Domain: gsaadvantage.gov
Stories and comments across the archive that link to gsaadvantage.gov.
Comments · 10
-
GSA Advantage!
The government already has this, they call it GSA Advantage! https://www.gsaadvantage.gov/a...
Our company is a vendor on it and it is a PITA. I don't expect anything new to be better. It's going to be the same garbage crap. My favorite part is they demand proof that you are giving the government the lowest price you charge any customer. Then they make you do hours of paperwork for any small order. And finally they audit the living crap out of you. They asked us to provide detailed quotes from every sale we had made to EVERY CUSTOMER (Government and commercial) for the WHOLE YEAR. Hundred of thousands of transactions... I can't wait until this new program comes out
:P -
Re:Shit Article
As a Gov purchase card holder in a past life, I have first-hand experience with just how shitty GSA is. My group needed a handful of licenses for Adobe Acrobat Pro. NewEgg had them for ~$90, as did Amazon and a couple others. I was forced to buy each copy for $150 from a GSA-authorized vendor. I could have saved the government $500+ with that one purchase, but instead they bound my hands.
The gov won't be giving *every* purchase to Amazon since every purchase the gov makes must be done via a competition with at least 3 vendors (I imagine Amazon, Wal-Mart and one other, depending on the item). Here's hoping Amazon fixes a couple of the problems with GSA Advantage - It's a terrible interface, prices are stupidly high, dozens (or hundreds) of duplicate items, and absurdly slow turn-around times.
-
Re:Compare military base exchanges
Compare your example with GSA Advantage, where companies do such bidding and qualification and also pay the GSA for the privilege of being a supplier. In exchange, they gain access to the captive audience of the US government.
It sounds like this is just offloading that backend work to someone else.
-
Re:How to make your Rights illegal.
As someone who has done purchasing for the government, part of the training emphasizes accountability to the public. The whole reason there's so many signatures for approval for every penny spent with a GPC is to be able to report this sort of thing when presented with a FOIA. Not to mention being able to tell Congress (through command chain) just how much money was spent and on what. There's more transparency than many realize. With that transparency comes more paperwork validating and approving every step of the process (and thus, more 'wasted money').
That said, there's definitely room for improvement. GPC folks are encouraged (mostly forced) to shop through GSA Advantage, since prices are "pre-competed". Which if you look, you'll find inflated prices for damned near everything. The Gov will gladly spend $150 on a $90 software license because it's through GSA and not NewEgg.
-
Re:Many eyes make bugs / backdoors shallow
It seems that link may have been
/.ed. They are doing precisely as you say.Here is a dump of the information, last I had it.
IRC: irc.freenode.net #openbsd
Twitter: OpenBSDGateThe etherpad (most detailed and up to date):
OPENBSD IPSEC STACK VERIFICATIONOriginal Email:
http://marc.info/?l=openbsd-tech&m=129236621626462&w=2
The code:
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/ipsec_input.c
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/ipsec_output.cMisc:
What other software includes the OpenBSD IPSEC implementation?
Not Linux:
Triaging Linux; git clone git://git.kernel.org/pub/scm/linux/kernel/git/tglx/history.git
Initial commit 6c55c29fa, Oct 2002, Alexey Kuznetsov
Does not appear to be derived from the above? (checking strings from ipsec_input.c version 1.54.2.3, Oct 2002). Neither copyright information nor comment strings match. Linux's IPSec implementation looks original.
'git log -p --grep=IPSEC' on the above clone shows complete history for the period.Communications:
IRC: irc.freenode.net #openbsd
Twitter: OpenBSDGate
PublicPad (this document); http://piratenpad.de/condition-beigePress:
http://blogs.forbes.com/taylorbuley/2010/12/14/fbi-accusedipsec-of-decade-old-cryptography-code-conspiracy/
http://bsd.slashdot.org/story/10/12/15/004235/FBI-Alleged-To-Have-BackdWe have never allowed US citizens or foreign citizens working in the US
to hack on crypto code (Niels Provos used to make trips to Canada to
develop OpenSSH for this reason), so direct interference in the crypto
code is unlikely. It would also be fairly obvious - the crypto code
works as pretty basic block transform API, and there aren't many places
where one could smuggle key bytes out. We always used arcrandom() for
generating random numbers when we needed them, so deliberate biases of
key material, etc would be quite visible.
