Introduction to Open Source and Free Software
By Thom Wysong
Two terms that appear with increasing frequency in the mainstream press are 'open source' and 'free software'. Over the next few years, they will also be appearing with increasing frequency in the Internet Voting, Online Democracy, and Public Election arenas. Open Source and Free Software - besides representing concepts - also represent communities of people, organizations, and resources.
What is Open Source and Free Software?
When a consumer purchases a word processing program, the discs in the package contain the instructions which tell the computer how to receive input from a keyboard, how to format documents, and how to check spelling. Normally, the discs contain these instructions in a form only the computer can understand - in computer-readable executable code.
There is another type of computer software gaining in popularity. With this other type of software you not only get a copy of the computer-readable executable code, but you also get a copy of the program's source code. This source code is the human-readable version of the computer instructions, which computer programmers used to create the program with.
Known as "open source" or "free software", these alternate types of computer programs are sometimes created by for-profit companies. It is more common, however, for open source programs to be created by a whole collection of people, usually all volunteer, who collaborate over the Internet. The software is then made available for everyone to download and use for free. Occasionally, one of these programs will become popular enough that not only do individuals contribute to its development, but companies and organizations do as well.
Why does it matter?
Advocates claim that "open source" and "free software" offer many benefits over "closed source", proprietary software. Among these benefits are quality, speed, cost, verifiability, and freedom.
Quality. The "open source" claim to increased quality rests on the "many eyes" principle. With this principle, the idea is that some software defects - known as "bugs" - are plainly visible to some people, but not to others. With this underlying understanding, it can be seen that a software program's initial developers may (and usually do) overlook some bugs in their code. With "closed source" software, this is a problem, since a small group of people is all that will likely ever see the program's source code. However, with "open source" software, the initial development group's blind-spots can be compensated for by all the other people that can look at the source code and spot defects which the initial developers missed. The idea is that with "many eyes", all defects can be spotted and fixed. The "many eyes" principle does not guarantee bug-free software, but it does help to reach that ideal.
Speed. Experience has shown that once a community of developers and users for any given piece of "open source" or "free software" reaches critical mass, that community begins to operate at Internet speed. New features are added to the software, new found bugs are fixed, and users can get their questions answered (for free) on the Internet - and all of this takes place at a faster rate than any "closed source" company can provide it. The open nature of the software enables and empowers the user community to take care of itself, instead of it having to be completely dependent on a particular company to provide all the solutions.
Cost. Since much "open source" and "free software" can be obtained for no cost, there is an obvious cost advantage up front. However, what is not always obvious is that this software still needs to be installed, configured, administered, and maintained. And, all of these activities cost time and, possibly, money. Even though maintaining an "open source" system may be just as costly as maintaining a "closed source" system, the cost of obtaining that "open source" system will most likely be significantly less.
Verifiability. With open software, users get an extra measure of "peace of mind". Since source code is provided, organizations and individuals alike can perform audits on the code. These audits insure that the computer program is (a) doing what it's supposed to do and (b) not doing what it's not supposed to do. Source code audits are necessary when security, reliability, and liability are issues. With "closed source" software these audits aren't possible, users simply have to blindly trust the software and the developers.
Freedom. Proprietary computer programs have a tendency to lead to users being "locked-in" to a specific vendor's "closed source" software product. This type of "lock-in" can lead to vendors charging clients a lot of money for upgrades or custom modifications. Since no one else has access to the source code, users either have to pay whatever price the vendor charges or entirely convert over to a different vendor's system - which can be even more expensive. However, with open software, users have the freedom to control their own systems. If "Vendor A" begins charging too much money for upgrades and modifications, or the timeliness and quality of support being offered by "Vendor A" becomes unacceptable, or if "Vendor A" goes out of business, then the user can simply switch to "Vendor B" or "Vendor C". What makes this situation substantially more attractive than the closed software scenario is that the user can switch vendors, without switching software systems. Since "Vendor B" and "Vendor C" both would have access to the source code, they would be able to provide upgrades, modifications, and support to the user's existing system, just as "Vendor A" was able to. But, they may be able to provide it with better timeliness, increased quality, or at a lower cost. Users, also, are free to upgrade and maintain open software on their own - without the assistance of a vendor - if they have the ability and desire to do so. The bottom line is that open software provides maximum flexibility and freedom, by transferring control from vendors to users.
Does this approach really work?
The Internet, with all of its massiveness, depends heavily on "open source" and "free software". Some excellent examples of Internet-related open software are GNU/Linux, OpenBSD, Perl, Apache, and Sendmail.
