Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror

DoD Wary of That "Open" Word 165

Posted by kdawson
from the secure-the-bazaar dept.
joabj writes, "Why is the U.S. Defense Department still reluctant to use open source software, despite assurances from within the DoD itself? Blogging for Government Computer News, I found at a recent D.C. conference that to some extent the roadblock might be with that word 'open'."
This discussion has been archived. No new comments can be posted.

DoD Wary of That "Open" Word

Comments Filter:
  • Why? (Score:5, Insightful)

    by LinuxGeek (6139) * <{djand.nc} {at} {gmail.com}> on Sunday September 17, 2006 @03:34PM (#16125990)
    I gather it is because of the act of taking on the responsibility of making a solution fit the problem. In a commercial or consulting role, someone claims to have a solution ( or be capable of creating one) that will solve the problems at hand. When a manager ( especialy within the DoD) gives the okay for a canned solution, the responsibilites are already diluted, meaning that if the solution has already been working for others, it is safe to assume that it will work for your organization. If it fails to do so, the manager can point to the other successful implementations and list the differences between your actual needs and the products capabilities. The vendor can then tailor the app more closely to your needs and the manager still looks good.

    If we apply the same standards to Opensource, we can look at established projects like Apache, Mysql or even Openoffice and they are still safe because others are successfully using the software, it is not really a matter of a central point for support. For a manager to okay a more obscure project for implementation means taking on a much greater and unknown responsibility.
    • by Simonetta (207550) on Sunday September 17, 2006 @06:58PM (#16126995)
      They'll change their mind when they go to war with a country that has paid Microsoft more than they have (or a country that Microsoft has purchased). And the entire Defense department falls apart from deeply embedded backdoors that have been sold to the 'enemy'.
          Global corporations are just that, they don't owe loyality to any nation or any nation's war machine. The Americans will probably learn this (as they learn everything) the hard way.

          In a similar vein, I would believe that all the ultra-high tech weapons that the Americans have sold to their more dubious allies do actually have back-doors that allow the Americans to disable these weapons should they be used against Americans by a country that has had a revolution. This was the lesson of Iran in the late 1970's. Hopefully it will be learned before all the high-tech weapons sold/given to Egypt over the past thirty years are used against the Americans and Israelis after the fall of Murabak's regime and the assendency of an Egyptian Islamic Republic.
      • Re: (Score:3, Interesting)

        by 3vi1 (544505)
        I don't think "Insightful" is a strong enough moderation for the parent.

        If "partners" are getting the MS source, they can look at it for attack-vectors and re-compile it themselves. What then is the difference between Microsoft and Open Source? Only a few hundred thousand dollars.

        -J
        • by bky1701 (979071)
          What then is the difference between Microsoft and Open Source? Only a few hundred thousand dollars.
          No, there is far more then that. When something Microsoft has an error it takes you to a blue screen full of error messages. When Open Source has an error it takes you to a white screen with a flashing underline. See?
      • Since when is suggesting that Microsoft's trying to achieve world domination through doomsday logic and backdoors in Windows "insightful"? I would've picked "flamebait."

        Or "redundant." ^.^

    • Good question (Score:4, Insightful)

      by jd (1658) <imipakNO@SPAMyahoo.com> on Sunday September 17, 2006 @07:15PM (#16127099) Homepage Journal
      The problem is that the modern military has forgotten many of the lessons history taught their predecessors. Rommel was highly regarded, not because he followed some textbook solution or blamed the manufacturer if things went wrong, but because he innovated, experimented and improvised. The same is true of many of the "great" commanders in history - Julius Caesar disarmed the Celtic navy by using hooks on giant poles to rip the sails off. Hannibal got ruddy great elephants over the alps and invented whole new forms of combat. The American revolutionaries created the sniper.


      Battles are not won or lost by whoever has the best terms and conditions from the manufacturer. If you're losing, you won't be around to complain, and if you're winning, you generally won't care.


