Article by Govind Shivkumar and Alex Krasodomski-Jones: “…Omidyar Network was proud to support the creation of “The Open Road,” a new report by our partners at Demos that vividly highlights the many dangers facing open infrastructure — and lays out a clear and achievable path to securing its sustainable future. In short, the report urges philanthropies to take concrete steps, with significant funding, to bolster open-source software and open standards, and the people who keep the infrastructure working.
The value of open-source code and the movement behind it
Everything from hospitals and banks to social media and messaging platforms run on open-source software; that is, mostly free “source code” that anyone can inspect, modify, and enhance to build their own digital applications. In complement, open standards — like HTML, a common way of coding a website — help facilitate interoperability and data exchanges between different products or services. Both of these “encourage a decentralized community of developers to collaborate on projects and jointly benefit from the resulting software”.
A secure, open technology system is immensely valuable to companies and governments. It facilitates connections between their technologies and other systems, which increases the value of their tools; it is easy to adopt and make changes; and it avoids the pitfalls of reinventing the wheel or reinvesting resources. Because of that vast flexibility, developers and engineers can innovate for the user’s needs faster and more cost-effectively, giving the public a meaningful choice of which interconnected apps, devices, technologies they want to use.
“More openness means more innovation. More transparency means more scrutiny, which means fewer overlooked security vulnerabilities. Openness favors the development of ‘good technology,’ which embeds privacy, security, and other protections in its design.”
The challenges facing open infrastructure
The ecosystem is vast and acutely vulnerable. Period catastrophes like the Heartbleed bug which was exposed in 2014, and later security flaws, such as log4shell and log4J, threatened millions of digital applications worldwide. Other weaknesses are simply the result of neglect and lack of proper investment and upkeep. When security vulnerabilities cause cracks in the infrastructure, allowing malicious actors to wreak havoc, the startled world briefly takes notice…(More)”