Visit us at it-sa 2024!

GetyourfreeticketGetyourfreeticket

Home>

Open source

Code

What is open source?

Open source generally refers to software whose source code is freely available and can be viewed by independent third parties. Depending on the underlying open source license, it can also be used, changed, and redistributed more or less freely. However, no license fees may be charged.

Myra Services on this topic: Flexible protection against a wide range of threat scenarios with the Myra Hyperscale WAF

At one look

  1. 1. A definition of open source
    1. 2. What is open source software (OSS)?
      1. 3. What is the difference between open source software, free software, and proprietary software?
        1. 4. What are the main differences in open source licenses?
          1. 5. What are the advantages of open source software?
            1. 6. What are some examples of open source software?
              1. 7. Is open source software secure?
                1. 8. What you need to know about open source
                  Two people sit in front of a laptop and write code

                  01

                  A definition of open source

                  The term “open source” was adopted by the Open Source Initiative (OSI) in 1998. It originated with open source software (OSS) and describes a decentralized, collaborative working model: a developer community shares knowledge with each other to solve problems and jointly maintain and improve a project for the benefit of all. This collective approach is a key feature of open source. Specifically, it is expressed in the fact that the source code is freely accessible and may be used, copied, and distributed by anyone for (almost) any purpose. This also includes the waiver of royalties or license fees. However, open source software does not necessarily have to be free of charge – a provider may, for instance, charge for the provision of software collections (distributions) and support.

                  02

                  What is open source software (OSS)?

                  According to the official definition of the Open Source Initiative, free access to the source code alone is not enough for a program to be considered open source software. It must comply with the following criteria:

                  Free redistribution

                  The license must allow anyone to redistribute the software or sell it as part of a distribution. But no royalties or license fees may be charged.

                  Source code

                  The source code of the software must be available in a clearly readable form.

                  Derived works

                  The license must allow modifications and derived works and permit their redistribution under the same terms as the original software.

                  Integrity of the author’s source code

                  While the license must permit the distribution of software with modified source code, it may require that derived works carry a different name or version number.

                  No discrimination against persons or groups

                  The license must not discriminate against any person or group of persons.

                  No discrimination against fields of endeavor

                  The license must not restrict the use of the software for certain purposes or fields of endeavor, such as being used in a business.

                  Distribution of license

                  The license must apply to everyone to whom the software is redistributed. No additional licenses may be issued.

                  License must not be specific to a product

                  The license must not depend on whether the software is part of a particular distribution. It must also apply if the program is used independently or redistributed together with other software.

                  License must not restrict other software

                  The license must not place restrictions on other software that is distributed with the licensed software.

                  License must be technology-neutral

                  The license must not restrict the distribution of the software to a specific technology.

                  03

                  What is the difference between open source software, free software, and proprietary software?

                  Synonymous with open source software, the term “free software” is also frequently used. Both terms embrace the same main idea of freely accessible software – analogous to the free exchange of knowledge and ideas. According to the Free Software Foundation (FSF), however, there are clear differences in the underlying philosophy: open source primarily concerns the practical advantages obtained from the method of open collaboration in software development. Also implicit in the term “free software” – which was coined in the 1980s – is a social movement that advocates freedom and justice.

                  According to the FSF definition, free software is software that respects users’ freedom and community.

                  In this context, “free” does not mean “free of charge” as in free beer or freeware, but should instead be understood as a matter of free speech. This roughly means that users have the freedom to run, copy, distribute, study, change, and improve the software.

                  This is in contrast to proprietary software, the use and distribution of which is severely restricted by legal provisions on the part of the manufacturer. The source code of proprietary software is not freely available and therefore cannot be viewed, modified, or redistributed. In addition, such proprietary software can usually only be used by paying for it. Only a right of use is granted in the form of a license. The software itself remains the property of the manufacturer, who holds the copyright and thus retains complete control over the product.

                  04

                  What are the main differences in open source licenses?

                  Open source software is made available under a variety of licenses. What they all have in common is that they grant the licensee a right to copy and modify the software. The most important distinguishing feature is what requirements are imposed on the redistribution of modified versions or derived works. The best way to distinguish between the different types of licenses is on the basis of the “copyleft effect”:

                  • Strict copyleft licenses: Licensees are required to make changes to derived works only under the terms and conditions of the original license. Examples: GNU General Public License (GPL), Open Software License (OSL)

                  • Limited copyleft licenses: Certain modifications or derived works are exempt from the copyleft effect, so they do not have to be licensed under the license of the original work. Examples: GNU Lesser General Public License (LGPL), Mozilla Public License (MPL)

                  • Licenses with no copyleft effect (“permissive licenses”): Licensees enjoy all the freedoms of an open source license, but do not have to honor any terms regarding the type of license used. Modified versions can thus be redistributed under any license terms, including as proprietary software, for instance. Examples: MIT License, BSD License, Apache License

                  An overview of all major open source licenses can be found at the Institut für Rechtsfragen der Freien und Open Source Software (Institute for Legal Issues of Free and Open Source Software).

