According to ZDNet, sometime in March, someone accessed a Microsoft employee’s account at GitHub and downloaded about 1200 private repositories. The person threatened to publish some of the stolen material online, but Microsoft employees said that the material accessed is not sensitive.
What does it mean?
Because most software projects are large and complicated, programmers work in teams, reuse code from previous projects, and update existing code when problems are detected by users of the product or when new features are added. Created in 2005 by Linus Thorvalds (who also created the widely used Linux operating system), Git is a tool that supports version control, that is, it tracks all the changes that have been made to a piece of code (or any file), allowing restoration to earlier versions if problems arise. Git can track the branching and merging of versions by different users, thus supporting team work on a project. GitHub, one of several hosts for Git, was founded in 2008 and acquired by Microsoft in 2018 for $7.5 billion. GitHub is used by many companies for the development of proprietary products, but is also used by teams developing open source software.
What does it mean for you?
Computer security is a constant problem. While the ZDNet article does not say so, the case may be one where someone obtained the login information of a Microsoft employee. Often the human is the weakest point in computer security, even if that issue was not the case here. I recently heard from a company that about half of their incoming email is rejected by various filters; that percent has increased since the COVID19 crisis has kept people at home. Not all of those emails are attempts to obtain information, but a significant proportion are. A hospital in my community is still recovering from a ransom situation regarding their software. You already know that you need professional help to maintain the security of your computer systems.
Software projects are huge and complicated. While counting the number of lines of code in a piece of software is only a poor measure of the size or complexity of a project, it does enable some comparisons. The infographic “How Many Millions of Lines of Code Does It Take?” shows that the Space Shuttle software has about 400,000 lines of code, the Hubble Space Telescope several million lines, the Android operating system about 12 million lines, and Facebook over 60 million lines of code.
Coding is teamwork. Because of the size of the projects, a team of programmers writes and maintains the code. Software development methods aim to ensure that the resulting software meets the needs of the clients, just as with any other product. These methods have built upon and contributed to ideas about teamwork and customer satisfaction. For example, some software development methods are called agile and focus on being able to handle changing requirements by close collaboration with the customer. The tensions among speed to produce working software, responsiveness to the customer, creating clear documentation, and ensuring that different parts of the software are compatible are issues that every team will recognize. Different methods of software development involve different levels of up-front planning, meetings to review progress at various levels of frequency, sizing of tasks assigned to each programmer, frequency of contact with client, and methods for finding and fixing bugs in the software.
Coding is iterative. James Michener is often cited as the person who said “I’m not a very good writer, but I’m an excellent rewriter” and many writers would express a similar sentiment. Software companies often emphasize speed to market in order to capture market share; features can be added and problems fixed in response to feedback from customers. DevOps is a set of practices designed to provide software updates at a blistering pace and software updates are almost constant with many products.
As a writer and an engineer, I struggle with the programming approach of putting out a product that is good enough, letting users give feedback, and then improving the product. This piece I am writing now will reach a final stage and I will post it. Many engineering products (bridges, for example) have safety requirements built in from the start and are not meant to be strengthened or rebuilt in response to failure. Starting with a “minimal viable product” for, say, an autonomous vehicle shocks me and makes me conscious of the ring I wear on my right pinky.
The most interesting aspect of this story for me is that many of the users of GitHub are working in teams to produce open source products. The first and still the most famous example of open source software is Linux, software for the Unix operating system. Open source software may be used, changed, and distributed to others under a license specifying the terms. The open movement has many flavors and philosophies combining in various ways community, sharing, transparency, inclusivity, peer review, the value of public goods, giving software away for free, and protection of intellectual property rights. The words “free,” “open,” and “libre” are used in specific, although not always consistent, ways to make distinctions.
Open source software has led to other concepts of open, such as Open Educational Resources. I have written two textbooks (one an introduction to industrial engineering and one on probability, statistics, and Six Sigma) that I give away for free. I have taught students well and saved them tens of thousands of dollars. I took this approach to my books because it freed me to write the books I want (not the books that publishers think I should write). I distribute the book under a Creative Commons license, which specifies what users may and may not do with the text. One of the books has been translated into Turkish and has also been recombined with material written by another professor for use in her classroom. Many examples of Open Educational Resources are collaborative efforts.
The open movement challenges our thoughts about how work should be done. The highly paid professionals behind some of the most highly valued companies are part of community that argues about how to work together to create their products; many of them have concluded that open and collaborative work is better than closed and individual work. Furthermore, the open movement challenges our thoughts about the nature of labor, pay, and the common good. Some open source software is produced by people who work for pay, but in other projects all the work is done by unpaid people. Why do people do this work? Because people want to be part of something larger than themselves and people want to work on something that feeds their passion. In an economy in which almost everyone survives by selling their labor, what does this movement mean?
As we talk about returning back to normal during the COVID19 crisis, I argue we should be talking instead about moving forward to better. The economic system of the US is a mechanism for organizing work and for delivering products and services to people. Other mechanisms are possible and the open movement may give us some ideas.
Where can you learn more?
The 1999 book The Cathedral and the Bazaar by Eric S. Raymond contrasts software development under tight control with software development in the public eye, arguing for the latter based on, for example, the observation that involving more people leads to quicker detection of bugs in the software.
The 2008 book Two Bits by anthropologist Christopher M. Kelty argues that the Open Software movement created a new type of entity, a recursive public. “A recursive public is a public that is vitally concerned with the material and practical maintenance and modification of the technical, legal, practical, and conceptual means of its own existence as a public; it is a collective independent of other forms of constituted power and is capable of speaking to existing forms of power through the production of actually existing alternatives.” The geeks he study both act within the open source movement but also consciously work to preserve the environment that allows the open source movement to exist.
The Electronic Frontier Foundation defends “digital privacy, free speech, and innovation.”
“The Free Software Foundation is working to secure freedom for computer users by promoting the development and use of free (as in freedom) software and documentation.”
The Open Source Initiative provides various licenses for open source software.
Open Education Global is a consortium of organizations supporting open education.