Openwashing: Users and Adopters Beware 96
jenwike writes: With the success of open source software today, we are seeing organizations undertake more egregious marketing and promotion schemes that exaggerate their participation in, contributions to, and/or licensing of open source software. Their hope is to capitalize on the label of 'open source' and the success that goes along with it. The reality is that the responsibility is on the end-users to review the software and accompanying license to ensure it meets your expectations.
The End-Users most of the time don't really care (Score:5, Insightful)
From the End-User standpoint, really the only thing that they care about is that there is a "full featured" product that is free (as in beer) and they won't have to deal with marked-up license fees. Most of the time, if a company goes to a potential client and, for example, says they are going to use an Open Source CMS system, the client basically thinks "Great! My project will be cheaper because I won't have to pay additional license fees."
In all reality, I would venture that the VAST majority of open source projects in the wild that are being used VERY RARELY have that source code looked at by anyone other than the developers that are building the system or those looking to exploit it.
For most people who are more concerned with using a system than how it is built, "Open Source" just means they have to use Google for documentation instead of calling the vendor or reading a manual.
Re: The End-Users most of the time don't really ca (Score:1)
Openwashing? Is that actually a term now?
Re: (Score:1)
Openwashing? Is that actually a term now?
Not yet, but if it ever catches on, we can look forward to Richard Stallman trying to rebrand it as "freewashing". And please don't confuse "open" as in laundromat with "free" as Mom's laundry room.
(Note to moderators: it's just a joke.)
Re: (Score:1)
I believe you mean freebasing.
Re: (Score:1)
Washing? RMS? His cat washes his beard when he sprinkles catnip in it.
Re: (Score:1)
He has a cat? Now you've got me wondering if he eats his cat's toejam...
Re: (Score:2)
Once I have one, I will do my own fact checking as to the truth of any statements made about the product...
Re: (Score:1)
TANSTAAFL. In general, with MS software, you pay the license fees, but there is a far greater pool of MCSEs to choose from so admin costs are lower. In general, Linux has fewer licensing costs, but it takes more manpower to configure and secure a network of 1000 Linux servers than it does a forest of 1000 Windows boxes.
Take an admin task of blocking USB flash drives from desktops in receiving. With Windows, it is just creating an OU, creating a GPO, and pushing it out. With Linux, this is a lot more dif
Re: (Score:1)
So if you purchase a product from Windows specifically for group policy it's better than linux where you might have to purchase a product specifically for group policy, despite the fact that openLDAP exists. Totally makes sense. And server monitoring..yeah no one has heard of Nagios which can monitor Windows and Linux servers. Don't get me wrong it requires more skill to have a good network, regardless of OS, but just because linux server administration proves that some people are better at computering than
Re: (Score:3)
You're arguing when you don't understand the basic proposition. First off, he's not "purchasing a product from Windows specifically for group policy"---that is part of the OS. Second, his primary point seems to be total cost of ownership rather whether or not certain functionality is available.
He's saying those things are more expensive to implement on Linux---either you have to buy them or pay more in labor to get them. He's not wrong.
From your own examples, OpenLDAP takes considerably more time and effort
Re:The End-Users most of the time don't really car (Score:4, Informative)
With Linux, this is a lot more difficult and requires more third party add-ons.
Only allow root to mount disks. Your users shouldn't have access to sudo, su, or the root login, anyway. Pretty simple, really; locate the mount binary for your system (/bin/mount is a good bet; if your mount binary resides elsewhere, you'll have to modify the commands below to reflect that), then do the following:
/bin/mount /bin/mount
/etc/fstab and auto-mount them on boot.
chown root:root
chmod 0750
Done. Now, only root can even execute the mount binary, so only root can mount disks, and that will include flash drives.
It does get a little more complicated if you need to be able to mount network shares, but you should be able to add those to
Re: The End-Users most of the time don't really ca (Score:2)
Yeesh, anybody who can physically access the machine probably should be a sudoer on it, anybody who can get to the side door of a computer has ultimate root: he can plug in a different boor partition.
I mean, use chmod, but don't fool yourself into believing you don't also need to use glue and a padlock and a tamper seal.
