Slashdot Mirror
German Gov't, Free Software, and Secure E-mail
friday2k writes "There is a nice Article on Newsforge describing how the German Government moves ahead on looking into Free Software solutions for government agencies. And you need a standard, secure, email client for this." Basically, they are funding some good secure e-mail - but making sure that it works with stuff like Kmail.
Germany... Last bastion for open communcation? Give it twenty years... The U.S. govt. is doing it's best to shove the genie back into the bottle... Shouldn't this be a sign to them?
Project Ägypten will focus on making Open Source email programs KMail and mutt compatible with Sphinx
They're modifying KMail and mutt to work with Sphinx, not the other way around (as the post implies).
I would applaud this but would only suggest that open source developers not gravitate too closely to the governments of the world for cues and support in development of new security software.
They will order code they can understand and code they can master, and will want multiple accesses to encryption (such as back-doors) that truly render it useless in an intelligence capacity.
Give the government strong crypto controled by a single trusted admin. Distributing information and accesses simply opens the door to moles. The US government has seen several, such as Robert Hanssen and Aldrich Ames.
If an agent is communicating with a handler far away via encrypted email, not even the handler's supervisors should be able to override the encryption. Especially them.
Goat sex free since 2001
By doing this, they are saving their taxpayers a bundle (easily billions) by not spending so much on licensing fees from Sun or Microsoft. That money saved can go to greater things like making better schools, etc.
The article starts out saying that Congress wants to outlaw Open source via the SSSCA.
Perhaps congress should visit our German buddies and see how a switch to OSS can benefit the American public. A little bit of seeing what's happening abroad could go a long way.
The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
"has hired three companies to create Free Software email options"
??
-Berj
I would advocate that governments only use open source projects...
the fact that the DoJ was supposedly at war with M$, while at the same time handing over some of M$'s largest contracts seems insane...
I would almost call it a chuch/state issue...
And alas their attempts to free software fail as Microsoft swoops in and displays proudly their new EULA for Notepad, in which they considered free software..Microsoft annexes Germany..Italy and MS Germany make an alliance...
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
So what is this 'Sphinx' email? Is it some propietary software or what??
The article seems to raise more questions that answers.
Will this going to help anyone that doesn't use Sphinx?
Looking for any old 8-bit Heathkit/Zenith software/hardware - http://heathkit.garlanger.com
Are they going to use SuSE?
The best thing I see coming out of this is the possibility of an entire governmental agency switching over to solely free software. At that point you'll have all types of employees all using free destop productivity software. Whatever word processor they use, it'll have to work well and have everything they need and want it to. Same with presentation, spreadsheet, database, etc. applications.
One thing I've heard repeatedly from various places is that there's no set of free software applications that meet the above requirements, pretty much forcing people to use windows. Once an entire agency is using free software, the government is going to have to pay for some company to create exactly what it is that they need for the desktop, and since it's open source, it'll be available to everyone. So there'll be a standard install of a standard, easy to use desktop and it'll come with all the applications a person needs to be an engineer, statistition, executive, or even just a secretary.
I see this as possibly the only way free software will get a good business desktop in the near future, and I can't wait for it to happen.
Mr. Spey
Cover your butt. Bernard is watching.
Cover your butt. Bernard is watching.
It's great to see a government agency of all places supporting the GPL and open source.
I might be kind of shallow, but I think if you don't release your code, you are afraid of people looking at your poorly programmed code. If the "you" in the above sentence relates to a company, the company is essentially saying that your company is embarrased of the programmers.
I'm sure I'll have a change of heart once I enter the industry.
A mail program isn't the most complicated thing to program, I'm writing something in vis. basic right now (I know, I know - It's called schoolwork and I might as well challenge myself) The program is going to be um.. very highly customizable.
Anyways, these rfc's were really useful.
http://www.ietf.org/rfc/rfc0821.txt SMTP Spec
http://www.ietf.org/rfc/rfc2046.txt (w/Mime)
On a side note (and kind of in jest), what the hell is with europeans and super long agency names?
Bundesamt für Sicherheit in der Informationstechnik (damn!)
1q2w3e4r5t6y7u8i9o0pqawsedrftgthyjukilo;p'azsxdcf
what's wrong with hushmail or ziplip??
both are web accessible and secure as long as you talk to others that are also on the same system. hushmail uses a java applet and depending on which version you are using the blowfish algorithm or a PGP spin-off. off the top of my head, I don't recall what ziplip uses.
there are
There are some odd things afoot now, in the Villa Straylight.
This project is great, since it hopes to create a universal module that can be plugged in easily to any MUA.
But for those of you who happen to run mutt, you don't have to wait for S/MIME support -- see this site for details. It's not universal or modular, but it exists now and it works.
