Slashdot Mirror
DoD Wary of That "Open" Word
joabj writes, "Why is the U.S. Defense Department still reluctant to use open source software, despite assurances from within the DoD itself? Blogging for Government Computer News, I found at a recent D.C. conference that to some extent the roadblock might be with that word 'open'."
I gather it is because of the act of taking on the responsibility of making a solution fit the problem. In a commercial or consulting role, someone claims to have a solution ( or be capable of creating one) that will solve the problems at hand. When a manager ( especialy within the DoD) gives the okay for a canned solution, the responsibilites are already diluted, meaning that if the solution has already been working for others, it is safe to assume that it will work for your organization. If it fails to do so, the manager can point to the other successful implementations and list the differences between your actual needs and the products capabilities. The vendor can then tailor the app more closely to your needs and the manager still looks good.
If we apply the same standards to Opensource, we can look at established projects like Apache, Mysql or even Openoffice and they are still safe because others are successfully using the software, it is not really a matter of a central point for support. For a manager to okay a more obscure project for implementation means taking on a much greater and unknown responsibility.
Kindness is the language which the deaf can hear and the blind can see. - Mark Twain
I have direct evidence that some parts of the DOD engine is paying for products with open source compenents. Unfortunately, I can't go into details (yet).
I was watching a C-Span panel with US Homeland Security Secretary Michael Chertoff earlier today (rebroadcast from Tuesday 9/12) and he was talking about a lot of things. However, I was very positively struck when he talked about interoperability of first responder radio networks and how it's important that we don't lock ourselves into a proprietary network should the feds mandate a specific system.
He specifically refered to making it an 'open source' setup if we were to mandate specific equipment to avoid vendor lockin.
While I don't follow the open source movement too closely, it's a major reference, from where I see it.
Because the DoD allegedly likes freedom and wants to promote it. It is their reason for existance. If "Open Source" is hurting the adoption effort use the original name "Free Software".
The last time I checked, the DOD has an enterprise license for RedHat Enterprise Linux.
They already use "Open Fire", "Open Range" and "Openpray" why not opensource.
Just change it to "Public Source". More descriptive as well.
As much as we bitch at the government for hiding this secret project and that wiretapping, why should we be SURPRISED that they don't like the word 'Open'?
When the source code is available to everyone, that also means that it's easier for the enemy to find security holes to exploit.
"Security through obscurity" isn't a bad thing. If you can manage to keep tight control over who has access to the source code, you've eliminated one more security issue. Obviously, the quality of the code is more important. But still.
As someone in the military, I can tell you for sure that appearance and impression matters MUCH more then function or realism. It's all about how it looks or how it sounds, not what it does or how well it does it. There's a reason our fighter planes aren't called the Kitty or the Puppy. Heh heh, the F-22 Puppy, that'd be funny.
Never give in--never, never, never, never, in nothing great or small, large or petty, never give in except to conviction
Copyrights and patents are 'private' rights. The DoD, being part of the US Government, can't hold any 'private' rights. They can buy (the right to use some) closed source software, sure, but if they create any software then they cannot sell it.
Have to keep it secret or give it away.
You have to admit, at first glance it is a bit worrisome to use a product that is totally open for all the worlds eyes and ears to see. Combine that with the fact that most of the guys in charge aren't particularily computer savvy, and it isn't hard to see why open source would held back.
MS has worked quite well for most things that the military has needed in the past. At least it was when I was in. I can see how "open" might be construed negatively.
Justin - Don't be afraid of my blog, it won't bite.
I found this section of TFA thought-provoking: "In the military, leaving tasks unfinished until some indeterminate time in the future is simply not acceptable, especially in cases where life--and accountability--is at stake."
This is in response to Behlendorf's description of FOSS development as organic, relatively unplanned. It frequently doesn't include deadlines, guaranteed results, even release dates.
This takes the focus away from results and puts it back on method. If you use the most efficient development method ever devised, the product will be very good at time X -- but it won't necessarily have features Y at time Z, etc.
