<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
There's two business reasons for using FOSS software. They're the two
reasons I use FOSS software. If other software had these attributes, I
would probably use that software instead of FOSS. In no particular
order, the two reasons for a business to use FOSS software are:<br>
1) it's free.<br>
2) it's better software.<br>
<br>
It's not really a bunch more complicated than that. I don't need to
pay thousands for server licensing. I pay like $100 a year guilt money
to my distro, and I don't even have to pay that, and it covers all my
desktops and all my servers and includes updates. I don't need to pay
hundreds for each desktop that needs to run a wordprocessor, I install
the free version and don't worry about licensing. <br>
<br>
At the server level, I've got tightly secure OS out of the box so I'm
not getting hacked, and don't need to stay abreast. I can be a dumb
user, install updates, and be reasonably safe from attack. I can get
every feature I want on my server or desktop by doing some version of
yum/aptget/urpmi. My desktops don't get slower the longer I use them,
they don't get viruses and spyware that I have to buy more software to
prevent. FOSS software just gives me everything I need, and more,
easier.<br>
<br>
The open to view stuff doesn't make a bit of difference for most
people. I guarantee I will never have a reason to look at kernel
source. Or driver source. If I need hardware and the OS won't handle
the hardware, I'm not hacking code. I'm switching hardware or OS. The
only time I care about source (and I'm not a normal user in this
instance) would be on something higher level like php scripts. And the
reason I care about code at that point is that if I need new options, I
can pay someone to modify the code cheaper than if I'm using closed
source. But by the same token, I've needed software where best of
breed was proprietary and there was additional cost to have the ability
to modify the code - and I've had little problem paying for the
software and the additional cost to get the code. <br>
<br>
And when windows did the job on my desktop well, without headaches, and
it came 'for free' on my desktop, and linux was still a nightmare on
standard PC software, then I didn't use FOSS software on my desktop.
No matter how idealistic FOSS was, I wasn't about to use it. Sorry for
being so pragmatic :).<br>
<br>
In summary, most folks don't care about the mechanics of how sausages
are made. FOSS just gives us tasty sausages cheaper. Why that is,
doesn't really matter. It's human nature, better and cheaper, or as
good and cheaper, we're going to take the cheaper. <br>
<br>
<br>
<br>
Lori Paniak wrote:
<blockquote cite="mid:1262973612.3264.58.camel@callisto" type="cite">
<pre wrap="">On Fri, 2010-01-08 at 12:01 -0500, unsolicited wrote:
</pre>
<blockquote type="cite">
<pre wrap="">To summarize the earlier arguments, it's not that FOSS is more secure,
it is that the culture and environment in which or by which it is
produced that makes it more secure. And, substantially, this occurs
merely due to code (peer) review, not because it's FOSS. Part of
Chris' point is that code review, wherever used, proprietary or not,
is just as valuable.
</pre>
</blockquote>
<pre wrap=""><!---->
I don't believe that the culture of FOSS makes the software more secure.
In fact, there are examples of how it makes software more insecure. For
example, the libssl fiasco in Debian/ubuntu of two years ago. There,
the community (Debian package maintainer) decided to add value to the
code by eliminating all the "unnecessary" files from the code. Of
course, along with them went the entropy to make decent keys. It took
more than a year for the community to notice that SSL keys produced by
the code were defective and do something about it.
On the upside, this example showed how the community could quickly act
to remove the defective code from service and repair the damage.
When presenting the advantages of open source, we ought to stick to
demonstrable facts and avoid the psuedo-science of software sociology.
FOSS is made by people, just like code from the other guys and gals.
Like all software, it is broken and/or will eventually need modification
if it is good enough to be used. The advantage of FOSS is that you are
guaranteed the permission and background code make these
repairs/changes. Try getting critical security patches for XP in 5
years.
As for 'lots of eyes make for small bugs' chestnut, the counter-argument
would be that in desktop-land Linux has 1% of the eyeballs, OSX, 9% and
Microsoft 90%. Hence, the Apple desktop is 9x more secure than Linux
and Windows 90x. If you disagree, then you also disagree with the
original claim. The issue of software security is too complicated to
summarize in a single phrase.
</pre>
<pre wrap="">
<hr size="4" width="90%">
_______________________________________________
kwlug-disc_kwlug.org mailing list
<a class="moz-txt-link-abbreviated" href="mailto:kwlug-disc_kwlug.org@kwlug.org">kwlug-disc_kwlug.org@kwlug.org</a>
<a class="moz-txt-link-freetext" href="http://astoria.ccjclearline.com/mailman/listinfo/kwlug-disc_kwlug.org">http://astoria.ccjclearline.com/mailman/listinfo/kwlug-disc_kwlug.org</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Glenn Cooke
Insurance Squared Inc.
(866) 779-1499
<a class="moz-txt-link-abbreviated" href="http://www.insurancesquared.com">www.insurancesquared.com</a>
Insurance Agent Discussion Forum:
<a class="moz-txt-link-abbreviated" href="http://www.americaninsurancebroker.com">www.americaninsurancebroker.com</a>
</pre>
</body>
</html>