                  05

                  What are the advantages of open source software?

                  Open source software has a number of advantages. The most obvious is that it can usually be used free of charge because, unlike commercial software, no license fees have to be paid. In addition, there is no risk of vendor lock-in, which makes it difficult to switch to another product or vendor later on. Companies can modify open source software (or have it modified) to suit their needs, depending on the underlying license, to create custom solutions.

                  Another key advantage is the generally high level of commitment on the part of the developer community. Since many independent developers work together on the code and check it continuously, errors and vulnerabilities are often found and eliminated quickly. This has a positive effect on the quality, stability, and security of the software.

                  An overview of the advantages of open source software:

                  • No royalties or license fees

                  • No dependence on a single manufacturer

                  • Transparency from insight into the source code

                  • Interoperability through open standards and file formats

                  • Software can be flexibly adapted to individual needs

                  • Fast and efficient troubleshooting due to the “many eyes” principle and swarm intelligence

                  • High level of IT security because anyone can check the code for vulnerabilities or backdoors

                  • Savings through shared development costs in open source projects

                  • Lower development costs through the use of OSS components

                  • Accelerated innovation because not all parts of a software program need to be rewritten and companies can try different solutions with no cost risk

                  Laptop with code on the screen

                  06

                  What are some examples of open source software?

                  Open source components are now part of many commercial applications, which is why corporations such as Microsoft, Google, Amazon, Intel, IBM, Hewlett-Packard, Oracle, and SAP have also become involved in open source projects. OSS is accordingly widespread in the software landscape and also runs most of the internet. Open source plays an important role in things like (server) operating systems, web and mail servers, databases, programming languages, and content management systems (CMS). In addition, there are many other fields of application.

                  Common uses and well-known examples of open source software:

                  • (Server) operating systems: GNU/Linux

                  • Web servers: Apache, Nginx

                  • Mail servers: Open-Xchange, Zimbra

                  • Databases: MySQL, Hadoop, MariaDB

                  • Programming languages: PHP, Python, Java, Ruby

                  • Content management systems: TYPO3, WordPress

                  • Cloud/virtualization: OpenStack, Docker, Kubernetes, KVM

                  • Encryption: GnuPG, OpenSSH, OpenSSL, OpenVPN

                  • Desktop applications: Mozilla Firefox and Thunderbird, LibreOffice, OpenOffice, GIMP

                  07

                  Is open source software secure?

                  Actively maintained open source software is generally considered to be at least as secure as proprietary software. Its greatest advantage is transparency: since the source code is freely accessible, any person with the necessary programming skills can check the code themselves instead of having to rely on the manufacturer’s assurances of security.

                  In this context, critics of open source argue the exact opposite, that free access to the source code makes it easier to sneak in malicious code. According to “The 2020 State of the Octoverse” report from the GitHub distributed version control and source code management platform, however, only 17 percent of all security vulnerabilities in open source software were attributable to malicious tampering with the code (e.g., attempted installation of backdoors), the remaining 83 percent were the result of programming mistakes. As a rule, thanks to the “many eyes” principle, such problems and vulnerabilities are quickly detected and promptly fixed by the developer community.

                  In addition, the developers of open source software, who are usually known by name, are also concerned about their reputation and do not want to be associated with malicious code. For this reason alone, security has always been a high priority in open source projects. That does not mean that open source software is secure per se. But trustworthy projects with a controlled development process and a committed community deliver products that are at least as secure as those released by manufacturers of proprietary software.

                  Cell phone and laptop with code on the screen

                  08

                  What you need to know about open source

                  Open source describes a collaborative development methodology based on the free exchange of knowledge and ideas. Accordingly, the source code of open source software, in contrast to that of proprietary software, is freely accessible and can be viewed by all interested parties and, depending on the licensing terms, used, copied, modified, and redistributed more or less without restriction. Open source licenses also mandate the waiver of royalties and license fees. The greatest benefits of open source software are its transparency, flexibility, and cost efficiency. The level of security is usually at least equal to that of proprietary software. As a result, open source software is also suitable for professional use in companies or government agencies. The German Bundestag, for example, uses the GNU/Linux operating system and other open source software for its servers. The majority of the internet also runs on open source software. And since 2018, the 500 most powerful supercomputers in the world (Top 500) have also been running exclusively on Linux.

                  © Myra Security GmbH 2024, all rights reserved

                  Responsible DisclosureLegal noticePrivacy policyPrivacy SettingsTerms and Conditions