For long we've been telling stories like 'Open Source, you know, millions, billions of eyes are looking at the code and can do modifications they want.'. At first look, this is true. But, also, at first look this scares business.
Open source advocates look at this from perspective 'I can fix any bug if I have brains to do it'. Business managers look at this from perspective 'Are you serious? Anybody can inject any kind of code into the product!'. Both perspectives are wrong to some point.
Open source should have better communication with business. Yes, true, everybody in the world, with good Internet link, could download and check out the code. But, no, not everybody can change it, even if they have brains to do it.
Let's take an example of Linux kernel. You are Russian/American/Iranian/Croatian/pick_your_favourite_black_sheep spy. You can download the code. You can create some malicious code and... What are your options? You could send the code to the upstream (kernel.org/Linus) or you could fork Linux kernel. In first case, if you are extremely lucky, and someone actually reviews code sent by total anonymous, people will check the code and point at the malicious code. Your code would get dropped and you'll never ever get any treatment from these guys again. If you fork Linux kernel, you'll need users and other developers. You'll also get code review from kernel.org guys (cause they probably want to know what's new in your kernel). Again, people will point at the bad code.
So, no, not everybody can change Linux/Apache/MySQL/etc... You can fix your code localy and send a patch to product upstream. That's most you can do.
For business people: Now, how is this different from propriatery software?
Well, with propriatery software, you can't get double check. You bet all your business, and at some degree, your life, on one company. One single company. Imagine that... One of most important rules of business is to have as many clients as possible. Not because of the money, but because bancrupcy of one company won't pull your company into big black hole. Why not applying this to your computers? Your company depends on them. I'm talking here about one product. In proprietary world - one product = one company.
With Open Source software/company, you don't need trust. You can hire another company to check the code. You can even fire the company you buyed software/services from and hire another one, which will just continue where the first one stopped. In Open Source world - one product = countless companies. Your infrastructure doesn't depend on single supplier.
For Open Source people: Up untill recently, business didn't care that much about the price of software.
For people at home, costless software is great. For business, software with a price is investment. So, don't talk about the price when comunicating with business, they don't care about that. And don't tell lies about 'million people could change the code'. No, only core Linux kernel team can change Linux kernel. Others can only send suggestions. And this isn't a bad thing, that's simply great.
Open Source does have a control, and it does have head, tail and roadmap, without control it would failed decades ago. Open Source isn't anarchy, it's just development model - faster than any other we know at the moment.
Labels: ubuntu