Open-Source Software FAQ
Version 2
Maintained by: Nah Soo Hoe
Last updated: 26 April 2003
This FAQ was written as it was felt there was a necessity for a short, simple, yet comprehensive document that we could use to refer non-open source aware people to and also to distribute on the web to help raise the profile locally for open source. This is meant to be a living document and so if you wish to contribute or have some opinion please e-mail the maintainer at webmaster@my-opensource.org.
Comments and contributions: Please forward any to webmaster@my-opensource.org
The latest version of this FAQ can be found at http://www.my-opensource.org/oss-faq.html
For information on the duplication and distribution of this FAQ please see Question 99.
(Note: This is an extensively revised version of the original FAQ which appeared on the www.my-opensource.org website from 1999-2002. The contributors to the original FAQ include: Beh Hong Leong, Loke Kar Seng, Fan Li Tai, Dinesh Nair, Nah Soo Hoe)
Contents
1. What is open-source software?
2. Is open-source software a new thing?
3. What is the difference between Open Source and Free Software?
4. Why is open-source software important?
5. Why is open-source software important to Malaysia?
6. Why is the open-source process/model important to eductional institutions in Malaysia?
7. What open-source software is available?
8. Open Source software licensing and copyright(/left)
9. What about accountability and support for open-source software?
10.Is open-source software secure?
11.What business models are available for open-source software?
99. Can I reproduce this FAQ and distribute it?
100. A little open-source software culture
1. What is open-source software (OSS)?
Software comes in the form of compiled code (binaries), and the human-readable source code from which these binaries are compiled. Open-source software is software whereby the software is distributed in the form of binaries as well as source code. But, more than that, to qualify as open source, the distributor cannot restrict any party from redistributing the software, nor can any party be restricted from making modifications or making derivative works based on the source code.
Open source has its roots in “Free Software”, a term coined by Richard Stallman of the GNU Project and the Free Software Foundation (FSF). The word “Free” is to be read in the context of “Freedom” and liberty not “free” as in price. The GNU Project set out to write a Unix-compatible software system, and was led by Richard Stallman after he resigned from the MIT AI Labs in the mid-1980s.
Note: Open source is different from shareware and freeware which normally do not fulfill the definitions of open source and as a norm do not make the source code available.
The definition of ‘Open Source’ is amplified further at the Open Source page http://www.opensource.org/docs/definition.php. The FSF’s ‘What is Free Software’ at http://www.fsf.org/philosophy/free-sw.html should also be read.
2. Is open-source software a new thing?
No. open-source software has been around since the days of the early mainframe computers.
In those days, software was freely exchanged with source code by researchers and academics. It used to be commonly called free software, and was typified by The Free Software Foundation and the GNU Project. The Internet was built using free software and to this day it still depends a lot on it for its functioning. The term “open source” itself came about when, with the success of the Internet, the technical people tried to introduce good quality free software into their organisations and were met with disbelief by the management that anything which has no price-tag to it can be good and reliable. To try and overcome the negative sentiments about using non-commerical free software the term “open-source software” was coined.
3. What is the difference between Open Source and Free Software?
OSS has its roots in Free Software. The Free Software Foundation has defined what constitutes Free Software and it shares the same basic philosophy and outlook as OSS. However, the FSF favours the retained usage of the term “Free Software” to reflect the “freedom” aspect of the philosophy behind it. It argued that by changing the name to Open Source Software, the ideals expounded by Free Software will not be emphasised and subsequently may even be lost. This may result in a tendency for people to compromise and switch back to software which does not fulfill the Free Software definition. Many of the Open Source Licenses are recognised by the FSF as Free Software.
In everyday usage to all intents and purposes we can treat OSS and Free Software to be the same. In fact some people are now using term Free and Open Source Software (FOSS) to refer to open source and free software in general.
4. Why Is open-source software important?
Participation and Evolution
Open-source software provides an alternative software development model in which the development need not be made by a closed monolithic group of exclusive software engineers and programmers. In some projects anyone interested can participate in the development, and because the source code is readily available, everyone can scrutinise it, learn from it, and contribute to it. It should also be viewed as important in the context of the evolutionary process of software, whereby the wheel need not be reinvented continuously. This is one of the hallmarks of most scientific discovery whereby present day researchers build upon the free body of knowledge already available.