oored-OpenBSDs-IPSEC-Stack
http://www.reddit.com/r/programming/comments/elw0x/allegations_regarding_openbsd_ipsec_fbi_backdoors/
http://www.metafilter.com/98547/Subject-Allegations-regarding-OpenBSD-IPSECDocs:
http://web.archive.org/web/20000621015208/www.netsec.net/gsa.html
https://www.gsaadvantage.gov/ref_text/GS35F0040K/GS35F0040K_online.htm
http://web.archive.org/web/19980101000000-20040101235959*sh_re_sr_1nr_30/http://www.netsec.net/*
http://web.archive.org/web/20000816024729/www.netsec.net/ltr_doj.htmlSource Contributors:
Jason: http://www.linkedin.com/in/jasonwrightPossibility #1: (eldragon)
http://www.openbsd.org/cgi-bin/cvs -
GSA Advantage? (US; NMSO in Canada)
Get training on procurement process through whatever level of government you are with (e.g. US Federal, Ontario provincial, etc.). Then you will know what purchasing options are available. The problem is that many departments and agencies have cut their procurement & supply staff, and those remaining tend to be at best amateurs in their knowledge about IT purchases, and most IT departments staff avoid dull training like procurement, and thus their purchases are done in a very ad-hoc manner, and often reflect personal bias (like only buying from Dell).
In the USA, at the federal level the government U.S. General Services Administration runs a program GSA Advantage.
In Canada the federal government Public Works and Government Services Canada (PWGSC) runs a Standing Offer Index including a specific one for microcomputers. For generic office PCs, these are starting points that are "pre-approved" purchases so you don't need to create and advertise and evaluate and have contested a RFQ (Request For Quotes), and as well the purchasers can also do LPO (local purchase offers) or RVD (Request Volume Discount) and likely other techniques I don't know of in particular if the Index is out of date, or a large volume purchase may warrant a discount.
Also learn and understand TCO - Total Cost of Ownership, that is the overall cost of the purchase (i.e. a PC in this case) including repairs / replacement components, down time due to failure - including the cost of have the employee unable to fully function at their job, plus cost in time & labour of IT staff for deployment (roll-out) including disk imaging (by vendor or IT), as well as overall satisfaction of the agency with the IT department's perceived value. This is standard IT management (CIO and below) knowledge, so talk to an intelligent IT manager for any help you need in this regard.
Unless you have scores of idle IT staff, assembling 1000 PCs is a lot of labour and time. And that's assuming you pick a hardware configuration that works, is stable, and is reliable. Most IT departments are staffed with strictly software oriented system administrators as their rank and file, with reasonably few if any computer hardware technicians and tools. And "at-home builders" experience don't cut it in a professional setting; it's a starting point for new hires, not a substitute for fully trained technicians. I'm sure that will cause flames, but I don't care, and to wit, I'm not a computer hardware technician, but I have respect for the few I have worked with, they were excellent at their job, and knew which end of the soldering iron to hold when making custom serial cables.
-
Re:They're just enforcing an NDA... Bluffing..
"HP found out that one of their competitors (GroundWork) has HP's confidential documents. They shouldn't have those - somebody has obviously broken an NDA. "
NDA's are unenforceable, (have no legal standing), once the information can be obtained by legal means.. I.E. HP's official pricing disclosure to the GSA in order to secure government business, (required by law).
After that occurs, HP has no case and no standing to sue anybody for using that information.
-
Not the first time for MySQL on a GSA schedule
Is this the first time this has happened, though? A quick look at the GSA Advantage site yields at least one or two results for MySQL database license vendors. Besides which, I don't see any MySQL products on the GSA Schedule mentioned in the article, either. To be fair, it can take some time to update GSA's information, but it may be better for these folks to make public announcements after the t's have been crossed. Still, this is a positive step in the right direction for greater use and support of MySQL in the US federal government.
-
Not the first time for MySQL on a GSA schedule
Is this the first time this has happened, though? A quick look at the GSA Advantage site yields at least one or two results for MySQL database license vendors. Besides which, I don't see any MySQL products on the GSA Schedule mentioned in the article, either. To be fair, it can take some time to update GSA's information, but it may be better for these folks to make public announcements after the t's have been crossed. Still, this is a positive step in the right direction for greater use and support of MySQL in the US federal government.
-
Not the first time for MySQL on a GSA schedule
Is this the first time this has happened, though? A quick look at the GSA Advantage site yields at least one or two results for MySQL database license vendors. Besides which, I don't see any MySQL products on the GSA Schedule mentioned in the article, either. To be fair, it can take some time to update GSA's information, but it may be better for these folks to make public announcements after the t's have been crossed. Still, this is a positive step in the right direction for greater use and support of MySQL in the US federal government.