Open Source In the National Interest 170
munchola writes "A new report from the Department of Defense's Advanced Systems and Concepts Office recommends that the DoD move to adopt open source software and methodologies as well as open standards in order to make the most efficient use of internal resources. According to CBR, the report states that a move to 'Open Technology Development' is not only in the U.S. national interest, but in the interests of U.S. national security. OTD incorporates open source methodologies and open standards, but also takes into account the fact that the DoD has systems that it would rather keep secret."
2 words. (Score:3, Insightful)
This all makes now but... (Score:5, Insightful)
NEWSFLASH (Score:4, Insightful)
The anti-OSS people do have one point. (Score:5, Insightful)
The solution for OSS is simple. Any OSS software that goes into a Command and Control system needs to have it's source code audited by an independent authority.
Of course the same thing should be done with any software that goes into a military, aerospace, or any other mission critical system. In this case OSS does have a clear advantage in that the end user can select any group to perform the code audit instead of depending on the vendor.
Of course if the military does a code audit on Linux they would have contribute back the patches so it is a win win situation.
Re:The anti-OSS people do have one point. (Score:5, Insightful)
Only if they distribute it outside their organization, which in this case could be probably construed as the US government and the military and national guard.
I look forward... (Score:1, Insightful)
Likewise, the government should be the single-payer system for medicine, the Internet should be free, etc. All this could be done by raising our taxes about 10% per person. I'd galdly pay more taxes to have better public transportation, universal healthcare, and university.
Re:The anti-OSS people do have one point. (Score:4, Insightful)
The statement that people could introduce malicus code into Linux that then makes it's way into secure systems. Of course with companies outsourcing programming jobs to other countries the same thing could happen with a closed source system.
American programmers are just as capable of introducing (intentional) bugs as foreign programmers.
Of course the same thing should be done with any software that goes into a military, aerospace, or any other mission critical system. In this case OSS does have a clear advantage in that the end user can select any group to perform the code audit instead of depending on the vendor.
The US armed forces have enough spending power to convince even Microsoft to pony up the source code. And they do.
Of course if the military does a code audit on Linux they would have contribute back the patches so it is a win win situation.
Under the GPL, you only have to contribute patches if you distribute your modified code to third parties. The result of a code audit might also just be "don't use module X", in which case there's nothing to patch.
The way I read it the article is more about encouraging DoD programmers to be more like the open source community in sharing programs, ideas and sourcecode with each other, rather than continually reinventing the wheel.
Re:Wasn't it closed source software (Score:2, Insightful)
Why is this? Because 99% of these systems were done in closed source. If they were done in open source than open source applications would be blowing up pipelines and rockets.
Too many cooks spoil the broth (Score:3, Insightful)
For example, is it good or bad that JavaScript has implicit typing? Many developers want explicit typing, and call implicit typing "lazy". I can barely have a conversation with a group of fellow geeks without getting shouted down on this topic. The problem with group-anything is that group-think will prevail. To quote one of my favorite posters from demotivators.com, "Meetings: None of us is as dumb as all of us".
In addition, alternative lanuages and tools tend to be stifled in so-called "open" (read group) environments, because the rest of the group immediately pushes to have the alternative tool or environment removed, unless the group agrees that it is a good idea. Is that the way inventions are made? No. Inventions are made by a single person with a radical idea avoiding all the intervention/interference, naysayers, etc. and presenting that idea DESPITE the opinions of others. I can see opening source after the fact for auditing and sugestions, but not for development.
It seems that a lot of the open source push has been a reaction to the fact that many of the development tools we use are not at a high enough level of abstraction. If you abstract away from code and languages where you are doing your own memory management, one would think that you would experience fewer memory-related programming issues. What kind of issues are most often discussed with open-source development? Exploits, buffer overflows, etc. I can see the database engine being open source, which would help with dealing with injection attacks, but the rest of the application (where the money is) can't possibly benefit from having lots of people "helping out".
Imagine the entire cast of The Food Network making soup together at the same time. "None of us is as dumb as all of us".
Re:The anti-OSS people do have one point. (Score:3, Insightful)
Re:The anti-OSS people do have one point. (Score:4, Insightful)
Comment removed (Score:4, Insightful)
The point everyone seems to have missed... (Score:5, Insightful)
This is the time that Open Source activists and promoters need to run with the ball. Draw the attention of CEOs and business executives to the fact that the DoD advocates Open Source. Show them that we're not talking toy software. Show them that this isn't about not wanting to spend money. (Since when was the DoD afraid to spend money?) This is about an innately powerful method of developing high-grade - even military-grade - products that do what people actually need done.
We couldn't ask for better, but only if those outside of the IT industry actually hear of it. If only those who already accept the strengths of Open Source know that someone else has also decided it is a good solution, then that decision means nothing. Particularly as the DoD is very unlikely to do anything about it. It'll just be a decision. But if the business community got shown this... That would be a whole different ball-game.
