-->

Nominations for the 2022 KMWorld Readers’ Choice Awards Extended to July 5

Understanding open source Part 1

How do I evaluate open source software for purchase?

Open source software is starting to look attractive to many businesses. It's free, it's getting a lot of press, it's often fairly secure, and it's not Microsoft. But it may be difficult to compare commercial and open source software because they're such different animals. Here are some pointers:

Cost

  • Licenses: Generally, you have to pay for the license to use commercial software. You can use most open source software free of charge (though in some cases the type of use may be restricted, for example to non-commercial applications). One side effect is that you can usually download and try an open source product with no restrictions. Some products are a combination of open and closed source, and may fall under more than one license.
  • Support: Some closed source software includes adequate support with the software license. In other cases there's a separate fee. Many open source products have one or more companies that provide fee-based support. As commercial vendors continue to phase out free tech support and ship fewer and fewer products with printed manuals, the difference in out-of-the-box support between closed and open source products continues to degrade. For both, your best option may be to locate good user-to-user forums, mailing lists and/or newsgroups and post your questions there.
  • Training: In either case, this will depend on the software's ease of use and support costs. As mentioned above, many open source products have companion products that enhance their ease of use or installation. For example, the popular MySQL database only includes command line installation tools and a command line user interface. But independent developers have created double-clickable installer programs and inexpensive or free applications that provide a graphical user interface to MySQL. So, if the product itself is low on ease of use, it's worth looking around for secondary products that may alleviate the problem at little or no cost to you.

Stability and security

This is a high-profile issue today, and not everyone agrees on the answers. Certainly some products are more stable and secure than others. Vendors of commercial, closed source software have to answer to users on stability and security, but they can sometimes take a back seat to features and release deadlines. On the other hand, bad press affects the bottom line and, particularly for a smaller company, a string of security problems can sink a product.

Open source projects often don't have hard deadlines, so if a bug is discovered, a release can be delayed until it's fixed. If a security hole is discovered after release, a patch can be released quickly. And since some users are also developers, a user who discovers a problem can fix it.

Closed source products sometimes rely on "security through obscurity." Because the source code isn't available to the public, developers may simply hide sensitive, security-related information (such as keys used in password encryption) in the source code somewhere and hope no one will find them. The problem is that these things can be found, and given a high-profile product and enough time, someone will probably find them.

KMWorld Covers
Free
for qualified subscribers
Subscribe Now Current Issue Past Issues