White House Checks Out Open Source

Floris writes "The White House goes Open Source? It sure seems that way! (credit for the link goes to LinuxToday)" The story quotes "a senior White House official." Federal Times, which ran the article, is generally a pretty reliable source of "insider" government news. And I've been to some meetings of the DC LUG mentioned in the story and it's full of staunch Linux advocates who are busily infiltrating Linux into the government agencies where they work. Nice to see they're finally getting some attention from the higher-ups.

Bunch of fun.

[bmetzler]

Reading this article was fascinating. The first thing I saw was Linux, an open-source operating system similar in functionality to Microsoft Windows, is being given serious consideration as an alternative for government computer users, the official said. "Similar in functionality?" It's nice of them to acknoledge that, even though it could be argued that Linux has more functionality then Windows. Still I has to save this to show anyone who tries to tell me that Linux is brain-dead.

Reading further we see: As a result, Linux boasts a robust code that rarely malfunctions and is extremely difficult for hackers to crack, Klosowski said. Microsoft, on the other hand, keeps its code secret and makes upgrades to its products on a yearly basis, he said. Microsoft software products have been the target of numerous computer viruses. Neato! More positive news. My heart is warmed.

Now we get a few laughs. Microsoft's main server software, Microsoft Windows NT 3.5, for instance, is certified... I see. It's version 3.5 that is Microsoft's main server product, with NT 4 being relegated to just "Newest" status.

Zaman is amazing. After all the PR microsoft has done trying to convince people that "open source" development is not a good way to develop code. After all, who would work for free, eh? But now we find out that according to Zaman, "Open source is a very innovative way to develop software," In fact, Microsoft is so convinced of the viability of the Open Source model that "...Microsoft has been considering making some of its software products open source for two years." Two years, eh? That's a real good license. I'm just dying to work on code that's open for 2 years.

A few paragraphs later Zaman states that government agencies are not excessively reliant on Microsoft products... But just 2 paragraphs later we read The government already relies extensively on Microsoft products for desktop and, increasingly, server applications. Only a slight contradiction, eh? I suppose we can overlook that.

And the last thing that we read is: Regardless of security concerns, Smith added, a multitude of software systems within an agency often can lead to interoperability problems. Very interesting. In the server market, you can't allow fragmentation within your product base. In the current server market, there is a lot of similarity within most server OS's, except one. That one is fragmented in the Server OS market. That OS is Windows. If I was an administer of a network and couldn't allow even one little bit of fragmentation, I'd keep Windows as far away from my servers as I could.

I wrote an essay on fragmentation of the Server Market. It may apply here.

-Brent
--

Security is a state of mind

[LL]

While it may be laudable that public institutions are shifting to a more transparent OS, would it result in any increase in real security (as defined by the reduction of risk of data corruption and unauthorised duplication)? Just like replacing cracked window-panes with bullet-proof glass may result in a ra-ra feeling of improved safety, there is no additional protection if people carelessly leave windows open. Security results from modifying dangerous habits, just like we automatically check to see whether the door locks behind us when we leave the house, we need to condition ourselves to automatically log out or follow other basic data integrity procedures (duplicate copies, permissions, etc). This is a process of on-going education, informing people why certain procedures have to be followed despite the initial perceived hassle. One can point to the German Enigma machine which, while technically secure, lost integrity through operators being careless in their transmissions (using same callsigns, repeating the first sign-on phrase, etc) which allowed the British cryptoanalysis an opening. I believe the Americans used a variation of the easily cracked Italian crypto-machine but retained security through more rigorous operational procedures.

Security is only as strong as the weakest point and IMHO, people are the most fallible link in the system, not computers (though bad design flaws/assumptions are tough to figure out too). So, will the political establishment spend the savings from using OpenSource and not licensing windows to reinvest in helping the users effectively use the systems? In my observation hardware might take up 15-30% of the cost, similar for software, but the rest (40-60%) is in the education of users for them to be productive (and don't get me started on the folly of buying Pentium IIIs for web-browsing).

Throwing money at a problem is no solution to thinking through the issues.

LL