Slashdot Mirror
German Gov't, Free Software, and Secure E-mail
friday2k writes "There is a nice Article on Newsforge describing how the German Government moves ahead on looking into Free Software solutions for government agencies. And you need a standard, secure, email client for this." Basically, they are funding some good secure e-mail - but making sure that it works with stuff like Kmail.
Germany... Last bastion for open communcation? Give it twenty years... The U.S. govt. is doing it's best to shove the genie back into the bottle... Shouldn't this be a sign to them?
Project Ägypten will focus on making Open Source email programs KMail and mutt compatible with Sphinx
They're modifying KMail and mutt to work with Sphinx, not the other way around (as the post implies).
I would applaud this but would only suggest that open source developers not gravitate too closely to the governments of the world for cues and support in development of new security software.
They will order code they can understand and code they can master, and will want multiple accesses to encryption (such as back-doors) that truly render it useless in an intelligence capacity.
Give the government strong crypto controled by a single trusted admin. Distributing information and accesses simply opens the door to moles. The US government has seen several, such as Robert Hanssen and Aldrich Ames.
If an agent is communicating with a handler far away via encrypted email, not even the handler's supervisors should be able to override the encryption. Especially them.
Goat sex free since 2001
By doing this, they are saving their taxpayers a bundle (easily billions) by not spending so much on licensing fees from Sun or Microsoft. That money saved can go to greater things like making better schools, etc.
The article starts out saying that Congress wants to outlaw Open source via the SSSCA.
Perhaps congress should visit our German buddies and see how a switch to OSS can benefit the American public. A little bit of seeing what's happening abroad could go a long way.
The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
I would advocate that governments only use open source projects...
the fact that the DoJ was supposedly at war with M$, while at the same time handing over some of M$'s largest contracts seems insane...
I would almost call it a chuch/state issue...
The best thing I see coming out of this is the possibility of an entire governmental agency switching over to solely free software. At that point you'll have all types of employees all using free destop productivity software. Whatever word processor they use, it'll have to work well and have everything they need and want it to. Same with presentation, spreadsheet, database, etc. applications.
One thing I've heard repeatedly from various places is that there's no set of free software applications that meet the above requirements, pretty much forcing people to use windows. Once an entire agency is using free software, the government is going to have to pay for some company to create exactly what it is that they need for the desktop, and since it's open source, it'll be available to everyone. So there'll be a standard install of a standard, easy to use desktop and it'll come with all the applications a person needs to be an engineer, statistition, executive, or even just a secretary.
I see this as possibly the only way free software will get a good business desktop in the near future, and I can't wait for it to happen.
Mr. Spey
Cover your butt. Bernard is watching.
Cover your butt. Bernard is watching.
I'm gonna karma whore for a little bit, and c&p an email to the kmail developer's list that came in today. Text follows.
:-).
Dear list,
we are happy to announce that the German
"Bundesamt für Sicherheit in der Informationstechnik"
(Federal Agency for IT Security, BSI)
contracted us (Intevation, Klarälvdalens Datakonsult and g10 Code)
to make sure that Free Software for their email security
standard Sphinx will be created.
Sphinx basically consists of S/MIME, a PKIX compatible X.509
profile, together with certificate revocation lists (CRLs)
based on LDAP. The code developed will be modular
allowing inclusion in several MUAs released under the GNU GPL.
Part of the contract with the BSI is the inclusion in mutt
and KMail.
The initial project pages can be reached from the URL below.
We wanted to get the good news out to you as fast as possible.
Expect more information to get released on the website or on the
corresponding mailing lists.
We plan to do the development in an open manner suitable
for Free Software projects. We want to handle the project in a
way that it will leverage and add to the work of other developers
and ask for your collaboration. The BSI pays us to ensure that their
specs are followed precisely and the result passes strict tests.
This is the first time the BSI contracts for Free Software development
and the experiences they make will be important.
We will demonstrate the power of commercial Free Software.
www.gnupg.org/aegypten
So, basically they are adding ldap support (w00t!), S/Mime, X.509, and CRL support to Kmail and mutt, using the GPL and working together with the main developers to make sure it gets included. Very cool, if I do say so myself.
(and yes, I know there is already s/mime support for mutt, but iirc it is via a patch. dunno about ldap/x.509/crl, I use kmail
Hope that clears some questions up.
