Open-source is an awesome concept in software.

The appeal of open-source to developers varies – for some it’s about sharing, and ensuring their work can be reused; for others it’s about working in a community of like-minded people, and for others it’s a more fundamental political belief in freedom.

For government and other organisations open-source software has a couple of key attractions, including the ability to manage cost better and more fairly, and the freedom from restrictive licensing arrangements.

I don’t believe open-source isn’t the one-and-only-true-way for organisations to buy software, but it’s a very credible and serious part of the mix: In our business we use a mix of closed-source commercial software from vendors like Adobe, Apple and Microsoft, we use a lot of open-source software (like Apache, WordPress, Plone, Jquery, mySQL, FreeBSD and many more), and we use web-apps with smart billing models like ZohoCRM, Pingdom and Campaign Monitor. Open source is particularly good for systems that become capital assets (i.e. the organisation needs to own and operate the system for many years).

I’ll write more about the benefits of open-source for government another time; meanwhile after my baby (who is sick and a sad little man :|) woke me up at 4am this morning, I started thinking about a couple of commonly-repeated myths about open-source. As I’m still awake now at 6am, I thought I’d share them.

1. Open-source is inherently more secure than closed-source software. MYTH

This is not true. The security of any piece of software is dependent on complex choices made during the design of that software. The license meanwhile is simply a legal document detailing how the software may be used. Thought about this way, it becomes obvious that the security of any given piece of software has nothing to do with its license.

Open-source in general is therefore neither more nor less secure than closed-source software in general.

However when security flaws are found, users of closed-source software are entirely dependent on the vendor to provide a security fix. A closed-source vendor might be highly responsive to such issues, if they are motivated by quality, reputation and doing the right thing (or by punitive contract terms); or they might not be responsive, in which case users have no-one else to turn to. For open-source software, other people can provide the fix.

2. By using open-source, you’ll automatically gain an army of enthusiastic talented developers who will work on your problems for free. MYTH

This is untrue, ridiculous even. It’s been labelled the ‘pizza myth’: the idea that many government problems can be solved by getting developers in a room for a weekend and giving them pizza. Here’s a more realistic picture:

  • many software developers work on open-source projects, in their own time, for free, for fun. They work on what interests them, in their own time, at their own pace.
  • software development is hard, and demands specific abilities and training. It’s generally a reasonably (but not excessively) well-paid profession
  • open-source projects attract the kind of developers who by nature abhor much of what government stands for. They generally loathe bureaucracy, hieararchy, risk-aversion, centralised planning and compliance with rules they don’t respect.
  • developers may not always be the most outgoing and sociable people (some are, many are not), but one thing most are very good at is maths. One interesting piece of maths for a developer might go like this: “public sector spends a lot of money on a lot of things + I’m being asked to provide something valuable for free to public sector + the people asking are meanwhile getting paid to do their job + problem may not be that interesting = exploitation”.
  • The addition of “but we’ll give you free pizza to work on Government’s problems” to the argument just adds an additional mild level of insult to the already unappealing proposition.

And the net result of this is…well mostly nothing. There is no terracotta army of developers, willing to work for government for free, and simply waiting for the order to march. They’re busy modding minecraft 😉

*Disclaimer: I think this myth has arisen because some in government have lent a willing ear to a *very* small number of developers and open-source advocates who are prepared to work for free on public problems. Being so enthusiastic for their cause, they assume lots of other people like them will be infected by the same enthusiasm. Those people won’t…they’re busy modding minecraft 😛

Neither of these myths mean open-source is any less useful or attractive for government, but they are unhelpful myths and don’t redeem themselves by being funny or outrageous, so it would be nice if they were taken outside and quietly dispatched with minimum fuss. And now it might just be time for tea, and a day’s work.

cheers,

Andy


Coda: I’ve had feedback from a couple of people who think this post was anti-open-source. It’s not. I believe Government should have a (non-exclusive) preference for open-source when spending money on software. I believe open-source is a great way to combine innovation, value for the taxpayer, and the sustainability of a tech economy.