Defense Dept. Memo Explains Open Source Policy 387
TonyStanco writes "Big news. DoD issued a policy statement leveling the playing field for Open Source. We have the memo on the Center of Open Source & Government site." The requirements listed in this memo make me think of a company policy along the lines of "You can bring your baby or toddler to work, so long as it can talk, feed itself and stick effortlessly to the ceiling like a spider." See this PDF for more information about National Security Telecommunications and Information Systems Security Policy (NSTISSP) number 11.
HTML Version (Score:1, Informative)
Justification.... (Score:5, Informative)
Oh wait, everything but the use of Microsoft products that is. It seems like that gets instant approval without the need for any justification. "Microsoft released Windows XP? OK, upgrade, forget about the costs and everything else that such an upgrade demands - just do it - across the board. Office XP you say? OK, allocate $10,000,000 for the software, we'll worry about paying for the licenses later."
Everyone knows that the benefits of using open source products far exceeds any benefits that can be reaped by paying a whole bunch of money for closed source products and their associated licenses (which are arguably always more extensive and restrictive then open source license schemes). Sure, paying $50,000,000 to upgrade your old NT servers to 2000 and your 98 desktops to either Windows 2000 or XP has it's benefits over spending $30,000,000 on Redhat and Star Office and the training. A bunch of sales people always say that such a move (upgrading Windows servers and clients and Office) has it's benefits. I just don't seem to see them. Maybe I'm too progressive, I don't know.
PS: didn't get it...this time
Not the same memo (Score:5, Informative)
That document you linked to is dated Janurary, 2000, not may 2003.
It also does not mention the GPL.
Re:Gawd. If code were written that way . . . (Score:5, Informative)
It aint that hard.
Basically:
1) It defines OSS & GPL
2) Says they're OK to use provided:
a) They comply with the same Dod policies for equivilant Off the Shelf software
b) They're comply with the requirements defined by the National Security Telecommunications and Information Systems Secuirty policy.
c) They're configured as per DoD approved security configurations from http://iase.disa.mil [disa.mil] and http://www.nsa.gov [nsa.gov].
d) You dont break any licenses.
Thats all!
Which in fact, means jack... (Score:5, Informative)
And most COTS systems in use don't have the certs anyway, and no one gets in a tizzy. It's only if you wanted to hook it up to SIPRNET or something (and then it gets reviewed independantly anyway).
This is just some stuff to make the guys funding the projects (Congress) feel better.
Re:So Basically... (Score:1, Informative)
However, if they were making the software available outside the govment, then they would be obligated to honor the terms in the license/s.
Careful with that License, Eugene (Score:1, Informative)
When I read this memo, I don't particularly think it's endorsing anything. They basically remind people that "the Linux operating system" is an example of "open source software" released under "restrictive" licensing terms (i.e., the GPL) and that usage of such software is subject to policies and protocols just like any other software used by the DoD. They then make a point of reminding people that if they use OSS software, that they remember the licensing impact because it could have ramifications later (e.g., if they modify any code that is covered by the GPL).
It's almost like they are setting the stage for some intellectual property issues with GNU/Linux. Perhaps I'm being too paranoid given the ripple effect that the whole SCO fiasco is having, but that was my initial reaction to the memo's direction.
Re:So Basically... (Score:2, Informative)
The GPL is a copyright license, and as such covers only _distribution_ and posession, not use or output. They don't distribute it - they don't have to give out the source.
Re:Eeep. Spider-babies (Score:3, Informative)
useful link (Score:2, Informative)
http://www.egovos.org/pdf/OSSinDoD.pdf [egovos.org]
Re:Navy/Marine Corp and the desktop (Score:5, Informative)
The and another [navy.mil]
Bitching from a deckhand [fcw.com]
legacy servers...
Re:Navy/Marine Corp and the desktop (Score:3, Informative)
Re:Not the same memo (Score:5, Informative)
Re:Navy/Marine Corp and the desktop (Score:2, Informative)
Re:Earth Governments Are Fools (Score:5, Informative)
Re:hmmm... (Score:5, Informative)
Apparently if the bug hadn't been fixed in a week, it'd have been escalted into a 'class A' bug and Ballmer or Gates would have been informed, and the developers would have started working round the clock.
(it turns out our CTOs code was at fault, the duffer).
I was surprised at the response from MS though. I think we had paid a fair bit to MS for the support, though knowing the guys in charge they persuaded MS that it was a strategic relationship and subject to a special discount.
Oh, we also had a MS employee assigned to us as a support contact - not just a secretary-type either, someone who knew his stuff and could actually do things for us, including helping us with the MS performance lab we got to use.
Re:Which in fact, means jack... (Score:4, Informative)
So unless the fucking missle flies through your window, the code has not been distributed to you. If that happens, you have bigger things to worry about than the god damn source.
Now for fucks sake, go read the GPL and the FSF FAQ's about it, or shut the hell up.
Re:hmmm... (Score:3, Informative)
1) I've never seen any guarantees of uptime.
2) I've never seen anything other than standard corporate-style support, but I've never even seen that being used. All problems are handled by the in-house help desk people (who may be non-Microsoft contractors), who may go to TechNet for answers.
Re:Gawd. If code were written that way . . . (Score:2, Informative)
Re:most important reason not to use OSS license (Score:4, Informative)
Then why, pray tell, aren't the military (since I'm guessing they have the might) arresting Mr Ashcroft and several other members of the US Government elite? Why also are they not refusing to fight in Iraq?
Because it's not our job to arrest Mr. Ashcroft for exercising the duties of his office - and because it would be a violation of the worst sort for the military to actively remove politicians from office just because what they're doing might not be constitutional. Interpretation of what is or is not constitutional is not up to us, it's up to the courts.
As for Iraq - what was actually iillegal about the invasion? Congress authorized use of force in October 2002 and gave the President the money he asked for to fight the war in the 2003 budget. If Congress didn't want the war, all they had to do was refuse to pay for it.
Oh that's right, it's an oath you don't take "lightly", but when the alternative is court martial, you were just following orders.
If the President ordered the military to arrest members of Congress or the Supreme Court, you can bet that oath would come into play. But the military does not act based on what some Anonymous Coward thinks is unconstitutional. Hell, the US Military isn't even allowed to participate in domestic peacekeeping--Google for "Posse Comitatus Act," and contrast it with the military's active involvement in such nations as Pakistan and Turkey. Where would you rather live?
URLs blead them Re:Gawd. If code were written.... (Score:2, Informative)
http://niap.nist.gov/cc-scheme/
This web site has all of the various policy documents.
DOD Directive #8500.1
DOD Instruction #8500.2
NSTISSP #11 Fact Sheet
NIST Spec Pub 800-23
NSD 42
NSTISSAM Compusec/1-99
USAF CIO Memorandum
Natl IA Acquisition Policy
Pres. Decision Directive 63
Info. Assurance Reg 6-8510
And more.
Re:Justification.... (Score:1, Informative)