Slashdot Mirror

← Back to Stories (view on slashdot.org)

India Mandates Use of Open Source Software In Government

Posted by samzenpus on from the free-at-last dept.

jrepin writes The Indian government announced a policy yesterday that makes it mandatory to use open-source software in building apps and services, in an effort to "ensure efficiency, transparency and reliability of such services at affordable costs." The new policy (PDF) states that all government organizations must include a requirement for their software suppliers to consider open-source options when implementing e-governance applications and systems. The move will bring the Indian government in line with other countries including the US, UK and Germany that opt for open-source software over proprietary tools.

64 comments

  1. This is it! by Anonymous Coward · · Score: 3, Funny

    This is the year if Linux!

    1. Re:This is it! by Anonymous Coward · · Score: 3, Funny

      This is the year if Linux!

      So, this is not 'the year'?

    2. Re:This is it! by Needs2BeSaid · · Score: 1

      If Linux does what?

      --
      Some things need to be said...
    3. Re:This is it! by Anonymous Coward · · Score: 0

      1 REM This is teh year of Linux.
      10 IF LINUX = YEAR_OF
      20 GOTO 10

  2. Open Source By Itself is Not Enough by Anonymous Coward · · Score: 1

    Open source can be desirable. However, as we've seen in the recent acquisition of FoundationDB by Apple, without a strong foundation to serve as a home for the project, open source software is in danger of both poor code quality or being taken private and yanked by a proprietary buyer.

    1. Re:Open Source By Itself is Not Enough by mexsudo · · Score: 1

      Open source can be desirable. However, as we've seen in the recent acquisition of FoundationDB by Apple, without a strong foundation to serve as a home for the project, open source software is in danger of both poor code quality or being taken private and yanked by a proprietary buyer.

      true. however experience has shown that ALL software (open and propitiatory) are subject to crude work, poor support, and/or NSA nuggets

    2. Re:Open Source By Itself is Not Enough by iamacat · · Score: 2

      Huh? FoundationDB was closed source. The company published some supporting open source projects on github. Those are surely mirrored and will be reuploaded by others. If a truly open source database like cassandra was taken down by primary contributor, others would just take over.

  3. "Consider" by Anonymous Coward · · Score: 5, Informative

    The devil is in the detail - a requirement to "consider" open source software is not the same as mandating open source software.

    1. Re:"Consider" by CeasedCaring · · Score: 5, Insightful

      Expect MS to offer "significant" discounts in 3...2...1...

    2. Re:"Consider" by Anonymous Coward · · Score: 0

      I wonder how this will affect MS' hiring practices.

    3. Re:"Consider" by Anonymous Coward · · Score: 0

      Ha, India is expert at this... they also "consider" arms purchases from various countries.

    4. Re:"Consider" by techno-vampire · · Score: 1

      How much of a discount will they have to offer to make it a better deal than free?

      --
      Good, inexpensive web hosting
  4. And no backdoors by Anonymous Coward · · Score: 3, Interesting

    You mean software without the NSA 5-eyes backdoors?

    Face it, who the f*** wants US made kit when they're talking about compulsory backdoors, and its clear there may be a lot of backdoors in their kit already present.

    It's not just the intentional backdoors, US companies report their zero day vulnerabilities to the NSA, and they use them in things like Stuxnet, so even buying kit from decent careful closed-source US companies is a risk.

    If they go ahead an eliminate encryption, then technically no business in the world will be able to use US made kit, because they'd be exposing their business secrets, their financials details, their confidential customer records, everything to everyone.

    1. Re:And no backdoors by Anonymous Coward · · Score: 1

      That hasn't stopped them from pirating all the Microsoft products they have been using all these years. India's level of respect for copyrights rivals China's.

    2. Re:And no backdoors by Anonymous Coward · · Score: 0

      India's level of respect for copyrights rivals China's.

      Good for them.

    3. Re:And no backdoors by Anonymous Coward · · Score: 0

      Go home, Stallman.

    4. Re:And no backdoors by Anonymous Coward · · Score: 0

      That wasn't even a good troll.

