Open Source or Bust?
August 11, 2002 7:10 AM   Subscribe

Open Source or Bust? "Named the "Digital Software Security Act," the proposal essentially would make California the "Live Free or Die" state when it comes to software. If enacted as written, state agencies would be able to buy software only from companies that do not place restrictions on use or access to source code. The agencies would also be given the freedom to "make and distribute copies of the software."" If open source wants to be taken seriously, shouldn't it compete on the merits (or with martketing) rather than forcing gov't agencies to use it?
posted by owillis (44 comments total)
 
How is the open source movement forcing the government agencies to use such software?
posted by Mo Nickels at 7:18 AM on August 11, 2002


"If enacted as written, state agencies would be able to buy software only from companies that do not place restrictions on use or access to source code"
posted by owillis at 7:22 AM on August 11, 2002


A similar bill was proposed in Peru recently:
"To guarantee the citizens' free access to information, it is indispensable that the coding of the data not be tied to a sole provider. The use of standard and open formats guarantees this free access, making possible the creation of compatible software.

To guarantee the perenniality of public data, it is indispensable that the use and maintenace of software does not depend on the good will of the providers, nor of monopolic conditions, imposed by them. Systems can be guaranteed by the availability of the source code.
"
posted by twitch at 7:31 AM on August 11, 2002


i'm english and living elsewhere, but my understanding is, mo, that the open source movement has pictures of local officials in compromising positions with small furry animals. so they (or more accurately, him, because all the rest of the "open source movement" (and they know who they are) are clones controlled by a new incarnation of hitler, himself cloned from dna found in a stain on one of eva braun's little black numbers). further, once this act comes is approved (as it will, via bunnies etc), microsoft and oracle (aka the father and son, holy saviours of our nation and the great white hopes) will be banned from selling code under the same conditions.

hope that makes it clear. all that's left is for me to thank my local deity for having given us owillis to protect us all.
posted by andrew cooke at 7:36 AM on August 11, 2002


filthy monopolistic open source bastards.
posted by quonsar at 7:40 AM on August 11, 2002


Would you look at that -- "Digital Software Security" -- the open source community using good old fashioned FUD. It's not like a linux box has ever been rooted, right?

When OSS is clearly better it competes just fine (Apache, various OSs for servers, etc), when its not, it doesn't.

I'm sure moving every government worker's desktop to linux will do wonders for productivity.
posted by malphigian at 7:41 AM on August 11, 2002


If open source wants to be taken seriously, shouldn't it compete on the merits (or with martketing) rather than forcing gov't agencies to use it?

Microsoft got to the top by use of force, not by fair competition; if I wanted to buy a box from Dell, I'd have to buy a copy of Windows even though I wouldn't use it.

Come to think of it, that's probably yet another way in which Microsoft overstates its market share (not that it's not a monopoly; I'm certain that fewer copies of Windows (as opposed to Linux or Mac OS) that were once installed are still running, as Microsoft doesn't design its software to work on machines that aren't brand new or damn close to it. I'd have to find a 386 and install Debian on it to prove my point beyond all doubt.
posted by oaf at 8:04 AM on August 11, 2002


um, is everybody missing Mo Nickel's point that this is the action of a legislature, not a cabal of open source fanatics? what do you suppose, eveyone with a c++ compiler chipped in and hired some top gun pr and killer lobbyists who basically bought the legislation?
posted by quonsar at 8:08 AM on August 11, 2002


malphigian, did you want to get some orange juice and try again? sheesh!
posted by quonsar at 8:11 AM on August 11, 2002


click. whir. bzzt. the preceding comments by myself are the result of a flaw in my sensory input/output mechanism, which caused the comments to be posted before the article they were commenting about had even been input. GIGO.

i still don't see anything evil or even vaguely microsoftish going on here. makes perfect sense to require public formats for public data.
posted by quonsar at 8:18 AM on August 11, 2002


Heaven forbid someone not think open source is always the end-all and be-all of software (best tool for the job I always say). Sorry for diverging from the dogma.
posted by owillis at 8:21 AM on August 11, 2002


Governments force or push industry standards all the time --from NTSC to plug shapes and sizes, to rail track pitches, to defense technology, and so on and so forth. It only makes sense that taxpayer money is spent on systems/standards that are not proprietary and will not enrich a single corporation. Like Oracle, in CA's case --see the recent Oracle/CA State scandal.

