this post was submitted on 29 Dec 2023
79 points (100.0% liked)

Free and Open Source Software

17926 readers
23 users here now

If it's free and open source and it's also software, it can be discussed here. Subcommunity of Technology.


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

There is a common theme pushed by fanatics of capitalism that never dies: that a profit-driven commercial project ensures higher quality products than products under non-profit projects. Some hard-right people I know never miss the chance to use the phrase “good enough for government work” to convey this idea.

I’m not looking to preach to the choir here, but rather to establish a thread of scenarios that correspond to quality for the purpose of countering inaccurate narratives. This is the thread to share your stories.

In my day job I’m paid to write code. Then I go home write code I was not paid for. My best work is done without pay.

Commercial software development

When I have to satisfy an employer, they don’t want quality code. They want fast code. They want band-aid fixes. The corporate structure is too myopic to optimize for quality.

Anti-gold-plating:I was once back-roomed by a manager and lectured for “gold plating”. That means I was producing code that was higher quality than what management perceives as economically optimal.

Bug fixes hindered:I was caught fixing some bugs conveniently as I spotted them when I happened to have a piece of code checked out in Clearcase. I was told I was “cheating the company out of profits” because they prefer if the bugs each go through a documentation procedure so the customer can ultimately be made to pay separately for the bug fix. Nevermind the fact that my time was already charged anyway (but they can get more money if there’s a bigger paper trail involving more staff). This contrasts with the “you get what you pay for” narrative since money is diverted to busy work (IOW: working hard, not smart).

Bugs added for “consistent quality”:One employer was so insistent on “consistent quality” that when one module was higher quality than another, they insisted on lowering the quality of the better module because improving the style or design pattern of the lower quality piece would be “gold plating”. This meant injecting bugs to achieve consistency. The bugs were non-serious varieties; more along the lines of needless complexity, reduced performance, coding standard non-compliances, etc, but nonetheless something that could potentially be charged to the customer to fix.

Syntactic dumbing-down:When making full use of the language constructs (as intended by the language designers), I am often forced by an employer to use a more basic subset of constructs. Employers are concerned that junior engineers or early senior engineers who might have to maintain my code will encounter language constructs that are less common and it will slow them down to have to look up the syntax they encounter. Managers assume that future devs will not fully know the language they are working in. IMO employers under-estimate the value of developers learning on the job. So I am often forced avoid using the more advanced constructs to accommodate some subset of perceived lowest common denominator. E.g. if I were to use an array in bash, an employer might object because some bash maintainers may not be familiar with an array.

Non-commercial software development

Free software developers have zero schedule pressure. They are not forced to haphazardly rush some sloppy work into an integration in order to meet a deadline that was promised to a customer by a manager who was pressured to give an overly optimistic timeline due to a competitive bidding process. #FOSS devs are free to gold-plate all they want. And because it’s a labor of love and not labor for a paycheck, FOSS devs naturally take more pride in their work.

I’m often not proud of the commercial software I was forced to write by a corporation fixated on the bottom line. When I’m consistently pressured to write poor quality code for a profit-driven project, I hit a breaking point and leave the company. I’ve left 3 employers for this reason.

Commercial software from a user PoV

Whenever I encounter a bug in commercial software there is almost never a publicly accessible bug tracker and it’s rare that the vendor has the slightest interest in passing along my bug report to the devs. The devs are unreachable by design (cost!). I’m just one user so my UX is unimportant. Obviously when I cannot even communicate a bug to a commercial vendor, I am wholly at the mercy of their testers eventually rediscovering the same bug I found, which is unlikely in complex circumstances.

Non-commercial software from a user PoV

Almost every FOSS app has a bug tracker, forum, or IRC channel where bugs can be reported and treated. I once wrote a feature request whereby the unpaid FOSS developer implemented my feature request and sent me a patch the same day I reported it. It was the best service I ever encountered and certainly impossible in the COTS software world for anyone who is not a multi-millionaire.

top 16 comments
sorted by: hot top controversial new old
[–] senseamidmadness@beehaw.org 15 points 10 months ago

Anyone who says paid software is guaranteed to be better is either selling you something or delusional.

