Open source and the National Security Agency, together again

Open-source software and the National Security Agency go together like peanut-butter and jelly. No, they really do!
Written by Steven Vaughan-Nichols, Senior Contributing Editor

SELinux: Where the NSA and open source have long met.

SELinux: Where the NSA and open source have long met.

The Open Source Software Institute, a non-profit group that supports open-source adoption and the National Security Agency (NSA), the organization in charge of all out of country eavesdropping, will co-host an Open Source Software Industry Day on Wednesday, May 30, 2012. The unclassified, one-day event will be held at the Johns Hopkins University Applied Physics Laboratory's Kossiakoff Conference Center near Fort Meade, MD, which is where the NSA is based. Alas, pre-registration is already over.

If you were one of the lucky 640 to make it in, you'll get to hear about agency's interest in opportunities made available through open source software solutions. Yes, the NSA is looking for a few good spooks. The conference's speakers will present information on existing open-source software products, as well as service and support offerings; and encourage government suppliers to include open-source options in their strategies and service offerings.

In a statement, John Farrell of Hewlett-Packard Enterprise Security and the conference co-chairman said, "The Open Source Industry Day will provide access to a broad array of open source topics. There are nine core topic areas that will be addressed during this Industry Day event." These will be "Primary topics, or tracks, will include: legal and policy; adoption and strategic management practices; existing and future technology resources; cloud computing; (large) data management; security; social media and collaboration; embedded systems; and risk management."

"That's a lot of content to cover in one day," Farrell added, "but the demand is there, and we've had no shortage of subject matter experts volunteering to lead panel discussions. OSSI Mid-Atlantic Regional Director Carl Livesay said, "This is a unique event in that NSA is serving as a co-host and has been very forthcoming with providing access to speakers and helping to define specific areas of interest."

At this point, some of you may be thinking: "What the heck are open-source and the government agency in charge of electronic snooping doing together?" Well, actually they're doing what they've always done: working together. Security Enhanced Linux (SELinux), for instance, the standard for secured Linux, started as an NSA project.

Open-source is no more anti-government than it was Communist when Bill Gates famously mangled opposition to intellectual property laws into Communism. Open source is a method of software development that beleives that's its better to openly share the work than to keep it to yourself. Given open-source's track record and that even Microsoft has figured out that some open-source is good for business, it's no wonder that even the secret agencies have long embraced open source.

As John Weathersby, OSSI Executive Director observed, "While open-source software is currently a hot topic within government circles, it is not a new concept within Defense and Intelligence Communities." When "In December 2000, the NSA publicly announced the development and release of Security-Enhanced Linux," said Weathersby, "we recognized that open-source had tremendous potential within government technology systems."

The Open Source Industry Day has been organized by a volunteer staff of OSSI member industry representatives. Industry members who have served as track organizers include: BAE Systems, Black Duck Software, Cisco, Kryptocore, Hewlett-Packard, L-3 Communications, Oracle, Red Hat, and VMWare.

In short, while the idea of open-source and spies working hand in hand may blow your mind, it's actually been doing on for years. Indeed the U.S. federal government and open source have a long history together. Events like this just show that well you may not think of them together, open source and government does indeed go together as nicely as peanut-butter and jelly. That reminds me. It's time for lunch!

Related Stories:

Microsoft is serious about open source: 10 proof points

NSA releases security-enhanced Android OS

The Air Force's secure Linux distribution

Editorial standards