It's a good policy, and by the way it does not stop Oracle from competing; they could just open-source 9i. That said, I still think MS and Oracle have the superior technology and will most likely continue to do so. However, government spending on technology should not be (just) about better tech; it should be about preserving competition and keeping public procurement projects open to all entrants.
posted by costas at 8:40 AM on August 11, 2002


State and local governments across the U.S. are under intense pressure to cut costs due to the economic downturn. Having to upgrade Microsoft products (or Apple, or Adobe, etc.) every x years is a big expense that's politically easy to trim, much easier than cutting health care, or law enforcement, or road construction.
posted by gimonca at 8:52 AM on August 11, 2002


best tool for the job I always say -- owillis

The job is to manipulate the public's data without committing it to formats that are the private property of rapacious criminals, and open source is the best tool.
posted by nicwolff at 9:28 AM on August 11, 2002


Stop looking at this in terms of the linux vs Windows war. This has nothing to do with GNU, Microsoft, or Red Hat. It's about two things: public access to public data, and avoiding dependence of public agencies on private corporations.

If government agencies save their data files in Word, PowerPoint, or Excel format, then only people with copies of Word, PowerPoint, and Excel can read them. You may be able to get the bytes, but the public data you are entitled to is useless to you unless you pay Microsoft hundreds of dollars for access to the software that makes it readable. The data is no longer available to the public: it's available to that subset of the public that happens to own the right software.

Furthermore, if a government agency writes their documents in Word, then they are eternally dependent on having a copy of Word in order to get the data out of that document. Since software upgrades tend to advance with new hardware, the agency will have to keep up their subscription to Word if they want to continue using their data.

Whatever you think about the politics of the free software movement, this is not a good situation for a government to be in. The military traditionally lines up multiple suppliers for the hardware they need so that problems with one supplier don't halt their entire operation. Well, where are you going to find another supplier for Word?
posted by Mars Saxman at 9:45 AM on August 11, 2002


Microsoft counters in Peru and involves feds. I agree with costas and gimonca, but Linux still feels underdeveloped when compared to MS offerings. OS X on the other hand, very nice, but not free.
posted by TskTsk at 9:49 AM on August 11, 2002


Darn. Lets try again: Microsoft counters in Peru and involves feds.
posted by TskTsk at 9:53 AM on August 11, 2002


Mars Saxman:
At OpenOffice.org

But in all seriousness, I think this is a great idea. Just have everyone save their documents in an open format, maybe something like rtf (although that's limited in a couple departments). And it won't impact productivity either because you can continue using word, you just have to use a non-proprietary format. (Which Microsoft supports several of).
posted by statusquo at 9:55 AM on August 11, 2002


Free viewer for Microsoft Word files. Free viewer for Microsoft PowerPoint files. Free viewer for Microsoft Excel files.

Browse around here a while and you'll find tons of such free tools (including versions of all the above for the Mac). Hundreds of dollars? Right.

And don't tell me there aren't standalone viewers and convertors on (say) the Linux side, because I've been there and I know they exist.

Oh, and of course, anyone who's used Office for any length of time knows you can save documents in HTML and RTF--open and portable standards.

I don't think any mistake can be made here--the virtuous open source community cannot get ahead in the desktop market through direct competition, so now they're trying to cheat: something they've sourly accused Microsoft of doing for decades.