FOSS has almost never disappointed me as an end user. Windows disappoints me every time I use it.

[–] FlareHeart@lemmy.ca 12 points 10 months ago (3 children)

Ya... I'm with you 100%. It really feels like commercial software is the "minimum viable product" rather than a complete and quality piece of software. I've opted for FOSS solutions wherever possible for me and it has worked out swimmingly. Only place I'm still struggling is my home PC. Making the jump to Linux and potentially risking game compatibility is still a bit of a hurdle for me, but once my Win10 license loses support, Linux will be a very strong contender for my main OS.

[–] i_am_not_a_robot@discuss.tchncs.de 3 points 10 months ago

It wasn't always like this. Back before companies understood "minimum viable product" things were better. Now companies do the "minimum" and then never come back to finish what they started because they can't see a profit in it. It's obvious in the way Microsoft has been replacing the old, working parts of the OS with new parts that look more modern but don't work as well, and rarely improving the replacements to reach parity with what was replaced.

[–] soloActivist@links.hackliberty.org 2 points 10 months ago

I’ve been out of the loop on games for a while but ReactOS may be worth a look.

[–] BearOfaTime@lemm.ee 1 points 10 months ago

Now deploy those solutions to a business, where measurable uptime is a requirement, and you lose money (as in money you would be paid for your work is canceled) because you missed those metrics.

Or worse, there's an outage, and your client can't do their work for a day. Again, you'll be paying for their lost business, because contracts are written to offload that risk to you, the supplier of a solution.

Yea, this stuff is great, and can work well where risks are low, or not contractually offloaded. Say for your own company/small org that's risk tolerant, and sees FOSS as an opportunity to build their infrastructure a specific way. This approach means always ensuring you have specific, and duplicated, Subject Matter Experts in-house for everything you bring in. Not just Bob. Because if Bob is the only SME, when he gets hit by a bus, you'll be shit out of luck.

Even worse, most Enterprises work damn hard at documenting what they do, and doing what they document, and I'd bet at best they're hitting 90% on most systems after initial setup.

SMB (where the FOSS argument is more compelling) doesn't even try to document their systems (well, some, but nothing like what Enterprises do, and that's not a criticism, they don't usually have the flexibility in time or money to justify it).

In Enterprise, the person writing the docs never touches production - they typically develop their docs by working in a variety of test environments, those docs are then passed to teams that manage only production systems. This provides a division of responsibility, and ensures that if your Primary SME is hit by a bus, you're not SOL because his backup would simply refresh their knowledge via the docs).

I'm not seeing SMB rationalizing multiple SME's for systems.

[–] Moonrise2473@feddit.it 7 points 10 months ago (1 children)

But that's a shitty employer that is just making software for profit. Like Oracle or IBM. They have a niche of masochistic customers who enjoy being nickel and dimed at all times.

There are other examples, like indie games are closed source software that are written with no pressure to do x, y or Z and are driven by passion. Same for other programs, I can see there are many "quality first, money second" examples

And also in Foss there are highly opinionated software where the devs completely ignore users, ban them from GitHub when they post issues, or continuously change the APIs without a valid reason so your plugins need a constant rework and it's a mess to stay behind

[–] soloActivist@links.hackliberty.org 4 points 10 months ago (1 children)

The 1st ½ of your comment sounds accurate. But...

And also in Foss there are highly opinionated software where the devs completely ignore users, ban them from GitHub when they post issues,

Right, but to be clear non-free s/w is worse - you can’t even reach the devs, generally, and there is no public bug tracker. FOSS is an improvement in this regard because at least there is a reasonable nuclear option (forking). The nuclear option for non-free software is writing it yourself from scratch.

[–] Moonrise2473@feddit.it 1 points 10 months ago
[–] Corgana@startrek.website 6 points 10 months ago* (last edited 10 months ago)

Well said- FOSS software is almost always better at accomplishing the task at hand, but because most FOSS devs aren't also UX/UI developers, the software is often harder to just pick up and use for someone unfamilliar. I think that's the main reason it sometimes has a perception of being "worse".

