It is 20 years since the term ‘open source’ became commonly understood to refer to software published under a license that ensures user access to software source code. 20 years is a long time in technology and many advances have been made, with open source being used all around the globe. As such, 2018 is a landmark year in software development.
The Open Source Software (OSS) label was originally conceived by a group of free software advocates in Mountain View, California who wanted an alternative to using proprietary software.
Shortly after, the Open Source Initiative (OSI) was founded as an educational and advocacy organization to help raise awareness around OSS, all based on the Open Source Definition (OSD) which has provided a framework for arguably the most significant software development trend ever.
OSS now forms the backbone of today’s digital world, underpinning the Internet of Things (IoT), powering mobile devices and enabling the growth of cloud computing.
The Linux Foundation estimates that more than 31 billion lines of code have been committed to open source repositories over the last 20 years and it is believed that more than 90 percent of all software is either comprised completely of open source, or contains open source components.
Furthermore, 65 percent of companies are contributing to open source projects and one-third of companies now have a resource dedicated to open source initiatives, according to a BlackDuck study.
It’s clear that businesses are seeing the many benefits offered by open source. For example, although there are always maintenance and support costs to consider, the lack of licensing fees remains a primary driver for businesses today.
In addition, the crowd-sourced nature of OSS means it is always at the cutting-edge of technology, with potentially hundreds of thousands of developers working to improve the user experience and introduce new features.
Add in the likes of its customizable nature, the transparency benefits and the freedom from vendor lock-in and it becomes clear why the value of OSS is now so well established.
Protecting the next 20 years
Throughout this incredible journey, open source technology is now being used on hundreds of millions of devices and instances in the cloud.
But with this success, comes an extremely important social responsibility. Whether open source or proprietary, software contains security vulnerabilities and as the development of OSS continues to scale, so too will the number of reported vulnerabilities.
The pervasiveness of software in our daily lives makes this an ever-present problem. For example, the infamous Mirai botnet demonstrated how hackers can weaponize connected devices to form a botnet capable of causing carnage across the web and there’s no reason why this couldn’t spread to millions of devices, rather than thousands.
Furthermore, future technological developments such as autonomous vehicles have even more serious security implications that will need to be addressed sooner rather than later.
As such, the open source community can’t afford to rest on its laurels. Vendors and developers have a responsibility to keep software secure and up-to-date so that as many vulnerabilities as possible can be quickly identified and remediated before they become a potentially serious problem.
Security is undoubtedly one of the main challenges associated with OSS and it’s an issue that is only going to grow. We’ve seen how attacks are becoming more complex and how cyber criminal operations are continuing to increase in sophistication, meaning vendors and developers have to be prepared to take a ‘safety first’ approach.
The recent Equifax breach is a perfect example. The personal data of at least 143 million Americans was stolen after hackers reportedly exploited an Apache Struts security hole, which is something we don’t want to see repeated in the future.
The entire open source community needs to work together and recognize the duty of care it has to those consumers and businesses using open source innovations.
And there are some simple steps that can be taken. For example, carrying out regular analysis and encouraging customers to immediately upgrade to the latest versions would both go a long way to plugging any gaps.
There’s no question that OSS has firmly established itself. The onus is now on those developing the software to protect the future of open source and ensure that the next twenty years are as successful as the first.
Mark Baker is field product manager at Canonical