GNU/Linux (www.gnulinux.com), also known as "Linux", is probably the most well known piece of open software. The core of this operating system, known as the kernel, was initially developed by a Finnish college student back in 1991. Most of the rest of the operating system was already available at that time as part of the GNU Project (www.gnu.org/gnu/gnu-history.html). Since the early 1990's, hundreds of people from around the world have contributed to expanding and improving the Linux kernel. Not only is GNU/Linux popular with the several million individuals who use it, but it is becoming accepted in the corporate world as well. According to IDC, of all the copies of server operating systems shipped by vendors, GNU/Linux is the only operating system which increased its percentage of market share between 1998 and 1999 (news.cnet.com/news/0-1003-200-1546430.html).
OpenBSD (www.openbsd.org) is another open operating system with a reputation on the rise. Unlike GNU/Linux, the OpenBSD developer and user communities are relatively small. However, on the Internet, OpenBSD is regarded as one of the most secure operating systems available. The volunteer development team, headed by a Canadian, prides itself on its proactive approach to security - which has resulted in OpenBSD being "secure by default". The team's reputation is such that the US Department of Justice uses OpenBSD to store and transmit their "most sensitive data" using "260 copies of OpenBSD", according to a recent article in The Standard (www.thestandard.com/article/display/0,1151,17541,00.html).
Perl (www.perl.com) is a computer programming language that has been called "the duct-tape of the Internet". Many, many businesses use Perl to add functionality to their websites, including Yahoo, CNN, and Amazon.com. Every programming language has a program to translate human-readable source code into computer-readable executable code. This translating program is, itself, a piece of software. Many of these translating programs are "closed source" software. However, Perl's is not. The source code to its translating program is openly available and is continually being updated by a world-wide group of developers.
Apache (www.apache.org) is an "open source" web server. When a web browser is directed by a user to retrieve a web page, the browser sends its request to a web server. The web server then sends the requested web page back to the browser. The World Wide Web is chock full of web servers. Every one of the 20 million active websites on the Internet has at least one web server. And, according to the most recent Netcraft survey, Apache powers more websites than all other web servers combined. It has consistently been the leading web server since April 1996. A group of volunteer developers from all over the world expand and improve the Apache Web Server on a continuing basis. The home page for the Apache Web Server is at www.apache.org/httpd.html.
Sendmail (www.sendmail.com) is, more or less, an electronic mailman. It is a program that transports e-mail across the Internet and private networks. According to an article in Salon, an estimated 60% to 80% of the email which travels across the Internet, is transferred by Sendmail servers (www.salon.com/21st/feature/1998/12/cov_11feature.html). Sendmail, also, is open software.
Forbes magazine realized that "open source" and "free software" were on the rise some time ago. They provided their readers with an excellent introduction on the topic as the cover story for their August 10, 1998 issue. That story offers BIND and Netscape's web browser as additional examples of open software. (www.forbes.com/forbes/98/0810/6203094a.htm)
Two Definitions of Open Source
The term "open source" is somewhat confusing, because it has two different definitions. There is an assumed definition and a more correct definition.
The assumed definition of "open source" is something like "software whose human-readable 'source code' is available to be viewed by the general public". Without further explanation, people simply assume that this is what the term means. It should be noted, however, that this assumed definition of "open source" is considered to be an incorrect use of the term.
The more correct and more widely used definition of "open source" is "any software released under licensing terms which comply with the 'Open Source Definition' ". The "Open Source Definition" is spelled out at www.opensource.org/osd.html. The more correct definition of "open source" involves more than simple access to source code. Sometimes (though not always) people use a capital "O" and a capital "S", when they refer to Open Source in their writings.
Key People, Organization, and Resources of Open Source
The "Open Source Initiative" (OSI), founded in 1998, is the organization which defines the Open Source movement. Eric Raymond and Bruce Perens were two of the people who were fundamental in getting OSI off the ground. Eric has both written and spoken extensively on the topic of Open Source. Bruce was the primary author of the 'Open Source Definition'. Both are still relatively visible in the Open Source world.
When reading Open Source related material on the Internet, it's not unusual to come across a few common acronyms - which are usually unexplained. The Open Source community is, just as the broader technical community is, rather fond of acronyms. When accessing this material, it's good to keep in mind that OSI stands for "Open Source Initiative"; ESR stands for "Eric S. Raymond"; and OSS stands for "Open Source software". It should also be noted that "OS" is the acronym for "operating system" and should NOT be used to refer to Open Source - OSS should be used instead.
Three excellent papers are available, written by Eric Raymond, which explain the Open Source world in more depth. They are The Cathedral and the Bazaar, Homesteading the Noosphere, and The Magic Cauldron. Books available on Open Source include Open Sources, The Cathedral and the Bazaar (a book which includes the three papers just mentioned, as well as other writings), Open Source Licensing, and Under the Radar. A history of Open Source is available atwww.osdn.com/history.shtml. More information on Open Source is available at www.opensource.org.
