aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • DevOps
  • Software
  • Tools

How Open Source Builds Distributed Trust

  • root
  • February 2, 2021
  • 4 minute read

Trust in open source is a positive feedback loop.

This is an edited excerpt from my forthcoming book on Trust in Computing and the Cloud for Wiley and leads on from a previous article I wrote called Trust & choosing open source.

In that article, I asked the question: What are we doing when we say, “I trust open source software”? In reply, I suggested that what we are doing is making a determination that enough of the people who have written and tested it have similar requirements to mine, and that their expertise, combined, is such that the risk to my using the software is acceptable. I also introduced the idea of distributed trust.


Partner with aster.cloud
for your next big idea.
Let us know here.



From our partners:

CITI.IO :: Business. Institutions. Society. Global Political Economy.
CYBERPOGO.COM :: For the Arts, Sciences, and Technology.
DADAHACKS.COM :: Parenting For The Rest Of Us.
ZEDISTA.COM :: Entertainment. Sports. Culture. Escape.
TAKUMAKU.COM :: For The Hearth And Home.
ASTER.CLOUD :: From The Cloud And Beyond.
LIWAIWAI.COM :: Intelligence, Inside and Outside.
GLOBALCLOUDPLATFORMS.COM :: For The World's Computing Needs.
FIREGULAMAN.COM :: For The Fire In The Belly Of The Coder.
ASTERCASTER.COM :: Supra Astra. Beyond The Stars.
BARTDAY.COM :: Prosperity For Everyone.

The concept of distributing trust across a community is an application of the wisdom of the crowd theory posited by Aristotle, where the assumption is that the opinions of many typically show more wisdom than the opinion of one or a few. While demonstrably false in its simplest form in some situations—the most obvious example being examples of popular support for totalitarian regimes—this principle can provide a very effective mechanism for establishing certain information.

This distillation of collective experience allows what we refer to as distributed trust and is collected through numerous mechanisms on the internet. Some, like TripAdvisor or Glassdoor, record information about organisations or the services they provide, while others, like UrbanSitter or LinkedIn, allow users to add information about specific people (see, for instance, LinkedIn’s Recommendations and Skills & Endorsements sections in individuals’ profiles). The benefits that can accrue from these examples are significantly increased by the network effect, as the number of possible connections between members increases exponentially as the number of members increases.

Read More  New Open Source Tool Automates Compliance

Other examples of distributed trust include platforms like Twitter, where the number of followers that an account receives can be seen as a measure of its reputation and even of its trustworthiness, a calculation which we should view with a strong degree of scepticism. Indeed, Twitter felt that it had to address the social power of accounts with large numbers of followers and instituted a “verified accounts” mechanism to let people know that “an account of public interest is authentic.” Interestingly, the company had to suspend the service after problems related to users’ expectations of exactly what “verified” meant or implied: a classic case of differing understanding of context between different groups.

Where is the relevance to open source, then? The community aspect of open source is actually a driver towards building distributed trust. This is because, once you become a part of the community around an open source project, you assume one or more of the roles that you start trusting once you say that you “trust” an open source project (see my previous article). Examples include architect, designer, developer, reviewer, technical writer, tester, deployer, bug reporter, or bug fixer. The more involvement you have in a project, the more you become part of the community, which can, in time, become a community of practice.

Jean Lave and Etienne Wenger introduced the concept of communities of practice in the book Situated Learning: Legitimate Peripheral Participation, where groups evolve into communities as their members share a passion and participate in shared activities, leading to improving their skills and knowledge together. The core concept here is that as participants learn around a community of practice, they become members of it at the same time:

“Legitimate peripheral participation refers both to the development of knowledgeably skilled identities in practice and to the reproduction and transformation of communities of practice.”

Wenger further explored the concept of communities of practice, how they form, requirements for their health, and how they encourage learning in Communities of Practice: Learning, Meaning, and Identity. He identified negotiability of meaning (“why are we working together, what are we trying to achieve?”) as core to a community of practice and noted that without engagement, imagination, and alignment by individuals, communities of practice will not be robust.

Read More  Finding Stability in Open Source Work

We can align this with our views of how distributed trust is established and built: when you realise that your impact on open source can be equal to that of others, the distributed trust relationships that you hold to members of a community become less transitive (second- or third-hand or even more remote) and more immediate. You understand that the impact you can have on the creation, maintenance, requirements, and quality of the software you are running can be the same as all of the other, previously anonymous contributors with whom you are now forming a community of practice or whose existing community of practice you are joining. Then you become part of a network of trust relationships that are distributed but less removed from what you experience when buying and operating proprietary software.

The process does not stop there; as a common property of open source projects is cross-pollination, where developers from one project also work on others. This increases as the network effect of multiple open source projects allows reuse and dependencies on other projects to rise and leads to greater take-up across the entire set of projects.