--
Mod up a post Rob doesn't like and you'll never mod again
Well, it seems that your post name is exactly as it implies, 'an anonymous coward'. Do you have any solid grounds for this? I'm not german, and I live on the other side of the world from germany, so this may somewhat invalidate my point of view, but I believe that the country of Germany has really gone up-hill with free speech, etc. from stories and first-hand accounts I have read. They aren't the enemies anymore, fool.
So, I'm just currious here, what are the other languages?
robi
About 6 months ago I stumbled across an awesome GTK+ mail/news reader very similar in look to Netscape Messenger (and far superior to XFMail) called Sylpheed (http://sylpheed.good-day.net/). It'll handle as many accounts as you want, supports threading and image view through gdk-pixbuf, is extremely fast (and decently configurable), and I've never had it crash on me. Some distributions are starting to pick it up now, and it's included in Mandrake 8.1, though I usually compile myself from source. I'd suggest giving it a look.
Interested in open source engine management for your Subaru?
They could save even more money and make their schools even better by encouraging students to work on the Free Software: the students learn about computer science and get credits, while the government gets some nice mail clients at no cost.
http://www.ietf.org/rfc/rfc0821.txt SMTP Spec
This one has been superceded by many later RFCs (1123 comes to mine immediately). However, if you adhere to it, you'll be miles ahead of many commercial programs.
Edith Keeler Must Die
Hi,
Living in this country that "supports open source" I am rather sceptically about the whole issue.
The German parliament was also "looking into alternatives for Windows especially Linux", they said. And a few weeks later it was announced that they had made a new deal with Microsoft who gave them some better conditions than originally offered. Linux was no longer an option after that. What do we learn from that: Linux makes a good argument when you want a good deal from Microsoft.
twm
Germany bans racist speech. Therefore they do not have Free Speech as unpopular speech is not protected. Protection of unpopular speech is essential to maintaining freedom. Freedom of Speech comes from a confidence that the government is correct. The ideas can be debated and you do not need to suppress the opposition to maintain power if you are in fact correct. If a government is not confident in the rightness of its ideology then it moves to suppress dissenting speech as that could be harmful to continued power. Thus the German government fears that egalitarianism is false, that it cannot be logically defended, and that racism may make more sense than equality.
Well, sure. I'm a commercial programmer, and I after a string of "bend over and take it" contract modifications, I now give my employer code that meets their standards and no more, i.e. it doesn't crash 90% of the time.
If we ever released our source, our competitors would find and publish all of the bugs in it, while ripping it off (sorry, "clean room re-implementing it"), probably wrecking my company and putting me out of a job.
Wait.. what's the downside again?
My personal experience has been that it's folly to mix work and pleasure. Don't do your hobby as a job, because you'll get screwed into working 80 hours weeks, and you'll end up hating it. So just get screwed 40 hours a week, and reserve your spare time for doing what you enjoy (e.g. open source projects), to your own standards.
If you were blocking sigs, you wouldn't have to read this.
The problem is of course that standardization in software is a good thing - but too much is a bad thing. I don't know that anyone has figured out where the golden mean is between the two poles. We obviously need some sort of standard software to run our computers, and we need some sort of quality assurance. Open Source certainly is a candidate to develop a standard (think RFC) - but in its present form the quality of software offered is uneven. (Some is extraordinary, some is crap.)
Perhaps the real way to develop a vendor agnosticism would be to actively support and have people on the goverment payroll contribute to the open-source development model. That way the goverment is actively looking out for its own interest, but in a way which supports communal development.
Which of course sounds good, but I have no idea what it would look like... or how it would play out.
In illa quae ultra sunt
Sarcasm passes you by then? You're so obtuse. Go look it up.
Also, too many people are not reading into the bill enough; there is a grandfather clause that does state that 'unsecure' hardware and software before the end 12month discussion period mandated by the proposed bill would be legal; sure, this kills the development of linux, so it's still scary, but preexisting linux boxes on the net could not be taken down by this.
"Pinky, you've left the lens cap of your mind on again." - P&TB
"I can see my house from here!" - ST:
if you don't release your code, you are afraid of people looking at your poorly programmed code
:o)
:o)
As a programmer, I can say you are 100% correct.
I've written some godawful code in my time (usually while learning a new protocol - like you I've written an SMTP server, but I've also written a POP3 server and HTTP server as well.. all as learning excersises...) and I'd never submit it to public scrutiny (of course, I'd never submit binaries either
But I've contributed to a couple of GPL'ed projects too - usually with code I'm pretty proud of... (except one Roxen module that I wrote while learning Pike - that one was just ugly as sin - I released it because people wanted it
Perhaps the real way to develop a vendor agnosticism would be to actively support and have people on the goverment payroll contribute to the open-source development model.
