Slashdot Mirror
Microsoft Battles Free Software at Pentagon
Spirit of Ishmael writes "The May 22 Washington Post is running a story under the headline Microsoft Fights Free Software at Pentagon. According to the story: 'Microsoft Corp. is aggressively lobbying the Pentagon to squelch its growing use of freely distributed computer software and switch to proprietary systems such as those sold by the software giant, according to officials familiar with the campaign.'"
Quoth the article:
Jonathan Shapiro, who teaches computer science at Johns Hopkins University, said: "There is data that when the customer can inspect the code the vendor is more responsive. . . . Microsoft is in a very weak position to make this argument. Whose software is the largest, most consistent source of security flaws? It's Microsoft."
As ye sew, so shall ye reap, I guess.
This article was so full of typical Microsoft FUD, but it hit one or two points very clearly:
The Gub'ment is savin' your tax dollers by usin' that open source Linux thingy!
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
Why dosen't the US develop an OS strictly for secure governmental transactions/use? The country definatly has the resources. The outcome would be a system that no one could just "install at home" and discover weaknesses. I'm sure there are downsides (and feel free to let me know)..but in my mind no existing OS (be it free or not) is secure enough for what uncle sam wants to use it for.
I think you missed the word Banned.
I am not aware that BK is trying to make your intake of Whoppers conditional of not eating Big Macs anymore.
Help fight continental drift.
The only way I can think of that using Free Software would "violate [Microsoft's] intellectual property rights" would be if their EULA or contract with their customer prohibited it. But that's not even a matter of intellectual property rights[1], that would be contract law (in the case of an actual contract, or if we assume that EULAs are, in fact, legally binding).
Now, I understand why Microsoft is trying to muddy the waters, but why in the world is the DoD playing along?
[1]Remember, the all-encompassing phrase "intellectual property" covers three nebulously-related yet disparate parts of the law: trademarks, copyrights, and patents. It does not refer to contracts, in the common usage of the term.
--
Runnin' around, robbin' banks all whacked on the Scooby Snacks...
Nothing at all, of course! It is perfectly normal and acceptable for companies, especially in a troubled economy, to pare back and focus on their core competencies. The Post article is irresponsibly making a fuss over Microsoft leveraging two of its well-demonstrated core competencies: lying to the government and subverting democracy. These essential skills are central to Microsoft's operation, and it's an abuse of free speech to present them as something dangerous -- worse, it might panic the consumers!
Unquestionably, it is "idiotic and inflammatory", as you point out, for the newspaper of record in our nation's capital to report on these perfectly normal goings-on. The matter of which development efforts are funded by our tax monies has no bearing whatsoever on the public interest. It may be safely left up to our trusted government agencies and their staunch allies in large corporations and special interest groups.
After all, what would we commoners have to tell them? They're the experts, and should be left to run the military and the government without any bother from us civilians. And under our sacred and inviolable system of government, power vests in the State, its Employees, and its Contractors -- not in the unwashed masses. For a so-called "newspaper" to "inform" us about the government's activities is nothing short of treason.
The selling point they are trying to use is simple American economics. I should say to begin with that I don't agree with MSFT's argument, but I do understand it. They are looking at open source as "free beer" and saying that is against the american way, and undermines the free market economy that we have so carefully built up. This was indicated by the article when they say MSFT is "in a long-running company assault on the open-source movement, which company officials have called "a cancer" and un-American". Of course that is not thier only argument, but in this case it seems to be the only one that actually is strait forward. The rest are the typical FUD, like the statement "some free-licensing regimes are antithetical to the government's stated policy that moneymaking applications should develop from government-funded research". Sure. I can't argue with that, that SOME free-licensing "regimes" are, but so are SOME proprietary software empires. Let's just pray that the people making the final decidions in the DOD are smart enough to listen to MSFT's admition that they are a threat to national security.
Sigs are out of style, so I'm not going to use one...oh wait..
Yes, opposition doesn't prevent a firm from being a monopoly. Consider the railroads in the 1800s: they were opposed by many (mostly those that needed to ship goods,) but they were still monopolistic because users didn't have a real choice of transportation vendors. The railroads used similar tactics to those of Microsoft today (incompatible hardware/protocols, discriminatory pricing, and exclusive partnership agreements.) In addition to strong-arming their customer base, the railroads also hired private "security firms" to hassle their competitors and detractors, spent large sums of money to lobby congress.
A vigorous opposition doesn't mean you are not a monopoly, but it does mean that your days may be numbered.
What is bad here is that he is an assistant secretary of defense and *THE* CIO for the DoD. He of all people should not be confused on this issue. He of all people, short of the president himself (who had better keep his campaign-donated nose out of this one, thank-you-very-much), has the most power to seriously fuck-up the growth of free software use in the DoD.