It is easy to see why many open source contributors become open source enthusiasts or evangelists, not just for a single project but for open source as a whole. In fact, work by Stanford sociologist Mark Granovetter suggests that too many strong ties within communities can lead to cliques and stagnation, but weak ties provide movement of ideas and trends around communities. This awareness of other projects and the communities that exist around them and the flexibility of ideas across projects leads to distributed trust being able to be extended (albeit with weaker assurances) beyond the direct or short-chain indirect relationships that contributors experience within projects where they have immediate experience and out towards other projects where external observation or peripheral involvement shows that similar relationships exist between contributors.

Read More  Achieving Cloud-Native Network Automation At A Global Scale With Nephio

Put simply, the act of being involved in an open source project and building trust relationships through participation leads to stronger distributed trust towards similar open source projects or just to other projects that are similarly open source.

What does this mean for each of us? It means that the more we get involved in open source, the more trust we can have in open source, as there will be a corresponding growth in the involvement—and therefore trust—of other people in open source. Trust in open source isn’t just a network effect: it’s a positive feedback loop!

This feature is republished from opensource.com


For enquiries, product placements, sponsorships, and collaborations, connect with us at [email protected]. We'd love to hear from you!

Our humans need coffee too! Your support is highly appreciated, thank you!

root

Related Topics
  • devops
  • distributed trust
  • Open Source
  • Software
You May Also Like
aster-cloud-erp-bill_of_materials_2
View Post
  • Software
  • Software Engineering

What is an SBOM (software bill of materials)?

  • July 2, 2025
aster-cloud-sms-pexels-tim-samuel-6697306
View Post
  • Programming
  • Software

Send SMS texts with Amazon’s SNS simple notification service

  • July 1, 2025
aster-cloud-website-pexels-goumbik-574069
View Post
  • Programming
  • Software

Host a static website on AWS with Amazon S3 and Route 53

  • June 27, 2025
notta-ai-header
View Post
  • Featured
  • Tools

Notta vs Fireflies: Which AI Transcription Tool Deserves Your Attention in 2025?

  • May 16, 2025
View Post
  • Software
  • Technology

Canonical Releases Ubuntu 25.04 Plucky Puffin

  • April 17, 2025
View Post
  • Software
  • Technology

IBM Accelerates Momentum in the as a Service Space with Growing Portfolio of Tools Simplifying Infrastructure Management

  • March 27, 2025
Vehicle manufacturing
View Post
  • Software

IBM Study: Vehicles Believed to be Software Defined and AI Powered by 2035

  • December 12, 2024
aster-cloud-tux-gaming
View Post
  • Computing
  • Gears
  • Software

5 best Linux distributions for gamers in 2024

  • September 11, 2024

Stay Connected!
LATEST
  • How to create an AWS free tier account
    • July 10, 2025
  • How to configure multiple AWS CLI authentication credentials
    • July 10, 2025
  • 3
    Formula E accelerates its work with Google Cloud Storage and Google Workspace
    • July 9, 2025
  • What is database as a service (DBaaS)?
    • July 7, 2025
  • The cloud’s role in PQC migration
    • July 7, 2025
  • 6
    Hybrid cloud has hit the mainstream – but firms are still confused about costs
    • July 7, 2025
  • 7
    Building secure, scalable AI in the cloud with Microsoft Azure
    • July 5, 2025
  • 8
    Turns out OpenAI is the customer behind Oracle’s mysterious $30 billion cloud deal
    • July 3, 2025
  • aster-cloud-erp-bill_of_materials_2 9
    What is an SBOM (software bill of materials)?
    • July 2, 2025
  • aster-cloud-sms-pexels-tim-samuel-6697306 10
    Send SMS texts with Amazon’s SNS simple notification service
    • July 1, 2025
about
Hello World!

We are aster.cloud. We’re created by programmers for programmers.

Our site aims to provide guides, programming tips, reviews, and interesting materials for tech people and those who want to learn in general.

We would like to hear from you.

If you have any feedback, enquiries, or sponsorship request, kindly reach out to us at:

[email protected]
Most Popular
  • 1
    A looming hyperscaler exodus? UK IT leaders are thinking of ditching US cloud providers – here’s why
    • June 26, 2025
  • Genome 2
    AlphaGenome: AI for better understanding the genome
    • June 25, 2025
  • aster-cloud-website-pexels-goumbik-574069 3
    Host a static website on AWS with Amazon S3 and Route 53
    • June 27, 2025
  • Camping 4
    The Summer Adventures : Camping Essentials
    • June 27, 2025
  • 6 edge monitoring best practices in the cloud
    • June 25, 2025
  • /
  • Technology
  • Tools
  • About
  • Contact Us

Input your search keywords and press Enter.