countless privacy breaches unknown to the indiscriminate user. Sometimes privacy is even sacrificed for the sake of security. In September 2015 AVG, an antivirus software provider, updated its privacy policy to make it more transparent. So doing they basically made it clear that they sell user (anonymized) data to keep their free version for free. (Osborne) Don’t look down upon them too much as Avast makes similar statements, though less specific, not mentioning browser and search history data. (Temperton)

Every person has an intrinsic right to privacy that should be protected from the overreach of other people and institutions into the individual’s private life for either malicious intent or the purpose of self-gain. In “Fourteen Reasons Privacy Matters” Trina Magi lays out, through various scholarly articles, very important reasons why you should be concerned about your privacy, not just online but in many aspects of personal life as it influences you as the individual, your personal relationships as well as society. Magi concludes that above and beyond the personal reasons why privacy should matter to you, like protecting an individual from the overreach, self-ownership, freedom to choose, preventing victimization of people through categorization and others; privacy has the value building and maintaining of healthy relationships and the support of a more just, democratic, and tolerant society. (Magi). For these reasons the focus should be turned to free and open-source software, not because it is the perfect, bug-free, vulnerability free option but rather because of this one principle whereby it abides and it is that of freedom. Speaking of freedom; free and open-source software “campaign for these freedoms because everyone deserves them. With these freedoms, the users (both individually and collectively) control the program and what it does for them. When users don't control the program, we call it a “nonfree” or “proprietary” program. The nonfree program controls the users, and the developer controls the program; this makes the program an instrument of unjust power.” (Stallman)

Researching free and open-source software it becomes evident that the many benefits that can come from the model and concept of libre software are normally manifested in projects that have a credible, large and vibrant community who constantly labor to keep the project current, secure, and performing at its best. These projects are not just comparable to its proprietary counterparts but can excel on every level. In an exploratory study on the benefits and drawbacks of open source software by Morgan & Finnegan, they interviewed 13 firms in the European secondary software sector. Their findings were tabled, and regarding the quality they found that the “majority of interviewees found quality beneficial in terms of enhanced quality from peer reviews and the quality of developers and testers. Two companies felt this could only be applied to top-tier, mature OSS products (e.g. Linux)”. (Morgan & Finnegan)

Thorpe concludes why you should choose open-source software:

  • “Security: Open source revolves around transparency and inspection by a wide community invested in project success.”
  • “Quality code: Due to the nature of its collaborative approach— and lack of boundaries — open-sources projects inherently generate high-quality work.”
  • “Freedom: The freedom to adapt, collaborate, and develop with like-minded people. Open source is a step towards the future of free software for all.” (Thorpe)

3. The Next Generation Learning from History

Turning back the pages of history to where it all started for the open-source movement in 1969 we see Unix that transformed into Linux. Another pivot point in history for free software development was back in 1983 when Richard Stallman, after a squabble with a printer program, purposed to make software free to all and launched the GNU project. Stallman set down the freedoms of the GNU General Public License (GPL) and started rewriting Unix and Linus Torvalds added the “Linux” kernel which was fundamental for the needed integration between hardware and software. This set an important standard of collaboration that characterizes open-source software development.

Today open-source collaboration has taken on another dimension. Now closed-source companies need to start adopting a collaborative open-source mindset to stay relevant. One example of this is Microsoft acquiring Github in 2018. Microsoft CEO Satya Nadella said, “Microsoft is a developer-first company, and by joining forces with GitHub we strengthen our commitment to developer freedom, openness and innovation.” In 2019/20 Microsoft went a step further. Enter the Arctic Code Vault. GitHub’s most recent archive program, partnering with Microsoft Research and others, took a snapshot on February 2, 2020, of every active GitHub repository and stored it on silver halides on polyester in 3,500-foot reals in its arctic code vault for 1,000 years. Microsoft’s Project Silica plans to extend its longevity to 10,000 years. On their website, GitHub Archive Program, they make the statement that “the world is powered by open-source software. It’s our hope that it will, both now and in the future, further, publicize the worldwide open source movement; contribute to greater adoption of open source and open data policies worldwide” (GitHub) Open source software can no longer be ignored. As the code lay frozen close to the Global Seed Vault it gives another picture of how FOSS compares to natural resources which are cherished by the world, both being critically valuable yet unrestrained in their usefulness and opportunity at the same time.

4. Developer advantages

Linux and Apache were the front-runners from the beginning of the open-source revolution, and today these projects are still the most used open-source projects due to its stability and functionality. It is easy to derive from this that the sooner open code conventions are adapted by a project the faster a community will grow around the project. And as more people start using specific open-source software products, the greater will be the incentive to maintain the applicable code base. An example of this is the Joomla Component Builder (JCB), a Vast Development Method (VDM) project, that came on the scene only a couple of years ago. It started out as a private, in-house development to build Joomla components faster for a one-man business. After reaping incredible advantages above and beyond its competition, VDM decided to make the code open-source to get other developers on board to make JCB even more powerful. Still, this was not enough to be noticed in a sea of similar component creators, and no-one really believed it to be what it promised. The only option was to make the code not just open but also free, literally free. Only then did some heads start to turn. (VDM.io) This is a little in-house story about the writer’s own experience within the open-source community.

