Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bulgaria Got a Law Requiring Open Source (medium.com)

Posted by msmash on from the affinity-for-open-source dept.

All software written for the government in Bulgaria are now required to be open-source. The amendments to put such laws in motion were voted in domestic parliament and are now in effect, announced software engineer Bozhidar Bozhanov, who is also an adviser to the Deputy Prime Minister at Council of Ministers of the Republic of Bulgaria. All such software will also be required by law to be developed in a public repository. Bozhanov writes in a blog post:That does not mean that the whole country is moving to Linux and LibreOffice, neither does it mean the government demands Microsoft and Oracle to give the source to their products. Existing solutions are purchased on licensing terms and they remain unaffected (although we strongly encourage the use of open source solutions for that as well). It means that whatever custom software the government procures will be visible and accessible to everyone. After all, it's paid by tax-payers money and they should both be able to see it and benefit from it. As for security -- in the past "security through obscurity" was the main approach, and it didn't quite work -- numerous vulnerabilities were found in government websites that went unpatched for years, simply because a contract had expired. With opening the source we hope to reduce those incidents, and to detect bad information security practices in the development process, rather than when it's too late.

35 of 62 comments (clear)

  1. Cool by Anonymous Coward · · Score: 1

    This seems like something all open governments should do.

    Not because RAW RAW open source! but because it assures standards adopted by the government are open to competition

    1. Re:Cool by Alwin+Henseler · · Score: 5, Informative

      Care to explain that? Open source can (and usually is) copyrighted. It has nothing to do with competition.

      It does: you may regard the code itself as documentation. Describing a process, some method of calculation, a file format processed, etc. Which in turns makes it easy to write a competing implementation that does the same job.

      For closed source software that is much more difficult. It doesn't even matter whether the code is open in the "libre" sense: as long as you can inspect the code, you can figure out what it does. Same with copyrights: that serves to give author(s) some control over copy & paste style use of the code. But it doesn't prevent others from writing a competing implementation.

      Having code that's actually "libre" open source is still nice though for other reasons.

    2. Re:Cool by RabidReindeer · · Score: 1

      You evidently haven't spent much time looking at other people's source code.

      Sometimes it can be literally easier to disassemble and/or reverse-engineer some people's code than it can be to make sense of their original source.

    3. Re:Cool by Anonymous Coward · · Score: 1

      Well the most useful technique for understanding code is to run it under a full system tracer like dtrace, find out what bits of the code actually run when, and then go and modify them to see what happens when changes are made. I don't get much from static analysis whether it's reading code or reading disassembly listings.

      It's like when you crack software, one very effective technique is to just nop out function calls by guessing, and then run the changed software, see what effect it has. Another one that works great on software that has symbols left in, is to just use the linker to delete symbols from the code and replace them with do-nothing functions. I do this so often, I wrote scripts and tools to pull out the type signatures and automatically noplicate candidate functions.

      My favourite "crack" that I've done recently, was to crack the "open source" GPL TigerVNC client for Windows. This thing is uncompilable, and has or had a bug where the bell would play a sound regardless the "audible bell" setting in the control panel. After utterly failing to make it compile, I just whacked it open, found the call to SomeWindowsMMEApiWithABadNameExW() and nopped it. Bye-bye annoying unconfigurable bell.

      Knowing how stuff works is more powerful than source code. I know how ABIs work, I know how to use debuggers, disassemblers and linkers and hex editors. I have no idea how some of these bizarre build scripts are supposed to work (they don't, so how to RE them?).

      So, Amen brother. RE for life. RE for justice.

  2. MS Swoops-In... by Anonymous Coward · · Score: 1

    Ironically MS is open-sourcing their stack bit by bit anyway. No other company can support software so well, in critical moments, or produce software as functional. It may be pretty, and may even involve fundamentally incompatible paradigms, but it does work well for non-techies much of the time.

    I rather think they have the potential to be both a largely-open-source company...and dominate still, because nobody moves as fast yet produces software the still works so well, with the ability to support software so well. They have, after all, not just been supporting their own, but software for thousands of other companies while they are at it (to maintain compatibility, MS actually has access to code for many other critical applications).

    Stuff like this freaked-out the Balmer's of the company, but I suspect the typical engineers there are like "when this becomes near-universal we'll be fine."

    1. Re:MS Swoops-In... by chipschap · · Score: 5, Insightful

      No other company can support software so well, in critical moments, or produce software as functional.

      Whatever you're smoking must be really, really good.

    2. Re:MS Swoops-In... by sciengin · · Score: 2

      >Ironically MS is open-sourcing their stack bit by bit anyway. No other company can support software so well, in critical moments, or produce software as functional.

      Hahaha, let me tell you a little story about the support and functionality of MS software:

      A couple of years ago I attended a week long training course at Siemens in Germany, where they taught us how to use their CNC systems, Sinumerik mostly.
      Now in the decades past CNC was very primitive, one could implement it with punchcards. Today's CNC is a completely different beast: Its a full computer stuffed with ASICs and other high tech stuff to be able to come close to the hard realtime requirements that you need when you control a multi-kW mill mounted on a 12 axis robot going as fast as the drive allows because every second shaved of the manufacturing process is worth money.

      (Just to set the scene)

      This is something the trainer there told us when I asked him how it came to be that Linux was running on those devices, which for an ultra-conservative corporation like Siemens, seemed a bit odd to me:

      Siemens apparently used Windows XP on those boxes, modified of course. In fact to ease the communication with Microsoft, Siemens even has/had some of its employees working directly on site at Microsoft.
      Apparently however even that level of cooperation was not ideal when it came to implementing new features and working around the weaknesses of Windows.
      What really caused them to drop Windows was that one day the Engineers wanted to know if a certain feature could be implemented on Windows and how (The trainer did not say what feature it was).
      For six weeks Microsoft said nothing, only to eventually tell them that it was not possible at all.
      On a whim and mostly for fun, one engineer asked the same question about this feature on a Linux discussion board.

      Result:
      30 minutes later he had the answer that this feature was possible on Linux, along with detailed step-by-step instructions how to do it.

      Ever since then the Sinumerik boxes use Linux and the engineers at Siemens could not be happier about it.

    3. Re:MS Swoops-In... by wertigon · · Score: 1

      Sorry to burst your bubble, but Microsoft is slowly fading away, being replaced by Chromebooks, Androids and yes even Linux. They once had an iron grip on the desktop market - still has one actually - but everywhere else they are slowly fading away. Mobile is a joke at this point, tablets were never a big seller. The Enterprise they still rule and the consumer market follows that lead... For now. However, Android/Chrome is making some fierce inroads there as well.

      And before you ask, Apple platforms like OSX will never move outside their niche since Apple isn't interested in catering to everyone, only those with money and purchasing power. Which, long-term, will get them on a slowly shrinking 10% market share... :)

      --
      systemd is not an init system. It's a GNU replacement.
  3. Like Bolivia, Bulgaria to get a million chickens.. by jkrise · · Score: 1

    unless they chicken out, like Edgar Villaneuva in Venezuela etc.

    --
    If you keep throwing chairs, one day you'll break windows....
  4. Bulgaria Got a Law Requiring Open Source? by martinX · · Score: 1

    Surely it wouldn't be difficult to create a more informative, and grammatically imaginative, headline that "Bulgaria Got a Law Requiring Open Source"?

    --
    When they came for the communists, I said "He's next door. Take him away. Goddam commies."
    1. Re:Bulgaria Got a Law Requiring Open Source? by bkmoore · · Score: 2

      there, fixed it: "A Law Requiring Open Source, Bulgaria Got"

  5. Software are...? by zennyboy · · Score: 2

    "Software ... are"

    I was under the impression that as an 'uncountable', software became singular, like sand.

    You wouldn't say "sand are..."

    1. Re:Software are...? by John.Banister · · Score: 2

      Instances of software are like grains of sand.

    2. Re:Software are...? by Threni · · Score: 1

      Well, I wouldn't say "Bulgaria Got a Law Requiring Open Source" either.

      Incidentally, re:

      ---
      Chances are, you're behind a firewall or proxy, or clicked the Back button to accidentally reuse a form. Please try again. If the problem persists, and all other options have been tried, contact the site administrator.
      ---

      I've been using Slashdot for maybe 15 years and I don't think i've never had the inability to post a comment bear any resemblence to that error message. It's usually because I've typed what I wanted to say in less than 20 seconds. I mean, I'm always behind a firewall. Isn't everyone? What's that got to do with anything?

  6. And how much software is that? by jader3rd · · Score: 2

    How much bespoke software is custom written for the government of Bulgaria?

    1. Re:And how much software is that? by invictusvoyd · · Score: 1

      Wordpress

    2. Re:And how much software is that? by Anonymous Coward · · Score: 4, Informative

      A lot. Every god damn ministry or government agency have their own information systems, IRS got several huge ISs, every relatively big municipality has its own ISs. All-in-all calculated in US prices accumulated worth(?) of all the ISs is probably more than $500mil. For a small country like ours this is a lot..
      And the biggest problem is not the price but the quality and maintainability of the bespoke software. Recent example: IRS is distributing free software for reporting VAT by the companies. This software trough the years was notoriously buggy and caused a lot of trouble for the business. Currently it is not even able to run on Windows 10 and there is no indication when it will available.

  7. the US should have a law like this. by Gravis+Zero · · Score: 3, Interesting

    seriously, having the government locked into proprietary standards does not help anyone but the makers of the proprietary software and the congress critter that made it happen.

