Andrew Plato wrote: >>If the State made it a procurement *requirement* that all >>such systems >>being paid for by the State be delivered with an open source license >>(OSD compliant http://www.opensource.org/docs/definition_plain.php ) >>then the State has a great deal more flexibility in maintaining the >>system in the future. In particular, it frees the State to: >> >> * hire additional developers to work on the project outside the >> primary contractor >> * hire maintenance staff from any source >> * fire the primary contractor and replace the development staff >> without having to flush 100% of the software developed so far >> * engage in open source security and quality reviews of >>the software >> without having to apply NDAs to the reviewers >> >>This is not my idea; it is being widely discussed. It has >>been proposed >>for the state of California, the Federal government of Peru, and >>actually implemented for the federal government of Venezuala. >> >> > >You make a compelling argument, Crispin. And in many ways, government would be well served by open-source technologies. And it would make more sense. The money they save could be used to hire talented people with expertise in these technologies. > >However, it does open up a truck load of questions. I mean, as it stands, the low-price bidder gets the job these days. How on earth would governments chose open-source products? > I am not saying that they should choose an open source product. I am saying that when the State pays for custom software development, that the State should insist that the software be delivered to the State under an open source license, rather than remaining the property of the contractor. The specific goal here is to allow the State to unilaterally assign software developers other than the primary contractor to work on the software. So long as the primary contractor has a monopoly lock on the custom software being developed, they have the State by the short&curlies. But if the product is open source, the State can kick the primary contractor to the curb if the contractor is not delivering as expected. > Given the politicking and backstabbing just to get governments to agree they actually NEED security is hard enough. Then to unleash a myriad of products on them all with varying levels of obsession from a wide array of lunatics. There is a reason they call them Holy Wars. > Security is not even the primary issue here; it's about the problems of large-scale custom software development. Open source aleviates some of those problems. Better security is a secondary benefit. Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX http://wirex.com/~crispin/ Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html
This archive was generated by hypermail 2b30 : Wed Sep 04 2002 - 18:14:44 PDT