Comments on this weblog

Showing messages 1 through 67 of 67.

• Legislation would discourage usage overall
  2003-04-14 10:34:12  anonymous2 [View]
  
  
  Tim express the correct view of this issue. As an advocate of open source software and a small business person I can tell you that a sense of distrust does exist among decision makers about adopting open source. Attempts to narrow the purchasing process in other places would only solidify these views. Personally I like the liberties that open source provides. To be consistent leave the same liberties in place in economic choices. Why would anyone want to taint open source by associating it with the heavy handedness of legal compulsion.

• Peru Bill NOT a mandate for "the WAY"!
  2003-03-12 06:03:15  anonymous2 [View]
  
  
  Your article and point of view are centric to the view that government legislation is keyed towards 'Open Source'. That is NOT true!
  
  When we read the bills for Peru, Oregon, R.I., we find that they direct that any product offered to a government must be complete and come with the tools for the government to be able to continue to use it, repair it, or while contracting openly for upgrades.
  
  There is still the opportunity for closed source systems (Microsoft, Oracle, SCO) to control access to their code through NDA's. They simply do NOT get thegovernment as a monopoly in perpetuity! An example is that Microsoft has disclosed their code to Germany, and promises to give it up to China, in order to compete with other vendors who offer Open Source code.

• web site
  2002-11-03 19:15:59  anonymous2 [View]
  
  
  I think your site is great. Thanks, Mike Adams/Laurel Del

• It's about quality and liability... not open standards
  2002-09-03 13:41:08  anthonyhunt [View]
  
  
  First of all...open source has always been ripe for politicisation. I think it's naive to resist such a process. It's natural, for what is arguably the major component of the world's next economic framework. Many have a vested interest in the status quo of American Capitalism. Every decision we make in this world is political.
  
  In regard to the mandatory open source vs open standard legislation argument I think they both miss the point. They're two different animals. One is too do with the quality of a product and the other is to do with collective usability. Of course governments should be embracing open standards. What they shouldn't be doing is locking themselves into faulty products. Making open source software mandatory is the wrong road in my opinion. It's not a sustainable argument. What is sustainable is for governments to tell software producers "take liability for any faults in your product or show us the source code."

• DSSA does not discriminate among vendors
  2002-08-28 08:51:06  michael_odonnell [View]
  
  
  You start out with a quote that totally misconstrues the proposed DSSA as I read it:
  "If enacted as written, state agencies would be able to buy software only from companies that do not place restrictions on use or access to source code."
  I cannot find any mention in the proposed DSSA of restrictions on companies from whom CA may purchase software. DSSA restricts CA to only purchase full binary/source rights in software, and prohibits the state from operating with execution-only licenses to software that it does not own. That seems quite reasonable and modest to me. DSSA also allows (because it does not prohibit) CA to contract with a company to operate proprietary software on CA's behalf.
  
  Mike O'D.
  

• Right, but not far enough
  2002-08-27 20:12:26  mdepolli [View]
  
  
  Tim's absolutely right, but he doesn't drive the point to the core of the matter.
  
  In Brazil, where I live, these kind of laws are being passed by openly communist, anti-market political parties.
  
  The difference between those guys and the regular open-source advocates is that they're not particularly against Microsoft. They're against the existence of companies in the first place.
  
  If there's a company making money by selling something, they see there an opportunity for the State to take over and stop anyone else from making profit.
  
  Now that's a real threat, at least down here. And open-source advocates in any part of the world should take care so as not to have their ideology stolen and used for spurious purposes.
  
  After all, if it wasn't for free market, there would be no open-source software -- or no kind of software at all, for that matter.

• Public procurement
  2002-08-20 14:09:27  mpawlo [View]
  
  
  Tim,
  Nice thoughts on government and open source. I think the big issue is the public procurement policies. I wrote something on this (published by
  Newsforge) you might find useful or at least food for thought:
  http://harvard.pawlo.com/newsf03.html
  or
  http://newsforge.com/article.pl?sid=02/02/08/208246
  

• Comment on Comment: The Circularly-Linked List Firing Squad
  2002-08-18 16:40:13  John W. Adams | [View]
  
  
  This is more-or-less on topic, from my weblog:
  
  There's an old joke told by and about every group known to humanity. I first heard it told by a fellow left-winger:
  
  How do leftists form a firing squad?
  They stand in a circle with the target at the center.
  
  This week brought three exemplary instances of this behavior.
  
  Exhibit A: Tim O'Reilly questioned in his weblog whether the proposed Digital Software Security Act, which would mandate the use of open source software by the state of California, was a good idea, considering that it cedes the moral high ground of freedom in software choice which open source currently occupies.
  
  Exhibit B: Dave Farber gave a deposition in a pending case brought by the RIAA asking that major backbone providers be made to block a Chinese web site. In his deposition, he stated that this was certainly technically possible and would not create an undue burden on those providers.
  
  Exhibit C: Larry Lessig's presentation on copyright and fair use was posted on the O'Reilly Network. Among other things, he said, "And, If You Can't Fight For Your Freedom . . . You Don't Deserve It. But you've done nothing." (Audience applause).
  
  So, what's the result? In reverse order:
  
  Dave Winer on Larry Lessig's talk: "Lessig is so damned irritating. He says 'We've not done anything yet.' Arrrrgh. Incorrect. He's not done anything yet. Perhaps his friends haven't done anything yet."
  
  Doc Searls was more moderate: "I have to say that I bristled during the speech when Larry switched voices from the first person plural we to the second person singular you...But given how little any of us have succeeded thus far — including Larry — I'll forgive the broadness of Larry's reproach."
  
  On Dave Farber's Interesting People list, he reprints An Open Letter To Dave Farber, which closes with "Whose side are you on, Dave? Theirs or the Internet's? And why?" I'm sure there's more Farber-flaming over on Slashdot, but I haven't yet checked.
  
  Speaking of Slashdot, the reaction there to Tim O'Reilly's article was predictably furious, as were some of the comments posted directly to his weblog (though these were less angry than the Slashdot comments). The Slashdot article (from an editor, michael, by the way, not M. Anonymous Coward) ends: "O'Reilly seems to be promoting the agenda of Microsoft's Software Choice campaign. He's a business man; perhaps there's a reason we don't know about. But whatever his motives, his lame arguments are no reason to stop pushing for governments to use Free or Open Source software wherever possible."
  
  What makes these reactions interesting is that these three were talking less about basic ideas or ethical principles than about tactics:
  
  Farber gave his deposition because this lawsuit "seemed to be a good case to test the issues raised by DMCA (a law I believe was fatally flawed in concept and should be repealed)..." I'm not sanguine about the hopes of a test case in front of this Supreme Court, but then, we won't have another court any time soon.
  
  O'Reilly took his position because "having governments specify software licensing policies is a bad idea". I think he is wrong on this specific point, but right in his implication that the DSSA invites a law requiring only closed-source software. (Many people don't know that security through obscurity is a weak approach.)
  
  Lessig is, I think, just frustrated that people won't take effective action, and I'm with him all the way on this:
  
  "Now, I've spent two years talking to you. To us. About this. And we've not done anything yet. A lot of energy building sites and blogs and Slashdot stories. [But] nothing yet to change that vision in Washington. Because we hate Washington, right? Who would waste his time in Washington?"
  
  Declan McCullagh has a recent opinion piece which I suspect speaks for the majority of techies, in which he is first exactly right, then spectacularly wrong:
  
  "Trust me, a few--even a few thousand--peeved e-mail messages won't change vote totals that lopsided. (Did you know the Senate approved the DMCA unanimously?) Washington's political class is used to ignoring frenzied yowls from far more organized and well-funded groups than 'geektivists' can hope to emulate anytime soon.
  
  "Instead, technologists should be doing what comes naturally: inventing technology that outpaces the law and could even make new laws irrelevant."
  
  Well, Washington can write, pass, and enforce laws much, much faster than anyone can write code--I guarantee you that. Law can make pi equal to 22/7, the earth flat, and creation seven days long, with one off for good behavior. Unlike code, law doesn't have to make sense to be a fact of your life.
  
  The key words in McCullagh's article are "anytime soon".
  
  He's just barely right on that--effective political action does take persistence. But you know something else about it? It provides persistent results.
  
  He's right that when folks "set up irate Web sites, launch online petition drives and tell all their friends to write to their congressional representatives...these efforts are mostly a waste of time. Sure, they may make you feel better, but they're not the way to win," because he's set up a straw man to knock down.
  
  Yes, politicians are used to "ignoring frenzied yowls from far more organized and well-funded groups." Those more organized and well-funded groups usually get their way, though, when their "frenzied yowls" are backed up by organization, votes, and cold hard cash, with none of which we've yet to bother.
  
  That techies have done an incompetent job of lobbying doesn't prove that lobbying is ineffective. It just proves we've done an incompetent job of it.
  
  Why do we persist in the delusion that politics will leave us alone?
  
  I believe the transcript of Lessig's talk is slightly off.
  
  I was there, and I personally started the applause mentioned above, but I believe this is more accurate:
  
  "And, If You Can't Fight For Your Freedom . . . You Don't Deserve It."
  
  (Audience applause).
  
  "But you've done nothing."
  
  I know the moment when I decided to applaud is accurately reflected there. My memory is that the applause was slow to build and weak at its peak.
  
  People, particularly here in the United States, tend to think freedom is one of the best things in life (true), and that the best things in life are free (not always). Freedom does not throw itself into your arms saying, "Take me, I'm yours!" That's an adolescent fantasy at best--the flipside of McCullagh's "anytime soon".
  
  Time to grow up.
  
  Links:
  
  Doc Searls on Lessig, which links to
  Dave Winer on Lessig (Dave Winer writes an excellent weblog, though I've criticized this item above)
  Lawrence Lessig
  Record Labels Want 4 Internet Providers to Block Music Site
  Monthly Archives for Interesting-People
  Tim O'Reilly's weblog
  Slashdot | Tim O'Reilly Bashes Open Source Efforts in Govt
  Declan McCullagh: Geeks in government: A good idea?

• Red Hats at the Capital Of Calif.
  2002-08-18 12:23:06  mdn [View]
  
  
  The other day on TechTv I saw an article about the Geeks March on the capital. I was somewhat disapointed that everyone was wearing Red Hats when they were trying to promote open source not MS. To me if the representive of RadHat Linux want to wear his company logo that is fine. But for everyone to do so does not show the pormontion of open source rather the promotion of one companies solution or another.

• open source is a political idea
  2002-08-18 09:01:01  3.2.3 [View]
  
  
  like it or not, open source is as political and economic as the politics and economics behind which closed source hides.
  
  citizens have a right to decide what the best software for the job is, and to tell their governments what to do. if citizens do not utilize this right, closed source corporations will:
  
  http://www.nola.com/news/t-p/neworleans/index.ssf?/newsstory/o_microsoft16.html
  
• open source is a political idea
  2002-08-18 10:08:30  John W. Adams | [View]
  
  
  That's an excellent link you provided--I'm putting it in my weblog.
  
