Governments, Beyond the Open Source Hype

An anonymous reader writes "ForeignPolicy.com takes a look at Open Source as it applies to governments and some of the reasons that a governing body may or may not like OSS. From the article: 'Governments around the world are enchanted by open-source software. Unlike proprietary software, for which the code is kept secret, the open-source variety can be copied, modified, and shared. [...] Trouble is, the benefits of open source are not always so clear-cut. Software is too complicated a creation to be captured in rhetoric, and assertions about some of the technical benefits of open source fail to tell the whole story.'"

Its the money, first and foremost

[rob_squared]

Tell your citizens that its cheaper and they'll thank you for it. The details about where the saved monegy goes usually become obfuscated however.

Re:Its the money, first and foremost

[Drinking+Bleach]

Where does the tax-payers' money go? Well, I certainly don't want to see it supporting proprietary software while I'm 100% Free Software at home.

Re:Its the money, first and foremost

[Bogtha]

More importantly, not only is it cheaper, but the money that is spent on it goes back into the local economy rather than straight into the pockets of a foreign company, because the government have the option of hiring any local firms willing to do the work instead of simply whoever holds the copyright.

Re:Its the money, first and foremost

[jesterzog]

Tell your citizens that its cheaper and they'll thank you for it. The details about where the saved monegy goes usually become obfuscated however.

I work in a non-US government department. Our government has its own policy on Open Source (developed by another dept), which is non-committal but non-inhibiting, and little more than a document that describes the main issues with using open source. The public and politicians don't know whether we use OSS or not, and I doubt they care. (Except for one politician who released a press release on OSS once, but it didn't get noticed by anyone.)

When it comes to using OSS, we simply use it when it makes sense to do so. There's no iron fist reaching down dictating to us what to do, and I hope there never is. We give our users Windows desktops because that's what they tend to be most comfortable with, we run predominantly Windows servers administered by people who know what they're doing, and also have a few Linux boxes thrown in where it makes sense to do so. Any or all of this may change in the future, but I like to think that it'll change because we've decided it's appropriate to change. We use open source in all sorts of places for support systems. Usually it's because the open source apps available for those particular tasks do a better job, or are more reliably supported. We use a lot of closed source software, too, because sometimes there just aren't the OSS apps for the specialist needs that certain people in the department have.

Amusingly it's often easier to get help from an interested community than it is from a closed source distributor who's charging a large support contract. Personally I think that the main purpose of support contracts is to be able to attribute blame to someone else not having fixed a problem, but they're still needed with closed source because it's impossible for anyone else to fix the problem. It's probably every month or so that we come across Outlook or some other similar app displaying a weird behaviour, the company (Microsoft in this case) ignores it, and all that people in the community can say is that 'it happens for me too, maybe try this'. Open source is completely different. eg. I'm currently writing an in-house CA software, and the two projects we've found that are easiest to use for building this (OpenSSL and CryptLib), are both Open Source. They both have active communities, and I'm quite confident that if/when I have problems or find bugs with either, there would be an immediate response, whether it's fixing them, or telling me what I should be doing differently.

Open source and closed source both have their place, and I think it's great when governments develop an official awareness of them. In my own government, though, I really hope we never get forced to use one or the other for political reasons.

Re:Its the money, first and foremost

[xtracto]

Tell your citizens that its cheaper and they'll thank you for it. The details about where the saved monegy goes usually become obfuscated however.

No no no, it is not about the money, you see, that is what made the Icaza's e-Mexico project fail, because he tried to sell "open source" as a cheaper alternative.

The real benefits for open source software is in the freedom and openess, you see, with closed source, the taxes that people are paying can go directly to developers of OpenSource from the country OR they can go to fund certain projects needed by the government but for which there are no human resources.

What I mean is, imagine for example if Mexican government engaged in an open source policy, almost every government office has an "IT department" which varies from a small office with 2 persons and 1 computer to some really big and complex Comp. systems departments.

Now, usually a lot of people on this departments play solitarie (I had a friend who was in one of these jobs during university). Instead of that, they would be the ones that contribute, mantain and manage the open source projects used IN their offices, for example, in the Federal Consumer Office (the one in charge to cope with companies abuse), they may need a database system. INSTEAD of making a half baked Excel sheet, there would be a sourceforge.net project of a proper database system which will be used by ALL the offices from all the states/cities in the country. Same thing with Worker's database applications.

There are applications so generic that all the offices use, for example OpenOffice. Maybe (well, it is not maybe...) some projects will be so complex that instead of making the people maintain it the government would allocate some funds.

Now, from the view of the people, they would be able to download these programs and use them, as they are free!, so, at the end of the day, the taxes they [we] will pay will in some way return to them as enhancements in their software.

I wrote a more extended idea of that to someone called Miguel Sandino (or "tigris") who I believe is known in the O.S. circles (and is mexican), because I believe it is the way to indtroduce software to the government. It is really simple, as I see it.

Re:Its the money, first and foremost

[jacksonj04]

And you honestly believe a government will use OSS with no tech support?

They will either pay someone like Red Hat to have a support contract, or spend hundreds of thousands hiring in-house techs. Tax money will still go on software, it will just be a less obscure licencing system (How many versions does Vista and Office 2007 come in?) and a nice warm fuzzy feeling from using OSS. Notice the lack of F/

Re:Its the money, first and foremost

[caseydk]

Actually, some of us - http://dcphpconference.com/ - are working to demonstrate that there are many viable and useful projects out there and many of the most common/biggest projects out there have support available

Re:Its the money, first and foremost

[Dansteeleuk]

I never understood this argument. No support? Well, if you're using Open Source then go with the obvious way of getting support and development - Spend half of what your budget was going to be employing Coders and IT. Hell it'll be cheaper, and guess what, when they aren't fixing something they can be making it better.
And when you pay people guess where they work, and where the money goes? In your county/state/country.

Re:Its the money, first and foremost

[jacksonj04]

I never said they didn't have support, I just said for something like a government it won't come free of charge.

Re:Its the money, first and foremost

[gi-tux]

Who cares if they pay for tech support? Then the democrats can call it a jobs program while the republicans (speaking in US terms) can call it building business and everyone will be heppy for one short minute. Then they'll be off for their next conquest.

If it really works in the long run, which I believe that it would, it probably would boost business and it probably would put people to work in the long run as well. There are already many people employed to support the software that the government uses, so what would be the difference in them supporting Linux vs. Windows, or OpenOffice.org vs. Microsoft Office, or LAMP vs. IIS?

I once worked for an organization that was a local government mandated organization. The CEO and CIO of this organization at the time felt that using Open Source software was good for them because they could hire people from the community to support the software instead of paying people from another state or another country to develop and support software. They were self sufficient (actually put money back into the community usually) so it wasn't like they were spending tax dollars, but they felt that it was easier to explain the community, when there was a large community presence within the organization.

Would you rather pay someone to support OSS with your tax dollars or pay for Bill Gates next house or Steve Ballmer's salary? Would you rather pay someone to support PostgreSQL/MySQL or pay for Larry Elison's new yacht? Don't forget that if you are paying for Bill's house, Steve's salary, or Larry's yacht, you might also be paying welfare to someone that could be doing the job of supporting OSS.

Re:Its the money, first and foremost

[Drinking+Bleach]

I never said cutting off professional support, I just object to my tax money making Bill Gates, Steve Jobs, Steve Ballmer, et al richer.

Written by an ex-Microsoft employee.

This article is written by a Ms. Caroline Benner.

And if we look her up, we find...

Caroline Benner previously worked as policy researcher for Microsoft's Geopolitical Policy and Strategy Group

...as her only listed non-media job on at least one version of her bio.

Just saying.

Re:Written by an ex-Microsoft employee.

[jmorris42]

> Caroline Benner previously worked as policy researcher for Microsoft's Geopolitical
> Policy and Strategy Group

Ya know, I knew something like that was coming before I clicked into this article. The summary alone smelled of astroturf. But they do it because they realize while we will spot the paid 'independent scholarship' almost instantly the intended audience either won't.

Re:Written by an ex-Microsoft employee.

[Tim+C]

Perhaps she quit because she became disgusted with the way in which MS does business, and in fact the entire notion of proprietary software?

Perhaps she quit because she didn't think they went far enough, and was disgusted that they gave consumers as much freedom as they do?

The point is, who knows? It might amaze you to learn that not everyone who works for a company necessarily believes in the same ideals, and even if they did, people can change. On the other hand, maybe she is a true believer, and would never change.

Also just sayin'.

Re:Written by an ex-Microsoft employee.

[i_should_be_working]

Now it makes sense how everytime a benefit of FOSS was seemingly touted there was a "but" usually ending with "and proprietary software can also do this".

Even with an obvious example like FOSS being easy to localize to one's local language it was asserted that "Microsoft makes a living out of making its software customizable while still closely guarding its source code". Sure it can but it doesn't, at least not until it's profitable. Which is understandable, but with FOSS speakers of unpopular languages don't have to wait until translations to their language becomes profitable to some company.

Re:Written by an ex-Microsoft employee.

[Mikkeles]

In this case, they are honest about her credentials.
FTFA:

'Caroline Benner is a fellow at the University of Washington's Institute for International Policy. From 2001 to 2003, Ms. Benner was a consultant with the geopolitical policy and strategy group at Microsoft.'

Re:Written by an ex-Microsoft employee.

Absolutely. This is horseshit.

I write proprietary software; and I write it primarily for government organizations (and maybe some private companies, but they have yet to express an interest). No, I'm not willing to ID myself here, hence the coward bit.

Here's some more FUD for you: the article author makes an association between For-Profit Corporations and proprietary software, on the one hand, and no-corporation amateurs and F/OSS on the other.

I see this association all the time, and it annoys the hell out of me. Yes, it's convenient for the F/OSS evangelists, and for the proprietary reactionaries. But for people who want to see the free exchange of ideas (and thus the rapid improvement of software) and who want to see everyone, especially their clients, get the best software possible, this association is lethal.

It's quite simple: if big clients, such as governments and corporations, make "open source" a requirement, and pay more for the software (or pool as groups to commission it), more companies will produce open source software. If more companies do that, those big clients will find themselves paying for fewer titles outright, and instead commissioning customizations that make that software work well for them.

Yes, it's a stretch. But, at heart, "Open Source" is not anti-commercial; it is simply a different way of doing business. Incidentally, it is a form of doing business that predates the notion of proprietary intellectual property and is far easier to support legally.