If this were honestly about data formats, the legislation would concern itself with data formats: it would require that the government use software whose data formats were open and published. Instead, it requires that the software code itself be completely open: unnecessary to accomplish that goal.
posted by kjh at 10:23 AM on August 11, 2002


If government agencies save their data files in Word, PowerPoint, or Excel format, then only people with copies of Word, PowerPoint, and Excel can read them...The data is no longer available to the public: it's available to that subset of the public that happens to own the right software.

In my dealings with state, local and federal government, I've found they deliver most of the data via html, PDF or good old fashioned paper. I don't know what the source software was used to create the documents and it doesn't matter. I don't need to be able to open the WordPerfect file that city council minutes were created on or the Excel spreadsheet with the budget. I just need to be able to read the end result. Most government agencies (or organizations in general) that provide information to the public do so in a standard format. Although Adobe's PDF is proprietary, it is an de facto cross platform way of sharing documents. Sure if you want to edit the PDF, you have to buy the full version from Adobe.

Like owillis, I hope the government is using the best tools for the job.

And on preview, what kjh said.
posted by birdherder at 10:26 AM on August 11, 2002


If open source wants to be taken seriously, shouldn't it compete on the merits (or with martketing) rather than forcing gov't agencies to use it?

You're still missing the point, owillis. How can open source force people to do anything? People can choose to use open source, and governments can pass laws to force its agencies to choose open source, but your post makes it sound as if legislators fired up their PCs one morning to find new Linux installations with a bunch of dialog boxes containing ransom demands.

Personally, I think it makes more sense for government to be using open source software than to be paying a Microsoft tax every year just to get work done. Any short-term loss in productivity caused by such a move would likely be offset by the long-term savings of getting out from under Microsoft's thumb. However, if I'm right, agencies will eventually figure it out on their own. There ought to be no need for a law like this.
posted by rcade at 10:26 AM on August 11, 2002


...shouldn't it compete on the merits (or with martketing) rather than forcing gov't agencies to use it?

First of all, 'forcing' is an overstatement. We're talking about the government setting a standard for the type of software it will accept to meet its needs at the most reasonable cost.

If the government is moving in the direction of open source, why do you assume that competition on the basis of merits has not already taken place? Maybe they have decided that the merits of open source include being able to examine source code (to be sure it meets their security needs, with fewer surprises down the road), to be able to modify source code (rather than adapting their processes to the functionality of what is available), to be able to own the product they are using (rather than just holding a revokable license for it), and to forego the expensive audit-on-demand licensing requirements by companies such as Microsoft (the reason more school districts are going open source). Freedom to make and distribute copies of the software would remove many barriers to sharing of information internally and with the public.

We would expect the government to standardize its practices and adopt fiscal responsibility. If Microsoft were willing to provide a version of Office to meet these needs, then let them compete.

And what does marketing have to do with it? Can you really think of no instance where an inferior product has more extensive marketing?
posted by troybob at 10:30 AM on August 11, 2002


how is the open source movement "cheating?" Who did what? And who/what is this outrage focused on? Did Richard Stallman yell at you? Point is: This is a proposed LAW, written by elected officials. The people who wrote the software in question are not involved.

All that said, open source is great. Power to the people. I'll take vim over Word any day of the week. Faster more efficient and free, but not easier, whatever that means.
posted by n9 at 10:36 AM on August 11, 2002


malphigian, did you want to get some orange juice and try again? sheesh!

Er, what did I do wrong? :(
I admit my comment above was pre-coffee, but I thought it made sense.

I'll restate everything I said in the plainest way possible:
1. I believe the Open Source community's claim to greater security is overstated. Its only more secure if its popular open source and has a lot of people devoting their time to it.

2. I believe that there is plenty of Open Source software (apache for one) which it would plenty smart for the government to use, and they should be encouraged to do so, no legislation necessary.

3. On the other hand, some open source software would be an extremely bad idea for the government to use. Joe Average Computer user on a linux desktop box is a very, very bad idea in my opinion.

Moreover, its not a "short-term" productivity loss, its huge and long term... you know damn well how much "RTFM" they are going to get for every tiny little thing they might want to do. I guess you could shoot for some kind of thin-client clean version, but that really would be developing a new OS, and who is going to fund it? Maybe convincing the state gov to fund such a project is a good idea, but this seems like a really lousy way to approach the problem.

