White House Website Switches To Open Source

Falc0n writes "WhiteHouse.gov has gone Drupal. After months of planning, says an Obama Administration source, the White House has ditched the proprietary content management system that had been in place since the days of the Bush Administration in favor of the latest version of the open-source Drupal software. Dries Buytaert reflected on this, adding: 'this is a clear sign that governments realize that Open Source does not pose additional risks compared to proprietary software, and furthermore, that by moving away from proprietary software, they are not being locked into a particular technology, and that they can benefit from the innovation that is the result of thousands of developers collaborating on Drupal.'"

Re:Why CMS

[jopet]

Just a few reasons:
* You want to automatically use templates and not replicate formatting code
* You want different people that are not programmers to be able to update different parts of the website; you want to let them do it from their browser in a wysiwyg editor; you want to let them to easily first publish their articles on a staging host and then authorize somebody else to go online with it
* You want to allow commenting, feedback forms, registered users etc.
* You easily want to keep track of versions and revisions of published pages
* You want to automatically index the pages for searches
* You want to easily include dynamic(computed) data into your web pages

Re:Why CMS

[lukas84]

Why reinvent the wheel?

Sure, you can program everything from scratch and that might even appeal to you if you're the CEO of a company that sells programming services, but in many cases it makes more sense to use off-the-shelf software (which drupal is - well, off an imaginery shelf where everything is free as long as you give back).

Re:Why CMS

[Mathiasdm]

For one, the weight a CMS adds is compensated by all of the code that is already present, all of the plugins that can be added without any trouble, the possibility for non-coders to easily modify website content ...
Especially for large websites, this can dramatically improve how fast you can update and improve your site.
Also, if you don't want to use a CMS, a framework like Django or Ruby on Rails is the way to go. These allow you to program everything yourself, but already have a lot of functionality built-in, to avoid reinventing the wheel.

Something fishy.

[Anonymous Coward]

Ok, Netcraft's history seems to be screwed up, but I can tell you this:

Right after BO was inagurated, I checked the site. It had just switched over from Bush's site to BO's. Netcraft reported that Bush's site had been Apache on Linux, and BO's new site was IIS on MS.

Re:High profile target and popular CMS'

[kamelkev]

I run a fairly high profile drupal site - and this has always been a large concern for us.

Our solution was basically to disable user logins completely. An overwhelming number of the exploits require you to login, so by removing this prerequisite, we basically avoided the problem.

Security isn't exactly a priority for drupal either, it's almost added as an afterthought. To put things in perspective, their login page doesn't even support SSL by default in either drupal 5 or drupal 6. To me that's verging on pathetic.

We were lucky because user logins weren't a core part of our site concept when we implemented the site, but I am now thinking that it might be a good way to go in the future, but I'm mostly petrified of this problem.

On the bright side of things they include a large number of extensions, and things mostly work as advertised, so we found this to be our best option out of all the open source CMSes we tried.

Re:High profile target and popular CMS'

[Bozovision]

I think you are misinformed. Morpheus seemed to be targeted at a range of software, including Joomla, but not Drupal: as far as I can see, none of the URL's it scanned are Drupal-based. See http://zeroq.kulando.de/post/2008/08/20/morfeus-fucking-scanner [kulando.de] for example, but there are others out there.

In fact, Drupal has an excellent history of security. We find holes, fix them and issue patches. There is a security mailing list that anyone can sign up to. You will receive mail on the latest security fixes. Your Drupal installation will tell you when components are out of date, and when there are security updates. It will also email you on a regular basis if you don't care to look at your status, or ignore the status message at the top of the page when you log in as an administrator. Drupal will not download and install components without human intervention: components require manual installation.

Just like any software, I'm certain that Drupal has as yet undiscovered exploits. What's important is whether they are found and fixed, and we have a good track record of doing this.

Re:Why CMS

[Anonymous Coward]

You are one dumb motherfucker sopssa. Never forget that.

Re:Why CMS

[turbidostato]

"Did you guys forget how the web worked before CMSs came around?"

