Open Source Social Science

Open source software has recently emerged as the frontrunner for many industries as the primary method of code production, as it is widely predicted to provide more options for its users in a quicker, quality improved, and cost effective format than the more traditional proprietary software. Linux, the dominant player in the market, is a considerable threat to the Microsoft operating system, which has successfully established itself in the global market. Beyond its commercial potential, open source software possesses a potential goldmine in the government sector. However, questions regarding security and privacy continue to plague government officials in their pursuits of this option. The following discussion will provide an overview of open source software as well as proprietary software and their primary components, an evaluation of government options in relation to the products available on the market, and the social construction of open source software vs. The technological determinism of proprietary software.

Discussion of Open Source Software

Open source software is distinctive in that it provides its users with free access to the object code as well as the source code, and when modifications are made, they must be made available to interested parties within the community. The primary criteria that distinguishes open source software from all other programs are the following (Lerner and Tirole 821):

The program must be distributed royalty free

All program modifications must be distributed under the same terms as the license of the original software

The source code must be released and made available to interested parties

In addition, open source software is subject to a strict code review process, which provides additional security measures for its users. As more people gain access to its code, they can identify flaws or errors in the system (Fisher 21).

However, it is also known that with every piece of software, there are disadvantages to its use. In the case of open source software, even the most brilliant programmers cannot escape the potential security breaches that may exist with this type of software. According to Farrow, "OSS programmers aren't generally paid to writer the software they maintain. These programmers are paid by becoming well-known for writing great software. Including backdoors would be the kiss of death for a programmer. Even security-related bugs hurt an OSS programmer's reputation" (73). Furthermore, Neumann states in an article by Fisher that "Unless there's a great deal of discipline underlying the development, there's no difference in the security. Open source is not inherently more secure. If everyone has the same bad skills, all the eyeballs in the world won't help you. Unless there's discipline, you still come up with garbage" (40). Some experts argue that the key components of secure software are attention to detail and careful coding, and that both proprietary and open source software can be very secure if carefully written (Fisher 20). This demonstrates that the knowledge of the programmer can strongly influence the security potential of a given software product.

One question that is raised in the utilization of open source software is why the product is given away at no cost to other users. A simple explanation may be that users find significant value in the product since it is much easier to manage open source software since it does not possess strict licensing requirements, such as those placed on Microsoft products (MacVittie and MacVittie 15). This is logical, since the cost of using the traditional Microsoft operating system can be excessive if a new license must be purchased for each user. Cost is more than likely one of the chief motivators in the decision to use open source software over the traditional proprietary methods.

The Linux operating system is the chief product that many new open source customers consider as their primary choice. Many IT experts find that Linux is more powerful when enthusiasm is brought into the picture (Zetlin 38). Therefore, learning the ins and outs of the system can take some time and may require some work beyond normal business hours. For this reason, training in Linux and other similar open source offerings should be a primary concern for IT professionals in order to improve its potential and to reduce the possibility of security flaws.

The potential cost of ownership of open source software is highly dependent on the business environment of the firm in question. According to Wheeler, "OSS/FS isn't cost-free, because you'll still spend money for paper documentation, support, training, system administration, and so on, just as you do with proprietary systems. In many cases, the actual programs in OSS/FS distributions can be acquired freely by downloading them. However, most people will want to pay a small fee to a distributor for a nicely integrated package with CD-ROMs, paper documentation, and support. Even so, OSS/FS costs far less to acquire" (33). In addition, when upgrades are necessary to improve upon the system's existing features, these typically cost less than for proprietary systems (34). Total cost savings that may result from the implementation of an open source system can be tremendous, and typically range over $10,000, and can potentially increase to $250,000 or more, depending on the size of the firm and other external factors (36). Finally, Wheeler indicates that "as the number of servers increases, proprietary solutions become increasingly costly. First, many proprietary systems (including Microsoft) sell per-client licenses; that means that even if your hardware can support more clients, you must pay more to actually use the hardware you've purchased. Secondly, if you want to use more computers, you must pay for more licenses in proprietary systems" (35). Therefore, businesses and others that consider open source software must perform a cost-benefit analysis to identify the potential cost savings that may result from its use.

