Slashdot Mirror


US Govt Commits To Publish Publicly Financed Software Under FOSS (k7r.eu)

An anonymous reader writes: The White House has published a draft (PDF) for a Source Code Policy. The policy requires every public agency to publish their custom-build software as Free Software for other public agencies as well as the general public to use, study, share and improve the software. The Source Code Policy is intended for efficient use of US taxpayers' money and reuse of existing custom-made software across the public sector. It is said to reduce vendor lock-in of the public sector, and decrease duplicate costs for the same code which in return will increase transparency of public agencies. The custom-build software will also be published to the general public either as public domain, or as Free Software so others can improve and reuse the software. Looking at the exceptions, it appears the list excludes a number of interesting things. But what's remarkable here is that, by default, publicly financed software will now be deemed as open-source. That's a win.

17 of 39 comments (clear)

  1. Re: So, foreign governments can use it too? by Anonymous Coward · · Score: 2, Funny

    Yeah they should use he json license. It prevents evil use of the software.

  2. some of those interesting exceptions include: by nimbius · · Score: 4, Interesting

    3. The release of the item would create an identifiable risk to the stability, security, or integrity of the agencyâ(TM)s systems or personnel

    no biggie here, as youd have to identify the risk and make it meaningful.

    4.The release of the item would compromise agency mission, programs, or operations

    vague. you can expect this one to see a lot of abuse because the person who releases the code often isnt the author, and frequently wont be able to answer this question without worrying about their job.

    5.The CIO believes it is in the national interest to exempt publicly releasing the work.

    this. the CIO often doesnt know TCP from BBQ and will likely relegate the bulk of their source to this category by default so as to avoid lengthy congressional investigations and burdensome oversight.

    --
    Good people go to bed earlier.
  3. That's a very smart thing to do by Lieutenant_Dan · · Score: 2

    I've worked on a bunch of contract at various levels of government and I'm always shocked to see how belligerent and protective departments or groups can be with their code and applications. There's been so many times when I get hired to do something that after spending a day or two there, that I discovered that another department has done the exact same thing. What follows is my recommendation to leverage what they have in-house already rather than whip something up. What always follows after is weeks of chatter and the eventual escalation to the board/CIO/CTO/CEO to make things happen. 90% of the time they tell me to go back to my original work order and get it done as they initially requested. Good money for me, but what a waste.

    Case in point, the "communications" department wanted to refresh the staff directory with more helpful information and include (for who wants to) include their Twitter/LinkedIn/geocities/etc links. We get hired to do this for them. HR has a full-fledged table that we need to do nightly imports and THEIR OWN Web Application (and a dormant web-service to call). What would be a simple DB extend by adding a couple of other linked tables, becomes a duplicate because the HR folks have their own IT department and don't want to play nice with corporate. $10k vs $50k.

    --
    Wearing pants should always be optional.
  4. ITAR by jittles · · Score: 2

    I see that, as I expected, ITAR is a valid excuse to withhold software from the public. I bet that most DoD specific projects would qualify for this exception. I have never worked on a DoD project that was not covered by ITAR, but all the software I've written for the USG was specific to weapon systems so I suppose that should come as no surprise.

    1. Re:ITAR by airdrummer · · Score: 1

      and since ITAR defines s/w as arms, the right to root ur iphone is protected under the 2nd amendment;-)

  5. Can't wait to see the quality of the documentation by tacroy · · Score: 1

    The only thing worst than normal OS documentation is mandated OS documentation...

  6. North Korea could have healthcare.gov Java by raymorris · · Score: 1

    Yep, North Korea would be able to use the 2.4 million lines of Java that makes up the bulk of healthcare.gov, if it had been developed under this policy. The US would then hope that NK actually tried to use it for something important.

