Proprietary software as a false economy

By Eraserhead1, Infinity0, Sav_vas - Levenez Unix History Diagram, Information on the history of IBM's AIX on, CC BY-SA 3.0,

I recently had to fill in a form for the Computer Science Department at the University of York.

Like, I am sure, any computer science department in any major world university, York is a “Unix shop”: research servers all run Linux and I guess the academics who aren’t using that are – as I am now – are running the modified/derived BSD that is Mac OS X.

But the form was “optimised” (i.e., only able to operate properly on) Microsoft Word – not a piece of software found on many ‘nix machines.

Because the rest of the University – like almost all of Britain’s public sector – was totally reliant on Microsoft’s proprietary offerings.

Thirty years ago I worked in a public sector organisation that used a mixture of proprietary software for “mission critical” work – Netware, Word Perfect and MS Dos. But even that mixture has gone: it’s Microsoft for everything (on the desktop) these days.

And now the price of that false economy – because so often this reliance on Microsoft has been justified because it keeps training costs low (“everybody knows how to use it”) – has been revealed by a massive global ransomware attack.

If free/open source software (FOSS) had been more-widely used then, of course, the risk would not have disappeared: not least because the crackers would have turned their attention to FOSS and left Windows behind: but there are two pretty obvious advantages to FOSS in terms of security:

  • You can see how it works – you wouldn’t walk across a bridge with no visible means of support, yet every time you use proprietary closed-source software you do just that: the fact it hasn’t fallen down yet seems like a poor justification.
  • Everybody can fix it: if Microsoft’s software breaks or is seen to have a vulnerability you are essentially reliant on them to fix it. And if you are using an unsupported piece of software you may not even have that. Again there are no guarantees of invulnerability with FOSS – software is hard – but there is a guarantee that you or anyone you ask/pay can attempt to fix your problem.

It’s time we ended this dependency on proprietary software and invested in a FOSS future.


One response to “Proprietary software as a false economy”

  1. As a FOSS user myself, I largely agree, and there may be a third security argument for FOSS (which is also, sadly, an argument against it). To the extent that FOSS fosters (I’m resisting the urge to type “FOSSters”) (apparently unsuccessfully) a multitude of solutions, it reduces the economic incentive for a hacker. Hacking a product like Word or an operating system like Windows with a huge user base has a greater return on investment for a bad guy than hacking a product with a small user base.

    The unfortunate other side of that argument has to do with standards. By and large, .docx and .xlsx files open properly when sent to some other Windows/Office user. If we switch to FOSS productivity applications, can be sure that we’ll have support for common file formats? I use LibreOffice, which seems to do pretty well opening LibreOffice (and OpenOffice) files but is a bit spotty when opening Microsoft Office files. I suspect that standardization on some platform is motivated even more by the interoperability factor (including, in a university setting, the expectation that classroom and student laboratory machines will run more or less the same OS as faculty office machines and laptops) than by training costs. Training costs (which I agree are a nontrivial consideration in the corporate world) are easier to quote to accountants and CFOs when justifying the purchase. The costs of figuring out a different machine in the classroom or fixing the formatting on a Brand X document you opened in your Brand Y product are difficulty to quantify.

%d bloggers like this: