Tim O'Reilly Bashes Open Source Efforts in Govt

mshiltonj writes "Tim O'Reilly wrote a little piece about his worries about the politicization of the Open Source community, specifically the Digital Software Security Act. He calls it a bad idea, saying, 'No one should be forced to choose open source, any more than they should be forced to choose proprietary software.'"

There's a tremendous difference between what government should be allowed to do and what individuals should be allowed to do. O'Reilly is attempting to blur the distinction, a common rhetorical tactic but one which does not advance his argument. As far as I can tell, his only argument besides this is that if the citizenry pushes for the government to use Free software, companies will push back to use proprietary crud. This argument doesn't hold water - every company selling proprietary software is lobbying the government all the time, have been for years, and they aren't going to stop just because we do. CNet carries news today that Microsoft has pressured the NSA to drop development of Security-Enhanced Linux. I can only imagine what sort of pressures might have been brought to bear behind the scenes, perhaps Microsoft threatened to cancel the NSA's site licenses of Windows and Microsoft Office. But in any case, there's no such thing as "mutual disarmament" - if we back down we'll just get smashed by the continuing efforts of companies pushing proprietary software.

But back to the government/individual distinction. Individuals, for instance, shouldn't be required to disclose their private papers to anyone who asks. But government should: that's the foundation of our freedom of information laws, and they exist for a good reason - keeping an eye on government is a necessary thing. Saying "People should be free to keep their papers private" as an argument against government FOI laws is just a stupid strawman, unworthy of further debate. And that's what O'Reilly's argument against California's proposed law is as well.

Governments play by different rules. They need to be fiscally responsible, transparent to the public, and promote the public commonwealth whenever possible. Using Open Source or Free Software in government promotes all three of these goals, and if Microsoft or any other corporation doesn't make quite as much money when the government alters its standards for software procurement... so what? Companies who make shoddy products do lose business when the government ups its standards, and they have the same choice as any business does: either produce better products, or lose the government's business. In this case the shoddiness comes in some of the most important areas as far as software goes: open access to the code, to ensure the software that we the citizenry pay for is doing what it is supposed to be doing, but the rationale would be the same if the government mandated a certain level of bug-free-ness or a certain level of performance for software - you can shape up and continue selling to the government or you can ship out. Your choice.

O'Reilly seems to be promoting the agenda of Microsoft's Software Choice campaign. He's a business man; perhaps there's a reason we don't know about. But whatever his motives, his lame arguments are no reason to stop pushing for governments to use Free or Open Source software wherever possible.

About Government Purchasing

[aero6dof]

Although I don't support the DSSA in its current form, I don't think that Tim has ever tried to sell products to the governments and their agencies - I have. Open Source has inherent disadvantages in trying to sell to a government customer. Government often creates lists of "qualified" vendors. These lists often serve as a procurement "menu" the government agencies decide what sofware technologies to implement. Going with off-list technology often requires extra justification and more work on the part of the procurement agency.

The nature of Open Source makes it difficult or impossible to participate in these lists. The regulation simply doesn't mesh well with the OSS paradigm. Look at California Educational List [c-smart.org] or the Federal Gov't GSA [gsa.gov] and try to imagine an Open Source project trying to qualify for a slot on those lists. Even if an Open Source business does qualify itself to the list, none of the other businesses offering service or support qualify - removing a key advantage of Open Source -- multi-vendor competition over support of the same product.

I do think some sort of "Consider Open Source First" software procurement policy is in order. Either that, or a gov't office to specifically qualify Open Source projects to these procurement lists.

Re:What bunk

[Verizon Guy]

Umm... ASP is server-side, dude. So only bad HTML would break Mozilla.

open standards

[spasm]

I work on large, US taxpayer-funded research projects. We gather *huge* amounts of data, and use less than a third of it ourselves. Some of it will eventually be datamined by other projects, and all of it has potential for future researchers. Perhaps in a year or two; perhaps in 20 years. It's that kind of data.

I couldn't actually give a shit about open source vs closed sorce *software* - in a given week I switch back & forth between MacOS, NT, and Linux, and use both proprietary and open source tools on all three depending entirely on what best suits the task is at hand. But having the data I work with in an open format which can be used by multiple tools from multiple vendors across all three of the platforms I use is essential. And in the longer term, making absolutely sure the data I work with is and will remain available to other researchers is critical.

We, the taxpayers, pay for an incredible amount of extremely expensive research, and to deliberately lock the products of this research up in proprietary formats which may not be accessible to later researchers (eg the 1960's census data debacle) is criminal stupidity.