      The GPL depends on and requires copyright to exist.

      Moron

  5. Moo by Chacham · · Score: 1

    This open source policy is open for comments. :)

    --
    Have you read my journal today?
  6. I hate the idea of a mandate!!! by EzInKy · · Score: 1

    All that is needed is a rule that all the code that is required to fulfill a government requirement is open to inspection.

    --
    Time is what keeps everything from happening all at once.
    1. Re:I hate the idea of a mandate!!! by bobbied · · Score: 3, Insightful

      All that is needed is a rule that all the code that is required to fulfill a government requirement is open to inspection.

      You know, that's a great idea except... Usually there is no way to map from the source code you are given to the executable you where provided unless you have instructions on how to *build* the executable for your self.

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
  7. Good luck... by Anonymous Coward · · Score: 1

    Not trying to be a Debbie Downer, but there are just some functions that are not in the open source world:

    1: Active Directory. Sorry... OpenLDAP does not scale well, and would fall flat on its face if trying to deal with hundreds of thousands to millions of objects.

    2: Exchange. Yes, E-mail has historically been handled by UNIX... but messaging is more than E-mail and requires servers with replication capabilities. Other solutions just are not going to scale.

    3: Managing desktops. Show me a solution that works as well as GPOs on a scale of thousands to tens of thousands of desktops. No, Chef and Puppet won't cut it on this scale, since desktops can be pretty different.

    4: Backups. I can restore a Windows box from an image. There are no tools to do this under Linux other than offline stuff. Sorry, tar backups don't count, as it won't restore everything like the LVM structure.

    5: Managability and delegation of privs. I can delegate admin access to the OUs in a branch office if needed. With UNIX, there is god and the peasant. SELinux helps, but it still is the same. Solaris has roles, but there isn't anything near the structure that Windows has.

    6: File sharing. NFS is great for machines, but not great for user mounts. CIFS/Samba is great to ensure one user doesn't toast another user's shares.

    7: Tools in general for compliance. When I get laws, regulations, contracts, and other items, enforcing them is a no-brainer in AD. Good luck enforcing that a contractor only has 9-5 access to machines on weekdays, due to a company policy on UNIX.

    Not to say OSS is bad, but it just doesn't have the enterprise functionality in place. There are big companies (other than IBM and Google... and they are just eating their own dog food) that uses another solution than Exchange (Zimbra doesn't scale.)

    1. Re:Good luck... by Anonymous Coward · · Score: 5, Informative

      #1: AD isn't necessary except to do things the way AD wants them done. They don't have to be done that way. The only thing I've EVER had told me that AD did that wasn't replaced by SAMBA was to undo the dumbfuck way Windows treats a computer, where it wants things installed on the C: drive and locally installed with the registry set up. That's not what's needed, but it only exists to undo some of the dumb ideas that were implemented by Windows. But you don't have to use AD to undo them: you don't require it to operate outside its usage. And then AD isn't needed.

      #2: Exchange doesn't scale anywhere near as well as the UNIX stalwarts. Even MS found they couldn't do it without massive and specific effort. You have no chance.

      #3: UNIX manages desktops fine, better than Windows, because it was always a multi-user, non-owned user system, unlike Windows. So there's nothing to this "point" either.

      #4: There's massive amounts of stuff to do backups for UNIX. Who knows what the hell you're thinking of to make you think Windows does it better.

      #5: Managing and delegation of privileges are better on UNIX and Linux especially than it is on Windows. They're equal when you're talking about out-of-the-box normal privileges, excepting the Windows system wanting to execute anything, even if the execute flag isn't set, if it THINKS it should be executed. You have to do extra work to stop that, and you don't have to do that with Linux.

      #6: NFS has no problems doing what you need to do with the filesystem too. Just because you don't know what they are doesn't make them nonexistent.

      #7: It's easy-peasy to do what you demand on Linux. Issue a key to log on that only allows access 9-5, only from pre-configured systems, and always encrypted communication.

