Open Source Has Lessons to Learn

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Every now and then, we come across a story that pits open source against proprietary software and declares one the winner, in terms of quality, TCO or security.


Not long ago, the debate centered around whether open source is more secure. Many, including security vendor Trend Micro, decided that it was, in some respects. The company's Anti-Malware CTO, Raimund Genes, praised open source operating systems in a recent interview with IT Business Edge.


Noting the rapidly growing presence of open source solutions in the enterprise -- not to mention in government agencies -- the U.S. Department of Homeland Security decided to do a little of its own testing. The department funded an audit of the most popular open source programs.


As Coverity CTO Ben Chelf discussed in another IT Business Edge interview, the audit revealed that security of the popular LAMP stack stood out among open source programs.


Open source enthusiasts took the initial results and ran with them, claiming that proprietary software companies could learn much from the open source development method -- which, of course, is true. In a community development environment, the work is done faster and bugs are fixed and patches issued more quickly, for instance.


But Friday we found a BusinessWeek article -- written by Coverity's Chelf -- with a fresh take: There are also things open source projects can learn from the proprietary world.


Chelf, having been involved in the Homeland Security open source audit, which measured open source programs not only against themselves but also against the most popular proprietary offerings, is in a unique position to speak on the issue with some level of authority.


He points out that open source could benefit from end-to-end quality testing -- and regular, rigorous automated testing at that. Though each developer cares a lot about the quality of his or her own contributions, there aren't very many checks of the entire program or the changes thereto, he says.


And until open source gets there -- and it will -- he'd go with proprietary software over open source when it comes to flying a jet or operating medical equipment. After all, if the software that does those things fails, someone's life is generally at risk.