What is Open Source Software?

We discuss open source software, the basics behind the Open Source Initiative
(OSI), and Free Software Licensing.

Open source refers to a program or software in which the Key Terms To

Understanding Open
source code (the form of the program when a programmer Source
writes a program in a particular programming language) is
available to the general public for use and/or modification open source
from its original design free of charge. Generically, open
source refers to a
program in which the
Open source code is typically created as a collaborative source code is
effort in which programmers improve upon the code and available to the
share the changes within the community. general public for
use and/or
modification from its
The rationale for this movement is that a larger group of original design free
programmers not concerned with proprietary ownership or of charge, i.e., open.
financial gain will produce a more useful and bug-free GPL
product for everyone to use. The concept relies on peer Short for General
review to find and eliminate bugs in the program code, a Public License, the
license that
process that commercially developed and packaged accompanies some
programs do not employ. open source
software
The basics behind the Open Source Initiative is that when GNU
programmers can read, redistribute and modify the source Self-referentially,
code for a piece of software, the software evolves. Open short for GNU's not
UNIX, a UNIX-
source sprouted in the technological community as a compatible software
response to proprietary software owned by corporations. system developed by
the Free Software
Foundation (FSF).
Proprietary software is privately owned and controlled. In
the computer industry, proprietary is considered the Linux
opposite of open. A proprietary design or technique is one Pronounced lee-
nucks or lih-nucks. A
that is owned by a company. It also implies that the freely-distributable
company has not divulged specifications that would allow open source
other companies to duplicate the product. operating system
that runs on a
number of hardware
The Open Source Initiative (OSI) platforms.

GNOME
Open Source is a certification standard issued by the Open Acronym for GNU
Source Initiative (OSI) that indicates that the source code Network Object
of a computer program is made available free of charge to Model Environment.
(Pronounced guh-
the general public. OSI dictates that in order to be nome.) GNOME is
considered "OSI Certified" a product must meet the part of the GNU
following criteria: project and part of
the free software, or
open source,
• The author or holder of the license of the source movement.
code cannot collect royalties on the distribution of
the program.
• The distributed program must make the source
code accessible to the user.
• The author must allow modifications and
 derivations of the work under the program's
original name.
• No person, group or field of endeavor can be
denied access to the program.
• The rights attached to the program must not
depend on the program's being part of a particular
software distribution.

• The licensed software cannot place restrictions on

other software that is distributed with it.

Open source software is normally distributed with the source code under an open
source license. The Open Source Initiative sets the following distribution terms that
open-source software must comply with;

The Open Source Definition, as provided by the Open Source Initiative is as

follows;

Introduction
Open source doesn't just mean access to the source code. The distribution terms of
open-source software must comply with the following criteria:

1. Free Redistribution
The license shall not restrict any party from selling or giving away the software as a
component of an aggregate software distribution containing programs from several
different sources. The license shall not require a royalty or other fee for such sale.

2. Source Code
The program must include source code, and must allow distribution in source code as
well as compiled form. Where some form of a product is not distributed with source
code, there must be a well-publicized means of obtaining the source code for no more
than a reasonable reproduction cost preferably, downloading via the Internet without
charge. The source code must be the preferred form in which a programmer would
modify the program. Deliberately obfuscated source code is not allowed. Intermediate
forms such as the output of a preprocessor or translator are not allowed.

3. Derived Works
The license must allow modifications and derived works, and must allow them to be
distributed under the same terms as the license of the original software.

4. Integrity of The Author's Source Code

The license may restrict source-code from being distributed in modified form only if the
license allows the distribution of "patch files" with the source code for the purpose of
modifying the program at build time. The license must explicitly permit distribution of
software built from modified source code. The license may require derived works to
carry a different name or version number from the original software.

5. No Discrimination Against Persons or Groups

The license must not discriminate against any person or group of persons.

