TJR Forum
Tech news
at TheJemReport.com		 Software reviews
at SoftwareinReview.com		 Hardware reviews
at HardwareinReview.com		 Discuss technology
at TJRForum.com
Search the Jem Electronic Media network
Main Menu
Home
Articles
Editorials
News and reporting
Tech book reviews
Two-minute stories
Bookmark Us
 
 


Home arrow Articles arrow Editorial commentary arrow The sorry state of open source today
The sorry state of open source today PDF Print E-mail
Written by Radu-Cristian Fotescu   
Apr 14, 2007 at 11:51 PM
Page 3 of 26

2. The bugs, in the open

Except for the added freedom (not without some strings in the case of the GPL), the open source software is supposed to provide you with some welcomed advantages over closes-source software.

Say, once the code is in the open, bugs can be easily noticed, and the necessary fixes and cleanup come at ease. Well, at least in theory, as nowadays' code is complex.

Security fixes are indeed benefiting for having the code in the open, but this also has a price: security advisories are issued more often than ever, as everyone can dig for weaknesses. Hackers don't have to try blind attacks anymore. Therefore, once a security patch is issued, the system administrator should really, really apply it ASAP. We're living in a highly networked world, never forecasted by the Sci-Fi writers of the '60s and '70s.

Surprisingly enough, this never prevented some stunning security holes to pop up because of hilariously simple coding errors: 13 years after a rlogin -froot remote authentication bypass vulnerability, the mostly unused Telnet daemon had a terrible bug in Solaris 10/11, just a couple of months ago.

The affected Telnet daemon is derived from BSD source code, and while Solaris was traditionally a proprietary OS, starting with version 10, you can get its source code from OpenSolaris.org.

Another proof that the OSS mantra is not always having the expected outcome is OpenOffice.org. I am using it almost every day, and it is indeed a good office suite. Yet the fact that its Bugzilla is public does not only allow me to file bugs with them (you could never do such a thing with Microsoft Office!), but also to notice how many old bugs are still unfixed.

Let's admit that a public bug tracking system leads to a better feedback, and to a better project management from the QA standpoint, with the side effect of having zillions of bugs reported, many of them duplicates or NOTABUG Is this a good reason enough for not fixing some everlasting Oo2 bugs such as not being able to have an easy way to change the default paper from Letter to A4 in all the Oo.org and to have it stick this way (Bug #39733), or sticking with the design flaw that limits your paragraph to 65,534 characters, as if it were under Windows 3.1 (Bug #17171)?

I don't think this is a good excuse. Notice that no matter Oo.org is open source, nobody is going to fork it just to fix such annoying bugs. Once a product goes mainstream, it's almost like it becomes proprietary: at least for the sake of the compatibility, everybody is going with the flow.

So long about the myths of freedom in an open source world.


<< Start < Previous 1 2 3 4 5 6 7 8 9 10 Next > End >>
Last Updated ( Jul 06, 2007 at 03:54 AM )
<Previous   Next>

The Jem Report is part of the JEM Electronic Media network of information technology Web sites.
Spammers can email us here