Why the use of open-source tech is not an open-and-shut case

22 Feb 2023

Image: © Scanrail/Stock.adobe.com

In the latest episode of For Tech’s Sake, Dr Colin Keogh discusses the pros and cons of using open-source hardware and software.

Open-source technologies, which are released for free reuse, distribution and modification, have been around since the early days of computing. And much of the technology we use every day is built on the shoulders of the open-source community.

Still though, the open-source maintainers and architects of these code packages and libraries are often underappreciated.

“Anyone that works for passion,” said open source advocate Dr Colin Keogh, “their contributions can be undervalued.”

But that drive from the open-source community proved tremendously valuable during the Covid-19 pandemic. Keogh himself was an instigator of the Open Source Ventilator project, which sought to develop easy-to-assemble, low-cost ventilators using 3D printing.

And Waterford company NearForm’s Covid Green project helped deliver privacy-conscious Covid-19 contact-tracing software to regions around the world.

The need for rapid development in a time of crisis showcased the best of open source. But the concept is not always compatible with industry or critical projects because of its transparent, community-led nature.

Keogh hashed out the pros and cons of open source on the latest episode of For Tech’s Sake, a co-production from Silicon Republic and the HeadStuff Podcast Network.

Though he himself is a fierce proponent of open source, he understands these incompatibilities.

“Anything community-sourced has this sort of chaotic nature to it,” he said. “It can be quite a burden for other people to come along, if you’re coming from industry. And it’s one of the issues that I think has held back the interaction and collaboration between industry and open source.

“You have open source: the pirates, the fixers, the makers, the non-structured approaches. And then industry, which is very logical and hierarchical and business-focused. And then they have to try and find a middle ground that neither of them are super comfortable with.”

This “uncomfortable middle ground” is where Keogh sees the open-source movement going, and the community is working on the structures and frameworks to enable easier interaction with industry. However, he still concedes that some systems are not suitable to open source.

“If you’re running a software system or even a piece of hardware that has a critical function, you probably shouldn’t use open codebases for it if you think it will potentially have a risk down the line,” he said. “There are many cases where open source is not the answer.”

The underlying risk of open source has been clearly demonstrated of late in the form of ‘protestware’, where maintainers and architects self-sabotage their codebases, which can impact millions of applications. Creators can also choose to simply abandon a project because, at the end of the day, they are unpaid volunteers. And with their departure goes a lot of tacit knowledge.

“In an awful lot of the cases you don’t actually know who the contributors are,” Keogh explained. “It might be an alias, it might be an online persona. You don’t know who they are in the real world so if you need to go and track them down, you can’t. You’re chasing a ghost of a name.”

When this happens, though, the community comes through.

“[It’s] an unfortunate by-product of open source and it relatively easily gets patched and improved upon iteration after iteration, because there’s always willing contributors to build the next generation.”

Check out the full conversation with Keogh wherever you get your podcasts, and subscribe for more.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.