Friday, April 3, 2015

Sailfish OS: A truly open mobile OS?

Like many others, I've often wished that there was a mobile OS that was truly open, or at least closer to it than Android. Something with a user experience more like what you get with desktop Linux.

There is, of course, Ubuntu Touch, but I just haven't been all that impressed with it from a technical standpoint. Moreover, it seems that the Ubuntu project is endlessly setting ambitious milestones that it seldom reaches.

While researching the subject, I came across Sailfish OS, which seemed quite promising. Jolla, the creator of Sailfish OS, makes quite an issue about how much more "open source" their OS is than other more popular Mobile OSes. They even go so far as to call Sailfish an "open source" OS.

Technically, it's quite appealing. It has a swipe driven interface that does more than just take aspects of other mobile OSes and put them in an open source package. It solves a critical problem faced by anyone wanting to adopt an alternative mobile OS, by adding a compatibility layer for Android apps. So what's there not to like?

Well it turns out that, in spite of Jolla's marketing claims, it's not really open source. Here's a graphic showing the proprietary and open source components of Sailfish OS. Turns out that it's really just a proprietary user interface built on top of an open source plumbing layer, which isn't entirely open source either. Even the parts that are open source mostly come from outside of Jolla, most notably the Linux kernel.

So Sailfish, it appears, is really no more "open source" than Android. Perhaps even less so. Here's a discussion in Jolla's user forums that shows the frustration of would-be Sailfish adopters, resulting from Jolla's reticence regarding their plans for open sourcing their product. The comments made in that thread focus on open source as a sort of philosophical ideal. However, I think it overlooks a much more important aspect of open source software: Security.

One of the greatest benefits of open source software is that potential security flaws are scrutinized by so many different people. It's not dependent on the competence of developers within a particular company to evaluate vulnerabilities. It also makes it much more difficult for government entities to coerce developers into creating "back doors" in their software.

What this means for Sailfish, is that it's potentially much less secure than Android or iOS, because of the relatively small number of in-house developers reviewing the code.

Moreover, Sailfish is still a young project undergoing heavy development. But, if something doesn't work, all users can do is sit around and wait for the developers to fix it. What this all means is that Sailfish fails to provide its users with two of the most critical benefits of an open source project.

Perhaps, the one strong draw Sailfish still has is that its app ecosystem is built around Qt and HTML5, instead of Java. However, this is only a partial victory, as Android apps can also be developed with these toolkits, albeit with JAVA dependencies.

So, what does this mean for the future of open source OSes on mobile platforms? Sailfish is still, potentially, a strong contender for the hearts and minds of open source enthusiasts, if they'll provide a clear roadmap for open-sourcing their product, be more upfront in explaining why some components haven't been open-sourced, and do a better job of promoting community involvement.

There's also Tizen which, in spite of the "black mark" it bares because of it's association with big industry, seems closer to being truly open source. However, one major component, the SDK, has a closed-source license.

Of course, there are at least two truly open source alternatives: Ubuntu Touch and Plasma Active. However, they are in many ways technically inferior to the others, at least for now.

The specialized hardware and heated patent wars in the mobile world also present a significant barrier to the propagation of open-source on such platforms. So it may just be matter of giving it time, and waiting for things to cool down. As the mobile form factor becomes increasingly ubiquitous it will likely become more difficult for companies to justify their territorial claims.

For now, Samsung's dominance in the mobile hardware world probably gives Tizen the better chance at becoming a successful mobile OS. But still, it perhaps won't be that long before we see popular community-driven mobile distributions, as functional as Archlinux, Fedora, or Debian are on the desktop. And to that end, I think Ubuntu at least deserves some kudos for its pioneering efforts.