At the Forge: Why Linux?
Engineers are notoriously bad at keeping secrets, as Scott Adams has occasionally pointed out in his Dilbert comics. Indeed, one of the things that attracts me to open-source software is the fact that there are no secrets. Clients hire me because they want to save themselves time or because they lack expertise in a particular area, not because they are forced to do so. For this reason, I tend to think of myself as analogous to a lawyer or accountant, both of whom offer advice and documents based on freely available information.
This “no secrets” philosophy tends to work well with my clients, including those who aren't at all interested in knowing how the software works. They know they can ask me questions, and I'll give them the best answer I can, without having to hide behind marketing hype, mandatory updates or double-talk. My technical clients, of course, enjoy knowing they can dive into the code or read the documentation; the only thing stopping them from knowing what I know is time and experience.
My nonprofit clients, who are in many ways the perfect audience for open-source software, are often excited by the possibility of using such tools. In particular, I have found that educational institutions like the idea of sharing information and community involvement, in software as in other spheres of life. Telling them they can both save money and participate in a community of like-minded people is a powerful combination. Moreover, nonprofits typically have little incentive to keep changes within the company, meaning that they can more easily participate in the Open Source community.
When I first began to write this column for Linux Journal, most server-side web applications were handwritten CGI programs. A huge number of web sites still use such programs. But as the Web has become more sophisticated, people have demanded toolkits that make it easier to develop high-quality, scalable web applications in a short amount of time. It shouldn't come as any surprise that many proprietary software companies have come to fill this void. It is shocking, however, to find out how much money they want for their software—sold on the condition that their consultants are hired to customize it, followed by a mandatory service contract.
Luckily, the open-source world has responded. A number of open-source toolkits can be used for creating sophisticated server-side applications. Zope, as we have seen in recent months, is a fantastic (if complicated) application server, making it possible to create web applications that connect to databases and other information sources. Next month, we'll begin to look at OpenACS, designed to make on-line community systems easy to build and modify. Furthermore, such environments as mod_perl, Mason and the numerous Java- and XML-related tools sponsored by the Apache Software Foundation increasingly mean that locating the right tool can be as difficult as installing and using it.
But as wonderful as these toolkits are, we must remember that not everyone will be won over. My harshest lesson on this front came last year when a potential client decided against hiring me to create a simple content management system for producing a product catalog for the Web. I was told that my bid came in at $800,000 less than my closest competitor. However, because I was using open-source software and the competition was a well-known name in the world of content management, I lost out. (That client has had a round of layoffs and quarterly losses since then, and their web site still appears to be managed by hand, so at least I won a moral victory of sorts.)
We should also remember that not every player in the open-source sphere can be trusted to follow through on their promises to the community. Many open-source advocates were surprised and disappointed when Lutris pulled the plug on its open-source Enhydra Enterprise Java application server last year, turning it into a proprietary product. Luckily, there are alternatives; not only has the GPL-licensed JBoss application server dramatically grown in popularity over the last year, but Sun recently made it clear that nonprofit, open-source J2EE implementations will be able to receive official certification in the coming months. This should help to reduce further the stigma that some businesses associate with open-source software.
But even if you suffer setbacks, don't be fooled: as IBM, HP and even Sun now acknowledge, Linux and open-source software are powerful, stable and should be taken seriously. “World domination” hasn't yet arrived, but brand-name recognition, financial realities and admiration from academics and commercial entities alike are helping us move ahead.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- The Humble Hacker?
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The US Government and Open-Source Software
- New Container Image Standard Promises More Portable Apps
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide