Debunking popular open source myths

The open source industry will soon reach another milestone when Linux celebrates its 20th anniversary on Aug. 25. Advocates identify five misconceptions surrounding the technology and discuss how these have since been proven false with the emergence of a viable business model.

Traditionally, open source software (OSS) such as Linux was created and refined by a community of software enthusiasts working on it as a hobby or fueled by their personal passion. Linux founder Linus Torvalds, for example, was a computer science student at the University of Helsinki when he created the operating system (OS).

This has resulted in several commonly-held perceptions regarding OSS such as the lack of capabilities and support for deployment in the enterprise space, and an insufficient security foundation.

ZDNet Asia spoke to three open source industry players for their views on these myths:

Myth 1: Open source is not ready for the "big time"
According to Dirk-Peter van Leeuwen, vice president and general manager at Red Hat Asia-Pacific, the origins of open source resulted in the technology being associated with software that were "cobbled together by amateurs and hobbyists". In turn, this allowed the myth that open source was unsuitable for use in corporate settings to perpetuate, he noted in an e-mail.

However, van Leeuwen said "some of the biggest names in key industries" have taken to using open source platforms such as Red Hat Enterprise Linux (RHEL) to implement high-volume, mission-critical applications. A good example of this can be seen in several stock exchanges and the fact that over 50 percent of the world's trading volume is run on the RHEL platform, he pointed out.

Furthermore, he cited a Gartner study that predicted 99 percent of Global 2000 enterprises would include OSS in their mission-critical software portfolios by 2016, up from 75 percent in 2010.

"These points effectively debunk the myth that open source software isn't ready for the big time and, in fact, validate its track record in handling demanding, mission-critical deployments," van Leeuwen added.

Myth 2: Big companies don't use open source software
In a related point, Lila Tretikov, CIO and vice president of engineering at open source customer relationship management (CRM) vendor, SugarCRM, said more enterprises were opening up their IT environments to open source deployments.

She cited in her e-mail the example of Virgin Airlines as a global company that reiterated its support for open source during last year's Open Source Business Conference, stating that the majority of the airline's IT systems were open source and clocked a 100 percent uptime for all of these systems.

Tretikov pointed to Google, Amazon and Facebook as other notable companies that leverage open source for their IT needs.

Myth 3: Open source is not secure enough
Security also has been an open source bugbear, according to both van Leeuwen and Tretikov.

The Red Hat executive explained that because of the stereotype that open source was developed by amateurs, it was assumed that such software would contain multiple bugs due to the lack of quality assurance.

Additionally, it was thought that these amateur developers were either not sophisticated enough in their skills or saw no reasons to build enterprise-grade security into the software they were developing, he noted.

Arguing the point in a slightly different angle, Tretikov said the notion of paid software being more secure than open source ones had been "largely debunked" over the last 10 years, due to a series of "controversies" that spotlighted vulnerabilities inherent in paid software.

"Many of the Microsoft Server OS's vulnerabilities came out during the emergence of the cloud infrastructure," she pointed out. Comparatively, Linux systems withstood the impact of exposure to the open Internet, she noted, which was why cloud computing vendors today base their technical stacks primarily on open source technologies.

She added that the higher security threshold in OSS was driven by the software's exposure to an "exponentially higher level of scrutiny" from software developers, security experts and hackers within the open source community.

OrangeHRM CEO and co-founder, Sujee Saparamadu, chimed in, saying that Fortune 500 companies currently run open source software such as Linux for their mission-critical applications because these are "more stable than proprietary software".

Myth 4: Open source is all about infrastructure
Tretikov noted that because open source technologies first emerged at the systems level, and subsequently went on to be used heavily to support cloud infrastructure services and platforms, people tended to think open source applications were only used at this level of the computing stack.

That was not accurate, though, she said as "hundreds" of open source companies in the last decade had successfully brought to market enterprise OSS such as CRM, enterprise resource planning (ERP) and marketing automation applications.

Earlier, experts ZDNet Asia spoke to agreed that open source projects have been mushrooming across the computing stack. Charles Zedlewski, vice president for product at Cloudera, also noted that OSS tended to be "most successful in broad, horizontal software categories".

Myth 5: It is difficult to find applications running on open source platforms
As an extension to the point mentioned above, van Leeuwen highlighted that companies used to think there were few independent software vendors (ISVs) or big IT shops willing to develop applications for open source platforms as these would not be utilized.

Judging by the number of developer partners Red Hat alone has been able to sign up, which currently stands at more than 2,500 ISV partners, he said this viewpoint obviously could not be substantiated.

Companies, too, are now working with open source developers to come up with products that would boost their businesses, he noted. Singapore's taxi operator, ComforDelGro, for example, developed its SMS (short message service) taxi booking system on the company's JBoss Seam application server to help reduce customer waiting time and improve overall user experience, van Leeuwen said.