Women in Technology

Hear us Roar



Weblog:   The Growing Politicization of Open Source
Subject:   What about the quality of the software purchased by the government
Date:   2002-08-16 15:38:23
From:   korwin
Response to: What about the quality of the software purchased by the government

On the topic of what government should require from the software vendors:


I disagree with the legislation proposal, not with you. Let's require open standards, not open source. But also, let's require security, reliability and performance acceptance level even before the open standards. Ask the (proprietary or open source) software companies to deliver software that works.


On the topic of the open source software model and more specifically the GPL one:


Purchasing a softare should give you the right to sue the software vendor if this software fails to work as it is supposed. (Government requirements, quality standards and conformance tests would be a base for this to happen. :-)) If i am hurt because a car malfunctions, i can sue the car manufacturer. The same should apply to software. The thing here is - i can see the proprietary software companies as Microsoft being able to actually comply with such requirements; however, i fail to see how an open source company would be able to do it. As you said - OpenSource 'R' Us might sell me the software and might be willing to provide support (well, that's their revenue model), but i doubt they would be willing to go to the court to defend somebody else's code.


Are you personally willing to guarantee the security and the reliability of a software solution you would sell to some of your client? I assume you use gcc - would you be willing to stand by the binaries, produced by it, to the degree of taking the responsibility and allowing to be sued?

Main Topics Oldest First

Showing messages 1 through 1 of 1.

  • What about the quality of the software purchased by the government
    2002-08-16 16:04:18  pkobly [View]

    >I disagree with the legislation proposal, not
    >with you. Let's require open
    >standards, not open source. But also, let's
    >require security, reliability and
    >performance acceptance level even before the
    >open standards. Ask the (proprietary or open
    >source) software companies to deliver software
    >that works.

    While this is a laudable goal, how do we assert that the software works or is secure? Black-box testing is simply *not* sufficient to assert quality with any credibility. Open source, allows the purchaser or the user (in this case the government) to perform its own testing and audits, rather than simply relying on the bare assertions of a vendor.

    Remember, the Pinto went through testing before it was unleashed on the world.

    > Purchasing a softare should give you the right
    > to sue the software vendor if this software
    > fails to work as it is supposed.

    This requires a complete definition of how the software is supposed to work, and under what conditions. That definition often does not exist in general purpose computing.

    If you ever get the right to sue vendors, then you ought to consider the likelihood of vendors being able to pay out on lawsuits. That same problem exists with many consumer goods. But it's a moot point now. Small companies are just as able to pay out the $0 judgements that you can get now as are big companies.

    > Are you personally willing to guarantee the
    > security and the reliability of a software
    > solution you would sell to some of your client?

    Is Microsoft?

    > I assume you use gcc - would you be willing to
    > stand by the binaries, produced by it, to the
    > degree of taking the responsibility and
    > allowing to be sued?

    I would be more willing to do so while using gcc than while using a proprietary compiler. I don't have to rely exclusively on the assertions of a third party that the compiler works correctly.

Showing messages 1 through 1 of 1.