The advantages and risks of open source software


.
Authored by Matthew Webb.
3 min read
Man looking at a screen with data

Open source software has revolutionised the tech industry and levelled the playing field for small software developers. But you shouldn’t mistake open source for open season, where you can take what you like with impunity.

Source code is the text commands that tell a software program what to do. Whereas software from the likes of Microsoft contains secret source code that is developed and maintained by the company’s own programmers, in open source code software the lines of code are open for every programmer to view, use, modify and improve.

Using open source code software is great for small software developers, who don’t have their bigger rivals’ armies of programmers, as it offers them a very useful head start in building their own products. It enables them to fill out their software’s framework quickly so they can concentrate their efforts on developing their programs’ own unique functions

That’s important in the fast-moving tech sector, where time is money and where delays in developing your own product could mean a rival nips in ahead of you to bring a new piece of software to market.

But you need to be careful, as the use of open source code software is still governed by licences.

You must follow the rules of open source

If you use any piece of open source software then you must agree to abide by its terms of use. There are, at a conservative estimate, around 70 licences governing the use of open source code, so it’s very important that you study and understand their terms and conditions before deciding whether and which type of open source code to use in your own software.

If your software is found to contain open source code and you have ignored the terms governing their use then you may be prosecuted for copyright infringement.

Some of these licences can also affect the intellectual property contained in your own proprietary products. They stipulate that any software created from, or even containing, lines of their open source code must be made publicly available to all other developers.

So if you’re not careful, you may be forced to make freely available the software that you’ve slaved over. Although the licences may not actually preclude you from trying to sell that software also, if users know they can get it for free then they have much less incentive to buy it from you.

Such a mistake could hurt your business if you’re relying on this piece of software to make you enough money so you can develop other products.

Vulnerability problems

Another problem comes if the open source code you use is found to have a problem. One of the great strengths of the open source community is that its transparency means any flaws in a program can be quickly detected by other developers and fixed. But if a bug does go unnoticed then it can create a systemic problem.

That seems to have been the problem with the recent Heartbleed vulnerability. This weakness allowed hackers to steal information that should have been protected using the popular OpenSSL (open source Secure Socket Layers) cryptographic software library.

If a bug in your software allows hackers to exploit a vulnerability in your client’s computer systems then you’ll not only attract negative attention for your business, but also a potential breach of contract lawsuit.

There are clear benefits for start-up software developers in using open source code, in saving all-important time and money in getting your new program to market. But you need to be mindful of the potential pitfalls too.

Don’t be so hasty to use it as a shortcut to developing your program that you overlook the dangers open source code software can present to the intellectual property and security of any of your programs.

For more information on Hiscox’s cyber and data insurance product, click here.

Disclaimer:
At Hiscox, we want to help your small business thrive. Our blog has many articles you may find relevant and useful as your business grows. But these articles aren’t professional advice. So, to find out more on a subject we cover here, please seek professional assistance.

Matthew Webb

Matthew Webb is our Cyber Line Underwriter at Hiscox. Inspired by his father, who had built up his own independent insurance brokerage in their home town Tunbridge Wells, Matthew also took the leap into the world of insurance and has focused on products for commercial enterprises ever since. He is now a highly regarded UK resource on risks associated with cyber crime and data security.