[OCLUG-Tech] what are the five myths about open source?
a colleague wants to write an article along the lines of the most pernicious myths about open source software. so, in your opinion, what would those be? let's stick to the top five, along with their brutal and savage debunking. thanks. rday -- Robert P. J. Day Ottawa, Ontario, CANADA http://crashcourse.ca Twitter: http://twitter.com/rpjday LinkedIn: http://ca.linkedin.com/in/rpjday ___ Linux mailing list Linux@lists.oclug.on.ca http://oclug.on.ca/mailman/listinfo/linux
Re: [OCLUG-Tech] what are the five myths about open source?
On 11-06-28 08:25 AM, Robert P. J. Day wrote: a colleague wants to write an article along the lines of the most pernicious myths about open source software. so, in your opinion, what would those be? let's stick to the top five, along with their brutal and savage debunking. thanks. rday #1. Open-source is written by amateurs and must be very-low quality. #2. Open-source can only imitate, not innovate. #3. Open-source is harder to use. #4. Open-source is harder to install. #5. You get what you pay for: open-source can not be used to do real work. -- Just my 0.0002 million dollars worth, Shawn Confusion is the first step of understanding. Programming is as much about organization and communication as it is about coding. The secret to great software: Fail early often. Eliminate software piracy: use only FLOSS. ___ Linux mailing list Linux@lists.oclug.on.ca http://oclug.on.ca/mailman/listinfo/linux
Re: [OCLUG-Tech] what are the five myths about open source?
Given my background in IT security, one of the myths I saw about OpenSource (at least in large corporate offices) is that it is less secure and dangerous. Because of the other myths previously mentioned, IT security people who only work in the closed source world see the OpenSource as a threat, as the inside of the software is revealed, and thus, anyone can insert some trojan or malware. Actually, OpenSource is more secure, as if one does not trust a compiled program, he/she can recompile from source, and perform a full source code inspection, which cannot be performed on closed programs. It took a lot of efforts for US government and then other governments to get their hands on Windows source code, invoking national security. Even then, what the consumer/user gets is a closed program. JF --- Moi, je suis Linux, Et Windows 7, c'était pas mon idée !... I am Linux, And Windows 7 was NOT my idea !... Original Message Subject: [OCLUG-Tech] what are the five myths about open source? From: Robert P. J. Day rpj...@crashcourse.ca Date: Tue, June 28, 2011 8:25 am To: Ottawa Linux Users Group linux@lists.oclug.on.ca a colleague wants to write an article along the lines of the most pernicious myths about open source software. so, in your opinion, what would those be? let's stick to the top five, along with their brutal and savage debunking. thanks. rday -- Robert P. J. Day Ottawa, Ontario, CANADA http://crashcourse.ca Twitter: http://twitter.com/rpjday LinkedIn: http://ca.linkedin.com/in/rpjday ___ Linux mailing list Linux@lists.oclug.on.ca http://oclug.on.ca/mailman/listinfo/linux ___ Linux mailing list Linux@lists.oclug.on.ca http://oclug.on.ca/mailman/listinfo/linux
Re: [OCLUG-Tech] what are the five myths about open source?
On Tue, 28 Jun 2011, Shawn H Corey wrote: On 11-06-28 08:25 AM, Robert P. J. Day wrote: a colleague wants to write an article along the lines of the most pernicious myths about open source software. so, in your opinion, what would those be? let's stick to the top five, along with their brutal and savage debunking. thanks. rday #1. Open-source is written by amateurs and must be very-low quality. #2. Open-source can only imitate, not innovate. #3. Open-source is harder to use. #4. Open-source is harder to install. #5. You get what you pay for: open-source can not be used to do real work. those are good, thanks. rday -- Robert P. J. Day Ottawa, Ontario, CANADA http://crashcourse.ca Twitter: http://twitter.com/rpjday LinkedIn: http://ca.linkedin.com/in/rpjday ___ Linux mailing list Linux@lists.oclug.on.ca http://oclug.on.ca/mailman/listinfo/linux
Re: [OCLUG-Tech] what are the five myths about open source?
On Tue, 28 Jun 2011, Jean-Francois Messier wrote: Given my background in IT security, one of the myths I saw about OpenSource (at least in large corporate offices) is that it is less secure and dangerous. Because of the other myths previously mentioned, IT security people who only work in the closed source world see the OpenSource as a threat, as the inside of the software is revealed, and thus, anyone can insert some trojan or malware. Actually, OpenSource is more secure, as if one does not trust a compiled program, he/she can recompile from source, and perform a full source code inspection, which cannot be performed on closed programs. It took a lot of efforts for US government and then other governments to get their hands on Windows source code, invoking national security. Even then, what the consumer/user gets is a closed program. i've been thinking about this more since it appears i might be helping to *write* this article and i'm not sure i can fit this into an equivalent sound bite but here goes. of course it's useful to have the source for any program so that, if you're sufficiently paranoid, you can line-by-line check the source. but as i'm sure many of you know, this argument seems to have less effect than we would have guessed. however, these days, it's not just the source code that one has access to. in *many* cases, one has access to the actual version control repository of a lot of these projects, and that's an amazingly useful thing in the sense of being able to see not just the current source but its progress over time, including the commits, their exact content, their rationale, the committer and so on. i think this is far more useful than just access to the source. what it means is that, rather than having to recheck the entire code base for each release, one need only check the change log/commit set to see *exactly* what's happened, and why, and by who. i certainly expect that i don't need to expand on the value of that on this list. however, now i need to find a way to make that point succinctly and in a couple of paragraphs for maximal effect. rday -- Robert P. J. Day Ottawa, Ontario, CANADA http://crashcourse.ca Twitter: http://twitter.com/rpjday LinkedIn: http://ca.linkedin.com/in/rpjday ___ Linux mailing list Linux@lists.oclug.on.ca http://oclug.on.ca/mailman/listinfo/linux
Re: [OCLUG-Tech] what are the five myths about open source?