What happens if overall foreign-policy strategy, and even discrete military tactics begin revolving around a similar notion: that you use the correct means and you know the ends will be Good Things even if you can't list those Things in advance.
My turnips listen for the soft cry of your love
...is why OpenBSD is so infamous for being insecure.
http://mediagoblin.org/
The planned Open-Warfare v 1.0 has been discontinued, the project will now be segregated into the BSD licensed Open-Genocide and GPL'd Open-Apocolypse components. Your tax dollars at work.
'Hello Kitty Helo' sounds pretty good to me...
Just need some thinking out of the old helmet. It could work.
Faster! Faster! Faster would be better!
I work in a military environment. Recently our computers were transitioned to NMCI. Result: All open source is strictly prohibited. My workspace had designed a really awesome database powered by MySQL and other open source technology. When NMCI came online we were SOL. When we asked for help, we were advised we could spend a $xxx,xxx and purchase a Microsoft SQL Server license instead. When we pushed the issue, we were told that we were welcome to submit MySQL to NMCI for approval but that no one knew how to file the paperwork and no one had ever seen any software approved before. My take: It's a money scam. Somehow NMCI and Microsoft profit from each other with an exclusive agreement.
to "Free To Examine" ??
Huh? This just sounds like a made up reason to point fingers at an easy target, the DoD. My experience working at various DoD facilities is that Linux is quite common. Esp. Red Hat since the DoD gave it the thumbs up several years ago. Not to mention the NSA's SELinux.
Like I said... easy target. If you really want to be daring do the finger pointing at the major Linux companies for not doing enough to make it more workstation and personal desktop friendly. Or at the local and state agencies who could be doing more to save taxpayer dollar$ by not paying outrageous licensing fees to the likes of Oracle, Sun, Microsoft, et al. Grassroots Linux!!!
...that the wrong people are making the decisions on which software to use. They're going off its label rather than its functionality.
Once I was a four stone apology. Now I am two separate gorillas.
I guess that means the DoD will no longer buy MS software licenses. After all, Microsoft now calls that the Microsoft Open License:
e overview.mspx/
http://www.microsoft.com/licensing/programs/open/
And I guess there is no way they could use the new MS Office Open XML file formats either:
http://www.microsoft.com/office/preview/itpro/fil
Open Minds.
It must have been something you assimilated. . . .
The problem is that an Open Source project would quickly become a proprietary project anyway. Take, for instance, VISTA (medical records). Yes, it's open source, hell, it was even developed by the government. However, since the VA's mission is decidedly NOT to provide tech support to the rest of the government, other departments that might use that system are left holding the bag to fully support it IN HOUSE, and that includes a metric ass-load of customization.
Where "Open Source" is really competing is in vertical, single-source support and in that department, it usually doesn't have an advantage. It's not that government is averse to using the stuff, it's just that they don't want to end up with something like the VA and VISTA where they have hundreds of full-time developers devoted to keeping it alive. They'd prefer to sign a vendor on to provide it as a service so they can get on with fulfilling their mission, not pretending to be a software development company.
The benefit of open source is that you "own" the code in the sense of having unfettered access to it and can continue developing it even if the original owner ceases to exist. However, owning the responsibility of perpetual development is precisely what government agencies DON'T WANT -- and, frankly, for good reason. They're not software companies and they're very bad at pretending to be so (take a look at the FBI case management system, for instance). When people make the case for open source on those grounds, you've just presented them with the worst nightmare imaginable, so don't be surprised if they scream and run away.
Its probably a Rumsfeld problem, you can imagine the situation
Today's Agenda
1) Break Geneva convention
2) Set up illegal prisons overseas
3) Hide report into WMD
4) Cover-up issues around troop deployments
5) Should we approve Open software use?
6) Prepare for Senate investigation commitee meeting
I mean by the time he got to item 5 he was unlikely to go for openness.