Hey, we could put Government funds into education and get the professionals there to develop open source software. I'll call up the Regents of the University of California, Berkley. Oh... Wait a minute...
In my opinion, if the government continues to fund software development then it should ensure it isn't under the GPL (BSD license springs to mind). After all, everyone who helped fund that software should have a right to it and not just those who also agree with the philosophy of GNU.
Fear: When you see B8 00 4C CD 21 and know what it means
The German government isn't too happy about the fact that at least of couple of the companies that write utilities used in Windows are associated with the "Church" of $cientology.
And given $cientology's record of infiltrating government offices in the US, Canada, Greece, France, etc, the thought of proprietary code gives them the creeps.
xenu.net
One line blog. I hear that they're called Twitters now.
The City of Turku, the oldest and one of the largest cities in Finland, is planning on a switch to Linux + OpenOffice in order to save the XP license money. Links here and here.
Escher was the first MC and Giger invented the HR department.
The government should ONLY be releasing software produced with public funds as Public Domain software.
My tax dollars should not be feeding anybody's political agenda.
Why do you think thats insane? The DOJ case is about some illegal business practices microsoft has been using in the past. The DOJ wants to punish microsoft for the damage this has caused (rightfully since it's illegal) and make sure it doesn't happen again.
Valid points, yet I guess my ethical (if certainly not legal) reasoning would be: Because in this instance, Microsoft is being rewarded.
If it has been, or is in the process of being, established that Microsoft used unfair and illegal means to advance itself into a position that they have become a (the?) predominate supplier of software to the U.S. government, then perhaps that relationship should be re-evaluated.
The fact that it goes on un-inspected is, yes, a bit insane to me.
But then who cares what I think? Just another schmuck voter am I.
http://www.petitiononline.com/SSSCA/petition.html
I have this picture of Tyler Durden saying
We are your network admin
We run your websites
We HACK while you SLEEP
Do _not_ FUCK with us
(-:
Theorem: "Racism is wrong"
Prove: German history 1933-1945
One of the tactics of the black hats seems to be to dig around for information from places, and perhaps in ways, which might not be quite so easy for them to get access to, when the white hats learn to use encryption as well as "they" do.
For example, consider mining an airline booking site to see which flights have special prices. This type of information retrieval might become better protected, because such information could lead to speculation about the human-density on the flight.
Consider also, that Europe, as Us, is devastated by every new MS worm that comes around. But if they'd only use SSL server encryption more widely, they'd be unbothered by such simple virusen. Managers will buy more servers, because SSL takes more horsies, (as every other form of encryption), users will share information in a more sensible way, the economy will rebound, etc., etc.. :)
I contend that the most interesting authorities built out of X.509, in any case objCA, sslCA, and objsign (from openssl docs and Netscape definitions), should continue to be widely encouraged. emailCA, perhaps is for the more mature organization, but an organizations email can sometimes be the biggest "hole" of all. It should be closed-up, in any good business activity, anywhere, eventually.
The point is, everyones already got this stuff. The playing field is even, and we have to fight dishonesty with the same tools as are being used to hide it.
Not to worry unless someone tells you to put your certificate on your head or your hand (right). Right?
Kind of makes me doubt the validity of it. As another poster mentioned, perhaps the German government is just trying to get a better deal from MS...
Under capitalism man exploits man. Under communism it's the other way around.
Sylpheed is really wonderful, a fine piece of software, with lots of potential...
But it ( sigh ) lacks PGP/GnuPG support...
You're absolutely right. Sylpheed is now perfect. :-)
I think your prove merely supports my theorem or do you think that enslavement and genocide of Native Americans contradicts that "Racism is wrong"? The stupid, fucking moron (oder frei übersetzt: Der dumme, fickende Hirnamputierte)
By your standards, its most probable I could claim every country in the world bans free speech in some way or another. Your analogy is flawed, and naive. Also; who wants racism? I'm sorry, but I am independant to what race(/colour/religion) someone is, and if you feel you have the right to harass or distinguish someone over it, then I suggest you slither back to the cave you formed from.
Protecting unpopular speech? You understand that people have commited suicide, not to mention mass murder over racist comments? Protection of the people first; the German government apparently seems to be getting the right idea by placing laws against this kind of horrible "speech". Anybody who is so inhuman to say these things shouldn't have rights themselves, and that is the key exactly. Inhumanity. People who would advocate or make racism (/racist comments) lack intelligence to the degree that they cannot recognize a fellow human, and thus put them down with stupid comments in some vague
Mutt is already standard (i.e. works on any terminal, including text-only), and secure (PGP/GPG/choose-your-flavour).
