[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Advantages/Disadvantages of Open Source Software (Was Re: Package grub-xen-host breaks PV domains with 11.5 point release)


Am 12.09.22 um 19:47 schrieb Chuck Zmudzinski:
"Open Source Software is accessible to all means it can be used and misused. 
And, that’s where it turns unconstructive for us. With OSS, we can expect harm,
virus transfer, identity burglary, and many other malicious practices to hurt the
process." [1]

I would not go so far to say that is happening in Debian, but I have experienced
the fact that not every bug that is important to my use case will be fixed quickly
in Debian, even if I or other users takes the time to find the fix and share it
with the Debian developers. This experience of mine with Debian as a long-time
user of Debian *does* raise suspicion in my mind, and I would not be suspicious
of malicious intent by Debian developers and maintainers if they were more
responsive to some bugs they just ignore for months and even years. I agree
my suspicion does not prove malice, but my suspicion is reasonable when there
are Debian "volunteers" who do work in corporate environments where the
interests of their employer might conflict with the interests of the open source
software projects such as Debian that they contribute to. This is simply a risk that
users of Debian software, or of any open source software, should be aware of,
and users should know how to mitigate this risk of malicious activity within
open source software projects like Debian.

So it as a fact that if a person is just a user of Debian and not an official
developer of Debian, there is no guarantee that the use case of that particular
user will receive prompt attention from the official Debian developers. That
is true because Debian developers are just volunteers and not liable for any
problems the software they release might cause to those who use Debian
software. That is a *big disadvantage* of open source software.

Best regards,

Chuck

[1] https://medium.com/quick-code/advantages-disadvantages-of-open-source-software-explained-2fd35acd413


Hi Chuck
While I think that you are partly right (prioritization of bug fixing of OSS) but my experience of closed source software (even paid for) is that one usually is only the small fish in the pond and one's needs are rather put back. However, with OSS, if you cannot fix it yourself - I suppose most users cannot do - one is free to give incentives to get one's wishes done. You can call it bribery if you like or putting a bounty on a problem.
I do not quite get the meaning of "Open Source Software is accessible to all means it can be used and misused." by Megha Verma. Assuming that it is by its nature possible to "inject" malicious code then yes and no. Yes, it theoretically is possible as anyone can get and change the code, but no, if the project is fairly well maintained, i.e. no commits to the main branch of the code repository without any review. Personally, I have been using OSS for more than 25 years and never had the suspicion any of the OSS I used was acting malicious.
I also would like to point to the table of mentioned lady. It states that OSS is open and FREE. As far as I am informed, the latter is not mandatory. I believe Richard Stallman put it that way: OSS is free as in freedom and not as in free beer. I hardly have ever noticed OSS not being free of fees but yet it is possible. Either she did not know, or she did not notice when putting in the table. But be it as it may, I think, that the association of OSS with free beer raises the expectation that OSS maintenance is not to cost a dime, and therefore a bad association. Thus, I have begun to donate to OSS projects to give back in that way at least. 

Kind regards

Thiemo


--
Signal (Safer than WhatsApp): +49 1578 7723737
Threema (Safer than WhatsApp): A76MKH3J
Handy: +49 1578 772 37 37
Reply to: