Like Tree1Likes

Open source operating systems

This is a discussion on Open source operating systems within the General Discussions forums, part of the Community Boards category; I've always been a fan of open source and seen the benefits behind it except really in the case of ...

  1. #1
    The Registered User Aparavoid's Avatar
    Join Date
    May 2009
    Posts
    74

    Open source operating systems

    I've always been a fan of open source and seen the benefits behind it except really in the case of operating systems. Since most open source operating systems are distributed in binary form, does that mean they're on the same level as a proprietary OS? Couldn't Canonical spy on their users just as easily as Microsoft?

  2. #2
    Banned
    Join Date
    Aug 2010
    Location
    Ontario Canada
    Posts
    9,547
    Yes they could... and don't be surprised if they do.

    Open Source brings finality to the old adage: "Too many cooks spoil the broth".

  3. #3
    Registered User whiteflags's Avatar
    Join Date
    Apr 2006
    Location
    United States
    Posts
    7,627
    What sort of spying are you implying?

  4. #4
    Unregistered User Yarin's Avatar
    Join Date
    Jul 2007
    Posts
    1,597
    Quote Originally Posted by Aparavoid View Post
    Couldn't Canonical spy on their users just as easily as Microsoft?
    Not necessarily (Canonical, which I'm not familiar with, aside). I'm mostly thinking of those who compile their kernels themselves. In order to for the referenced "special code" to be included, it would have to be present in the sources (and if anyone ever found some "special code" in an open project's tree, that would spell disaster for it/them). Or, it would have to included in the compilation binaries (like gcc, for example), such that it would "inject" code in certain "special" places. But then, compiling your kernel on a different platform would fix that real easily.
    I would say that, for FOSS OSes in general, it's _highly_ unlikely.
    Quote Originally Posted by CommonTater View Post
    Open Source brings finality to the old adage: "Too many cooks spoil the broth".
    This is definitely true. However, proprietary projects are developed by teams, too, so there's no reason that problem couldn't occur there either. Not to mention, just as a well managed proprietary development wouldn't suffer from that as badly, neither would a well managed FOSS development (namely, some of the BSDs or Solaris).

  5. #5
    The Registered User Aparavoid's Avatar
    Join Date
    May 2009
    Posts
    74
    Quote Originally Posted by whiteflags View Post
    What sort of spying are you implying?
    Not really implying that its done, just that it could be done.

  6. #6
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Portugal
    Posts
    7,412
    It could theoretically be done with any sort of open-source software of a reasonable complexity. When was the last time you inspected every line of code in VirtualBox, or Apache?

    Meanwhile, closed source software doesn't offer any more guarantees that suspicious actions will go unnoticed. Firewalls will catch unexpected connections, suspicious intra/inter process activities are easily caught, etc. Basically, modern computers open architecture guarantees no software -- closed source or open source -- can do it for long.

    Open source peer review offers a theoretical extra layer of security. But it matters very little when any suspicious activity is much more easy to find by simply observing program behavior.
    Last edited by Mario F.; 08-12-2011 at 03:45 PM.
    The programmer’s wife tells him: “Run to the store and pick up a loaf of bread. If they have eggs, get a dozen.”
    The programmer comes home with 12 loaves of bread.


    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

  7. #7
    Unregistered User Yarin's Avatar
    Join Date
    Jul 2007
    Posts
    1,597
    Quote Originally Posted by Mario F. View Post
    Basically, modern computers open architecture guarantees no software -- closed source or open source -- can do it for long.
    Well said :-)

  8. #8
    Registered User
    Join Date
    Jun 2005
    Posts
    6,196
    Quote Originally Posted by Mario F. View Post
    Meanwhile, closed source software doesn't offer any more guarantees that suspicious actions will go unnoticed.
    Technically, yes. Legally, no. If the software is found to perform "suspicious actions", it is easier to prosecute the vendor of closed source software than it is to prosecute an open source community.

    Lawyers don't like to work any harder than they have to for their fees.
    Right 98% of the time, and don't care about the other 3%.

  9. #9
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Portugal
    Posts
    7,412
    I'm not entirely sure, but aren't the license holders the ones that will answer to any prosecution? I mean, at least for that open source software that is under some kind of copyright. Which is a great chunk of it (including even creative commons).

    I suppose its up to the copyright holders to bring to court the actual perpetrators. But not before having lost their case. Being open source what it is, what I think happens is that they will be the ones having to face the possibility that maybe hundreds of people have made changes to the illicit code. Not the person filling for compensation.
    Last edited by Mario F.; 08-12-2011 at 08:23 PM.
    The programmer’s wife tells him: “Run to the store and pick up a loaf of bread. If they have eggs, get a dozen.”
    The programmer comes home with 12 loaves of bread.


    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

  10. #10
    Registered User manasij7479's Avatar
    Join Date
    Feb 2011
    Location
    Kolkata@India
    Posts
    2,498
    Quote Originally Posted by Mario F. View Post
    I'm not entirely sure, but aren't the license holders the ones that will answer to any prosecution?
    I don't think so, the Warranty and Liability portion of the GPLv3(for example) .. clearly states that they aren't responsible for anything..(but so does the eula of any proprietary application... )
    And I heard (did not verify) that the BSD license states something like "Do whatever you like with this, just don't sue us"
    Manasij Mukherjee | gcc-4.8.2 @Arch Linux
    Slow and Steady wins the race... if and only if :
    1.None of the other participants are fast and steady.
    2.The fast and unsteady suddenly falls asleep while running !



  11. #11
    spurious conceit MK27's Avatar
    Join Date
    Jul 2008
    Location
    segmentation fault
    Posts
    8,300
    Quote Originally Posted by Aparavoid View Post
    Not really implying that its done, just that it could be done.
    Of course it could be, but the reason it has not happened and will never happen is because the people with such a clever idea would be caught and outed by the community within days. Then everyone would drop their product like a hot potato and switch to something else, and no one would ever take the culprits seriously again or want to work with them on anything.

    I'm saying that based on my experience in the linux community (which includes Canonical, whether Canonical likes it or not), but I would assume it would apply equally well to most other open source OS's.

    As Yarin points out, you cannot hide anything in code that is publically available. You seem to be implying that because binary packages are often distributed, someone could alter a source, then distribute a binary and claim it was compiled from a different source, which does not contain the adulteration. Binaries can be easily compared and if someone tried to do this, they would again be caught very quickly and unequivocally. Plus, unlike closed source outfits, who when caught eg. leaving mechanisms for applications to secretly transmit your geolocation, etc, can say, "Well, we didn't do that intentionally and we weren't trying to hide anything", someone who distributes a binary claiming it is compiled from a specific available open source when it was really compiled from some other source, is going to have a really really hard time claiming it was not intentional and to hide something, and so getting out of criminal fraud charges.

    So in short, there is nearly zero risk of this happening in the open source community, and if it did it would not get far.

    Quote Originally Posted by CommonTater View Post
    Open Source brings finality to the old adage: "Too many cooks spoil the broth".
    That's not at all an objective property of the OSS concept, which is simply that the source be kept publically available. It is not some form of direct democracy for all users and the world at large, where anybody who wants to then gets to do whatever they want with the code and have that included in the original distribution despite the concerns of the real developers. You can do whatever you want with the code and distribute that if you want, but you will be doing it on your own as a distinct and separate project. And if your spin-off/rip-off project is also open source (which it probably has to be due to the nature of most OSS licenses), your project will then be subject to scrutiny by everyone else. If you think that "the community" is not real and does not have extensive and effective networks of communication, guess again. Have fun -- good luck!

    FOSS development teams can be just as selective as closed source teams with their personnel. Why wouldn't they be? In fact, I'm sure they can often be more selective, because there is no management team going to step in say, "We are making some rearrangements here, sorry, we own the copyright, not you." Go try and get your linux kernel patch into the tree and discover just how eager they are to have people playing willy-nilly about the kitchen. Unless you deserve to be taken seriously, they will tell you to take off. So I'm kind of curious where you would have come up with this particular piece of malarky...problems caused by incompetence and constant personnel changes are far more likely in corporate closed source outfits than anywhere else.
    Last edited by MK27; 08-13-2011 at 06:57 AM.
    manasij7479 likes this.
    C programming resources:
    GNU C Function and Macro Index -- glibc reference manual
    The C Book -- nice online learner guide
    Current ISO draft standard
    CCAN -- new CPAN like open source library repository
    3 (different) GNU debugger tutorials: #1 -- #2 -- #3
    cpwiki -- our wiki on sourceforge

  12. #12
    Registered User
    Join Date
    Jun 2005
    Posts
    6,196
    Quote Originally Posted by manasij7479 View Post
    I don't think so, the Warranty and Liability portion of the GPLv3(for example) .. clearly states that they aren't responsible for anything..(but so does the eula of any proprietary application... )
    While it is true that the default license terms for proprietary applications contain such terms, the company is usually willing to negotiate terms in order to get a sale. That allows for them to be slipped back on the hook, liability wise, even if only partially. It is much harder to do that with open-source products, unless you find a company that specialises in supporting a particular product that you want. Hence, from a risk and liability perspective, commercial products superficially look better than open source or freeware products.

    This is one reason why government departments and companies large enough to engage legal support often prefer proprietary products over open-source products.
    Right 98% of the time, and don't care about the other 3%.

  13. #13
    Registered User manasij7479's Avatar
    Join Date
    Feb 2011
    Location
    Kolkata@India
    Posts
    2,498
    Quote Originally Posted by grumpy
    This is one reason why government departments and companies large enough to engage legal support often prefer proprietary products over open-source products.
    What a mentality! ...Simply to have someone to blame if things go wrong, they are (sometimes ..not always) willing to spend on inferior (again..not always) products !
    Why not hire competent personnel instead ?
    Last edited by manasij7479; 08-13-2011 at 07:52 AM.
    Manasij Mukherjee | gcc-4.8.2 @Arch Linux
    Slow and Steady wins the race... if and only if :
    1.None of the other participants are fast and steady.
    2.The fast and unsteady suddenly falls asleep while running !



  14. #14
    spurious conceit MK27's Avatar
    Join Date
    Jul 2008
    Location
    segmentation fault
    Posts
    8,300
    Quote Originally Posted by manasij7479 View Post
    What a mentality! ...Simple to have someone to blame if things go wrong, they are (sometimes ..not always) willing to spend on inferior (again..not always) products !
    Why not hire competent personnel instead ?
    Litigation (laying blame, rightly or wrongly) in the US is an effective, if absurdly expensive, way, of trying to ensure a minimum level of competence. And "public accountability" in the media is a good way of keeping technically ignorant politicians and managers paranoid. This adds up to a pretty conservative business climate, which a lot of people might consider a good thing.

    It also creates jobs, because the staff who's competence is most important are not you or your employees/contractors, it's your lawyers. Notice there are way more lawyers in the world than programmers. There are almost as many lawyers as there are mid level managers. Shrewd governments and companies who can afford "legal representation" will engage smaller contractors who's legal team is not as beefy, meaning they stand less chance in court and better be paranoid themselves.

    As to whether that encourages a higher quality product, no, of course it doesn't. But it helps to ensure that the product will have a certain minimum quality, which if you are paranoid (rightly or wrongly), that will be your best choice because it is the most you can be sure of.
    Last edited by MK27; 08-13-2011 at 08:24 AM.
    C programming resources:
    GNU C Function and Macro Index -- glibc reference manual
    The C Book -- nice online learner guide
    Current ISO draft standard
    CCAN -- new CPAN like open source library repository
    3 (different) GNU debugger tutorials: #1 -- #2 -- #3
    cpwiki -- our wiki on sourceforge

  15. #15
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Portugal
    Posts
    7,412
    And what's the alternative?
    The programmer’s wife tells him: “Run to the store and pick up a loaf of bread. If they have eggs, get a dozen.”
    The programmer comes home with 12 loaves of bread.


    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

Page 1 of 2 12 LastLast
Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Let's compare those operating systems (again)
    By Salem in forum General Discussions
    Replies: 30
    Last Post: 06-03-2011, 01:37 AM
  2. Operating Systems and Security Against Viruses
    By cyberfish in forum A Brief History of Cprogramming.com
    Replies: 30
    Last Post: 02-26-2008, 04:37 AM
  3. Questions on ASM with C++ and Operating Systems and such
    By Blizzarddog in forum Linux Programming
    Replies: 5
    Last Post: 07-25-2004, 12:44 PM
  4. Operating systems written entirely in C/C++???
    By stovellp in forum C++ Programming
    Replies: 14
    Last Post: 01-26-2003, 01:23 AM
  5. Operating systems
    By some kid in forum C++ Programming
    Replies: 1
    Last Post: 06-22-2002, 04:31 AM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21