An Eye for an Eye will make the whole world blind - Gandhi
We would do well to remember that "open sources" are things like phone books and newspapers, long before "open source" software.
Really, the use of "open source" for software is a pun. The original is descriptive, the pun is not so descriptive unless you know what "source code" is.
If they're not doing anything wrong, then they don't have anything to hide.
....that they don't have to use the word "free".
May the Maths Be with you!
would be my suggestion for a DoD-friendly monicker.
Also, I recall whenever I install Oracle (closed source) I have to click an agreement that I will not use the software in the design or production of biological, chemical or nuclear weapons. I've never encountered such a clause when using open source software, so maybe this might be something that would appeal to the DoD, who I presume would rather not be tracked down by one of Larry Ellison's hit squads.
1) Liability. Contractors want somebody to sue if something goes wrong. The DoD will blame the contractor.
2) Specs. Usually, the system is being developed is meant to replace another system that is in-place. The only things to be changed are what are specced out. This doesn't prevent things from being entirely rewritten, but it usually stays on an existing DoD platform.
3) Speaking of platforms, check out the existing specced out platforms. Lots of people go with DIICOE, or GCCS for various reasons. Some might include a desire to get something included as a DIICOE segment, which is profitable, or GCCS, because it's ubiquitous.
4) STIGs. If there isn't a STIG written for it, you're going to have a harder time getting approval to operate it on a classified network. Even if all of your major apps are covered, you'll have to get extensions regarding applications that are not covered. Extensions are not intended to be waivers... so, you're only supposed to get an extension if you intend to replace it. It is hard to justify an extension for new software. Why not just write it in a compliant fashion? Because the security audit will be more of a PITA, they avoid any step into the unknown. Some of this is just inertia.
5) Security through obscurity. It sounds asinine, but the DoD doesn't rely on security through obscurity.... they rely on anything that is considered a good practice, obscurity is just one of those many practices. It's not that they are using telnet or anything silly like that. It's just that they want as many layers as possible.
6) Common open source is embraced. Everyone runs Apache. It's as ubiquitous as IIS. It's the things that are considered more "out there" that aren't.
All of that aside, there have been open source initiatives, but contractors have been reluctant to bite. Reasons vary, but this is the essential dynamic. The DoD retains the rights to most of the source code for projects that they fund, so, they already have the source code... they give it to anybody that they please, including the next contractor to work on the project. Contractors don't want to share source with each other for competitive reasons. Since they're all bidding to produce identical products, giving other contractors the ability to develop experience with a product can only hurt their business, this experience is their primary bargaining chip when bidding (that and the ability to undercut their competitors, or qualify for special considerations, such as being a small business).
Then there is the concern of enabling foreign interests to develop commensurate technologies. Nobody wants to share code to decode IFF signals, or to build similar systems. Thinking that the government would publish code to do these things is just asinine.
You always have your crumudgeons who also will just resist open source... which is the same even outside of DoD interests, but the DoD comes with a host of other concerns. All of these in mind, I'm not sure that the DoD is necessarily stilted against open source. Some sectors of the DoD have embraced it quite readily... these are just the faster-moving sectors who adopt technologies more readily. The DoD is a very large entity, and, as such, slow adoption, when combined with very well established platforms results in this exact behavior.
does the open source community spend on lobbyists ?
$0.00 ?
And you wonder why its not used.
MS software is wide opened for exploits. See... Open is not a bad word.
I recently advised a few people at work to consider OpenOffice as an alternative to the use of MS Office. I was met with an answer I didn't expect. One commented that "it looks interesting, but I don't want just anyone to be able to read all of my files." This took me aback a minute until I realized that they assumed "Open" meant their data/files/Harddrive where "Open" to inspection by anyone "online". It takes a while to explain to this class of computer user just what is meant by the labels used by the "Open Source" community.
It's this same group of people that were convinced once they couldn't use Thunderbird to check their email because "well my ISP automatically sets up and uses
I used to have a good sig...