      Every time a major power (such as the US) has paid more attention to giving kickbacks to corporate sponsors than it has to producing successful products or successful missions, that power has had its arse well and truly kicked. Sometimes the power wins anyway, but it is not because of its unimaginative and self-serving attitude, it is despite it. It's not very hard to win when you have total land, sea and air supremecy, and can do round-the-clock carpet-bombing campaigns. (But even then, failure of imagination is lethal. Operation Market Garden got slaughtered because of such egotism.)


      Personally, I dislike military structures. I find the notion of winning an argument by having the winner define what the argument was to be primitive and tribal. However, if we're going to have such organizations, we might as well make sure they're functional and concious, rather than degenerately repeating every mistake history has ever recorded.

    • Right, so they don't like the word open?
      How about we call it "highly available source"? They like high availability don't they?
      I'm actually more serious than kidding...
      • It's strange to me that the article seems to think that it's the open part of OSS that they are wigging out about. When I was in the Army and National Guard, we had numerous heath and welfare inspections. Try telling a Drill Sargeant he can't look at anything he/she wants. Having a high grade security clearance is like living in a fish bowl, they flat out told me every telephone we had acess to was tapped, hows that for open?

        I wonder how history would have changed if the Trojan Hourse had been covered in gl
  • by drDugan (219551) * on Sunday September 17, 2006 @03:37PM (#16125999) Homepage
    I have direct evidence that some parts of the DOD engine is paying for products with open source compenents. Unfortunately, I can't go into details (yet).
    • by clymere (605769)
      Of course they are. You're hard-pressed to find any sizable system which doesn't include some open source components.
  • C-Span (Score:5, Interesting)

    by jeffkjo1 (663413) on Sunday September 17, 2006 @03:40PM (#16126010) Homepage
    I was watching a C-Span panel with US Homeland Security Secretary Michael Chertoff earlier today (rebroadcast from Tuesday 9/12) and he was talking about a lot of things. However, I was very positively struck when he talked about interoperability of first responder radio networks and how it's important that we don't lock ourselves into a proprietary network should the feds mandate a specific system.

    He specifically refered to making it an 'open source' setup if we were to mandate specific equipment to avoid vendor lockin.

    While I don't follow the open source movement too closely, it's a major reference, from where I see it.
    • I found this section of TFA thought-provoking: "In the military, leaving tasks unfinished until some indeterminate time in the future is simply not acceptable, especially in cases where life--and accountability--is at stake."

      This is in response to Behlendorf's description of FOSS development as organic, relatively unplanned. It frequently doesn't include deadlines, guaranteed results, even release dates.

      This takes the focus away from results and puts it back on method. If you use the most efficient develo

      • Re: (Score:3, Insightful)

        by flooey (695860)
        What happens if overall foreign-policy strategy, and even discrete military tactics begin revolving around a similar notion: that you use the correct means and you know the ends will be Good Things even if you can't list those Things in advance.

        I'd expect you might find that you'd get the same thing that happens in software: most of the time, it's not the best product that "wins", it's the one that's fastest to market and fastest with new features, even crappy, bug-ridden features. If you have a really
      • Re: (Score:3, Insightful)

        by Bert64 (520050)
        It's better to have something that works well when it's ready, than to have a rushed half assed job that's ready much earlier, but doesn't do the job...
        Especially in the military, would you want hurriedly built planes falling apart over enemy territory?
        • Re:Tech or Politics? (Score:4, Interesting)

          by Nutria (679911) on Sunday September 17, 2006 @07:50PM (#16127269)
          It's better to have something that works well when it's ready, than to have a rushed half assed job that's ready much earlier, but doesn't do the job...
          Especially in the military, would you want hurriedly built planes falling apart over enemy territory?


          I'd want a program (milspeak for "project") that knows how to limit it's objectives, yet also creates a platform for growth and enhancement.

