How Open Source Code Work

Open-source software (OSS) is software that is distributed with its source code, making it available for use, modification, and distribution with its original rights. Source code is the part of the software that most computer users don’t ever see; it’s the code computer programmers manipulate to control how a program or application behaves. Programmers who have access to source code can change a program by adding to it, changing it, or fixing parts of it that aren’t working properly. OSS typically includes a license that allows programmers to modify the software to best fit their needs and control how the software can be distributed.

The idea of making source code freely available originated in 1983 from an ideological movement informally founded by Richard Stallman, a programmer at MIT. Stallman believed that software should be accessible to programmers so they could modify it as they wished, with the goal of understanding it, learning about it, and improving it.I Stallman began releasing free code under his own license, called the GNU Public License. This new approach and ideology surrounding software creation took hold and eventually led to the formation of the Open Source Initiative in 1998.

When a project is open source, that means anybody is free to use, study, modify, and distribute your project for any purpose. These permissions are enforced through an open source license.

Open source is powerful because it lowers the barriers to adoption and collaboration, allowing people to spread and improve projects quickly. Also because it gives users a potential to control their own computing, relative to closed source. For example, a business using open source software has the option to hire someone to make custom improvements to the software, rather than relying exclusively on a closed source vendor’s product decisions.

Free software refers to the same set of projects as open source. Sometimes you’ll also see these terms combined as “free and open source software” (FOSS) or “free, libre, and open source software” (FLOSS). Free and libre refer to freedom, not price.

OSS is shared in a public repository, granting access to anyone who wants to work on the source code. However, open-source software tends to come with a distribution license, which establishes how people can interact, modify, and share the OSS.

Once changes are made to the source code, the OSS should signify those changes and what methods were used to make them. Also, depending on the license, the resulting OSS may or may not be required to be free. With that, most open-source software is free but some require up-front costs or subscription fees.

Open source code is usually stored in a public repository and shared publicly. Anyone can access the repository to use the code independently or contribute improvements to the design and functionality of the overall project.

OSS usually comes with a distribution license. This license includes terms that define how developers can use, study, modify, and most importantly, distribute the software. According to the Synopsys Black Duck® KnowledgeBase, five of the most popular licenses are:

  • MIT License
  • GNU General Public License (GPL) 2.0—this is more restrictive and requires that copies of modified code are made available for public use
  • Apache License 2.0
  • GNU General Public License (GPL) 3.0
  • BSD License 2.0 (3-clause, New or Revised)—this is less restrictive

When source code is changed, OSS must include what was altered as well as the methods involved. Depending on the license terms, the software resulting from these modifications may or may not be required to be made available for free.

What’s the difference between free, closed, and open source software?

For a long time open source software held the earlier label of “free software.” The free software movement was formally established by Richard Stallman in 1983 through the GNU Project. The free software movement organized itself around the idea of user freedoms: freedom to see the source code, to modify it, to redistribute it—to make it available and to work for the user in whatever way the user needed it to work.

Free software exists as a counterpart to proprietary or “closed source” software. Closed source software is highly guarded. Only the owners of the source code have the legal right to access that code. Closed source code cannot be legally altered or copied, and the user pays only to use the software as it is intended—they cannot modify it for new uses nor share it with their communities.

The name “free software,” however, has caused a lot of confusion. Free software does not necessarily mean free to own, just free to use how you might want to use it. “Free as in freedom, not as in beer” the community has tried to explain. Christine Peterson, who coined the term “open source,” tried to address this problem by replacing ‘free software’ with ‘open source’: “The problem with the main earlier label, ‘free software,’ was not its political connotations, but that—to newcomers—its seeming focus on price is distracting. A term was needed that focuses on the key issue of source code and that does not immediately confuse those new to the concept.”

Peterson proposed the idea of replacing “free software” with the term “open source” to a working group that was dedicated, in part, to shepherding open source software practices into the broader marketplace. This group wanted the world to know that software was better when it was shared—when it was collaborative, open, and modifiable. That it could be put to new and better uses, was more flexible, cheaper, and could have better longevity without vendor lock-in.

Eric Raymond was one of the members of this working group, and in 1997 he published some of these same arguments in his wildly influential essay “The Cathedral and the Bazaar”. In 1998, partly in response to that essay, Netscape Communications Corporation open sourced their Mozilla project, releasing the source code as free software. In its open source form, that code later became the foundation for Mozilla Firefox and Thunderbird.

Netscape’s endorsement of open source software placed added pressure on the community to think about how to emphasize the practical business aspects of the free software movement. And so, the split between open source and free software was cemented: “open source” would serve as the term championing the methodological, production, and business aspects of free software. “Free software” would remain as a label for the conversations that emphasized the philosophical aspects of these same issues as they were anchored in the concept of user freedoms.

By early 1998 the Open Source Initiative (OSI) was founded, formalizing the term open source and establishing a common, industry-wide definition. Though the open source movement was still met with wariness and corporate suspicion from the late 1990s into the early 2000s, it has steadily moved from the margins of software production to become the industry standard that it is today.

Utilizing open-source software has many advantages over its proprietary peers, especially for businesses and organizations just getting started in the industry.

  • Open-source software tends to be more flexible as it offers programmers multiple ways of solving problems and encouraging creative solutions.
  • Improvements and bug fixes on OSS happen much more quickly. Because open-source software allows collaboration, issues and improvements are implemented at a faster pace.
  • It’s cost-effective. Generally speaking, proprietary software requires internal employees to work on its source code to keep the information private. Open-source software allows those unaffiliated with the project access without its authors having to pay out for further development.
  • You can attract better talent. If a small business launches open-source software, the ability of all programmers to view and modify it could allow the organization to recruit particularly talented employees.
  • Open-source software can be more difficult to use since they may have less user-friendly interfaces or features that aren’t familiar to all programmers.
  • Compatibility issues may arise if the hardware used to create a piece of open-source software isn’t available to all programmers working on it. This could also drive up costs of the project.
  • Open-source software doesn’t come with the same warranties and indemnification as proprietary applications. This could become a problem as open-source software may provide no real protection from infringement.

What are the Synopsys offerings for OSS security?

Black Duck software composition analysis (SCA) tools help teams manage the security, quality and license compliance risks that come with the use of open-source and third-party code in applications and containers. SCA helps you understand what’s in your code, and provides a comprehensive software bill of materials (BOM).

Black Duck Audit Services provide fast analysis of open source, legal, security, and quality risks for merger and acquisition due diligence or internal reporting. Black Duck offers several audits:

  • Open source and third-party code audit. This provides a complete open source bill of materials for the target codebase, and shows all open source components and associated license obligations and conflict analysis.
  • Open source risk assessment. This uses Black Duck Security Advisories to deliver a detailed view of open source risks in the codebase, including known security vulnerabilities. The assessment result can serve as a high-level action plan to prioritize research and potential remediation actions.
  • Web services and API risk audit. This lists the external web services used by an application, offering insight into potential legal and data privacy risks. Armed with this data, you can quickly evaluate web services risks across three key categories: governance, data privacy, and quality.

Conclusion

All in all, there are many benefits to using open source code. Increased flexibility and freedom, as well as a reduction in costs, make open source code more appealing to businesses and organizations, who may find that it helps them save time and money for products that are designed for their own purposes and purposes of their users without having to pay the high price of having proprietary code developed for them.

0 Comments

No Comment.