Microsoft wants Office to be usable around the world. But Microsoft could still make money on Office customization and make it open-source.

Yes, I am insane.

Re:Written by an ex-Microsoft employee.

[goarilla]

it's odd they didn't mention that in the article

Re:Written by an ex-Microsoft employee.

[cp.tar]

Good one.

Governments could very well profit from Open source software, as well as the programmers hired to make it.

Just because it is Open Source, it doesn't mean that the work the programmers put in is free.

What it does mean is that:

1. Governments pay a single fee for a piece of software.
2. The source code of said software is also available, which makes the government vendor-independent.
3. The money goes to the local economy instead of a company which could buy the country I live in.
4. When you need something, you have someone do it. You don't wait for the next update & bugfix cycle.

But because of the omnipresent FUD, very few people in governments worldwide have any idea whatsoever about these things.

P.S.
5. ???
6. Profit!

Re:Written by an ex-Microsoft employee.

[Instine]

So? Does this mean anything. She could be allied or bitter, or a mix of the two as an ex-employee.

Re:Written by an ex-Microsoft employee.

[ponden]

>3. The money goes to the local economy instead of a company >which could buy the country I live in.

One example in Japan.
Scripting language ruby creator matz, is working on the company placed in Shimane prefecture in Japan(relatively small prefecture).

Shimane prefecture adopted ruby and the company to construct its web server. It may be the good way to enhance the local economy and appeal advanced structure of organization.
(Some of the major media reported the news.)

Just Astroturfing, don't Bother to Click

[jrbrtsn]

Caveat at the bottom says it all.

"Caroline Benner is a fellow at the University of Washington's Institute for International Policy. From 2001 to 2003, Ms. Benner was a consultant with the geopolitical policy and strategy group at Microsoft."

Your average computer user

[Blue6]

is not switching to OSS, until it works out of the box. Most people do not have the time or patience to work on getting NIC and video drivers working. Let alone the effort involved in getting mp3's, DVD's, and the what other have you.

Re:Your average computer user

[AuMatar]

THen they should be coming to Linux in droves. My last Windows install took 4 hours and required me to hunt for drivers all over the web, and reboot a dozen times. My last Linux install worked smoothly with all hardware recognized.

Re:Your average computer user

[linvir]

Dear Sir,
This is is not a story about desktop Linux. Please take your hackneyed flamewar with you as you leave.
Yours,
A plate of my balls

Re:Your average computer user

[MooUK]

Your average windows user didn't install it.

Re:Your average computer user

[AuMatar]

Try reinstalling the OS on one of them after it gets hosed (due to virus, spyware, or user error). 4 hours is lucky then.

Re:Your average computer user

[misanthrope101]

Many Linux distros already work better out of the box than does Windows. The only version of Windows that supports your hardware is the one that came with the computer--install from scratch with a plain Win-whatever disc and you'll be hunting for drivers all day, plus another half-day insstalling enough software to do anything other than surf the web.

If my HD dies right, then I can't just go to the store, buy a new HD, and re-install, because Sony just installed a hidden partition on my HD, and didn't give me restore disks. So I'm hosed for days or weeks until Sony deigns to give me a new disk. Or, I can install Linux, or a pirated copy of Windows. So which is better right out of the box?

Am I saying that Linux is better, by definition? No. But we have to admit that Windows is succeeding in the consumer space because of marketing and convenience, and in the business space because buying Microsoft makes it someone else's fault if the network or database goes off-line. Linux can be more complicated, and does involve learning, and if someone doesn't want to use it, it gives me no grief. But to give this reason--that it doesn't support the hardware like Windows does--is just false. Stick with the "it's too complicated" reasons and I'll leave you in peace.

Re:Your average computer user

[patio11]

I remember wiping Windows 98 for a few people with that trouble. Generally took about one hour for the actual install and another hour for putting their computer in a usable state (i.e. getting them back up and running with their daily-use applications set up). I can't believe XP has made that a much slower process.

Re:Your average computer user

[AuMatar]

If you're buying a Dell, Gateway, HP, etc, they use crappy no name hardware thats nearly impossible to find drivers for. Thats what you'll spend most of your 4 hours doing- trying to figure out whats in your box and getting it to work. I've ended up just replacing some HP stuff, I never did find the drivers for the modem on my sister's.

Re:Your average computer user

[kz45]

THen they should be coming to Linux in droves. My last Windows install took 4 hours and required me to hunt for drivers all over the web, and reboot a dozen times. My last Linux install worked smoothly with all hardware recognized.

I have never had this experience. Most XP or 2003 installs that I do (and I do at least 30-40 per week) need almost no extra drivers. If a problem does arise, a quick check of the vendor's website will almost always give you a download link to the driver. 4 hours is way to be long to be spending on one system. One hour at the most.

Linux has always given me hardware issues. The most is with wireless network cards. Many vendors also do not have driver support.

Re:Your average computer user

[srleffler]

Yeah, but Windows comes pre-installed on the computer. For your average computer user, that's a win. Zero installation time vs. an hour or two to find Linux, download it, and install it. Plus, the average user already knows how to run Windows. Why try anything else?

Unless computers are your hobby or your profession, there is really very little incentive to try Linux, from a user point of view. The equation may be different for a government or corporate IT department. For Linux' sake, I hope so.

Re:Your average computer user

[l0b0]

Your average computer user is not switching to OSS, until it works out of the box.

If you'd said "Linux" instead, I'd agree. But there's another issue: Many users will use whatever they get from the retailer as long as the computer is "usable" (in the non-geek meaning of the word). The easiest way to get a Linux distribution normally involves at least the following, even for a Windows literate person:

1. Choose a distro - Not easy for someone who's never used Linux before. And changing distro is a pain if you want to keep settings.
2. Download it - For users with normal download speeds, this still means hours of waiting, even though nobody seems to include that in the time costs. Includes downloading, installing, and learning to use BitTorrent or Firefox if you want to be sure that you don't have to restart in three hours.
3. Making a bootable CD from the image - Including downloading (or buying), installing, and learning to use a new program.
4. Setting up the BIOS to boot from CD, if necessary.
5. Installing, something many Windows users have never done themselves.
6. Learning new ways to do basically everything, including a googol of configuration file and command syntaxes ('something -man' instead of 'man something'; WTF?), googling forums instead of checking the sadly lacking documentation (at least in RHE4), and bug handling (consider 'download and compile from CVS, then send the dump of a verbose run' vs. Firefox).
7. Uninstalling and reinstalling Windows, because it was just not what you had expected.

Re:Your average computer user

[i_finally_got_an_acc]

I absolutely agree with you on this, Linux is cake to install compared to Windows. But the problem is, the vast majority of Windows users have never installed Windows. It came on their Dell. They don't use Windows. They use Dell. Of course, you can replace Dell with the PC manufacturer of your choice, but the point is the same.

Re:Your average computer user

[the_womble]

Are you including the time it takes to get Windows usable?

The least demanding possible user will need to install and office suite and anti-virus.

A lot of people will want some or all of: a good web browser, anti spyware, anti-adware, p2p software, messaging clients, graphics package, CD ripper, CD/DVD burder, PDF reader, etc., etc.

Re:Your average computer user

[drewsome]

I dunno. I've worked with Dell, Compaq, HP, IBM, and a host of smaller hardware maker devices, and the big boys like Compaq and IBM and Dell usually have their own drivers. It might be poorly packaged, like Compaq, but the drivers are almost always there. Sometimes I run into problems with older hardware, but that's not going to have XP installed on it anyway, for the most part.

FWIW, whenever I've had an XP installation go sour to the tune of 4 hours or more, it's been either because something is broken, or I've screwed it up.

If I were a foreign government

[MarkEst1973]

Why the hell would I want to entrust all my gov't operations, all my military, all my businesses' computing needs to a closed source, foreign (from my point of view) vendor... like, say, MS?

Ok, so your military doesn't run windows. Our military runs (or at least used to) Solaris and HP-UX... but those are closed source, too, and owned by a foreign entity.

In the end, open source provides me -- as a sovereign nation -- the ability to control the critical pieces of my own infrastructure.

That's how I (as a person) see it, anyway. Whether or not foreign governments agree, I don't know.

Re:If I were a foreign government

[drinkypoo]

Our military runs (or at least used to) Solaris and HP-UX... but those are closed source, too, and owned by a foreign entity.

Sun has been providing OS sources to third parties for forever and a day. I realize it's BSD-derived but even I have access to the SunOS4 sources. Someone actually using SunOS5, especially a government defense entity, should have little trouble.

Re:If I were a foreign government

[gnud]

I remember the norwegian military got a copy of the Windows source some years back (I think it was for W2000).

Re:If I were a foreign government

[Cheapy]

But then again, would you want your government and military running something that anyone could change?

I for one would rather have a closed source product, where people could be held accountable for their mistakes.

Re:If I were a foreign government

[rmerry72]

--> Why the hell would I want to entrust all my gov't operations, all my military, all my businesses' computing needs to a closed source, foreign (from my point of view) vendor... like, say, MS?

Because its a lot cheaper than writing your own - at least percieved cheaper - as is always the case with software. In the case of operating systems like Solaris, HP, and Windows (yes, even WIndows) the cost of writing from scrtach is enormous. You want your tax dollars funding a couple of thousands programmers, design and govenerment middle management for the next decade?

As typical on /. when the term OSS is thrown around it quickly runs down into a discussion about the free side of OSS. If you write it yourself it's always open source to you, you always matain control, and you don't pay maintenence to anybody. So why is OSS better than in-house?

Re:If I were a foreign government

[IHateChoosingAName]

How does having closed source software hold anyone accountable for mistakes made in it?

Re:If I were a foreign government

[Petrushka]

How does using open source software mean that anyone can change it? What, you think any member of the public can log on to a government server as root and start changing stuff?

Re:If I were a foreign government

[Eccles]

If you write it yourself it's always open source to you, you always matain control, and you don't pay maintenence to anybody. So why is OSS better than in-house?

Many, many companies need software that doesn't provide a special competitive advantage, it just keeps them going. As such, it behooves them to share development costs. This can either be done via proprietary software or OSS; in-house means you foot the entire bill.

Would you rather pay someone to fix a few issues you have with OpenOffice.org, or write your own office suite from scratch?