      Not to say closed software hasn't got a place or doesn't work, it just doesn't work the same way. Between other closed source software or open sourced software. And demanding that what you do on one platform must be available on another otherwise "It just doesn't replace my system" is ridiculous and self-confirming fake incompatibility.

      But demanding that just because the way you do something isn't done on another doesn't mean that the usage you want isn't available. It just isn't done with the same command as you're used to.

    2. Re:Good luck... by ruir · · Score: 2

      If you do not know how to do it, others might...nevertheless the article is quite vague, and full of backdoors. I could very well maintain all the desktop environment in windows because "it works better", and only provide applications and servers in Linux.

    3. Re:Good luck... by Anonymous Coward · · Score: 0

      Different AC here: Nice counterpoints, but they have zero to do with the subject at hand. Have you had to manage desktops or server at a large scale? Hint: SCOM, SCCM, and other tools are what you will be using, since logging onto every desktop (or server) can mean spending -days- to do an upgrade.

      I'm not meaning 10-20 machines... I'm meaning in the hundreds to thousands where you can't really spend the time to touch them on an individual level for the most part.

    4. Re:Good luck... by bobbied · · Score: 4, Insightful

      Gee, most of what you claim is not possible truly IS possible on Linux/Unix solutions IF you know what you are doing.

      With the possible exception of the Active Directory vrs OpenLDAP gripe of yours (and I'm just not prepared to argue that point with you, I think it's possible if properly managed and configured that OpenLDAP would scale just fine) everything you complain about are not issues without solutions, but solutions that you may not understand how to setup and use.

      Linux generally has solutions to the above problems which do work and work well for the back of house stuff. What Linux doesn't have though is the developed "tribal knowledge" of skilled administrators who understand the solutions and how to properly implement them. (Not that the tribe of Windows administrators always understand their OS of choice either.)

      Your complaints seem more born of frustration with people who didn't know what they where doing or what tools did what you are accustom to seeing than being actual limitations with Linux. Or perhaps you have had some bad experiences with Linux because somebody thought it was going to be cheaper to forget the license costs of Windows and run some half baked Unix solution instead. I can tell you that if you do the Linux thing because it is cheaper up front, you are sadly mistaken and wasting your time and money. Usually Linux requires as much budget up front as the Microsoft solution and only saves you money in years to come. Much pain is caused by half understood, improperly implemented and under funded efforts in either Microsoft or Linux worlds...

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
    5. Re:Good luck... by Anonymous Coward · · Score: 4, Insightful

      Yet another AC

      I routinely hop onto Linux setups and do maintenance/upgrades on 10,000 systems. There are tools to do it fine, just like there are things in MS land to mitigate the pain.

      The short story from any seasoned admin perspective: 'Whatever platform *I* know the tools for is better than the platform that I don't know the tools for'. This applies to all the parent posts. The Windows guy thinks Linux isn't enterprise ready because he doesn't know the tools. The Linux guy is shocked to hear this because Windows in his experience is a pain in the ass.

    6. Re:Good luck... by mlts · · Score: 2

      This gets me curious what tools people use for their larger deployments. I've used Chef and Puppet, as well as Splunk to consolidate logs, but if I get asked to find a tool that is to Linux as SCOM/SCCM is to Windows, what would be the best bet, as I see the above statement, "Linux can't be managed" repeated a lot, and that should be addressed.

    7. Re:Good luck... by arfonrg · · Score: 0

      Yeah, you're wrong... The Linux admins are far better at their job than the Solaris (and shudder HP-UX) admins.

      DON'T EVEN GET ME STARTED ON THE WINDOW GUYS!

      --
      Your thin skin doesn't make me a troll
    8. Re:Good luck... by bobbied · · Score: 2

      Yeah, you're wrong... The Linux admins are far better at their job than the Solaris (and shudder HP-UX) admins.

      DON'T EVEN GET ME STARTED ON THE WINDOW GUYS!

      There are bad apples in all the barrels. I've known good and bad Linux admins, good and bad Windows admins and a whole series of admins who don't know enough to realize they are making problems for themselves and others....