Two Definitions of Free Software
"Free software" is a term used in some of the same circles that "open source" is used. To most people, the meaning of this term seems obvious. However, the obvious interpretation of the term is not necessarily the correct interpretation.
Just as with "open source", the term "free software" has a double meaning. Again, there is both an assumed definition and a more correct definition.
The assumed definition of "free software" is something like "software which costs nothing to obtain". Without further explanation, people automatically assume that this is what the phrase means. However, it should be noted that, here also, the assumed definition of "free software" is considered to be an incorrect use of the term.
The more correct and widely used definition of "free software" has nothing to do with cost, it has to do with your rights once you obtain the software. It has to do with your freedom to do with the software almost anything you want to, once you obtain a copy of it (even if you paid for that copy). Sometimes (though not always) people use a capital "F" and a capital "S", when they refer to Free Software in their writings.
Key Person, Organization, and Resources of Free Software
The "Free Software Foundation" (FSF) is the organization which defines the Free Software movement. Closely related to FSF is the "GNU Project", which was launched in 1984 to develop a complete operating system - the GNU system - which would be available as Free Software. The increasingly popular GNU/Linux operating system is a variant of the GNU system. FSF and the "GNU Project" were both founded by Richard Stallman.
Just as with Open Source, the Free Software community has its own set of acronyms. When accessing Free Software related material, it's good to keep in mind what these acronyms are. FSF stands for the "Free Software Foundation". GNU often refers to either the "GNU Project" or some piece of software related to that project. RMS or simply "Stallman" refer to "Richard M. Stallman". "Copyleft" refers to a unique, inverted-copyright concept which FSF has pioneered. And, GPL stands for the "GNU General Public License" - the granddaddy of all Free Software and Open Source licenses.
Hackers, by Steven Levy, and Free for All, by Peter Wayner, are two book available on Free Software. More information on "Linux and GNU" is available at www.gnu.org/gnu/linux-and-gnu.html and on "copyleft" at www.gnu.org/copyleft/copyleft.html. The full text of the GPL is available at www.gnu.org/copyleft/gpl.html. And, a more complete explanation of Free Software is available at www.gnu.org/philosophy/free-sw.html or at www.gnu.org.
The Relationship between Open Source and Free Software
As for the relationship between Open Source and Free Software, the answer you get depends on whom you ask.
Open Source advocates tend to view Free Software as a subset of Open Source. All of the licenses which are approved as Free Software licenses (www.gnu.org/philosophy/license-list.html) are all also approved as Open Source licenses (www.opensource.org/licenses/). However, the reverse is not true. Open Source advocates consider the pragmatic benefits of open software development, and the inherent weaknesses of closed software development, to be the primary issue.
Free Software advocates, however, consider freedom to be the primary issue and tend to view Free Software as a movement which is entirely separate and distinct from Open Source.
More on this distinction is available from Richard Stallman, with the Free Software perspective, at www.gnu.org/philosophy/free-software-for-freedom.html.
And from Eric Raymond, with the Open Source perspective, at www.tuxedo.org/~esr/writings/shut-up-and-show-them.html.
As a side note, ESR's use of the words "hacker" and "hacking" simply mean "someone who loves to write code" and "writing code", respectively. The entire Open Source and Free Software communities use these words basically the same way. Eric's use of these terms, in the article referenced, has no connection to the common misconception that "hacker" and "hacking" are synonymous with "computer criminal" and "illegally breaking into a computer system". These are definitions which have been spread by the popular media, but which are inconsistent with the words' original meaning. A better feel for the correct meaning of these words can be obtained by reading Steven Levy's book Hackers or Eric Raymond's essay "How to Become a Hacker" (www.tuxedo.org/~esr/faqs/hacker-howto.html). The terms "system cracker" (analogous to a "safe cracker"), "malicious hacker", "black-hat hacker", or simply "black-hat" are more commonly used to refer to "computer criminals" by those who understand this distinction.
As can be seen from the articles just referenced, the debate between the Open Source point person (ESR) and the Free Software point person (RMS) can be quite contentious on the surface. However, if you follow the dialog long enough, it can be seen that there is actually quite a bit of respect which flows in both directions.
Hopefully this will help everyone to successfully navigate the somewhat confusing labyrinth of the Open Source and Free Software worlds.
Recognition and thanks go out to Eric Raymond of OSI, Jason Kitcat of FREE, Eva Waskell of The Bell, Andy Oram of O'Reilly and others who chose not to be recognized - for providing valuable feedback on this article.
Thom Wysong has been programming computers as a hobby since 1982 and professionally since 1994. He currently is based out of Washington DC and works full-time on the Techno Democracy Project.
"Introduction to Open Source and Free Software" (version 1.1) Copyright © October 2000 by Thom G. Wysong
Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.