The amazing Open-Source Community

PUBLISHED 28 AUGUST 2019

Author: InvisibleUser Team

Categories: Open-Source Software

The open-source community is amazing and makes software more secure. Millions of coders find backdoors and data collection mechanisms, so they do not make their way into the open-source programs we use every day. Never trust software if you cannot inspect the source code!

We will explain how the community keeps the integrity of open-source software in check and how you yourself can contribute to this. Later, we will talk about what motivates open-source programmers.

Open-Source Software is a Learning Resource

Programmers are always interested in learning new things. Open-source software allows them to read source code of a program and step by step understand how it works. This applies to beginners who are just starting out, as well as experienced developers. They might discover code that they did not even think was possible or appreciate how clever a certain problem was solved. It lets them see the program from the perspective of another programmer.


How the Open-Source Community finds Backdoors and Issues

Bug Hunting

During the journey described above, programmers will often find critical issues, bugs or exploits that the creator of the software did not notice. The original programmer did that by accident and not intentionally, so they are happy if people point such things out to them.

The Dangers of Closed-Source Software

Security issues and backdoors are impossible to hide when you have the source code available. Proprietary software can only be analysed by reverse engineering and observing what the program does. Therefore, proprietary software could be full of security bugs and intentional backdoors without anyone noticing, at least not immediately.

We have given the example of Skype stealing your Firefox passwords before. This should give you a rough idea of how dangerous it can be to use closed-source programs. The bug in Skype, or should we say eavesdropping by design, was only discovered after closely observing how the Skype app requested access to the directory of Firefox browser. That was the exact folder where hashed passwords are saved by Firefox. Microsoft of course does not tell you that on their website. What they are also trying to conceal are the numerous backdoors installed in Skype to allow easy access by law enforcement, wire-tapping and extracting chat protocols. We do not know how much more such malicious code is hidden in the closed-source code of software we use on a daily basis.

Open-Source is our best Defence against Surveillance

In open-source projects, we are free of such issues, most of the time. There are millions of programmers that analyse source code of open-source software in their free time and you can be sure that they would notice. If, for example, LibreOffice tried to steal your passwords or share personal data with companies, we would know that within hours by reading source code and the damage to the developer’s reputation would be enormous.

“Open-source software development literally forces software engineers to be absolutely honest and behave in an ethical manner.” — InvisibleUser

Open-source programmers are subject to public scrutiny, so if they applied any of the data collection, data interception, backdoors or ways for law enforcement to get in (like in Skype), the backlash from the community would be immense.

Instead of only reading the source code, advanced users can compile open-source software themselves. That means turning code into a program that runs on PC or mobile. You are thereby creating an executable. The version you build yourself can then be compared to the one the developer offers for download on their website. Even small details that do not match between the two versions would be obvious immediately.

Performing this task might seem difficult and unrealistic to you, but there are many coders out there that do such things on a daily basis. When thousands of professionals and hobbyist programmers compare the compiled code to the distributed version every day, we would know instantly if an open-source project secretly implemented a nasty backdoor. The developers would then feel the wrath of the free software community and go bankrupt within weeks.


Guide: How to build Firefox from the Source

We do not only want to talk about building software yourself. Instead, we encourage you to try it, at least once. There is so much to learn about code, compilers and software. Additionally, the world needs people that can perform the “backdoor check” described above. Only then, we can preserve the integrity of open-source software. Below, you will find a few official and unofficial resources that help you build the Firefox browser:

  • System requirements:
    • 4GB of RAM, more is better
    • Intel Core i5 or equal
    • 40-50GB of free space
    • 64-bit version of Windows, macOS or Linux as the OS. We did it on Linux and think that this is probably the easiest OS for building Firefox.
    • Python 2.7
    • A fast internet connection makes things easier.
    • Optional: An Android or iOS SDK helps you build Firefox for mobile.
  • Firefox Build Instructions with bootstrap.py and the MozillaBuild Package
  • Get source code
  • Short video explanation
  • Video with the whole process, no explanation
  • Building Firefox on Arch Linux

Learning how to build Firefox is the first step in becoming a Firefox dev. The Linux OS is especially great for this purpose, since it makes compiling easier. You should really learn the steps of building software that is not available for your Linux distro, but open-source. With these skills, you can create it directly from the code and do not have to wait for someone to package it. This increases the amount of available software for Linux.

A good video on building Linux software in general (not only Firefox) can be found here. There is a great guide from HowToGeek. The Ubuntu community documentation offers this article.


Why do people give away their Work for free?

In this section, we are going to explore why programmers give away their code. We will take a look at why they publish their hard work for free, instead of protecting it and what motivates coders to contribute to open-source projects.

  • Altruism: Altruism exists and many programmers feel as though they can make the world better with their software.
  • Open-source ideology: This is similar to the first reason. Some coders believe that all software has to be open-source. Open-source software gives everyone access, improves trust and helps collaboration. Richard Stallman is a well-known advocate for this ideology.
  • Learning new skills: open-source helps programmers understand technology through reading other people’s code.
  • Peer recognition: Making a name for yourself and a good reputation in the open-source world is another reason.
  • Career opportunities: Being known because of your open-source work leads to job offers.
  • Peer support: You can find people that offer support for your project, which leads to less bugs and “cleaner” code.
  • Money: Yes, you heard that right! You can make money with free programs. The very nature of open-source software is that it is free of cost and developers finance their work through customer support or donations. However, not all open-source software is gratis, because free software can either mean “free” as in “freedom” or “free of charge”, but most of the programs do not cost anything. Some projects offer software for free and finance the development through paid technical support, training and paid-for special editions for professional use. If you absolutely do not want to spend money on such projects, you could also build them yourself from the source code, instead of paying the price.
Previous

Open-Source Software Trust and Transparency

Next

Popularity of Open-Source Software