You gotta love the schizophrenic nature of the DoD, on one hand they have elements afraid of open source because of the word "open" and on the other hand the NSA, an arm of the DoD and the group in charge of computer security, not only uses open source based software but has even contributed to it.
http://www.nsa.gov/selinux/
of course we all know that the us dod is a monolithic
entity that only holds one opinion about anything.
War on Proprietary Software.
You keep using that word. I do not think it means what you think it means.
Disclaimer: Evolution comes with NO WARRANTY, except for the IMPLIED WARRANTY of FITNESS FOR A PARTICULAR PURPOSE.
I must say, I'm really not unhappy with that. In fact, I would dislike it very much if any of my open source contributions would be used by the military (of any country). I even once considered blocking access to my web site from .mil domains. I didn't because it would be completely silly, and there is no reason to block only .mil and let all the other military through. And after all, "open" is "open", and anyway, I have neither the time nor the moral authority to decide who is "good" and who is "bad".
But nevertheless, if the military would rather not use any of my "open" code, it makes me feel better, even if it is not rational.
Why don't we drop the Open from Open Source Software and replace it with Available? Then we can be part of the ASS community.
I mean, the best part about ASS is that it's always available for the asking.
I work for a defense contractor, and there are supposedly some rules from on high that open source is frowned upon, as is any software not written by a company in the United States.
I routinely bring software in to use on various projects, and I favor open source or, more spefically, free software, except in cases where a proprietary product is clearly better (example: BitKeeper is better than any open source SCM tool). It's simple, really. If I can start using it tomorrow rather than ask the businesspeople to purchase something and use it next week if I'm lucky, that's just easier for me.
The reason I say 'tomorrow' is because it's not quite hassle-free. I have to turn in a form to justify putting software X on the classified network. The form, of course, was not written by anyone who even considered the possibility of open source. It asks what company wrote the product (I do my best to oblige and say something like "Free Software Foundation" or "The ____ Project" if I really can't find any organization) and where that company is headquartered (I just try and put anything at all that seems to fit, such as an address found in a whois request).
To the people who really insist that open source has no place on a defense networks, I say, do you have any idea how many Linux machines are already being used on said networks? Do you realize how many GNU tools are being used, even on the proprietary machines? That gcc, for example, is the compiler of choice, at least where I'm working? The people who make these statements have no idea what they're already running.
One of the problems is that it is free, meaning they don't pay for it. The Army doesn't ever get something for free. There are policy's against it.
The idea is that, eventually Guido is going to want you to repay the favor. The Army can't get something for free because, later on, it might be seen as biased.
Also, they want to be seen as supporting American buisnesses. When you use open-source, and get it for free, it is almost like you are taking it away from the economy.
Now, I don't dispute that there are more reasons... Someone to blame and all that kind of stuff. But it is not necessarily cloak and dagger, nor just being against change.
I worked on a secret level access facility for the Air Force a few years ago. There were two computer systems. All classified materials were to go on the Sun network. Cables had to be mounted below the ceiling, where they could be visually inspected constantly, etc. The Microsoft boxes were limited to personal use only. Yes, Microsoft has a security level approval (pretty much granted by Congress over protest.) But, if you read it, there are all kinds of limitations. No network connections allowed, no removable media, etc. Truth is, the Military knows that Windows cannot be secured. My son was in the Army and he confirms. All sensitive and above information was kept on Unix or Linux. Windows is not suitable for such use. (this was as of a few months ago.) that doesn't mean it doesn't get used that way, just that it's the reason for a lot of the leaks that have happened in recent years, and that is recognized.
Everybody knows 3 people with my name.
#include
Good lord, I actually have something to contribute!
In a nutshell, the DoD *really* doesn't like that they don't know who wrote the software, and they also don't like the lack of a central point of contact. They'd rather hire, say, $defense_contractor to write a similar piece of software, because they get a couple of reassuring beliefs (we will not attempt to discuss the VALIDITY of these beliefs, please):
1) that $defense_contractor is using properly trained, vetted programmers, with security clearances if need be; and
2) that if anything goes wrong, they can sue the tar out of $defense_contractor.