          Thus, if we're on a tight timeline, we'd need a quickly-built airframe that at first is limited (cheap already-existing engines, older model avionics and missiles, etc), but allows easy upgrade to newer faster engines, canards, more capable avionics, misiles and strike capabilities, etc.

      • Re:Tech or Politics? (Score:5, Interesting)

        by Yaztromo (655250) <yaztromoNO@SPAMmac.com> on Sunday September 17, 2006 @05:00PM (#16126329) Homepage Journal
        This is in response to Behlendorf's description of FOSS development as organic, relatively unplanned. It frequently doesn't include deadlines, guaranteed results, even release dates.

        While this is frequently the case, it isn't necessarily the case.

        Far too many people think that FOSS is just something you download off the web. Something that someone else creates, but which you, as the customer, have no control over. That choosing an Open Source product is like going to the grocery store, and that you only get to pick whatever products are being offered, and that you otherwise have no say in their design.

        However, this isn't necessarily the case. I've spoken to a number of groups on this subject at length, and what a lot of people don't realize is that you can continue to use your existing sources of software, but that you simply have to demand that the developer provide it to you under an Open Source license. That's it. You can still contract out the development work to the companies you're using for custom development. You can still buy from your approved vendors list. The license that the software is provided under is a contractual issue, and thus is something that can be negotiated.

        Yes, the vendor may want more money in order to provide their software as OSS. However, if you're a really large corporation or organization (like the US DoD), in generally you'll be able to specify these requirements. Either your vendors meet them, or they don't (in which case you take your business elsewhere). Same as any other requirement specified in the tendering process.

        FOSS doesn't have to mean "downloaded from some guys website". For a big organization like the US DoD, this probably isn't terribly desirable (unless the software does exactly what you want, and you can either form a business relationship with the developer, do continued development in-house, or are willing to contract out feature additions and bug fixes to a third party -- this is, after all, the biggest strength of FOSS).

        (I wonder what would happen if a really big organization like the US DoD went to Microsoft when it comes time to renew their bulk licensing contract and specified that the software must be licensed as OSS, and in return offered them twice the amount of the previous contract. What would win out? Greed and good business sense, or jealous protection of the code and the loss of a major customer?)

        Yaz.

        • by rolfwind (528248)
          Doesn't Microsoft already have shared source with select partners?
          • Re:Tech or Politics? (Score:4, Informative)

            by Yaztromo (655250) <yaztromoNO@SPAMmac.com> on Sunday September 17, 2006 @06:59PM (#16127008) Homepage Journal
            Doesn't Microsoft already have shared source with select partners?

            Shared Source != Open Source.

            Open Source is about more than just being able to look at and build the source code. It's about the freedom to redistribute the software with your changes at will. It's about being able to hire on whatever development company you desire to enhance and improve the software.

            Shared Source is mostly just a rouse to appear open, to try to stave off a migration to more truly open options. Shared Source doesn't really give you much in the way of additional freedoms -- Open Source does (and by Open Source, I am specifically referring to software that is licensed in such a way that it conforms to the Open Source Definition [opensource.org]).

            Yaz.

        • by Jah-Wren Ryel (80510) on Sunday September 17, 2006 @06:47PM (#16126933)
          I wonder what would happen if a really big organization like the US DoD went to Microsoft when it comes time to renew their bulk licensing contract and specified that the software must be licensed as OSS, and in return offered them twice the amount of the previous contract. What would win out? Greed and good business sense, or jealous protection of the code and the loss of a major customer?)

          What would happen is that MS would quickly get on the phone with their lobbyists and start persuading their captive congressmen to start leaning on the DoD to withdraw the FOSS requirement of the contract, but to keep the price at the same amount.
      • by bky1701 (979071)
        Better then saying the end justifies the means, like we do today.
    • Hmmm... (Score:5, Insightful)

      by C10H14N2 (640033) on Sunday September 17, 2006 @04:35PM (#16126207)
      The problem is that an Open Source project would quickly become a proprietary project anyway. Take, for instance, VISTA (medical records). Yes, it's open source, hell, it was even developed by the government. However, since the VA's mission is decidedly NOT to provide tech support to the rest of the government, other departments that might use that system are left holding the bag to fully support it IN HOUSE, and that includes a metric ass-load of customization.