  But note that Microsoft didn't get this contract by passing a law but by saying, "We'll do this cheaper." (They may be buying the business by artificially depressing their costs.)
  
  I doubt that the city of New Orleans will find their TCO to be all that great down the road, but that problem will belong in ten years to someone other than the person making this decision today.
  
  P.S. If you like Waits or Bukowski, be sure to click the link at the bottom of the page titled "Beats set tempo of bop lover's life"--what a great story!

• Why Not?
  2002-08-18 06:04:59  cmartinez4u [View]
  
  
  Why the government shouldn't mandate THEIR EMPLOYEES use standard open software that's cheaper for the taxpayers?
  
  Please tell me a company that doesn't have standards and allows their employees use what ever they want.

• Right or Wrong?
  2002-08-17 17:52:12  swbobcat [View]
  
  
  There is just one small fly in the ointment:Microsoft etal. have been forcing the use of their propriatary sofyware for ages, and left unchecked this will continue to go on. Requiring the use of Open Source in government is the only way to balance the software companies domination of what we MUST use -- there is NO CHOICE in this matter.
  
  Real or not, when governments require that Open Source be used unless there is a compelling reason to use commercial software forces companies like Microsoft to compete by offering software that competes feature for feature with Open Source, and may ultimately force companies, such as Microsoft, to design better software, and modify their licensing policies, so that people can afford them, if not.... well they go broke at some point.
  
  In short, Right or Wrong, at the current time, the only way for governments to get software that competes on merit, and softweare that does not lock the government into one company's product, is to legislate that Open Source be used unless a propriatary company, like Microsoft, can prove that their products are worthy of use, trans platform applicable, and will not lead to lock in. Legislation is the only way to obtain these results, and balance the polictical heft thrown around by a Microsoft who runs to the U.S. Ambassidor to lobby on its behalf -- which is WRONG, WRONG, WRONG. Self determination is important.
  
  We are ignoring the fact that the software industry has been politicalized for YEARS, through lobbying, and campaige donations, and Microsoft has shown us just how political its is. Until Microsoft can stop running to the U.S. Ambassador to lobby on its behalf in the internal political policies of foreign countries, politicalization of Open Source will become a fact of life since it it is doing is fighting fire with fire.

• The Growing Politicization of Open Source
  2002-08-17 17:37:36  javaman67 [View]
  
  
  I agree with Tim on this. At first when I heard about Peru and California, I "rallied with the troops", but thank God for some clear heads. We (the Open Source Community) would be just as guilty as Closed Source Proponents. Keeping it honest and open is the right thing to do.

• Meet the new boss, same as the old boss
  2002-08-17 11:51:43  brettglass [View]
  
  
  Richard Stallman, along with Bruce Perens and others of their ilk, are not really interested in giving us "freedom," despite their deceptive and virtually constant use of the word. They want, just as much as Microsoft and other monopolists, to deprive us of choice. What's more, they use the same tactics: predatory pricing (Who can compete with something that's given away for free, and -- moreover -- has no transaction costs?) and attempts to outlaw the competition.
  
  The public should not stand for this. It's time to sue to have the GPL -- the mechanism through which the Stallmanistas seek to accomplish their ends -- ruled to be invalid and every bit as unconscionable as Microsoft's predatory practices. If either the FSF or Microsoft wins, users and innovative small businesses will be hurt and deprived of opportunities and choice.

• Corps write lic pols; why cant govs??
  2002-08-17 10:25:18  morlu [View]
  
  
  Oreilly is making the point that governments should not be writing licensing policies. Only corporations should do that.
  
  WHY THE HECK NOT?
  
  There is something radically anti-democratic in the idea that the privilege of hamstringing everybody else in red tape, should be restricted to corporate entities. Our form of capitalism is quite feudalistic enough already thankyou very much:
  
  Those of us individuals who hope to survive in this society, rely on the existence of just one "corporation" that we *can* lean on [the government] to be big enough to lean on other corporations when they misbehave. Why should it be hamstrung in the way Oreilly is suggesting?
  
  I have never written a licensing policy to ram back down the throats of the dreaded corporate EULA writers--nobody would care if I did. It is entirely appropriate that they should get one small taste of their own medicine, just to keep them slightly honest.
  
  Like most of the corporately-disenfranchised general public, I am entirely in favor of seeing public entities ram just a little bit of democratized "licensing policy" down the throats of our corporate commons-grabbing community.
  
  Why the heck not?

• Linux and Politics
  2002-08-17 10:10:18  rmoliva [View]
  
  
  I am in agreement that we should not see our government mandate that Open Source Software be used everywhere in Government.
  
  Rather as mentioned it should be legislated in such a way that OSS is an excellent alternative to be looked at by government's everywhere and used where applicable.
  
  In the same light, the proposed legislation by the governments of Peru,and now being considered in the California bill, could be the backlash of to many years of Microsoft stuffing their products down the government's throat without considering the long term consequences of their inactions in the areas of security, and licensing, etc.
  
  I do applaude those who are taking a stance against those things Microsoft, but let's be realistic, no one wants to have their government,local or national, to dictate what the worksrs can cannot use to be productive at work.
  
  
• Linux and Politics
  2002-09-03 14:04:07  anthonyhunt [View]
  
  
  rmoliva wrote: "no one wants to have their government,local or national, to dictate what the worksrs can cannot use to be productive at work."
  
  That's arguable but it's not what this argument is about. This argument goes far far wider, into issues such as liability, quality, collective usability and security, just to name a few. It's about governments agreeing a way forward... hence legislating rather than leaving it up to successive governments to make decisions on an ad hoc basis.
  
  In other words, I think, governments shouldn't be mandating the use of open source either. All they need to do is mandate that software producers take liability for any faults in their products OR include the source code.
• Linux and Politics
  2002-08-18 05:44:02  cmartinez4u [View]
  
  
  "no one wants to have their government,local or national, to dictate what the worksrs can cannot use to be productive at work."
  WHY NOT?
  Tell me one company that let their workers use what they want to be more productive?
  Remember their trying to mandate:
  - Free access to public information by the citizen.
  - Permanence of public data.
  - Security of the State and citizens.
  
  To guarantee the free access of citizens to public information, it is indespensable that the encoding of data is not tied to a single provider. The use of standard and open formats gives a guarantee of this free access, if necessary through the creation of compatible free software.
  
  To guarantee the permanence of public data, it is necessary that the usability and maintenance of the software does not depend on the goodwill of the suppliers, or on the monopoly conditions imposed by them. For this reason the State needs systems the development of which can be guaranteed due to the availability of the source code.
  
  To guarantee national security or the security of the State, it is indispensable to be able to rely on systems without elements which allow control from a distance or the undesired transmission of information to third parties. Systems with source code freely accessible to the public are required to allow their inspection by the State itself, by the citizens, and by a large number of independent experts throughout the world. It will bring further security, since the knowledge of the source code will eliminate the growing number of programs with *spy code*.
  
  Please read the "Peruvian congressman's open letter to Microsoft" it's a worldwide known masterpiece, that will answer all your questions about Open Source Movement and the Government.
  
  
• Linux and Politics
  2002-08-18 07:08:28  jsotack [View]
  
  
  You can legislate
  "- Free access to public information by the citizen.
  - Permanence of public data. - Security of the State and citizens."
  
  Without legislating the end solution. How many government orgainizations have you seen distribute information ONLY in a format that requires expensive SW to view.? There ar always HTML, PDF.
  
  Hence, the requirement could be that certain types of information be distributed in a way (of the orgainisations choosing) that uses a free viewer.
  
  In thie case where maintainance is a concern, you simply need to be able to convert to a different format. I suppose you could have a reqiurement that the generating information be robostly save information in an open format (xml?).
  
  JOhn

• Level Playing Field but don't force Open Source.
  2002-08-17 07:12:55  jsotack [View]
  
  
  To try to impose your decisions or views regarding buying decision I feel is elitism. How is it that the authors of the California Bill know better how to satisfy orgainizational IT needs than that orgainisations IT department?
  
  Some of the concerns addressed directly by open source are likley already addressed as follows:
  
  1. Limiting Spending: This is done by top level budgets. The decision maker of an orgainization should decide where to put their dollors. In some cases open source may make sense. In others it may not. To train people with new applicaton is either directly expensive (training classes or work hour spent attending) or indirectly (using time for self training).
  
  
  2. Information security: Security of personal information is a legitimate concern, but I believe it is enough to require orgainizations that keep personal data to protect it, and have penalties for failing to do so. The means of protecting it should be up to the orgainization.
  
  3. Information Distribution: Another legitamate concern of government might be distributing information (possibly in editable form) in formats that can be viewed without purchasing commercial SW. You don't have to mandate open source, only that distributed public information be distributed in an open format, or possibly in a format for which a free viewer exists.
  
  
  
  And what about availability of applications. Saying you can use only open source, or only closed source for that matter, limits the available applications.
  
  I like and use open source. I also like and use closed source commercial SW. Each has its place and should survive on its own merrits.
  
  Noboty forces me to buy SW for my home computer. If you don't like Windows, you can use MAC OS. If you don't like either of those, you can use Linux. I use Linux asnd Window for different purposes. If I am doing development or learning, I prefer Linux. For education / gaming for my kids, its Windows 98 SE.
  
  I trust the market where people decide for at the lowest levels what the best solution is from their prespsective.
  
  In general, each will succeed to the degree that it satisfies customer needs.
  
  John

• Open Standards or Software
  2002-08-17 04:42:39  lwoldt [View]
  
  
  I believe the government should always use open standards since they are using my money and I may actually want to access some government site.
  
  Should they use open source software, maybe.
  
  Again, it's the people's money and it should be spent carefully (no THERE'S a radical tought) and not just thrown at the lobbyists friends.
  
  Does that mean the government should be forced to use open source software? I don't think so, Tim (probably haven't heard tat in at leas 20 minutes).
  
  I do think the governemtn should always steer clear of proprietary software if it means that some citizens would be unable to access legitimate information from their government unless they too had the same software. After all, not everyone wants Microsoft's OS or their browser or their office suite.
  
  But as long as people have the access, the government should choose the best software and hardware for the job they want to accomplish.
  
  I'm just not a big fan of forcing anyone to do anything - seems so, well, forced.

• CA pollution laws scared Detroit, woke up USA
  2002-08-17 03:12:18  swmckillop [View]
  
  
  California's emission control laws forced the entire auto industry to make better cars, despite the whining of crybaby republicans. Any publicity is good publicity. It takes a sledge hammer to get Americans away from the boob tube and actually think. Tim, you want to leave the situation as it is?
  