Re:NEWSFLASH (Score:3, Insightful)
The all-diesel thing is a hardware problem, and military hardware isn't cheap.
Who cares? The obvious has been stated. (Score:3, Insightful)
Govt. IT is highly fragmented. It took 20 years for DOD to switch to all-diesel. How long to switch to open-source?
Penis Cleaver, what a cute name you have. Oh well, it's worth the time to answer your silly question.
Intention is more important than time here. Now that the US DoD has realized and prooven the obvious, they will do it as they need to.
The rest of us can continue the migration and have fewer problem doing it. We can now point to it whenever we run into "Get the Facts" nonsense that M$ and other tin horn companies spend lots of money telling people. It was bullshit and this is one more nail in their credibility coffin. It's the kind of thing that makes their fanboys feel like they were lied to, because they were.
Enough hits like that makes things much easier. Between the government stating the obvious, DRM and corporate rip offs, M$ is losing most of it's fan base. Companies are feeling very burnt by the long time it's taking to get Vista out because of all the money the spent of code assurance plans. DRM disasters are turning off home users and reviewers because the systems are so buggy that all of M$'s hardware lock-ins and driver advantages are negated. Now everyone can look back at the things M$ has said about security and think, "those people are not very honest." All of that animosity makes it that much easier to advocate free software.
It's nice to see people finally catching on.
Re:The anti-OSS people do have one point. (Score:3, Insightful)
Remember, it is the Generals who ultimately sign off on these large scale decisions, and not many of those come from the Engineering ranks (to get high office you usually have to serve in combat positions... generally a good idea, but might not work out for everything). And in many cases even the Generals are not the ones making the mandates, but the system decisions are made by the congressional budgeting process (think Pork Barrel).
The Academies and ROTC programs do train some IT people (and even more Engineers), but the main function of an Officer is to lead, not to do the detail work. I don't say that as a denigration, as I was in ROTC as an Engineering student.
Re:The anti-OSS people do have one point. (Score:5, Insightful)
Coarse...for the really paranoid type...I would like to point out that the DoD has played very large roles in quite a few other critical areas that I'm sure everyone holds near and dear...vehicles, aircraft, radar, computers, oh and that intarweb thingy...DARPAnet and all.
DoD has had a pretty good history of providing goodness to the populace as well as all the negative that people like to focus on. DoD doesn't start the fight...politicians do, remember that next time you see a service member. They bleed for the good causes, and the bad causes...its the leaders that determine what causes they are going to bleed for next.
WGA - when other governements follow? (Score:2, Insightful)
Re:I look forward... (Score:1, Insightful)
"Always remember... (Score:5, Insightful)
That's a relatively old joke in the Military, and a relatively sick one when you consider the problems of faulty weapons (e.g exploding in your hands). But it points to something pretty basic. When it comes to things the DOD is rewarded for going cheap. This doesn't mean that they won't but they are rewarded for trying. In this gig Microsoft is at a disadvantage as their competitors are a) Free, and b) can be taken under total control by the DOD. Remeber that in-house changes to GPL'd code need not be released. Microsoft on the other hand is likely to worry about in-house changes to their stuff (e.g. document security restrictions for Office).
While I doubt Stallman will be welcome any time soon keep in mind that Theo De Raadt and the other BSD people have been welcomed (and financed) by the DOD before now. Ditto things like SELinux. In many ways this is only surprising because it took so long for them to say openly.
Re:This all makes now but... (Score:4, Insightful)
Except a few million is peanuts to the DoD. Their budget for 2006 was well over $400 Billion. I think they're going to make whatever decision will benefit them most, regardless of the cost.
Re:The anti-OSS people do have one point. (Score:4, Insightful)
This is hardly anything new. Look into how the DoD funded the development of the Internet (aka ARPAnet).
Actually, in most cases they didn't even develop their own patches. Rather, they told their academic and industry fundees about the problems in the latest code, let the hackers work out a solution, took the code for their own uses, and left it in the public code base for further use and development.
Yeah, they probably did a bit of development on their own, but the evidence is that there hasn't been as much of this as you might expect. The military has found the academic hacker community to be a much better testbed for most of the code, and a lot cheaper than trying to debug changes in a military setting. As long as the crypto stuff is highly modular (and it is), it's a lot more effective to just leave the code development in the public sector, where there are lots of eyes and people happy to show off their expertise by doing the hacking that a strictly-managed power structure finds highly distateful.
For a feel of the US government's relationship with the linux part of the open-source community, google for "secure linux" and do a bit of reading. There's a lot going on there.
Re:Who cares? The obvious has been stated. (Score:2, Insightful)
You sound just as bad as the MS apologists. The fact of the matter is you can deploy decent solutions in either open source or closed source, and if you know anything about IT problems in govt you would realize that neither will cure the disease that ails it. You open source guys sound really needy more than anything.
Mr. P3NIS_CLEAVER to you bud.