Sorry if my previous post was non-sensical, hopefully I was clearer this time.
posted by malphigian at 10:40 AM on August 11, 2002


Just as a data point, I know of several instances where government agencies are already pursuing an open source approach. The company I work for, for instance, makes some of its revenue by developing specialist, custom, client-server-database applications for a large government agency.

The RFPs typically stipulate that for any software developed specifically to fulfill its scope, the source code must be also provided and that the purchaser is not necessarily obliged to return to the original vendor for enhancements, support or maintenance.

This is becoming common practice.

In preview:
Joe Average Computer user on a linux desktop box is a very, very bad idea in my opinion.

What was the last KDE version you saw? How much easier does it have to get?
posted by normy at 10:50 AM on August 11, 2002


A lot of public agency web sites are designed using FrontPage. The reason: it's easy and gets the job done.

What you have is people in the offices who don't know a whole lot about web design. A lot of the 'open source community' will tell them, "learn HTML so your designs can be better." Fact is, most don't have time or desire to do so.

Without WYSIWYG web site programs and easy to use graphics programs, both of which Linux is sorely lacking, this will never work.
posted by benjh at 11:07 AM on August 11, 2002


Everybody in the government is not designing web pages. Like everywhere else, people with a general clue about web page design are designing web pages. If you can't figure out HTML, you aren't going to design a decent site no matter what tools you use.
posted by troybob at 11:56 AM on August 11, 2002


malph:

1. I believe the Open Source community's claim to greater security is overstated. Its only more secure if its popular open source and has a lot of people devoting their time to it.

most servers use only popular software to do its work. i know that most admins prefer Sendmail and qmail over other options. likewise, people prefer apache over fhttpd. there's more tech support in the community for popular software, and they're usually more mature. (servers don't typically feel the burning need to always present new-new-new! features every release.)

3. On the other hand, some open source software would be an extremely bad idea for the government to use. Joe Average Computer user on a linux desktop box is a very, very bad idea in my opinion.

why? what's your rationale?

Moreover, its not a "short-term" productivity loss, its huge and long term... you know damn well how much "RTFM" they are going to get for every tiny little thing they might want to do.

why? it's not like an office is going to ask the software's creator for help. they're going to ask the IT department. and if the IT department is filled with bitter, unhelpful assholes...well, they probably were before linux came along, anyway.
posted by moz at 12:05 PM on August 11, 2002


We're talking about the government setting a standard for the type of software it will accept to meet its needs at the most reasonable cost.

No, this law is stating that the software producer must create "open" code. This implies that an application based on "open" code is somehow inherently better. In some cases its true, sometimes it isn't. What I'm saying is a government agency shouldn't be hamstrung into using one product simply because its open source. I want the gov't to use the best tool, not have to figure out how to recompile a linux desktop simply because the law says so.

What kjh said.
posted by owillis at 1:54 PM on August 11, 2002


1. I believe the Open Source community's claim to greater security is overstated. Its only more secure if its popular open source and has a lot of people devoting their time to it.

I know I'm new around here and I need to avoid stepping on landmines and launching into flames, but this statement is such a grand departure from reality that the person uttering it must either be greatly uninformed or . . .

I'd like to introduce you to some secure software, malphigian, the kind of stuff REAL security professionals and people trundling off to DEFCON Xx who cannot afford to be hacked under any circumstances whatsoever use:

Operating System - OpenBSD. More secure, less popular than most operating systems out there due to constant and exhaustive ongoing code audits and the resulting lack of 'shiny' features. One remote hole in the default install in six years. Windows XP? Most stock Linux distros? 6 months if even that. Admittedly I would use FreeBSD for the internal RDBMS (along with PostgreSQL) because of its performance, and keep Open on the border machines where it belongs (as it has no SMP capabilities).

