Software Choice Group Tells DOD Not to Use Open Source 415
ducomputergeek writes "A group calling themselves the Initiative for Software Choice, backed by Microsoft and others, is recommending that the DOD drop plans for further adoption of Open Source software. This comes after MITRE, a defense contractor, published a report stating that not only does the Department of Defense use opensource, but is recommend on using it more. The article is at News.com and you can read it here."
The same article at the register (Score:2, Informative)
"Defending" my own computer (Score:2, Informative)
Boo on Moft... (Score:3, Informative)
Anyways, a funny highlight, one of their members is: "Open Solutions" =)
that's what ISC was saying (Score:1, Informative)
ISC's main goal is to educate policymakers about the need to remain neutral with respect to government purchase of software.
So regarding to your comment that people have different options, that's what the ISC is arguing for. They don't think it's fair for the government to only consider open source software and ignore software made by, say, Microsoft.
Re:GPL FUD again? (Score:2, Informative)
Mitre Corp is not a Corp (Score:1, Informative)
I work for the DoD... (Score:5, Informative)
Open Source, while not specifically targeted by the DoD, is the next logical step. Although the previous generation of nuclear submarines ran HP-UX, the next generation (due to be delivered starting 2006) will run about half Solaris, half Linux. So yes, open source is on the way in in the government. Slightly off-topic, but if you want a good example of why proprietary software is no good for mission-critical work, look up on Google the problems the USS Yorktown had with Windows NT about 5 years ago...
Re:GPL FUD again? (Score:5, Informative)
It's important to make clear the difference between:
1) using OSS code in your software
2) using OSS code to write your software, or to deploy your software, or to distribute your software, or to hang your software out to dry on your clothesline, etc...
Only #1 requires you to make your software open source.
(btw, I work as a contractor for the DOD. we do #2 constantly, and I can promise you it's the much more common activity)
Re:Interesting choice of words (Score:5, Informative)
Not only is proprietary softare inherently insecure, it's inherently more expensive, inherently doesn't work as well, and inherently causes the government to be screwed if the company goes out of business or decides to stop supporting the software. In fact, the government got screwed by using HP-UX when HP decided not to make new versions of the OS backwards-compatible with the older HP processors being used in most of our submarines...now, wisely, half of the computers in the NEXT generation of subs are running Linux (the rest are running Solaris...)
MITRE Is Not Just Another Contractor (Score:5, Informative)
> published a report stating that not only does the
> Department of Defense use opensource, but is
> recommend on using it more.
MITRE is one hell of a lot more than just another defense contractor. Look into it's history and you'll see that DoD will value its opinion far above that of some Microsoft lobbiest.
Re:I work for the DoD... (Score:5, Informative)
It was very positive. I don't know if it was ever made public (I don't see why it wouldn't be) but I have a copy at home, and it made for pleasant reading. And here at work, Linux and open source is everywhere. When I was doing a demo of my project about a week ago, as I demoed it my boss was talking and he said "Oh yes, this is all done using only open source and free software" which got lots of approval from the customers and other project managers etc (in fact my brief was, do it with open source if possible). My boss uses windows but with cygwin and the Gimp. There are several Linux workstations in my small dept alone. They are big into open source here. This reflects into the next generation of technologies for the military
I think it must just be a government/civil service thing, but they seem to have a soft side for it. One thing I do think is dumb is that if the US DoD has made up its mind on open source that Microsoft amongst others should be telling them they are wrong, and denying choice. Uh, what? So people can no longer choose products based on what they think, in case it's "discrimination" or something? Hmmm.
Re:GPL FUD again? (Score:4, Informative)
The Free Software Foundation and Richard Stallman have both made this very, very clear.
Software kept within an organization is not considered to have been distributed. There is a very precise definitions of what distributed means, which the GPL, the FSF, etc. have made very clear. You can use as much GPLed code as you like with your in-house software, and as long as that software stays in-house it is not being distributed, and you are under no obligation to provide a single line of sourcecode to anyone. This has been made explicity clear by RMS and others.
Now, if you distribute the software outside of your organization, then you are obligated to provide the source code to that other organization.
So yes, the Army giving the Navy software would have to give them source code (and if the Navy wanted to give it to Joe Blow, the Army couldn't stop them). But having the source code distributed from Army Headquarters in the Pentagon to GI Jane in the field does not constitute distribution outside of the organization, and there is no obligation to either give Jane the code, nor to allow her to distribute it outside of the organization (in this case, the US military).
DoD Security Policy 8500.1 (Score:5, Informative)
The part that I wonder about is "other software products with limited or no warranty, such as those commonly known as freeware or shareware". I wonder if this was meant to indicate Open Source Software? IANAL, but I've never seen a EULA for software that didn't indicate a limited warranty. In fact, from my layman's point of view, all the standard EULAs seem to indicate that the software has no warranty, since they seem to claim that the software doesn't have to do anything at all...
Guide to software choice policies (Score:2, Informative)
Incidentally, don't use put a single quote in the zipcode field on their registration form...
The Army is tied to Windows. (Score:1, Informative)
blah blah (Score:2, Informative)
Might not be less secure but I think the difference is how opensource projects respond to and handle security issues compared to some proprietary software companies. The latter have to consider reactions from shareholders, etc when informing users of vulnerabilities in their products, they have the choice to stay quiet more often since the source isn't open. That isn't the case with opensource projects, the source is right there for everyone to poke and prod at.
http://www.infoworld.com/articles/hn/xml/02/09/0 5/020905hnmssecure.xml [infoworld.com]
"I'm not proud," Valentine said, as he spoke to a crowd of developers here at the company's Windows .Net Server developer conference. "We really haven't done everything we could to protect our customers ... Our products just aren't engineered for security."
Re:Interesting choice of words (Score:4, Informative)
Actually, the problem was that HP-UX ran only on HP processors. A brand new Navy nuclear submarine has a lifespan of 35-40 years, while a typical computer operating system becomes outdated in 5-7 years. The problem was that after about a year ago, HP stopped supporting the latest version of HP-UX that ran on those processors, stopped making patches for it, stopped adding support for new hardware, etc., etc. Thus, as the Navy's needs changed, their operating system couldn't change to meet the new needs. The options were to either upgrade all the hardware to all new HP processors and OSes (and probably get screwed again in the future), or move to something that was more likely to be supported, upgradeable, and backwards-compatible in the future. Since Linux is a relative newcomer, the choice was made at the time to use Sun Solaris, though the big push now is towards Linux.
Re:Mitre Corp is not a Corp (Score:1, Informative)
Re:GPL FUD again? (Score:3, Informative)
That depends on what you mean by distribute. I would tend to think that distributing inside your company is still distributing, but it looks like I'm wrong.
(taken from gnu.org)
Does the GPL require that source code of modified versions be posted to the public?
The GPL does not require you to release your modified version. You are free to make modifications and use them privately, without ever releasing them. This applies to organizations (including companies), too; an organization can make a modified version and use it internally without ever releasing it outside the organization.
But if you release the modified version to the public in some way, the GPL requires you to make the modified source code available to the users, under the GPL.
Thus, the GPL gives permission to release the modified program in certain ways, and not in other ways; but the decision of whether to release it is up to you.
Re:It may become illegal . . . (Score:4, Informative)
Page 323 Line 15.