Free and open-source software (FOSS): Pros and cons for security
 
             
                    Free and open-source software (FOSS), as the name suggests, is the crossover between free software and open-source software. While there are similarities between the two, there are some subtle differences worth noting—namely that free software tends to be open-source, but not all open-source software is free.
The free software movement and its goals
Free software generally covers software that is, you guessed it, completely free to download and use. Richard Stallman, who founded the Free Software Foundation and launched the GNU Project, is largely responsible for the direction that free software has taken over the past few decades after starting the free software movement in 1983. Stallman has noted that the main difference between free and open-source software is that "open-source is a development methodology; free software is a social movement." Within this context, “free” can also refer to liberty rather than complimentary.
The free software movement established the Four Essential Freedoms of Free Software to denote what constitutes free software:
Freedom 0
The freedom to run the program as you wish, for any purpose.
Freedom 1
The freedom to study how the program works, and change it so it does your computing as you wish. Access to the source code is a precondition for this.
Freedom 2
The freedom to redistribute copies so you can help your neighbor.
Freedom 3
The freedom to distribute copies of your modified versions to others. By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.
Benefits of open-source software
In the strictest sense, open-source software solely refers to the accessibility of a program’s source code, i.e., that the source code is viewable and can be scrutinized. Speaking more broadly, open-source software is released under a license whereby a copyright holder allows for the use, study, alteration, and distribution of the software in any capacity. Even here at ExpressVPN, we’re no stranger to open-source software with our Leak Testing Tools and browser extension available for viewing and download at GitHub.
In contrast to closed-source, or proprietary, software, open-source software relies on transparency. Users are encouraged to use and modify software in any way that benefits them. The idea being that this nurtures engaged and supportive communities that will grow in size. Some pitfalls of proprietary software include cost of purchase/subscription/licensing, limited vendor choices, and little to no scope for customization. This by no means is to say that proprietary software is in any way inferior. In fact, it is important for both competition and innovation. Proprietary software is usually developed for specific uses—Photoshop, Skype, Windows, and macOS are great examples of this.
Security and privacy of FOSS
Advocates of FOSS argue that it is an inherently more secure choice due to its transparency, the ability for users to scrutinize its source code, and its accessibility. Another advantage of adopting FOSS is that security concerns can be immediately addressed, provided that a community base is large enough or if collaborative support literature is available. Open-source in security also means that more stakeholders are available to collaborate to provide multiple viewpoints on problem solving. Linus Torvalds, the creator of Linux, for which Linus’s Law is named for, echoes these sentiments perfectly: “Given enough eyeballs, all bugs are shallow.”
Conversely, critics argue that FOSS lacks dedicated support (although community support can be beneficial given large enough numbers), requires rudimentary technical expertise for problem solving, and is more likely to leave users with no updates because of the high chance of projects being abandoned. Having said all this, it should be noted that there are benefits and pitfalls on both ends of the spectrum. There’s never a one-size-fits-all solution to security and privacy, and the best thing to do is figure out what works best for you personally, which might entail a balance of open-source and proprietary software.
Read more:
Take the first step to protect yourself online. Try ExpressVPN risk-free.
Get ExpressVPN 
     
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
         
         
         
        
Comments
Yes. For example, in regards to password managers, avoid closed sourced ones like LastPass, 1Password and instead use open sourced ones like KeePass and/or Bitwarden. Being open sourced is important for really putting all your “eggs in one basket” and being sure it’s code is publicly scrutinized.
Correct me if the following statement is false. The thing that I noticed that was not mentioned is that if Open Source allows you to edit and or embed the software to install other software in the background on your pc without your knowledge. Hackers (for example) or the "Average Joe" can redistribute these open source programs so that people unknowingly are victims of the lack of privacy of personal content (which they do) and antivirus programs do not even notice because it is source code?
I was very assured when I realized you guys were using OpenVPN for your clients, exactly for the reasons you listed in the article.
Boa noite, eu pesquisei sobre a Tor, vi que o risco de vazamento é 0%. Pelo que entendi é extremamente impossível que vazamentos de informações dos usuários aconteçam. A pergunta é a seguinte: A ExpressVPN é detentora desta mesma tecnologia? Quero adquirir um produto que me dê total segurança tanto contra hackers quanto por ventura se houver falha de um funcionário por exemplo. Eu não tenho informações importantes, mas vamos fazer de conta que eu tenho um diamante escondido na barriga de meu gatinho e um funcionário meu saiba. Se meu funcionário não for muito honesto pode ter certeza que meu gatinho vai ser sequestrado. É apenas uma analogia, mas que demonstra o quanto uma VPN pode oferecer melhores condições que outras. Aguardo mais informações.