MTA - Postfix or qmail. Only one-two significant security holes in the entire history of either piece of software, both are (compared to OpenBSD, or what I'm about to mention) actually fairly popular because Sendmail is traditionally so full of holes.

DNS - tinyDNS (from the author of qmail). Far more secure than BIND has ever been, and far less of a resource hog to boot.

In fact for core services such as the ones *nix in general holds marketshare for (Mail, DNS), the only sensible pieces of popular software on one's server are OpenSSH and Apache. I wish there was something more secure than Apache to suggest, but I've seen little in the way of really solid, full-featured alternatives.

Please note this is not 'in my opinion this is better software' , this is 'conclusions from reading four years of Bugtraq and watching every operating system and package screw up royally in turn and noting the frequency with which they did so.'

The final fact is: software is only as secure as the person using it. IIS is easy to setup - it is MUCH harder to setup in a secure fashion. Apache is easy to get running. It is harder to chroot jail it, etc. Security has nothing to do with popularity and everything to do with "Are you willing to work hard to be secure?" Open source software has generally made an effort to reduce the workload of the system administrator in the security department that I have yet to see on the part of Microsoft. I think Oracle's security track record post-'unbreakable' speaks for itself.
posted by Ryvar at 1:59 PM on August 11, 2002


What I'm saying is a government agency shouldn't be hamstrung into using one product simply because its open source.

As opposed to being hamstrung into using one product by market forces?

I want the gov't to use the best tool, not have to figure out how to recompile a linux desktop simply because the law says so.

I think this legislation is saying that the best tool, by definition, is the one that the government can fix, modify and enhance as it sees fit.

Free viewer for Microsoft Word files. Free viewer for Microsoft PowerPoint files. Free viewer for Microsoft Excel files.

kjh, I think you're getting mixed up between free beer and free speech. It's not about money and it's not about standards -- it's about the freedom to make the technology work best for your needs.
posted by jjg at 2:08 PM on August 11, 2002


No, this law is stating that the software producer must create "open" code.

No, this law does not tell software producers at all what to do. The proposed law says that government agencies would use only "open" code; the software vendors can choose to compete within this limitation or not. Microsoft could very well chose to offer a system of Windows/Office for federal/state/local governmental use, allowing for review and approval of code by a governmental body, and with a set price for purchase of the system, with optional added functionality at further cost; or they can continue to attempt to hold these agencies hostage (with the same arguments you offer), with exorbitant licensing fees and little beyond cosmetic improvement in the software over time.

If the government decides it is more cost effective to purchase a car and own it outright, why would they pay more in the long run just to lease it?

Goverment agencies used to write their own code, exactly what they needed for the functions they had to carry out. Setups like MS Office may have been an attractive option at one point, but why stick with it if the cost is too high for the benefits provided?
posted by troybob at 3:28 PM on August 11, 2002


Free viewer for Microsoft Word files. Free viewer for Microsoft PowerPoint files. Free viewer for Microsoft Excel files.
They're free in the same way Internet Explorer is. They're free when you have Windows/Mac. Should a government require that?
And don't tell me there aren't standalone viewers and convertors on (say) the Linux side, because I've been there and I know they exist.
There's no monetary cost to view a file, but to make a file for that closed format costs money. So, to speak in a format used by government costs money.

That the government has a defacto set of formats controlled by the private section for talking to citizens isn't a good thing.

There are reverse-engineered writers for .DOC, less so for .PPT, but then you're always playing catch-up, and the authoriative source on the format is always out of your control.

So specifying open formats might be enough, if it weren't for software that calls home, and spyware, and software bugs. Not everything malicious that a program does can be fixed by an open format. Again, a government can ask for bugs to be fixed but as shown in the DOJ Microsoft trial it's quite common to put off fixing bugs when features sell products. Government's don't have much control when it comes to closed-source.