Yes: it did work slower, more expensive and less functional. I even remember why first intranet efforts used to fail: because content stagnated due to the fact that only programers that didn't produce the information in first place were the only ones allowed and/or with the knowledge to modify contents.

"Most CMS products are insecure pieces of shit. I would not use a CMS for a high profile target like that. They should be publishing static files with a custom system. Only pages that must be dynamic should be. It's just dumb?"

You do know you can have your CMS administrative backend opened only to your internal networks so from the Internet all you have access to is an static, pre-cached, read-only version, do you?

Re:Something fishy.

[oldspewey]

Parent was not trying to be modded funny. I am genuinely trying to understand what the previous proprietary CMS was: Vignette? FileNet? Documentum? Stellent?

Re:Why CMS

[mrjohnson]

Because if I change it, I have to have a service request, check it into svn, build, file a request for change, deploy during a change window, etc. If the users can change content in a CMS, no paperwork required.

Re:That's totally wrong.

[Paul Fernhout]

Except you completely ignore externalities, systemic risks, and equity, which is what got us in various messes already.
http://en.wikipedia.org/wiki/Externality [wikipedia.org]

Consider the "True cost" of oil from various perspectives:
http://www.energyandcapital.com/articles/oil-gas-crude/461 [energyandcapital.com]
"""
Milton Copulus, the head of the National Defense Council Foundation, has a different view. And as the former principal energy analyst for the Heritage Foundation, a 12-year member of the National Petroleum Council, a Reagan White House alum, and an advisor to half a dozen U.S. Energy Secretaries, various Secretaries of Defense, and two directors of the CIA, he knows his stuff. After taking into account the direct and indirect costs of oil, the economic costs of oil supply disruption, and military expenditures, he estimates the true cost of oil at a stunning $480 a barrel. That would make the "real" cost of filling up a family sedan about $220, and filling up a large SUV about $325 (when oil was $10 a barrel cheaper than it is now!).
"""

By the way, I've read it takes as much *electricity* to produce a gallon of gas as it would take an electric car to go about the same distance. So, all the external costs of gasoline are totally for nothing energywise.
http://www.evnut.com/gasoline_oil.htm [evnut.com]
"So I can get 24 miles in my ICE on a gallon of gasoline, or I can get 41 miles (at 300wh/mile) in my RAV4EV just using the energy to refine that gallon. Alternatively - energy use (electricity and natural gas) state wide goes DOWN if a mile in a RAV4EV is substituted for a mile in an ICE!"

Depending on other regions for energy creates a systemic risk. Pipelines are inherently indefensible and so require a police state to protect because one small group could do vast damage to the society by damaging just one oil pipeline. Solar panels on your roof do not require a police state to protect, just regular police; if someone vandalizes them, the entire economy does not collapse.

Concentrating wealth in the hands of a few who control oil companies also creates a wealth dispartity that damages democracy as well as the economy (because few can start small businesses without loans or investments from big organizations). One reason we have oil pipelines instead of solar panels everywhere is that it has been more profitable to a few people to do that, while the rest of us pay huge taxes for a military to defend those pipelines at home and abroad.

I could go on, but basically, you need to look at issues like externalities, systemic risks, and concentration of wealth to see the various ways that markets can and do fail regularly in practice unless they are taxed and regulated. Taxes and regulation have their problems too, of course:
http://www.capitalismhitsthefan.com/ [capitalismhitsthefan.com]

Ideally, we need to move beyond markets and rationing for most things. So, your enthusiasm is great. You're right that cheap energy would help with a lot of things (as long as it was also relatively clean, inherently safe, and long lasting -- like wind and solar and many other renewables). Ideally, we want an energy infrastructure that is inherently secure, not brittle and requiring now about a trillion dollars a year to secure extrinsically with soldiers and bombs:
http://en.wikipedia.org/wiki/Brittle_Power [wikipedia.org]

Still, if all the benefits of cheap energy or any other major innovation go to a few people, then we just have another problem. See Marshall Brain's short story on this:
http://www.marshallbrain.com/manna1.htm [marshallbrain.com]

You're right that a left that focuses on rationing and scarcity is dysfunctional; that has historically b

Re:High profile target and popular CMS'

[saltydogdesign]

The advantage to using Drupal for the White House is that it's a popular CMS and has lots of people patching exploits and vulnerabilities. The second a proof of concept piece of code or an easy exploit is discovered, a few thousand developers will descend to get their patches submitted.

