01/12/2022
OPEN SOURCE - Open and Insecure?
SEVEN PRE(UR)PARTS AND THE MAGNIFYING GLASS
Insecure, no support, generally unsuitable for use in critical infrastructures. That's what many people think about open source software. Yet seven out of ten German companies have systems with open source code. And they are satisfied. Rico Barth, managing director of cape IT and board member of the Open Source Business Alliance, has taken a closer look at the common prejudices and wants to dispel them.
1. open source is only a passing trend
The term open source emerged in the late 1990s, but the idea behind it has been around since the 1980s. At that time, when Apache, the GNU project or Linux, for example, were just emerging, the concept of open source code could have remained a marginal phenomenon. But determined developers like Linus Torvald prevailed.
Open source has long since become an economic driver worldwide. Red Hat, a US open source company, for example, was taken over by IT giant IBM in 2019 for around 34 billion US dollars, and since then the open source division has increasingly become a revenue driver for the IT giant. But there are also always very successful players from Germany, such as SUSE. The Nuremberg-based company generated sales of half a billion US dollars in 2020. Fringe players look different. Or Mastodon, the open source project from Berlin, which is growing exponentially and is well on its way to replacing Twitter.
2. open source opens the door to hackers
Possible. With open software, any user can view and edit the source code. Even malicious hackers, by attacking points of attack and infiltrating the systems. In fact, it is precisely this openness that ensures greater security. Through the cooperation of large communities of private users, employees in companies, authorities and ministries, as well as open source providers, the code is closely monitored.
Gateways and security gaps are detected and closed very quickly. Faster than would be possible with proprietary software. A well-known example is the internet browser Firefox, where users continuously contribute to data protection and increase security with externally developed extensions.
3. anyone can introduce bugs into the code
Intentionally or unintentionally, anyone can actually introduce bugs and errors into the code. However, there is little chance that a faulty line of code will make it into a released version. All changes are documented and can be traced at any time. They are tested and, if necessary, removed again.
Anyone who has ever worked on Wikipedia knows this. As soon as a change appears in an article, the text is checked and quickly corrected. But it is not only the security aspect that plays a decisive role. Depending on the requirements and desired functions, open source systems can be quickly configured individually. Open interfaces make integration into existing system landscapes much easier than with closed-source systems.
4. open source communities are a bunch of idiots
Open source communities are not made up of hobby developers. The users are mostly IT experts from different industries who use software professionally. Diversity, transparency and the enormous know-how give rise to ideas, features and functions that would otherwise probably never have made it into a programme. The developers behind the software work according to precise timetables before they release a new version. There is no question of a loose group of nerds.
5. Open source cannot meet current customer requirements
Employees of IT companies that offer business-relevant open source software usually act professionally and quickly in implementing customer requirements. After all, quality and speed are very important factors for users of open source software. That is why the providers focus on market-oriented further development, very good service and reliable maintenance.
They know that success is fleeting. If there is a standstill, users can drop out more quickly, since open source solutions by their very nature also have lower degrees of dependency than closed source alternatives. A greater customer focus than in the open source sector is therefore rare.
6. open source is useless for critical areas
Small businesses, medium-sized companies and global corporations use open source solutions. Especially if they belong to the so-called critical infrastructure. Ministries, public authorities or hospitals also use open software.
One major advantage is that it is easy to audit. This is often a very important requirement for professional use in the public sector.
The current federal government has also recognised this. Already in the coalition agreement, the parties involved agreed on stronger promotion of open source solutions and thus digital sovereignty.
In the summer of 2022, the coalition government increased the budget for this to a total of 51 million euros. This is still comparatively little, but at least a step in the right direction.
7. You have to look for support for a long time with open source
Of course, this depends on the respective open source solution and the extent to which a professionally operating company or a corresponding community is behind it. For our own open source ITSM software KIX, for example, professional support is an integral part of the business model. This ranges from the first analysis meeting and stocktaking to implementation and continuous support for the customer. Our customers' employees receive intensive training and can seamlessly continue their work with the new system.
Many advantages, but no panacea
Open source has not only established itself in the working world, but also in everyday life. Without open source projects by global giants, such as Adobe or Android, the world would look different today. And without projects like the server operating system Linux, the Apache web server or the database management MySQL, the internet as we know it would not exist.
Despite all its advantages, open source software is not a panacea and is not free of errors. In a business context, for example, everything stands and falls with the skills of the companies and communities that develop the open source solutions. If there is no active and committed community, or if the developers do not provide regular updates, open source software cannot develop its potential. Particularly in the case of small projects, there is a great danger that work on them will be discontinued at some point.
Open source not only offers opportunities, but also demands responsibility. Only then is open source code strong. Perhaps open technology will overtake proprietary systems at some point and make them a marginal phenomenon.