From what I've read they want free software because it satisfies some needs. Anyone care to debate those?
posted by holloway at 3:53 PM on August 11, 2002


Ryver: I have no idea why you resorted to the ad hom. In any case, my remark was hasty, and you misunderstood what I was saying. You took "popularity" to mean something entirely different from what I intended. (Man, I am just NOT being clear today).

I'll elaborate: the only way bugs/security holes get fixed in open source software is if the software is "popular" enough to get used a lot (bug reports come in), and is "popular" enough in the open source community that there are qualified people devoting free time to securing it and/or are getting paid to do so. I clearly made a mistake by referring to the above frequency of use/devotion of coders as "popularity", because obviously popularity != security.

I don't actually disagree with any of your points at all.

In fact, it goes directly to my main point. Just because SOME open source software is secure does not mean all of it is, or is even likely to be MORE secure than closed source software this legislation doesn't say "You must use BSD" it says "You must use open source software" -- plenty of which is chock full of security holes.

To Moz: Yes, the linux desktop has come along way, I use KDE on one of my boxes. I still think its clunky next to my XP box for day to day desktop use. However, if the gov users aren't ever going to install software (cuz god knows that isnt standardized), they could probably get by okay. I still don't consider it a good idea, but I over-stated my opposition.

Anyway, I'm stepping out of this debate, which I should have originally. This is a religious war, and I'm platform agnostic. Like 'em all, use 'em all.
posted by malphigian at 4:34 PM on August 11, 2002


Hmmm
posted by holloway at 4:43 PM on August 11, 2002


Speaking as a non-US citizen, there is a great deal of attraction in knowing that code has not been backdoored or trojan-ed by a US manufacturer - and being able to verify this by inspection. Certainly the German government thinks so. And this could be true in US domestic contexts too. Many people are suspicious of closed-source voting machine implementations, for example.

There is a policy argument for this approach - it prevents vendor lock-in over the long term and may ultimately lower costs for government, and hence the burden on taxpayers.

Turn this around - why shouldn't a government be able to set purchasing standards that will lower its costs, like any other player in the market?

To fork the debate some more, even if you think that promoting open source software is bad policy, why shouldn't governments try to achieve policy goals through whatever constitutional means they like?
posted by i_am_joe's_spleen at 5:03 PM on August 11, 2002


BTW, benjh - there's a "WYSIWYG" HTML editor built into Mozilla and Netscape, called Composer. Personally, I don't find the Gimp any harder for image editing or creation than Photoshop.

Also, OpenOffice/StarOffice's "save as HTML" beats the pants off MS Office's equivalent, in terms of generating clean, readable markup.

Lastly, the pedant in me must point out that "WYSIWYG" HTML is a strict oxymoron. HTML makes no guarantees about presentation (unlike, say, Postscript). The output from Lynx or Opera is as valid as that from IE, as far as HTML is concerned. "WYSIWIW" (what you see is what you want) would be a better description for the FrontPages and Dreamweavers.
posted by i_am_joe's_spleen at 5:10 PM on August 11, 2002


I think this legislation is saying that the best tool, by definition, is the one that the government can fix, modify and enhance as it sees fit.

Why not have the government IT guys decide this instead of the legislature. An open tool may be the best tool, but maybe a closed-source one is for your particular usage(example: Gimp vs. Photoshop). Why make it a law?
posted by owillis at 5:15 PM on August 11, 2002


Why make it a law?

Because government IT guys will also do things like buying Oracle licenses for every state employee, whether they're needed or not.
posted by troybob at 5:30 PM on August 11, 2002


Ryver: I have no idea why you resorted to the ad hom.

