ďHow can developers produce software which competes successfully with that from the largest software manufacturers in the world, for free?Ē
Open source refers to a program in which the source code is available to the general public for use and/or modification from its original design free of charge. Open source code is typically created as a collaborative effort in which programmers improve upon the code and share the changes within the community.
Some popular open source projects are: WordPress, Joomla, Drupal, OpenCart, OSCommerce, etc
Open source software has had a major impact on industry worldwide and has over the past 10 years, grown into a key component of the web industry.
Obviously this open source movement has affected the way we, and other web application development companies, do business. Prudence and the advent Web 2.0 (social media and networking sites) has also in several ways made the proverbial pie much smaller for all us:
When selecting an open source solution for any project, there are a number of factors that play into that decision. These factors include: accountability, security, usability, functionality, flexibility, support and cost. Does open source match up to these expectations?
Online Innovations have introduced open source platforms into out business model and it has become very clear that there are many critical chinks in the open source armor. It is by no means a perfect solution Ė and hereís why.
The majority of the open source products are owned by a development community with no accountability or vested interest in the success of your project.
Support is completely reliant on the availability of a developer community that is not vested in the success of your project. There are no defined SLAs or guarantees of response or resolution to your issues.
Open source projects tend to be very vulnerable to security flaws. Anyone within an open source project community can publish code where there are no assurances that these components are fully tested or adhere to development standards that will comply with future upgrades.
Security flaws are usually fixed only after someone with integrity identifies them on a running site with the community benefitting only if shared. Many vulnerabilities are fixed only after several months and some are never fixed, especially if they are related to some custom plug-in or add-on.
Developers frequently modify the code of the core systems to counter vulnerabilities and bugs. What needs to be questioned at all times is whether or not the system will fail due to the incompatibility of its plug-ins and add-ons when the system is upgraded.
Secunia database (source: http://www.secunia.com on Feb25, 2010):
Drupal: 304 vulnerabilities
Joomla: 212 vulnerabilities
Wordpress: 155 vulnerabilities
Of the identified security vulnerabilities reported:
NO AVAILABLE SECURITY PATCHS were available by year's end for:
80 percent for Joomla plug-ins
57 percent for WordPress plug-ins
13 percent for Drupal plug-ins
18 percent of Drupal core system vulnerabilities HAD NO KNOWN PATCH
13 percent of WordPress core system vulnerabilities HAD NO KNOWN PATCH
8 percent of Joomla core system vulnerabilities HAD NO KNOWN PATCH
Yes, these numbers have been disputed and are somewhat outdated, but it highlights a reality that if even half true is a major concern.
Many of the common features require third party add-ons Ė the good ones usually cost additional. The add-ons often have an inconsistent user interface, require complex installation and may not be compatible with future upgrades of the core system - leaving you with an outdated-, broken system or in extreme cases needing to rebuild the site completely.
Out of the box they are not SEO friendly and it is unlikely that an open source system will cater for a companyís needs - especially if they are concerned about their brand identity.
Most open source projects are focused on small deployments.
Documentation is often missing, incomplete or outdated. When available, documentation is typically geared towards a developer audience, leaving web masters in the dark on how to use the system after deployment.
Developers are solely reliant on community forums and publicly available sources to get the information and address issues, significantly slowing down development.
Open source is most often freelancers and smaller companies that are primarily focused on a low cost and necessarily the best solution. Additionally, many donít have appropriate resources or experience to deliver professional solution due to lack of documentation and training.
Performance testing is often not conducted at all. Many opens sources systems and sites are very high on system resources. Visitors may experience slow load times especially if the hosting infrastructure is over subscribed.
There is a misconception that because itís open source itís free.
Understandably the core components are, but the deployment scenarios are often limited and any special configurations of the system often require complex and time-intensive tasks by a developer which increases the total costs of the solution.
Some plug-ins, usually the good ones (funny that), come with a price tag even if they donít it may also take a developer a considerable time researching the components integrity and influence over the core system - time that needs to be paid for.
Open source has tremendous cost saving benefits. This is what makes it so attractive, however clients need to understand that to take advantage of these benefits they are will be forced to operate within tight constraints.
So if you are a college student, hobbyist, or a group where time is worth a lot less than licensing cost and the core system of your project does not have to be tinkered with too much - then open source is an ideal solution for you. However, I question whether open source is really what it is made out to be and, more often than not, cost clients more than a commercial solution in the long term.