These two factors are VERY important to the DoD. Now, you can probably see the utility if the DoD has requested, say, software for their Death Ray [1], but isn't that overkill if they're trying to buy a web browser? Yes it is--but they can't help it. The DoD has LOTS of finicky aquisition rules, and they're pretty much the same whether you're buying Death Ray Guidance Software or a web browser.
In my day job, I am, among other things, involved with the government's Common Criteria Evaluation and Validation Scheme (CCEVS). Due to the DoD's acquisitions rules (DoD Instruction 8500.2), in almost all cases all Commercial Off-The-Shelf (COTS) software must have undergone a CCEVS evaluation. As you might imagine--we are after all dealing with the government--CCEVS evaluation is really REALLY expensive and takes frickin' forever.
Now, this is no barrier to Microsoft, which has had enough money and time to get Windows {2000, 2000 Server, XP, XP Pro, 2003 Server} evaluated. But, as you might imagine, it's a pretty damn big barrier to open source products. Those that have been evaluated (SuSE, Red Hat) have been lucky enough to have some heavyweight patrons (IBM and Red Hat, respectively) on their sides.
Nor is a CCEVS certificate the end of the game. DoD agencies typically must justify why they've chosen solution X over solution Y; and, while cost is a factor, it's far from the most important one. Open source products tend to come with a list of disclaimers as long as your arm (OpenSSL's FIPS 140-2 certificate, for example, says that the certificate is only good for THIS version of the source code, compiled with THAT version of gcc, THESE SPECIFIC static libraries compiled in, etc., etc.), and the guy writing up the justification paper is probably an overworked lieutenant prone to thinking "Fsck this. No one got fired recommending Microsoft."
[1] The notion of a DoD "Death Ray" is entirely a fabrication of my own fertile (if perhaps deranged) imagination. Any similarity to any actual research, prototypes, and/or super-double-secret weapon is entirely coincidental. Please don't put me in GITMO. Thanks.
NMCI notwithstanding, there's tons of open source software running all over DoD as we speak, and very little of it is likely to go away anytime soon.
You have to assume the DoD is both smart and non-corrupt, and the evidence clearly shows that as a gestalt they are neither. There are some smart individuals there, and a few who aren't corrupt*, but they are a tiny minority. The DoD is the heart and soul of globalist for-profit military industrial complex actions. It is based on lies, good old boy kickbacks, promoting any war anyplace because it is profitable, and above all things need to be expensive and require a lot of maintenance to keep the cash flowing.
It's no wonder they are against the word open...
I have used RedHat Linux and OpenOffice in the Army. They are there and implemented in combat. The soldier isn't aware of this because they work behind the scenes, but open source is being used in several applications.
-usgrant
They'll change their mind when they go to war with a country that has paid Microsoft more than they have (or a country that Microsoft has purchased). And the entire Defense department falls apart from deeply embedded backdoors that have been sold to the 'enemy'.
Global corporations are just that, they don't owe loyality to any nation or any nation's war machine. The Americans will probably learn this (as they learn everything) the hard way.
In a similar vein, I would believe that all the ultra-high tech weapons that the Americans have sold to their more dubious allies do actually have back-doors that allow the Americans to disable these weapons should they be used against Americans by a country that has had a revolution. This was the lesson of Iran in the late 1970's. Hopefully it will be learned before all the high-tech weapons sold/given to Egypt over the past thirty years are used against the Americans and Israelis after the fall of Murabak's regime and the assendency of an Egyptian Islamic Republic.
The viral provisions of many open source licenses scare them off? From firsthand experience I can tel you that it does.
Also, you have the anti-US, anti-DoD attitude of many "open source" developers and advocates.
"God fights on the side with the best artillery." - Napoleon, Marshal of France - speaking truth to power
Battles are not won or lost by whoever has the best terms and conditions from the manufacturer. If you're losing, you won't be around to complain, and if you're winning, you generally won't care.
