Jump to content

Comparison of open-source and closed-source software

Add links
From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Kesla (talk | contribs) at 14:40, 8 June 2005 (Article created, information exported from open source). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

(diff) ← Previous revision | Latest revision (diff) | Newer revision → (diff)

The open source vs. closed source (alternatively called proprietary development) debate is sometimes heated.

Economics

The most obvious complaint against open-source software revolves around the fact that making money through some traditional methods, such as the sale of the use of individual copies and patent royalty payments, is much more difficult and sometimes impractical with open-source software. Moreover, many see the introduction of free software as damaging to the market for commercial software. Most software development companies sell licenses to use individual copies of software as their primary source of income, using a combination of copyright, patent, trademark and trade secret laws (collectively called intellectual property rights laws). Fees from sale and licensing of commercial software are the primary source of income for companies that sell software.

Additionally, some companies with large research and development teams develop extensive patent portfolios, with the purpose of making money from patent royalties. These companies can charge licensing fees for the use of their patents in software, however open source distribution creates the potential for an unlimited number of derived works using the patented technology without payment to the patent holder.

This complaint is countered by a large number of alternative funding streams, which are actually better-connected to the real costs of creating and maintaining software. After all, the cost of making a copy of a software program is essentially zero, so per-use fees are perhaps unreasonable. At one time, open-source software development was almost entirely volunteer-driven, and although this is true for many small projects, many alternative funding streams have been identified and employed for open source software:

  • give away the program and charge for installation and support (used by many Linux distributions).
  • "commoditize complements": make a product cheaper so that people are more likely to purchase a related product or service you do sell (this is a primary reason for OpenOffice.org; Sun gives away the office suite to encourage users to buy their computer hardware). (This is similar to The Gillette Company giving away razor handles so they could make money on razor blades, or Radio Shack giving away :CueCat scanners).
  • cost avoidance / cost sharing: many developers need a product, so it makes sense to share development costs (this is the genesis of the X Window System and the Apache web server).

Increasingly, open-source software is developed by commercial organizations. In 2004, Andrew Morton noted that 37,000 of the 38,000 recent patches in the Linux kernel were created by developers directly paid to develop the Linux kernel. Many projects, such as the X Window System and Apache, have had commercial development as a primary source of improvements since their inception. This trend has accelerated over time.

One argument against open-source software is that closed-source development allows more control over the final product, though this argument does little to support its assertion. The theory behind this argument is that open-source software is primarily a volunteer effort, while closed-source development is typically a salary-driven effort. By having monetary resources to fund developers and management, and the ability to control development in a given direction, closed-source proponents argue that development can be more efficient and more focused. But this argument misses key points. First, OSS may be, and is increasingly, supported by financial backing. Further, project control is independent of its source code status. An entirely external project may ignore an organization's needs. However, an organization can devote resources to ensure its needs are met. At the extreme end, an organization could "fork" an open source development project and add the critical components it needs. Ultimately, open-source software offers greater flexibility to end-users because any end user can take the program and modify it for their needs.

The success of large scale open-source projects such as Linux, FreeBSD, and Apache tend to discredit any argument against open source.

Within these very successful projects, there are some technological components missing due to the fact that no one has the time or effort to volunteer to do them, nor a commercial company whose interests cause it to fund such work. Of course, this also applies to proprietary products. Proprietary products also omit technological components because the expected return is less than other alternatives, even if they are important to a particular customer.

Many of the largest well-known open source projects are either legacy code (e.g., FreeBSD or Apache) developed a long time ago independently of the open source movement, or by companies like Netscape which open-sourced its code with the hope that they can compete better, or by companies like MySQL which use open source to lure customers for its more expensive licensed product. However, it is notable that most of these projects have seen major or even complete rewrites (in the case of the Netscape code, for example) and do not contain much of the original code.

Security

Open source advocates usually believe that open source programs are more secure, mostly because flaws in the code can be seen and fixed by anyone. Different studies reach different conclusions about security through obscurity versus open source. Closed source programs have fewer advisories, but open-source software usually has less times between flaw discovery and a patch or a fix. Closed source advocates, including Microsoft corporation, argue that since no one is responsible for open source, there is no way to know whether it has been fixed. Open Source advocates argue back that no one knows what bugs exist in a closed source product, since there is no one checking claims made by its vendor.

Some people believe that closed source software is more secure than open source software. With any given piece of software, it's much easier for a black hat to find and exploit security holes in any given piece of software when he has the source code than without it. For example, many open source web programs using php have serious security problems and although these problems are being fixed, they are only fixed when affected end users prompt the developers about the problem.

Other people believe that open source software is more secure than closed source software. The availability of open source code leads to faster discovery of security issues, and faster resolution of these issues. They point to the exploitation of proprietary software such as Microsoft Internet Explorer. But others claim that such software is exploited because it has a large market share -- making it an attractive target for attackers -- and claim that open-source software would also be exploited if it attracted the attention of those attackers. This argument is analogous to one in cryptography: it is believed that a secure encryption scheme has to be able to withstand attacks from people who have access to the code, and that security through obscurity is not a good thing. Though, cryptography and software development are very much different things.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Comparison_of_open-source_and_closed-source_software&oldid=14878980"