As opposed to your homegrown CMS, where you only discover the security holes when 3gotiZt posts pictures of full frontal nudity on the home page of your site.

Re:Why CMS

[jbezorg]

That's your opinion and just because you have one doesn't make it the correct choice.

In fact, I do remember how the web was before CMS came around. I remember people handing me MS Word documents saved as 150KB+ HTML files. Or having to clean up sections of the corporate site where someone cut-and-pasted from MS Word into the site.

Heck, people made a living off writing software just to clean up the mess. Eliminate clutter in Microsoft Word generated HTML files with the Office 2000 HTML Filter [com.com]

And to Sopssa, He fails to realize that Drupal can be hardened and has the benefit of several years of testing and user feedback unlike a custom system.

I clearly remember the days before CMS and it looked like this.

<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns="http://www.w3.org/TR/REC-html40" > <head > <meta name=Title content="This is normal unformatted text" > <meta name=Keywords content="" > <meta http-equiv=Content-Type content="text/html; charset=utf-8" > <meta name=ProgId content=Word.Document > <meta name=Generator content="Microsoft Word 10" > <meta name=Originator content="Microsoft Word 10" > <link rel=File-List href="WordtoHTML_files/filelist.xml" > <title >This is normal unformatted text </title > <!--[if gte mso 9] > <xml > <o:DocumentProperties > <o:Author >Elizabeth Pyatt </o:Author > <o:Template >Normal </o:Template > <o:LastAuthor >Elizabeth Pyatt </o:LastAuthor > <o:Revision >1 </o:Revision > <o:TotalTime >1 </o:TotalTime > <o:Created >2003-10-22T19:05:00Z </o:Created > <o:LastSaved >2003-10-22T19:06:00Z </o:LastSaved > <o:Pages >1 </o:Pages > <o:Company >ETS </o:Company > <o:Lines >1 </o:Lines > <o:Paragraphs >1 </o:Paragraphs > <o:Version >10.2418 </o:Version > </o:DocumentProperties > </xml > <![endif]-- > <!--[if gte mso 9] > <xml > <w:WordDocument > <w:DisplayHorizontalDrawingGridEvery >0 </w:DisplayHorizontalDrawingGridEvery > <w:DisplayVerticalDrawingGridEvery >0 </w:DisplayVerticalDrawingGridEvery > <w:UseMarginsForDrawingGridOrigin/ > <w:Compatibility > <w:SpaceForUL/ > <w:BalanceSingleByteDoubleByteWidth/ > <w:DoNotLeaveBackslashAlone/ > <w:ULTrailSpace/ > <w:DoNotExpandShiftReturn/ > <w:AdjustLineHeightInTable/ > </w:Compatibility > </w:WordDocument > </xml > <![endif]-- > <style > <!-- /* Font Definitions */ @font-face {font-family:"Times New Roman"; panose-1:0 2 2 6 3 5 4 5 2 3; mso-font-charset:0; mso-generic-font-family:auto; mso-font-pitch:variable; mso-font-signature:50331648 0 0 0 1 0;} @font-face {font-family:Arial; panose-1:0 2 11 6 4 2 2 2 2 2; mso-font-charset:0; mso-generic-font-family:auto; mso-font-pitch:variable; mso-font-signature:50331648 0 0 0 1 0;} @font-face {font-family:Palatino; panose-1:0 2 0 5 0 0 0 0 0 0; mso-font-charset:0; mso-generic-font-family:auto; mso-font-pitch:variable; mso-font-signature:50331648 0 0 0 1 0;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {mso-style-parent:""; margin:0in; margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:12.0pt; font-family:Palatino;} h3 {mso-style-next:Normal; margin-top:12.0pt; margin-right:0in; margin-bottom:3.0pt; margin-left:0in; mso-pagination:widow-orphan; page-break-after:avoid; mso-outline-level:3; font-size:13.0pt; font-family:Helvetica;} p.MsoBodyText, li.M