  "For those who stubbornly seek freedom, there can be no more urgent task than to come to understand the mechanisms and practices of indoctrination. These are easy to perceive in the totalitarian societies, much less so in the system of 'brainwashing under freedom' to which we are subjected and which all too often we serve as willing or unwitting instruments." -Noam Chomsky
  
  See the new DVD: Manufacturing Consent: Noam Chomsky and the Media. Just released from www.zeitgeistfilm.com
  

• Advogato: Open Source Throws in the Towel
  2002-08-16 23:48:20  garym [View]
  
  
  For what it's worth, I posted this on 10 Aug on the advogato website... and ok, I was in a bitchy mood, but I'm no less pissed off now that the sham of a circus is done. What follows is the intro, but the full thing is at http://www.advogato.org/article/532.html
  
  Maybe it's the sour grapes over spectacular evaluation failings, or maybe it's just desperation, but it seems hardly a day goes by when there's not some new item that makes me want to distance myself ever more from the mainstream of the "open source" movement. Today's nugget was the utter inanity behind the CNET article Open source's new weapon: The law? and, with apologies to CNET authors Kanellos and Shankland, I offer this fictional retelling of the story, freely transliterating the rosy oss double-newspeak...

• Politics and the Open Source movement
  2002-08-16 18:39:20  loca [View]
  
  
  
  Tim displays a naive and weak understanding of the relationship between the technical and political spheres in modern society. He seems to believe that the Open Source Movement would be better off leaving the sphere of politics well alone. And unfortunately this policy of burying your head in the sand is one which seems endemic across the Open Source Movement, the majority of which seem to think that if they leave politics alone, politics will return the favour.
  
  All I can suggest is that you read your history Tim. Politics is in the habit of listening to those with the deepest pockets and this time it will not be any different. Multinational copyright owners, proprietory software companies and the Entertainment Industies have a lot riding on the tightening of control of intellectual property and they are not likely to just roll over and accept the dangers of Open Source to their control technologies (ie DeCSS et al).
  
  You really need to think very carefully about what is actually happening here, we are not just looking at purely technical solutions to technical problems. Unfortunately life just ain't that simple. We are looking at big dollar signs seeking to maximise revenue through the enforcement of copyright and patent control assisted by law and technology. And in doing so they are threatening our freedom to use information because if they own it, you can't use it. Or at least not if you can't pay for it.
  
  The foundations of our democratic states are built on the freedom of information to quote, reuse, critique and debate in a public sphere free from the control of private interests. Public goods need to be worked out in an arena where deliberation can be carried out and ideas freely exchanged.
  
  The beauty of the Open Source movement is its commitment to open exchange, as Lessig terms it a cultural commons, where nobody owns or controls these public goods. Not just code, everything, literature, music, writings, speeches, essays, paintings all these things need to be reused and re-interpreted for our culture to remain vibrant and innovative.
  
  Laws are there to protect and demark boundaries, and the state is there to enforce them. Crucially the decisions as to which Laws we should have are should be debated by all of us, that *includes* the Open Source movement. Without having a voice (whether radical or otherwise) no-one to hear what we have to say.
  
  So I say more politicisation of the Open Source Movement, let it wake up and realise that its very existence requires that it move into politics and start contesting issues that it doesn't agree with. The Open Source movement needs to grow up and realise nobody else will hold its hand.
  
  If that requires Law to protect Open Source from the very real threats that corporate interests make to it then SO BE IT. But these decisions and subsequent laws should be enacted after deliberation and debate with all sides putting their case in an open and democratic way, and it is up to us to put the strongest case forward for the Open Source movement.
  
  David
  http://www.locarecords.com
  
  
  
  
  
  

• Misunderstandings
  2002-08-16 15:47:39  cinabrium [View]
  
  
  Mr. O'Reilly's anonymous correspondent writes: "... But what we're getting is attempts to *require* use of Open Source software - effectively criminalizing an official's decision to buy commercial software to meet their needs. First in Peru, and now here."
  I apologize for not knowing in depth the DSSA proposal, but i can speak about the rationale behind the Peruvian project (and, BTW, the Argentinian and Colombian ones). According to all these projects, no official would be punished by licensing propietary software [1,2] as far as he/she can convincingly prove that no free/open-source solution exists for his/her needs. The projects just mandate the usage of open formats, and the usage of use of free/open-source software when and if it can satisfy a specific need (please see Article 5 of the Peruvian project, Article 4 of the Argentinian Project), and establishes the alternatives in case a free solution is not available: 1. development of a free solution, if there are no time/cost constraints; 2. usage of a non-free solution (within some established piorities).
  Viewing this as a menace to freedom is propagation of FUD. It seems that MS's message has reached farther than expected.
  
  Agreeing with his correspondent, Mr. O'Reilly says that "...having government specify software licensing policies is a bad idea." Unless one also holds as an immutable truth that having a corporation specify software licensing policies is a bad idea, i'm afraid that Mr. O'Reilly falls into a contradiction. After all, the projects just say what kind of software is going to be used in governmental organizations. And the reasons for that, well explained in the projects and in several other documents including Congressman Villanueva's reply to MS/Peru, are:
  * Free access to public information.
  * Permanence of public data.
  * Security of the State and citizens.
  The defense of these three basic principles might imply the adoption of a certain licensing policy, in the same way that the defense of your right to not be hit by a car when crossing a street implies the adoption of a certain traffic regulation policy.
  
  Mr. O'Reilly writes: "No one should be forced to choose open source, any more than they
  should be forced to choose proprietary software." I fully agree, when speaking of *individual* choice. Even when speaking of *corporate* choice.
  So... Why a goverment shouldn't be able to choose what software is going to be used for the government as a whole? Mr. O'Reilly's assertion could be misleading: any individual, any corporation in Peru (or Argentina, or Colombia) have full freedom of choice about the software they are going to use for their own purposes. Why should we deny that freedom to the government?
  
  On the other hand, the governments must guarantee the basic principles stated above. Those are overwhelmingly more significant that the supposed freedom of choice of a public servant. And the public IS better served if the government uses free software.
  
  Getting deep into a new contradiction, Mr. O'Reilly says that his new thoughts on the issue are based on his "version of Freedom zero". According to Mr. O'Reilly, Freedom zero is: "the freedom to offer your work to the world on the terms that you choose, and for the recipients to accept or reject those terms." Well stated! But according to his new thoughts, the definition of Freedom zero should be, as from now: the freedom to offer your work to the world on the terms that you choose, and for the recipients to accept or reject those terms, except when the recipient is a government, in which case the government must accept whatever licensing terms you wish to impose to your work. Or, in simpler terms: freedom zero for all, zero freedom for the government.
  
  In any case, the freedom of a certain civil servant to choose a piece of software over another doesn't bother me as a citizen. But I'm way more concerned about my freedom, and that of my fellow citizens, to research how my vote is accounted or my taxes calculated. And about my rights that my personal data are used only in authorized ways. And about the security that no corporation or government whatsoever has planted any backdoors in software used for critical processes. And about the security that the information I give to the government because of a legal duty is not being held hostage by proprietary and arcane storage formats or a foreign corporation. The list of "ands" could take several pages, but I hope I have clearly stated my point.
  
  Despite any good intentions of Mr. O'Reilly and his anonymous correspondent, assimilating the idea of use of free software in the government with the idea of banning freedom of choice could be seen as an unexpected (and hopefully unwilling) contibution to MS's FUD.
  
• Misunderstandings
  2002-08-16 16:13:33  korwin [View]
  
  
  "According to all these projects, no official would be punished by licensing propietary software [1,2] as far as he/she can convincingly prove that no free/open-source solution exists for his/her needs."
  
  First, this assumes that open-source software and free software are the same thing. Shouldn't this be rewritten as "no official would be punished by licensing propietary software [1,2], as far as he/she can convincingly prove that no free solution (whether open- or closed-source) exists for his/her needs."?
  
  Second, this puts the price of the software solution as the most important factor. What about the scenario where there is open-source software that is free and will do the job, but nobody can guarantee that it is secure enough and would not pose risk for the IT infrastructure of the government? Should this software be preferred to a closed-source software whose vendor is willing to guarantee the security of it's solution?
  
  The open source does not intrinsically guarantee any of these principles:
  
  * Free access to public information.
  * Permanence of public data.
  * Security of the State and citizens.
  
  Furthermore, the open source software has nothing to do with these principles. Will any open source program actually guarantee to me that the public data will be permanent or secure if maintained by it to the degree that i could sue the software vendor (who would that be in the case of gcc btw)? In fact, these bills in it's current form put the second and the third principles at stake since they mandate that the government officials make their choice based on whether the software is open source and free and not whether it conforms to any levels of acceptance (as it should be).
  
• Misunderstandings -- replying Korbin's objections
  2002-08-16 17:04:18  cinabrium [View]
  
  
  First:
  The assumption of free software = open source was done for (over)simplification only. Anyways, the projects speak about "software libre" (free as in
  freedom) but the definition is a subset of the open source definition (see http://www.opensource.org/docs/definition.php )
  
  Second:
  The price of the software is *NOT* a factor in any of the projects. Let me kindly remind you that Internet Exploder is free as in beer. In your scenario, the government could get the open-source software and thoroughly inspect it and/or hire a bunch of maintainers or a company able to keep it up and running OR believe the proprietary closed source software vendor's promises... What would you do? How does the vendor guarantee the security of its solution?
  
  Third:
  No software "per se" (free or proprietary) guarantees the principles. But you can't guarantee them without open formats and source availability, unless you are willing to assume the costs of reverse engineering (sometimes prohibited by licensing conditions) any time you want to migrate or any time the vendors decide that they are not going to support a certain piece of software anymore. What happened with your nice spreadsheets in Visicalc or with those beautiful essays you wrote in Wordstar?
  And furthermore:
  I prefer to be sure of how the tire was built instead of suing Firestone after my neck is broken. But i must concede that quality assurance of the software could be reached by more means than mandating the availability of the source code. However, no quality assurance procedure will be correct and complete unless the code can be openly inspected and tested. As a cryptographer, I follow the principle that no algorithm, protocol, system, is deemed secure before open and deep scrutiny by the entire scientific community[1]. The same holds for the software.
  Regarding "ex-post" liability, I think that if the law mandates that software vendors are liable for *any* damages arising from software failure, I would feel more comfortable signing such guarantee for gcc than for any closed-source compiler. In any case, software vendors won't accept such liability (have you read any EULAs lately?) so the argument goes byzantine.
  
  Many tanks for your well reasoned observations!
  
  --
  NOTES:
  
  [1] Skipjack, an algorithm designed by the NSA (the best troupe of cryptographers around), was kept secret. When NSA finally decided to make it public, serious flaws appeared in less than three months (see e.g. http://www.cs.technion.ac.il/~biham/Reports/SkipJack/ )
• Misunderstandings
  2002-08-16 16:00:48  cinabrium [View]
  
  
  I forgot the notes. My apologies :)
  ---
  NOTES:
  [1] Licensing, not purchasing. Unless you own the intellectual property of the software, you *NEVER* buy it. You just get a permission from the owner of the IP to *use* it within certain restrictions.
  
  [2] Proprietary, not commercial. There is a lot of free software which is traded for profit (e.g. any "commercial" Linux distribution, as good as a lot of propietary software at no cost (think of distributed.net's clients).