Wheeler also discusses the strict licensing policies that are forcing some Microsoft customers to reevaluate their options because of the increased cost: "Microsoft's recent licensing policies may accelerate moving away from Microsoft...this new license program has engendered a lot of resentment among Microsoft's customers...enterprises are realizing that the majority of their users are consumers or light producers of information, and that these users do not require all of the advanced features of each new version of Office...unless Microsoft makes significant concessions in its new office licensing policies, Sun's StarOffice will gain at least 10% market share at the expense of Microsoft Office by year-end 2004. Because of these licensing policies, by year-end 2003, more than 50% of enterprises will have an official strategy that mixes versions of office automation products - i.e., between multiple Microsoft Office versions or vendor products" (11). Microsoft's strict licensing policies are proving to serve more harm than good to many customers, and as a result, some are beginning to turn their backs on their primary provider in favor of a more cost-effective solution.

In general, it has been demonstrated that open source software provides numerous benefits to its users, including potential cost savings and the freedom to change the code when circumstances require. Security issues will always be of primary concern, but experts in the field that possess the appropriate knowledge should be able to reduce these possibilities and to satisfy customers. A discussion of proprietary software will now be presented.

Proprietary Software: Advantages and Disadvantages

Proprietary software is defined by the Wikipedia encyclopedia in the following manner: "Some individual or company holds the exclusive copyrights on a piece of software, at the same time denying other people the access to the software's source code and right to copy, modify, and study the software" (1). Proprietary software remains under some form of control at all times in regards to distribution and use. In any case, one of the most important factors of proprietary software is its quality in relation to the source code and potential security breaches, made possible through various flaws in the system (Butler Group 2).

The most popular form of proprietary software on the market today is the traditional Microsoft operating system, which has managed to infiltrate businesses across the globe in dramatic fashion. As technology continues to develop and improve, the Microsoft product has been subject to much scrutiny for its potential flaws as well as its often highly expensive cost. Since the system is exclusive from one user to the next, the costs of purchasing additional user licenses can be often prohibitive and can interrupt the business plan. In today's economy, this concept is not cost-effective and can potentially stall or reduce business growth. These are some of the primary reasons why many users are switching to open source software to cut costs and to manipulate the code in their own way.

Other disadvantages to using proprietary software also exist. According to an article in the Spyware Weekly Newsletter, "German tech news portal tecchannel is reporting that when users of Windows XP use the Windows Update web site, it transmits a list of installed software and the hardware configuration of the machine to Microsoft. Using custom-built software which takes advantage of an undocumented function of the Windows API, tecchannel has logged the data being transmitted to Microsoft just before it is encrypted. Their testing also reveals that Microsoft can identify your machine uniquely if they chose to do so, and could even lock you out of the site altogether" (1). This unfortunate string of events could potentially wreak havoc on both personal and professional use of the Windows operating system and could potentially deter new users and eliminate existing ones that may feel a heightened sense of security with the open source product. Other sources of privacy invasion have also been tracked, including the identification of DVD watching habits and the perceived security and storage of consumer information that is transmitted over the system.

As with open source software, questions of security are always considered in the utilization of proprietary software. According to Allison, "Consider the reasons for security alerts. Most often, a security alert is issued for a proprietary software package once a cracker has created and published an exploit to take advantage of a problem. Most open source security alerts are issued because of third-party audits, not published exploits, and an alert is published in the spirit of openness to notify and users of the broken software about upgrades" (23). Perhaps the one advantage in security that is prevalent in proprietary software is that when security breaches or flaws do occur, there is a tremendous incentive to correct them in a prompt fashion. This activity is performed quickly to preserve the brand image, the business, and its customers as efficiently as possible. In this case, knowledgeable experts must be able to work well with the established code in order to make the appropriate adjustments.