Every time a major power (such as the US) has paid more attention to giving kickbacks to corporate sponsors than it has to producing successful products or successful missions, that power has had its arse well and truly kicked. Sometimes the power wins anyway, but it is not because of its unimaginative and self-serving attitude, it is despite it. It's not very hard to win when you have total land, sea and air supremecy, and can do round-the-clock carpet-bombing campaigns. (But even then, failure of imagination is lethal. Operation Market Garden got slaughtered because of such egotism.)
Personally, I dislike military structures. I find the notion of winning an argument by having the winner define what the argument was to be primitive and tribal. However, if we're going to have such organizations, we might as well make sure they're functional and concious, rather than degenerately repeating every mistake history has ever recorded.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
The term "free" is an intentional echo of cold war terminology and works for military types. Freedom is what they are all about and they are never supposed to obey an unlawful order. The American ideology of the Cold war carried over from the defeat of the German dictatorship and Japanese Empire but was firmly rooted in American history, writing and law. The core of that ideology is that free, moral people working in honest cooperation and competition are happier and more prosperous than people toiling under centralized dictatorships. Interesting expressions of these ideas can be found in the writing of Robert A. Heinlein, especially Starship Trooper, which is recommended reading in the US Marine Corps. Free software is an honest effort to make things work, guided by a free meritocracy. It works and has become best of class because people agree not to screw each other over, standards to modularize their work make it so things are interchangeable and the fittest work survives.
Officers with higher degrees will instantly appreciate the peer review nature of free software. People who have published scientific articles understand first hand the practical requirements of repeatability too. To them, if you can't repeat it yourself you have to take it on faith and no military person wants faith in anything but the almighty when they can have proof instead.
The non free people tried to call free software, "software communism" but failed and may have it thrown back in their face. Any military person will tell you that Communist contries are really nasty little fiefdoms, where who you know is more important than what you know and the top guy is in absolute lawless control of everything until murdered. This more resembles the distrustful, back stabbing and intentionally wasteful world of non free software in methodology and results.
I'll quote the gnu.org sites, see what you think:
All four practices resemble those used in the former Soviet Union, where every copying machine had a guard to prevent forbidden copying, and where individuals had to copy information secretly and pass it from hand to hand as ``samizdat''. There is of course a difference: the motive for information control in the Soviet Union was political; in the US the motive is profit. But it is the actions that affect us, not the motive.
Friends don't help friends install M$ junk.
How about Open source intelligence
The resistance to open source I have seen is "who do you call when something goes wrong?"
That's the primary issue. Another is having the luxury to point the finger at the COTs vendor...MS, Oracle, etc...when something goes wrong..."It's not our fault, it's that shitty MS upgrade".
Another issue still is concern that, should a open source project be KNOWN to be used for classified processing, the authors could be compromised or the s/w could be targeted/examined for holes.
Another issue is mixing code that touches classified data with MS includes and libraries does not obligate open source release...while mixing with GNU might. Releasing code from the govt oftens requires time, money, effort. Or a competing shop could use that argument against the use of open source. "No one gets fired for choosing MS"...your company loses the contract.
However I have seen a rallying cry lately among a lot of civil service types..."Linux Everywhere!"...there is significant happiness in many areas of government using Linux or other open source. The non-recurrent licensing costs are very appealing to government.
I've worked in several shops that dump $10K-100K a year to MS...it can be a real drain for projects in sustainment.
The whole issue is this wimpy, do-gooder pinko commie vibe you get from "open" and "share" and "please don't kill innocent civilians" crap.
Just do a cut and paste and replace "open" with "Dark Top Eagle Hammerfist YMCA Shiny Leather" and you'll see military types lining up around the block for the stuff.
Trust the Computer. The Computer is your friend.
The Army could hire coders in the US to create open source apps.
Then they will be:
* paying for the "favor"
* supporting businesses (by hiring people)
* helping businesses (by creating useful software)
Spoon not. Fork, or fork not. There is no spoon.