Re:If I were a foreign government

[rmerry72]

Many, many companies need software that doesn't provide a special competitive advantage, it just keeps them going.

As do many government departments. But this is about "control" of your software and assests, not about expedience.

Would you rather pay someone to fix a few issues you have with OpenOffice.org, or write your own office suite from scratch?

How is paying OpenOffice.org to fix a few issues with their products any different to paying MS to fix a few issues you have with MS Office? I thought one large difference between OSS and proprietory code was that I (or my team) or change the code. Paying somebody else is always an option, even the vendor themselves.

Perhaps the difference is there is a perception that buying a product like Office from a company like MS implies that I have already paid them enough to get a product I want to work the way I want. It "should" allow me to what I need and there should be few "bugs". Because we don't have that requirement of OSS then we wouldn't mind shelling out a few dollars for them to improve (as opposed to fix) their products.

Or is it that OSS teams are usually way more receptive to adding customers' suggested imrovements, whether money changes hands or not? Historically, the perception is, once you buy a product from a large vendor for lots of $$$ then they collect maintence and upgrade fees regularly but ignore suggested features from existing clients. You can't pay MS to add a particular widget to the Word toolbar, 'cause they'll just ignore you. Is that any different to large OSS projects where 99.9% of the other customers of the product don't need your widget?

Re:If I were a foreign government

[asuffield]

How is paying OpenOffice.org to fix a few issues with their products any different to paying MS to fix a few issues you have with MS Office?

The difference is that you can. When was the last time you found a bug in MS Office and actually managed to pay MS to fix it? Unless you are buying millions of units, they won't even listen to you.

Re:If I were a foreign government

[rmerry72]

The difference is that you can. When was the last time you found a bug in MS Office and actually managed to pay MS to fix it? Unless you are buying millions of units, they won't even listen to you.

As I said, MS will just ignore you. Why won't OpenOffice.org do the same? Reckon I can pay them to add my funky widget to the core distribution? Think not, not unless they agreed a proportion of other users would want it. Same deal: That's not an open vs closed difference, its about managing a stable set of code for distribution to a lot of people.

One of the benefits of OSS is that you can change the source yourself to put in widgets you like. Just like you can with your own code. Paying vendors to change code is always an option and aceptance into the code base depends on the same rules: size of user base, suitablility of new feature, target market etc.

Its just that most OSS projects are so much smaller than the big boys the "size of user base" factor is neglibile and they are more likely to accept change to grow that user base. I've worked at a number of small, closed source, niche shops and we always listened to our customers and incorporated new features if they were useful for the product and user base as a whole.

Re:If I were a foreign government

[howlingmadhowie]

you see, that's one of the main advantages of open source: you can theoretically know what it's doing. therefore it is impossible for someone else to change what it on your computer without your knowledge. with closed source the situation is very different. if you activate automatic updates to fix alleged security holes, you don't know what the computer is doing and you aren't allowed to know.

the eula attached to most closed source products makes it clear that you can't hold anybody accountable for mistakes.

basically, both of your points were diametrically opposed to reality.

Re:If I were a foreign government

[ems2]

US military uses Plan 9 for many of its services. Their new GPS system that was used in Iraq was based on it. Basicly it was a system there you could where everyone is with about 1.5s delay. Kinda of making real war more video game like - except people actually get hurt and die. :( The US government hires numerous Plan 9 developers. Most notably, Ronald G. Minnich.

Re:If I were a foreign government

[Cheapy]

Because they [i]would[/i] know who was the guy who made it. With open source, there's a chance that they would know. They might have a name (for open source), but they wouldn't have any other way to hold whomever accountable. With closed source you have an employee and their data.

Re:If I were a foreign government

[Cheapy]

Valid point.

However, they can still examine the source to find bugs with it. Hard to spot Buffer-Overflow soon turns into a nuclear missile launch. Hyperbole, sure, but it shows the point.

Re:If I were a foreign government

[Cheapy]

Did I ever say there would be an EULA? No. I didn't. I've written software. I didn't put the code online, so it's closed source. But there is no EULA. Closed Source Software does [b]NOT[/b] mean EULA-ridden. It also doesn't mean Microsoft.

The government would make it, if I had my way. There would be no EULA. There'd be none. Therefore, whoever coded the area that had a problem could be held accountable.

Remember, this is in theory, not 'reality'. It doesn't matter if "both of [my] points" are diametrically opposed to reality. It's in theory. Communism is great in theory, but it doesn't work in practice. Wikipedia shouldn't work in theory, but in practice it does.

Re:If I were a foreign government

[Cheapy]

...I hate mixing up the brackets.

Re:If I were a foreign government

[Petrushka]

Yours is also a valid point. In terms of intrinsic security I don't see much of an advantage either way; while it's theoretically possible to find a vulnerability in OSS that somehow no one else has ever discovered, it's also the case that if someone finds a vulnerability in closed-source software, they're not allowed to report it, so it never gets fixed. There are other issues with proprietary/closed source software, but I think that's the biggest one at present.

Author background.

From the "fine" article:

To put it another way... M$ shill!!

OSS isn't everything

[linvir]

In practical terms OSS is only relevant as a part of a wider policy. Brazil's Digital Inclusion (Google translation) is a good example. OSS barely even figures in the rhetoric for this. It's just one enabling factor.

This is how it's always going to be as well. Example: People don't move to Firefox because it's open source. They move to it because they're told it's better than IE, and they then stick with it because it's demonstrably better.

At the end of the day ideology is irrelevant to most people.

Re:OSS isn't everything

[Russ+Nelson]

At the end of the day ideology is irrelevant to most people.

You were talking about Open Source .... and then you switched to Free Software rhetoric.

Open Source isn't an ideology. If Open Source isn't (as you say) demonstrably better for you (yes, in part because of freedom), then you shouldn't use it. We won't think the worse of you, either.

Re:OSS isn't everything

[linvir]

Oops. Normally I'm quite good at keeping the two separate as well. What I really meant was that even though it's nice to sell the idea of open source using the ideological aspects of it, what with the main open source stuff being idealistic GPL'd Linux Free Software stuff, it's the practical benefits that really close the deal 'at the end of the day'.

And don't be so quick to assume that I'm just another one of those pesky anti-Linux fanatics. My point about ideology was intended to be objective, not another lame +5 Insightful dig at teh Lunix.

and this article says what exactly?

[DigDuality]

Nice to note that this is an ex-MS employee. But the person doesn't debunk a single claim, just throws out some "uncertainties" to muddy the arguement. And it's not just foriegn governments i'd worry about. I don't want MS or whoever having access to government records and information without anyone else's knowledge. Now it'd be product suicide if they did so, but it's still a risk i wouldn't want to take. The government, IMO, should use FOSS (or at least OSS) whenever they can unless a proprietary solution is the only solution IMO. Wasting tax dollars (200 per OS? 150 or more on an office suite?) so some overpaid secretary is some obscure department can send e-mails and print fax cover sheets all day is a waste that would be better spent on other tasks (or better yet, in the people's pockets).

Re:and this article says what exactly?

[flimflammer]

It would be more than product suicide if Microsoft decided to snoop some government documents. That's coporate suicide with prison time.

Curiously contradictory article summary?

[Angostura]

On the one hand the article summary claims:

"Trouble is, the benefits of open source are not always so clear-cut. Software is too complicated a creation to be captured in rhetoric"

While at the same time giving us a splendidly succinct piece of rhetoric:

Unlike proprietary software, for which the code is kept secret, the open-source variety can be copied, modified, and shared. [...]

Re:Curiously contradictory article summary?

[danceswithtrees]

I don't see how her argument makes any sense. You could just as easily have argued that

Trouble is, the benefits of proprietary software are not always so clear-cut. Software is too complicated a creation to be captured in rhetoric.

Re:Curiously contradictory article summary?

[init100]

Another interesting quote:

even the simplest software program consists of hundreds of thousands to millions of parts

Poorer Countries

[runlevel+5]

I think poorer nations have the most to gain from employing open source software. The lower real cost of obtaining and updating computer systems (when using open source options) enables them to build infrastructures that would cost many times more to operate with closed source OS's and apps.

Re:Poorer Countries

[dtsazza]

I think poorer nations have the most to gain from employing open source software.

Immediately yes, in as much as there's a zero purchasing cost, so they can immediately obtain software, where they may not have been able to afford a proprietary equivalent.

However, the real benefits of open source come with the ability to modify it to your own needs. Poorer countries are unlikely to have either the skilled developers nor the wage money to be able to make any concerted effort in this area. More affluent nations, OTOH, are more likely able to deploy whole software teams to 'customise' an open source starting base into exactly the software they want. As regards looking through the code for backdoors, etc., the article is (unusually) accurate in saying it's non-trivial, so you need developers for that too.

Of course, this is all above-and-beyond the main branch development carried out by the project's devteam, volunteer or otherwise. I suppose that F/OSS projects tend to be more open to feature requests that closed-source (especially for something/someone they believe in helping), so the poorer nations might have reasonable success asking others to develop their applications for them.

YMMV and it all depends on what the various nations are using open-source for. One thing I feel happy to conclude is that all nations, regardless of income, can benefit from F/OSS software in a variety of ways. Oh, and that the article is astroturf BS.

Re:Poorer Countries

[Blakey+Rat]

... except that qualified people to implement open source solutions cost more than those qualified to implement Windows solutions. Sure, the software's free, but the labor goes sky-high.

There are more things in heaven and earth....

[Kenja]

There are more things in heaven and earth, Horatio, Than are dreamt of in your philosophy.

Use the best tool for the job, regardless of philosophical ideal.

Which isn't to say that access to an application or platforms source code isn't a consideration when looking for whats best. Likewise budget is also a concern. But do not avoid a good solution, just because you feel that all software should be "free".

Re:There are more things in heaven and earth....

[Tom]

Use the best tool for the job, regardless of philosophical ideal.

Bzzzt, wrong.

Governments are based on ideals. Such as democracy, freedom, equality, whatever.

A tool that blatantly violates these should not be used by a government, even if it is the best one. For example, many governments have strict quotes for minimum numbers of disabled employees even though they would probably "function" better without.

Free Software is important because it prevents data lock-in. One of the main reasons for Free Software by governments is that you can't make electronic tax forms mandatory if using the system requires a proprietory software that costs money (such as Windos). It's just not the government's job to force people into the direction of a specific company.

