The Open Source Option

Frank Cervone discusses why librarians should—and shouldn't—use open source software

Frank Cervone (netConnect) -- netConnect, 7/15/2003

Included in this article:

Link List
Guidelines for Evaluating OSS
The Criteria for OSS
An Open Source Dozen

 

We've heard a lot about open source in recent years, and the buzz is steadily increasing. But what exactly is open source software (OSS)-and why, as librarians, should we really care? More critically, we need to determine if it really represents a new model for creating software or whether it is just the latest trendy thing. Libraries as institutions need to determine if they want to invest significant time and effort in this software rather than in commercial solutions. We'll look at some of the pros and cons of this new technology and provide a framework and guidelines for librarians to use when considering whether or not to implement open source software.

What is it?

Link List GNU Project Where the 'free' software movement all started. www.gnu.org Opensource.org WA comprehensive resource for all things open source. www.opensource.org Operating System Vulnerability Statistics securityfocus.com OSS4LIB The comprehensive listing of open source programs specifically related to libraries. www.oss4lib.org Peter Gutmann's Homepage A world renowned expert on computer security. www.cs.auckland.ac.nz/~pgut001

Open source software is not shareware, freeware, public domain software, or any of the 'free' readers or viewers for proprietary software, such as Adobe's Acrobat Reader.

OSS is a model for software distribution that differs from all of the above methods. With open source you get both the executable version of a program and the source code-text files that contain the programming language statements to perform various operations within the program.

Why you might want the source code forms the critical component of the OSS movement. If you have the source code to a program, you can do a lot that you cannot do with the 'closed source' programs used for almost all commercial software. With OSS, you can review the program code to make sure it is actually doing what you intend it to do. You can modify the program to suit your own needs. You can incorporate the software into another program to perform new functions.

None of this is possible with closed source programs. For example, you cannot modify the source code of your copy of MS Word to meet your particular needs. Nor can you take parts of MS Word and incorporate it into a new program that you've developed. Theoretically, you could change or adopt code with the word processor program in an open source office suite, such as the one developed by OpenOffice.org.

In practice, working with OSS is often more complex than defined above. Over the years, it has come to mean software that conforms to ten general philosophical principles (see 'The Criteria for OSS,' p. 9). Nowhere is 'free' mentioned, although most people assume OSS will cost no money. This is where most of the confusion about open source begins.

The conundrum of licenses

The greatest philosophical debate within the open software movement is whether or not the software should be 'free.' Frequently, the position that it should be free is incorrectly interpreted to mean that it is unethical to charge for software, or that all open source software must be offered without any type of charge. This stems primarily from misunderstandings related to comments made by Richard Stallman, founder of both the GNU project (a 'free' UNIX-like operating system) and the Free Software Foundation. Stallman's definition relates more to liberty than price; in his definition, free relates to the users' freedom to run, copy, distribute, study, change, and improve the software. It is not related to a particular economic system, although there are some hints at that.

Not surprisingly, the ensuing philosophical debates regarding the meaning of free have generated significant disagreement. There are many different takes on the issue of licensing and what is and is not permissible in the open source model. The most popular and well-known license is the GNU Public License (GPL). The GPL enforces the concept of free to its fullest extent. Close to the GPL is the BSD-style license, which originated from the Berkeley Systems Distribution, an early variant of the UNIX operating system. The main difference between the GPL and the BSD license is that source code modifications under the BSD license can be kept private and do not have to be redistributed as part of the package. At the opposite end of the open source continuum is the Apple Public Source License. Many people do not consider Apple's approach an open source license. It includes restrictive clauses that require all changes to the source code be given to Apple and all modifications disclosed to Apple before release of the code, and it allows Apple to revoke or change the license at any time-all of which fly in the face of any open source philosophy.

Open source benefits

The arguments on behalf of OSS often relate to the many benefits it offers organizations. Although some of these can be questioned-we'll get to those-two undeniable benefits are cross-platform simplicity and an easing of licensing restrictions. These increase the computing flexibility of an organization.