This guy is either exceptionally incompetent to have swallowed the MS bullshit hook, line and sinker, or exceptionally corrupt to have decided to throw his weight behind the MS worldview (and too stupid to keep his mouth shut about it when talking to journalists of the newspaper that took down Nixon).
When information is power, privacy is freedom.
Really, I would like to know if microsoft really pays the government taxes?
reason being that if they do not how come they are allowed to bid on this sofrware (ie penagon investing in something that america will not get a return on)
To that end, the Defense Department is now prohibited from purchasing any software that has not undergone security testing by the NSA. Stenbit said he is unaware of any open-source software that has been tested.
Hello! The NSA has their own freaking linux distribution. I don't think you can get more undergone than that.
When information is power, privacy is freedom.
(you might consider that absurd until you've seen some of the submissions made to the courts by Microsoft's lawyers)
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
From the article:
Among the most high-profile efforts is research funded by the National Security Agency to develop a more secure version of the open-source Linux operating system, which competes with Microsoft's Windows.
IANAProgrammer, but I think that if the good people working on the kernel would like to contribute in a huge, meaningful way to Linux AND to national security they could put their heads together and bang out an iron-clad version of Linux, contributing to the above project and developing a superior, open-source solution that could achieve three primary goals, all very desireable.
The only tool you've got against psychosis is experience.
From: Mitchell Maltenfort
To: letters@washpost.com
Subject: Relax, Microsoft, NSA has approved Linux!
Jonathon Krim's 5/23 article in the Washington Post, "Open Source Fight
Flares at Pentagon," ends with John Stenbit's murky assessment that the
DoD is presently barred from using any software not approved by the NSA.
The implication of the article is that Microsoft lobbying has contributed
to this position. Well, I would like to point Messrs. Krim, Stenbit and Gates, and anyone
else interested in a secure and reliable operating system, to a useful
URL: http://www.nsa.gov/selinux/. This site is where the NSA provides
Linux, optimized for security issues. If I may quote the web site, "Linux
was chosen...because its growing success and open development environment
provided an opportunity to demonstrate that this functionality can be
successful in a mainstream operating system and, at the same time,
contribute to the security of a widely used system."
So relax, gents. The NSA has approved Linux for your use.
He said that THEY are saying it; it was not his opinion. And in that context, he's right. Microsoft has claimed in the past that open source software is harmful to the economy because it is not paid for.
Nothing a user of Microsoft software can do, developer or otherwise, can possibly obligate Microsoft in the slightest. It's impossible. As impossible as trying to come up with a scenario where I somehow create a legal obligation for you based on the posting you just created.
I can make a derivative work with your posting and try to Open Content it, but all the means is that I had no right to Open Content your post in the first place. Nothing I do can aquire those rights by fiat. Nothing I do can obligate you without your consent.
This line from Microsoft angers me, because it goes beyond FUD, beyond number juggling, beyond threats, beyond monopolistic manipulation. It's not FUD, it's another three-letter word you may be familiar with: L I E . It's a flat-out lie. And they know it.
My question is, under the GPL, will they have to tell us what modifications they made?
From GPL:
What could the NSA do to compel them to show us what modifications they made?
Promote Linux as the premier OS for security. It's already good - make it damn near perfect.
Linux isn't engineered, developers' scrath their itches, if lots of people care about really high end security, it will get done, otherwise it wont.
Provide our nation's defense infrastructure with an open-source secure OS. The DoD is a BIG customer - keep them happy.
While the more linux users the better, no developers care about specific countries or how big a user might be.
Less importantly, shame the fuck out of MSFT. Prove these dicks wrong while they're still patching IE security holes twice a month.
There have been more events than you can shake a stick at where MS screwed themselves over, Linux just needs to be good in order to make MS look like a fool.
Also I should advise you that 1) the NSA has their own version of linux is has extra security stuff, and two, don't forget about *BSD. OpenBSD hasn't had a remote root exploit in 4 years or something.
Only dead fish swim with the stream...
Good grief, was it not less than two days ago that Microsoft claimed they could never release the APIs for Windows out of fear for the damage it would do to National Security?
One has to wonder how selling the Pentagon software with SEVERE, KNOWN FLAWS that threaten NATIONAL SECURITY is *not* treason... What ecaxtly could a spy sell to the U.S. that is worse than that?
"Your superior intellect is no match for our puny weapons!"
For once I'm rather relieved that Big Brother is watching...and realizing the point, and even helping the cause. Go USA.
CAn'T CompreHend SARcaSm?
The fact that MS can lobby the pentagon (the *pentagon* for crissakes) speaks volumes about how much corporations run this country. The pentagon should tell MS to fuck off - if they want to whine about it, they can make an appeal to congress or some such. The military is supposed to be insulated to some extent from this kind of crap.
If I were running the pentagon, I'd kick those slick backstabbers out on their asses -- "we'll call you if we have any questions".