Re:There are more things in heaven and earth....

[eln]

Sure, use the best tool for the job. Or, in the case of government, use the tool suggested by the largest corporate donor to the most influential Senator or Congressman in the subcommittee in charge of making the decision.

Open Source has trouble making inroads into government because Open Source has no lobbying power. Certain large open source providers may have some lobbying power, but it pales in comparison to Microsoft's. You may see certain corners of the government using OSS in certain limited circumstances, but I wouldn't hold my breath on having the entire US government declared an "OSS-only zone" any time soon.

OSS has a chance in smaller, less wealthy nations, but anywhere where the bureaucracy and the lobbyists who support it are well entrenched, OSS is not speaking the right language for anyone in power to hear.

And stop calling me Horatio.

Re:There are more things in heaven and earth....

[isilrion]

But, what if I don't feel that all software should be free, but rather, that I want to be free, and I'm willing to work harder for it?

And what if I feel that my country should be free, and I'm willing to work harder for it?

"The best tool for the job" is nice in concept, but when the best tool for the job attacks your freedom and your country's, perhaps one should think twice before appliying that label to the tool.

There may be more things in earth than are dreamt in any philosophy, but a government that is not willing to defend its citicen's freedom is no government, and such an aberration should not exist.

I just hope that in your quest for comfort you don't make me lose my freedom.

Re:There are more things in heaven and earth....

[kz45]

Free Software is important because it prevents data lock-in. One of the main reasons for Free Software by governments is that you can't make electronic tax forms mandatory if using the system requires a proprietory software that costs money (such as Windos). It's just not the government's job to force people into the direction of a specific company.

When using Microsoft products, how is your data being "locked-in". You can easily take data from a word or excel document and move it to any format. Openoffice can even open these documents. It doesn't sound locked to me.

Most governments don't care about free software ideals. They see the "free" and immediately associate it with no cost, which is not necessarily the case. Most open source projects need programmers to maintain them/fix bugs/add updates, which cost the same as or possibly even more than a support contract for a proprietary app.

It also doesn't really help that much to have the source. With either a proprietary app or an open source app, a company will start using an app and not change it that much over time. I've worked at a few big companies, and once an app is purchased and in place, things sometimes don't change for years.

The only thing you really save on is the cost of licenses, which is small in the overall cost of things.

Re:There are more things in heaven and earth....

[Blakey+Rat]

There are more things in heaven and earth, Horatio, Than are dreamt of in your philosophy.

You will understand that quote when you solve "what daddy is doing."

Too obscure?

Re:There are more things in heaven and earth....

[Tom]

When using Microsoft products, how is your data being "locked-in".

By being stored in a format I can not access without paying the MS tax.

You can easily take data from a word or excel document and move it to any format.

No, you can't. You can take the data, but it isn't easy. Yes, OO can open these document - thanks to endless hours of work by Free Software people who disliked the lock-in as much as I do. It's not Word exporting to OO format, remember? The ODF group came up with a Word ODF plugin, not MS. Again, there is a way out of the prison only because Free Software people built one.

Your point was what, exactly?

The only thing you really save on is the cost of licenses, which is small in the overall cost of things.

You must've missed the part where they explained the free in "free market". Hint: It's about me choosing where I spend my money. No choice == no free market.

Re:There are more things in heaven and earth....

[kz45]

By being stored in a format I can not access without paying the MS tax.

Last time I checked, open office was free (as in price)? Have things changed?

No, you can't. You can take the data, but it isn't easy.

Really? I can copy and paste it with ease or use various utilities available on the internet to convert to almost any format I want. It may not be easy for you, but that doesn't define data-lockin.

Your point was what, exactly?

My point being that many open source apps prove that Microsft isn't doing as bad of a job as people say. You say data locking, I call bullshit. Open office proves it. I can easily open up almost any microsoft format and get my data, without having to use MS-word, powerpoint, or excel.

You must've missed the part where they explained the free in "free market". Hint: It's about me choosing where I spend my money. No choice == no free marke

so what's your point? You can either choose a proprietary app or an open source app...There is your free market.

The sweet smell of plastic grass

[Bimo_Dude]

FTA:

Software, with its millions of lines of code, is so complicated that experts don't know for sure that open source has fewer bugs, nor can they say with certainty that having fewer bugs makes open source more secure.

It seems to me that this may be all the evidence we need of astroturfing. While I don't really know for sure if this statement is true, there is a glaring omission in the article where the author neglected to compare the time-to-patch for bugs between FOSS and closed software.

Re:The sweet smell of plastic grass

[Ithika]

nor can they say with certainty that having fewer bugs makes open source more secure

Well, that's a good one. "There's no evidence that our product, having more flaws than their product, is actually any worse."

Oh puh-lease.

Re:The sweet smell of plastic grass

[Dr.+Manhattan]

Software, with its millions of lines of code, is so complicated that experts don't know for sure that open source has fewer bugs, nor can they say with certainty that having fewer bugs makes open source more secure.

It seems to me that this may be all the evidence we need of astroturfing. While I don't really know for sure if this statement is true...

It's not, at least for the classes of bugs that can be automatically detected.

• The Fuzz test
• Coverity et. al.

Not necessarily. Decide for *yourselves*

[linvir]

Yes, there's some iffy stuff in there:

Microsoft makes a living out of making its software customizable while still closely guarding its source code.

But it's not the worthless astroturfing that some are rushing to dismiss it as:

Governments may be wise to choose open source. They just shouldnt count on it to do much more than what software does best: process the data of the information age.

Are we really so insecure in our convictions that the slightest whiff of Microsoft makes us cry 'shill'?

Re:Not necessarily. Decide for *yourselves*

[Russ+Nelson]

Are we really so insecure in our convictions that the slightest whiff of Microsoft makes us cry 'shill'?

It's not insecurity. It's not wanting people to be misled by non-facts.

Government Bug Reports

[happyfrogcow]

Bug reports about the government from it's workers, Whistleblowing, is now less protected.

Talk about closed source government...

Open Source is Really a Threat

[burningion]

Open Source is really a threat to most governments. Open source software gives everyone equal access to the same tools, regardless of social class. It threatens the entire model of top-down hiearchy, as open source is a means for equalizing all access to information and exchange of information. Anyone can put together an Apache webserver and begin experimenting with having their own website, for free. No need for expensive schooling, as information is freely available to teach yourself. This will become a "problem" for places like the US, where we utilize the leverage of patents and trade secrets to maintain our superiority in the global marketplace. As places like India and China quickly become more technologically saavy, our economic model becomes threatened. One of the biggest keys in the future will be the regulation of the internet, and the censoring of information. I believe the best thing for the global society is free and anonymous access to all (public) information on the net.

Make your own DemocraKey, and help spread the technology for free and anonymous access to all information.

Re:Open Source is Really a Threat

[linvir]

Open source software gives everyone equal access to the same tools, regardless of social class. It threatens the entire model of top-down hiearchy, as open source is a means for equalizing all access to information and exchange of information. Anyone can put together an Apache webserver and begin experimenting with having their own website, for free. No need for expensive schooling, as information is freely available to teach yourself.

I disagree quite strongly with you. All OSS does is to remove one secondary barrier to entry, and it's still only the social elites who have full access. Illiteracy and poor education remain, OSS documentation is hard to understand at the best of times for the most technical of us, and given that anyone can also get pirate copies of non-free software, the difference is looking pretty insignificant.

This is why I think open source is only worth a shit socially if it's part of a much wider process of social change (and why I support the $100 laptop project). Otherwise it's piss in the wind.

Re:Open Source is Really a Threat

[Petrushka]

In a broader way I think it is part of a much wider process of social change. I am not a techie; I am capable of installing an OS if the installation holds my hand through the process, but that's about the limit of my capabilities (I read /. out of interest, not professional interest, if that's a useful distinction). But, as a dumb home-user/end-user, I think I would always choose the FOSS option over the proprietary option, and I encourage my students to do the same. Not because of technical superiority: how would I know? FOSS and commercial proprietary software are generally pretty similar in their capabilities and quality. Rather, for reasons pretty close to the ones you reject.

See, I'm not one of the technical elite who can modify source code to do what I want. But -- I can report bugs. I have done so many times, and it is extremely empowering to know that that it is possible, that someone will pay attention, and that it has an effect, and that if you get things wrong someone will probably teach you how to get it right. One time I tried to report a bug to Microsoft; I gave up after half an hour, because unless you know exactly where to go before you begin, it's actually quite difficult to find a bug-reporting mechanism. Later on I found it, only to find that you have to have a Passport account to report a bug. I just checked and you still have to have a Passport account. Who has a Passport account?? Basically, I figured, Microsoft doesn't want to hear about problems with their software.

This difference in attitude has made me feel awfully insecure about using software that runs on proprietary/secret code. There are broader reasons as well: open standards like OpenDocument are a far more immediate incentive to use software that supports those open standards. I can't count the hours I've spent converting my files from archaic Word formats to later Word formats -- not to mention the countless hours explaining to colleagues and students how to do exactly the same. Now that is a very pressing and immediate problem that is faced by everyone who comes into contact with computers, no matter how technically capable they may or may not be. But now I know I'll almost certainly never have to do that again.

So, there are the reasons (of someone who doesn't work in IT and who has fairly limited computer skills compared to most who read /.) why I will probably always choose FOSS, other things being equal. And for most purposes, other things usually are equal. Even without being able to edit the source code myself, and without having the money to hire someone else to do it, it's obvious to me that it's a better way for things to work.

"Better" has nothing to do with it

[Enrique1218]

Foreign governments aren't necessarily embracing open source because its better, but rather it is not Microsoft or tied to any other US entity (Apple or Sun). It could because of nationalism, pragmatic foreign policy, or a national security issue. Whatever the reason, no government reasonably wants something as important has the operating system of their vital computers at the whim of company based in a foreign country and subject to its policy decisions. Open source is good because it is viable alternative, it is open, and they don't have to start from scratch which could take years of R&D. This isn't hard to understand.

Re:"Better" has nothing to do with it

[RockModeNick]

Aren't we already at the whim of foreighn companies to get the hardware to run it on anyway?

FUD

[penguin-collective]

Trouble is, the benefits of open source are not always so clear-cut. Software is too complicated a creation to be captured in rhetoric, and assertions about some of the technical benefits of open source fail to tell the whole story.

The story is pure FUD, full of trite generalities that are intended to create doubt in the reader's mind.