Re:Gawd Mike!

[An Onerous Coward]

Thanks for pointing out that the government is made up of people. Hadn't considered that fact.

Demanding that every application be open sourced is probably overkill for most government purposes. I personally don't care if the government is using Apache or IIS to host its website; the end user experience is the same. Nor do I care what e-mail system they're running, so long as I can send and receive mail from the client of my choice, and their e-mail archives can be freely converted into other formats.

But non-standard/proprietary protocols have to go. Let's say some governmental organization decides that the "easiest" way to publish their information is to use format X. Format X can only be read by application Y. Application Y costs $40. So in order to receive the information, you have to purchase application Y.

But now there's a hitch. You've received a document (say, a contract under negotiation), and you want to make your own revisions before sending it back. But application Y is only a reader. To make the changes, you need access to application Z, which costs $4000. Ouch.

When the government has to publish its doings to the outside world (which should be true by default), then what's "familiar and comfortable" to them should take a back seat to what's most enabling to the citizen.

Re:Transparency *is* needed

[ericman31]

Now, you talk about the cost to the taxpayer, but when you're spending billions on things that blow up (where's the ROI in *that*?), that argument is shaky at best. I think the infrastructure could be refitted at the expense of a few less missles, while eliminating the secondary (Microsoft/Oracle/IBM) tax of proprietary software.

Since we are talking about the proposed law in California I think we can discard the idea that building a few less missiles will fund the refitting you're talking about. Even IF we were talking about the Federal government "a few less missiles" would not fund what you are talking about.

In any case, there are significant issues on the table with mandating open source software for the State of California. Before I go any further I should lay my cards on the table. I work for an IT services company. However, I'm expressing my own views, not the position of my employer. I currently work in one of the government divisions of that company, and for the last four years have supported multiple contracts with the state of California. I have a serious stake in this law, both because of my job and because I'm a citizen of California. Some of what I have to say deals with my political views as a citizen and some with my views as an IT professional.

I'm a huge supporter of open source. I think it's clear that the Internet, as we know it, was created by open source platforms, including Berkley UNIX (and subsequently BSD and Linux), BIND, and Apache. The open source community has been, and still is, a leader in many of the innovations in computing today. This same community responds much faster to customer needs, bugs and security holes than commercial vendors do. I wish I could get my commercial vendors to be as responsive.

That said, there are two major flaws with the idea of mandating open source only software in government IT. The first is that there are some things that open source simply cannot do. Perhaps in the future that will no longer be true, but it is not the case today. Some systems run by the state of California today could not run on Linux and MySQL due to their sheer size and complexity. In fact, at least one is still running on IBM mainframes because the risk involved in migrating to midrange platforms like IBM pSeries or Sun's SunFire is simply too high. While Linux can run on the mainframe, it cannot support the scope of this particular system, it is still Linux, running other open source platforms. There is some promising work being done in grid computing and super computing based on Linux that leads me to believe that this problem will be overcome in the next few years.

Politically, the correct approach to the issue of "transparency" for our government is three-fold:

1. Open standards rather than proprietary standards. For example, TCP/IP for network connectivity instead of SNA.
2. Open records for procurement, contracting and IT standards.
3. No proprietary data formats

In combination with the already existing freedom of information laws, this would ensure that, whether the IT platform is proprietary or open source it can interoperate with any other system using open standards. It would ensure that citizens have a full and informative view of the government's procurement process, allowing oversight to hopefully prevent something like the Oracle Master Licensing Agreement that California entered into last year. And finally it would ensure that government information is available to anyone with a web browser.

Mandating open source only is doomed to failure, at least at the stage of development of open source platforms that currently exist. There are many instances in state government where open source software could benefit the government and the taxpayer. On the desktop of office workers, as web servers, as office automation file and print servers, even replacing many of the proprietary systems in place today. And a mandate to include open source in procurement processes would help to make those changes. But a mandate to use only open source software will break California's IT systems.

Re:What bunk

[ericman31]

MS products are designed to function with as little user / administrator intervention as posible.

Ummmm, what MS product are you using? I have been in the industry over a decade now. I have worked as a sys admin, system architect, IT manager, data warehouse architect and technology consultant. And I can tell you that your assertion is simply not true! It typically takes about 2 times as many sys admins to administer a given number of MS servers as it would take for the equivalent number of proprietary UNIX or open source servers. This is a regurgitation of unsupported MS claims used to scare people (i.e. your total cost of ownership will be higher with Linux, offsetting the fact that it costs less than Win2K Server). It ain't true.