• Freedom to use any software I want
  2002-08-16 15:17:27  bhurt [View]
  
  
  I haven't looked at the California legislation, so I can't comment on it. I have looked at the Peruvian legislation, so I'll restrict my comments to that.
  
  Interoperability is a very import facet of the government. Unlike any given business, wherein it could be argued that interacting with them is optional (you don't *have* to do business with anyone), interacting with the government is often not optional. So requiring the government to use software which can inter-operate with any software is rational, even required.
  
  Consider the following, not unlikely, case. The government decides to go over to 100% electronic filing (save the trees), and since the government uses Microsoft Office, it decides that the format to submit your taxes in is Word, with appropriate macros and forms etc. Doesn't the government have the right to use any software it wants? Except that since paying taxes is not optional, using Word is no longer optional. I no longer have the freedom to *not* use Word. Although Bill Gates may desire a world where not running Word means large fines and jail time (for the nominal crime of being unable to pay your taxes), this does not well serve society as a whole.
  
  The Peruvian legislation does not, despite common misunderstandings, actually require open source software. It simply requires that the government *not* mandate what software the individual uses (plus reasonable national security and promotion of the local economy requirements). If Microsoft is unable to meet those requirements than the government should not use Microsoft products! If Microsoft is able to meet those requirements, then they have nothing to worry about.
  
  The other requirements of the Peruvian legislation are equally rational. Peru has as much right to defend itself, and protect it's secrets, as the United States. Put the shoe on the other foot for a moment to try it on- what would you think if the United States national security was completely dependent upon Peruvian software. Worse yet, allegations surfaced that the Peruvian government had pressured the software makers to include back doors in the software, allowing the Peruvian government to spy on the United States government (the infamous Peruvian Security Agency key, a.k.a. psa_key, debacle). Of course, the source to this hypothetical software is not available to anyone in the United States, being the jealously guarded secret of the original Peruvian company. Viewed in this light, what is surprising is not that the Peruvians are contemplating taking this step, but that the national security organizations of every other country on planet did not take this step years ago.
  
  Likewise, a Peruvian legislator voting to create jobs in Peru is about as surprising as a California legislator voting to create jobs in California. What would be surprising is a California legislator standing up and saying "No! Rather than creating jobs in California, we should create jobs in Minnesota- or better yet, we should create jobs in Peru!" Such a legislator would, no doubt, very rapidly have more time to spend with his family, and write his memoirs. Perhaps Microsoft should consider how many jobs it creates in Peru- and Argentina, and Britain, and Germany, and China, and Korea, and all the other countries. Come to think of it, maybe they should also consider how many jobs they create in the other forty nine states.
  
  I whole heartedly support the Peruvian legislation as a model for the entire world- the United States included.
  
  Brian
  
  
• Freedom to use any software I want
  2002-08-18 07:01:39  rijrunner [View]
  
  
  "Interoperability is a very import facet of the government. Unlike any given business, wherein it could be argued that interacting with them is optional (you don't *have* to do business with anyone), interacting with the government is often not optional. So requiring the government to use software which can inter-operate with any software is rational, even required.
  "
  
  You seem to be missing one central point.
  
  
  There is a huge difference between Open Source and Open Standards.
  
  In the part of your post above, you state the argument for Open Standards. Interoperbility is good. Open Standards means anyone can access the data from any number of clients.
  
  OK.
  
  What the legislation you advocate does is mandate that the *client* be open source. Hmm. Why? Given a number of clients, does the determining step have to be that the client be Open Source with secondary consideration being given to other factors, such as functionality, ease of use, features, etc, etc?
  
  You have legislated the *wrong* thing. Consider the example of Gnome and KDE. Both are Open Source. Both can access most of the same apps, but they are *still* working towards interoperability. These are two Open Source non-compatible apps for most of their lifespan. Will legislating Open Source help the person who locks into one with running apps designed for the other? You are still in the same bind in Open Source projects you are in now. You have to wait for the developers to add compatibility. The beauty of Open Source is that you could, if you wanted, add a third app that combines the features of the first two. I think the technical term is "kludge" for that third app.
  
  If two apps can meet the same core functionality, which is the central point that everyone seems to agree upon, then it makes *no* real difference whether one is Open Source and the other proprietary. Each can have it's own functionality, look, feel, features, and ways of tying into additional apps as part of a suite, should they chose. You, the user, can decide upon which client you prefer based upon your own selection criteria. Another user can decide based upon their criteria.
  
  All the Open Source clients in the world will not help if you do not have an Open Standard. And, no amount of legislating the use of Open Source clients will give that Standard.
  
  Similarly, legislating Open Standards is about giving people choice in clients and there is no need to place an additional, unnecessary, requirement that everyone who wants to write, or use, the clients be given only a choice of Open Source clients.
  

• Not about OSS philosophies
  2002-08-16 15:16:07  omg [View]
  
  
  This proposed law is not about OSS philosophies. It's about the use of public tax payer funds to provide excessive profits to an industry that is controlled by a monopoly. I don't have anything against software companies making profits, but under rules that provide fair competition, and today these rules do not exist. I applaud any effort in government that will balance the competitive playing field, including legislating OSS software for government use.
  
  It's also about security. Relying on a single provider for a closed source application does not allow either public or internal audit of the actual functionality of the code.
  
  We need rules that promote fair competition and security. Rules that don't lock the government in to a single source provider (for services, upgrades, maintenance or product). I see OSS type rules as the only valid solution.
  
  We all pay an enormous cost because of the state of the software industry. It needs reform.
• Not about OSS philosophies
  2002-09-03 14:11:30  anthonyhunt [View]
  
  
  omg wrote: "I applaud any effort in government that will balance the competitive playing field, including legislating OSS software for government use."
  
  So the ends justifies the means?

• Naivete and Confusion
  2002-08-16 14:49:01  grantroot [View]
  
  
  Tim,
  
  Your correspondent's point of view here is somewhat naive:
  
  > By asking for government mandates on software
  > purchasing, they're practically inviting the
  > commercial software developers to lobby for
  > legislation forbidding Open Source, in response
  > to 'our' efforts to require it.
  
  So, if we play nice, they will too? I don't think so. We need to start playing for keeps here, because the other side is already.
  
  I also think you are missing a point by saying:
  
  > But the more I think about it, the more you I
  > realize that having governments specify
  > software licensing policies is a bad idea.
  
  You think the government should not specify licensing policies for the government? Um, who should?
  
  Remember, we're not talking about the government imposing requirements on individuals or corporations here. Governments need to be able to make internal policies just as other bodies do.
  
  This is not to say I necessarily think this is a good move at this time. I can see practical problems that could drive Califirnia's IT people nuts. But that's a matter of practicality, not ethics or ideals.
  
  

• Speaker of the House Sam Rayburn once said, "You can't take the politics out of politics."
  2002-08-16 14:11:57  John W. Adams | [View]
  
  
  Oddly enough, Tim, I was thinking along somewhat but not entirely different lines than your correspondent mentioned in today's weblog when I posted this last night:
  
  http://www.jzip.org/jzip/archives/000051.html
  
  I don't mind politicization per se, but do object to doing it wrong, and I think that's what I saw in yesterday's event. (Speaking of theater, I also saw this in last year's Tiemann-Mundie debate.) I also heard a related misconception in the questions after Lessig's talk at OSCON, when someone advocated marching on Washington to create change.
  
  Marches don't create movements--it's movements which create marches. The three most important such marches on Washington in recent history--the 1963 civil rights march, the 1970 Vietnam moratorium, and the 1987 gay rights march--are examples of how an organized movement can use a high-profile march to advance that movement's cause. Doing it in reverse doesn't work.
  
  What I believe you are objecting to in your weblog isn't the politicization of open source. As Larry Lessig says, you can ignore politics, but politics will not ignore you.
  
  You are, I think, objecting instead to the radicalization of the politics of open source.
  
  That raises interesting questions. For instance, are the politics of open source inherently radical? I wouldn't say so (though I could make a darn good argument for it, and I suspect the view is quite different if one is looking from Peru.) On the other hand, the political _implications_ of open source _in government_ may be very radical. (I may be parsing too finely here.)
  
  There's a big difference between _requiring_ open source and _requiring evaluation_ of open source in government. The second helps level the playing field, making lobbyists less powerful--and that _is_ radical. Just getting that foot in the door is a major step--I really think that's all that's needed, both in government and elsewhere. If it isn't, then we need to rethink whether open source is such a good idea.
  
  I do think there's a strong pedagogical argument for requiring open source in education, one that coexists with the financial argument (though I've been following Jonathan Gennick's struggles in his weblog).
  
  One last thought: I've never been a big fan of Eliot, though I recognize his greatness. Last week, I made a posting relevant, perhaps, to that famous quotation: http://www.jzip.org/jzip/archives/000039.html
  
  All the best,
  
  John (adamsj) A

• Tim: Government != world
  2002-08-16 13:32:48  sjones2k [View]
  
  
  Government has just as much right to set it's purchasing criterial on the basis of what it deems valuable to it's business as anoyone else. You seem to be treating this as if they were setting a law for all businesses in the State.
  
  Instead of being reactionary why not demonstrate how they are harming the state or squandering the citizens funds by their decision. This would be far more likely to convice government and world+dog.
  
  Oh, and let's not be naive. If there was any possibility of success would not Microsoft seek the same thing. In that case the arguements against would be a little less philosophical
  
  S

• Benefits of Open File Formats
  2002-08-16 13:24:40  alderete [View]
  
  
  > From my perspective, I would think the Open Source
  > community would be much better served if it took
  > the moral high ground and called for Openness in
  > Software Procurement. If you feel you have to coerce
  > people, it would be better to force them to increase
  > their disclosure. Require officials to document
  > their acquisition critieria, require companies to
  > publish their licensing policies, insist on use of
  > open file formats for publicly accessible documents.
  
  Your correspondent has hit the nail on the head, in the last phrase here, though I think (s)he's placed too little emphasis on it.
  
  The ideal thing to do here would be to create *simple* legistlation around the allowed file formats used. By mandating that software purchased by gov't must default to storing files in publicly documented, open standards-based formats, the playing field for Open Source would broaden immensely.
  
  There's plenty of good reasons for this in the public interest, as described in the discussion of the Peruvian initiative. But the direct benefits to Open Source projects would be tremendous. Just imagine if, in order to sell Microsoft Office to the gov't, the file formats had to be fully described and totally open. Projects like Open Office could provide perfect support for MS Office documents, instead of merely pretty good support.
  
  It would be important that the file formats must be *fully* described (no proprietary extensions allowed), and that no IP was required to support the formats. RAND terms for being able to use the "open" format must be unacceptable; it must be totally open and free.
  
  Perhaps the quality of the published specification and compliance test suite (CTS) for the file formats should become one of the major evaluation and acquisition criteria for all gov't purchases.
  