Opportunity for ingenuity affords the developer artistic freedom when using and developing free and open software. “Access to the source code facilitates more innovation; it produces ideas and encourages technical innovation while also creating more opportunities for innovation.” (Morgan, Finnegan)

Open source communities welcome and facilitate open learning. Knowing that software development is an ever and fast-growing field of study, the communities that maintain FOSS projects “encourage innovation through collaboration”. (BigCommerce) Community-based development gives inexperienced and upcoming developers the opportunity to work side-by-side with seasoned specialists, and learn from their expertise. The code is open for all to learn from providing an educational platform for hands-on learning where the only personal effort will limit the interested individual.

5. The Critics

There will be critics, and some criticism is even justifiable. Criticism has a strengthening effect and this has been true for the free and open-source philosophy as well. When there are vulnerabilities it should be known and get fixed. No one needs to get offended but rather the code base grows stronger and more resilient.

One specific criticism that needs to be addressed here is the question about how will you make money when you give away your work for free? Bob Roebling had this realization when he switched to open source: “Open source had very little to do with making money, and it was more about creating a culture that could be adopted where people cared more about their reputation to help others than they did about money.” (Roebling) Agreed, but still one needs to eat, and there is a definite answer to this. Since the inception of free software, the idea was never that it will necessarily be free of charge but free as in liberated. This does not limit opportunities but rather multiplies them in the open-source community. At VDM we develop software for revenue. The code remains free for customers to get other developers that can continue to advance their software. VDM runs a community project that is literally free as in “gratis” but each and every developer who uses our program can receive revenue from it. Moreover, the improvements that are made to the project benefits all.

6. Conclusion

To conclude we need to look again at what the carpenter experiences when he takes wood to make something from it, and see if it really measures up to the free and open-source model.

0. The carpenter (or developer) has the liberty to do with the wood as he pleases.
1. He, the carpenter, can take wood and study it to learn its best use case. He can study a chair made of wood and change the design to make it more suitable for his needs.
2. The carpenter cannot just distribute physical copies of the original without making it, yet this limitation does not take away any of his freedom.
3. He can distribute his copy of the chair. And another carpenter who sees and studies his chair can benefit from the improvements he made. (Adapted from Stallman’s 4 freedoms)

We can conclude that it is crucial for software developers to embrace and adopt free and open source principles to liberate software and make it as sustainable as wood. Software licensed under free and open-source principles will give freedom, privacy and security to its users as well as benefit the global community; and the sooner it is adopted the better for the project as a whole.

 

Annotated Works Cited

A short introduction of why open source software is important with a special focus on community-based development.

This white-paper is a critical review to determine if source code visibility has a definite positive impact on overall security or not seeing that there are great proponents arguing that there is greater security in obscurity.

The website of the GitHub Archive Program explains the GitHub project that wants to preserve the code of current open-source projects active on GitHub for at least 1,000 years for future generations in the Arctic Code Vault based in Svalbard, close to the North Pole.

The reference architecture is an open online document that helps you to solve and evade security and privacy risks. The purpose is to provide documentation to use existing proven solutions to save on time and lessons learned rather than to “re-invent the wheel”. A latest, stable version is always available online as well as the 2019 version, available in hard copy on Amazon.

  • Morgan, Lorraine, and Finnegan, P., 2007, in IFIP International Federation for Information Processing, Volume 234, “Benefits and Drawbacks of Open Source Software: An Exploratory Study of Secondary Software Firms.” Open Source Development, Adoption and Innovation, eds. J. Feller, Fitzgerald, B., Scacchi, W., Sillitti, A., (Boston: Springer), pp. 307–12. Springer Link, doi:10.1007/978-0-387-72486-7_33.

Research done in this paper is based on interviews held with 13 European companies in the secondary software sector regarding their experiences of the drawbacks and benefits of open-source software

A ZDNet article describing the release of a new, condensed and consumer-friendly privacy policy by AVG, wherein it helps the consumer to better interpret what the security policy really means, and the impact it is having on the user, especially of the free (gratis) version.

An online article that encourages FOSS developers to adopt a policy of releasing the code early and updates more often as done by Linus Torvalds in his development of Linux which at the same time includes lots of user feedback and response.

The General Data Protection Regulation has come into force May 2018, but it was already drafted and adopted in 2016 as a regulation of data protection and privacy within and for the European Union and everyone who processes their data online. The abstract is taken from the first Recital, Data Protection as a Fundamental Right.

Richard Stallman, next to Linus Torvalds, is the best-known name in the FOSS world, and definitely the authority when it comes to the principles and philosophy behind free software seeing that he did author the GNU general public license. In this article, Stallman explains the foundations of Free Software.

A Wired article that also expounds on the update of AVG’s privacy policy in 2015, and it’s interpretation and application on the user of the said antivirus software. In addition, it mentions similar statements in Avast’s privacy policy, another antivirus software provider.

The Bill of Rights is a collection of the first 10 Amendments to the Constitution of the United States of America which explains the rights of citizens in relation to the government.

A very informative article about the history of FOSS and how it has revolutionized the world of computing. Stefan Thorpe starts at its inception in the 1970s and lays out its progression and how it has given encompassing software solutions that can be found in nearly every technology. It also brings into focus the advantages of the collaborative nature that free and open-source software provides.

Another article about the history of FOSS but with a focus more on the benefits consumers as well as developers can enjoy from software licensed within the conventions and principles that makes software free and open-source.

Some articles published on the Joomla Community Magazine represent the personal opinion or experience of the Author on the specific topic and might not be aligned to the official position of the Joomla Project

0
The Power of Open Source
Accessible resources in Joomla! 3.x (Part 2)
 

Comments

Already Registered? Login Here
No comments made yet. Be the first to submit a comment

By accepting you will be accessing a service provided by a third-party external to https://magazine.joomla.org/