Forbes and badly formed arguments

(Mark Edworthy) #1

Somebody has just shown me the following article and wanted me to produce a reply against the argument that is being portried.

I promised them that I will produce a reply before the end of the day but also wanted a second perspective.

So, I am inviting regular users of the NS forum to provide me with their view points about this article.


(Saito Benkei) #2

For what I understand, the journalist is a bit biased…

As far as Open Source is concerned, he highlights only the critical points, but omitting:

  • Whoever uses it in large companies probably knows where to get their hands on it
  • Paid assistance plans exist
  • Those who use consolidated products usually have corrective security patches in (almost) zero time

(Marc) #3

No to criticise the entire article, there are valid points but it leads to invalid conclusions.
TL;DR: same arguments can be said of closed source projects.

open source software adoption continues to grow inside IT organizations because of its price tag: it’s free.

  • Not all OSS is free (gratis). Even if it was, it wouldn’t be used if the software did not solve organizations/users needs.
  • Yes, it can reduce costs, but could also have associated training costs for people used to other solutions, but we must not forget about long term costs.
  • Other known benefits of FOSS (code review, no lock in, &c.)

The cost you pay for OSS is the possibility of failure and a lack of support to help you fix problems.

  • Both, closed source and OSS, have the possibility of failure.
  • Lack of support would depend on each product (being OSS or not).
  • Having good support, shitty support or no support at all is not directly related to OSS neither closed source software.

I don’t see the point in Coinbase example. I had no knowledge of the outages, but linked comments are not taken into consideration in the article. As described in the article the problem seemed to be more of a planning issue (same happens with non OSS).

In the case of paid software, vulnerabilities can still be discovered and patched by the vendor’s team of engineers and quality assurance.

  • Again when the article says paid software it refers to closed source paid software.
  • If the vendor has those teams and can (or is willing to) afford its costs. The vendor can also put backdoors or hidden features for some purpose (IIRC recently the case of flight sim), or have internally known but undisclosed security holes… or use bad coded workarounds done in a hurry that no one will notice when (not)reading the code.

When a problem arises, whether it be security-related or performance-related, commercial vendors provide support for companies using their software.

  • Or performance related issues could be introduced by the vendor to force its clients to spend more money.

(Mark Edworthy) #4

@saitobenkei & @dnutan
Thanks for your comments, you both may be interested in reading my reply which I have posted here on the NS forum.

(Stéphane de Labrusse) #5

Are we the 1 april ?

(Mark Edworthy) #6

No, just a CEO of a company that supports “an application runtime that is the fastest growing open source project on Earth” that has also got an axe to grind :wink:

(Rob Bosch) #7

You call that ‘a bit biased’? LOL…
He mentions the Coinbase outage as example why using opensource is a risk: there is no company to call in when the shit hits the fan.
Let’s assume Coinbase would have been running on Windows servers. What would be the outcome? I don’t believe he can state with dry eyes that the outage and the ooutcome of the outage would have been any different.
Security and assurance comes with a price. It doesn’t matter what base you use: proprietary software or OSS. As soon you need support, the hours and the assurance will cost you. (and there is nothing wrong with paying for support)

(Stéphane de Labrusse) #8

One time more…never let IT to IT people…they never understood what they do…