  7. Re:So, foreign governments can use it too? by fuzzyfuzzyfungus · · Score: 1, Insightful

    Conceivably, if the software fit their needs closely enough. However, isn't that a small price to pay for the taxpayers who paid for the software being able to use it; as well as any benefits derived from cooperative governments and organizations that decide that mainstreaming is more efficient than forking(I'm assuming that the license will be something MIT-like, not that commie GPL, so cooperation will be optional; but maintaining your own fork isn't something that people who dislike thankless busy work do without good reason.)

    Perhaps more broadly, isn't there something dangerously petty, unambitious, and ultimately self-defeating in approaching problems in the spirit of "Gotta keep the other guy from getting what's mine!" rather than "We are looking to produce nothing less than the best, if that happens to be of benefit to others, so be it."

    This doesn't mean that we need to send Kim Jong Un a 'Nukes for Noobs' tutorial just to be nice; but a person, organization, or nation rarely achieves excellence or greatness if they focus more on making sure that the other guy isn't somehow free-riding than on making sure that their work is something that is worth emulating.

  8. Re:Can't wait to see the quality of the documentat by FatdogHaiku · · Score: 1

    Section 26:
    Functions

    getRandomNumber()
    https://xkcd.com/221/

    --
    You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
  9. Sweet by liqu1d · · Score: 1

    I can start my own dragnet!

  10. Hackers are Delighted! by CAOgdin · · Score: 1

    Now, hackers won't have to deal with that pesky machine code to find the loopholes; they can look for intriguing bits of source code first. Should do wonders for the security of Government-held data, don't you think?

    On the other hand, we can hope that "white hats" will do the same...but what's THEIR incentive to help government systems become even more secure? A bounty program would be nice...but not in a time when austerians are on the ascent!

    1. Re: Hackers are Delighted! by Anonymous Coward · · Score: 1

      Maybe requiring the code to be open will mean that a bit more attention is paid to making it secure. We can hope, at least.

  11. Re:So, foreign governments can use it too? by mi · · Score: 1

    "Gotta keep the other guy from getting what's mine!"

    I say, it depends greatly on who exactly the "other guy" is...

    This doesn't mean that we need to send Kim Jong Un a 'Nukes for Noobs' tutorial just to be nice

    Are you sure, this is not going to happen, given our government's incredible efficiency in general and handling of classified materials in particular? What safeguards are you hoping to see in place to prevent it from happening?

    rarely achieves excellence or greatness if they focus more on making sure that the other guy isn't somehow free-riding

    Fallacy of excluded middle.

    --
    In Soviet Washington the swamp drains you.
  12. Re:Isn't this already the law? by AF_Cheddar_Head · · Score: 3, Insightful

    You are referring to code produced by a government employee. This applies to products that the federal government pays a contractor to develop, the government is now supposed to include language in the contract stating the government owns the produced code and the code will be released into the public domain. You would be shocked about how much code the US Government has paid for but which the contractor claims to still own. Lots of code that runs our weapons systems is supposedly owned by the company that was paid to produce the code.

  13. Re:Really... by exomondo · · Score: 1

    Most likely not, read the draft if you're interested:

    Applicable exceptions are as follows:
    1. The release of the item is restricted by another statute or regulation, such as the Export Administration Regulations, the International Traffic in Arms Regulation, or the laws and regulations governing classified information;
    2. The release of the item would compromise national security, confidentiality, or individual privacy;
    3. The release of the item would create an identifiable risk to the stability, security, or integrity of the agency’s systems or personnel;
    4. The release of the item would compromise agency mission, programs, or operations; or
    5. The CIO believes it is in the national interest to exempt publicly releasing the work.

  14. Re:Really... by davester666 · · Score: 1

    So the source code to pretty much all software can't be published, because hackers can view the source and find more mind-numbingly boneheaded stupid vulnerabilities that they can exploit, even if the code isn't used in "front-facing" applications [as hackers commonly system-hop].

    --
    Sleep your way to a whiter smile...date a dentist!
  15. Re:Really... by exomondo · · Score: 1

    Well yes, being more secure means the "many eyes" of open source also have to be white-hat hacker eyes.