As mentioned previously, the costs of proprietary software can far outweigh the advantages for many businesses. According to Brockmeier, "It's unbelievably arrogant of Microsoft to try to bully its customers into an 'upgrade' by refusing security patches when most companies are counting pennies....Microsoft users are at the mercy of Microsoft for support. Any company with a big investment in a particular various of Linux, say Red Hat 6.2, can hire someone to create a patch for that system if it has a good reason to continue using it. Despite the fact that 6.2 has reached the end of its life, product-wise, this doesn't prevent a company from patching a system - it just means Red Hat is no longer doing so. This is where having the source becomes fairly important" (2). It is quite obvious that users of proprietary software, particularly Microsoft products, face an uphill battle in maintaining and upgrading their systems to match company needs. It is not surprising that more and more users are making the switch to open source products.

Government Opinion of Open Source vs. Proprietary

It is becoming increasingly common that governments across the world are reevaluating their operating systems to identify which method may result in long-term success. As a result, debates surrounding open source vs. proprietary software have become widespread around the world. Microsoft has responded to the debate and the challenge by making a significant change in their standard policy: "Microsoft is displaying a surprisingly deft touch in its dealings with foreign governments. In a bid to slow the open-source groundswell, Microsoft last January announced a plan to share the source code underlying the Windows operating system. Considering how long Microsoft fought against divulging its 'secret sauce' to any outsider, regardless of whether their e-mail address ended with.gov or.com, that seemingly rates as a mind-blowing capitulation" (Cooper 1). The action that Microsoft has taken has resulted in much interest from foreign governments that consider Microsoft as an "American" business. Consequently, they may choose to remain on the proprietary circuit because they seek diversification with a foreign entity (2). Microsoft's actions have also resulted in a polished public relations move, designed to defer attention from the benefits of switching to open source software for business purposes.

An initiative launched in 2002 managed by a group named CompTIA, is more than a bit concerned about the recent interest in open source software, and their opinions are reaching such U.S. government sectors as the Department of Defense. According to McCullagh, "The Initiative for Software Choice told the Defense Information Systems Agency that the Pentagon should not openly promote the use of open source software, arguing that proprietary products are not inherently less secure...while the law on this matter remains untested, it makes sense for companies to be highly risk-averse in this area, striking a more defensive posture when confronted with software development that may implicate GPL code or similar coding environments. Commercial and hybrid software developers generally do not want to risk losing their investment" (1). Unfortunately, this report is written by a firm with close ties to Microsoft, so the data is not unbiased.

The state of Rhode Island has jumped on the bandwagon of open source technology and has set a new standard in for state governments. The primary proponent of the technology, Jim Willis, proposed the idea with mixed responses because most state officials did not possess a familiarity with the open source technology.

However, the initiative is turning heads and attracting more and more government attention: "Its visibility makes the Rhode Island installation more potent a demonstration of what open source can accomplish when used by state governments. This particular project probably is going to usher in other governments exploring these types of open-source solutions" (Vaas 16). John Corona, a state Senator from Texas, introduced a bill in 2003 to consider open source software in future procurements, and Oregon also followed suit with a similar bill (Taft 1). Therefore, it is likely that additional states will soon follow suit into the open source arena.

Unfortunately, some firms that oppose open source software are bringing their arguments to the political arena. Some businesses "who resist open source have taken the fight to the halls of the lawmakers. Many of these corporations have been busily promoting legislation to stop the spread of open source through force of law rather than the force of competition. Fierce lobbying efforts actually seek to prohibit governments from even considering open source alternatives. Published reports indicate that lobbying may have even forced the National Security Agency to discontinue developing a highly secure Linux kernel. It seems that some in government have swallowed the sour pablum, claiming that security through obscurity is essential, even when history has shown it to be woefully inadequate" (Pavlicek 18). Therefore, as some state and even Federal branches of government begin to strongly consider open source software for their own systems, opponents of the technology are threatening its livelihood and long-term potential in the political world.