Weblog:   The Growing Politicization of Open Source
Subject:   What about the quality of the software purchased by the government
Date:   2002-08-16 14:16:09
From:   korwin
Response to: What about the quality of the open source

I changed the title, because it is more fair representation of the things that i argue about and is not related to the open source programs only.


Here's what i think on FSF, open source and this proposal:


Can you say that you know the company that made Linux? Hmm, who would be responsible if a bug in OpenOffice changes the measurement units in my document from inches to centimeters and my subsidiary delivers to me 100000 wrong details? I don't say that you would be able to sue the proprietary software companies. But if the government is forced to impose a quality standards first, before source openness, i would expect to see the proprietary software companies to react first and in fact deliver software that is compliant with those standards. Can you imagine a company to accept the responsibility for OpenOffice? Yes, i know Sun has StarOffice alternative, so there is a big company that can do this, but who else? And as far as i know Sun would not submit all of it's code back to the open source community.


Requiring the government to purchase only open source programs, so that people have the opportunity to examine how their data is being processed with the argument that the transparency would make the programs more secure and reliable - this is ridiculous. It's like asking the government to force Ford and the other car companies to publish their blueprints and not impose any standards. I mean - why require crash test, if the blueprints are available and any decent auto mechanic would be able to fix it for you if it was not safe? And than shouldn't we as taxpayers be able to have the fair access to the blueprints of the public transportation system? Even if don't know what to do with them, we could hire experts to audit them. To make sure that of course those cars are safe?


Would i be interested in the actual algorhitm used to sort all the government records about people - not, because "it wouldn't do me any good". Would i be interested whether the software that sorts those records is safe and secure enough so that they are not lost or stolen - yes, but i don't need the software sources to make sure this is indeed fact. The good of the people would be ensured if (as you and other people here briefly mentioned) the government requires open data formats _and_ if the government establishes standard procedures and tests to ensure minimum level of software quality. Anybody who wants to sell to the government should pass these tests and procedures adn should conform to these standards. Period. It shouldn't matter if it is open source or closed source, as long as it complies with these requirements. You don't require Ford to publish their blueprints because "it wouldn't do most people any good whatsoever". You do require though that Ford cars are acceptable safe. And everybody is happy with this situation.


Will FSF assume the responsibilty that Emacs will not loose your data becaus of some bug or that gcc will in fact provide the proper code for your hardware and will not fry your CPU? Will FSF allow to be sued if this happens? How will they guarantee those programs indeed work (besides "You are free to examine those programs and fix them if there is any bug in there. Oh, and btw - you have to give your work to us. But we guarantee they work properly - they have been reviewed by lot of other people and all the bugs were fixed. Err, what do you mean by 'who are those people'?")


To summarize my rant : Why the open source advocates and FSF do not advocate wide addoption of IT industry standards for quality assurance and testing process? Why do they not work for establishing government level of software acceptance for things like security, reliability and performance? Are these things less important than the availability of the source? Imho, the movement to require the government to purchase only open source software has nothing to do with the good of the people. It is a political move by FSF to establish another kind of monopoly - one that favors them.

Main Topics Oldest First

Showing messages 1 through 2 of 2.

  • What about the quality of the software purchased by the government
    2002-08-16 16:15:02  pkobly [View]

    "But if the government is forced to impose a quality standards first, before source openness, i would expect to see the proprietary software companies to react first and in fact deliver software that is compliant with those standards."

    1) How do you propose that a determination of compliance with quality standards be made? A set of black-box tests by the government? A bare assertion from the vendor?

    2) Why do you "expect to see" something where you have actually consistently seen the opposite? How quickly did Microsoft respond to the recent major SSL certificate authentication problems in IE? How quickly did the KDE team respond to the same problems found in their code?

    Answer: After a week, Microsoft still hasn't fixed the problem. Within 90 minutes, the KDE team had fixed Konqueror.

    "You don't require Ford to publish their blueprints because "it wouldn't do most people any good whatsoever". You do require though that Ford cars are acceptable safe. And everybody is happy with this situation."

    Ford _is_, however required to release some information about its cars. It is required to release specification and design information about its safety equipment so that said equipment can be evaluated and tested. It is required (recent FTC decision) to release specifications of the computer diagnostic ports, so that hobbyists and non-Ford authorized mechanics are _able_ to maintain their Ford vehicles. Ford is not permitted to stop after market parts cloners from producing replacement parts for Ford vehicles. Ford is not permitted to disallow Ford owners from reselling Ford vehicles. Ford is not permitted to disallow Ford owners from lending their vehicles to friends.
  • What about the quality of the software purchased by the government
    2002-08-16 14:54:24  zwack [View]

    Ummm... Thanks for your rant... I think...

    You did not answer ANY of my questions though...

    So hopefully we can get a clear understanding of what I suggested, and then you can explain why I am wrong...

    "Can you say that you know the company that made Linux? Hmm, who would be responsible if a bug in OpenOffice..."

    Well, I still had a vendor in there, one who was willing to provide support. The government is going to buy a solution from somewhere. If it's Linux and they buy it from RedHat then RedHat would be responsible for supporting that software. If it's StarOffice and they buy it from Sun then Sun provide the support... If it's OpenOffice and they buy it from "OpenSource 'R' Us" then OpenSource 'R' Us would provide support.

    They don't have to accept responsiblity for the bugs, just provide support. They should try and fix the bugs or get someone else to, but they need to provide some form of support. If you think I am being easy on them with the "don't have to accept responsibility for" bit then I would suggest you go read some EULAs from Microsoft... or indeed anyone else.

    What I want is for the mandate to be for Open Standards for the file and data formats. This makes sense to me... And as you like your car analogy it's like me saying "Here are the sepcifications for a tyre for a '65 Mustang..." And then looking around to see who made tyres that fit that specification. I could get Firestone or Michelin or any number of other brands of tyres made to that specification. They're not all made by one company. Similarly if I was to say "Here is the file format for a word processed document..." Multiple vendors could produce software that could read and write the same document. Some of them might be closed source, some of them might be open source... Some of them might even involve people following procedures in a manual that caused them to produce a file using an ascii text editor that met the standard. I don't care. But I can look at the specification, write my own tool to manipulate it and do what I want with the document. Multiple vendors providing software that can interact is true CHOICE. If I like the spell checker in tool 1 but the Mail merge in tool 2 there is nothing to stop me using 2 for a mail merge and 1 for the spell checker. If tool 3 has a mail merge that's almost as good as that in 2 and a spell checker that is almost as goos as that in 1 then I might decide that 3 was good enough for my needs and only use that. If however each vendor only supports their own proprietary data formats then I have to choose one tool that will do... And if Tool 3 didn't exist I would have to decide if Mail Merge or Spell Checking was important to me. And if I choose tool 1 and the manufacturer goes out of business... What then? I have to either convert my data to work with tool 2 (and data conversion is not a fun process) or I have to keep using tool 1 and doing without any new features.

    I don't agree with RMS that all developers should have to use GPL. I think that that is your choice. (I do, but I made that decision, nobody forced me to). Equally I don't agree that I should be forced to use proprietary products because nobody knows what their data format is.

    If Governments mandated Open Standards for File and Data Formats that would encourage software that can interoperate. Interoperability is good for everyone except the dominant market leader. Vendor Lock-in is bad for everyone except the vendor that you are locked in to. Interoperability encourages TRUE innovation. If the market leader can retain their market share by providing new features that people want then everyone benefits. They might have to work a bit harder than with lock-in... But it gives everyone a fair chance.

    Z.

Showing messages 1 through 2 of 2.