Open source code (FOSS) is hugely popular thanks to its convenience, flexibility and collaborative approach that enables common benefit. With open source, everyone has the possibility of using, modifying or distributing the code at will. There are no limits for what can be done and any user can work with the code, identify and expose its errors in order to make improvements. This creates a sense of community in which every member can contribute to the development of the source code and innovate over it. Even though open source offers many advantages, one of its downsides is that there is not a wide range of resources available for the community involved in developing the code. While there are skilled software engineers that collaborate in these projects, most of them only participate in a casual basis and cannot work full time on them.
In many instances, the lack of a structure and professional support that can address issues promptly has been detrimental to open source projects. This was the case for OpenSSL, which was affected by the devastating Heartbleed bug. According to the programmer that accidentally introduced the bug, the main issue was that there was a delay to detect a programming error. This could have been prevented if there was professionals dedicated to inspect open source projects to find these errors. While some people saw the Heartbleed Bug as a confirmation of the shortcomings of open source and actively pointed out the fact that it took so long to be discovered, others defended the open source method and insisted that thanks to its accessible and collaborative nature, it was possible to identify and report the bug.
Proprietary code, the alternative to open source counts with a vast number of resources destined to test the code. Due to its commercial purpose, the companies that create it, invest to ensure that issues are targeted during its development. On the other hand, companies may also make every effort to hide any errors discovered at a later stage, to avoid financial losses if the public finds out. Additionally, it has been confirmed that some well-established companies have allowed the NSA to infiltrate their software. More information can be found on our online privacy guide page.
Furthermore, a survey from development testing services company Coverty found that open source projects work effectively and contain less errors than proprietary code. A study from Coverity found that out of 750 million lines of code scanned last year, a higher amount of errors were identified in proprietary code. This shows that open source code is effective as a development method, in spite of the limited resources. Besides, it is not focused in profit, allowing freedom of creativity and cooperation, not to mention that it is less likely to be compromised intentionally by corporations or governmental organizations