It seems to me the free software movement has stalled in the USA. Witness the harsh laws, government and corporate comingling, etc.
I've often thought the only way for open source to succeed is for "other-than-USA" countries to embrace it...the USA just has too many influence peddlers and special interests involved in government to make the proper decisions...not to mention a population of dullards who know little of law and less of history. Harsh, but I beleive it true.
It's really looking like it will be the forward-thinking countries outside the USA who are going to turn the tide against "zero choice" monopoly software.
Even though I might have to watch, rather than participate, I'd really enjoy seeing Germany (and hopefully others!) give Bill Gates and his illegal corporation a "boot to the head".
I hope the Germans decide to do this...it's very impressive to see people standing up and demanding freedom, liberty, and choice from their government.
Treatment, not tyranny. End the drug war and free our American POWs.
See my user info for links.
The City of bojmir, the oldest and one of the largest cities in Switzerland, is planning on a switch to Linux in order to sav licensing fees from linux.
Living in this country that "supports open source" I am rather sceptically about the whole issue.
Well, you should know then that the German federal government has already sponsored the development of one widely-used Open Source project: GnuPG.
Details are available in English und auf Deutsch.
This is for real. The German government has realised that it has no confidence that its internal communications are secure and it cannot have that confidence if the communications infrastructure is run by Microsoft software - because they have no way of telling if there are or are not US government-controlled backdoors in Microsoft software. They also cannot be sure that the encryption systems built-in to Microsoft OSes and applications do not have unintentional subtle flaws that make them much easier to crack.
With all the (understandable) paranoia over the Echelon system, it is easy to see why they want a solid encryption solution that is entirely under their control.
It has nothing to do with price or better license conditions from Microsoft. It is about having an encryption system that is widely-used, rock-solid and verifiably free from backdoors.
Even if Microsoft offered the German government a source license, how can they be sure that the released version of Windows and the source code that they are offered are equivalent? Quite apart from anything else, there are significant chunks of Windows that Microsoft do not own the rights to, and thus cannot provide under a source license.
So, let me repeat again: this is not about Linux vs Windows. It is about having a solid, secure, verifiable communications channel that the German government can have confidence in - confidence that they cannot have with Microsoft software.
Only if you're a dickhead.
-- Help Digitise the Public Domain at DP.
Why do all government projects seem to involve S/MIME and X.509? What's wrong with PGP and PGP certificates? They actually have some users and software support.
-- Ed Avis ed@membled.com
A good Joke about that is "gang und gäbe" with IT professionals: "If we (the germans) wanna take a wordwide lead in IT, we shouldn't try do so by focusing on the lousiest propritary american OS we can lay hands on."
Quite my position
OSS is cool, '133+, democratic and modern, and the density of tech savy people, due to the high education level (compred to USA) reaches critical mass well enough. Which means politians don't wanna out themselves as 'not tech savy' by not joining in the "oss is the future" policy.
I wouldn't be suprised if Europe realy takes the lead in IT tech by doing a solid amount of OSS lobbying.
BTW: IMHO, succes of Linux in Germany is also widely based on the famos SuSE Distro.
We suffer more in our imagination than in reality. - Seneca
Bundesamt für Sicherheit in der Informationstechnik
Loosely, that's "State Office for Information Technology Security." It's not an especially long German bureaucratic name.
BTW, the WWII Nazi spycatcher agency was the SD, an acronym for "Sicherheits Dienst." Try saying that three times, fast.
The German security agencies are puckering up and paying more attention lately. It seems they weren't concerning themselves much with immigrant international terrorists, but were concentrating on homegrown neo-Nazis instead. They're scrambling to catch up now (and doing a fairly credible job).
Oh, they looked out for all sorts of terrorists alright, but how are you going to identify somebody as a terrorist when the only unusual thing about them is that they (unlike most other students) paid their TV licence?
Lars T.
To the guy who modded me down from perfect to terrible Karma - Apple haters still suck
So is the US.
Lars T.
To the guy who modded me down from perfect to terrible Karma - Apple haters still suck
By the way: Anybody see a conspiracy theory in this? Sphinx... pyramids... Novus Ordro Seclorum, powered by Open Source technology.... and we all know that the Germans are always the bad guys, I mean why else would James Bond always fight big, bad, bald, bold Germans?
I don't know the word but I think it is illegal there. IIRC there is a law against jaywalking and the punishment (inflicted on the spot) is to have to stand with the traffic cop until he feels you've wasted enough time that you've missed the apointment that was so urgent that you had to take an illegal shortcut.
context that only their sad, small self could think of in the first place.