In fact, the situation is quite simple: we have two kinds of software, free and open source one, and for-pay and closed-source software. Without further information, free and open source software is the default choice, in particular when it comes to tax-payer funded purchases.

The burden of proof is on those advocating proprietary software, not on those advocating free and open source software. It is people advocating proprietary software who must demonstrate, in each and every case, that the costs and risks associated with buying software from a vendor is offset by clear and significant benefits.

Re:FUD

[KingMotley]

That's not the way it works. It's those that want to deviate from the norm/corporate standard that must demonstrate the benefits/cost of an alternative, and in many cases it must VASTLY outweigh the standard for it to even be considered.

Something being "Free" in itself doesn't make a solution the best one (or default). If I offered your company "Free" lunches for all your employees everyday, would they hire my services? What if I charged $5000 per plate I had to wash (and you have to use me for dish washing)? "Free" doesn't mean anything unless you also consider all the costs involved with such a purchase. This is something companies are very used to doing, and something that FOSS doesn't do particularly well on in most cases.

The fact is that linux is NOT ready for the desktop. It's come a long ways, and it will get there eventually, but it isn't. Without it being on the desktop, IT shops then have to decide whether it is worth having a single OS throughout the company (Windows) for all desktops, laptops, servers, and even some PDAs, or would it be more cost beneficient to have some machines linux and some machines windows. This entails having two completley different set of tools (Backup, maintenance, diagnostics, imaging), and atleast one more person in the IT department that is a linux person that can support, configure and maintain the linux machines. Then you have to retrain all the people that might need to use the servers (Network admins, email admins, web server admins, etc). You will either have to move some stuff to OS-agnostic software packages, or deal with the inevitable higher maintenaince of dealing with the interoperability issues. Usually, it does right at the point you say it's FREE (But we have to hire another $40,000-$80,000 IT guy to support it). At $30-$50 a license for Windows that most mid/large companies pay for a copy of Windows, it'll take a LOT of licenses to justify that single additional person. Not to mention that in a time when companies are trying to focus on their core products, it's a rather hard sell to try and explain why you need to expand you IT department to support something that has nothing to do with your product at all. Most accountants/CFO's see this a dilution of ROI, which is not a good thing.

I'm not against linux. It has it's place and it has it's uses, but advocate the right tool for the right job when appropriate. There is a lot more than just what is technologically "better" when deciding on what platform(s) a company uses. All good companies keep an eye on what will make it profitable (or more profitable), not necessarily what costs the least to buy, or even what costs the least in TCO.

Re:FUD

[m874t232]

That's not the way it works. It's those that want to deviate from the norm/corporate standard that must demonstrate the benefits/cost of an alternative, and in many cases it must VASTLY outweigh the standard for it to even be considered.

You are describing how many irrational organizations work. I'm stating how rational organizations need to behave.

The fact is that linux is NOT ready for the desktop.

The fact is that you're full of shit. Linux is technically superior as a desktop OS to both Windows and Macintosh: it's more consistent, less prone to security problems, more advanced technically, easier to install, and easier to maintain.

One can argue that there are non-technical reasons why a Windows or Mac purchase still makes sense. For example, I'm using a Macintosh laptop right now simply because OS X is preinstalled on it. And I have a Windows partition for the occasional Windows-only software. But none of those are intrinsic advantages of Windows or Macintosh.

IT shops then have to decide whether it is worth having a single OS throughout the company (Windows) for all desktops, laptops, servers, and even some PDAs, or would it be more cost beneficient to have some machines linux and some machines windows.

First of all, the idea that Microsoft ships a single Windows OS is a myth; Microsoft ships half a dozen different operating systems, some of them wildly incompatible. If you go with all-Microsoft systems, you are already running a multi-platform shop.

Second, in my experience, almost any Windows system you replace with a UNIX or Linux system in an organization, desktop or server, greatly reduces support costs.

Usually, it does right at the point you say it's FREE (But we have to hire another $40,000-$80,000 IT guy to support it). At $30-$50 a license for Windows that most mid/large companies pay for a copy of Windows,

No, usually, at this point, I point out that, in all the organizations I have ever worked, each Windows desktop machine has required about 10x the amount of IT support hours as UNIX or Linux desktop machines.

Windows systems are enormously labor, support, and training intensive. That is one big reason for getting rid of them.

There is a lot more than just what is technologically "better" when deciding on what platform(s) a company uses.

Indeed. But except for compatibility with some proprietary software and corporate inertia, Windows loses in just about every category: TCO, support costs, training costs, security, licensing costs, reliability, usability, consistency, interoperability, technology, business risk, upgrade costs, etc.

Re:FUD

[jesterpilot]

The fact is that linux is NOT ready for the desktop.
 
You mean, users can move or delete a doc without closing it; the 'button with the X-mark' has the same function in the file- and the http-browser instead of the contrary; you use multiple desktops to switch to another task instead of closing and reopening a bunch of doc's; clicking on an appointment in the diary selects the item instead of editing the name; security cannot be cheated by changing the extension of a filename; autocomplete is effective instead of annoying; creating a pdf is clicking on one button instead of sending an email to a server on the other side of the building;...
 
If that is what you mean with 'not ready for the desktop'; to hell with that desktop.

Your average government

[DragonWriter]

Is not your average computer user.

For one, its more likely to use a piece of software for decades and want to avoid concerns about the vendor end-of-lifing it, and have the resources (provided it has access to the source) to arrange its own support, so it has a lot more to gain than a consumer from OSS -- which, btw, is more than just Linux. While desktop Linux may not work "out of the box" as well as Windows (a debate for another time and place), plenty of OSS software does work out of the box as well as its commercial competition, and a lot of that is the OSS that a big purchaser like a government would be most interested in.

And an Uncertain Argument of Uncertainty ...

[rewinn]

From the article: "Software, with its millions of lines of code, is so complicated that experts don't know for sure that open source has fewer bugs, nor can they say with certainty that having fewer bugs makes open source more secure."

That argument proves too much. If it is impossible to be certain that any software is bug-free and/or in other ways insecure, it is all the more important that one be able to examine the source code.

...And the FUD-spreading site runs on what?

[orzetto]

Running a nmap -P0 -O foreignpolicy.com, you get among other things:

Device type: general purpose|media device
Running: Linux 2.4.X, Pace embedded
OS details: Linux 2.4.18 - 2.4.27, Pace digital cable TV receiver
Uptime 175.187 days (since Tue Dec 6 19:18:51 2005)

So it's open source, Linux, and running continuosly for 6 months. Ahh, the coherence.

Re:...And the FUD-spreading site runs on what?

[linvir]

Shame it's a worthwhile read and not actually FUD at all. Honestly, I have the word Linux branded all over my Slashdot account and my website, and apparently even I am viewing the world more objectively than many Slashdotters.

Re:...And the FUD-spreading site runs on what?

[The+Cydonian]

To be fair to Foreign Policy though, they mention this upfront in their blog entry.

Re:...And the FUD-spreading site runs on what?

[The+Cydonian]

OTOH, I have "Microsoft" plastered all over my skillset and work experience, and yet, I found it FUD-worthy when I first read it last weekend.

Now, there are some very valid points in the closed-source-versus-OSS debate, but Ms Benner raises none of them. All that she says is that software is more complex than you can imagine, so in all this grey area, you'd better stick to paid effort, rather than apparently part-time hobby-ist effort that OSS is.

Which, you'd think, is rather short-sighted and significantly misleading for two reasons:- a) "code manipulation", as she puts it, is a given for any large-scale deployment, closed-source or not, and b) most of OSS' growth is actually by corporations, such as Sun, IBM, Google, Red Hat etc. That is, lots of people work on this full-time.

Re:...And the FUD-spreading site runs on what?

[linvir]

Of your three quotes in the journal, this is the only one that looks FUDdy to me.

software is so complex that serious source code manipulation and maintenance is a high-cost endeavor, not a job one can plunge right into.

But the way you sequentially run through first the Fear, then the Uncertainty and the Doubt is quite convincing, so I more or less abandon my position anyway.

Heh. Take a look at the source.

[dbarclay10]

Caroline Benner is a fellow at the University of Washington's Institute for International Policy. From 2001 to 2003, Ms. Benner was a consultant with the geopolitical policy and strategy group at Microsoft.

Yeah. Take a look at the source. I wonder if maybe she's still freelancing for them.

Really all the article does is point out that there's no silver bullet. She does so by pointing out that there are "claims" about open source. That's it. She doesn't dispute the claims. She just says they're claims. Unsurprisingly, she also doesn't point to the evidence of the claims.

FUD stands for "fear, uncertainty, and doubt." This may very well be a simple, subtle form of doubt-sewing. Nothing actually inaccurate in the article, that I saw, but also called into question some faily well-proven FOSS benefits (such as a lower cost of ownership).

About the worst I saw was:

For example, they believe that the total cost of ownership of open-source software is lower than that of proprietary software because they avoid the expensive licensing fees that companies like Microsoft charge.

Actually, most people I know don't consider "Total Cost of Ownership." That's a term made up by Microsoft in an attempt to make FOSS proponents look like they're narrow-minded and that their conclusions were incomplete and "irrelevant to business." Everybody I know looks at "cost" - period. "Cost", by definition, without any modifiers, *must* mean total cost. "Partial cost" or "license cost" may mean something other than Cost, capital C.

Likewise, relatively few people I know think Microsoft licensing is the main cost in a Microsoft shop; the legions of sysadmins and helpdesk staff, as well as the lost productivity and downtime cost quickly outweight the (relatively benign) up-front cost of Microsoft software. Take a look at Red Hat's licensing - it's actually more expensive than Microsoft on most fronts. You make it up tenfold in reduced operating expenses, however, and you can save even more in operating expenses if you go with a more technologically advanced flavour such as Debian GNU/Linux (you also reduce the up-front procurement costs as well).

Bah. I can't believe I wasted five minutes debunking this Microsoft-shill fluff piece.

Re:Heh. Take a look at the source.

[KingMotley]

Actually, most people I know don't consider "Total Cost of Ownership." That's a term made up by Microsoft in an attempt to make FOSS proponents look like they're narrow-minded and that their conclusions were incomplete and "irrelevant to business." Everybody I know looks at "cost" - period. "Cost", by definition, without any modifiers, *must* mean total cost. "Partial cost" or "license cost" may mean something other than Cost, capital C.

