January 3, 2022The Intersectiontechnologyinformation agegeopolitics

Open source is in India’s national interest

India can limit the power of transnational technology firms and foreign governments by promoting open source software development.

Mint This is from The Intersection column that appears every other Monday in Mint.

Over the past month, hundreds of thousands of developers and IT managers around the planet have been working over weekends and holidays to fix a vulnerability in Log4j, an otherwise boring piece of software found in millions of computer servers, from those owned by giants like Apple and Twitter to smart’ televisions, security cameras and other appliances in people’s homes. Before Nasa’s denial, it was feared that its Mars helicopter might have carried the vulnerability to another planet.

Meanwhile, bad actors are devising increasingly clever ways to exploit those vulnerabilities, installing backdoors, crypto-mining tools and other bits of malware before the systems are patched. Despite the patches being available within days, it might take a couple of years before the threat passes. Tech executives are scheduled to meet the US deputy national security advisor on the matter this month.

The famous xkcd cartoon Dependency

William Turton & co have a good account of the Log4j crisis. Filippo Valsorda’s excellent blog post explains the underlying problems and potential solutions.

Log4j is a piece of open-source software, maintained by a disproportionately tiny team of volunteers. Ralph Goers, the developer who maintains the code and who fixed the bug, has a full-time job elsewhere. He worked on this project in his spare time. His work was funded by three individuals: Michael, Glenn and Matt. The massive edifices of the Information Age rest on such tenuous foundations. Log4j, Apache, Kubernetes and Linux are the more famous names: the multi-trillion dollar information economy is held together, partly, by hundreds of thousands of open-source software components and the dedicated communities of volunteers that maintain them. Many of them are paid employees of private companies, others are from universities, and quite a number are enthusiasts who do it simply because it floats their boats.

GitHub’s State of the Octoverse report has the numbers.

Numerically, Indian developers are major players in this ecosystem. According to GitHub, a leading platform for open-source software development, more than 7.2 million of its 73 million users in 2021 were from India, making it a close third behind China (7.6 million) and the US (13.5 million). But the Indian developer base is growing faster, close to 40% in 2020-21 compared to 16% in China and 22% in the US. GitHub expects to see 10 million Indian developers on its platform by 2023.

Merely being on GitHub is no indication of the quality, intensity or importance of the projects they work on. Still, the fact that millions of Indian developers are plugged into the global open-source ecosystem is a good sign and can be a source of competitive advantage for India in high-technology geopolitics.

Indeed, open-source software is in India’s national interest, given the unfolding economics and politics of the technology space. As much as it makes sense to stay out of the cyber Sinosphere and align with the US where there is convergence of interests and values, India must maximize its independent technological power. To attempt technological sovereignty by reinventing everything and insisting on localization would be counter-productive. A far more effective approach is to focus on open-source projects, build for the whole planet and derive a strategic advantage. This is the only reliable way to reduce dependence on transnational technology companies (and the governments behind them), whether Chinese or Western.

The earliest attempts by governments to promote open source have mostly involved adopting Linux-based operating systems and open document formats. These failed because governments can’t build better consumer products than corporations or open-source communities. More recent attempts involved building stacks, infrastructure and platforms that allow varying degrees of source-code visibility and access. These are mostly targeted at delivering digital public services.

India must now promote an open-source economy. This involves pushing a number of policy levers to create incentives for developers and firms to invest more in building open-source software. The goal should be to create globally-competitive developers and firms that become important nodes in the tech ecosystem. The gig economy will grow in the post-pandemic world. Wage differentials and exchange rates will benefit Indian freelancers and moonlighters. It’s not broken, so the government is best off not trying to fix it.

See Ivan Mehta on why open source maintainers need greater financial support.

What public policy can do is to steer and nudge individuals and firms towards open-source. Engineering colleges could be encouraged to get their students to participate in open-source projects. A number of technology foundations offer grants and rewards, which can transform the CV of a fresh graduate. Ensuring a healthy open-source ecosystem is in fact a matter of social responsibility for a country with a big IT industry. If support for open-source projects is recognized as satisfying corporate social responsibility (CSR) commitments, more developers will be drawn towards them, which will reduce the chances that we have to depend on four individuals to hold up a crucial piece of the world’s information infrastructure.

Brian Behlendorf’s thoughts on the prospects for open-source are insightful

The free and open-source community is grappling with existential questions on how it should adapt to a world of cloud computing, big platforms and surveillance-based business models. The outcome is important to India, and therefore it’s in our interest to shape it.

(There are many more The Intersection columns in my archives)

If you would like to share or comment on this, please post it on Twitter Previous
Geopolitics of the Information Age
The co-evolution of genes and culture is revolutionizing policy

© Copyright 2003-2021. Nitin Pai. All Rights Reserved.