6. No Discrimination Against Fields of Endeavor

The license must not restrict anyone from making use of the program in a specific field
of endeavor. For example, it may not restrict the program from being used in a
business, or from being used for genetic research.

7. Distribution of License
The rights attached to the program must apply to all to whom the program is
redistributed without the need for execution of an additional license by those parties.

8. License Must Not Be Specific to a Product

The rights attached to the program must not depend on the program's being part of a
particular software distribution. If the program is extracted from that distribution and
used or distributed within the terms of the program's license, all parties to whom the
program is redistributed should have the same rights as those that are granted in
conjunction with the original software distribution.

9. License Must Not Restrict Other Software

The license must not place restrictions on other software that is distributed along with
the licensed software. For example, the license must not insist that all other programs
distributed on the same medium must be open-source software.

10. License Must Be Technology-Neutral

No provision of the license may be predicated on any individual technology or style of
interface.

[Source: Open Source Initiative, "The Open Source Definition"]

Free Software Licensing

All open source software is not distributed under the same licensing agreement. Some
may use a free software license, a copyleft, or GPL compatible. The GNU GPL license
is a free software license and a copyleft license, while a "GNU Lesser General Public
License" is a free software license, but not a strong copyleft license. There are many
different types of licenses for free software . some GNU GPL compatible, some not.

The Open Source Initiative approves open source licenses after they have successfully
gone through the approval process and comply with the Open Source Definition
(above). There is currently well over fifty licenses that have been approved by the OSI.

For example, the GNU General Public License (GPL) is one license that accompanies
some open source software that details how the software and its accompany source
code can be freely copied, distributed and modified. The most widespread use of GPL is
in reference to the GNU GPL, which is commonly abbreviated simply as GPL when it is
understood that the term refers to the GNU GPL. One of the basic tenets of the GPL is
that anyone who acquires the material must make it available to anyone else under the
same licensing agreement. The GPL does not cover activities other than the copying,
distributing and modifying of the source code.
What are the advantages and disadvantages of public-key
cryptography over secret-key cryptography?

• Basics of Cryptography

The primary advantage of public-key cryptography is increased security: the private keys do not

ever need to be transmitted or revealed to anyone. In a secret-key system, by contrast, there is

always a chance that an enemy could discover the secret key while it is being transmitted.

Another major advantage of public-key systems is that they can provide a method for digital

signatures. Authentication via secret-key systems requires the sharing of some secret and

sometimes requires trust of a third party as well. A sender can then repudiate a previously signed

message by claiming that the shared secret was somehow compromised by one of the parties

sharing the secret. For example, the Kerberos secret-key authentication system involves a central

database that keeps copies of the secret keys of all users; a Kerberos-authenticated message would

most likely not be held legally binding, since an attack on the database would allow widespread

forgery. Public-key authentication, on the other hand, prevents this type of repudiation; each user

has sole responsibility for protecting his or her private key. This property of public-key

authentication is often called non-repudiation.

Furthermore, digitally signed messages can be proved authentic to a third party, such as a judge,

thus allowing such messages to be legally binding. Secret-key authentication systems such as

Kerberos were designed to authenticate access to network resources, rather than to authenticate

documents, a task which is better achieved via digital signatures.

A disadvantage of using public-key cryptography for encryption is speed: there are popular secret-

key encryption methods which are significantly faster than any currently available public-key

encryption method. But public-key cryptography can share the burden with secret-key cryptography

to get the best of both worlds.

For encryption, the best solution is to combine public- and secret-key systems in order to get both

the security advantages of public-key systems and the speed advantages of secret-key systems. The

public-key system can be used to encrypt a secret key which is then used to encrypt the bulk of a

file or message. Public-key cryptography is not meant to replace secret-key cryptography, but rather

to supplement it, to make it more secure. The first use of public-key techniques was for secure key

exchange in an otherwise secret-key system; this is still one of its primary functions.

Secret-key cryptography remains extremely important and is the subject of much ongoing study and

research.