Actually, the term TCO was made up by the Gartner Group in 1987. Cost by definition, without any modifiers, *must* mean cost. Any other assumption is wrong, and most likely just used to try and prove a point that you believe. Either you had no better proof, or you made the poor choice of using a false idea as a backup to your supposid truth.

You are of course, welcome to your own opinion. Everyone has one, but stating things that are either opinions or wrong as undeniable truths/must-be/can't-be-anything-buts doesn't help prove anything other than how bad your logic is, and why what you say can't be trusted.

Re:Heh. Take a look at the source.

[Petrushka]

Actually, most people I know don't consider "Total Cost of Ownership." That's a term made up by Microsoft ...

The IT services department at the university where I work did consider precisely that, specifically and explicitly, using that exact phrase, and chomped on the MS bait -- hook, line, and sinker. And, purely by-the-by, now they specifically and explicitly refuse to support Linux or BSD. (Oh, they support OS X; that's somehow "OK" -- it's just Linux that's not "OK". I wonder what kind of dealing went on to ensure that little distinction.)

Hire your own people.

[khasim]

This isn't just about control. This is about jobs.

With any closed source software not written in your country, you're importing it and sending your money to another country.

If you pour some cash into your education system and train up your own programmers to modify the Open Source code to suit your needs, you're investing in your own people. The money stays in your country. Those programmers pay taxes to you on that money.

And you've got to realize that this is going to be a very important field in the future. Do you really want your people left behind?

Re:FUD, FUDDER, FUDDEST

[rewinn]

From the Article... it is misleading to say that open source empowers people in ways proprietary software does not. Both open source and proprietary software allow you to change the behavior of a software program in significant ways without touching the program's source code

Those two sentences go beyond mere FUD to outright deception.

• It equates empowerment to changing program behavior without changing the source code, as if source code inspection for security flaws were of no significance; +1 FUD
• It ignores the possibility that modifying source code can be far more empowering more than tweakiing program behavior; +1 FUD
• It accuses OSS proponents of being misleading. +1 FUD

Bad doggie! No cookie for you!

The Article is NOT true (Linux excepted)

[i+am+kman]

No, No, No! The headline and much of the article is extremely misleading).

Sure, governments are starting to use Linux as the ONLY viable alternative to the hated Microsoft.

But that's it. While Linux is open source, open source is not defined by using Linux.

Much of the US government explicitly bans open source and I've supported 2 foreign government contracts that also had explicit anti-open source requirements. And they ban open source specifically because it is a potential security risk. In fact, it seems quite reasonable to question why the US (or European) countries would want to use open source code that may have been developed in China or even France (or others countries well known for their industrial espionage).

In any case, who the hell actually believes open source is MORE secure simply because they publish their millions of lines of code? Like ANY customer is actually going to look at the code.

Ok, before flaming, I agree some, well tested, well accepted, and well controlled open source with blessed versioning is more secure (probably MUCH more secure) because of exhaustive testing and support by real companies, but that's VERY different than arguing it's more secure governments can peek at the source code.

As a side note, open STANDARDS are a completely different topic and all governments want, love, and support open standards. Unfortunately, Open Source and Open Standards are very often confused by governments and government contracts.

That said, some countries like open source because it providesa competative advantage. For instance, China is rapidly excelling in HW production so open source acts to undermine the competative advantages more developed countries have built up in their commercial software industries. (That, and open source allows the Chinese government to insert all sorts of filters in place, but that's a different story).

Re:The Article is NOT true (Linux excepted)

[Stemp]

developed in China or even France (or others countries well known for their industrial espionage). France well know for their industrial espionage ?

Re:The Article is NOT true (Linux excepted)

[init100]

may have been developed in China or even France (or others countries well known for their industrial espionage)

May I remind you that former CIA director James Woolsey has publicly admitted to conducting economic espionage against their European allies. There are also alleged cases where European companies' bids on various contracts were undercut by American companies after receiving information gathered from intelligence networks, e.g. ECHELON.

• ECHELON article at Wikipedia. It includes references to other sources.
• ECHELON article at BBC.

Re:The Article is NOT true (Linux excepted)

[makomk]

In fact, it seems quite reasonable to question why the US (or European) countries would want to use open source code that may have been developed in China or even France (or others countries well known for their industrial espionage).

I'd say inserting code in open-source software for industrial espionage purposes would be very risky - you have no way of knowing who's looking through your code and might spot it and embarrass you by revealing it. On the other hand, doing the same thing with closed-source software is probably reasonably safe - not many people will be looking through the source code or object code, especially outside the company...

No FUD can stop Open-Source. Try again Mrs. Benner

>>Across the globe, politicians are embracing open-source software with grand pronouncements >>and great expectations.
False. It has less to do with the politicians. It has more to do with the real people who need this to happen. The inertia comes straight from software developers that believe in the common good and the synergy that can happen people share ideas and creations.

>>Although they are correct to identify potential benefits, software is far more complicated >>than their talking points, and it may disappoint those with outsized hopes.
I smell FUD(Fear Uncertainty Doubt)...particularly some seeds of UNCERTAINTY being disseminated in this statement. "It may disappoint...?"
The people open-source projects may disappoint are mostly "Microcerfs" such as Mrs. Benner herself
>>>Caroline Benner is a fellow at the University of Washington's Institute for International >>Policy. From 2001 to 2003, Ms. Benner was a consultant with the geopolitical policy and >>>strategy group at Microsoft.

>>>Trouble is, the benefits of open source are not always so clear-cut. Software is too >>>complicated a creation to be captured in rhetoric, and assertions about some of the >>>technical benefits of open source fail to tell the whole story.
MORE FUD.

>>"There are really two reasons that it is very difficult to know whether software is >>secure," says Stanford University computer scientist Alex Aiken. "The first reason is that >>even the simplest software program consists of hundreds of thousands to millions of parts, >>and potentially all of these have to be correct, or the system may have security >>vulnerabilities.
The same goes for closed proprietary software. Stalemate here Mrs. Benner.

>>The second reason is that we have no technology for systematically
>>checking that the parts are correct and fit together in a way that ensures security."
These are a work in progress. The same goes for closed proprietary software. Stalemate here Mrs. Benner.

>>The Chinese have a preference for open source because they distrust software that cannot >>be audited, a concern that became especially acute after the discovery of the phrase >>"_NSAKEY" (thought to refer to the National Security Agency) in the code of Microsoft's >>Windows software in 1999.
Mrs. Benner is certainly not scoring any points to support proprietary software by mentioning this fact.

>>Microsoft has sought to allay worries over trapdoors by allowing governments to peruse its >>code.
That said, the general public, the tax payers giving the money to the governments to serve them well are not allowed to look at Microsoft's source code. Microsoft is certainly not winning any points here either. Contrary to what some people may think, not all of the world's innovative software developers work for Microsoft or for the governments. The trapdoors might not be detected by anyone working for Microsoft or the government. Besides I find it arrogant to think that regular tax payers should not be allowed access to source code to see what Microsoft has delivered to the government considering the tax payers should be able to see what kind of value they are getting for their money. I am actually proposing that all Microsoft source code should be made RMS compliant (GPL) because that is the right thing to do. The work Microsoft did is ultimately all the tax payer's property.

>>>Furthermore, software is so complex that serious source code manipulation and maintenance >>>is a high-cost endeavor,
There are many pieces of open source code out there available to do whatever you can think of. If it doesn't do what you can think of, there usually is something close that you can use, make do with, or modify.

>>computer science is too young a discipline, and there is too much we do not yet know about >>software to be so sure.

Hm

I personally don't think the options you give are very likely.

OT: Story Tags

[LesPaul75]

Ok, so I see the new tags under each story. Now, how do I actually browse by tag? For example, how do I find all the stories tagged as web20? Isn't that the point of tags? I'm probably just not doing something right, but when I click a tag, it just pops up a little window allowing me to enter more tags.

Humans make tools to make tools to accomplish task

[khasim]

Not enough room for the final "s" in the subject.

Anyway, this "Use the best tool for the job, regardless of philosophical ideal" sounds nice ... and it may even be applicable for short term goals.

BUT ... we build the tools we use. If the tools that suit your philosphical ideals are not sufficient to the task, then make them sufficient.

It's only code. And governments have the money to hire the people to write the code that is the tools.

If there isn't an Open Source tool that will work for the project due next Friday, that's one thing.

But if you never start writing the tools as Open Source, they will never be available. You know what tools you use.

Penny-wise and future foolish.

[jbn-o]

Proprietors agree with you, which is why they're interested in cutting their prices or giving away gratis copies of their software to large-seat clients in exchange for locking government users into something that will pay off (both monetarily and in terms of control) in the future. Money is not and should not be the chief rationale by which these decisions are made or else more valuable points that pay off now and in the future will be lost.

Re:Penny-wise and future foolish.

[killjoe]

You can give away all the cheap or free copies you want. If you are forcing your customers to keep track of licenses then it's still costing them lots of money in manpower to make sure they are not out of compliance. In fact it add even more of a burden because the company needs to keep track of which licences were full price, which came with computers, which they got for free and which they got at a discount for accounting purposes.

It's a nightmare and one mistake can trigger an audit.

It's better not to have that headache at all

Re:Penny-wise and future foolish.

[Archtech]

I like the idea of "large-seat clients".

"Mr Big, I presume?"

Re:Penny-wise and future foolish.

[Tony-A]

If that argument were valid, we'd all be better off going back to the medieval guilds. No thanks.

If you have a perfectly competitive market (ie no lock-in), there is very little room for profit, and hence for investment in research and development.

Backwards.
That seems to imply that the reason for research and development is to be a fair way to apply some of the profits from your locked-in customers. I doubt that companies even start out that way. It would be nearly impossible to stay that way.
Margins are thin and your competitors have the edge in research. You can maybe stay alive a bit longer by remaining dumb. But the best research and development comes when your best chance for survival comes from disruptive advances in the technology.

A response for the non-techie

[grcumb]

Benner's article states:

'In a 2002 letter to Microsoft, Peruvian Congressman Edgar David Villanueva Núñez noted that, "Relative to the security of the software itself, it is well known that all software (whether proprietary or free) contains 'errors' or 'bugs' (in programmers' slang). But it is also well-known that the bugs in free software are fewer." Yet, ask computer security experts and they'll tell you that's not necessarily true. Software, with its millions of lines of code, is so complicated that experts don't know for sure that open source has fewer bugs, nor can they say with certainty that having fewer bugs makes open source more secure.'

