Researcher Trashes Linux; Journos Fan The Blaze

by Hinesh Jethwani    Jul 20, 2004

Linux is back again in the firing line. What started as an opinion in an academic seminar, has been blown out of proportion by opportunistic trigger-happy journalists taking potshots at everyone’s favorite subject: The Open Source v/s Proprietary software debate.

And joining the party is the respected financial daily from the Hindu Group– Hindu Business Line, exploiting the opportunity to rake up another Linux v/s Microsoft debate — as if the industry hasn’t heard enough of it already.

Linux is un-maintainable, Linus’s Law is not applicable to open-source software development, and the LST result is false. These are the three ’so-called’ shocking results of a research aptly titled, “ Three Unexpected Results in Open-Source Software Engineering

The paper has been floating around for some time, with speculation running wild about its authenticity. Leaving controversy aside, CXOtoday interviews the author of the document, along with Open Source gurus, hardcore Linux fundamentalists, and Microsoft protagonists in a full-blown investigation.

The man in question is Stephen R. Schach, from Vanderbilt University, Nashville, TN, USA.

When contacted, Schach immediately clarified, “The document floating around on the Web is NOT a research paper. It is a set of PowerPoint slides for a colloquium talk I have given. Some of the material has been published, and some has been submitted for publication. Therefore, most slides in the presentation have been headed as ’Preliminary Results’ or ’Current Work’ and there is even a ’Preliminary partial result’ (slide 19).”

When confronted with the fact that many were taking the paper seriously (As it does hint at a final result after all, without any concrete mention of inconclusiveness), Schach refuted, “This is not material for an article in a reputable newspaper. An article based on anything other than published research papers would be misleading, at best. Until my second paper on Linux has been accepted for publication by a research journal, I have no comment to make.”

Probing further yielded naught, as Schach refused to be contacted for any further information on the document.

In his document, Schach has defined two categories of Open Source developers:

Core (“inner circle”): A small number of individuals who can modify the software (they have CVS privileges)

Periphery (“outer circle”): The vast number of individuals worldwide who can download the software product, use it, report failures and suggest fixes.

Schach’s argument 1: “A fundamental belief of the open-source movement is that many open-source products are successful because countless members of the periphery study the code, find faults, and suggest fixes. This idea has been codified as Linus’s Law. The fact is that most members of the periphery do not have the necessary debugging skills to study the code, look for faults, and suggest fixes. We examined Bugzilla defect reports for Tomcat 4.0, Gnome and Mozilla, and determined whether each fault was fixed by a member of the core or the periphery. The overwhelming majority of faults are fixed by core members, proving that Linus’ law is false. The vast numbers of “eyeballs” apparently do not exist. Open-source software development is undemocratic.”

Schach’s argument 2: “We examined 365 versions of Linux, about 3 million LOC each, and looked for global variables. We counted instances of common coupling between kernel modules, and non-kernel modules. Linux overuses global variables, which will have a deleterious effect on maintenance. In the long term, Linux is un-maintainable.”

Schach’s argument 3: “In 1978, Lientz, Swanson, and Tompkins published the results of a survey on software maintenance. They found 17.4% of maintenance was corrective,
18.2% was adaptive, 60.3% was perfective and 4.1% was categorized as other. We refer to this as the LST result. Our average is more than three times the LST value, proving that the result is totally wrong.”

Schach even continues to dispute a well established fact from Eric S. Raymond’s essay ’The Cathedral and the Bazaar’, which states that “Given enough eyeballs, all bugs are shallow.”

So what does the man himself, leader of the Open Source revolution, Eric S. Raymond have to say about the research?

Raymond replied, “What would make developers sitting at the periphery an exception? Are they not part of the reviewer community? Is there any way they could do what they have done with closed source?”

Casting serious doubts about the authenticity of the research, when probed about the LST results, Raymond retorted, “What’s an LST?”

Giving his views on the coupling argument, Raymond said, “I think Unix has comparable coupling — Linux is maybe a bit cleaner, but not dramatically so. Can’t say about Windows, never having seen the source code.”

Regarding the issue of Linux being un-maintainable, he explained that it was unjust to single out Linux out of all the available OS’. “That’s a weird question. There is no software environment, anywhere, that doesn’t have maintenance issues,” he replied.

Dismissing the fact that CIOs should think twice before jumping on to the Open Source bandwagon, he quipped, “Go, go, go! The sooner you switch the more you’ll save in downstream costs.”

The next man to stand in the witness box was Free Software Foundation and GNU/Linux leader Richard M. Stallman. When confronted with the research results, he retorted, “I have not read it or even heard of it, sorry.”

Driving the last nail into the coffin, Stallman rubbished the use of the document for creating a so-called eye-opener for CIOs. “The open source movement, as one can see, focuses on technical, practical values. In the free software movement our goal is to live in freedom and have a community. For us, the details of software engineering and its results, whether expected or not, are not the highest priority,” he replied.

Javed Tapia, director, Red Hat Linux, India, said, “The claims made in the report are not consistent with the views of the open source community. The open source community is extremely democratic. The identification of code flaws by a large community is what sets open source apart from proprietary. The ‘core’ is who the community trusts to improve the code based on the reputation of the technologists. Other conclusions drawn make it obvious that this research was not gathered from open source in practice.”

Venkatesh Hariharan, co-founder, Indlinux.org, said, “Schach’s result that Linux is completely un-democratic is a rather unusual comment, and in many ways absolutely wrong. It is not practical to view an OS as being democratic or not, as Open Source software selection is more of a build yourself process — just like any other volunteer activity. Moreover, the periphery in Linux is much wider than in proprietary systems. How many Microsoft developers would be having privileges of looking at the Windows core? I believe that the number of Linux core developers is much higher.”

Abhijit Das, manager, platform value, Microsoft Corporation India, said, “There is no reason for me to challenge Schach’s research. Most people who see errors cant really fix it. In our experience, most errors are in fact pointed out by end users. A person sitting on the periphery will remain as an observer rather than a bug fixer. Since Linux support comes from disparate sources, I am not sure if there is adequate communication between them. Most patches released address specific problems and not the Linux environment as a whole. This non-availability of a collateral between support forums could lead to a loss of coupling in the OS, leading to Linux possibly becoming un-maintainable, as Schach claims.”

“At Microsoft the number of eyeballs looking at the source code is obviously very high, due to the high risks involved with large-scale usage of our systems. Our support ecosystem eliminates all challenges associated with maintainability. Also, regarding the maintainability part, Linux being a derivative of Unix is complicated and requires a lot of expertise. The Open Source model of Linux obviously has a risk factor involved, as vulnerabilities creep into every OS. In India the metropolitan cities offer reasonable Linux support, but in the other cities its reach remains highly limited. That’s exactly where Microsoft scores,” added Das.

Schach’s comments about Linux heading towards a crash because of loss in coupling may point to a wider problem existing in the industry. With patch frequency climbing to an all time high, vendors are struggling to provide updates in the time. Most vendors have adopted a ’quick fix’ approach, rendering serious damage and weakening OS stacks. May be the research would have been justified if it pointed out root problems with a generality of software available in the market today.

All said and done, should CIOs believe in Schach’s research? You decide.

Tags: Linux