What's new

1 tanong lang sa mga IT. Graduate o Hindi. Pasok po.

PHC - NoName

Eternal Poster
Joined
Sep 27, 2021
Posts
439
Reaction
78
Points
269
What are the pros and cons of adopting open source code for use within an organization?

Sa dami po kase ng tanong eto po ang hindi ko magets ng sobra.

Ang pagkaka intindi kopo is itinatanong kung abo ba yung advantages and Disadvantages sapag adopt ng OPEN SOURCE CODE sa isang organization.

pero ano po ba ang ibig sabihin ng OPEN SOURCE CODE?

At kung may sagot din po kayo sa tanong ko. Pa comment nalang po. Malaking tulong po sakin yun. TIA
 
As a developer, chances are at some point you’ve looked at an open source project to solve a problem. But before going off and using the first one you come across, it’s important to consider both the pros and cons of using open source.

Open source projects are intended to be freely available to the developer community and are easy to modify. In fact, many open-source developers believe that by enabling modifications to their software, they receive constructive criticism.

Developers also frequently learn new techniques by trying to integrate open-source software into their own programs. Others can then take this new code and incorporate it into their projects if they find it useful.

No wonder, the adoption of third-party open-source software is getting popular. What's more is it allows companies to produce software faster than developing from scratch.

While You do not have permission to view the full content of this post. Log in or register now. have several advantages over proprietary software, they also bring in some challenges that you need to consider. Let's discuss the pros first.

Here are some of the fundamental advantages that open-source software offers:

Advantages of Open-Source Software​


1. Agility​

The development or customization of proprietary solutions depends on the availability and ability of the vendor's development team to solve the problem.

Since open-source solutions are developed by contributions from various community members, they typically offer multiple ways to solve a problem. Hence, you can get the job done faster using an open-sourcing project.

2. Cost​

As community members develop and maintain open-source solutions, they generally cost less than a proprietary solution.

3. Scalability​

You can start small by updating the community versions of the open-source project to meet your business requirements. But later, You do not have permission to view the full content of this post. Log in or register now., you can leverage commercially supported solutions too.

4. Community Engagement​

Open-source projects allow developers to create projects and get a platform to interact with other developers outside their organizations.

Disadvantages of Open-Source Software​

An open-source project approach can be a great way to collaborate with other talented engineers. But when you're building something critical to your business, you need more than a supporting cast of thousands of developers from across the globe. Here are some of the risks observed with open-source software:

1. Vulnerabilities Exposure​

The source code is available for everyone, cybercriminals can also You do not have permission to view the full content of this post. Log in or register now. in the code. For example, they can extract sensitive information or damage the systems leveraging the open-source software.Here are a few examples of the vulnerabilities found in some common open-source software recently:

  • Severe security flaws were found in the open-source identity and access management solution, Keycloak, which cybercriminals can exploit to gain access to sensitive information in systems leveraging the platform.
  • Certain You do not have permission to view the full content of this post. Log in or register now. vulnerabilities were found in Joomla, an open-source content management solution that cybercriminals can exploit.
  • Prior to You do not have permission to view the full content of this post. Log in or register now., authenticated users, regardless of their privileges (User or Admin), can trick Cachet and install the instance again, leading to arbitrary code execution on the server.
  • An issue was discovered in **Xen **through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOP_initialise hypercall.

2. Security​

Open-source project contributors are generally developers who are not security experts. They contribute to the product primarily to support the functionality and may not consider the security aspects. Hence, the open-source product may pose You do not have permission to view the full content of this post. Log in or register now. that cybercriminals can easily exploit.

3. Warranty​

Open-source software does not provide any warranty for its security and support as these products are developed and managed by volunteers.

The developer community members typically test the software for security issues and provide suggestions/recommendations on the public forums, but they are not liable for faulty guidance.

4. Security Audit Process​

Open-source project contributions are generally managed by a small team to reduce cost. They may not perform proper testing/QA or have a security auditing process at all due to a lack of expertise or workforce.

The testing team may not be familiar with the open-source change requests or test the code properly by considering crucial aspects.

5. Copyright​

Anonymous developers sometimes develop open-source software. Therefore, it is pretty likely that they may copy from third-party sources without understanding the copyright issues.

As a result, companies leveraging the particular open-source software can be held responsible for Copyright infringement.

For example, You do not have permission to view the full content of this post. Log in or register now. contended IBM stole part of the UnixWare source code and used it for their Project Monterey and sought billions of dollars in damages.

6. Operational Insufficiencies​

Open-source projects can be a lot of effort for an organization. It isn't always clear who will do the work to manage the change requests from the developer community or take care of scope, licensing, and versioning.

7. Poor Developer Practices​

If häçkers are invited to contribute to open-source projects, they can potentially change the code so that it contains malware. If the code is not carefully reviewed, it can become part of an open-source project.

The Bottom Line​

The open-source licenses are not like traditional software licenses (you don't pay for using them). Hence, you cannot expect it to be constructed with the best security practices and also pose potential risks. These risks may include vulnerabilities of the source code, proprietary issues, license violations, etc.

Experts recommend not to leverage the open-source project in the places where:

  • You are handling sensitive personal and operational data information, e.g., Identity Access Management(IAM) space.
  • You are developing proprietary software based on the open-source project
Enterprises should carefully analyze and assess their suitability while adopting open source and be cautious when implementing the project.
 
As a developer, chances are at some point you’ve looked at an open source project to solve a problem. But before going off and using the first one you come across, it’s important to consider both the pros and cons of using open source.

