David A. Wheeler's Blog

Sun, 13 Nov 2005

November 2005 release of “Why OSS/FS? Look at the Numbers!”

It’s November, and I’m putting out another release of “Why Open Source Software / Free Software (OSS/FS, FLOSS, FOSS)? Look at the Numbers!” This paper continues to provide “quantitative data that, in many cases, using open source software / free software (abbreviated as OSS/FS, FLOSS, or FOSS) is a reasonable or even superior approach to using their proprietary competition according to various measures. This paper’s goal is to show that you should consider using OSS/FS when acquiring software.”

The big news is that I’m releasing a presentation based on this report. The presentation is at http://www.dwheeler.com/numbers — and you can use it as-is or as the starting point for own presentations. The presentation is being released in two formats, PDF (for reading) and OpenDocument (for presenting or editing). I’m hoping that many other people will be willing to create translations of this presentation. The presentation is much smaller, and thus much easier to translate, than my thorough (but much larger) work.

I’ve made a number of changes since May as well. Here are some of the highlights:

  1. Added a new performance report on Unix and Linux beat Windows… the funny thing is that it’s from Microsoft.
  2. Various URL fixups, as websites change their address. For example, the URL of the Netcraft survey archive is now http://survey.netcraft.com/.
  3. Information Week Research’s study of corporate use of Linux and Open Source software. They found that “Nearly 90% of companies we surveyed anticipate a jump in server licenses for Linux. No other product comes close to these expectations - not Windows, Macintosh or Unix.”
  4. Added references to BusinessWeek’s interesting market figures.
  5. Noted Symantec’s newest security study, and its misunderstood results. Firefox has more vulnerabilities than Internet Explorer, UNLESS you count vulnerabilities Microsoft hasn’t fixed, in which case IE has more vulnerabilities. Some people haven’t looked at these numbers closely, and think that they are an argument for the security of IE, which is nonsense. I think vulnerability counts are a lousy metric, so it’s fine to complain about that… I do! But DON’T rig the metric and ignore known vulnerabilities just because a supplier does… that is rediculous.
  6. Added a reference to an Investors article on OSS/FS commercialization.
  7. Added RFG’s August 2005 TCO report
  8. Updated the OpenSSH marketshare data. Their September 2004 survey shows them dominating the SSH market, with 87.9% share. What’s possibly more important is the trend line; there’s no evidence that OpenSSH is being eliminated by proprietary products at all.
  9. Noted newer Coverity study of Linux kernel defect rate (August 2005), which complements their earlier studies).
  10. Referenced more recent summaries as of August 2005, which suggest that Internet Explorer is still more dangerous than the OSS/FS Firefox. David Hammond’s Internet Explorer is dangerous examined the Secunia reports on Internet Explorer, Firefox, and Opera, as of August 4, 2005. Firefox did far better than IE, both historically and currently.
  11. Added statistics by Scanit’s Browser Security Test group, which found that 98% of time in 2004 Internet Explorer was vulnerable to dangerous known remote attacks, compared to 17% for Opera and 15% for Mozilla/Firefox. I also added a link to an article that explains the context of DHS’s earlier warnings.
  12. Added a reference to an paper about Multics, which shows that even back then, people thought that it was critical to have source code publicly avaiable if security was important. Here’s what it said: “It is expected that the Multics system will be published when it is operating substantially and will therefore be available for implementation on any equipment with suitable characteristics. Such publication is desirable for two reasons: First, the system should withstand public scrutiny and criticism volunteered by interested readers; second, in an age of increasing complexity, it is an obligation to present and future system designers to make the inner operating system as lucid as possible so as to reveal the basic system issues… The system will evolve under the influence of the users and their activities for a long time and in directions which are hard to predict at this time… It is expected that most of the system additions will come from the users themselves and the system will eventually become the repository of the procedure and data knowledge of the community.”
  13. Added reference to Calculating the True Price of Software by Robert Lefkowitz.
  14. Added a reference to Tom Adelstein’s “Linux in Government: Outside the US, People Get it”.
  15. Noted Microsoft’s increasing development of OSS/FS, as reported by ZDNet.
  16. Noted that GNU/Linux basically owns the high-end computing area. 60% of all supercomputers run GNU/Linux, including the world’s fastest, as of March 2005; 80% of the top ten supercomputers run GNU/Linux, and Noted that the Internet Archive (the world’s biggest library counting by text) uses GNU/Linux.

Were I to start now, I think I’d use the term “FLOSS” (Free-Libre / Open Source Software) as my all-encompassing term, so I mention that at the beginning. FLOSS is much easier to say than some of the alternatives. The term “Free Software” is widely misunderstood as being “no cost”, so by itself I find that it’s not helpful for explaining things. The term Free-Libre is a big improvement because it at least hints at what its promulgators intended the term to mean. However, I’ve used the term OSS/FS all over, and it’s awkward to change now (and people might not find the document they were looking for), so I haven’t changed my own documents.


path: /oss | Current Weblog | permanent link to this entry