  Michael Alderete
  
• Benefits of Open File Formats
  2002-08-16 13:43:06  mcain6925 [View]
  
  
  I agree completely with your comments about open file formats, and where any IP regarding the format (or use thereof) lies in the hands of a single company/individual, waiving any licensing is straightforward. It is amazing how many times this might night be the case. MPEG audio and video is a good example. Technically, the IP (much of it in the form of patents) needed to implement an MPEG player is held by dozens of individuals, companies, and universities. Clearing the IP of encumberences may be difficult, if not impossible.
  
  Particularly for media formats, there are an enormous number of existing patents that cover any implementation of the algorithms, and many more patents are "in the pipeline." The Oog people have been building supposedly unencumbered codecs for audio and video -- whether they have been successful will take years to determine.

• What about the quality of the open source
  2002-08-16 12:55:52  korwin [View]
  
  
  The open source advocates want the government to require open sources for every product it purchases. The reason - the government should be allowed to do with the product as it sees fit to. There are couple questions that nobody raises though:
  
  1. Should the government specifically prohibit buying products that are based on GPL license? Reasons: the government will be forced to release the right fur use to any modifications it might do. Can you imagine NATO general signing off the approval to release back to the community the missile guidance software?
  
  2. How come nobody talks about any quality standarts that the software should conform to? If the government is to mandate software policy, shouldn't it first establish quality standarts, before even talking about open sources? There should be government standards that the software conforms to, like the cars crash tests. And anybody that writes programs should pay a fee to pass these tests. What company will be willing to pay for such tests? Or the government should sponsor the open source programs and discriminate the closed source ones?
  
  The open source advocates say: "why buy a car that has it's engine cover welded?" Let me ask a question: "Why force the government to buy cars that were made by thousands of unknown people?".
  Meanwhile, if we continue the car analogy - why doesn't anybody require Ford to build open standarts cars and provide their designs back to the community? Why doesn't FSF require that any car, bought by the government, to have it's blueprints published somewhere on the web? Oh, don't forget also the blueprints of the tools and machines used to build the car as well.
  
  I work as a programmer. I love my work. And frankly, i don't know how to do anything else. But i don't want to write open source. I admit the code i write - it's not a genius' work. But it's something i did. I'd like to have the choice what to do with it. And i'd like to be able to compete for any contracts. If the government mandates that it should have access to the sources of my program in order to buy it - so be it. But they should not force me to release these sources to the public.
  
  It's all about choice. However, it looks to me that in fact it's not about my choice as a developer nor it is about the government's choice, but about the FSF choice.
• What about the quality of the open source
  2002-09-03 14:29:52  anthonyhunt [View]
  
  
  Korwin wrote: "The open source advocates say: "why buy a car that has it's engine cover welded?" Let me ask a question: "Why force the government to buy cars that were made by thousands of unknown people?"."
  
  If you think about it you'd realise that this is what we do in any case. The difference is, how are the decisions controlled? By a board of directors telling a bunch of factory workers and designers what to do or by the workers and designers themselves in a democratic fashsion?
  
  Korwin continued:
  "Meanwhile, if we continue the car analogy - why doesn't anybody require Ford to build open standarts cars and provide their designs back to the community? Why doesn't FSF require that any car, bought by the government, to have it's blueprints published somewhere on the web? Oh, don't forget also the blueprints of the tools and machines used to build the car as well."
  
  Because keeping these things secret is the easiest way to make a living out of them under the economic framework of American Capitalism. The only reason open source software fits into the this framework is that it is simply electronic data and electronic data costs almost nothing to dupilcate.
• What about the quality of the open source
  2002-08-26 16:25:25  gameboy70 [View]
  
  
  "The open source advocates want the government to require open sources for every product it purchases. The reason - the government should be allowed to do with the product as it sees fit to."
  
  Hence the restriction: the government should not be able to purchase code that it can neither see nor use at its own discretion. The people of California do not want another Oracle scam.
  
  "1. Should the government specifically prohibit buying products that are based on GPL license? Reasons: the government will be forced to release the right fur use to any modifications it might do. Can you imagine NATO general signing off the approval to release back to the community the missile guidance software?"
  
  As long as the government isn't redistributing software, it's not subject to the GPL requirement that redistributed software must include the source code.
  
  "2. How come nobody talks about any quality standarts that the software should conform to? If the government is to mandate software policy, shouldn't it first establish quality standarts, before even talking about open sources? There should be government standards that the software conforms to, like the cars crash tests. And anybody that writes programs should pay a fee to pass these tests. What company will be willing to pay for such tests? Or the government should sponsor the open source programs and discriminate the closed source ones?"
  
  Since both proprietary and open source licenses currently waive all liability (or reduce it to, at most, the value of the software itself -- regardless of what other damages were incurred at a result of the software), your rhetorical question is irrelevant to the matters at hand: security, integrity of code, permanence of data, vendor independence, etc. Your requirement for liability is worth exploring, but the playing field on this issue as fairly level at the moment.
  
  "The open source advocates say: "why buy a car that has it's engine cover welded?" Let me ask a question: "Why force the government to buy cars that were made by thousands of unknown people?".
  Meanwhile, if we continue the car analogy - why doesn't anybody require Ford to build open standarts cars and provide their designs back to the community? Why doesn't FSF require that any car, bought by the government, to have it's blueprints published somewhere on the web? Oh, don't forget also the blueprints of the tools and machines used to build the car as well."
  
  You're harping on a development method, not a licensing requirement. There's nothing to stop Microsoft from selling Word to the government under the GPL except the company's willingness to do it. There's a tendency to equate open source with "Bazaar" and proprietary source with "Cathedral," but either method could be used to develop the other type of software. FreeBSD, for instance, is almost entirely the work of the Berkeley developers, who reject most sumbissions they receive from outside. The developer is not required to accept submissions, nor is the government required to purchase from a supplier that does (not that I agree that it would be a bad thing).
  
  "I work as a programmer. I love my work. And frankly, i don't know how to do anything else. But i don't want to write open source. I admit the code i write - it's not a genius' work. But it's something i did. I'd like to have the choice what to do with it. And i'd like to be able to compete for any contracts. If the government mandates that it should have access to the sources of my program in order to buy it - so be it. But they should not force me to release these sources to the public."
  
  The government isn't forcing you to do anything. The proposed legislation prohibits what the government buys, not what you sell, which is consistent with the free market. If you don't feel that you can commercialize your work in a way that makes it fit for the citizens of California, you'll have to take your bid elsewhere. The State does not owe you a subsidy.
  
  "It's all about choice. However, it looks to me that in fact it's not about my choice as a developer nor it is about the government's choice, but about the FSF choice."
  
  That's like saying that giving blacks the right to vote is about the Mississippi Freedom Democratic Party's choice rather than being a general civil rights issue. The people of California should be free from vendor lock-in. Incidentally, the FSF didn't draft the CSSA. RMS would *never* have a hand in a bill that mandates "Open Source"!
• What about the quality of the open source
  2002-08-16 14:04:55  euan [View]
  
  
  > 1. Should the government specifically prohibit buying
  > products that are based on GPL license? Reasons: the
  > government will be forced to release the right fur use
  > to any modifications it might do. Can you imagine NATO
  > general signing off the approval to release back to
  > the community the missile guidance software?
  
  This is a non-issue. The GPL clearly states that the
  changed source need only be redistributed if the binaries
  themeselves are going to be redistributed. I can't
  imagine NATO releasing the binaries for missile guidance
  software somehow.
  
  > 2. How come nobody talks about any quality standarts
  > that the software should conform to? If the government
  > is to mandate software policy, shouldn't it first
  > establish quality standarts, before even talking about
  > open sources? There should be government standards
  > that the software conforms to, like the cars crash
  > tests. And anybody that writes programs should pay a
  > fee to pass these tests. What company will be willing
  > to pay for such tests? Or the government should
  > sponsor the open source programs and discriminate the
  > closed source ones?
  
  And exactly what quality standards do proprietry
  companies adhere to? None as far as I'm aware. As for
  who would pay for any such theoretical tests for free
  software, then that would be down to the company that
  puts foward such software for consideration i.e. Red Hat,
  Mandrake or a n other.
  
  > The open source advocates say: "why buy a car that has
  > it's engine cover welded?" Let me ask a question: "Why
  > force the government to buy cars that were made by
  > thousands of unknown people?".
  > Meanwhile, if we continue the car analogy - why
  > doesn't anybody require Ford to build open standarts
  > cars and provide their designs back to the community?
  > Why doesn't FSF require that any car, bought by the
  > government, to have it's blueprints published
  > somewhere on the web? Oh, don't forget also the
  > blueprints of the tools and machines used to build the
  > car as well.
  
  And here we have the tired security through obscurity
  approach. Hasn't this one been done to death already?
  
  > I work as a programmer. I love my work. And frankly, i
  > don't know how to do anything else. But i don't want
  > to write open source. I admit the code i write - it's
  > not a genius' work. But it's something i did. I'd like
  > to have the choice what to do with it. And i'd like to
  > be able to compete for any contracts. If the
  > government mandates that it should have access to the
  > sources of my program in order to buy it - so be it.
  > But they should not force me to release these sources
  > to the public.
  
  Agreed, that is your right. However the Venezuelan bill
  at any rate mandates that it's just the government that
  will require the source, a wholly sensible precaution in
  my view to combat vendor lock in.
  
  > It's all about choice. However, it looks to me that in
  > fact it's not about my choice as a developer nor it is
  > about the government's choice, but about the FSF
  > choice.
  
  How so? I can't comment on the Californian bill as I've
  not read it. With the Venezualean bill though the only
  freedom you will be surrendering is your choice of file
  formats. Your code will not be released to the public or
  your competitors so what is your objection?
  
  Regareds,
  
  Euan (neither a coder, hacker etc; just one who
  appreciates quality software no matter what platform it
  runs on.)
• What about the quality of the open source
  2002-08-16 13:23:15  zwack [View]
  
  
  "Let me ask a question: 'Why force the government to buy cars that were made by thousands of unknown people?'."
  
  So you know everyone who built your car? I don't... in fact it was probably made by thousands of unknown people... or at least hundreds. Sure I know which company made a profit from it, but I don't know any people. If I paid for an open source solution, and support for that solution, I WOULD know who had acceptted responsibility for that software.
  
  Frankly, if a NATO general released the missile guidance software back to the community it would be acceptable to me. It might even work in the favour of NATO... "OOOH, look, their missiles are accurate to within 1 metre. Ours aren't that accurate..." The only people who would be able to make use of that software would require the hardware as well.
  
  Sure Ford could release the blue prints to their cars... it wouldn't do most people any good whatsoever. Remember, you can already go to an auto parts store and buy all of the parts. Knowing how to stick them together isn't too difficult.
  
  While I wouldn't argue for enforced use of only open source software I find your analogies to be somewhat poor.
  
  More important to my mind is that the data file formats should all be open standards. That way YOU could write some software to manipulate them, I could write some software that worked differently, THEN their is real choice, rather than the current "well, all of our current documents are in this proprietary format, converting them to that proprietary format is a real pain" pseudo choice.
  