Re:What was te old CMS

[Anonymous Coward]

I'd like to know what commercial CMS the white house dropped... Tridion, Interwoven, Fatwire, Windows Notepad? It's kind of weird that's not being mentioned.

American Eagle proprietary CMS: https://www.americaneagle.com/solutions/cms.aspx

Re:High profile target and popular CMS'

[blakhol]

Drupal really has not been known for its security in the past;

On the contrary. Drupal was one of the big open source projects to have a dedicated security team performing code audits and going through a security release process.

Drupal automatically checks for security updates (both in the core and in contributed modules) and can notify you immediately of updates. If, you know, you think that kind of thing is important.

Re:High profile target and popular CMS'

[blakhol]

Security is most certainly not an afterthought for Drupal.

Up though version 6 you needed to turn on a module like Securepages module to enable SSL logins.

The upcoming Drupal 7 has SSL login support in core.

See http://crackingdrupal.com/blog/greggles/drupal-and-ssl-multiple-recipes-possible-solutions [crackingdrupal.com]

Re:That's totally wrong.

[Paul Fernhout]

From The American Conservative:
http://www.amconmag.com/article/2005/mar/14/00017/ [amconmag.com]
"""
This is no surprise, as libertarianism is basically the Marxism of the Right. If Marxism is the delusion that one can run society purely on altruism and collectivism, then libertarianism is the mirror-image delusion that one can run it purely on selfishness and individualism. Society in fact requires both individualism and collectivism, both selfishness and altruism, to function. Like Marxism, libertarianism offers the fraudulent intellectual security of a complete a priori account of the political good without the effort of empirical investigation. Like Marxism, it aspires, overtly or covertly, to reduce social life to economics. And like Marxism, it has its historical myths and a genius for making its followers feel like an elect unbound by the moral rules of their society.
The most fundamental problem with libertarianism is very simple: freedom, though a good thing, is simply not the only good thing in life. Simple physical security, which even a prisoner can possess, is not freedom, but one cannot live without it. Prosperity is connected to freedom, in that it makes us free to consume, but it is not the same thing, in that one can be rich but as unfree as a Victorian tycoon's wife. A family is in fact one of the least free things imaginable, as the emotional satisfactions of it derive from relations that we are either born into without choice or, once they are chosen, entail obligations that we cannot walk away from with ease or justice. But security, prosperity, and family are in fact the bulk of happiness for most real people and the principal issues that concern governments.
"""

There are other aspects of a good life beyond those, like community.

Markets have all sorts of problems:
* systemic risks of collapse, especially from pyramid schemes involving debt
* negative externalities like pollution are paid by society
* positive externalities like global health are ignored in product design
* money tends to get centralized, as it takes money to make money
* those with a lot of money set standards to benefit themselves
* competition can be very wasteful if people otherwise agree on goals
* preparing and fighting war is profitable
* as above, human labor is needed less and less for production
* money tends to corrupt the political process
* the market doesn't hear the needs of people with money, so people can starve or sicken amidst physical plenty
* extrinsic security and planned obsolescence may be more profitable than intrinsic security and durable goods
* money distorts information flows about news
* money corrupts the medical decision making process (conflict of interest)
* money corrupts academia (Kept University)

There are probably others. :-)

Sometimes, market processes are the best we can use. But we need to be aware of where they go wrong. The USA has been greatly damaged over the last few decades by "market fundamentalism". Markets may be a great way to ration scarce goods if everyone has some ration units to pay with, giving everyone a right to some share of the industrial commons. But, as we have already seen globally, when the market does not need people's labor like in Africa, or the market is run by organizations so powerful they don't have to pay much for labor, then things can go badly.

