There is a development within the computer software community which is known as Open Software. Open Software is usually distributed, at no cost (or at the cost of the distribution media) under a license which provides not only an executable version of the program, but also provides the original source programming language which may be used to generate executable versions of the software. The licensee is free to modify the program in any way and make any use of the software. Such licenses usually permit redistribution of the software and any changes the licensee has made to the program, provided such distribution is done at no cost and includes all software sources. This radical approach to software development and distribution denies the concept of intellectual property in software was originally developed by Richard Stallman, founder of the Free Software Foundation (http://www.fsf.org/fsf/) in 1984.
Stallman's idea was that users and programmers would be able to receive software at no (or nominal) cost and be free to use and improve the software and provide the software plus improvements to others who would, in turn, use and improve the software. A user would be prohibited from selling software under this licensing agreement, but one could sell services which are related to using, supporting and documenting the software. The license agreement, known as the GNU [GNU 91] license agreement, provides not only free software, but also freedom for the licensee to make any changes to the software and even redistribute the software, provided the software and changes are distributed at no charge and are distributed, including changes, in source form.
Stallman's original free software project was to attempt to interest others in joining his effort to produce a free version of the Unix operating system. The name, GNU, associated with Free Software Foundation projects derives its name from the recursive acronym, Gnu's Not Unix. It is Stallman's vision that eventually free software would lead to a plethora of very high quality programs which would be widely (and freely) available. It has taken a long time, but recently free software is beginning to be a significant force within the software industry. An example of this is the widespread use of the Linux [Linu 98] operating system. A Finnish student, Linus Torvalds, began the development of the kernel (heart) of a Unix compatible operating system. He used GNU license compilers and other free software programs and released his kernel under the GNU license. In a relatively short time hundreds, then thousands of programmers were contributing to this effort. The GNU software development efforts were quite fruitful as well, producing GNU versions of the hundreds of programs which make up a Unix system. Today, current versions of Linux, such as RedHat 5.1, rival commercial versions of Unix as well as operating systems from Microsoft, in performance, features and support.
Recently, a commercial software developer, Netscape Corporation, released the source program for Version 5 of Netscape Communicator, free of charge, using a software license which is very similar to the GNU license. Netscape introduced the term Open Software to describe this software license. IBM Corporation recently announced a licensing agreement with Apache.Org concerning inclusion of its GNU license Apache Web server software with Internet server computer systems it markets. Apache is the most widely used Web server program on the Internet. It remains to be seen whether or not the Open Software licensing approach will be used by other major software vendors, but there are important implications for Internet security when GNU (or similar) license software is used.
Since the source code for open software products is freely available it may be inspected and analyzed by the entire software community. Such public scrutiny has the potential of providing a more complete review of algorithms used in the software and a more complete assessment of the security risks in the software than commercial software products receive. Finally, recent experience with the Linux operating system indicates that security problems, when detected, are fixed more rapidly (often in a matter of hours) than security problems with commercial software products. Although Linux is free, it is possible to buy commercial service contracts which support the Linux operating system. This development is beginning to be noticed by corporate information technology departments.