  Z.
  
• What about the quality of the software purchased by the government
  2002-08-16 14:16:09  korwin [View]
  
  
  I changed the title, because it is more fair representation of the things that i argue about and is not related to the open source programs only.
  
  Here's what i think on FSF, open source and this proposal:
  
  Can you say that you know the company that made Linux? Hmm, who would be responsible if a bug in OpenOffice changes the measurement units in my document from inches to centimeters and my subsidiary delivers to me 100000 wrong details? I don't say that you would be able to sue the proprietary software companies. But if the government is forced to impose a quality standards first, before source openness, i would expect to see the proprietary software companies to react first and in fact deliver software that is compliant with those standards. Can you imagine a company to accept the responsibility for OpenOffice? Yes, i know Sun has StarOffice alternative, so there is a big company that can do this, but who else? And as far as i know Sun would not submit all of it's code back to the open source community.
  
  Requiring the government to purchase only open source programs, so that people have the opportunity to examine how their data is being processed with the argument that the transparency would make the programs more secure and reliable - this is ridiculous. It's like asking the government to force Ford and the other car companies to publish their blueprints and not impose any standards. I mean - why require crash test, if the blueprints are available and any decent auto mechanic would be able to fix it for you if it was not safe? And than shouldn't we as taxpayers be able to have the fair access to the blueprints of the public transportation system? Even if don't know what to do with them, we could hire experts to audit them. To make sure that of course those cars are safe?
  
  Would i be interested in the actual algorhitm used to sort all the government records about people - not, because "it wouldn't do me any good". Would i be interested whether the software that sorts those records is safe and secure enough so that they are not lost or stolen - yes, but i don't need the software sources to make sure this is indeed fact. The good of the people would be ensured if (as you and other people here briefly mentioned) the government requires open data formats _and_ if the government establishes standard procedures and tests to ensure minimum level of software quality. Anybody who wants to sell to the government should pass these tests and procedures adn should conform to these standards. Period. It shouldn't matter if it is open source or closed source, as long as it complies with these requirements. You don't require Ford to publish their blueprints because "it wouldn't do most people any good whatsoever". You do require though that Ford cars are acceptable safe. And everybody is happy with this situation.
  
  Will FSF assume the responsibilty that Emacs will not loose your data becaus of some bug or that gcc will in fact provide the proper code for your hardware and will not fry your CPU? Will FSF allow to be sued if this happens? How will they guarantee those programs indeed work (besides "You are free to examine those programs and fix them if there is any bug in there. Oh, and btw - you have to give your work to us. But we guarantee they work properly - they have been reviewed by lot of other people and all the bugs were fixed. Err, what do you mean by 'who are those people'?")
  
  To summarize my rant : Why the open source advocates and FSF do not advocate wide addoption of IT industry standards for quality assurance and testing process? Why do they not work for establishing government level of software acceptance for things like security, reliability and performance? Are these things less important than the availability of the source? Imho, the movement to require the government to purchase only open source software has nothing to do with the good of the people. It is a political move by FSF to establish another kind of monopoly - one that favors them.
  
• What about the quality of the software purchased by the government
  2002-08-16 16:15:02  pkobly [View]
  
  
  "But if the government is forced to impose a quality standards first, before source openness, i would expect to see the proprietary software companies to react first and in fact deliver software that is compliant with those standards."
  
  1) How do you propose that a determination of compliance with quality standards be made? A set of black-box tests by the government? A bare assertion from the vendor?
  
  2) Why do you "expect to see" something where you have actually consistently seen the opposite? How quickly did Microsoft respond to the recent major SSL certificate authentication problems in IE? How quickly did the KDE team respond to the same problems found in their code?
  
  Answer: After a week, Microsoft still hasn't fixed the problem. Within 90 minutes, the KDE team had fixed Konqueror.
  
  "You don't require Ford to publish their blueprints because "it wouldn't do most people any good whatsoever". You do require though that Ford cars are acceptable safe. And everybody is happy with this situation."
  
  Ford _is_, however required to release some information about its cars. It is required to release specification and design information about its safety equipment so that said equipment can be evaluated and tested. It is required (recent FTC decision) to release specifications of the computer diagnostic ports, so that hobbyists and non-Ford authorized mechanics are _able_ to maintain their Ford vehicles. Ford is not permitted to stop after market parts cloners from producing replacement parts for Ford vehicles. Ford is not permitted to disallow Ford owners from reselling Ford vehicles. Ford is not permitted to disallow Ford owners from lending their vehicles to friends.
• What about the quality of the software purchased by the government
  2002-08-16 17:05:19  korwin [View]
  
  
  >1) How do you propose that a determination of
  >compliance with quality standards be made?
  >A set of black-box tests by the government?
  >A bare assertion from the vendor?
  
  Combination of these. Set of base tests that do not require knowledge of the internal work of the product, liability assertion from the vendor with penalties for non-compliance and requirement of the design of sensitive parts, like encoding algorithms.
  
  >Ford is not permitted to disallow Ford
  >owners from lending their vehicles to friends.
  
  Lending your Ford to your friend is fair use. But can you lend a copy of your Ford to your friend?
  
  Red Hat Network Basic service level: $60/year per system subscription. Err, if the OS is free and open source, how exactly will they maintain "per system". If i lend my RedHat copy to a friend, is he entitled to the support as well? Or is it tied to the first installation i did? How is this different from buying Windows XP for $200, besides being little bit cheaper, which might not be true, because with XP there is no time limit for the support and the updates.
  The only difference is - if i want to thinker with my RedHat installation, i could do it. I could also (with the proper technological knowledge) even resolve my issue by my own. I couldn't do this with XP. And that is big difference if i had the time to invest in this process and the desire to learn everything inside it. But if i don't and want to use my computer right out of box and just enjoy it - well, i have to pay either Microsoft or RedHat. And honestly, for now Microsoft provides more value for the money.
• What about the quality of the software purchased by the government
  2002-08-16 16:41:11  korwin [View]
  
  
  >2) Why do you "expect to see" something where
  >you have actually consistently seen the
  >opposite? How quickly did Microsoft respond to
  >the recent major SSL certificate authentication
  >problems in IE? How quickly did the KDE team
  >respond to the same problems found in their code?
  
  With all due respect to the KDE developers, i doubt that they tested this fix on 86 and 64, with every single Linux disro that can run KDE, with all the kernels and with all the major programs that actually use the Konqueror's engine for accessing internet. There is no way to do this in 90 minutes and btw there is no one to pay for this.
  Oh, and how many test scenarios did they run to ensure that not only they fixed this, but also have not broken any other functionality?
• What about the quality of the software purchased by the government
  2002-08-16 14:54:24  zwack [View]
  
  
  Ummm... Thanks for your rant... I think...
  
  You did not answer ANY of my questions though...
  
  So hopefully we can get a clear understanding of what I suggested, and then you can explain why I am wrong...
  
  "Can you say that you know the company that made Linux? Hmm, who would be responsible if a bug in OpenOffice..."
  
  Well, I still had a vendor in there, one who was willing to provide support. The government is going to buy a solution from somewhere. If it's Linux and they buy it from RedHat then RedHat would be responsible for supporting that software. If it's StarOffice and they buy it from Sun then Sun provide the support... If it's OpenOffice and they buy it from "OpenSource 'R' Us" then OpenSource 'R' Us would provide support.
  
  They don't have to accept responsiblity for the bugs, just provide support. They should try and fix the bugs or get someone else to, but they need to provide some form of support. If you think I am being easy on them with the "don't have to accept responsibility for" bit then I would suggest you go read some EULAs from Microsoft... or indeed anyone else.
  
  What I want is for the mandate to be for Open Standards for the file and data formats. This makes sense to me... And as you like your car analogy it's like me saying "Here are the sepcifications for a tyre for a '65 Mustang..." And then looking around to see who made tyres that fit that specification. I could get Firestone or Michelin or any number of other brands of tyres made to that specification. They're not all made by one company. Similarly if I was to say "Here is the file format for a word processed document..." Multiple vendors could produce software that could read and write the same document. Some of them might be closed source, some of them might be open source... Some of them might even involve people following procedures in a manual that caused them to produce a file using an ascii text editor that met the standard. I don't care. But I can look at the specification, write my own tool to manipulate it and do what I want with the document. Multiple vendors providing software that can interact is true CHOICE. If I like the spell checker in tool 1 but the Mail merge in tool 2 there is nothing to stop me using 2 for a mail merge and 1 for the spell checker. If tool 3 has a mail merge that's almost as good as that in 2 and a spell checker that is almost as goos as that in 1 then I might decide that 3 was good enough for my needs and only use that. If however each vendor only supports their own proprietary data formats then I have to choose one tool that will do... And if Tool 3 didn't exist I would have to decide if Mail Merge or Spell Checking was important to me. And if I choose tool 1 and the manufacturer goes out of business... What then? I have to either convert my data to work with tool 2 (and data conversion is not a fun process) or I have to keep using tool 1 and doing without any new features.
  
  I don't agree with RMS that all developers should have to use GPL. I think that that is your choice. (I do, but I made that decision, nobody forced me to). Equally I don't agree that I should be forced to use proprietary products because nobody knows what their data format is.
  
  If Governments mandated Open Standards for File and Data Formats that would encourage software that can interoperate. Interoperability is good for everyone except the dominant market leader. Vendor Lock-in is bad for everyone except the vendor that you are locked in to. Interoperability encourages TRUE innovation. If the market leader can retain their market share by providing new features that people want then everyone benefits. They might have to work a bit harder than with lock-in... But it gives everyone a fair chance.
  
  Z.
• What about the quality of the software purchased by the government
  2002-08-16 15:38:23  korwin [View]
  
  
  On the topic of what government should require from the software vendors:
  
  I disagree with the legislation proposal, not with you. Let's require open standards, not open source. But also, let's require security, reliability and performance acceptance level even before the open standards. Ask the (proprietary or open source) software companies to deliver software that works.
  
  On the topic of the open source software model and more specifically the GPL one:
  
  Purchasing a softare should give you the right to sue the software vendor if this software fails to work as it is supposed. (Government requirements, quality standards and conformance tests would be a base for this to happen. :-)) If i am hurt because a car malfunctions, i can sue the car manufacturer. The same should apply to software. The thing here is - i can see the proprietary software companies as Microsoft being able to actually comply with such requirements; however, i fail to see how an open source company would be able to do it. As you said - OpenSource 'R' Us might sell me the software and might be willing to provide support (well, that's their revenue model), but i doubt they would be willing to go to the court to defend somebody else's code.
  
  Are you personally willing to guarantee the security and the reliability of a software solution you would sell to some of your client? I assume you use gcc - would you be willing to stand by the binaries, produced by it, to the degree of taking the responsibility and allowing to be sued?
  
• What about the quality of the software purchased by the government
  2002-08-16 16:04:18  pkobly [View]
  
  
  >I disagree with the legislation proposal, not
  >with you. Let's require open
  >standards, not open source. But also, let's
  >require security, reliability and
  >performance acceptance level even before the
  >open standards. Ask the (proprietary or open
  >source) software companies to deliver software
  >that works.
  