      Where "Open Source" is really competing is in vertical, single-source support and in that department, it usually doesn't have an advantage. It's not that government is averse to using the stuff, it's just that they don't want to end up with something like the VA and VISTA where they have hundreds of full-time developers devoted to keeping it alive. They'd prefer to sign a vendor on to provide it as a service so they can get on with fulfilling their mission, not pretending to be a software development company.

      The benefit of open source is that you "own" the code in the sense of having unfettered access to it and can continue developing it even if the original owner ceases to exist. However, owning the responsibility of perpetual development is precisely what government agencies DON'T WANT -- and, frankly, for good reason. They're not software companies and they're very bad at pretending to be so (take a look at the FBI case management system, for instance). When people make the case for open source on those grounds, you've just presented them with the worst nightmare imaginable, so don't be surprised if they scream and run away.
      • by g2devi (898503)
        I think you're missing the important thing about open source. Because you have the source, you can hire any number of companies to maintain the source if you don't like one vendor. You can even hire two or three companies to maintain at the same time to provide extra redundancy and provide assurances that no one company is able to push you around.

        How about closed source? Take the VISTA situation, for instance. If the source code was closed and the company lost interest or went out of business. It would be s
        • Re:Hmmm... (Score:4, Interesting)

          by C10H14N2 (640033) on Sunday September 17, 2006 @05:16PM (#16126427)
          What people really don't seem to understand is the reality that it is often more efficient to replace a system wholesale than get a new group of people who have a year of "learning curve" just to figure out what the hell the existing system is doing.

          So, pretend you're a department manager with a million bucks to spend on some piece of software and your vendor just ceased to exist. Your existing application is ten years old and full of bugs. Do you spend your million bucks paying the salaries of ten developers to potentially get you to square one after a year or do you spend a half million bucks on licenses and support for a new package and still keep five in-house developers on to work on the transition?

          Most people choose option number two. That's just the reality on the ground, so if you're going to make the open source case, frame it in that context. Don't put all your money on "hey! you've got the code!" -- because that's the least of the worries.
          • Don't put all your money on "hey! you've got the code!" -- because that's the least of the worries.
            Ahmen Brother, their worries should be about whether the new rapists will be able to migrate the data on the old rapist's system to satisfy 30 year documentation retention requirements from the FDA! Imagine having to recall all implanted medical systems with a particular lot number and discover that you have to hand audit 50,000 paper medical records because inventory and patent data didn't transfer properly t
  • by Tracy Reed (3563) <treed@PARISultraviolet.org minus city> on Sunday September 17, 2006 @03:42PM (#16126020) Homepage
    Because the DoD allegedly likes freedom and wants to promote it. It is their reason for existance. If "Open Source" is hurting the adoption effort use the original name "Free Software".
    • by forkazoo (138186)
      Because the DoD allegedly likes freedom and wants to promote it. It is their reason for existance. If "Open Source" is hurting the adoption effort use the original name "Free Software".

      Naw... Then it sounds cheap. I say we actually start calling it "Freedom Software," rather than constantly having to explain that Free doesn't mean cheap because it means Freedom.
      • Re: (Score:3, Funny)

        by Tacvek (948259)
        I say we actually start calling it "Freedom Software," rather than constantly having to explain that Free doesn't mean cheap because it means Freedom.

        People will then assume that "Freedom Software" is a euphemism for "French Software".