Re: (Score:1)
Re: (Score:2)
Doing this on 2-3 workstations will take longer than creating and linking a GPO, nevermind a change that needs to go network-wide. Granted, the GPO may take an hour or two to propagate and you could finish quite a few machines by hand in that time, but the actual admin time required to implement it is much lower.
Windows wins for enterprise. Yes, Linux is technically better at the things its developers focus on---no question there. But kernel development hasn't provided the same level of enterprise managemen
Re:The End-Users most of the time don't really car (Score:4, Informative)
it takes more manpower to configure and secure a network of 1000 Linux servers than it does a forest of 1000 Windows boxes.
No, it doesn't. I've done both (~820 Windows, ~900 Linux), and the Windows takes more administrator time. But then, the Linux servers were all Red Hat, so the "fees" really weren't any cheaper, but the vendor support was a hell of a lot better.
Take an admin task of blocking USB flash drives from desktops in receiving. With Windows, it is just creating an OU, creating a GPO, and pushing it out. With Linux, this is a lot more difficult and requires more third party add-ons.
I think you're mixing things, here. At first you were comparing server OS's, but now it sounds like you're comparing deploying Windows desktops to deploying Linux servers. Yea, guess what? Managing a monolithic single-OS environment is easier than a mixed environment. If you're deploying Linux workstations you can do the same thing with the right tools. And don't get me started on all the issues you're going to encounter using GPOs in a complex environment. It works better these days, as long as your desktops are all "Enterprise" editions and you don't have any XP or 2003 servers sitting around (then it won't eve work at all).
Or something as basic as performance monitoring. Windows has utilities (SCOM) which make it trivial to watch server performance via WMI. Yes, you can do the same with Splunk, but that doesn't come cheap.
Wow talk about admin resources - have you ever set up a functional WMI infrastructure in a secure network. To say it's non-trivial is an understatement. It's easier if everything is the same version, from a well-tested image, but there are all kinds of snafus that mean your connections don't always work or some functionality goes wrong. SCOM, frankly, is a house of cards.
Actually, I'm impressed with some of the functionality available using PowerShell and remoting in Server 2012 R2, especially being able to roll out a lot of headless stuff. But the learning curve for that, and getting the tools in place for what you want to do, is a major undertaking. Maybe after a few years with it I'd be able to do the same things I do with bash scripts now, but it seems a lot more verbose to me.
Re: (Score:2)
Re: (Score:2)
With Windows, it is just creating an OU, creating a GPO, and pushing it out. With Linux, this is a lot more difficult and requires more third party add-ons.
yeah, thats easier than writing a udev rule, or chmoding /bin/mount 0700, right?
its actually fairly easy to block USB flash drives in linux, and there are lots of really good ways of doing this, probably easier than windows, and the USB subsystem generally doesn't suck. Linux also doesn't automaticly mount far less run anything on a flash drive by default, which makes it a far lower security risk in default setups.
as far "forrests of 1000 boxes", there are endless options from auto-run scripts with ssh
Re:The End-Users most of the time don't really car (Score:4, Interesting)
You're not wrong as a general rule, but there are plenty of organizations that do make use of the code to look at and having it be open helps even the people who just want the "free" aspect.
For instance, independent security labs can and will look at code. They then release information which aids me, as someone who may not look at the code, in making a decision on if it is safe to buy.
Open source is not about being free, it is mostly about the sharing of information with the goal of making it better and aiding everyone. Those who open source their software get the benefit of other people extending it, who then contribute back to the project in some manner. Those who use Open Source software can take advantage of the community and its work and oversight.
Being free is mostly a side effect of the fact that if you give up the source code, the software can be copied easily, and it can be made difficult to control trade secrets or algorithms, so there is little point in charging for the code itself. Opening the code removes the ability to adequately charge for the "intellectual property" but as a side effect, being "free" is a huge motivator for adoption as well, so it is usually win-win.
And although I agree that Open Source *can* mean reading a manual or Googling, that is *not* part of open source. Bear in mind, most people get support for Microsoft products in the same way... ie. Googling. You do have the option of buying certain support or developer resources from MS, but there are also service companies out there that operate services for Open Source software in the same way. Percona comes to mind for MySQL. If it is open sourced, you can have support and have it paid for. The question is whether anyone actually wants to pay for that when there is Google.
