Open-source software (OSS) is the key to privacy and security. In this article, you will learn what makes it awesome and better than proprietary programs. This is the first article in our new open-source software series and we will start off by defining OSS. Later, we will get into advantages and adoption of free software in businesses and governments.
Almost every software or app we have recommended in this guide is open-source or at least source-available. There are different ways a developers can publish their software. Open-source means that the source code can be read, used, republished and changed. Source-available on the other hand, means that the source code can only be read, the developer does not allow you to transform it or use it for your own programming projects, but there are exceptions to the latter point. For example, some source-available game engines that allow customisation, but not redistribution.
These two licence categories offer great transparency and the developers would be subject to public scrutiny if they used any malicious code or data grabbing mechanisms in their software. For both open-source and source-available, there are many licences (e.g. GPLv2/3, BSD, Apache, MIT) that are more or less permissive.
Unlike the many tools and programs mentioned on this privacy website, most popular programs, even freeware, are proprietary. The developers do not let you view the original source code written in various programming languages. Some might choose to make small parts of their program open-source or use open-source code themselves to build their proprietary program. All those options do not even come close to fully open-source software.
You might ask yourself: Why do so many developers choose to keep their software closed-source and why even freeware developers choose to do so: It is often done by companies to protect their work. If your source code was public, everyone could turn the programming code into executable software for free. Nobody would pay for it anymore.
That does not mean that there is no way to make money with open-source software: Many large companies support OSS projects through donations, since they save human resources and development time by using OSS. OSS companies can also sell extensions, technical support, training, consulting and deployment. Red Hat, the developer of the Linux OS RHEL is a well-known example of this.
OSS developers could also offer automation and infrastructure as a service (IaaS), so that their customers save maintenance and hardware costs. Furthermore, OSS companies offer customising software, like operating systems, for their customers’ needs. Finally, there is the option to sell ads, like Mozilla does by using Google or Yahoo as the default search engine in their Firefox browser. There are also some niche ways to make money off of free products like selling merchandise. Wikimedia is a prime example of this, they sell shirts and mugs.
In general, closed-source software is fine and makes sure that developers receive the money they deserve for their hard work. That is, however, not acceptable for privacy software. In the scope of this guide, open-source solutions are key. We need a way of verifying that a program that promises to protect our privacy and security, does what it is supposed to do.
Also, backdoors that are knowingly left open to compromise the user’s system are impossible to hide when the source code is available. We are not talking about video games here, where it does not really matter if you know how they work exactly. In computer security, only open-source solutions are acceptable. This step is necessary, even when that means that they are sometimes a bit slower than proprietary programs or do not have a modern UI.
We are doing our best to find an open-source solution for every privacy and security technique we talk about. So far, the only fields where we had trouble finding a valuable solution were VPNs and antivirus software. When we recommend a proprietary program, we will do our research on the company and find out if they are trustworthy. We will also explicitly tell you when a program is not open-source.
Core development teams for open-source projects are often smaller than for proprietary software. These core developers are, however, supported by volunteers. The largest open-source projects can have tens of thousands of volunteers that help a small team working full-time with suggestions or writing code. LibreOffice, for example, has a community of thousands of programmers behind it. Everyone that finds a bug can report it and propose a solution. For that reason, free software is in many cases almost bug-free. A good example is the Linux kernel, which is far more stable than the macOS or Windows kernel. It has an estimated 0.17 bugs per million lines of code. For most proprietary programs, that number is close to 20 or 30!
A possible downside of free and open-source software is that there are less development resources used to improve the UI and make the programs user-friendly. A corresponding proprietary program could do better in that regard. This does of course not apply to all of them. Software like LibreOffice or Firefox is just as easy-to-use as Microsoft Office or Google Chrome. Some open-source programs simply cannot be made more user-friendly, since they are very complex: GIMP is quite challenging, but Adobe Photoshop, which it replaces, is also far from beginner-friendly, since it is professional software.
In this guide, we have done our best to find software that is both easy-to-use, as well as secure. As stated on our About page, IT security has to be easy to not scare away new users. Developers should also try to avoid overcomplicating the program’s interface. Otherwise, new users make mistakes that happen, because they do not understand the software.