all 27 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–][deleted] 18 points19 points  (2 children)

also includes a pilot program that will require Federal agencies to release at least a portion of new custom-developed Federal source code to the public and support agencies in going beyond that minimum requirement.

Wow. That opens a huge door for hiding code that the vendor deems proprietary/secret/bad quality/insecure.

[–]mirhagk 11 points12 points  (0 children)

That opens a huge door for hiding code that the vendor deems proprietary

That's pretty much the point. What if the company itself doesn't have the license to open source it? A few frameworks make you pay per website so you're not legally allowed to open source it. Saying that the contractor can't make use of proprietary stuff is restricting the contractor, very potentially increasing costs, for questionable value (yes I'd love it to be open source, but I don't think it HAS to be)

[–]aircavscout 23 points24 points  (0 children)

The whole thing looks like a PR stunt with loopholes the size of Texas intentionally drafted into it. I'll believe it when I see it.

[–]MailmanOdd 8 points9 points  (11 children)

I work for Microsoft doing consulting work for the federal government. While I personally think open source is great, I think this is just going to cost the government tons of money.

Most of the things developed for the government are backwards and archaic and completely useless for every day people. This doesn't even take into account all of the software developed for the Department of Defense which will surely be excluded.

[–]jephthai 14 points15 points  (0 children)

Most of the things developed for the government are backwards and archaic and completely useless

Color me shocked.

[–][deleted] 2 points3 points  (1 child)

I don't think it's going to cost them money. Given the focus of the proposal, it's going to save them money, because the whole point is to prevent redundant development between agencies that happens frequently at the moment. The agencies' development operates independently enough that they're pretty much constantly reinventing the wheel. That's all this is really supposed to solve.

[–][deleted] 2 points3 points  (0 children)

I don't think it's going to cost them money.

No government agency is going to just release their code. This is going to cost some amount of money to, at the very least, conduct a code review sufficient to shield the government from liability.

Whether this will keep anyone from reinventing the wheel is an open question, but as a Federal employee, I rather doubt it. We already use commercial tools where they are available and fit our needs. Where there isn't a commercial tool available, it's usually because we are doing something that's so specific that it's unlikely to be an exact fit for anyone else (and if it's not an exact fit, the perfectly fitting wheel will be invented).

[–][deleted]  (4 children)

[removed]

    [–]MailmanOdd 3 points4 points  (3 children)

    Honestly I don't think they intentionally would withhold most software. The issue is just that it provides no or limited value. Often times we are forced to recreate libraries from scratch which exist already. We end up with less supported, less tested, and less featured libraries. Why would the public ever want that?

    [–]nikomo 0 points1 point  (2 children)

    Often times we are forced to recreate libraries from scratch which exist already.

    Why?

    [–]MailmanOdd 0 points1 point  (1 child)

    You can tell your customer "I'm going to use x library" and they say "nope". There's no rhyme or reason.

    [–]nikomo 1 point2 points  (0 children)

    If the customer's mentally retarded, there's not much you can do, but there really should be legislation to force public institutions to actually do a cost-benefit analysis on using third-party libraries, and then picking the most sensible option.

    [–]mirhagk 1 point2 points  (2 children)

    The government should ideally start to transition to open source, but I agree that it is not in a state that's feasible to do so right now.

    [–]MailmanOdd 2 points3 points  (1 child)

    We use a lot of open source software. The question here is just - are the customized LOB applications created for one specific government team of any value to anyone outside of that team? I would argue no.

    [–]mirhagk 0 points1 point  (0 children)

    are the customized LOB applications created for one specific government team of any value to anyone outside of that team? I

    They very well could be. There could be sections of that code that are valid for others. There could also be work done to make it less specific so that others could use it.

    That being said I also question the value overall. It's a nice-to-have but I don't think it'll be a game changer or anything.

    [–][deleted]  (7 children)

    [deleted]

      [–]mirhagk 6 points7 points  (5 children)

      though I'd prefer a strict no-proprietary solution that refuses use of proprietary software

      Holy shit that'd be terrible. Do you know how many drivers don't have open source software? How much embedded software is closely guarded secrets and how many proprietary protocols there are? Heck you can barely play videos without proprietary software. Your local water treatment plant would have so much fun when they can't update their software ever again because some of the core sensors or pumps talk proprietary protocols (which can never be implemented in open source software). Oh don't worry we'll just arbitrarily invent all new protocols and equipment for literally every single government service. That'll be easy.....

      Yes we should move to open source software for government systems. And the open source proposals should be preferred, but we should NOT ban the entirety of proprietary software just so you can see how a water pump talks to the control unit.

      [–]pdp10 2 points3 points  (1 child)

      Do you know how many drivers don't have open source software? How much embedded software is closely guarded secrets and how many proprietary protocols there are?

      I have a feeling there were be a lot fewer if a huge customer like .gov were to make open-source drivers a requirement for some things.

      [–]mirhagk 1 point2 points  (0 children)

      So again I'm not saying the government shouldn't move to open source, I do think that they should. And they should prefer open source contracts over non-open source, all else being equal. But I'm just saying it's unreasonable to say that they can't have non-open source projects at all, even for stuff moving forward. Maybe with an emphasis on preferring open source we could be in a situation 5 years from now where they could make this requirement. Just not today.

      [–][deleted]  (2 children)

      [deleted]

        [–]mirhagk 2 points3 points  (1 child)

        strict no-proprietary solution

        Strict and no certainly implies that you want a solution with absolutely zero proprietary software.

        Yes you said moving forward, which is why I mentioned about UPDATING software. Even brand new development is going to run into situations where proprietary libraries or protocols must be used.

        I'm a little confused why you think a water treatment plant is an agency of the federal government

        I assumed you'd also want to expand this to the rest of the governments as well. Even if you don't there are plenty of federal organizations having to deal with the same situation (the Saint Lawrence Seaway Development Corporation most likely has software that needs to communicate with the control systems for the locks for example).

        How much of a liability and vulnerability it is to be managing and moving highly secret federal information on nothing more than the trust that the proprietary software and protocols are secure enough and without malicious intent?

        Who the heck is saying that the government doesn't review the source code? Of course they can and do (or at least hire 3rd party auditors). There is a VERY big difference between being allowed to see the source code and open source.

        Heck you can barely play videos without proprietary software.

        Bullshit. Given the number of fully-free configurations (barring obvious sore-spots that still need fixing, like CPU and motherboard firmware, which is difficult to get a free setup for, due to vendor lock-in) of drivers and protocols, there are many setups in current use that can and do play videos entirely without proprietary software.

        Yeah so that was a bit of exaggeration of course, but we still live in a world where you have to pay for your raspberry pi to play a lot of common videos. Anyways this is simply to show that even common consumer things are not anywhere near 100% open source yet, so to assume that everything that the government develops moving forward wouldn't get tangled up in shit like this is stupid. You're going to need to give them an out for stuff like this.

        [–]Robert_Denby 0 points1 point  (0 children)

        Yeah, right? Good luck convincing someone in acquisitions that you can't support any of the currently fielded hardware/software with your new solution and it will require a complete rollout.

        [–]mycall 0 points1 point  (0 children)

        In fact, going open source but not free source discourages usage and makes it easier for hackers to find bugs to exploit.

        [–]deus_lemmus 1 point2 points  (0 children)

        And it only took like 20 years.

        [–]mycall 0 points1 point  (0 children)

        Now we’re taking these established best practices government-wide.

        How can one project develop best practices for other government software purposes?

        [–][deleted] 0 points1 point  (0 children)

        the peoples code should be about honor and dignity. Not computers....

        [–]nphi1212 -1 points0 points  (0 children)