    • by twitter (104583) on Sunday September 17, 2006 @07:23PM (#16127147) Homepage Journal

      The term "free" is an intentional echo of cold war terminology and works for military types. Freedom is what they are all about and they are never supposed to obey an unlawful order. The American ideology of the Cold war carried over from the defeat of the German dictatorship and Japanese Empire but was firmly rooted in American history, writing and law. The core of that ideology is that free, moral people working in honest cooperation and competition are happier and more prosperous than people toiling under centralized dictatorships. Interesting expressions of these ideas can be found in the writing of Robert A. Heinlein, especially Starship Trooper [wikipedia.org], which is recommended reading in the US Marine Corps. Free software is an honest effort to make things work, guided by a free meritocracy. It works and has become best of class because people agree not to screw each other over, standards to modularize their work make it so things are interchangeable and the fittest work survives.

      Officers with higher degrees will instantly appreciate the peer review nature of free software. People who have published scientific articles understand first hand the practical requirements of repeatability too. To them, if you can't repeat it yourself you have to take it on faith and no military person wants faith in anything but the almighty when they can have proof instead.

      The non free people tried to call free software, "software communism" but failed and may have it thrown back in their face. Any military person will tell you that Communist contries are really nasty little fiefdoms, where who you know is more important than what you know and the top guy is in absolute lawless control of everything until murdered. This more resembles the distrustful, back stabbing and intentionally wasteful world of non free software in methodology and results.

      I'll quote the gnu.org sites, see what you think:

      ... what else could we say about a system based on dividing the public and keeping users helpless? ... One [non free propaganda] assumption is that software companies have an unquestionable natural right to own software and thus have power over all its users. ... [another is that] we would have no usable software (or would never have a program to do this or that particular job) if we did not offer a company power over the users of the program. [gnu.org] and Consider these four practices of the Software Publishers Association (SPA): [gnu.org]

      1. Massive propaganda saying it is wrong to disobey the owners to help your friend.
      2. Solicitation for stool pigeons to inform on their coworkers and colleagues. Raids (with police help) on offices and schools, in which people are told they must prove they are innocent of illegal copying.
      3. Prosecution (by the US government, at the SPA's request) of people such as MIT's David LaMacchia, not for copying software (he is not accused of copying any), but merely for leaving copying facilities unguarded and failing to censor their use.

      All four practices resemble those used in the former Soviet Union, where every copying machine had a guard to prevent forbidden copying, and where individuals had to copy information secretly and pass it from hand to hand as ``samizdat''. There is of course a difference: the motive for information control in the Soviet Union was political; in the US the motive is profit. But it is the actions that affect us, not the motive.

  • Thats funny (Score:4, Informative)

    by macaulay805 (823467) on Sunday September 17, 2006 @03:42PM (#16126024) Homepage Journal
    The last time I checked, the DOD has an enterprise license for RedHat Enterprise Linux.
    • by pegr (46683)
      And the DoD has released their mods to dd, making dcfldd, a useful utility in the forensics field. I admit, it's not a lot, but they do release their mods...
  • So what (Score:3, Funny)

    by jlebrech (810586) on Sunday September 17, 2006 @03:49PM (#16126044) Homepage
    They already use "Open Fire", "Open Range" and "Openpray" why not opensource.
  • As much as we bitch at the government for hiding this secret project and that wiretapping, why should we be SURPRISED that they don't like the word 'Open'?
  • by Malakusen (961638) on Sunday September 17, 2006 @03:53PM (#16126065) Journal
    As someone in the military, I can tell you for sure that appearance and impression matters MUCH more then function or realism. It's all about how it looks or how it sounds, not what it does or how well it does it. There's a reason our fighter planes aren't called the Kitty or the Puppy. Heh heh, the F-22 Puppy, that'd be funny.
    • 'Hello Kitty Helo' sounds pretty good to me...

      Just need some thinking out of the old helmet. It could work.
    • Re: (Score:2, Informative)

      by kfg (145172) *
      There's a reason our fighter planes aren't called the Kitty or the Puppy.

