Software is everywhere. You knew that already. But do you always know what that software is doing? As the recent Volkswagen ‘defeat device’ scandal has shown, when its true purpose is hidden, software can cause tremendous damage. Writing proprietary software that cheats on emissions tests goes beyond ‘cheating’ - it’s a criminal act and one that will leave the car manufacturer in reputational - and financial - ruin, not to mention the impact on customers and the wider economy. Amid the various calls for fines, resignations, and jail time for VW executives responsible for this, one point particularly stood out to us: This wouldn’t have happened if the software was Open Source.
Treat Software Inspection Like Elevator Inspections
So says Professor Eben Moglen, founder of the Software Freedom Center. He was quoted in the New York Times this week, lambasting the use of proprietary software in any product that needs to be scrutinised. He compared the VW cover-up with elevator inspections, wondering what would happen if it wasn’t possible to inspect elevators independently of the manufacturer. As he put it, ‘“Proprietary software is an unsafe building material...You can’t inspect it.” He went on to say ‘we shouldn’t use it for purposes that could conceivably cause harm, like running personal computers, let alone should we use it for things like anti-lock brakes or throttle control in automobiles.”
This call was picked up by Klint Finley, writing in Wired this week. His call was to ‘open up the internet of things’ in the wake of the VW scandal. With the increasing presence of connected objects and services like Google Nest, he raises concerns over the predominantly proprietary software powering them, despite the supposed security benefits. He writes: “If you can’t load your own software, you’re less likely to infect your car, burglar alarm, or heart monitor with a virus. But this opacity is also what helped Volkswagen get away with hiding the software it used to subvert emissions tests. It makes it harder to trust that your thermostat isn’t selling your personal info to door-to-door salesmen or handing it out to the National Security Agency.”
Wired anticipates the argument from vendors that opening up their code removes a commercial advantage. They propose a potential middle ground, whereby regulators are allowed to inspect the code even if competitors and the public are not. They point to the gaming industry where this is an accepted practice: ““It’s a pity that casinos have better scrutiny of their software than the code running our voting machines, cars, and many other vital objects, including medical devices and even our infrastructure.” This middle ground may not fully satisfy open source zealots but it it’s certainly a step towards protecting the public interest through open source.
Open Source Honesty is the Best Policy
It’s probably safe to say that your learning platform is unlikely to do damage on the scale of VW’s actions. But you will still want control of your destiny and your data, and the efficacy of the software you’re using. You want to know what’s in the code, whether it’s been well constructed, that it’s original, that no short cuts have been taken, and nothing untoward is happening to your data. With Open Source software, like all of our Totara Learning products, that’s all out there for anyone to examine.
This does not have to lead to an anticompetitive outcome. We believe Collaborative Innovation Networks, in which many parties and vendors can contribute innovations to software frameworks, is the model we should all be moving towards. Vendors can still compete on services, customers still have choice. But the underlying software is better supported - and open to everyone for scrutiny.
To return to the VW example: If every car had the same standard emissions software, and it was open source, and every manufacturer had an interest in improving it, would this deception have arisen? They’d be doing it under the nose of every other manufacturer, the public and the regulator. We should hold our Learning Platforms to this same scrutiny - that’s exactly what we’re doing at Totara Learning.
Less places to hide, more scope to collaborate for the customer. It’s one more reason to trust open source.