Many of us now rely on open source software for almost every aspect of our daily computing needs, from our web browsers (Firefox) to email solutions (Zimbra) and content management systems (WordPress). These solutions make computing much more accessible and save consumers considerable amounts of money – a 2008 report by the Standish Group states that open-source software has resulted in savings of about £48 billion per year to consumers. But, what drives the open source revolution? Why do people adopt this software and what does this mean for security?
From a user-experience and performance perspective, open source software works in the same way as proprietary software. However, open source software gives its users the transparency to access its code and the freedom to copy, change or improve it. What this means for security is that more people are looking at and testing the code, so if there is a problem it is more likely to get noticed faster and fixed before it causes any serious harm. Indeed, as the fix will be publicly available, other organizations can adopt it and shield themselves from the same problem. Whereas, in closed sourced software, no one outside the organization knows about the bugs or problems discovered in their code and often, it could even take months for companies to release a patch.
Open source software can be used to help solve cybersecurity problems by enabling individuals to share their knowledge on security issues and collaboratively come up with solutions for them. And because these solutions will be publicly available this means that anyone can reuse or even improve them. A great deal of the cybersecurity problems we face today have occurred due to bad design or the lack of knowledge about potential security threats. However, by openly sharing existing knowledge about threats, OSS can certainly improve the security landscape.
Indeed, the key elements of open source software are its openness and transparency. And it is precisely the lack of secrecy that create trust in users, developers and the organizations themselves. For example, when it comes to something as simple as the use of encryption software, which helps secure information, email/text messages or any other type of online communication, users are more likely to trust an open sourced solution than one that claims their code is indestructible.
On the other hand, open source software tends to be less “user-friendly” and may require more technical knowledge than proprietary software, because it essentially doesn’t aim at generating money. However, learning about open source software and how both organisations and individuals can benefit from using can be crucial for establishing the security and privacy aspects in information technology. It’s definitely an area worth exploring!
By Elizabeth Nikolova, Account Executive at Eskenzi PR