Really about not being at someone else's mercy (Score:2)
Open source is not about being free, it is mostly about the sharing of information with the goal of making it better and aiding everyone. Those who open source their software get the benefit of other people extending it, who then contribute back to the project in some manner. Those who use Open Source software can take advantage of the community and its work and oversight.
Its not that simple. Your definition matches various commercial closed source libraries where you have the option to buy a binary license or a source license.
Also you left out what is perhaps the greatest draw of open source or closed source licensing. Your project is not at the mercy of someone else. You have the convenience of using an existing library but if the vendor fails you have the source and can fix things yourself as a last resort. Not that having a community find/fix bugs isn't nice, its just
Re: (Score:2)
I did leave out forking as a benefit, and that was an oversight, so thanks for bringing that up. I certainly don't undervalue that, because you can customize or ensure continuity if the original developer disappears.
As for the selling of the code.... I think that leaving the code out there is a huge negative for being able to sell the code itself. You can still go the copyright route, of course, but its harder to detect and then prove, and for a smaller developer, probably a barrier to serious enforcement
Re: (Score:2)
Perhaps applying an open source license to your code does so but merely making source code available to users does not.
Yes because we have all seen how much copyright laws are respected!
They are well respected by companies that don't want to see their income go to lawyers and the owners of a library they pirated. Source code licenses have made money.
Re: (Score:2)
I absolutely agree with your statement here:
Open source is not about being free, it is mostly about the sharing of information with the goal of making it better and aiding everyone.
I think the phrase "open source" has gotten overly politicized over the years and for many people is approaching the level of an "-ism." I think the shift to calling it "community driven" software (or the like) better represents the meaning and intent of most projects. Things start to go awry when the that goal gets pushed to the
Re: (Score:2)
Community-driven is more of a development approach, and does not imply an ability of the community to take code, change it, repurpose it, and sell it. It doesn't imply that the project can be forked, since it can be done with a proprietary/non-OSI-open-source license. In esr's "Cathedral and the Bazaar", community-driven would be "Bazaar", and as he points out there are Free/OS-Open-Source projects that do take the cathedral approach.
The concepts aren't quite orthogonal, but they aren't anywhere near i
Re: (Score:3)
From the End-User standpoint, really the only thing that they care about is that there is a "full featured" product that is free (as in beer) and they won't have to deal with marked-up license fees.
Which isn't necessarily a given. To give a concrete example, at the 24th International Conference on Field Programmable Logic and Applications, there was an award given to Jason Anderson for his 'contributions to open source high-level synthesis', in particular the LegUp project [toronto.edu]. Now, given this award and the fact that the front page of the web site starts with the phrase 'LegUp is an open source high-level synthesis tool', you might be forgiven for thinking that LegUp is open source. If you go and read
Re: (Score:2)
That's why you look for some indication that the license is what OSI considers open source. They couldn't trademark or otherwise protect "open source", so anybody can claim it and put whatever restrictions they like on their software.
Re: (Score:2)
Truth is FOSS apps work better. Truth hurts the 5-year-old mentality of "DERP OPAN SOORES", who generally lost out and no one gives a fuck about them, any more than anyone in FOSS gives a fuck about some loudmouth with an anger fork.
Re: (Score:3, Insightful)
So, you'll excuse me if my first response is "not everyone gives a damn, and many people do not want to hear the screeching weasels which come along with this discussion".
No, I'll not excuse you. Stallman sounded like a loon, yes, but so many things he mentioned in the past have come true, especially regarding school books and DRM. The screeching is necessary because people are stupid and won't listen to calm tones of voice.
Re: (Score:2)
Re: (Score:2)
He also got patent abuse right (such as Tivo tried to do and MPEG patents), legislative abuse to protect poor quality source code (such as the DMCA and DVD encryption), and the abuse of "open source" licenses to create closed, propeietary "add-ons" which rely on but do not properly cooperate with the open source users and developers. (Yes, I'm referring to Citrix Xen and NVidia.)
"Open Source" , rather than free software, has been repeatedly abused.