Cross-platform simplicity means that the software does not depend on a specific hardware or operating system platform in order to function. With OSS, it should be possible to run your library management system modules (such as cataloging, acquisitions, and circulation) on any operating system-Windows, OS X, Linux, or anything else-because you have the source code. If your vendor doesn't provide an executable version for your particular needs, you can create an executable version for your computing environment locally with little trouble.

Eased licensing restrictions are a major boon to organizations, particularly those with people working from home or in transit. Using OSS, people can have copies of programs on their machines at home, at work, and on the road and the organization is not penalized for doing so by licensing restrictions.

Free kittens

Guidelines for Evaluating OSS All guidelines follow from a single principle: thoroughly investigate the software before implementing. Some questions to ask include: What are the programming language requirements? Do you have people on staff who can program in the language in which the software is written? If not, do you have ready access to people who can? If not, are there alternative packages you can support? What is the operating environment? Is this software supported on your hardware? Does it run on the operating systems you support? Is there a large, active user base? How is maintenance handled? Who is currently supporting it? Is there an electronic discussion list, newsgroup, or blog that can be used for support? Is there a commercial entity that could provide support? Is there a community of peers providing input on enhancements and modifications? What sort of functional and integrated testing is performed by the user community? Does the software have the necessary functionality? Is the product mature? Is it in a greater than 1.0 release? Will it require modification? If so, do you have the expertise? How will local modifications be folded back into the base product so that the same modifications need not be repeated for each new release?

On the other hand, a frequently discussed benefit of OSS is its lower cost of ownership because developers typically don't charge for it. The Linux operating system, the Apache web server, and the PERL and PHP programming languages are all well-known examples of OSS available without a licensing cost.

However, this is similar to getting a 'free' kitten-you don't pay for the cat immediately but you certainly do so over the course of the cat's lifetime. All software needs to be supported on an ongoing basis, and OSS is no different. In many cases, the support costs for OSS can be more than the costs for equivalent commercial software. First, installing and maintaining OSS generally requires a higher level of technological sophistication than that required for commercial software. Second, most (but not all) OSS is not as fully developed as commercial software with similar functionality. This results in a general lack of sophisticated tools for the administration of OSS programs, tools that commonly come with commercial software packages.

Other drawbacks

Such lack of functionality carries over into the end user side as well. OSS can be less user-friendly than commercial software. In many cases, this is because of the lower level of maturity of the OSS product. For example, MySQL (an OSS database) does not have the sophisticated end user tools that a commercial database product (such as Oracle) does have. As a result, MySQL can be more difficult to work with than Oracle. This does not mean, however, an open source product will not eventually catch up with a commercial package. It's just that commercial software tends to have an edge in functionality over OSS solutions.

Similarly, user unfriendliness can be the result of a lack of functionality in an OSS that may be taken for granted in commercial software packages. For example, the differences in functionality between MS-Office Powerpoint and OpenOffice.org's Impress products are quite striking. It is clear from even a cursory look that the Impress is a developing product. Similar situations exist with OSS library management systems (LMS). Several are off to interesting starts (such as Koha, Avanti, and Learning Access), but none of these systems comes close to competing with commercial LMS. Yet.

Safe systems

The most raucous debate surrounds reliability and security. On the pro-OSS side, much has been made about the peer review process of OSS. Since the source code is available, it is possible for many people to view the code, spot errors, and fix them quickly. Linus Torvalds, the original developer of the open source operating system Linux, has a 'law of software engineering' that states, 'Given enough eyeballs, all bugs are shallow.' But that's one of the major problems-the assumption that a thorough peer-review process is in place and working.