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
    9. Re:Good luck... by Anonymous Coward · · Score: 1

      I find it a bit baffling that you think that this is a challenging thing to do in a UNIX environment.

      What UNIXland admin would ever think of logging in to each machine individually?

      UNIX-like systems are built from the ground up with automated administration in mind.

    10. Re:Good luck... by Kjella · · Score: 2

      The short story from any seasoned admin perspective: 'Whatever platform *I* know the tools for is better than the platform that I don't know the tools for'. This applies to all the parent posts. The Windows guy thinks Linux isn't enterprise ready because he doesn't know the tools. The Linux guy is shocked to hear this because Windows in his experience is a pain in the ass.

      Of course leaving out the small detail that basically every managed Windows desktop uses AD and Windows admins either know it or they don't. If I search for tools to centralized manage Linux machines, I get dozens of alternatives in the top 50 hits. Like with everything else on Linux, there is no single standard.

      --
      Live today, because you never know what tomorrow brings
    11. Re:Good luck... by techno-vampire · · Score: 1

      With UNIX, there is god and the peasant.

      If you set sudo up correctly (i.e., nobody has unrestricted use of sudo and the admins are expected to use su instead.) you have God(s), the nobility and the peasants. The nobility, of course, consists of those users who are allowed limited access to sudo to manage their own boxes, but their privileges don't include doing the really dangerous stuff and the peasants neither have nor need even that limited access to elevated privileges.

      --
      Good, inexpensive web hosting
    12. Re:Good luck... by FirstOne · · Score: 1

      #4: There's massive amounts of stuff to do backups for UNIX.

      That's odd.. I use Linux Mint/ddrescue to backup/restore images of Win OS partitions/disks all the time. WIndose doesn't have anything even close. I can even mount those NTFS file images as partitions and modify the contents as needed. Have you tried to mount a Ext-3/4 FS on windows lately?

      M$ has a nasty habit stripping out long established features, obfuscates, cripples/breaks, and/or removes them, then monetizes it as a paid feature. I.E. Network users(>10,>20), Backups, SQL, Exchange, etc.. Meanwhile Linux/Open source rarely removes features and incorporates new features all the time.

  8. but without GitHub? by aneroid · · Score: 1, Troll

    The govt mandates using open source but one of the largest online repositories of Open Source Software, GitHub, is still blocked in India because "cut and paste services" are *very dangerous*
    http://t.co/P0f3LVj2tD

    1. Re:but without GitHub? by Anonymous Coward · · Score: 1, Funny

      Not a problem, they'll offshore the work to H-1Bs in the US

    2. Re:but without GitHub? by dcollins117 · · Score: 1

      Wow that article is like reading an Onion parody. To be clear, the article states websites were blocked on advisory by the "Anti Terrorism Squad." Allow me to cut and paste the entire quote because it is so stunning everyone should see it.

      "These [sites] are all providing very dangerous kind of cut and paste services..You can take code, cut it, paste it, remove it, delete it," said one government official who requested anonymity.

      That just blows my mind.

    3. Re: but without GitHub? by aneroid · · Score: 1

      Exactly!

      (but don't mind me, apparently I'm a Troll.) :-\

  9. GPL is necessary and sufficient. by Anonymous Coward · · Score: 2, Insightful

    It can't be taken propriatory if it's GPL.

    1. Re:GPL is necessary and sufficient. by new_01 · · Score: 5, Insightful

      There's nothing stopping the copyright holders of a GPL'd project from taking it proprietary. It's not much different than if the people running a permissive licensed project (BSD/MIT) decided to take it proprietary. Everything up to that point will still be available barring any patent issues. If one of the copyright holders decides they don't want their code proprietary then the project leaders can just rewrite their portion of the code and still take it closed source.

    2. Re:GPL is necessary and sufficient. by Anonymous Coward · · Score: 0

      unless you run it as a service over a network and never distribute a binary.

    3. Re:GPL is necessary and sufficient. by Grishnakh · · Score: 5, Informative

      There's nothing stopping the copyright holders of a GPL'd project from taking it proprietary. It's not much different than if the people running a permissive licensed project (BSD/MIT) decided to take it proprietary. Everything up to that point will still be available barring any patent issues.

