Slashdot Mirror

← Back to Stories (view on slashdot.org)

White House Releases Federal Source Code Policy To Help Government Agencies Go Open Source (whitehouse.gov)

Posted by BeauHD on from the taxpayer-dollars dept.

dwheeler writes: The U.S. federal government just released a new Federal Source Code policy (PDF). For each of the next 3 years, at least 20 percent of custom-developed Federal source code is to be released as open-source software. Earlier this year, Tony Scott, Federal CIO of the U.S. government, wrote on the White House blog that the U.S. government "can save taxpayer dollars by avoiding duplicative custom software purchases and promote innovation and collaboration across Federal agencies." Today, they released the Federal Source Code policy. TechCrunch reports: "The main requirement is that any new custom source code developed 'by or for the Federal Government' has to be made available for sharing and re-use by all Federal agencies. For example, this means that the TSA can have access to custom made software that was commissioned by the FBI. Considering there is probably a great deal of overlap in applications needed by certain branches of the Federal Government, this rule alone should save the government (and taxpayers) a great deal of money. In fact, the policy states that 'ensuring Government-wide reuse rights for custom code that is developed using Federal funds has numerous benefits for American taxpayers.'"

4 of 61 comments (clear)

  1. Re: I thought we wanted security by Anonymous Coward · · Score: 2, Insightful

    I, the taxpayer, paid for it and demand that it's open. If it gets attacked, it will be fixed.

  2. Re:I thought we wanted security by dcollins117 · · Score: 5, Insightful

    The source code should be secret, which will help keep out hostile countries.

    Obscurity is not security. I'm more comfortable looking at a disassembly than I am with source code. The disassembly doesn't lie.

    I'm a white hat, for the record. It's my job to help people, not inconvenience or hurt them.

  3. Re:I thought we wanted security by Dutch+Gun · · Score: 3, Insightful

    I'd really prefer that federal agencies be secure against hackers. If they use open source, hostile countries like Iran and North Korea will be able to look for vulnerabilities in the code and more easily hack into the federal government. The source code should be secret, which will help keep out hostile countries. Security should be the primary goal, and therefore the source must be closed.

    All this means is that you don't understand software security. There's no guarantee that open source is free of security issues, of course. But at the very least, it does mean that you're not depending on some "secret" in the code to remain secure, which is NOT any sort of security at all.

    The most widely used security algorithms in the world are open specifications and have open source reference implementations, in case you aren't aware. These algorithms and implementations can never be proven secure except by their resistance to determined attacks over time, and this can only occur when they are publicly available for researches to work on ways to crack them.

    --
    Irony: Agile development has too much intertia to be abandoned now.
  4. Public money by phyr · · Score: 4, Insightful

    Public software from public money. The model works well for scientific software at NASA, ESA, CSA, etc.