No Technology or Vendor Lock-in
Under open source, everyone has access to the source code and the freedom to modify, use and re-distribute the un-modified or modified code. This means that now anyone has the freedom to learn, redistribute and enhance the software. It prevents single vendor and technology lock-in since the code is there for all to see and so no one or vendor can implement some secret or proprietary technology. Instead it ensures that open standards are promoted and preserved. The compliance to open standards helps to bring about fairer competition based on technical merit and everyone or organisation, big or small, can participate.
Reliability
Free distribution of the source code also offers the avenue for open-source software to be more reliable. Many eyeballs will have scrutinised the source code and people will have been banging on it to see what breaks and fixing it in a kind of darwinian mutation by peer review that has produced some very reliable software. This peer review and feedback mechanism contributes to the transparency in the reliability and security aspects of software (i.e. you don’t just have to take the vendor’s word for it).
Alternatives
Open source provides the world an alternative model for the creation and dessemination of software. It offers a model that avoids the pitfalls of concentrating monopolistic power in the hands of a select few. It is a model which assures a free flow of ideas, technical competence, information and encourages intellectual cross-pollination. One can think of it as a transfer of technology in a natural manner.
Software Freely Available
While many of the Open Source or Free Software Licenses do not prohibit charging for the software, most of the major OSS is freely available for downloading over the Internet or for distribution on CD-ROMs with no licensing fees. This will benefit poorer societies such as those in the Third World in providing useful, good and affordable software running on affordable computers and networks.
5. Why is open-source software important to Malaysia?
OSS is especially important to a developing country like Malaysia which is striving to transform its economy into a technologu-driven and knowledge-based one.
The availability of source code is very important. It allows the local software people the oppportunity to “look under the hood” and learn. Typically in a less-developed country, what is lacking are people with skills in developing system software and these are crucial to implement any technology. It is no accident that many of the open source projects are of this nature since these are more challenging and interesting and tend to attract the interest of the software hacker. Open source promotes an environment conducive for technical and system development.
Most of the proprietary off-the-shelf software that the country use are from foreign vendors and it is totally dependent on these companies for its ICT implementations and projects. This dependence on software and technologies where we have little control or say can be overcomed to a large extent if OSS is used more, especially by the Government. In addition to savings on foreign exchnage and import expenses the ability to build and leverage on open source technologies will result in a critical mass of good local coders and this will help to build up the local software industry. Localised versions of software can be produced more easily too.
With the availability of source code and the freedom to change it and redistribute it, a country can make use of open source to Learn, Innovate and inVEnt (LIVE) ICT technologies. This is one of the most compelling reasons for a country to embrace the open source model.
6. Why is the open-source process/model important to the eductional institutions of Malaysia?
Open source is particularly important in the context of Malaysia’s education system. All schools are now encouraged to have computer and IT courses where students are supposed to learn
about computer technology and the Internet. However, given the current commercial PC operating environment, most of the students will only end up learning how to use the Windows Manager and some specific applications. To promote the hacker culture and mindset, we have to encourage our young to question, probe, experiment and innovate. The current Windows-based PC environment is a close source system and provides an inflexible environment for experimentation and probing under the hood. However if an open-source system like Linux
is used for the PCs in the schools, the operating environment and source code availability provides vast opportunities for teaching, learning and experimentation.
Furthermore it makes huge economical sense operating open-source environments in education institutions as many of these run on relatively inexpensive older Pentium PCs , are very powerful and of high quality. They are compatible with the Microsoft Windows systems widely used in schools to-day, and can co-exist on the same hard drive. There is also a wealth of documentation and support available.
What else can you ask for? Did we say it is almost free? We should be teaching/learning real computing and information technology basics (which is a science) and not just one commercial vendor’s products (which is a product).
7. What open-source software is available?
The list given below is only the tip of the iceberg. For a first hand look at the vast array of open-source software under development visit:
Freshmeat - http://freshmeat.net
Sourceforge - http://www.sourceforge.net
Open Source Directory - http://osdir.com
Multiuser Networked Operating Systems/Platforms
Linux - The most popular OSS operating system on the planet!