  While this is a laudable goal, how do we assert that the software works or is secure? Black-box testing is simply *not* sufficient to assert quality with any credibility. Open source, allows the purchaser or the user (in this case the government) to perform its own testing and audits, rather than simply relying on the bare assertions of a vendor.
  
  Remember, the Pinto went through testing before it was unleashed on the world.
  
  > Purchasing a softare should give you the right
  > to sue the software vendor if this software
  > fails to work as it is supposed.
  
  This requires a complete definition of how the software is supposed to work, and under what conditions. That definition often does not exist in general purpose computing.
  
  If you ever get the right to sue vendors, then you ought to consider the likelihood of vendors being able to pay out on lawsuits. That same problem exists with many consumer goods. But it's a moot point now. Small companies are just as able to pay out the $0 judgements that you can get now as are big companies.
  
  > Are you personally willing to guarantee the
  > security and the reliability of a software
  > solution you would sell to some of your client?
  
  Is Microsoft?
  
  > I assume you use gcc - would you be willing to
  > stand by the binaries, produced by it, to the
  > degree of taking the responsibility and
  > allowing to be sued?
  
  I would be more willing to do so while using gcc than while using a proprietary compiler. I don't have to rely exclusively on the assertions of a third party that the compiler works correctly.
  
• What about the quality of the software purchased by the government
  2002-08-16 16:28:09  korwin [View]
  
  
  >> Are you personally willing to guarantee the
  >> security and the reliability of a software
  >> solution you would sell to some of your client?
  
  >Is Microsoft?
  
  Well, you should ask this question to Microsoft, not to me. I would gladly see Microsoft change the EULA for their products, but that has nothing to do with the discussion here. They are just one more software vendor that should abide by any level of acceptance the government imposes.
  
  Speaking os which, i still don't the answer to my question. "They do not guarantee, so we will not as well, but you should believe us when we say ours is better" is not good enough. Shouting loudly "we are better because we are open" does not make you right. Nor does "We are better because we are free".
  Now, "We do better job and have superior product and those are not just marketing gimmicks - we are willing to stand by our words and allow you to sue us if we are proven wrong; meanwhile as a bonus over the competitors - here's the source for our code. Oh, btw you can have it for free as well" is different story. If any open source software company or programmer tell me this, i would be the first to say that the open source model is better than anything else.
  
  >I would be more willing to do so while using gcc
  >than while using a proprietary compiler. I don't
  >have to rely exclusively on the assertions of a
  >third party that the compiler works correctly.
  
  And what do you rely on when using gcc? Have you went through the gcc code and did you make extensive testing of it? Well, there might be people there that did it and there is a cnance you are one of them :-), but most probably you did not. So, you do rely only on the assertions of the gcc folks.
  

• Negotiation is useful
  2002-08-16 12:53:16  mtaht [View]
  
  
  By drawing a line in the sand, this bill forces a useful debate of the issues and inevitable compromises. In a world where politicians have to appease all parties it helps much to ask for more than what you want, so that in the *inevitable* compromises you get more of what you want.
  
  Asking for exactly what you think is fair is the perfect way to not get it.
  
  Consider all the other offensive bills that are in congress today concerning computer technology, I think this one is a useful first step towards creating a workable set of policies.

• Tim, you make no point
  2002-08-16 12:35:35  slurslee [View]
  
  
  I would not call the promotion of bills to mandate the use of Open Source or Free Software in government to be a "politicizing" of the issue. Politicizing implies there's some fuzzy basis and room for debate. Frankly I don't see where the debate lies. The government has a higher responsibility than a corporation or private citizen with regard to the way it obtains, stores, and makes data available to the public. After all it is our information, we own it, and the government is only a central database, so to speak. Open Source - Free Software specifically - is the only approach that is demonstrably compatible with these goals and responsibilities.
  
  Rather than reiterate the arguments put forth by Peruvian congressman, Dr. Edgar David Villanueva Nuñez let me simply refer you once more to his reply to the Microsoft executive. In his reply he invites Microsoft to put forth arguments extolling the advantages of closed-source and proprietary standards. Why not take on Villanueva's reply point-by-point or provide the arguments Microsoft has so far left unspoken?
  
  All you have provided so far is hyperbole (the baseless "slippery slope" argument used by lazy thinkers) which does not effectively make your point. You need to provide precedents and concrete counterpoints, otherwise you're just blowing air.

• Commercial Software Lobbies why can't we?
  2002-08-16 12:27:51  kbeaumont [View]
  
  
  I've been involved with the federal government from the USAF to NASA all my adult life. Right now there really isn't a choice. There are already DOD directives that specify what commercial vendors will be used, what language software must be written in, Operating systems etc. Much of the reason for this is direct lobbying by commercial entities. You cannot choose the best bang for the buck, it's not the way the real government works! You need to have something that says look at open source or you won't get seen. I have seen companies wine and dine anyone who might have some say in selection of products from the lowest supply manager all the way up to congress. Service contracts are much more scrutinized than procurement unless it's a "weapons system" or something on that grand of scale. Wich is when the lobbying really gets intense. Right now you cannot just say "At my level on my project Software A is the best choice", what happens now is "Everyone in every project in the (DOD,Treasury, etc.) will use this product by this vendor period"

• Mistaken notions of sovereignty and choice
  2002-08-16 12:25:38  supton1 [View]
  
  
  I get a bit frustrated when people start thinking that "entities" (corporations, governments) should have the same rights to "choice" as individuals, personifying these organizations and trying to give them basic human rights; how silly!
  
  I think we forget sometimes about the notion of "popular sovereignty" - that the thing that gives governments their right to exist and make decisions is a mandate from the people whose lives they affect. Those people need to have the right to impose boundaries on the government's CIOs and decision makers to act in their best interests. The government is not an autonomous agent with the freedom to make its own "choices," but rather, is and should be a constrained actor and agent.
  
  Tim's assertion could be compared to the following sort of claim: "forcing IT buyers in state IT offices to go through competitive bidding restricts their right to choose the vendors that they feel comfortable with." Mandating something like competitive bidding in government IT is a good idea as a safeguard to get the people from being screwed - yet it restricts choice. We agree to live with this balance because we realize that they state has an obligation to its citizens (just as a corporation practices the restrictions of its own rights through corporate policies to protect its shareholders).
  
  As a California taxpayer, let me get to the point: above and economic or other consideration, the government and academia have an a priori ethical obligation to protect the best financial interests of its citizens, and to contribute back into the commons by purchasing services that can best benefit not only the cogs of government machinery but the people who _pay_ for that governement to run. Screw Mundie's "software ecology" - we all know that the Oracle scandal is the equivalent of dumping oil in the river that taxpayers drink out of. We wouldn't have had to put up with this is state government IT could have selected to pay for services they needed instead of licenses they perceived they needed.
  
  What to California taxpayers get out of that deal? Most of it was for licensing, of which (according to Oracle's 10Q) only a fraction of which goes to R&D and into engineers' pockets. Most of that money benefits out-of-state investors and a select few dealmakers. If California stops spending on licenses and starts primarily spending on services, they will be guaranteeing people jobs.
  
  Besides the fact that this is the right way to invest in the people who fund this state, open source (and dare I speak it?) free software are the best environments for providing solutions that are better in quality (molds to fit use-cases, you pay for what you need) and cheaper than what the proprietary alternatives provide.
  
  I think rather than giving state IT managers "freedom," we ought to give them "liberty" (in J.S. Mill's sense of the word) - that is freedom taking into account the rights of the people who your actions affect. In the case of government, this ought to also mean benefiting those who give you your mandate (in a "social-contract" sense). It is quite clear to me that we ought not to treat the State of California (or Peru) as a sovereign individual with a right to "choice" (after all, this mimics the "divine right of kings"), but rather as a constrained actor, acting in the best interests of the people.
  
  Before you start defending "choice," it is worth asking "who" is making the choices, and what interests might influence them. It is also about making sure these people making choices on someone _else's_ behalf are kept from making corrupt or poor decisions. It is easier to contractually obligate the performance of services companies than to pay (potentially) unreasonable amounts in licensing fees. Without constraints, sales reps and deal-makers will have more power to sway each individual vendor choice that the people's best interest.
  
  One caveat: I'm not defending "popular democracy," but popular soveriegnty, in a more republican sense: we have elected officials that can act on our behalf, and set rules. I'm not saying that we should have a ballot referendum for each vendor choice, but rather, we should put (legislatively, on behalf of the people) constraints on how to select a vendor.
  
  It is time for "popular sovereignty" to show its face in the State's IT policies, and give the people the right to demand a better environment for the improvement of government process, free and open software, and lower costs - all benefits to be given back to the people.
  
  It's all about the people - never forget that.
  

• Limiting Choice or Raising the Bar?
  2002-08-16 11:47:22  wandernotlost [View]
  
  
  Limiting customer choice and placing restrictions on licensing of software used by govenment entities are not necessarily congruent. This type of restriction establishes a base level of openness required to do business with the government. In the same way that a factory might be audited to ensure that it meets regulations and minimum standards of quality - or any other metric - these restrictions could ensure that the software used by the government is independently auditable, usable, and modifiable by whomever the government deems appropriate. This is not limiting choice, but merely setting a standard that companies must meet in order to do business with the government. Granted, it is a standard with large implications, but it may be appropriate considering the importance and private nature of the information the government handles. With a baseline of openness, citizens can determine to some extent the level of risk their private information is subject to, and lobby to secure systems that could potentially expose their data. To look at this from a different perspective, closed-source software limits citizen choice, in that it denys citizens this type of access.

• You don't start negotiating with your bottom line
  2002-08-16 11:38:27  Jesse E. Tilly | [View]
  
  
  If we were talking about laws that were out of committee and the only thing left to do would be to sign the bill, then I'd agree with Tim and his colleague. However, the California proposal is just that, a proposal. Like every publicly announced law, it will be changed, compromised and modified before it is signed. Software Choice advocates need breathing room. By taking the radical side, we can compromise with things such as "doesn't have to be GPL, but source must be made available through a neutrally approved request process, ala Freedom of Information Act".
  
  When I wrote Rep. Isakson (6th district, GA) about this issue, with regards to the US' support *against* the Peruvian bill, I called up the image of Raytheon selling "closed source" missles. No Air Force general would take a bid from a company selling product that could not be pulled apart by the government workers using it. I think the same should hold true for software. Not just the data (open file formats, etc), but the whole system needs to be open. Transparency is already a big part of government operations. Why should software be held in exception?
  
  As for the title of the piece, "Growing Politicization of Open Source", I say good. Professor Lessig made excellent points in San Diego with regards to our (i.e. open source writers/users) silence. And it's funny to think that being politically charged is considered being radical. Radical is blowing yourself up in a mall for your cause. Radical is painting a building (ala the DE Green Party).
  