So call it "flex source" or "agile source" The military loves terms like that.
Serve Gonk.
From Wikipedia:Sniper:
You may not realize it, and neither does most of DOD, but there are a lot of projects that have open source underpinnings. No, you are not going to see DOD start using ubuntu Linux laptops and OOS is not going to become the new standard in the office place and you sure ain't going to see a lot of linux servers in the network.
However, there are many weapons systems that the defense contractors provide that have Linux and Unix underpinnings --- I can think of four Linux based systems off the top of my head, one is a missle control system that runs RedHat.
The Defense Contractors are not selling open-source software, they are selling a complete solution. DOD is not buying mepis linux, they are buying a hardware software solution and do not really care what the underpinnings are.
How many people have said linux is "killer" software compared to the number of people who have said "Windows will be the death of me"? Export list be damned. We should be promoting Windows to our enemies.
"Free Sofware" as in the Freedom you are bringing to... *ducks*
"You're everywhere. You're omnivorous."
Since when is suggesting that Microsoft's trying to achieve world domination through doomsday logic and backdoors in Windows "insightful"? I would've picked "flamebait."
Or "redundant." ^.^
DATABASE WOW WOW
Let's not fool ourselves, open source software takes talented people to run, not the normal graduates of 6-week "learn-computers-fast-to-make-money.com" windows training that is the mainstay of price thrifty contractors that make up the entire backbone of all DOD IT departments. I'm sure there are talented admins in the DOD, I've met some, but they are the exception rather than the rule. "Best and Brightest need not apply"
People who think they know everything really piss off those of us that actually do.
Nevermind the incorrect capitalization, but does that even mean anything? Yes, this is offtopic, yes this is nitpicking, but seriously: Does that really mean any more than "Smurfing for government computer wews"? Personally I think "grofling for news" sounds cooler, not to mention it's one step ahead of being branded "hip" in that negative way.
Anyway, I stopped reading right there. So the comments here may be gibberish and all non-sense, but can't we at least expect the summaries to be in semi-proper english?
Not Buzzword 2.0 compliant. Please speak english.
"The viral provisions of many open source licenses scare them off?"
.. right?
On the contary Open Source is less 'viral' than many closed source licenses. For instance it prevents SCO suing AutoZone or DaimlerChrysler for producing derivitive works using Linux.
"From firsthand experience I can tel you that it does."
From first hand experience, can you produce any evidence as to this claim. Or did you have to sign a NDA agreement and are sworn to secrecy.
"Also, you have the anti-US, anti-DoD attitude of many "open source" developers and advocates"
You're kidding
was Re:Could it be?
davecb5620@gmail.com
"the DoD *really* doesn't like that they don't know who wrote the software, and they also don't like the lack of a central point of contact"
..
.. evaluated"
.. provide the Software .. AS IS AND WITH ALL FAULTS, and hereby disclaim all other warranties .. of reliability .. of lack of viruses .. ALSO, THERE IS NO WARRANTY OR CONDITION OF TITLE, QUIET ENJOYMENT, QUIET POSSESSION, CORRESPONDENCE TO DESCRIPTION OR NON-INFRINGEMENT WITH REGARD TO THE SOFTWARE - XP EUAL
To find out who wrote the software, just read the license agreement
Novell Software License Agreement
Red Hat Agreements
Cleversafe Commercial License
Digium End-User License Agreement
"CCEVS evaluation is really REALLY expensive and takes frickin' forever. Now, this is no barrier to Microsoft, which has had enough money and time to get Windows
"Open source products tend to come with a list of disclaimers as long as your arm"
"Microsoft warrants that the Software will perform substantially in accordance with the accompanying materials for a period of ninety (90) days from the date of receipt" - XP EUAL
Microsoft
was Re:What the DoD objects to
davecb5620@gmail.com
To really comprehend this, I think it goes much deeper than opensource standards, or integration. The DoD has an attitude, a philosphy if you will - that everything is behind closed doors and not discussed. It's a world of classified information that is protected to pretty rigorus standards. To adopt or use anything that suggests otherwise (whether or not it actually does) just flies in the face of everything they know and understand. It's just the world they live in.
