Re: CRIME Issues

From: Crispin Cowan (crispin@private)
Date: Wed Sep 04 2002 - 22:56:11 PDT

  • Next message: Crispin Cowan: "Re: CRIME REMINDER: Free Seminar on Computer Security tomorrow!"

    It would seem to me that the sleeaier vendors would very quickly figure 
    out that if the software is delivered to the State under an open source 
    license, then they will end up playing in an open, competative field on 
    a basis of service quality. Their usual scam of "first, bid low, then 
    'accidentally' go over budget once you have a lock-in" won't play any 
    more. So the open source effect will chase the sleaze mongers away.
    
    With regard to the consultants and their semi-incestuous relationships 
    with the contractors; the trick is to make open source licensing a 
    legislated or regulated *requirement* of big software contract 
    procurement, so that the consultants do not have discretion on whether 
    to waive that rule or not.
    
    Crispin
    
    T.Kenji Sugahara wrote:
    
    > Thanks for the feedback everyone.
    >
    > I agree that Open Source would help but how do you avoid the problems 
    > below?
    >
    >     This whole process supports an industry of leeches who are masters
    >     at selling BS to governments. They know exactly how to maneuver
    >     through the government agencies, kiss the right butts, and get the
    >     contracts, thanks to lowballing their quotes with lame solutions.
    >     Skilled, talented folks get pushed right out the door because -
    >     well - skill and talent tends to cost more. Talented people aren't
    >     willing to work for $4.00 an hour. Morons are. Morons also don't
    >     need to worry about reputation since they can just sucker the next
    >     agency out of some money and move along.
    >
    >
    > and... In the state government, the acquisition of technology seems to 
    > be driven by hired consultants. They usually set the RFP's and, I 
    > believe, almost have to have a conflict of interest to be successful. 
    > In essence, a consultant usually has pre-existing relationships with 
    > vendors. Oftentimes, that means that they will choose the technology 
    > they know over the one they don't. They will probably slant any RFP to 
    > see that it goes to one of the vendors whose tech they trust, even if 
    > an alternative might be cheaper or better. How do we avoid this 
    > situation? Is there an improvement to the RFP or technology 
    > acquisition process you can envision?
    >
    > T. Kenji Sugahara
    > Chief Operating Officer
    > counterclaim
    > Phone: 541-484-9235
    > Fax: 541-484-9193
    
    
    -- 
    Crispin Cowan, Ph.D.
    Chief Scientist, WireX                      http://wirex.com/~crispin/
    Security Hardened Linux Distribution:       http://immunix.org
    Available for purchase: http://wirex.com/Products/Immunix/purchase.html
    



    This archive was generated by hypermail 2b30 : Wed Sep 04 2002 - 23:37:03 PDT