Where can I find Open Source software?

There are a number of places on the Internet to find what you're looking for. Try the following, but always verify the licenses of the software you're looking at to verify it for OSI certification:

How do I make money on software if I can't sell my code?

You can sell your code. Red Hat does it all the time. What you can't do is stop someone else from selling your code as well. That just says that you need to add extra value to your code, by offering service, or printed documentation, or a convenient medium, or a certification mark testifying to its quality.

How many people are using open-source software?

It's hard to know. Because a lot of it is spread via free downloads off the Internet, nobody has anything like total sales figures. Also, many users in corporate settings hide their usage for political reasons.

Linux is believed to have somewhere between 4 and 27 million users, with best estimates towards the upper end of that range. (According to IDG, business Linux usage increased 212% in 1998. Other figures indicate it is roughly doubling yearly.)

The Netcraft web server survey tallies which web servers are used on the Internet. It consistently shows the open-source Apache web server to have over 50% and steadily increasing market share, beating out better-hyped proprietary products like Netscape's and Microsoft's server suites.

The Internet Operating System Counter collects data about operating system usage on the Internet in Europe. It consistently shows Linux is the most popular Internet-connected operating system there.

Indirectly, everybody who sends email or uses the Web is using open-source software all the time. The running gears of the Internet (its mail transports, web servers, and FTP servers) are almost all open source.

Isn't it hard to get reliable support for open-source software?

Absolutely not! InfoWorld's 1997 "Best Product of the Year" roundup should have demolished this myth once and for all. Read the article to see their analysis, including this quote:

... readers who are using Linux in a business environment said they found the support they received to be far more impressive than what they were used to with commercial software.

Linux is not an exception. In fact, business users will generally find that mature open-source products are far more reliable to begin with, and that when support is needed it is dramatically cheaper and easier to get than from closed vendors.

But there aren't any real applications for open-source operating systems, are there?

Do the Oracle, Informix, and InterBase databases count? How about Word Perfect and the Corel office suite? Have you checked out the StarOffice and OpenOffice.org suites? There are all of these and more.

FOSS developers are building and porting more and better applications all the time at a pace closed developers cannot match. Go to the Linux Mall, for example, to learn about the wide selection of office suites and productivity tools now available under Linux. The Linux Business Solutions Project maintains a list of mainstream business applications available under Linux.

There's a widespread belief that the population of technical people who have written and maintained most open source up to now don't have the motivation or competence to write "real" office-type applications with user-friendly GUI interfaces. There's some good evidence this belief is false (such as the GIMP, KDE, and Gnome projects).

More importantly, there's no good reason to think it's true. In the early 1980s people were saying, "The free software people build some nice toys and demos, but they haven't got what it takes to build real tools." The FSF proved them wrong. Before 1991 the same people said "OK, GNU is a nifty programmer's toolkit but they'll never build a viable operating system." Linux proved them wrong again. Now they're saying "OK, so Linux is a nice sandbox for hackers and it does Internet pretty well, but they'll never build decent end-user applications." If the naysayers are right this time, it will be a first.

Doesn't closed source help protect against crack attacks?

This is exactly backwards, as any cryptographer will tell you. Security through obscurity just does not work.

The reason it doesn't work is that security-breakers are a lot more motivated and persistent than good guys (who have lots of other things to worry about). The bad guys will find the holes whether source is open or closed (for a perfect recent example of this see The Tao of Windows Buffer Overflow).

Closed sources do three bad things. One: they create a false sense of security. Two: they mean that the good guys will not find holes and fix them. Three: they make it harder to distribute trustworthy fixes when a hole is revealed.

In fact, open-source operating systems and applications are generally much more security-safe than their closed-source counterparts. When the "Ping o' Death" exploit was revealed in 1997 (for example) Linux had fix patches within hours. Closed-source OSs didn't plug the hole for months.

Alan Cox has written an excellent article on The Risks of Closed Source Computing.

What's the relationship between open source and Linux?

Linux is an open-source operating system, and to date the most dramatically successful open-source platform. Linux is very popular in education, Internet service applications, software development shops, and (increasingly) in small businesses. Several successful companies market Linux and Linux applications.

Linux isn't the whole open-source story, however. There are many other open-source operating systems and applications available, including Netscape's Navigator and Communicator client line of Web browsers.