      Two points:

      1) As you said, this doesn't remove the actual project from accessibility in the FOSS-sphere. You just can't have any new versions that the copyright owners decide to publish under a proprietary license. You can still use the existing code all you want, and you can fork it too if you want.

      2) This isn't really a big fear among people. Honestly, how many times has this happened? The advantage of GPL over BSD licenses is that with GPL, only the actual copyright holder can do such a thing. With BSD, anyone can do this, so you have cases like Kerberos, where a giant company with lots of resources grabs some FOSS code, "extends" it with proprietary extensions, and then pushes the new version so it's effectively been hijacked. This can't happen with GPL; there, the big corp would have to buy the copyrights from the original holders (which may be very difficult if there's a lot of contributors; with Linux (kernel), for instance, it's probably impossible to get all the contributors to agree to selling or even to a license change to GPLv3), before they could pull such a move.

    4. Re:GPL is necessary and sufficient. by new_01 · · Score: 3, Interesting

      Yep, good points all around. The GPL does constrain the amount of people that fork a proprietary version. I've always been torn on the benefits of one or the other. The BSD license proponents would say that proprietary forking is a net benefit if it means more people are on a similar platform. I have noticed that FreeBSD is used quite a bit in proprietary realms, but it doesn't seem to detract from FreeBSD much. However there are great benefits to the share-alike idea the GPL promotes. I suppose if a project is already mature enough then copyleft vs copyright doesn't seem to matter as much.

    5. Re:GPL is necessary and sufficient. by Anonymous Coward · · Score: 1

      I think it depends on the project and its development model.

      A big enough open source project will never really be at risk of hijacking because the community exists to carry on a free fork.

      A smaller project, though, especially if the core team can be hired on to work on the proprietary fork, is more at risk.

    6. Re:GPL is necessary and sufficient. by Grishnakh · · Score: 2

      I agree with the AC who responded here. I will point out, however, that the BSDs were around before Linux, yet Linux (kernel) is the one which now powers most of the world's smartphones, countless embedded devices, and countless servers (including most webservers), plus a fair number of desktop computers. By contrast, I've never actually seen FreeBSD in use anywhere personally. I know Hotmail used to run on it more than a decade ago, and that's all I can think of; I sure don't see it in any embedded systems like I do with Linux. The permissive license didn't help its adoption, it seems.

      However, on the flip side, the technically best and probably 2nd most popular FOSS database, PostgreSQL, has a permissive license (BSD I'm pretty sure), and it's doing great, and in fact it seems that a slow but steady stream of people are abandoning MySQL for it.

    7. Re:GPL is necessary and sufficient. by Phillip2 · · Score: 3, Interesting

      "How many times has this happened"

      MySQL is the obvious example, I think. It can happen with GPL, but it can only happen with the agreement of all the copyright holders, which is, in practice, unlikely. So, for instance, the linux kernel is unlikely to ever be released under any license other than GPL because there are so many copyright holders. Projects with a single copyright holder, usually through a copyright assignment policy could be relicensed.

  10. And Bill Gates saw this coming ... by BoRegardless · · Score: 1

    His friend Warren Buffet didn't want to trust software for earnings in the long term.

  11. Yeah sure, we considered it by NotDrWho · · Score: 1

    The new policy (PDF) states that all government organizations must include a requirement for their software suppliers to consider open-source options when implementing e-governance applications and systems.

    Yeah, we considered it for several seconds. But we decided against it.

    --
    SJW's don't eliminate discrimination. They just expropriate it for themselves.
    1. Re:Yeah sure, we considered it by Anonymous Coward · · Score: 0

      Policymakers are not that stupid. There is a requirement to explain why Open Source was not used. In Europe this system is called "comply or explain". Either you comply with the demand for Open Source or you explain why it's not possible in your situation and what you are going to do to change that.

    2. Re:Yeah sure, we considered it by NotDrWho · · Score: 1

      Okay, add an extra 30 minutes to that several seconds for making up some reasonable-sounding bullshit reason and writing it down.