FreeBSD - Second only to Linux in terms of Open Source operating system usage
OpenBSD - Famous for its security settings and features
Internet/intranet Services and Applications
Apache web server - Accounts for over 60% of the web servers on the Internet
BIND name server - The software that provides the DNS (domain name service) for host name resolution. Many of the root name servers as well as the Internet backbone network ISPs use BIND.
http://www.isc.org/products/BIND/
Sendmail mail server - The most widely used email transport software on the Internet.
Software Development Platforms
GCC - The compiler for C, C++, Objective-C, Fortran, Java, and Ada that comes standard with all the major OSS operating systems
JBOSS - A popular open-source implementation of J2EE
Perl - A very popular language widely used in scripts to drive `live content’ on the World Wide Web.
PHP - A very popular scripting language for interactive web development and applications
Python - A popular object-oriented scripting language for web and other development
Zope - A popular web development platform based on Python
Database Systems
MySQL - A very popular open-source RDBMS
PostgreSQL - A popular open-source RDBMS with many advanced features
The Desktop Environment
GIMP - A powerful graphics image editor and manipulator.
GNOME - A popular open-source dekstop GUI environment
KDE - Another popular open-source dekstop GUI environment
Mozilla - The open-source evolution of the popular Netscape web browser, email and news clients
OpenOffice.org - An integrated office suite featuring wordprocessing, spreadsheet, drawing and presentation software largely compatible with Microsoft Office
SAMBA - An implementation of the Microsoft SMB server and client enabling open-source computers to communicate with Microsoft Windows networks
VNC - A remote control software for controlling GUI-desktops from a remote host
http://www.uk.research.att.com/vnc/
Xfree86 - An implementation of the X-Windows windowing system needed for running GUI applications
Ximian Evolution - A GUI desktop application for personal email, calender and diary having similar look and feel with Microsoft Outlook
8. Open Source Software licensing and copyright(/left)
One common misconception among many people is that there is no copyright for open source. All open-source software is copyrighted unless the authors or owners have released them to the public domain. The Open Source Initiative website lists down over 30 recognised Open Source Licenses - http://www.opensource.org/licenses/index.php
Here we list down the two most common types:
BSD-Style Licenses
These are probably the oldest type of Open Source software license. The licensees are given the option of creating derivative closed-source commercial software based on the original open source. In other words this category of license allows one to take an open-source software and redistribute it with or without modifications as proprietary software.
Software under this type of license include Apache, BIND, and FreeBSD.
General Public License (GPL)
This license was devised by the Free Software Foundation. It is a license using the “copyleft” concept. “Copyleft” requires that the product derived from the original open-source software must also be distributed under the same licensing regime as the original. Thus it cannot be turned into a closed-source product, although it can be a commercial product whereby the seller must transfer the full rights of freedom of distribution, modification etc. to the user.
The GPL is an example of a copyleft license. The Linux operating system is the most well known example of GPL licensing.
9. What about accountability and support for open-source software?
These two issues are frequently raised especially for open source adoption and acceptance in businesses and corporations.
Accountability
There is a misconcpetion by many people that OSS is developed and/or maintained by volunteer programmers and hobbyists solely with no single party fully accountable for it. In reality we find that for a mainstream open source project we have legally established non-profit foundations or normal businesses supporting the software. For example, Apache is supported through the Apache Software Foundation and Red Hat Linux is supported and maintained by Red Hat Corporation. The former is a well-established non-profit foundation while the latter is a commercial business entity.
What is true is that initially many open source projects are started off by enthusiasts and volunteers in wanting to solve some problems or implement some new technologies. However once a project becomes popular enough for mainstream usage all over the world, we find that a responsible body will have emerged to take charge of it. So in reality if one sticks to mainstream popular open-source software accountability will not be an issue.
Support
One of the most frequently cited reasons against using open-source software especially in corporations is the alleged lack of support. This is only a perceived problem. In essence there is little difference between open source and proprietary closed source commercial software in that for both we usually rely on our local vendor to support us if we do not want to do it ourselves. There exists professional companies providing service and support for open-source project deployment and implementation. In fact, with the source code made available, many competent vendors and IT personnel find that they manage to resolve deficiences by patching the code themselves. With a proprietary closed source software package they will have to wait for a (possible?) update by the software distributor before they can resolve the problem.