Inherent to the peer review process is the principle that there is a peer community and that it is qualified to evaluate the software. Although this has certainly been demonstrated in some projects (such as Apache and Linux), there is no evidence that this is a universal condition for all open source projects. That the peer-review process is compromised has been raised by Peter Gutmann, a noted expert in the area of computing security. Gutmann reports that he planted a comment in some code he released years ago, saying, in effect that 'something really suspicious could happen here.' According to Gutmann, no one has asked him about this, which is a little scary since the comment isn't in there just to annoy people; you could actually build a rather nasty backdoor there.

The other major misconception is that OSS, by its very nature, is less susceptible to hackers. Although this may have once been true, it is certainly no longer the case. The most likely reason for this change is status. Open source systems, since they are now so prevalent, are much more attractive targets than they used to be. According to Securityfocus.com, Linux, and not proprietary operating systems such as Windows, heads the list of operating system vulnerabilities reported in the last several years.

Support varies

This feeds into management-level concern about the quality of OSS and the availability of support. OSS typically does not come with a vendor to support the software.

But just as is the case with commercial software, OSS offers a wide range of quality and support options. At the upper end, the Apache web server has proven its enterprisewide capabilities through, if nothing else, the sheer numbers of adopters. Well over 60 percent of all sites on the Internet run on an Apache-based server. The support for Apache rivals and often surpasses what is available for commercial software. Quite remarkable, considering that support for Apache is freely available at the Apache web site and other places on the web. Furthermore, several companies have emerged that provide support and maintenance services for OSS that is similar in quality and scope to that of higher-end commercial software.

There is OSS that is poorly or simply not supported. Support for OSS depends on many variables, most importantly the level of commitment to the project on the part of the developer and the adoption rate of the software. In general, software that is used by a small niche market is not as well supported as software that enjoys wider use.

Philosophical dimensions

The OSS movement is based on a fairly strong philosophical base. There is a natural fit, it seems, between many of the principles of OSS and the professed core values of librarianship. As with most things in life, there are tradeoffs between a philosophically pure stance and how we actually perform our mission.

One of the major common-good benefits of OSS is that it can significantly help bridge the digital divide. Libraries in developing nations are able to support electronic access and resource sharing because they can use OSS. Even libraries in wealthier nations are able to provide better services because of OSS. In both cases, it would not be possible for libraries to exist as they do today if they were forced to rely solely on commercial software. They either could not afford it, or the functionality simply doesn't exist in the commercial market.

However, some of the debates in the OSS community serve to divide rather than unite. The strong stances of some open source advocates-that programs should never be sold, that open source licenses are morally superior, that intellectual property should not pertain to programming, and that software should not even exist as an industry-can be chilling. They are often used to quash disagreement or enforce a particular world view. These arguments have slowed the adoption of OSS rather than helped it.

What to do?

This philosophical debate should not impede libraries from adopting OSS in circumstances where it will benefit the overall mission of the library. As more people get involved in the open source movement and a larger user base develops, the strident stances of a vocal minority are being moderated by the wisdom of the larger group of users. This is good, because reasoned debate is what will win the day for open source, not proselytizing or bullying.

On the other hand, beware of the argument that declares something inherently good just because it is open source. A case in point, the OpenOffice.org application suite is an excellent first start in competing with the proprietary Microsoft Office application, but OpenOffice still lacks significant functionality that Office users take for granted (compare Microsoft PowerPoint to OpenOffice's Impress to see the most dramatic differences in functionality). In order to make a wise choice, use the checklist (see 'Guidelines for Evaluating OSS') as a starting point in your examination of an OSS package.

OSS has a lot to offer libraries, including an unparalleled opportunity to experiment with 'proof of concept' technologies and services. If you heed the guidelines given and use some common sense, you can use OSS to great effect, enabling a level of functionality that is not possible using only commercial software. Since delivering quality service is one of the profession's most important goals, open source is well worth investigating.