Re: (Score:2)
Stallman's fairly emphatic that he doesn't do "open source". He does "Free Software". If you give his writings a chance, and ignore his idea that non-Free software is immoral, he makes a lot of sense.
Re: (Score:3)
Extremist views like RMS's are necessary, lest the moderate view appear extreme.
Re: (Score:2)
Pure idealism doesn't get people very far. Pragmatism is what you need, and bitch as we do, it's actually kinda where things are heading. Yes some things are heading in a bad direction, but for the most part, things are becoming more open and we're able to do a lot more without relying on proprietary bits.
I'll accept a system that's mostly open except for a few bits over a completely closed system. People like RMS are all or nothing, which is fine if you don't need to actually participate in business or soc
Re: (Score:2)
Actually, RMS is not all-or-nothing. There's Gnu software with additional permissions so you can use them without being restricted by the GPL. There's Gnu software with LGPL licensing. He knows what he wants, and he's willing to make some compromises to move towards it.
Re: Ideological purity ... (Score:2)
He's been rather prescient about a couple things, but the lesson of Cassandra is that merely being right doesn't count for shit.
What's important is that you know how to persuade people, and can get your opinion to carry the day with others. "You'll all be sorry," is a pretty inept sales pitch; you always have to be prepared to offer a better alternative, and not just better in the final analysis, better today.
Re: (Score:2, Interesting)
I find certain open source projects to be of high quality and very useful; I'm sad no equivalent things exist for many close sourced wares a business or person often needs to function. But I suck it up and go forward. In related news, at work Cisco told us a Windows FTP server is required to load wares into certain of their products, a Linux or BSD ftpd won't (and doesn't, we tried) work any more.
Ideological purity ... (Score:1)
I would say this post is flamebait. Stallman may sound a bit agressive at times but he is certainly not a prick and does not really come off as smug, either. The discussions you are referring to are more than just `ideological': users should care and if they do not it is not from overabundance of expertise. The point of the article is not that companies do not open their source: it is certainly their prerogative not to do so but that they are lying about doing so to capitalize on the popularity of such soft
Re: (Score:2)
years ago there used to be a lot of "free" software that wasn't really free.
It was "free" to download and then pay for a license.
or "free" to try but save disabled (sometimes after x number of clicks).
But we got wise to that one and started looking for open source and generally it was as good as it could be at the time. Sometimes you might find a bug, report it and work with the developers to fix it.
(oh and download from the projects website or a link provided by the project to avoid the dodgy repack with e
Re:Ideological purity ... (Score:4, Interesting)
Rabid ideological open source are the vegans of the technology world -- mostly they piss people off and cause a lot of eye rolling as they foam at the mouth.
Being a poor communicator helps nobody. Give those people a Dale Carnegie book - they're just hurting the "cause".
But the ideology does have value - from it the community ethos is generated which results in transparency, helpfulness, and quality, all highly valuable qualities for a mission-critical software package. Those points are worth explaining in a reasoned and effective manor - one does not need to drop the passion to engage in a polite conversation.
It would be nice if it weren't only rich kids who had a choice to attend a school which taught logic, reason, persuasion, and rhetoric.
Re: (Score:2)
Personally I found the entire article incredibly vague, it doesn't actually mention any particular case or practice or company or product as examples, without clicking through to even further references you'd still have no clue what they're actually talking about. That said, remember how MS Office suddenly became "standards compliant" with their very own ISO standard? If something becomes a sales bullet point or buzzword companies will try to tick that box with no intention of actual being open source, and
Re: (Score:2)
Last I looked, Mac OSX was based on Open Source in the sense that you could get the code for the operating system and use it freely. What isn't Open Source is, basically, the GUI shell and applications. There are benefits in that.
Re: (Score:2)
This is code by someone who routinely trolls Debian. I doubt we want
any more poisonous upstreams in Debian, so I at least would prefer this
never get packaged.
Trying to hide behind the "cause celebre du jour" is pretty scuzzy.
Re: (Score:2)
Re: (Score:2)
This is code by someone who routinely trolls Debian. I doubt we want
any more poisonous upstreams in Debian, so I at least would prefer this
never get packaged.
He's a troll. Trolls try to provoke emotional responses in their targets by claiming it's because of his "anti-feminist remarks" rather than offering up at least some proof is trolling.
