Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Dept. of Defense Creates Its Own Sourceforge

Posted by Soulskill on from the sharing-their-toys dept.

mjasay writes "The US Department of Defense, which has been flirting with open source for years as a way to improve software quality and cut costs, has finally burst the dam on Defense-related open-source adoption with Forge.mil, an open-source code repository based on Sourceforge. Though it currently only holds three projects and is limited to DoD personnel for security reasons, all code is publicly viewable and will almost certainly lead to other agencies participating on the site or creating their own. Open source has clearly come a long way. Years ago studies declared open source a security risk. Now, one of the most security-conscious organizations on the planet is looking to open source to provide better security than proprietary alternatives."

5 of 131 comments (clear)

  1. forgemil.com? by 1u3hr · · Score: 5, Interesting

    Okay, why the hell does the DoD call the site "forge.mil" but actually host it at "forgemil.com"? If they can't get a real .mil site, who can? I thought it was some phishing scam. "forge.mil" doesn't even resolve, let alone redirect. And ".com"? Government reserved .gov, .mil and some other domains for its exclusive use. Why on earth are they using .com?

    1. Re:forgemil.com? by 1u3hr · · Score: 5, Interesting

      PS: checked out forgemil.com: It's registered at Godaddy. Great. Are we sure this isn't some Nigerian scam? (I think the Chinese or Russians would be more subtle.)

  2. Legacy Applications by El+Torico · · Score: 2, Interesting

    I would like to see open source applications that would replace all of the legacy, proprietary applications. DoD is loaded with very badly written applications that usually can only be changed by giving the same companies that produced them more money. Notice I said "changed" and not "improved".

    --
    In the land of the blind, the one-eyed man is usually crucified.
  3. Re:~obscurity = security? by Cillian · · Score: 2, Interesting

    The whole security != obscurity thing is bollocks. Pretty much any "security" around today is basically obscurity. People say it's a bad idea to have a security system which relies on the process being unknown. It's comparable to having a system where the process is known but the password is unknown - the only difference being it's easier to change a password. The same applies to more advanced stuff like keys or certificates - The process is known, but one of the parameters is unknown, i.e. the key. If you could create a process with a similar complexity to the key, and keep it unknown, then presumably it'd be about as secure. The only sorts of security that aren't obscurity are the more brick-wall methods - e.g. unplug the network cable, don't allow access to anybody, even if they know the password. (I'm ignoring the more weird/bleeding edge stuff like quantum, because I don't have a clue about it.)

    --
    -- All your booze are belong to us.
  4. Open the flood gates by auric_dude · · Score: 4, Interesting

    Open source code, Open Government http://www.whitehouse.gov/ and Open Source Intelligence http://en.wikipedia.org/wiki/Open_source_intelligence all good ideas that may well speed things along and save the tax payers some cash.