Researcher slams open-source compulsion
Summary: Legislation pushing government use of open-source software is 'ridiculous,' according to a veteran Australian analyst
"Legislation for open source is ridiculous," said Bruce McCabe, managing director of research firm S2 Intelligence.
"Why should open-source software get preferential treatment in government?", McCabe asked.
He said it's imperative for the purchasing habits of government agencies to change. "It's about education and not legislation," he told reporters at an IT conference in Brisbane.
Several states and politicians are pushing to mandate or "consider" open-source software during IT buying cycles.
On the SCO Group's actions against open source, McCabe said IT managers in Australia are not losing sleep over the company's threats. "[If anything] SCO has cut their own throats by threatening their customers," said McCabe.
Meanwhile, interviews with 70 Australian CIOs conducted by S2 Intelligence revealed different "maturity levels" for Linux adoption in enterprises.
"They [CIOs] are happy with Linux on servers because it lowers cost but on the client side, the jury is still out," McCabe said.
He added that there won't be any meaningful presence of Linux on desktops for at least two years.
Only 3 percent of the top 1,000 companies in Australia have Linux installed on the desktop but it's mostly in the education sector, he said.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
The above, as fundamentals, are simple requirements governing survival/prosperity and that is why government orders will give preferential control to "Open" Source.
In recognition of the community based philosophy that forms the foundation and therefore is the motivation behind open source activity, governments understand that the pool of talent in the "open market" shall remain the same, at least in the short term, and that all that changes, is the ability to efficiently interrelate demand/"demand type" with supply/"supply type" in a manner that increases the efficiency of the overall system and not just parts of the system.
Efficiency, in itself, requires better relationships between factors of consumption and production -the latter manifest in the overall productivity of the environment.
For governments, directly spending 30 miillion per annum on acquiring well "defined" productivity software, as end products in themselves, with complex, diverse and limitiing exceptions tied to individual contracts, offers less advantages than employing 600 individual programmers who interrelate with multiples of the above number under libre licences and with freedom to continually "tie" deployed products to operating environments thereby directly enhancing productivity.
Enhancements made and delivered freely to consumers of all types/"society", governments are well aware, can enhace the productivity of participants in their economic spheres. This is said with an understanding that government activity, of the above type, yield derived benefits related to the indirect conversion of expenditure in to social profit - Though the latter may not directly yield an increase in the quantity of capital expenditure/capital receipts, it can definately yield an increase in the quality of such expenditure/receipts -i.e, efficiency, the latter manifest in better control of the overall system.
One would have thought that the simple nature of the above should have been clear to any person in Mr Mc Cabe's position. I guess this is why we all should be careful about what exactly it is we do in fact choose to presume...
The Need For More Open Source Watchdogs
The security problems associated with proprietary software products have been well documented. Thanks to the efforts of countless IT watchdogs, security flaws in Microsoft Windows XP and other proprietary software packages have been exposed and patched. However, there are fewer watchdogs focusing on the many "open source" software programs that are in widespread use. The most important IT watchdog, Carnegie Mellon University's CERT Coordination Center, has identified security vulnerabilities in two popular open source programs, Sendmail, an e-mail program, and OpenSSH, a software tool used by network managers "to log in remotely and gain encrypted access to computers..." The Sendmail flaw was described by one security expert as "an extremely serious vulnerability" while the OpenSSH vulnerability was considered more theoretical although "it might prove to be exploitable." A CERT official said that if the flaw were exploitable, it would be serious since, "a user would not need privileges to log on to the machine to run the exploit." A number of major name software vendors sell products incorporating the vulnerable OpenSSH program including: IBM, Sun Microsystems and Red Hat. Hewlett Packard, IBM and Red Hat sell products that could be affected by the Sendmail security flaw. An internet security specialist explained that both programs "are commonly used at large companies, making them an attractive target to hackers." Also noted was that "In any given year there have been just as many vulnerabilities in the open-source community as there have been with Microsoft." In that open source software is being increasingly used in critical business and government applications, there is a clear need for additional watchdogs to monitor the security of open source products. Furthermore, Winston has a question regarding open source programs. When there is a problem with an Apple or Microsoft product, he knows who is responsible for patching them, but who is responsible for fixing software that nobody is responsible for writing in the first place?
This question is of sufficient importance that a discussion thread on the issue has been established on CyberActivist.US. Please click here to comment.
Click to read CNET News article.
Click to read CERT Advisory for OpenSSH.
Click to read CERT Advisory for Sendmail.
Victory In A Battle, Not The
This "researcher" needs to focus his criticism on countering the specific arguments for mandated open source, rather than making vague statements like "rediculous". Such statements are effectively meaningless.
I actually disagree with any such blanket requirement, although certainly there are areas where open source ought to be required. In any event, open and free standards would make a great deal of sense to mandate. I can also see a strong argument to mandate file formats and communications protocols for which Free software support exists.
Government processes that should be transpearant, should be open source--otherwise they cannot be fully transpearant. This might include how financial and voting information are collected, manipulated, and reported.
Information, applications, and such that is made available to the public electronically, should not mandate that citizens unnecessarily buy a particular company's product.
I stand against these groups for trying to broadly mandate that governments use open source. However, the debate over the problems for which they are trying to solve is healthy.
Microsoft, in particular, currently holds the power to rig elections and legislation the world over. If they merely had the desire to do so. But Microsoft is be no means the only ones who could. Should that, at a minimum, be ignored?
Matthew
He is also formally Gartner Group Australia Research Director and a know Microserf...
Not very credible if you ask me.