Do Firefox browser bugs matter?BBCNews
Friday, 22 April, 2005
SourceNo program is perfect, but bugs in open source software are less of a problem, says technology analyst Bill Thompson.The Firefox open source browser is full of bugs, some of which are rather serious.
In March Danish security firm Secunia reported that it had found eight.
Some could be used to trick users into giving away confidential information.
Others could let hackers get access to people's computers.
Every few days there are new ones.
In fact the little red button that tells you a "critical" update is available appears almost weekly, sending users off to the website to get the new version and fix yet another bug or security hole.
Since one of the main reasons people give for moving to Firefox from Microsoft's Internet Explorer (IE) is that IE is full of bugs and vulnerable to attack, this might seem to show that it does not matter which browser you use, since you are still going to be in trouble.
Fix it yourself
But the bugs in Firefox worry me a lot less than those in IE, just as the patches I have to apply to my Apache web server are less of a concern than the monthly collection of Windows Updates on my main desktop machine.
This is not because I do not like or use Microsoft software. It is because Apache, Firefox, and many of the other tools I use every day, are open source programs.
I can, if I feel like it, look at the original program code and the fixed program code and understand for myself what was wrong and how it has been fixed.
I could even, for the free software that I use, decide that I do not like the proposed change and make my own version of the program.
That is because free and open source software gives me the right to make changes to the code, something that matters a lot more than just being able to see what it looks like.
I cannot do any of this with Microsoft's programs, and so I feel less comfortable when they send out patches and security fixes.
I will never know exactly what the problem was, so I can never be completely sure that the "fix" was the best way to solve it.
Of course, I am not a gifted programmer, but the thousands of volunteers who produce and maintain free software will do the checking for me, and they do not have to worry about the impact on share prices or company sales of a security announcement.
The importance of open source software to the internet continues to worry many companies trying to make money out of their own closed, proprietary programs.
It is one of the reasons that the big companies are so keen on allowing software to be patented.
It would allow them to lock down the ideas behind some pretty basic technology instead of just protecting their own code and allowing competition from open source alternatives in a free market.
'Pursuit of knowledge'
The UK think-tank Demos has just published a rather interesting analysis of the phenomenon, looking at how open source methods could be applied in areas outside programming like law-making, the media and even company organisation and funding.
One of the important aspects of open source outlined in the report, Wide Open, is that it is not really a new idea.
Authors Geoff Mulgan and Tom Steinberg point out that "for centuries the pursuit of knowledge has been undertaken in ways that involve widely dispersed groups commenting on each others' work.
"The evolution of the Talmud in Judaism is one example, and the tradition of interpretation in Islam is another."
What has changed is the speed of communication and access to shared tools that the internet can provide, so that the same working methods can produce radically different outcomes - instead of a book of religious law we can make an operating system or a web browser.
Firefox has become the poster child of the open source movement because it is one of the few open source products that ordinary users see and use every day.
It is still relatively rare, with just under six percent of web accesses coming from Firefox in February 2005 compared with nearly 90% for IE.
And according to web traffic analysis company, WebSideStory, the rate of growth in Firefox use has slowed slightly since the release of version 1.0 in November 2004.
Yet even growth of around one percent a month is important, especially given the inertia of the browser marketplace.
The vast majority of web users are sitting at work computers over which they have little control, or know too little about their systems to feel comfortable downloading and installing new programs.
Getting thousands of them to convert every month is an achievement.
Microsoft is responding to the concern over IE and its security by bringing forward the release of IE 7.
This was originally to have been part of the next major version of Windows, codenamed Longhorn, but now it will be available to existing Windows users sometime over the summer.
This could make it harder for Firefox and the other open source browsers to break into more conservative markets, but in one sense that does not matter.
Firefox development is not being driven by people out to dominate the market or squeeze monopoly profits out of customers for other products they sell.
It has already done a great deal by making Microsoft honest, pushing their new emphasis on the security and reliability of their products and prompting the early release of IE 7.
And of course even if Firefox stalled and its developers moved on to other projects anyone - and that could include anyone reading this - can get all of the source code and keep on making it better or adapting it to their needs.
Unlike closed source, where the program code is locked up, Firefox's code is out there for us all to look at and use as we see fit. And that helps me sleep at night.
***
Bill Thompson is a regular commentator on the BBC World Service programme Go Digital.