8 comments

[ 20.7 ms ] story [ 795 ms ] thread
Are there disadvantages to open source? What about security? Isn't it easier to find vulnerabilities if you have the source code?
Yes, but more often that means one of your users protects themselves by fixing the vulnerability and sending the fix to you.
More eyes = more debuggers = more security
As a user, the main disadvantage I see in using open source libraries is that the person that provides it to you for free might stop maintaining it. So sometimes going the paid, non free software way could be beneficial. I'm thinking of typical enterprise app libraries like WYSIWYG editors, spreadsheets, etc.. In desktop app, the open source front-ends are generally less beginner friendly than those of closed source software, because optimizing them is a lot of work that requires skills different from those of the typical open source dev. There are many exception though : blender, inkscape, kdenlive have very well thought out UIs imo.
If the provider of proprietary software ceases maintaining it, you are dead in the water. If the provider of open source software ceases maintaining it, you can pay someone else to maintain it. E.g. there are a lot of freelance jobs related to ffmpeg, a lot of video software experts knowing it, so you may sleep well, not worrying that the developer of ffmpeg will someday sabotage your business. On the other hand, when another company provides a binary blob library to you, when they go down, you go down with them (if you rely on them too much).
Great software requires great software developers. That’s it. It has nothing to do with whether it is Open Source or not. Open Source is not a magical wand that will turn bad developers into great developers.
Many opensource projects leaders aren't directly paid for their work on it, and consequently there is no obligation for them to accept bad code. This is less true in most closed-source projects, especially when the release date is set: various testimonies and sourcecode releases reveal how awful some well-known software products' sourcetrees are.

Even if paid to develop opensource code, having to publish may "fend off" and screen out some of those who know they will often be catched with their pants down (submitting or committing bad code).

Such exposition also sparks emulation between developers, pushing them forward and up. In some (most?) closed-source contexts the best ones (becoming fed up) leave and are often replaced with less good ones, and the cycle restarts.

Makes sense in theory but that’s not what I see in practice.