  Having opinions and expressing them in a public forum is an American citizen's *duty*. We shouldn't fail to exercise the right, lest we lose it.
• You don't start negotiating with your bottom line
  2002-08-16 12:19:49  stend [View]
  
  
  I agree with the point I think is being made in the second paragraph here. Just as I don't want my tax dollars spent by the government on physical equipment which can only be serviced by the vendor, neither do I want them spent on virtual equipment (software) which can only be serviced by the vendor. Does it need to be Open Source? No, but that isn't a bad starting position, when the desired destination is for the government to receive complete, and permanent, access to the source code for all software which it purchases, with the right to disclose this source to third parties for the purpose of maintaining the software for government use.

• Open Source or Open Standards?
  2002-08-16 11:33:50  zwack [View]
  
  
  Greetings,
  While I agree that legislation mandating Open Source software is bad, I don't think that Government should completely avoid legislation in this area.
  Specifically, I think that governments SHOULD require that all software that they use generates files in formats specified in open standards. Not only that, but this software should default to that format.
  If Microsoft want to compete with OpenOffice for a word processor contract then they will need to produce standard documents from Microsoft Word for Small Governments...
  By Open Standard I mean that the standard should be available to anyone, with no conditions on receiving a copy of it, and with the standard that it documents available for anyone to use without having to worry about licensing terms. The standard should be complete. If Vendor A adds an extension to the standard for their product then the extension should be documented and should be released under the same terms. No more embrace and extend.
  This will allow Governments to buy whatever software they like, but will also allow that software to interoperate. Wordperfect, Word, OpenOffice would all be on a level playing field. If the provider of the package du jour gous bankrupt, no problem, someone else has all of the information required to at the very least be able to read the format.
  So, NO don't require Open Source, REQUIRE OPEN STANDARDS.
  Of course if the standards are open then one department might want Word because they are used to it, while another might prefer OpenOffice because their budget ran out, and a third might prefer TimWord because he guarantees to come out and fix it whenever it breaks.
  Once the proprietary standards are gone software choices can be real choices...
  Usability
  Stability
  Price
  Performance
  Support
  Documentation
  The attractive sales people...
  OK we might have trouble fixing the last one, but if a product fails to win a contract then at least it won't be because "well, it can't display X properly"... Perhaps their should be standards legislated for the entire purchasing process...
  
  It should be open, the criteria should be spelled out in the request for bids, a "score card" should be produced saying how well each bid fared against the criteria...
  This may rule out open source that nobody was willing to provide support for, but more likely it would help provide a basis for a service industry to support open source.
  Any thoughts or comments?
  
  Z.
• Open Source or Open Standards?
  2002-08-16 12:06:25  marutdc [View]
  
  
  A couple of problems overlooked in your comment concern security and access to the logic that operates on the data. The data belongs to the public and the logic which manipulates it should be public as well for both security reasons and for bug fixes and enhancements. The public should not have to suffer vendor lock-in.

• It is a reasonable response to DRM and DCMA
  2002-08-16 11:25:59  plorenzen [View]
  
  
  With DCMA, Digital Restriction Management, Palladium and the Disneyfication of the Internet and Desktop software, it is quite reasonable for people to "Just Say NO." These laws are a reasonable backlash to the restrictions that big business wants to place on the people who pay for the software. I am unwilling to purchase software that I do not control. By control, I mean that someone else has the software keys to remotely destroy my computer without any legal recourse by me. I am unwilling to purchase new software from a company that plans on implementing TCPA. I am unwilling to trust that software to be secure enough that Random_Hacker_23590943 cannot issue hardware and software revocation certificates that can permanently render my computer inoperable: the Palladium and TCPA standards allow such behavior to happen and require the hardware and software to comply with such certificates. If you think it cannot happen, you have not read the standard and understood it.
  
  If opening up Microsoft's software to public scrutiny would lead to the collapse of the internet (as was claimed by a MS official), then we should not be using it at all.
  
  I suspect that this year's computer will be the last computer I purchase that comes pre loaded with MS Windows. I no longer trust the EULAs that come with updates that require me to permit the vendor to install software that they decide to install without my further permissions. I call such things Trojans.
  
  I am not the only programmer/network admin/IT support person who feels this way. Many countries and states also have folks who feel the same about the perceived future of software and hardware.
  
  Overblown? Not yet. The stink this stuff is making has yet to hit the fan. Politicizing software? DCMA, UCITA and DRM did that already. Too late to complain about that.

• Public vs. Private Freedom
  2002-08-16 11:19:30  cford [View]
  
  
  Tim's correspondent wrote:
  
  "Whether you want to argue on moral grounds of personal freedom, or the practical grounds of generating a backlash, this seems like an extremely counter-productive strategy for Open Source advocates to be pursuing"
  
  
  
  If the state of California adopts a "Free or Open Source" only policy, I don't think it will abridge anyone's personal freedom. By design, government agencies don't enjoy the same freedoms they exist to protect, and that's as it should be.
  
  
  
  While I don't believe that the state should necessarily preclude any consideration of proprietary software, I do think they ought to be compelled to consider freely available alternatives, and should they choose a proprietary package, then they should give compelling reasons why it was chosen over the free option.
  
  
  
  I think that government agencies ought to be subject to intense public scrutiny, and I believe the public would be better served if the software they used was subject to the same level of scrutiny. As long as they're storing all manner of data about me and my family, I'd like to have the option to see how secure that data is, and offer a fix when flaws are found. I think the motivation for individuals to ensure the security of their personal information is greater than the motivation of corporations to expend valuable resources on fixes that won't directly generate much revenue.
  
  
  
  Still, one wonders if this whole thing wasn't inspired by California's recent debacle with Oracle.

• Governments can make their own purchasing decisions too
  2002-08-16 09:12:47  Simon St. Laurent | [View]
  
  
  Tim O'Reilly writes:
  "No one should be forced to choose open source, any more than they should be forced to choose proprietary software. And any victory for open source achieved through deprivation of the user's right to choose would indeed be a betrayal of the principles that free software and open source have stood for."
  
  I think Tim's missed a crucial point here. This isn't about restricting user choices - it's about restricting vendor choices. Governments have long set higher standards for businesses which which they work than for businesses in general. Businesses have complained about this for years, but it's not much different from the kinds of centralized decision-making power that businesses themselves wield or that individuals wield.
  
  If a company's CTO declares that all software purchases must be Microsoft or Microsoft-compatible, then that decision has a huge effect on subordinates who effectively lose the right to choose. The same thing happens if the decree specifies open source. Individuals often make the same kinds of decisions for themselves and their families. I don't see any reason why government should be denied the same privileges.
  
  If vendors want to sell to the government, they need to comply with the rules the government sets down - accounting, labor, and licensing. The vendors might not like it, but for now at least the vendors don't run the government. This is a perfectly normal part of government, one of the ways in which a community can have its voice heard.
  
  If part of the open source mission involves the complete decentralization of IT decision-making in government, then this is a betrayal, but I have a really hard time seeing it that way.
  
• Governments can make their own purchasing decisions too
  2002-08-16 10:19:47  Tim O'Reilly | [View]
  
  
  I have no problem with individual agencies, or even the CTO or CIO of a state, mandating open source. I have a problem with *legislators* mandating such a thing. It may even be reasonable for legislators to mandate certain principles -- for example, access to source code -- without specifying particular licenses. But even then, I'd agree with my correspondent that this is a slippery slope, and inconsistent with our principles. After all, what's the difference between legislation mandating open source, and legislation outlawing P2P file sharing? In one case, we say that it's good, and the other that it's bad. There's a pragmatic answer that says you achieve good ends by fair means or foul, but I've always been a fan of T.S. Eliot's observation. And I also agree with my correspondent's observation that this is likely a bad thing to do for pragmatic reasons as well, since proprietary software companies are likely to lobby more consistently and successfully than open source advocates, if it comes down to the money game that modern American politics so often seems to consist of.
  

  
  I do think that it's good to have this debate. What should the role of government be in regulating the software industry? We're hearing it from all sides, and at the very least, we can hope that the debate will be informed and thoughtful, and not just a matter of who is loudest or has the most money to put towards the issue.
  

• Governments can make their own purchasing decisions too
  2002-08-19 16:40:25  gameboy70 [View]
  
  
  "I have no problem with individual agencies, or even the CTO or CIO of a state, mandating open source. I have a problem with *legislators* mandating such a thing."
  
  As Dr. Villanueva has pointed out, the state's IT infrastructure is a public resource and should not be the intellectual property of the private sector. The CSSA correctly frames software procurement as a public policy issue, not an issue of personal discretion within or between government agencies, which have a higher responsibility to the commonwealth.
  
  "It may even be reasonable for legislators to mandate certain principles -- for example, access to source code -- without specifying particular licenses."
  
  "Access to the source code" is a step in the right direction but does not go far enough. The CSSA requires that the software sold to the government contain no restrictions on use, duplication, transfer, ownership or inspection. Particular licenses do not have to be specified as long as the license under which software is sold honors those fundamental freedoms.
  
  "But even then, I'd agree with my correspondent that this is a slippery slope, and inconsistent with our principles. After all, what's the difference between legislation mandating open source, and legislation outlawing P2P file sharing?"
  
  Quite a bit, since we're talking about *internal* government restrictions. A government employee engaging in P2P file sharing is (a) sacrificing productivity at taxpayers' expense, and more importantly, (b) potentially compromising national security (who knows what files are being traded?).
  
  On the other hand, code which the government can neither see nor have access to inherently compromises national security to the extent that the integrity of the code is taken on faith.
  
  You're essentially conflating restrictions on the government with restrictions on the public, concluding then that "In one case, we say that it's good, and the other that it's bad." Your example would be more consistent if the CSSA were to actually outlaw the *sale* of proprietary software, which, of course, it does not do.
• Governments can make their own purchasing decisions too
  2002-08-16 11:19:17  per_abrahamsen [View]
  
  
  "After all, what's the difference between legislation mandating open source, and legislation outlawing P2P file sharing?"
  
  None, really, if it is within the government itself in both cases. But in that case, I don't see either as a principal problem, allthough the pragmatic value of either can be discussed.
  
  The big difference is whether the government makes restrictions on what itself can do, or whether it makes restrictions on what its citizens can do.
• Governments can make their own purchasing decisions too
  2002-08-16 11:05:57  Simon St. Laurent | [View]
  
  
  "After all, what's the difference between legislation mandating open source, and legislation outlawing P2P file sharing? In one case, we say that it's good, and the other that it's bad."
  
  A lot, actually. At least in theory, governments are there to make laws that make life better for the people they represent. This statement sounds like you'd really prefer that governments do nothing - an interesting argument, but not one which I think has much to do with open source per se.
  
  We've got an opportunity now because the proprietary vendors have discredited themselves on a number of fronts - Microsoft in the antitrust trial, Oracle in California - so I don't see much reason to be particularly paranoid about government action on this front now. In fact, I'd argue that it's probably the best moment we're likely to see.