mobileCategory: open source
05/30/07 09:53 - ID#39452
e:strip and open-source
Since I'm interested in open-source software, and have recently started looking more at (e:strip), I was curious if we were able to see the code that runs the site. I googled (e:strip) source code and found a link to Paul's journal from 2005, that wasn't commented on at all. I started writing a comment on that journal, and then decided to change it into a journal of my own because what I was writing was a bit verbose for the comment window. Here is Paul's original post:
http://www.estrip.org/articles/paul/32091.html
In his post, Paul expressed frustration that things that are made open-source (and he didn't go into the different open-source licenses in much detail) are often used in for-profit projects. This is something that has bothered me as well. However, I think that the benefits of releasing a project as open source (and in this sense I'll refer specifically to a licensing arrangement called the (GPL outweigh the dangers that something will be packaged and sold for profit.
In the GPL, as far as I understand it, your open-source software can be re-distributed and sold. However, any derivative works need to remain open source as well. So, if someone modifies your software their modifications must be made available under the same terms. The GPL is also enforceable, as is evident in the case where Linksys used parts of the linux kernel source to run their old WRT router devices. Once people discovered that the linux software was used, the GPL was enforced to make Linksys open up their code. This code was eventually turned into the popular OpenWrt project.
Paul also mentioned security issues with open-source software. If people can see your source code, doesn't this make your applicaiton less secure? Although this point has been brought up by many people who are in favor of proprietary software, I disagree that opening source code makes applications less secure than their alternatives. If we look at popular open source daemon packages on the Internet, such as sendmail, we can see that there are, of course, vulnerabilities that are discovered. But this is the case with proprietary software as well, including Microsoft and Apple's proprietary systems. In the case of open-source software, we can see that vulnerabilities are patched extremely quickly because people have access to the source code. The increased scrutiny to which open-source software is subjected, more often than not, makes it more secure.
In the end, I don't think that we can look at any software as either open or not. All software, proprietary included, contains openings that can be exploited. The only program that cannot be exploited is one that is never executed, and is therefore entirely dead. Everyone has seen how Microsoft has a steady stream of programs that are exploited by being cracked and distributed under terms that Microsoft didn't authorize. Perhaps what we need to do then, is shift the debate from the binary opposition of open source and proprietary software to something more like varying terms under which software (which is inherently open to something, unless it is "dead" software) is released.
In this sense, we have to evaluate the benefits and disadvantages of varying license terms. When we do this, I believe that the benefits of something like the GPL far outweigh anything that compels people to keep their source code under lock and key. It allows people to learn from the source code, to use it for their own projects, and to improve it as they see fit. It also still allows you to make money from your own software by selling consulting services and supporting installations.
So, sorry about this belated response to Paul's post. However, I think that it is an important one both for developers and users of software (which implicates just about everyone in the world at this point).
Especially in terms of a community web site like (e:strip), however, I think it would be great to give source code to the community. I'm not sure how much time I'd have to dedicate to hacking with it, but there are a couple of features that I would think about implementing, if the source code were available under a community license. ;)
http://www.estrip.org/articles/paul/32091.html
In his post, Paul expressed frustration that things that are made open-source (and he didn't go into the different open-source licenses in much detail) are often used in for-profit projects. This is something that has bothered me as well. However, I think that the benefits of releasing a project as open source (and in this sense I'll refer specifically to a licensing arrangement called the (GPL outweigh the dangers that something will be packaged and sold for profit.
In the GPL, as far as I understand it, your open-source software can be re-distributed and sold. However, any derivative works need to remain open source as well. So, if someone modifies your software their modifications must be made available under the same terms. The GPL is also enforceable, as is evident in the case where Linksys used parts of the linux kernel source to run their old WRT router devices. Once people discovered that the linux software was used, the GPL was enforced to make Linksys open up their code. This code was eventually turned into the popular OpenWrt project.