About 6 months ago I stumbled across an awesome GTK+ mail/news reader very similar in look to Netscape Messenger (and far superior to XFMail) called Sylpheed (http://sylpheed.good-day.net/). It'll handle as many accounts as you want, supports threading and image view through gdk-pixbuf, is extremely fast (and decently configurable), and I've never had it crash on me. Some distributions are starting to pick it up now, and it's included in Mandrake 8.1, though I usually compile myself from source. I'd suggest giving it a look.
Interested in open source engine management for your Subaru?
Hi,
Living in this country that "supports open source" I am rather sceptically about the whole issue.
The German parliament was also "looking into alternatives for Windows especially Linux", they said. And a few weeks later it was announced that they had made a new deal with Microsoft who gave them some better conditions than originally offered. Linux was no longer an option after that. What do we learn from that: Linux makes a good argument when you want a good deal from Microsoft.
twm
The City of Turku, the oldest and one of the largest cities in Finland, is planning on a switch to Linux + OpenOffice in order to save the XP license money. Links here and here.
Escher was the first MC and Giger invented the HR department.
One of the tactics of the black hats seems to be to dig around for information from places, and perhaps in ways, which might not be quite so easy for them to get access to, when the white hats learn to use encryption as well as "they" do.
For example, consider mining an airline booking site to see which flights have special prices. This type of information retrieval might become better protected, because such information could lead to speculation about the human-density on the flight.
Consider also, that Europe, as Us, is devastated by every new MS worm that comes around. But if they'd only use SSL server encryption more widely, they'd be unbothered by such simple virusen. Managers will buy more servers, because SSL takes more horsies, (as every other form of encryption), users will share information in a more sensible way, the economy will rebound, etc., etc.. :)
I contend that the most interesting authorities built out of X.509, in any case objCA, sslCA, and objsign (from openssl docs and Netscape definitions), should continue to be widely encouraged. emailCA, perhaps is for the more mature organization, but an organizations email can sometimes be the biggest "hole" of all. It should be closed-up, in any good business activity, anywhere, eventually.
The point is, everyones already got this stuff. The playing field is even, and we have to fight dishonesty with the same tools as are being used to hide it.
Not to worry unless someone tells you to put your certificate on your head or your hand (right). Right?
Mutt is already standard (i.e. works on any terminal, including text-only), and secure (PGP/GPG/choose-your-flavour).
It seems to me the free software movement has stalled in the USA. Witness the harsh laws, government and corporate comingling, etc.
I've often thought the only way for open source to succeed is for "other-than-USA" countries to embrace it...the USA just has too many influence peddlers and special interests involved in government to make the proper decisions...not to mention a population of dullards who know little of law and less of history. Harsh, but I beleive it true.
It's really looking like it will be the forward-thinking countries outside the USA who are going to turn the tide against "zero choice" monopoly software.
Even though I might have to watch, rather than participate, I'd really enjoy seeing Germany (and hopefully others!) give Bill Gates and his illegal corporation a "boot to the head".
I hope the Germans decide to do this...it's very impressive to see people standing up and demanding freedom, liberty, and choice from their government.
Treatment, not tyranny. End the drug war and free our American POWs.
See my user info for links.
Living in this country that "supports open source" I am rather sceptically about the whole issue.
Well, you should know then that the German federal government has already sponsored the development of one widely-used Open Source project: GnuPG.
Details are available in English und auf Deutsch.
This is for real. The German government has realised that it has no confidence that its internal communications are secure and it cannot have that confidence if the communications infrastructure is run by Microsoft software - because they have no way of telling if there are or are not US government-controlled backdoors in Microsoft software. They also cannot be sure that the encryption systems built-in to Microsoft OSes and applications do not have unintentional subtle flaws that make them much easier to crack.
With all the (understandable) paranoia over the Echelon system, it is easy to see why they want a solid encryption solution that is entirely under their control.
It has nothing to do with price or better license conditions from Microsoft. It is about having an encryption system that is widely-used, rock-solid and verifiably free from backdoors.
Even if Microsoft offered the German government a source license, how can they be sure that the released version of Windows and the source code that they are offered are equivalent? Quite apart from anything else, there are significant chunks of Windows that Microsoft do not own the rights to, and thus cannot provide under a source license.
So, let me repeat again: this is not about Linux vs Windows. It is about having a solid, secure, verifiable communications channel that the German government can have confidence in - confidence that they cannot have with Microsoft software.