On Tue, 28 Jun 2011, Shawn H Corey wrote: On 11-06-28 09:57 AM, Jean-Francois Messier wrote: Actually, OpenSource is more secure, as if one does not trust a compiled program, he/she can recompile from source, and perform a full source code inspection, which cannot be performed on closed programs. It took a lot of efforts for US government and then other governments to get their hands on Windows source code, invoking national security. Even then, what the consumer/user gets is a closed program. The other complaint is that no-one has the time to look at the source, therefore security breaches will be missed. But to paraphrase Linus, Many eyes make all security breaches shallow. Someone will look at the source and if they find something, will inform the community. In numbers lie security. see my last post. i'm becoming increasingly convinced that simple access to the entire current code base isn't *remotely* as important as access to the entire version control log. and that's what i think i'll emphasize. rday -- Robert P. J. Day Ottawa, Ontario, CANADA http://crashcourse.ca Twitter: http://twitter.com/rpjday LinkedIn: http://ca.linkedin.com/in/rpjday ___ Linux mailing list Linux@lists.oclug.on.ca http://oclug.on.ca/mailman/listinfo/linux
Re: [OCLUG-Tech] what are the five myths about open source?
On 11-06-28 11:33 AM, Robert P. J. Day wrote: see my last post. i'm becoming increasingly convinced that simple access to the entire current code base isn't*remotely* as important as access to the entire version control log. and that's what i think i'll emphasize. It does not necessarily follow that security breaches will be properly commented in the version-control log. In fact, if they were clever, they would make false and misleading comments about the changes they made. :) -- Just my 0.0002 million dollars worth, Shawn Confusion is the first step of understanding. Programming is as much about organization and communication as it is about coding. The secret to great software: Fail early often. Eliminate software piracy: use only FLOSS. ___ Linux mailing list Linux@lists.oclug.on.ca http://oclug.on.ca/mailman/listinfo/linux
Re: [OCLUG-Tech] what are the five myths about open source?
On Tue, 28 Jun 2011, Shawn H Corey wrote: On 11-06-28 11:33 AM, Robert P. J. Day wrote: see my last post. i'm becoming increasingly convinced that simple access to the entire current code base isn't*remotely* as important as access to the entire version control log. and that's what i think i'll emphasize. It does not necessarily follow that security breaches will be properly commented in the version-control log. In fact, if they were clever, they would make false and misleading comments about the changes they made. :) don't worry, i can see your smiley face there. of course security breaches won't be commented thusly (ah, if only crackers were so accommodating), but given a decent revision control system, it would be trivial to, you know, git diff or git log to check the changes isolated to security-related parts of the code base. one need not examine the entire code base, only those parts that a) have clearly changed lately, and b) have something to do with security. and a decent revision control system would make that amazingly easy. rday -- Robert P. J. Day Ottawa, Ontario, CANADA http://crashcourse.ca Twitter: http://twitter.com/rpjday LinkedIn: http://ca.linkedin.com/in/rpjday ___ Linux mailing list Linux@lists.oclug.on.ca http://oclug.on.ca/mailman/listinfo/linux
Re: [OCLUG-Tech] what are the five myths about open source?
On Tuesday 28 June 2011 08:25:06 Robert P. J. Day wrote: a colleague wants to write an article along the lines of the most pernicious myths about open source software. so, in your opinion, what would those be? let's stick to the top five, along with their brutal and savage debunking. thanks. One of the myths is that you can't get support for Open Source Any one who has had to call a help desk knows that you can't get support for paid software unless you're a big client. With open source you can actually contact the author. -- Collector of vintage computers http://www.ncf.ca/~ba600 ___ Linux mailing list Linux@lists.oclug.on.ca http://oclug.on.ca/mailman/listinfo/linux
Re: [OCLUG-Tech] what are the five myths about open source?
On Tue, Jun 28, 2011 at 09:01:07PM -0400, Mike Kenzie wrote: On Tuesday 28 June 2011 08:25:06 Robert P. J. Day wrote: a colleague wants to write an article along the lines of the most pernicious myths about open source software. so, in your opinion, what would those be? let's stick to the top five, along with their brutal and savage debunking. thanks. One of the myths is that you can't get support for Open Source Any one who has had to call a help desk knows that you can't get support for paid software unless you're a big client. With open source you can actually contact the author. ...or pay a consultant to figure it out from published sources. This is why many governments are starting to see the value in open file formats, if not open source software, so they won't be held hostage by proprietary vendors. Collector of vintage computers http://www.ncf.ca/~ba600 slainte mhath, RGB -- Richard Guy Briggs -- ~\-- ~\hpv.tricolour.net www.TriColour.net-- \___ o \@ @ Ride yer bike! Ottawa, ON, CANADA -- Lo___M__\\/\%__\\/\% Vote! -- greenparty.ca_GTVS6#790__(*)__(*)(*)(*)_ ___ Linux mailing list Linux@lists.oclug.on.ca http://oclug.on.ca/mailman/listinfo/linux