Markets and the fear of starvation or the fear of looking bad socially or the desire to get ahead of everyone else materially may motivate some people to do some disagreeable jobs. But we now have the technology to rethink most jobs to make them more agreeable, or to eliminate them entirely if they are unpleasant to everyone (like by using robotics or better design). Ultimately, the income-through-jobs link is breaking as predicted here:

Re:There's more to it than your personal preferenc

[Simetrical]

I don't know any details of the site's technical architecture beyond the obvious, but it's blazingly fast. My bet is that when you hit the site, you're pulling completed pages out of RAM on a customized and hardened Varnish [varnish-cache.com], but that's just a guess. The HTTP headers identify the server technology as "White House."

I don't know where you came up with Varnish . . . there are lots of ways to get performance that's just as snappy. A CDN is a good start. And it's pretty easy to tell that that's exactly what's being used here:

$ dig +short www.whitehouse.gov
www.whitehouse.gov.edgekey.net.
e2561.g.akamaiedge.net.
96.16.18.135

They're using Akamai for most of their content, it seems. I get 35ms ping to www.whitehouse.gov from machines in New York, Denver, Holland, and Washington (the state). My Washington machine gets 2 ms ping, actually, so I'm guessing Akamai has a machine in the same data center. Varnish alone isn't going to get you anywhere close to that kind of performance – it can't beat light speed.

Re:That's totally wrong.

[Paul Fernhout]

"On the way out the door I deposit any mail I have to be sent out via the U.S. Postal Service and drop the kids off at the public school."

I should have caught that as a problem too. Someday, public schools may be much more like public libraries open to anyone to use than day prisons for children of working parents, but until then, consider:

"Links about alternative peer-oriented education"
http://p2pfoundation.net/Category:Education [p2pfoundation.net]

"The Underground History of American Education" by 1991 NYS Teacher of
the Year John Taylor Gatto
http://www.johntaylorgatto.com/underground/toc1.htm [johntaylorgatto.com]

"The Seven Lesson Schoolteacher" also by John Taylor Gatto
http://www.newciv.org/whole/schoolteacher.txt [newciv.org]

"State Controlled Consciousness" also by John Taylor Gatto
http://www.the-open-boat.com/Gatto.html [the-open-boat.com]

"The Big Crunch" by David Goodstein, Vice Provost, Caltech
http://www.its.caltech.edu/~dg/crunch_art.html [caltech.edu]

"Disciplined Minds" by Jeff Schmidt
http://www.disciplined-minds.com/ [disciplined-minds.com]

"What Makes Mainstream Media Mainstream" by Noam Chomsky
http://www.chomsky.info/articles/199710--.htm [chomsky.info]

"University Secrets:Your Guide to Surviving a College Education" by Robert D. Honigman
http://web.archive.org/web/20060707100524/www.universitysecrets.com/us.htm [archive.org]

"In Defense of Childhood: Protecting Kids' Inner Wildness " by Chris
Mercogliano, who spent thirty-five years teaching at the Albany Free School
http://www.chrismercogliano.com/childhood.htm [chrismercogliano.com]

"Teach Your Own" by John Holt (and other books)
http://www.holtgws.com/ [holtgws.com]

"The Teenage Liberation Handbook" by Grace Llewellyn (and other books)
http://gracellewellyn.com/ [gracellewellyn.com]

"The Emergence of Compulsory Schooling and ... Resistance" By Matt Hern
http://web.archive.org/web/20071014123355/http://www.social-ecology.org/article.php?story=20031028151034651 [archive.org]

"Sustainable Education" by Jerry Mintz
http://www.greenmoneyjournal.com/article.mpl?articleid=195&newsletterid=1 [greenmoneyjournal.com]

"Federated Learning Communities"
http://www.ericdigests.org/2000-1/learning.html [ericdigests.org]
http://www.mcli.dist.maricopa.edu/ilc/models.html [maricopa.edu]

"The Three Boxes of Life and How to Get Out of Them: An Introduction to
Life/Work Planning" by Richard N. Bolles (also writes "What Color is Your
Parachute")
http://www.amazon.com/Three-Boxes-Life-How-Them/dp/0913668583 [amazon.com]

General related:
http://en.wikipedia.org/wiki/Lies_My_Teacher_Told_Me [wikipedia.org]

Re:Why CMS

[poopdeville]

But your accounting and web site is almost certain to be identical to any other businesses

Is that why I can't find any accounting software to deal with non-taxable stock dividend distributions from investment activities?