XML causes global warming.
I had the pleasure of being taught by a Mitre employee as well as visiting one of their offices. They have a lot of intelligent people over their...I was amazed at how many of they employees had doctoral degree. It was like meet Dr. blah, Dr. yaho, Dr. joe. All day long. I highly doubt they are starving for contracts as they do a lot of work for NASA, Air Force as well as the NAVY.
-----
One is born into aristocracy, but mediocrity can only be achieved through hard work.
While reading your post, something just clicked...
:)
Microsoft has moved into the console market. Well, I think Linux should do the same. Start stealing away Microsofts marketshare with an opensource gaming console - the LBox.
It would be a huge hit. Buy an LBox, download the games for free!
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
A couple of things spring to mind. First:
My first reaction to this was "Suuure." But then it occurred to me that the word "systematic" is key. Have there been any systematic studies of security in open- vs. closed-source programs? I mean academic quality research -- with control groups, a clearly defined method for testing the security, with the results published in a peer-reviewed journal.
Emphasis added.
So, the DoD can't purchase any untested software, hey? Well great! They can have all the open source stuff they want, no purchase necessary. Obviously the regulation is in place to keep the government from using untested software, but I'll bet it was written with the assumption that you can't legally use software you haven't paid for. Open source distribution schemes don't require payment, which opens up a loophole. I wonder, could that be why open source systems have come to play a "critical role" at the DoD, as the article mentioned?
It really gets to be fun if you have spies doing the BSA audits.
Parent is troll..same story was posted before in other Microsoft related news. Replies on that post proved that the NT software was not at fault, but the third party written programs that were running on it.
Imagine buying that nice chunk of Hardware for $199 and being able to actually do something useful with it ... and the best part is, that MS is losing money on every sale. And that project is actually underway.
...
That only leaves to figure out what to use it for. The thing has an ethernet port, the gameports can probably be used as USB-ports given the right adapters, and there's Video/Audio out
"By the way if anyone here is in advertising or marketing... kill yourself." -- Bill Hicks
The great thing about source code is that compiling is hella lot easier than mixing ingredients and baking/frying/whatever. Sometimes you can even get pre-compiled binaries. Let me see a cookbook do that =]
What?
...is a long time officer of the Navy and works closely with the rather large IT staff at his base. In our discussions over the past year he has been telling me how more and more of their systems have been migrated to Linux, and that the entirety of the IT staff has been recieving Redhat training. He also reports that the Navy has plucked quite a few crackers out of federal prison to assist them in securing these new systems. The same reports (concerning Linux migration) echo from my friend in the Army.
This development is nothing new to the rest of the government. I can only hope that those in charge of the migration decisions have read congressman Nueva's brilliant peice of literature on the topic.
When I read about stories like this the impression I get is that Microsoft is desperate and is fighting a war they cannot win.
The best way to respond to Microsoft when they are in this position is to ignore them. By that I mean don't communicate with them. Refuse to take their phone calls, ignore email messages, throw faxes into the circular file, assuming of course that you have the power and authority to do so. This will have the effect of demoralizing the Microsoft employees tasked with preventing you from using non-MS products. This in turn will inhibit their ability to do this to others as well. At the end of the day anything that causes a Microsoftie to do a bad job is a good thing.
Lee
Muslim community leaders warn of backlash from tomorrow morning's terrorist attack.
When I worked in SCADA (Supervisory Control And Data Acquisition) a few years back, it was more typical than not to get source to the system. Many contracts required it.
Why? Because these systems were specified and expected to serve for 20 or more years. Without source, you can't expect it to be supported that long.
Also, the customers really liked the flexibility to hire just anybody to fix problems.
SAP provides source (is it just ABAP code or do customers typically get all the source to SAP when they buy it?) for the same kinds of reasons, I believe.
I have no experience in this area, but Mainframe customers often get complete OS source too, I believe. I've known several OpenVMS customers who had source licenses, also.
Not many Windows customers get source, from what I've heard. I think that source distribution was far more common 20 years ago and it's only been in the era of shrinkwrap software that it's diminished. Maybe it's a good idea whose time has returned!
I know a little about that, since I used to work for the competitor to the contractor that developed that software.
:-)
:-(
:-) ).
:-)
The fact of the matter is that the Navy, like any other large beuracracy, has all sorts of mutually-antagonistic factions that love or hate various systems more for internal political reasons than for their inherent value.
My old group (the Marine Systems division of Lockheed Martin - great bunch of guys and gals...) developed and maintained the engine control systems for all of the Navy's guided-missile destroyers. This class of ship has been around for a while, so it was originally developed using technologies that are incredibly outdated by today's standards. The sensible thing to do with such a system is to slowily modernize things, with an eye towards longevity and maintainability.