    --
    Anons need not reply. Questions end with a question mark.
    1. Re:the US should have a law like this. by ArchieBunker · · Score: 1

      Until RedHat can write bigger checks than Microsoft not much will happen.

      --
      Only the State obtains its revenue by coercion. - Murray Rothbard
    2. Re:the US should have a law like this. by Gravis+Zero · · Score: 1

      MS only put $1.5M into politics, so RedHat could actually top that. that means what you have written is false.

      --
      Anons need not reply. Questions end with a question mark.
    3. Re:the US should have a law like this. by CronoCloud · · Score: 1

      The US has this:

      https://en.wikipedia.org/wiki/...

    4. Re:the US should have a law like this. by wertigon · · Score: 1

      MS only spend $1.5M because that is what they need to spend right now. Why pay more than you must?

      If Redhat were to engage in spending wars, you can be sure that MS will follow.

      --
      systemd is not an init system. It's a GNU replacement.
  8. Re:Not for long. by HiThere · · Score: 1

    Not so. The TTP is trans pacific. The one being negotiated with the EU is separate.

    --

    I think we've pushed this "anyone can grow up to be president" thing too far.
  9. Domestic parliament? by manu0601 · · Score: 3, Informative

    laws in motion were voted in domestic parliament

    "Domestic" parliament? A better word have been "National" Parliament. Bulgaria is still a sovereign state, not a province of a kind of EU Empire.

    1. Re:Domestic parliament? by Shimbo · · Score: 2

      laws in motion were voted in domestic parliament

      "Domestic" parliament? A better word have been "National" Parliament. Bulgaria is still a sovereign state, not a province of a kind of EU Empire.

      Domestic is a perfectly good synonym for national. For example, in the phrase, "I will support and defend the Constitution of the United States against all enemies, foreign and domestic."

    2. Re:Domestic parliament? by John+Allsup · · Score: 1

      The more general one is of rights without obligations. One has rights to own property and resources, but not the obligation to use those resources for the best of everybody. This tacitly encourages people to use them for selfish gain, in line with our inherited caveman psychology. The results in the modern world are plain to see, and we are turning in to a race of overdressed cavemen running around with magic toys.

      --
      John_Chalisque
    3. Re:Domestic parliament? by WallyL · · Score: 1

      Bulgaria is still a sovereign state, not a province of a kind of EU Empire.

      For now.

    4. Re:Domestic parliament? by manu0601 · · Score: 1

      Except that in that case you you use "domestic" to distinguish local and foreign enemies.

      If Bulgaria has a "domestic" parliament, it implies that there is another "non domestic" parliament that is relevant (and EU parliament is not relevant as it cannot even draft a directive on its own).

  10. Re:FOSS in Bulgaria by matbury · · Score: 2

    "Linux is cancer" to proprietary closed source charge per seat-based business models ;)

  11. Re: Not for long. by pjabardo · · Score: 2

    That is why the parent Said TTIP, notice the I.

  12. Expect this to end soon by GeekWithAKnife · · Score: 2


    Huge corporations and political interests of other countries will do a lot to crush this initiative.

    This is practically communism ruining capitalism.

    Big money will look at what their market is worth (considering piracy not much) but the precedent and perception is far more expensive. I expect palms to start getting greased right about the time the growing pains of this new method reach a peak.

    Next they will want to invalidate software patents. Must be shot down quick.

    --
    A 'singular oddity' is an event that cannot be explained and only happens when you are alone.
  13. Re:FOSS in Bulgaria by RabidReindeer · · Score: 2

    "Linux is Communism".

    Oh wait, so was Bulgaria.

  14. Re:Would love to see a file sharing haven country. by wertigon · · Score: 1

    Iceland might be that country, seeing as their Pirate Party is poised to become the biggest member of parliament... :)

    --
    systemd is not an init system. It's a GNU replacement.
  15. Re:Horrible idea by wertigon · · Score: 1

    This is not a "Open Source will fix everything!!!11!1!1One" suggestion.

    Ponder this.

    1. Government writes software.
    2. Government is elected by the people and should therefore be held accountable by the people.
    3. The only way a Government can be held accountable would be if the people can inspect what it's doing as much as possible (some areas like national security may make this problematic).

    Would it not, given these three facts, then be logical to say:

    If the government writes software, or hires someone to write software for the government, then the software SHOULD be open for inspection.

    --
    systemd is not an init system. It's a GNU replacement.
  16. Re: Not for long. by HiThere · · Score: 1

    O, thank you.

    I had remembered the names as being more different. (As the other poster noticed, I even got the name of the TPP wrong.)

    --

    I think we've pushed this "anyone can grow up to be president" thing too far.