You don't know what you're talking about.

Re:High profile target and popular CMS'

[poopdeville]

You can push a cache. It is basically what the government is doing, with Akamai.

Re:High profile target and poorly designed CMS

[r7]

Security is most certainly not an afterthought for Drupal. ... The upcoming Drupal 7 has SSL login support in core.

Equating SSL with security is emblematic of the Drupal code base. It is, in my experience, the least secure CMS available. Just look at how regular and often Drupal vulnerabilities are announced. Even the Apache configuration requires you to enable FollowSymLinks!. The website says this was a security workaround but it is also as big a hole as the one it fixed. RewriteEngine also cannot be disabled. And the database load is far, far greater than any well designed CMSs. Pile PHP on top of that and you have, well, a pretty insecure webapp (to be diplomatic). I'm sure the Feds will do all sorts of extra stuff to monitor and patch this particular site, and I hope they contribute patches back, but I would not recommend Drupal to anyone who does not have a relatively extensive background in system monitoring, PHP, MySQL or Postgres, and Apache.

Incorrect on almost all points

[Bozovision]

It would appear that your experience doesn't stretch terribly far; off the top of my head I can name several much less secure systems. Finding, fixing and announcing vulnerabilities is a good thing: by your measure a hugely exploited CMS with no fixes would be better!

Regarding you assertion that the rewrite engine cannot be disabled; this is just plain wrong. The Apache rewrite engine can be disabled without any problem. If you do this, then you won't enjoy clean URLs, instead you'll have URLs like www.somesite.com/index.php?q=some/path instead of www.somesite.com/some/path. Internally Drupal always works with the first form. However, the rewrite engine is a widely used Apache module - with perhaps millions(?) of sites using it. It may very well have exploits - just as any software may - but it is trusted by lots of users.

Followsymlinks can be disabled too. It's required for rewriting and for one form of upload. Drupal works without problems without it. However, there's nothing inherently insecure in symlinks, and the default Drupal directory layout does not symlink to outside of the install tree.

Database load. I note that your assertion about load is without any reference to figures. I'm not certain which CMS you think is well written. However I'll note that there is a general problem with CMSs which are designed to be easily extensible: tightly integrated system usually use a single SQL statement to retrieve data - the designer knows all the constraints at design-time. A loosely coupled system is usually not able to do this: the designer has little idea of what will be present at run time. So it's in the nature of most loosely coupled system to run one query or more for each additional module. Drupal uses a loosely coupled callback orientated architecture. This means its very easy to extend. However the downside is that each module will usually include extra tables. Drupal is fairly smart about loading this extra data, but beyond that, to counteract the tendency for growth in queries, Drupal has a caching subsystem that is active in several layers. For anonymous users, Drupal only runs a few queries which determine where in the cache the data sits, and returns it.

Perhaps you'd like to elaborate with some firm figures and an example of a CMS that in your opinion does it right.

Regarding PHP security. Again - have you any firm facts to show that PHP is inherently less secure than any other language? The consensus in security circles is that openness is better for security. *You* are able to download the PHP source code and contribute patches. If you know of a security issue, I'd urge you to help fix it. Or is this opinion without facts to back it up?

Again, I'd be interested to know which CMS you do recommend to the person in the street. I would not at the moment recommend Drupal for most brochureware sites, though it is capable of brochureware, however for sites in excess of about 100 pages, for sites where there is a heavy community aspect, and for sites which hope to change and grow, Drupal is an excellent choice.