You first have to realise that Naval systems have to be way more reliable than your average PC. The open ocean is not kind to electronics, and warfare certainly isn't. The shock and vibration requirements are unreal (like 100G's). The sailors might all die, but the engines would be just fine. I guess the ship would be puttering around in a big circle in the open ocean.
Also, you must realise that it is considered a disgrace for a captain to have his ship towed back to port. Thus naval engine control systems have to be very reliable, or captains are very unhappy with you. It was not unheard of for our engineers to get woken up in the middle of the night and flown to a diabled destroyer via heliocopter to fix a bug, rather than have it towed in. So a "tow-in" bug is even worse than it sounds to an uniformed civilian. Nasty things happen that a peon like me doesn't really want to think about.
For that reason, the natural and sensible route is to update these systems using Naval-standard COTS hardware (HP/UX based), and to develop all new software in Ada (the only language designed for use in "life-critical" applications), using accepted (and time-consuming) software development processes.
However, there was an R&D branch of the Navy that was investigating use of all sorts of new unproven technologies. In this case, they were using C++, expert systems, common 'PC's, and lassise-faire development processes. Experimenting is what R&D folks should be doing, so that's all good. But these technologies are notoriously bug-ridden, compared to what we were using in the actual fleet. We didn't bid on the R&D stuff, (I'm not sure why), so it went to a competitor of ours who I won't name. (But who's initials are CAE
Now of course the commander who has the R&D folks under his command wants to see his stuff used, as that will validate his R&D group, and of course give him a good reason for an increase in funding. So he fights hard to get us thrown off of all future contracts, and our competitors on. But the other Naval oganizations have a lot invested in our stuff, and the captains are understandably leery of massive changes. It probably didn't hurt us any that our competitor was a Canadian company too. So its a big hard political battle, with us mostly winning. I'd like to think this was a victory of reliability and proven techniques over fashion and flash, but I'm not that naieve.
However, apparently they did manage to get the R&D system put on one ship as a test case. Probably it had something to do with CAE having a better position in Crusiers than us. Imagine the captain's displeasure, and our secret delight, when that system failed in the middle of the ocean and the ship had to be towed back.
The moral of the story is that you can probably get something thrown together with whatever's considered "cool" today and that might make it an easier sell, but if you *need* reliablity, you use Unix and Ada, and good software development processes.
(disclaimer: I currently work for a competitor to CAE in a different market.)
Mitre as an FFRDC means that they are not a commercial interest (like M$). Their job is to stop commercial corporations from taking advantage of the Gov't. I was disturbed to read in the report that DoD is now suspended from using software that has not been checked by the NSA. I hope that this applies to networking and web hosting software only . . . and that Mitre is on the task (as an NSA contractor) to test Linux and make sure it gets a presence soon in that front.
DoD has survived on a good bit of government owned software, that while not open source completely, has been open source to those that require it's use. The user groups of various packages are VERY able to influence the software throughout it's life. THere are drawbacks, mostly stemming from greed in the contractor world, because contracting (commercial) companies often get the job of maintaining this code for the user group. After the government people rotate out, then the commercial representation becomes the de-facto corporate knowledge, and pretty soon the government user group is at the mercy of the contractor. Contractors, much like any other business may become enticed by money and will base the growth of the software on keeping themselves employeed, which means growth, which means demanding ever increasing amounts of money . .
But in spite of this potential, it rarely gets out of whack because the users groups have a good number of contractors competing for the maintenance work too, so the market forces can keep it all in check. This kind of open source environment has been working for many many years at DoD, and will be preserved.
M$ is about to get their asses spanked right out of the government.
paul
The company also complained that the Pentagon is funding research on making free software more secure, which in effect subsidizes Microsoft's open-source competitors, Stenbit said.
Is it just me or is this quote complete and total crap. They could just as easily have said.
The open source community complained that the Pentagon is paying Microsoft for their software, which in effect subsidizes open-source's proprietary competitors, Stenbit said.
I hope that the Pentagon can see through how self serving and hypocritical that complaint is.
Dastardly
That particular piece of FUD was troubling to me, as it means that Microsoft thinks that the political climate is safe for them to say that publicly funded work should not be released to the public domain, but rather should be used to enrich a particular set of people (i.e., them).
It troubles me that people think they can make that claim in public, because it says to me that people are really buying this crap that in order to provide jobs for the middle class, you've got to mollify every little whim of the captains of industry. I don't think it's wise for government to alienate industry entirely, but it does need to make sure industry knows who's ultimately in charge. Time for some balance.
I believe the Free vrs Paid analogy could be served by comparing software (especially operating systems) to highways.
Are you getting a better service because you pay for the Turnpike? Or are the Freeways just as good?
Fact is you have to evaluate each on its own. There is a cost in time and money for using the Fee Based Highway (Time at toll boths and the money spent), but you genereally get there quicker. But not always.
Mark