Apologies if it seemed like a personal insult, but it wasn't meant that way - your comment, taken at face value and only face value seemed like a naive assessment of software security. Security absolutist that I am, my immediate reaction was "malphigian has an error due to his uninformed status, I must smack his incorrect meme into oblivion before he spreads it further." I jumped the gun and I'm sorry for that. It might interest you to know that except for a deep and abiding hatred for SunOS, I'm fairly platform-agnostic myself.
posted by Ryvar at 7:59 PM on August 11, 2002


Ryvar: No hard feelings, like I said, It was a sloppy statement on my part and I'm totally not being clear today. Thanks for clearing things up.
posted by malphigian at 8:25 PM on August 11, 2002


No, this law is stating that the software producer must create "open" code. This implies that an application based on "open" code is somehow inherently better. In some cases its true, sometimes it isn't. What I'm saying is a government agency shouldn't be hamstrung into using one product simply because its open source. I want the gov't to use the best tool, not have to figure out how to recompile a linux desktop simply because the law says so.

I think this is missing the point. A lot of the push for open source software is not coming about because of a belief that it is inherently better, but that access to the source code combined with a liberal license that does not require a full-time employee just to document license compliance are critical requirements for many organizations. In addition, for security conscious organizations open source programs permit independent security reviews of the programs. This is particularly important given that the current Microsoft policy is that they will not only prevent independent security auditing, but they refuse to release the results of their own security audits until they release a bug fix (or more likely, they get scooped).

Now then granted, I am not very fond of a all or nothing approach. One of the things that Microsoft managed to get right is the development of an accessibility framework that makes it very easy for programmers to write programs that can be accessed through speech recognition software. Speech recognition is another area where open source technology is lagging behind. However, if government contracts considered access to source code to be a critical requirement, it would greatly encourage disclosure.

A final thing here, at least in the case of Microsoft we are talking about an organization convicted of an illegal monopoly. At some point, the contradiction between taking them to court for anti-competitive practices, and rewarding them with extensive government contracts becomes a political issue. A part of this could be seen as a backlash against Microsoft that has spent a large chunk of the last year strong arming major clients into a license agreement that forces them to pay a subscription fee for vaporware.

Of course, legislatures set funding priorities all the time. That is one of the reasons that they exist. Every year state legislatures pass budgetary bills that mandate such and such a project will be completed with such and such requirements.
posted by KirkJobSluder at 10:32 PM on August 11, 2002


Photoshop/Gimp. Why make it a law?
If the government takes a photo of me then I should be able to verify that they have the correct photo, and understand how my personal details are used. I have a GIMP plugin on my home machine that accesses NetGeo to lookup physical location based on my IP address (it fails miserably). It then uses that to ask what the weather is like and ten seconds later I have a cute icon on my image. If there was a similarly stupid plugin for Photoshop a government agency couldn't easily see whether the filename was sent along with these request across the web. Perhaps the filename is my SSN, or maybe the person using Photoshop saved my photo using my real name. If the plugin were open source I could more easily verify for myself the workings of the program and ensure that citizen's privacy was kept safe, and citizens could check for themselves.

Another example is a thin-client holding Inland Revenue returns that caches information locally, remotely, and with permanent backups done through a slow VPN. For the basics of privacy you'll need to know where the software caches citizen details, and how long does it maintain these details for, whether the software calls home or not.

The same could be done with closed-source software if you have a contract with a vendor but then you're locked in. You could only pay them to investigate your questions, but maybe you couldn't see the source code, and the public certainly couldn't see it. You could only explain what you believe is happening, and the public would have to go on your explanation. This is what happens now and there's less transparency in government than there could be.

I like some of the ideas but don't know whether this bill would work. OSS certainly works for mainstream software with many users, but there's a lot of one-off or niche systems. Some of my favourite software is proprietary. The bill makes a good case for helping create a software industry that respects the needs of government, but I doubt if they would stay with the law long enough to build OSS software for all their needs.
posted by holloway at 10:37 PM on August 11, 2002


While certain circumstances may apply to Peru's consideration of Open Source legislation that don't apply to California, it's probably still worth reading a couple letters written last spring when the bill was proposed: the first from Microsoft to Peruvian congressman Villanueva airing the company's objections, and the other being Villanueva's reply.
posted by nickmark at 7:44 AM on August 12, 2002


« Older   |   This nuclear detente, as sponsored by Oracle Newer »


This thread has been archived and is closed to new comments