IT industry relies too much on free engineers


By

Pressmaster

There are a lot of useful things in “Free Software” and “Free Apps”. However, there are many ' free codes ' in paid software. Daniel Stenberg, who develops a library ' libcurl ' that transfers data using various protocols and a command line tool ' cURL ' for sending and receiving files for free, is related to ' publishing an open source project ' Talking about his own episode.

The Internet Relies on People Working for Free-OneZero
https://onezero.medium.com/the-internet-relies-on-people-working-for-free-a79104a68bcc

It seems that the price of a product powered by a lot of code like the iPhone includes a reward for the person who wrote the code. However, even devices equipped with many of the latest technologies such as the iPhone include a lot of “free code” published in “open source projects” such as GitHub and GitLab.

In most cases, developers of such open source code are good at using their work for free. The reason is that providing open source software is an opportunity to hone your skills, and it is easy to get support from the community. Google, who manages a number of open source projects, “I believe open source is good for everyone. Free use for everyone encourages collaboration, advances technology, It will solve the problems of the world. '

Google Open Source – opensource.google.com
https://opensource.google.com/



However, there is also the risk of catastrophe if software that is used by millions of people depends on the 'free code' of several volunteers or just one developer. . In 2014, an open source library '

OpenSSL ' used by 66% of websites found a vulnerability called ' Heart Breed ' that enables sensitive information by reading memory. Full-time programmer in charge of the development of the OpenSSL was only one thing with .

A serious bug is found in OpenSSL used by about 66% of sites on the net-gigazine



In addition to these vulnerabilities, there are cases where developers abandon the project, and there is a possibility that vulnerabilities will be introduced on purpose.

Daniel Stenberg is the person who founded the open source project 'cURL'. According to Mr. Stenberg, cURL is installed in billions of smartphones, hundreds of millions of TVs and 100 million smart cars, and all iPhones produced so far include cURL. It is said. However, although cURL is so widely used, there are few companies that recognize that Mr. Stenberg is a developer, and sponsors who pay various expenses such as cURL hosting There is no big company name.

In 2018, an incident occurred that affected millions of devices due to cURL issues. Mr. Stenberg, who lives in Sweden, contacted a panicked overseas manufacturer that he wanted to come to this country to start working on the correction immediately. Mr. Stenberg was a person who only developed cURL in his leisure time and published the results as open source, but Mr. Stenberg decided to travel abroad in response to his request. However, when Mr. Stenberg demanded the “overseas travel expenses” to solve the problem, the company refused to pay. Eventually, Mr. Stenberg decided to ask a friend for help, and that friend solved the problem.


By yousef alfuhigi

Mr. Stenberg said, “Despite the great profits from open source projects, it's angry to see people who devote themselves to being free rather than returning the profits to the project itself. ' From this experience, Mr. Stenberg came to argue that “in order to prepare for troubles, companies should pay developers to sign support contracts”.

In reality, people who write code for free don't live by eating potatoes, so they need a living expense and have to feed their families. However, on the other hand, according to OneZero , a technology news media reporting this news, many open source communities oppose the idea of `` receiving money in some way '' as a result of sticking to the belief that it is free That.

When Mr. Stenberg received an email saying 'Help me' from another developer or company, he came to think that 'I'm sure that I'll make a support contract soon.' That was. Mr. Stenberg said, “I have been dedicated to cURL for more than 20 years and I do not think about abandoning cURL,” but “not abandoning cURL means that“ while making money, Is a condition of ''.

in Software, Posted by darkhorse_log