[–] 0xtero@beehaw.org 6 points 10 months ago (2 children)

I do security as my dayjob (more blue team stuff these days, but used to do pentesting in the past).

Software development normally comes down to a holy trinity of Speed/Cost/Quality. You can only pick two.

Commercial software has time/cost constraints so they often pick speed and cost over quality initially. FOSS software doesn't need to "get to the market", but also doesn't have any money, so you often get cost/quality over speed.

However - in larger enterprises there's so much more, you get the whole SDL maturity thing going - money is invested into raising the quality of the whole development lifecycle and you get things like code reviews, architects, product planning, external security testing etc. Things that cost time, money and resources.

FOSS software is generally going to be missing this, unless the project gets popular and picked up by some big megacorp that bankrolls the development (Google, IBM etc). Look at mission critical projects like OpenSSL that was (until Heartbleed) more or less one man project.

Commercial software also needs to invest in licensing, support, documentation, certifications, training and potentially integration partners. It's a whole different playing field. FOSS has easier time, because it's generally just pointing at the code and saying "well send a PR".

Then you have the whole devops thing, where you might take FOSS software and build a whole commercial service around it.

And all of this is just generalizing of course, because unless we're just comparing small programs, there's really no way to do objective comparisons between "commercial" and "free" without writing a full 50 page thesis.

[–] BCsven@lemmy.ca 4 points 10 months ago

Commercial software getting QA, code review, testing, etc seems to only apply till that corp has market share dominance, then they dgaf. I'm indirectly involved with corporate enterprise level software. They big players now release garbage that has breaking changes, they don't care because user base pays yearly licensing and can't drop the paid license nor drop the software; so they live with users being the bug testers. And beaides that they use foss components for some functionality.

[–] soloActivist@links.hackliberty.org 4 points 10 months ago

That all sounds accurate enough to me.. but thought I should comment on this:

However - in larger enterprises there’s so much more, you get the whole SDL maturity thing going - money is invested into raising the quality of the whole development lifecycle and you get things like code reviews, architects, product planning, external security testing etc. Things that cost time, money and resources.

It should be mentioned that many see testing as a cost, but in fact testing is a cost savings. In most situations, you only spend some money on testing in order to dodge a bigger cost: customers getting burnt in a costly way that backfires on the supplier. Apart from safety-critical products, this is the only business justification to test. Yet when budgets get tightened, one of the first cuts many companies make is testing -- which is foolish assuming they are doing testing right (in a way that saves money by catching bugs early).

Since the common/general case with FOSS projects is there is no income that’s attached to a quality expectation (thus testing generates no cost savings) - the users are part of the QA process as free labor, in effect :)

[–] mycoffeeisready@feddit.nl 4 points 10 months ago

God have mercy for the poor souls that have to use Clearcase. In fact it sounds like you and I may work for the same organization.

[–] dannym@lemmy.escapebigtech.info 2 points 10 months ago

In general I agree with you. I find that most FOSS software is more polished than proprietary software, and it is generally more powerful.

However, I think that one problem that people somehow overlook in my opinion is that the financial side of the issue is also extremely important. I want more people to work on quality FOSS software, and I want it to become socially acceptable to work on FOSS as your main job. For that one thing is needed in my opinion: we as users of FOSS software need to give developers the financial incentives to work on what they love the whole time. In fact I want it to reach the point where immoral, non FOSS companies struggle to find developers because they're all working on FOSS.

[–] joyjoy@lemm.ee 2 points 10 months ago

bash arrays

On the flip side, some FOSS maintainers will prefer not to use arrays because "it's not POSIX compliant"

[–] mtchristo@lemm.ee 1 points 10 months ago

If you need to use software professionally or in a commercial product, then go commercial.

I have been trying to switch to using more open source lately. And I couldn't notice how more than 90% of projects I Land on are abandonware . and the rest are so slowly moving you shouldn't rely on the for anything where security matters.

Stick with Foss projects that have a non profit behind then or a strong community of devs behind them. With a leat dozens of commits a month.