Also, I did not call him scuzzy - I called hi
Re: (Score:2)
Re: (Score:2)
Also, how's your ReiserFS doing? Would you trust updates from Hans Reiser? He's been ordered to pay $60 million dollars in compensation for murdering his wife - what better way to raise funds than to hold peoples data hostage?
Malicious "open source" scams need to die (Score:1)
I love open source and software freedom, but there really have been too many scams as of late. Here are a few:
The "anonabox"- a re-badgered junk wifi device with software someone *else* wrote and was poorly implemented lacking sources and violating license agreements of utilized code (ie, the projects a scam, not the real developers whose code was utilized by the project).
"Librem" 15 from "Purism" - "“a laptop that respects your freedom" yet ships with chipsets including NVIDIA that are dependent on n
I am Ignorant (Score:1)
I will fess to being ignorant and ask for my (and others') sake: how does one "review the software and accompanying license to ensure it meets your expectations"? Can you ELI5?
Re: (Score:1)
If it says anything regarding commercial use or anything about retaining rights to your personal information, it's probably not cool. It's especially bad if it mentions your derived genetic offspring. Open Source and FOSS are different in that one is done to allow others to work on it and audit it openly, where as one is a political statement and philosophy regarding personal freedom and software freedom. Some projects include both.
Been through this before (Score:5, Insightful)
Back in the early 90s "open systems" were the big thing. Everybody jumped on the bandwagon. For example, DEC renamed VMS to "OpenVMS" when they added some posix compliance stuff (God help anybody who had to use posix on vms).
See here:
http://en.wikipedia.org/wiki/O... [wikipedia.org]
I went through many teeth-gnashing episodes at the university with people using "open systems" as their new favorite buzzword and of course treating vms as such. While I preferred vms to the mainframes of the day and it was far easier to deal with (had tcp/ip, for example) it wasn't really "open" in the way that I and many others saw as open.
See also here:
http://en.wikipedia.org/wiki/O... [wikipedia.org]
This was the silly crap we were dealing with before FLOSS became popular. Of course, we have our own silly crap to deal with now but I assure you it's less mind-numbing.
Re: (Score:2)
They would give you source listings for academic use or sell them for corporate use. But it was just that - listings. You didn't get compilable code.
Scumbags (Score:4, Informative)
I've seen a few "open source" projects where the open code is out of date and nothing like what is shipped in the current binaries. That's a pretty scummy way to abuse the label.
Open source != free software (Score:1)
It seems there's a lot of confusion over the term "open source". All it means is that the end-user gets to review the source code. It doesn't mean that the source code gets to be re-used in someone else's project under the GPL: the original developer(s) still hold the copyrights subject to whatever licenses apply.
What we seem to have hear is a bunch of bloggers speaking to a certain audience who wish to redefine "open source" to mean "everybody gets all rights for free". Their invention of the pejorative "o
Re: (Score:2)
The author of this Wikipedia article (http://en.wikipedia.org/wiki/Open_source) agrees with me:
"Generally, open source refers to a computer program in which the source code is available to the general public for use and/or modification from its original design."
That does not specify a license endorsed by the Free Software Foundation or anyone else. In fact, the licenses endorsed by the FSF restrict the future uses of software to those approved of by the license-holder. A truly free license would be a releas
Re: (Score:2)
FSF-approved Free Software licenses have no restriction on what you can do with the software. That would render a license non-free. Some of them have restrictions on what license you can use to redistribute, but that's not a restriction on use.
If you look at any technical field, you'll find that a lot of normal English words and phrases have been redefined, because people in the field need a short way to express a particular idea. Open Source and Free express similar specific ideas (although I agree w
Re: (Score:2)
Some of them have restrictions on what license you can use to redistribute, but that's not a restriction on use.
If I can't convert software released under a FSF-approved license into a commercial one, then I can't modify and use the software commercially. (I'd have to release the modified source under a non-commercial FSF license, which would ordinarily require that I distribute my software at no charge. I won't be able to charge for my modifications, as everyone will know they can get it for free.) That is a restriction on use.
I don't care who you are, you don't get to redefine a word/term like "horse" to mean a cow