This statement is true, as far as it goes. But it ignores something that's far more important than the opinion of a computer scientist: empirical evidence. No matter how you measure it, FOSS software is successfully exploited far less often than proprietary software. In many cases, the differences are striking. There are, for example, effectively no Linux viruses in the wild.

Even in cases where FOSS is the dominant application (like the Apache web server, for example) the number of successful attacks are so much lower that there is no effective competition from the alternatives.

So the key here is not whether software is provably secure (i.e. auditable) but that it's effectively secure. The difference here is subtle, especially to those who don't understand software. It's something crucially important, however.

There's another issue here that's at the core of the Free Software philosophy: process. The FOSS software development process is based entirely delivering quality software. In fact, development cycles and processes often sacrifice convenience for IT folks in favour of solid code. Proprietary software is almost always driven by business priorities which sometimes - but not always - put a low priority on software quality.

Another quotation from the article:

'There are really two reasons that it is very difficult to know whether software is secure [....] The first reason is that even the simplest software program consists of hundreds of thousands to millions of parts, and potentially all of these have to be correct, or the system may have security vulnerabilities. The second reason is that we have no technology for systematically checking that the parts are correct and fit together in a way that ensures security."'

Both of these points (that even simple software is hopelessly complex, and that there is no systematic way to test intereactions between software) are inaccurate. It's like saying that human bodies are composed of billions of cells, so we'll never be able to measure a person's health.

Unix-inspired systems usually use a 'toolkit' approach, in which a number of small, special-purpose tools are brought together to perform complex tasks. The result is that each individual part is very well understood and performs its task(s) in a clear fashion. So, while it may be true that it's hard to document every possible interaction between software elememts, that's not nearly the problem the writer makes it out to be.

The article concludes:

'Software becomes more interesting--indeed, rhetoric-worthy--when it promises a better future. Open source may well deliver that promise, but computer science is too young a discipline, and there is too much we do not yet know about software to be so sure.'

This is a silly argument, especially in an article that claims to compare two alternative approaches to software. Computer science is not a young discipline, even if you compare it to physics and mathematics. The fundamentals of computing were understood even before we had computers to test with. The assertion that we just don't know enough is just plain wrong-headed.

Furthermore, even if it is true that we don't know enough, shouldn't that be an argument in favour of open source, where at least nothing is deliberately hidden?

Most big "foreign" software vendors are US

[rmerry72]

... as are most of the body shops that install and implement these projects. There only foreign if you live outside the US. Following that logic shouldn't the US governments be supporting their own US economy and buying more software from the big boys?

Re:Most big "foreign" software vendors are US

[Bogtha]

There only foreign if you live outside the US.

Erm, yes. What's your point? You do realise that most people live outside the USA? And that when the article talks about governments around the world, they aren't just referring to the USA?

Following that logic shouldn't the US governments be supporting their own US economy and buying more software from the big boys?

I don't see why. I identified an advantage that open-source has for most governments. If the advantage does not apply to a particular government, that doesn't mean the proprietary alternative is automatically better, it just means that they are equal in this respect. Think about it - it would be reduced to a choice between local companies (open-source) and local companies (proprietary).

PS: To make yourself appear more intelligent.

Re:Most big "foreign" software vendors are US

[WilliamSChips]

Not for any local government(and there are a lot of these in the US) other than Washington's and Redmond's. And for the national government, until Bush exits we have more pressing things to deal with.

Re:Most big "foreign" software vendors are US

[rmerry72]

Think about it - it would be reduced to a choice between local companies (open-source) and local companies (proprietary).

So you're point is about foreign and national companies. City governments should only invest in companies head-quartered within that city (ie, local economy), eh? It doesn't seem to be about open-source vs closed-sourced, rather national vs local. That's a different discussion.

Yes, both open-source and closed-source products should be weighed appropriately, and yes, I agree, that for products from foreign companies "control" of the code is an issue and should be considered above and beyond money. That's a key discussion about sovereignty and opens-ource has the advantage of "if we go to war with them we can still support our systems".

But only at a national level. Are you worried about your state or city govenment "giving control" of some vital infrastructure software to Redmond or Silicon Valley? Or are you just worried about jobs moving over there (and then on to India)?

Re:Most big "foreign" software vendors are US

[Bogtha]

So you're point is about foreign and national companies.

Let's clear the terminology up. I understand "national" companies to be companies that are partly controlled by the state. Given that we are talking about trade between countries, I used the word "local" to talk about companies owned by citizens of the country in question. I am not differentiating between different areas of the same country.

I'm saying that, all other things being equal, open-source software allows governments to get software work done in such a way that the profit is earned by people residing in that particular country. Proprietary software, on the other hand, forces at least some part of that profit to go to the shareholders of the company that holds the copyright to the software, which - for most governments of the world - means that the government is giving money away to other countries.

You see, if a government spends money in such a way that the money goes to the people in that country, the country doesn't get any poorer. But if it spends money in such a way that the money goes to the people in another country, it does get poorer. Buying proprietary software services makes a country poorer if that software is imported. Buying open-source software services does not make a country poorer because there's no need to use foreign companies.

for products from foreign companies "control" of the code is an issue and should be considered above and beyond money.

Well yes, I should hope that software required for a country's infrastructure should come with buildable source code, but that's not at all what I was saying, and it's unrelated to open-source. Open source doesn't just mean access to the source code..

Are you worried about your state or city govenment "giving control" of some vital infrastructure software to Redmond or Silicon Valley?

Certainly. Why wouldn't I? Are you assuming I'm from the USA?

PS: To make yourself appear more intelligent.

Because it works

[porkThreeWays]

I work in municipal gov't in Florida. We use a lot of open source software in our organization. Why? Because it works. It has little to do with money. I've never been denied money for software if I can justify it.

"Enterprise" software has never really impressed me. A great deal of the time, the guy on the other end of support is no more knowledgable than me of the product. That is when you are lucky enough to get someone who speaks english natively. So what's the point for lackluster support? (Hardware is the exception. Many service plans can guarantee you a new server in less than 4 hours).

Highly specialized software generally has an unreasonable amount of bugs. We have one dept that has "enterprise level software", that I'm in the process of rewriting its so buggy. It's almost as if this company has no regression testing procedures in place.

And it's always a lot of fun paying 2,000k a pop for marginal glue code between applications. God-forbid that gluecode break one side. You'll get thorwn into a fun blame game of each company blaming the other. You need complex glue code? That'll be $10,000 and 6 months. You'll also recieve a windows front end in tk with extremely complex install directions. Minor versions are incompatible. You can never patch that box because xp sp2 will break the very customized non-standard registry settings.

People can spread all the FUD they want about open source, but I use it on a daily basis whenever I can. I have control over it and things just work. It's comical to see some of the rediculous things that go on in the closed source community. I like being able to change the ip address of a server if I have to. I don't need a license holding me back from doing that.

Re:Because it works

[nstlgc]

It's comical to see some of the rediculous things that go on in the closed source community. I like being able to change the ip address of a server if I have to. I don't need a license holding me back from doing that.

Well, in the closed source community, we just put that kind of stuff in config files instead of in the source code. You should try it.

People can spread all the FUD they want about open source, ...

"... and I will do the same about closed source.". Yeap. I noticed.

Re:Because it works

[JourneymanMereel]

Well, in the closed source community, we just put that kind of stuff in config files instead of in the source code. You should try it.

I've had plenty of instances where an IP address can certain by changed... as long as you don't want the software that runs on that machine to keep running. This is mostly due to licenseing, not a lack of source code, but I dislike asking 5 different companies if it's OK to change the IP address of a license server.

Re:Because it works

[porkThreeWays]

It has nothing to do with the IP address being in the source code. For licensing reasons, many companies tie a product to an ip address and if you change the ip address on the machine you lose the license (and have to call them up and spend a good few hours trying to straighten it out)

You can spin anything

[EmbeddedJanitor]

You might be able to show savings on a spreadsheet, but it is easy to put a spin on anything since it is not just straight costs, but perceived cost/benefit with disregard for hard facts. For example it would be easy in the current xenophobic paranoid USA climate to say "Sure we could save $200 million (or whatever) by switching from MS to Linux, but then we'd be using a Finnish operating system and they're communists! We can't have our Christian Nation being enslaved by dangerous Communist deviants and open code that Al Qaeda can modify if they so wish."

It is also easy for geeks to forget that most people don't even know what software is. Voters are far more interested in other issues like reality TV, tax, terrorism an whether or not the prez is getting blowjobs.

not quite

[misanthrope101]

No one opposes OSS because of the reasons you give. They aren't trying to hold down the proletariat by keeping them ignorant of computing. They distrust it because it isn't based on the greed model, so they can't fathom where it came from, what motivates it, etc. It's just too disorienting to be told that a bunch of hobbyists put all this together because they wanted to, and gave it away. All the rich people like Bill Gates and Ralph Ellison, the very people who govt goes to for "expertise" (because they're rich, they must know what they're talking about, right?) tell them that OSS is comprised of a bunch of wacko communists whose ideas are bad for the nation.

That is where the perceived threat is--government listens first and foremost to the rich people, because of the assumption that is what is good for the rich people is good for the nation. There is no Marxist or Kafkaesque plot to keep the poor away from quality software.

We want the feds to use open source

[pestilence669]

Once OSS becomes commonplace in divisons like the IRS, congress will be much less likely to pass bills that jeopardize operations (like tax collection). Their adoption almost ensures continued protections for the GPL and the open source community in general. If only they'd start giving tax breaks to OSS developers for performing a patriotic duty... I can dream, right?

Oh, good, the "It's so complex" argument

[Mateo_LeFou]

It's impossible to tell how many bugs pieces of software have because they're so complex. In other news, it's impossible to tell which animals are smarter because brains are so complex.

"auditing any source code in order to ensure there are no security vulnerabilities is nigh on impossible"

True, if the auditor is a government, even a large, well-funded government. If the auditor is the entire computing population of the earth, it's easier.

Which gets us full circle: the way you find faults an exceedingly complex device/program is to drop it onto as large a population as possible; put it into service in as many widely-varying situations as you can, and the overall uptime stats will show you which pieces of gosh-this-is-complicated software are most stable. EOF.

security of open source

[bananaendian]

who the hell actually believes open source is MORE secure simply because they publish their millions of lines of code? Like ANY customer is actually going to look at the code.