The Criteria for OSS Be freely distributable. The software license cannot restrict anyone from selling or giving away the software as part of a larger system or aggregation of programs. The license cannot require royalties or fees for such sale. Includes the source code. The source code for the program must be freely available, and it must be possible to distribute the source code as well as the compiled form of the program. Deliberately obfuscated source code is not allowed. Allows for derived works. The license must allow modification of and derived works from the original. In addition, it must allow these modifications and derivatives to be distributed under the same terms as the original software license. Maintains the integrity of the original source code. The license may restrict source code from being distributed in a modified form only if the license allows the distribution of patch files with the source code to allow for program modifications at build time. This allows the consumer to know who made what changes to the code without impinging on the rights of the original creator. Not discriminate against persons or groups. Not discriminate against fields of endeavor. Provides for the distribution of the license. The rights attached to the program must apply to everyone the program is distributed to, without their having to execute additional licenses. Not be specific to a product. The rights attached to a program must not depend on the program being part of a particular software distribution package. This does not mean that one program cannot depend on another program to enable functionality. For example, one program can depend on another program to enable a specific functionality point, such as drawing a screen. However, if those programs were used in one office application suite, they should be usable or adaptable to another office application suite. Not restrict other software. The license cannot place restrictions on other software that is distributed along with the licensed software. That is, one piece of software cannot prevent another piece of software from being used. Be technology neutral.