Paul also mentioned security issues with open-source software. If people can see your source code, doesn't this make your applicaiton less secure? Although this point has been brought up by many people who are in favor of proprietary software, I disagree that opening source code makes applications less secure than their alternatives. If we look at popular open source daemon packages on the Internet, such as sendmail, we can see that there are, of course, vulnerabilities that are discovered. But this is the case with proprietary software as well, including Microsoft and Apple's proprietary systems. In the case of open-source software, we can see that vulnerabilities are patched extremely quickly because people have access to the source code. The increased scrutiny to which open-source software is subjected, more often than not, makes it more secure.
In the end, I don't think that we can look at any software as either open or not. All software, proprietary included, contains openings that can be exploited. The only program that cannot be exploited is one that is never executed, and is therefore entirely dead. Everyone has seen how Microsoft has a steady stream of programs that are exploited by being cracked and distributed under terms that Microsoft didn't authorize. Perhaps what we need to do then, is shift the debate from the binary opposition of open source and proprietary software to something more like varying terms under which software (which is inherently open to something, unless it is "dead" software) is released.
In this sense, we have to evaluate the benefits and disadvantages of varying license terms. When we do this, I believe that the benefits of something like the GPL far outweigh anything that compels people to keep their source code under lock and key. It allows people to learn from the source code, to use it for their own projects, and to improve it as they see fit. It also still allows you to make money from your own software by selling consulting services and supporting installations.
So, sorry about this belated response to Paul's post. However, I think that it is an important one both for developers and users of software (which implicates just about everyone in the world at this point).
Especially in terms of a community web site like (e:strip), however, I think it would be great to give source code to the community. I'm not sure how much time I'd have to dedicate to hacking with it, but there are a couple of features that I would think about implementing, if the source code were available under a community license. ;)
Permalink: e_strip_and_open_source.html
Words: 708
Author Info
Date Cloud
Category Cloud
- User must have at least 3 blogs in one category for categories list to show.
More Entries
My Fav Posts
- This user has zero favorite blogs selected ;(
happy birthday Denise and Alex 
Hummus ? 
Nephew's Art 
Spring Feelz 
Hello hello 
moz://a
So, charging $10 for a Linux CD is OK; charging $1000 for a liveCD is a no-no.
GPL also says that if you make a derivative work, you must release it under the same license that you got the original. Basically, you can't take rights _away_.
Then there's LGPL (Lesser GPL) which typically covers libraries and all that. It allows you to sell derivative works for profit (with suitable attribution), without the requirement of open-sourcing your derivative work.
And then finally there's BSD license (my favorite), which says do whatever the heck you want with it, just don't blame us if something breaks.
I feel more works should be open-sourced. And people can (and do) make a living with open-source software: for example, RedHat, MySQL, Mozilla, etc.
Open-sourcing something doesn't make it insecure; the bugs were already there, it's not some quantum-mechanical phenomenon where reading the source code creates bugs. What open-sourcing does is expose it to more pairs of eyes, with the hope that they may find bugs that you missed. On the other hand, with some POS like Windows, you are forced to rely on the vendor to fix bugs (or add features). If s/he refuses to do it or is too busy, your SOL.
Give me OSS any day over proprietary bullshit.
Ultimately its a matter of personal choice, but the real issue here is control. Some people develop things for free public use but do not particularly want the public to see how it works - I for one think this is 100% acceptable. The real open source nerd purists (Stallman worshippers, etc.) might object to this, but they had better respect it. There is nothing wrong with retaining control over your work, even if you don't intend on profiting from it. To that end I also think its wrong if people were to ridicule somebody for failing to distribute source code, not because of what is best for the developer, but what is best for themselves and their ideals.
Developers are like artists in one way - many times they find some degree of fault with others work and have the firm belief that they can improve most things that they come across. I've never really understood the desire to monkey with other peoples stuff and what purpose it would ultimately serve.