      --
      SJW's don't eliminate discrimination. They just expropriate it for themselves.
    3. Re:Yeah sure, we considered it by CAPSLOCK2000 · · Score: 1

      That only works until the company that offered the open source solution starts a lawsuit. Suing over lost tenders is rather common.

  12. This has a lot of potential for transparency, but by Anonymous Coward · · Score: 0

    at the same time there's also a high risk for malicious software exploits if the source code is visible (and editable) by the general public. It's nice to think of open source as providing more usability and error-checking opportunities than traditional private sources, but were the U.S. government considering such a thing it would be thought of as ludicrous.

    --Emil Isanov, Etech 7, Inc.
    http://www.etech7.com/

  13. Imagine - Lennon by amplesand · · Score: 0

    Imagine:

    1. US/Russia/China

    2. France/UK/Japan

    3. Canada/Norway/Austria

    4. Ecuador/Israel/Palestine/

    5. Somalia/Bolivia/Vatican

    Transparency?! Probably no. None of these would dare that at full speed ahead. Not even Norway.

    Besides, many more countries have too many politically influential people which have "secret" money hidden, where an open source transparency may ultimately remove too many hidden money sources.

    Here is an example researched by the New York Times, "Billions in Hidden Riches for Family of Chinese Leader".

    Chinese leaders, however, deny (two years later) to be that rich, acording to an article, "China's former PM denies role in family's 'hidden riches'", in The Telegraph.

    The Jeb B tribal/clan politicos? US is getting more inbred than Europe ever was at the political top :D



    Tough fighting for open source at all levels? Yes. Just a guess.

  14. But only... by forty-2 · · Score: 1

    if it's developed, implemented, and maintained by straight, white, god fearing Christians.

    --
    never drink kool-aid from a big vat
  15. The US opts for open-source tools? by arfonrg · · Score: 1

    That's news to me... I'm watching about 2000 machines all running all sorts of close-source stuff with equivalent (and sometimes better) open-source stuff is available. Example: Oracle LDAP

    --
    Your thin skin doesn't make me a troll
  16. Let me guess by jones_supa · · Score: 1

    Some nerds have now sold them this idea, but when it eventually comes to deployment, everyone will realize "Oh my god the desktop is buggy, and LibreOffice constantly screws up the formatting of documents. We can't actually use something like this." After that, there will just be the ugly flag symbol and a spinning pearls animation when people start their computers.

    Any counterarguments?

    1. Re:Let me guess by Anonymous Coward · · Score: 0

      patches are welcome

    2. Re:Let me guess by Neo-Rio-101 · · Score: 1

      No.

      AD, Office, Exchange, Lync, Sharepoint..... are all the killer apps that work in Microsoft's favour in enterprise environments.

      There is nothing comparable on Linux, in terms of ease-of-use, deployment, and cohesion.

      Having LibreOffice available is just not enough.

      --
      READY.
      PRINT ""+-0
    3. Re:Let me guess by aikawa · · Score: 1

      SharePoint has a vastly superior alternative called Alfresco.

      SharePoint is slow, limited and does not respect standards like CMIS: http://cmissync.org/CmisCompat...

  17. Turbo C++ by Jezral · · Score: 1

    Unfortunately, Indian schools still require learning to code with Turbo C++, which is ancient and incompatible with any modern open source code.

    Sad but true: http://google.com/search?q=Ind...

    1. Re: Turbo C++ by Anonymous Coward · · Score: 0

      Jeez!! Again, half assed point. Some schools use it, and some use newer languages in conjunction. It's the easiest way to teach the absolute basics.
      But really, dies anyone do any fact checking at all other than reading up on vague generalizations?

  18. hire and create your own distro Unix/Linux OS by Anonymous Coward · · Score: 0

    India has ability to create their on Unix/Linux distro and maintain it. So it comes packed with all the Tested open-source tools for Gov Employees. also its easy to manage the security. I hope the gov is not allowing employees to add any OS and Software..

    Good Luck!!