Open source projects are intended to be freely available to the developer community and are easy to modify. In fact, many open-source developers believe that by enabling modifications to their software, they receive constructive criticism.

Developers also frequently learn new techniques by trying to integrate open-source software into their own programs. Others can then take this new code and incorporate it into their projects if they find it useful.

No wonder, the adoption of third-party open-source software is getting popular. What's more is it allows companies to produce software faster than developing from scratch.

While You do not have permission to view the full content of this post. Log in or register now. have several advantages over proprietary software, they also bring in some challenges that you need to consider. Let's discuss the pros first.

Here are some of the fundamental advantages that open-source software offers:

Advantages of Open-Source Software​


1. Agility​

The development or customization of proprietary solutions depends on the availability and ability of the vendor's development team to solve the problem.

Since open-source solutions are developed by contributions from various community members, they typically offer multiple ways to solve a problem. Hence, you can get the job done faster using an open-sourcing project.

2. Cost​

As community members develop and maintain open-source solutions, they generally cost less than a proprietary solution.

3. Scalability​

You can start small by updating the community versions of the open-source project to meet your business requirements. But later, You do not have permission to view the full content of this post. Log in or register now., you can leverage commercially supported solutions too.

4. Community Engagement​

Open-source projects allow developers to create projects and get a platform to interact with other developers outside their organizations.

Disadvantages of Open-Source Software​

An open-source project approach can be a great way to collaborate with other talented engineers. But when you're building something critical to your business, you need more than a supporting cast of thousands of developers from across the globe. Here are some of the risks observed with open-source software:

1. Vulnerabilities Exposure​

The source code is available for everyone, cybercriminals can also You do not have permission to view the full content of this post. Log in or register now. in the code. For example, they can extract sensitive information or damage the systems leveraging the open-source software.Here are a few examples of the vulnerabilities found in some common open-source software recently:

  • Severe security flaws were found in the open-source identity and access management solution, Keycloak, which cybercriminals can exploit to gain access to sensitive information in systems leveraging the platform.
  • Certain You do not have permission to view the full content of this post. Log in or register now. vulnerabilities were found in Joomla, an open-source content management solution that cybercriminals can exploit.
  • Prior to You do not have permission to view the full content of this post. Log in or register now., authenticated users, regardless of their privileges (User or Admin), can trick Cachet and install the instance again, leading to arbitrary code execution on the server.
  • An issue was discovered in **Xen **through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOP_initialise hypercall.

2. Security​

Open-source project contributors are generally developers who are not security experts. They contribute to the product primarily to support the functionality and may not consider the security aspects. Hence, the open-source product may pose You do not have permission to view the full content of this post. Log in or register now. that cybercriminals can easily exploit.

3. Warranty​

Open-source software does not provide any warranty for its security and support as these products are developed and managed by volunteers.

The developer community members typically test the software for security issues and provide suggestions/recommendations on the public forums, but they are not liable for faulty guidance.

4. Security Audit Process​

Open-source project contributions are generally managed by a small team to reduce cost. They may not perform proper testing/QA or have a security auditing process at all due to a lack of expertise or workforce.

The testing team may not be familiar with the open-source change requests or test the code properly by considering crucial aspects.

5. Copyright​

Anonymous developers sometimes develop open-source software. Therefore, it is pretty likely that they may copy from third-party sources without understanding the copyright issues.

As a result, companies leveraging the particular open-source software can be held responsible for Copyright infringement.

For example, You do not have permission to view the full content of this post. Log in or register now. contended IBM stole part of the UnixWare source code and used it for their Project Monterey and sought billions of dollars in damages.

6. Operational Insufficiencies​

Open-source projects can be a lot of effort for an organization. It isn't always clear who will do the work to manage the change requests from the developer community or take care of scope, licensing, and versioning.

7. Poor Developer Practices​

If häçkers are invited to contribute to open-source projects, they can potentially change the code so that it contains malware. If the code is not carefully reviewed, it can become part of an open-source project.

The Bottom Line​

The open-source licenses are not like traditional software licenses (you don't pay for using them). Hence, you cannot expect it to be constructed with the best security practices and also pose potential risks. These risks may include vulnerabilities of the source code, proprietary issues, license violations, etc.

Experts recommend not to leverage the open-source project in the places where:

  • You are handling sensitive personal and operational data information, e.g., Identity Access Management(IAM) space.
  • You are developing proprietary software based on the open-source project
Enterprises should carefully analyze and assess their suitability while adopting open source and be cautious when implementing the project.
Thank you po!
 
Kapag open source yung mga free codes sa internet. Implementing siguro ang mahirap if di mo alam ang nakita mo at gamit lang ng gamit like the first comment din is security kasi nga open source, possibility na yung may ari may mga nilagay na code hidden inside the code.
 
Kapag open source yung mga free codes sa internet. Implementing siguro ang mahirap if di mo alam ang nakita mo at gamit lang ng gamit like the first comment din is security kasi nga open source, possibility na yung may ari may mga nilagay na code hidden inside the code.
Salamat po!. Pa explain naman po ng advantage(s) nya.
 
Salamat po!. Pa explain naman po ng advantage(s) nya.
mapapadali ka shempre sa paggawa ng app or website kasi available na yung mga need mo sa internet. Kunting tweeks nalang swak na sa pangangailangan mo at mapapabilis pa yung process ng work mo.
 
Back
Top