      The Puppy [theaerodrome.com]

      KFG
    • Re: (Score:2, Interesting)

      by m94mni (541438)
      The all-time most popular swedish military plane was the "J29 Flygande Tunnan" - Flying Barrel.
    • by Deadstick (535032)
      There's a reason our fighter planes aren't called the Kitty or the Puppy.

      We had one called the Buffalo once...and that was pretty descriptive of its flight characteristics.

      rj

    • Re: (Score:3, Funny)

      by Fred_A (10934)
      here's a reason our fighter planes aren't called the Kitty or the Puppy.
      At least with that name nobody would dare kick it. Deploy it and all foes would fall upon themselves trying to tickle it under the chin until it started firing. You could certainly build some sort of strategy around that.
    • The Kitty [fighterfactory.net]

      • by Malakusen (961638)
        Kitty*hawk*. That hawk still makes it sound scares and impressive. Also, most people realize that kittyhawk is a historical reference.
    • by Shadowlore (10860)
      Heh heh, the F-22 Puppy, that'd be funny.

      If you're going to name an aircraft after a dog, make sure it's one that drops bombs.
      B-2b Puppy
      B-52H Rottwieler
    • So explain the A10 Warthog to me then !)
  • by paroneayea (642895) on Sunday September 17, 2006 @04:07PM (#16126116) Homepage
    ...is why OpenBSD is so infamous for being insecure.
  • NMCI (Score:5, Interesting)

    by IgD (232964) on Sunday September 17, 2006 @04:13PM (#16126134)
    I work in a military environment. Recently our computers were transitioned to NMCI. Result: All open source is strictly prohibited. My workspace had designed a really awesome database powered by MySQL and other open source technology. When NMCI came online we were SOL. When we asked for help, we were advised we could spend a $xxx,xxx and purchase a Microsoft SQL Server license instead. When we pushed the issue, we were told that we were welcome to submit MySQL to NMCI for approval but that no one knew how to file the paperwork and no one had ever seen any software approved before. My take: It's a money scam. Somehow NMCI and Microsoft profit from each other with an exclusive agreement.
    • Re: (Score:3, Informative)

      by blofeld42 (854237)
      It's a money scam, but the perp isn't Microsoft.

      Before software goes onto NMCI it has to be certified. The certification process is obscure and not well documented, so the people doing the certification clean up--it takes around $30K of contractor work to get the software certified. It's full employment for DoD contractors who know something about NMCI certification.
    • Re: (Score:3, Insightful)

      by Kjella (173770)
      (...) we could spend a $xxx,xxx and purchase a Microsoft SQL Server license instead. When we pushed the issue, we were told that we were welcome to submit MySQL to NMCI for approval but that no one knew how to file the paperwork and no one had ever seen any software approved before.

      Now, in a sane system you would ask "Show me the documentation that is the basis for Microsoft SQL Server's approval, and we'll provide equal documentation." The reason it probably does not work is that the documentation involves
      • by westlake (615356)
        in a sane system you would ask "Show me the documentation that is the basis for Microsoft SQL Server's approval, and we'll provide equal documentation." The reason it probably does not work is that the documentation involves a large check.

        a trivial response and lazy.

        if you do not understand your own procurement system you are not ready to compete with Microsoft Federal Systems

        ---which does nothing on its own, but partners with the big boys on projects like the Reagan. Microsoft Appoints Federal Business [crn.com]

      • I know it may sound odd but just to get access to the list of software that is "approved" is a lesson in bureaucratic absurdity; forget actually submitting something to get "approved".

        What is even more ridiculus is that users had to sign a form saying you would not install any software not on the list - yes, the list you cannot see without significant fortitude in dealing with out-of-control, out-of-touch bureaucracy!

        The list is a joke, however. For example most software is approved only at some earlier rel

        • I know it may sound odd but just to get access to the list of software that is "approved" is a lesson in bureaucratic absurdity; forget actually submitting something to get "approved".