I bring nothing to the table.
"it is a bit worrisome to use a product that is totally open for all the worlds eyes and ears to see"
Most of the worlds governments also have full access to the Windows source code including China.
"MS has worked quite well for most things that the military has needed in the past. At least it was when I was in"
Sunk by Windows NT
was Re:For one, fear of being too open.
davecb5620@gmail.com
Why doesn't DoD use open source? First, you have to realize virtually everything DoD does is either directly (pick numerous projects) or indirectly (panel advisors on DoD specs) by large Mil. Contractors. So when we're talking DoD development, we're generally by and large talking large mil. contractors (LocMart, etc). So why won't large Mil. Contractors use open source? _INTELLECTUAL PROPERTY_. They definitely won't use open source when the licensing would require them to open anything the contractors write on top of that. I also agree with other posts with the "blame factor" where if something screws up, they can blame some other company for their problems instead of saying "we screwed up" to the customer. Finally, many large mil contractors have the mindset that they will "own" the DoD networks and platforms through their own proprietary solutions that are based on just enough open standards for them to claim that they are "open". In the process of attempting to "own" the DoD networks, open source will just get in the way. Want proof? Research the "GiG" or "DoD Net Centric Architecture" to see what a mess that is. All contractors are parroting "open networks" blah blah blah, but still offer "stovepipe" (DoD-speak for proprietary) solutions.
Even when the DoD did "open up" some software (HLA library for example), they quickly took down the site and said "let the market handle it". Meaning a few contractors took it over and are now charging big bucks for the same software (hint DoD, "letting the market handle it" only works when there's a demand for your product).
So many things off kilter in parent.
"...Apache or other Linux operating systems." I hope you really don't think Apache is a Linux based operating system. Apache is a very good HTTP server that runs on top of many operating systems, including Linux kernel based ones.
"As long as they don't turn around and resell it, it's within their rights in the GPL to modify [Apache]." First of all it's within anyones rights to "resell" open source. The GPL only prevents them making their changes closed. If I want to make a living reselling gcc as ACcc, I could try, but would likely starve. And on top of that Apache is not GPL, it has its own BSD like Apache License.
"they could always modify or build an entirely new custom Apache" More likely they would hire a contractor to do something like that.
Just rename it Peer Reviewed Secure OS. Sometimes it matters how you name the boat. :)
Paint yourself into a corner, burn the bridges!, and you will feel the liberty of a man who has nothing to lose!
but blame. More specifically, blame avoidance. This is why you get committees. If blame exists for a mistake among enough people, then nobody is to blame.
'If you can manage to keep tight control over who has access to the source code, you've eliminated one more security issue. Obviously, the quality of the code is more important. But still."'
Moronic because that's a honkin' big IF there.
If you wrote the code, then you can manage to do this. However, there isn't any difference between OSS licensing and CSS licensing in this case. So that can't be the case here.
If the code is done by another, how many people did they employ? Do they have any other customers? Do they have access to source? Are you allowed access to see if it is secure (but then that blows the obscuriy part away...).
And, given that more people can read the software in OSS than CSS, this is more secure unless you can assume there are more black hats out there than white hats. And if there is such an imbalance, you're SOL already.
Why don't the change the name from "Open Source" to "Free To Examine" ??
:))
Free software is about MORE than simply the ability to examine the code. It's about being explicitly allowed to modify the code for your own purposes, and to distribute your modifications to others. (Usually your alteration of the original work also needs to be free software, but IIRC the BSD license doesn't require that. I could be wrong.
It means that you can download Super Editor 3000, find out that it doesnt' support your organization's workflow perfectly, and pay someone to modify it to fit your needs, and then you can keep, share, or do what you need to with that.