The Internet is another great source of informal support that is surprisingly (for the uninitiated!) efficient. With its myriad of websites, newsgroups, FAQs and HOW-TO documents available online it is an almost unlimited resource for resolving technical and configuration issues.
It should also be noted that many open-source products can be purchased commercially with support comparable with close source software.
10. Is open-source software secure?
A common charge against open source is that it is inherently insecure because as the source code is readily available, anyone can scrutinise it to look for bugs and vulnerabilities in both the design and coding. This is true in that with source code availability one can study the code and try to exploit any weaknesses found. The flip-side to this is that it also enables anyone who wishes, to flush out weaknesses in the design and coding thereby discovering the vulnerabilities before the attackers and making the software more secure. Source code availability also has many other advantages like enabling vulnerability fixes and/or workarounds without waiting for the code authors and independent checks and audits of the software code.
It should also be noted that the inavailability of source code does not prevent the discovery of vulnerabilities. Modern debugging and software development tools can be used to monitor and even disassemble and reverse-engineer the executables to look for bugs and vulnerabilities.
So the answer to the question of whether open source is secure or not depends very much on the software authors, just like close source. It is definitely intrinsically not less secure than close source and in fact as pointed out above there are several distinct advantages in using open source as far as security is concerned.
11. What business models are available for open-source software?
Since OSS usually can be obtained without licensing fees and charges, the traditional software business model of selling software to the mass market cannot be used. Other commercial business models have to be used. They include:
- Charge for services, support, customisation, training, etc. but not the software.
- Develop application using OSS platforms and tools. Product developed is not open source. This is no different from normal software development for close-source platforms.
- Develop tools and/or generic applications and open source them. Charge for the enhanced version(s).
- Dual licensing approach to software developed, one is open source, the other is commercially licensed. The most successful example of this business model is the MySQL database software.
99. Can I reproduce this FAQ and distribute it?
To make the information in this document as widely and freely accessible as possible, you are allowed to copy it and distribute it in whole or in part. It will be nice if you can acknowledge this website as the source of the information but we are not demanding it!
100. A little open-source software culture
First off, it is quite simply stated that the hackerdom culture is essentially a culture of giving and peer recognition. It is a mindset that values above monetary reward the pure satisfaction of solving problems and building things and gaining peer group recognition. It cultivates a gift culture whereby people contribute in a paradigm of voluntary mutual help. It can be a highly competitive paradigm, unforgiving in its vocal criticism of incompetence and pretenders.
The internet provided the medium for such a culture to take hold, and it is no surprise that the present day hacker culture traces it roots back to the earliest days of the internet and network
computing. This is detailed in the essay ‘A Brief History of Hackerdom’ http://catb.org/~esr/writings/hacker-history/hacker-history.html
We dare not hope to even attempt to categorize the open-source/hacker culture here, but can offer the new reader some guidelines and leads to information available. We recommend that you first throw out the misconceptions propagated by the mass media of ‘evil hackers’ wrecking havoc on the Internet.
We can also recommend you read essays by Eric Raymond and Richard Stallman for starters (do keep in mind that hackers can be playful characters so do read with a open mind):-
The GNU Manifesto - http://www.gnu.org/gnu/manifesto.html
What is Free Software - http://www.gnu.org/philosophy/free-sw.html
Categories of Free and Non-Free Software - http://www.gnu.org/philosophy/categories.html
Free Software Licenses - http://www.gnu.org/licenses/license-list.html
The Cathedral and the Bazaar - http://catb.org/~esr/writings/cathedral-bazaar/
How To Be A Hacker - http://www.catb.org/~esr/faqs/hacker-howto.html
The Jargon File - http://catb.org/jargon/
For a tongue-in-cheek essay on the rocky road to hacker-wizardhood check out
‘The Logitanaka’ - http://www.catb.org/~esr/faqs/loginataka.html
101. Hackers are not crackers
The term “hacker” has often been abused in the popular press as meaning a person who breaks into computer systems illegally. This is the furthest thing from the truth. Real hackers are people who share in the culture of expert programmers and networking wizards with a history tracing back to the origins of the internet at ARPAnet. Hackers solve problems and build things, and believe in voluntary mutual help.
The “pseudo-hacker” of notoriety should be properly termed “crackers” and are a destructive breed who break into computer systems for illegal purposes.
Endword: “Binaries May Die But Source Code Lives On”