An Open Source Dozen There are several types of open source software (OSS)-operating systems, programming languages, utilities, and application programs. Here are some of the more interesting and commonly used open source application software in libraries. Reference services and management ASKAL-Ask a Librarian apocalypse.unomaha.edu/ask Developer: University of Nebraska-Omaha Requirements: PHP programming language and MySQL for database management ASKAL is a system for managing email-based inquires. Features of the program include a simple workflow model that allows email inquiries to be answered quickly and efficiently and management reports (both qualitative and quantitative) that provide measures of effectiveness. RAKIM: A Knowledge Instant Messenger styro.lib.muohio.edu/rakim/install.html Developer: Miami University of Ohio Requirements: PHP programming language and MySQL or PostgresQL for database management A lightweight, real-time, web-based reference service. The interface is similar to a standard chat room but with added features for the online reference environment. The system provides an unlimited number of librarians/operators login accounts; a shared queue of patrons; the ability to refer patrons to specific librarians; limited 'page-push' by cutting and pasting a URL that is displayed to the patron; audible alerts; shared and personal bookmarks; and individual customization. RDM-Reference Desk Manager www.onid.orst.edu/~reeset/RDM Developer: Oregon State University Requirements: PHP programming language and MySQL for database management By combining several functions into a common interface, RDM, a reference service information management system, provides a portal for reference service tasks. Major features include an email web log with searching features, an electronic card file, a common links area, and web-based administration of the system. Electronic Reserves course/control coursecontrol.sourceforge.net Developer: Emory University Requirements: PHP programming language and PostgresQL for database management A robust, customizable system to manage library reserves, course/control offers unique features such as the ability to 'skin' the interface so that independent branches or schools within a library system can maintain a distinct look and feel; a tracking system that keeps a history of all the items put on reserve for a class; and the ability for instructors to add, delete, annotate, reorder, recatalog, and set a later activation date for items. In addition, an optional public (student) interface, called Reserves Direct, allows a class member to define a current course list and then view the items in the order the instructor has set, with the ability to hide items already viewed. OSCR-Open Source Course Reserve timesync.gmu.edu/OSCR Developer: George Mason University Requirements: PERL programming language and MySQL for database management This fully web-based electronic course reserves system is for academic libraries. The system manages course content stored as either PDF files or URLs and may be searched by instructor or course identifier. For authorization, OSCR offers the option of using the security built into the Apache web server to control access, or a course-based password system, with a password for each course. Document Delivery Prospero bones.med.ohio-state.edu/prospero Developer: Ohio State University Requirements: C, C++, and PERL programming languages Prospero, a document delivery management system, consists of two modules. The staff module is used to scan, send, and receive documents. It can work in conjunction with Arielr (from Infotrieve) or in its place. It also converts Prospero/Arielr files, which are TIFF images, into PDF files that are used by the user-interface module to provide patrons with a controlled, web-based method for retrieving documents. Documents can be defined as being viewable for a certain number of days or certain number of views in order to conform with copyright restrictions. In addition, patrons are notified automatically via email when their documents are available. Tutorial Design MOSST-Modular Online Software for Self-Paced Tutorials www.lib.sfu.ca/MOSST Developer: Simon Fraser University Requirements: PERL programming language This lightweight instructional design tool allows librarians to create complete web-based tutorials. Features include tools to add automatically generated footers, headers, and navigational links (such as 'next' and 'previous') to a set of HTML pages and to add JavaScript pop-up windows to HTML pages so users can simultaneously interact with a remote web site and the tutorial designer's instructions. Subject Guides ResearchGuide researchguide.sourceforge.net/index.html Developer: University of Michigan Requirements: PHP programming language and MySQL for database management ResearchGuide is a content management-like tool for librarians to create subject guides and specialist contact pages. Within subject guides, custom categories such as Reference Works, Indexes to Articles, and Web Resources can be created to categorize an unlimited number of resources, both print and electronic. Once the information has been entered, users may access the guide as a standard web page. In addition, the system can be used to create specialist contact pages that include contact information for bibliographers as well as a photo (if desired), information on responsibilities, and educational background. Directory Builder Scout Portal Toolkit scout.wisc.edu/research/SPT Developer: Scout Project Requirements: PHP programming language and MySQL for database management The Scout Portal Toolkit allows groups or organizations that have a collection of resources they want to share via the World Wide Web to put that collection online without making a big investment in technical resources or expertise. They can create a subject directory with web forms, support multiple contributors, let visitors browse and search directories, and rate and recommend resources. The software also provides an alert service and the ability to export data as RSS, OAI, or tab-delimited files. Electronic Publishing GNU EPrints software.eprints.org Developer: Part of the Open Citation Project, a DLI2 International Digital Libraries Project, funded by the Joint Information Systems Committee of the Higher Education Funding Councils in collaboration with the National Science Foundation Requirements: PERL programming language and MySQL for database management This is used to create online archives of material that is OAI-compliant. The GNU EPrints software was designed primarily to be used by researchers and their institutions to maximize the access to, and therefore the impact of, their research output. Specific features of the software include the ability to store documents in any (and multiple) formats and to use any metadata schema. Digital Collections Greenstone www.greenstone.org/english/download.html Developer: New Zealand Digital Library Project at the University of Waikato Requirements: No additional software Greenstone is a suite of software for building and distributing digital library collections based on collections of documents. The aim of the software is to empower users-particularly in universities, libraries, and other public service institutions-to build their own digital libraries. Greenstone uses an interesting model wherein content is digested by a collector and then converted into XML through the use of plugins. Plugins currently exist for plain-text documents; HTML, Word, PostScript, PDF files, or email; and common bibliographic formats. Digital images and media may be included in collections as well. Federated Searching SiteSearch www.sitesearch.oclc.org/projects/ssbasecode Developer: Originally developed by OCLC Requirements: PERL programming language, the Java Developers Kit, and MySQL for database management Previously provided on a commercial basis by OCLC, SiteSearch has been turned into a 'pseudo' open source project; the Java source code is available for download at no charge to noncommercial users. SiteSearch consists of two main components: WebZT, which is a Z39.50 client/server component used to create an interface to information resources, provides the basis for federated searching functionality, and Database Builder provides tools to build local databases in various record formats from community information to digital objects, including sound and video files.

Talkback

We would love your feedback!

Post a comment

» VIEW ALL TALKBACK THREADS

Related Content

• Topics
• Author

Related Content

 

By This Author

There are no other articles written by this author.

Sponsored Links