          Having gone through the approval process (DoD but not NMCI) to have several programs my company created I feel your pain. Conflicting requirements, forms that even the approving authority weren't sure how to fill out, changing program managers mid stream so you had to renegotiate any exceptions previously agreed upon were onl
    • exclusive agreement

      Yes, NMCI is Microsoft all the way or it is the highway. It is ironic that an organization that is suppose to protect a market driven economy, freedom and apple pie has taken a centralized (communist) one-size-fits-all anti-competitive monoculture approach to handling its IT.

      Not only that the framers of the NMCI contract were apparently unable to distinguish between the needs of word processing secaterial pools, powerpoint obsessed managers, and cutting edge research and development engin
  • ....that they don't have to use the word "free".
  • by adnonsense (826530) on Sunday September 17, 2006 @04:54PM (#16126301) Homepage Journal

    would be my suggestion for a DoD-friendly monicker.

    Also, I recall whenever I install Oracle (closed source) I have to click an agreement that I will not use the software in the design or production of biological, chemical or nuclear weapons. I've never encountered such a clause when using open source software, so maybe this might be something that would appeal to the DoD, who I presume would rather not be tracked down by one of Larry Ellison's hit squads.

    • That's a rather silly license condition. I think WMDs make you immune to software license agreements.

      I've never encountered such a clause when using open source software
      There was a /. article on an open source group who used a modified GPL license that banned all military use.
    • by iwan-nl (832236)

      Not exactly open-source (according to most), but the Sun licence contains the following clause:

      You acknowledge that Software is not designed, licensed or
      intended for use in the design, construction, operation or
      maintenance of any nuclear facility.
      • by Glenn R-P (83561)
        That is a disclaimer, not an anti-nuclear political thing. It means that Sun cannot be held responsible if the nuclear plant that you designed with their software melts down.
  • A handful of reasons (Score:5, Informative)

    by NitsujTPU (19263) on Sunday September 17, 2006 @05:03PM (#16126353)
    1) Liability. Contractors want somebody to sue if something goes wrong. The DoD will blame the contractor.
    2) Specs. Usually, the system is being developed is meant to replace another system that is in-place. The only things to be changed are what are specced out. This doesn't prevent things from being entirely rewritten, but it usually stays on an existing DoD platform.
    3) Speaking of platforms, check out the existing specced out platforms. Lots of people go with DIICOE, or GCCS for various reasons. Some might include a desire to get something included as a DIICOE segment, which is profitable, or GCCS, because it's ubiquitous.
    4) STIGs. If there isn't a STIG written for it, you're going to have a harder time getting approval to operate it on a classified network. Even if all of your major apps are covered, you'll have to get extensions regarding applications that are not covered. Extensions are not intended to be waivers... so, you're only supposed to get an extension if you intend to replace it. It is hard to justify an extension for new software. Why not just write it in a compliant fashion? Because the security audit will be more of a PITA, they avoid any step into the unknown. Some of this is just inertia.
    5) Security through obscurity. It sounds asinine, but the DoD doesn't rely on security through obscurity.... they rely on anything that is considered a good practice, obscurity is just one of those many practices. It's not that they are using telnet or anything silly like that. It's just that they want as many layers as possible.
    6) Common open source is embraced. Everyone runs Apache. It's as ubiquitous as IIS. It's the things that are considered more "out there" that aren't.

    All of that aside, there have been open source initiatives, but contractors have been reluctant to bite. Reasons vary, but this is the essential dynamic. The DoD retains the rights to most of the source code for projects that they fund, so, they already have the source code... they give it to anybody that they please, including the next contractor to work on the project. Contractors don't want to share source with each other for competitive reasons. Since they're all bidding to produce identical products, giving other contractors the ability to develop experience with a product can only hurt their business, this experience is their primary bargaining chip when bidding (that and the ability to undercut their competitors, or qualify for special considerations, such as being a small business).

    Then there is the concern of enabling foreign interests to develop commensurate technologies. Nobody wants to share code to decode IFF signals, or to build similar systems. Thinking that the government would publish code to do these things is just asinine.

