Pentagon To Make a Big Push Toward Open-Source Software Next Year

"Open-source software" is computer software with its source code made available with a license in which the copyright holder provides the rights to study, change, and distribute the software to anyone and for any purpose. According to The Verge, the Pentagon is going to make a big push for open-source software in 2018. "Thanks to an amendment introduced by Sen. Mike Rounds (R-SD) and co-sponsored by Sen. Elizabeth Warren (D-MA), the [National Defense Authorization Act for Fiscal Year 2018] could institute a big change: should the bill pass in its present form, the Pentagon will be going open source." From the report: We don't typically think of the Pentagon as a software-intensive workplace, but we absolutely should. The Department of Defense is the world's largest single employer, and while some of that work is people marching around with rifles and boots, a lot of the work is reports, briefings, data management, and just managing the massive enterprise. Loading slides in PowerPoint is as much a part of daily military life as loading rounds into a magazine. Besides cost, there are two other compelling explanations for why the military might want to go open source. One is that technology outside the Pentagon simply advances faster than technology within it, and by availing itself to open-source tools, the Pentagon can adopt those advances almost as soon as the new code hits the web, without going through the extra steps of a procurement process. Open-source software is also more secure than closed-source software, by its very nature: the code is perpetually scrutinized by countless users across the planet, and any weaknesses are shared immediately.

Has already seen this episode of the Soap Opera.

[Zorro]

There will be a LOT of yapping and some apps will be created then in about 9 months they will toss it all and sign a Billion dollar check to Microsoft.

What happened to NSA Linux.

The other fallout from that was tossing out all our Apple and Sun systems too.

Then came the ship with NT 4.0 that never worked correctly and the brief Idea to launch nukes from NT 4 computers.

lolwut?

[Desler]

Open-source software is also more secure than closed-source software, by its very nature: the code is perpetually scrutinized by countless users across the planet, and any weaknesses are shared immediately.

This is total bullshit. No one noticed, for example, the Debian OpenSSL vulnerability for nearly 2 years. There are also plenty of other examples that were around many times longer without being spotted despite all this claimed “perpetual scrutiny.”

More secure?

[Computershack]

Open-source software is also more secure than closed-source software, by its very nature: the code is perpetually scrutinized by countless users across the planet, and any weaknesses are shared immediately.

Remember it wasn't that long ago when all you had to do was hit Backspace 28 times and you could bypass login security on almost all Linux distros....

There's already -a lot- of OSS in DoD

[david.emery]

In 35 years in that business, I saw and used a lot of open source development tools, as well as in deployed software. Red Hat is a major provider of OS to DoD, including embedded in weapon systems. GNAT Ada is open source.

And on my last project we kept 2 lawyers (one government, one prime contractor) busy nearly full-time evaluating various OSS licenses for our intended use. The GPL was a significant debate; most OSS licenses were deemed acceptable by both sides. In each case, we evaluated OSS and proprietary software for functionality, life-cycle costs, supportability, expected security/vulnerabilities, and made a decision that balanced these factors. Sometimes the OSS components won out, other times not. But there was a documented decision with rationale.

In general, the choice of software was not a government decision, but a prime contractor decision. Not sure how much we want Congress dictating to contractors what they put into their products.

Not the point, but missing the point as well

[jbn-o]

That's fiction, as as been proven many times with the discovery of ancient zero days in software that's been open source for decades.

Not only does that not follow (you have no idea who scrutinizes their copy of FLOSS precisely because of the privacy FLOSS affords users) but you're missing a much more important point: FLOSS respects a user's ability to do things computer owners want their software to do but inherently can't trust proprietary software to carry out. Proprietary software can't be trusted because the users can't be sure it is doing what the users want and not doing what the users don't want (typically this means leaking information, opening backdoors, and implementing malware). It's not about guarantees, it's about the permission to exert as much control over one's own computers as one wishes. Proprietary software inherently doesn't grant that permission and FLOSS does. Couple that with a monied organization as big as the American federal government, and you have the ability for significantly increasing control over their own computers.