Apparently everyone else but you...

The keyword you missed is 'inherently'. Having a lot of independent eyeballs on the code is essential priciple for locating bugs and avoiding backdoors. That's why even proprietary software companies pay for 'verification' by 'independent' certifiers. And there is not a single closed encryption algorithm in the world that is considered secure. There is simply no security in obscurity.

Your disclaimer is no excuse for this FUD where you imply that somehow adversaries could slip compromising code into open source projects used in government contracts. The chances of such code remaining unnoticed is much less than in proprietary projects where you merely have to bribe one key developer. And nobody runs mission critical things off latest source trees anyway. The blanket ban on all 'open source' software is likely a kneejerk reaction by uninformed byrocrats. Or perhaps they're already owned by the vendors and private companies the contracts predictably go to.

Re:security of open source

[drsmithy]

The keyword you missed is 'inherently'. Having a lot of independent eyeballs on the code is essential priciple for locating bugs and avoiding backdoors.

Only if the eyeballs are any good and are actually interested in looking at the code.

It's a bit like the draftees vs professional soldiers situation.

A small, well trained group of code auditors will be far more effective at finding coding errors than a large group of amateurs - and they'll do it even in code they have no personal interest in.

Re:security of open source

[TheDreadSlashdotterD]

A small, well trained group of code auditors will be far more effective at finding coding errors than a large group of amateurs - and they'll do it even in code they have no personal interest in.

So THAT explains why M$ had to rewrite a large portion of Vista!

Re: security of open source

[howlingmadhowie]

as it is a fact i'm sure you can come up with an example.

Open Source isn't about cost. It's about soverign

[Russ+Nelson]

Open Source isn't about cost. It's about getting your soverignity back.

Re:not the us airforce

[mikerm19]

The military (especially Air Force) have a very backwards network management. Because it is open source, they think that automatically equals insecure. The Air Force have horrible, horrible network administrators (I speak from experience). The fact that such sites as Apache are blocked really doesn't surprise me. Ignorance is bliss right?

Re:Open is not Technical.. typical Microsoft FUD..

[gcauthon]

This is one of the most insightful comments in this thread. Too bad I don't have mod points available.

TFA: Not a former employee

[Kanaka+Kid]

The article does not, IMHO, diss FOSS so much as say that FOSS is a viable alternative to closed source software; however, some purported reasons for adopting FOSS may be difficult to implement. For example, checking source code for backdoors. Without lots of programmers working for a---relatively---low wage. A government will have a difficult time checking for backdoors without available programmers. China and India could perform the check easily (lots of low cost programmers), although Vietnam, Cambodia, Nambia, Sudan, etc. might have a more difficult time (low cost labor force, but no programmers).

The author also identifies the support for FOSS by IBM and HP, and identifies their contributions to FOSS.

Finally, TFA identifies the author as a consultant to MS, not an employee. Big, big difference.

Re: sorry if I flinch after being hit 19 times.

[Maxo-Texas]

I agree... the 20th time COULD be legitimate information.

Nah... after almost (or is it over?) 20 years of this crap (DOS aint' done til Lotus won't run...), there is no longer any doubt to give the benefit of.

Not the first time

[Tablizer]

Software is too complicated a creation to be captured in rhetoric

That didn't stop them from jumping head first into Java and OOP. Even if you like OOP, you have to admit that there was very little verification of promises going on before big companies went for it.

Get the Facts, She's a Shill.

[twitter]

From the fine Article:

Caroline Benner is a fellow at the University of Washingtons Institute for International Policy. From 2001 to 2003, Ms. Benner was a consultant with the geopolitical policy and strategy group at Microsoft.

Just what does a software company need a Geopolitical Policy and Strategy Group for anyway? Gobal FUD? Creepy, and she's got a long history of M$ apologies and FUD to her name. Let's review,

• Not embarrassed by M$ virus penetration of Pentagon systems or disruption of NASA communications endagering the Space Shuttle and five months before the 9/11 attacks she tells us not to worry about cyber terrorists because the mighty M$ can deal with such unskilled attackers through patches., " time and access one needs to create a devastating attack, like crashing an airplane. In "Six Nightmares," Lake doesn't consider the checks that protect infrastructure from such threats. He also fails to ask an obvious question: If there are so many malicious hackers at work (19 million, by Lake's count), why have their attacks been, by and large, fairly innocuous?" M$ forsight. Let's review what happened next:
  • 9/11 demonstrated to the world that there were indeed many well organized terrorists wanting to harm US citizens and how venerable rescue efforts were to disruption of communications.
  • US Government drafts defense plan
  • Chinese attack plans are revealed by the CIA
  • Still M$ languishes and languishes working on DRM and other lock out crap.
  • M$ incompetence contributes to the biggest US blackout ever by disrupting critical company communications and overloading network. The whole thing could have been prevented.
  • North Korea launches cracker schools.
  • The US Air force Mission is updated to include net dominance
  • US Government turns to superior Free Software
  • Home and business users lag, causing havoc in hospitals, threatening medical and accounting records and creating a hotbed of exploitable computers for spam and spam and spam and denial of service attacks used against EVERYONE.
• 2004 apologies, security is too hard! Duhhhhh, if M$ is not up to task no one is, right? Wrong.
• The FUD rolls on to this day check out Her new Blog! as she spews forth Pressing Questions.
  • Get the facts about how expensive and non free software is helping India and other developing coun

Re:Get the Facts, She's a Shill.

[Keith+Russell]

I'll leave the bullet points that are not OS-specific as an exercise to the (unfortunate) reader. But I couldn't let this one go without rebuttal.

M$ [sic] incompetence contributes to the biggest US blackout ever by disrupting critical company communications and overloading network [sic]. The whole thing could have been prevented.

Wow, that's a lot of links, twitter. But where's the smoking gun that directly links Microsoft to the blackout? Oh, yeah. That's right. It doesn't exist. For the second time in two weeks, I've had to correct you when you blamed an operating system you don't like for errors in somebody else's software.

GET HELP! Seriously. You've crossed the line from zealotry to paranoia.

It is *not* the money, at least not at first

[Per+Abrahamsen]

It is the freedom to choose future vendors that follows with free software. You don't have a single vendor who is the only one who can inspect, modify and redistribute the code. Anyone can do that, which ensures competition, which ensures the lowest cost in the long run.

The initial cost of free software is usually higher, as a vendor of proprietary software can sell the product below production cost, with the expectation of making the money back later in support and manitanence.

Which again is why we should work to make it official policy to require all software to be covered by a free software license in *any* organization where we are members (including the temptation), as there will be a temptation for decision makers to make the purchase that is cheapest in this budget year, and ignore the expenses later on.

... or download them!

[Blakey+Rat]

Thats what you'll spend most of your 4 hours doing- trying to figure out whats in your box and getting it to work.

Or you could just go to Dell's website, type in your computer's model and number, and just download them. But if you want to spend 4 hours hunting all over, be my guest.

Re:... or download them!

[AuMatar]

And how many people know their computer's model number? Of all the people I've ever done ad hoc tech support for, exactly 1 of them have.

Re:... or download them!

[Blakey+Rat]

It's written ON THE FRONT OF THE CASE. I have a Dell sitting not three yards from me, and on the front of the case it clearly says: "Dell Precision 340". The front of the case! Right by the power button used to turn the damned thing on! If the people you're doing tech support for are too stupid to read, and/or if you're too stupid to read yourself, I recommend just giving up on it now-- it's hopeless.

Really digging at the bottom of the barrel to come up with a counter-argument, aren't you?

Re:... or download them!

[AuMatar]

Not at all. First off- I'm currently sitting in front of a Dell with no model name on it, inside or out. Now its entirely possible that this model predates them adding the model number to the case, I haven't tried to install on a Dell in at least a year and a half. I did do an HP a year ago, they also don't have model numbers (and have a far worse website- its nearly impossible to find anything on it, even with me being a fucking employee at the time). The fact is that installing XP or 2K (yes, I've done both) from anything other than a vendor restore disk is asking for hours of trouble.

Re:... or download them!

[Blakey+Rat]

1) This Precision 340 is well over 2 years old. Dell has been putting the model name/number on the front of the case for as long as I've been buying them.

2) Dell computers, at least all the ones we've purchased recently, have come with a Windows XP CD and a separate Restore Disk. If you want to JUST install Windows with no drivers, you can use the XP CD. Then when you need drivers, you can put in the Restore Disk and install only the drivers you need from it. Or, you can eschew the Restore Disk and just go to Dell's site and download them.

Look, I agree it's not trivial to get a Windows XP install up and running, and it's something that should never have to be done more than once, but don't give me that 4 hour FUD.

Thanks, but that's wrong.

[twitter]

From your little link:

This NCS analysis supports the SWG's finding that viruses and worms prevalent across the Internet at the time of the outage did not have any significant impact on power generation and delivery systems.

Their definition of "significant" should be examined, but that's not the conclusion I was quoting. It was entirely possible that the systems were overloaded by network traffic and that's what caused them to not trigger miss alarms. That's why the issue was investigated. Whether or not that would constitute a "significant" impact or not is something only the report writers can answer. What's not denied by the above is that critical communications between operators and management were impeded. The lack of human operators to get what they needed is a significant problem.

This is not some opinion I pulled out of my ass. Schneier came up with it and the accident report does little to refute his notions. Specifically (pages 50 and 51), the number one cause of the accident is "inadequate system understanding". Remote terminals then the main system failed along with it's alarms. As Schneier noted the report states:

14:54 EDT. However, for over an hour no one in FEs control room grasped that their computer systems were not operating properly, even though FEs Information Technology support staff knew of the problems and were working to solve them

You can take it back further to the first failures of the State Estimators due to network communications problems. It was this problem that had IT people fooling with the system to begin with. Later, the alarm system stalled. I imagine both of these problems can be traced back to the blaster worm then tearing through corporate networks the world over. They did not get their contingency planning systems back till 16:04 (p49). The report, for one reason or another, does not mention the exact reason for the SE failures so all we have is strong coincidence.

For the second time in two weeks, I've had to correct you when you blamed an operating system you don't like for errors in somebody else's software.

Your compulsions and ideas are entirely your own, but I'm flattered by your close attention to my writing.