    You always have your crumudgeons who also will just resist open source... which is the same even outside of DoD interests, but the DoD comes with a host of other concerns. All of these in mind, I'm not sure that the DoD is necessarily stilted against open source. Some sectors of the DoD have embraced it quite readily... these are just the faster-moving sectors who adopt technologies more readily. The DoD is a very large entity, and, as such, slow adoption, when combined with very well established platforms results in this exact behavior.
  • of course we all know that the us dod is a monolithic
    entity that only holds one opinion about anything.
  • War on Proprietary Software.
  • by rduke15 (721841) <rduke15NO@SPAMgmail.com> on Sunday September 17, 2006 @05:47PM (#16126597)
    I must say, I'm really not unhappy with that. In fact, I would dislike it very much if any of my open source contributions would be used by the military (of any country). I even once considered blocking access to my web site from .mil domains. I didn't because it would be completely silly, and there is no reason to block only .mil and let all the other military through. And after all, "open" is "open", and anyway, I have neither the time nor the moral authority to decide who is "good" and who is "bad".

    But nevertheless, if the military would rather not use any of my "open" code, it makes me feel better, even if it is not rational.

    • by PitaBred (632671)
      At least you admit it's not rational. I'm not for a militaristic society, but I'm of the mind that if someone's winding up to punch me in the nose, I have no compunction with hitting him first. I'd rather not wage war, but the fact remains that there are people who are willing to kill Americans because we don't believe the same things they do (no, America isn't immune to this, but the Crusades are the last real recorded Christian "holy war"), and I'd rather not let them.
  • One of the problems is that it is free, meaning they don't pay for it. The Army doesn't ever get something for free. There are policy's against it.

    The idea is that, eventually Guido is going to want you to repay the favor. The Army can't get something for free because, later on, it might be seen as biased.

    Also, they want to be seen as supporting American buisnesses. When you use open-source, and get it for free, it is almost like you are taking it away from the economy.

    Now, I don't dispute that there
  • #include <std_disclaimer.h>

    Good lord, I actually have something to contribute!

    In a nutshell, the DoD *really* doesn't like that they don't know who wrote the software, and they also don't like the lack of a central point of contact. They'd rather hire, say, $defense_contractor to write a similar piece of software, because they get a couple of reassuring beliefs (we will not attempt to discuss the VALIDITY of these beliefs, please):
    1) that $defense_contractor is using properly trained, vetted programm
  • No problem! (Score:2, Funny)

    by JanneM (7445)
    The whole issue is this wimpy, do-gooder pinko commie vibe you get from "open" and "share" and "please don't kill innocent civilians" crap.

    Just do a cut and paste and replace "open" with "Dark Top Eagle Hammerfist YMCA Shiny Leather" and you'll see military types lining up around the block for the stuff.
  • So call it "flex source" or "agile source" The military loves terms like that.
  • How many people have said linux is "killer" software compared to the number of people who have said "Windows will be the death of me"? Export list be damned. We should be promoting Windows to our enemies.
  • "Free Sofware" as in the Freedom you are bringing to... *ducks*
  • Let's not fool ourselves, open source software takes talented people to run, not the normal graduates of 6-week "learn-computers-fast-to-make-money.com" windows training that is the mainstay of price thrifty contractors that make up the entire backbone of all DOD IT departments. I'm sure there are talented admins in the DOD, I've met some, but they are the exception rather than the rule. "Best and Brightest need not apply"
  • Nevermind the incorrect capitalization, but does that even mean anything? Yes, this is offtopic, yes this is nitpicking, but seriously: Does that really mean any more than "Smurfing for government computer wews"? Personally I think "grofling for news" sounds cooler, not to mention it's one step ahead of being branded "hip" in that negative way.

    Anyway, I stopped reading right there. So the comments here may be gibberish and all non-sense, but can't we at least expect the summaries to be in semi-proper en

It is much harder to find a job than to keep one.

Working...