Congress Endorses Open Source For Military

A draft defense authorizing act in Congress includes wording plugging open source software. It seems both cost and software security were considerations. This is an important victory for open source. "It's rare to see a concept as technical as open-source software in a federal funding bill. But the House's proposed National Defense Authorization Act for Fiscal Year 2009 (H.R. 5658) includes language that calls for military services to consider open-source software when procuring manned or unmanned aerial vehicles."

Nice to see

that government is realizing that security through obscurity is not a good plan.

Re:Nice to see

My guess is what you have here is a good indication that some company had enough money to fund a lobbyist to push for this to help them in the future since they use FOSS in their product. Not new insight or greater education on the part of law makers.

Re:

No, they are probably realising that $700 needs to come from somewhere so they might as well use open source software instead of buying licenses.

Re:Nice to see

No, they are probably realising that $700 needs to come from somewhere so they might as well use open source software instead of buying licenses.

Except that the kind of software in the bill in question is rarely licensed - it's tactical software, not admin software. Specialized tactical software is usually purchased outright. (Not to mention that the Federal Government undoubtedly gets significant discounts from vendors for per seat licenses and support.)
 
That being said, there's much less here than meets the eye. Like many other extremely specialized problem domains, there almost certainly isn't any FOSS to be considered for use. This goes double since this almost certainly is an embedded system, not a PC, with the operating hardware, computer hardware, OS, and applications tightly bound and integrated. (In the systems like this I worked on while I was in the Navy, the line between OS and application was a wide grey area - in some ways they were virtually the same.)

new clause?

I wonder if this will cause new clauses in gpl terms similar to commercial usage clauses preventing the support of any millitary, etc?

Re:new clause?

Considering that would violate the OSI guidelines (and contradict the GPL FAQ), probably not.

Enjoy it while it lasts.

You can be sure that Microsoft and other proprietary companies will be fighting tooth and nail to remove this provision.

Re:Enjoy it while it lasts.

I seriously doubt that. Open source software has been used to develop military systems for many years now on the contractor side.

GPL'd software

If the Government uses open source code that is under the GPL license, and modifies it to include some security or other feature that is considered to be under the umbrella of "National Security", are they required to provide the source code to terrorists so they can attempt to crack it?

Re:GPL'd software

are they required to provide the source code to terrorists so they can attempt to crack it?

From my understanding of the GPL, this would only be true if the government is distributing the modified binaries to the terrorists. If the changes are internal-use only, there isn't a GPL conflict by not distributing the modified source.

Re:GPL'd software

If the Government uses open source code that is under the GPL license, and modifies it to include some security or other feature that is considered to be under the umbrella of "National Security", are they required to provide the source code to terrorists so they can attempt to crack it?

Depends. If my company uses OSS in an internal application, I don't have to release the changes back to the public. But, if my company were to distribute a product that uses it we'd have to provide source code.

I'm assuming that the military would not have to release source code in UAV's because they tend to get those products back and therefore it would be an internal product or application. They'd have to release the source for any bombs or missiles though because they are delivering that product to the public.

Re:GPL'd software

Easy. Just tape the listing to the front of the bomb.

Re:GPL'd software

"EULA toward enemy"

Re:GPL'd software

"They'd have to release the source for any bombs or missiles though because they are delivering that product to the public."

You must work at Microsoft. Destroying someone is not considered to be analogous to "delivering a product" to someone anywhere else on the planet as far as I am aware ;-)

They'll probably come up with a way to mess it up

In order to try saving money, they'll probably do something really stupid that will end up costing them money.
Like setup a Linux environment, and realize they have some old, critical, archaic, crappy piece of software that only runs on Windows NT.
So they'll get some virutualization software inorder to run Windows on their new Linux servers in order to get that old app running.
So they'll virtualize a bunch of old NT boxes, only to find out app doesn't work well when running on virtualized Windows.
So then they have to install new Server 2008 boxes to run the old app, only to find out the old version of that app won't run on Windows versions newer than NT 3.5.
So now they pay millions for a new version of said critical app.
Then they realized the new version of the app has a Linux version.
Then some figures out that the old app could have run under WINE.

In other news

Microsoft reacted signing a 10 year collaboration agreement with Al Qaeda. Together, they will develop WMD...



Windows Media player Deluxe.

Clarifications on Military Open Source

I already see some misunderstanding in other threads in this conversation. (a) people say the military won't give back the changes they make to GPL software. (b) people say that because it is GPL, the "bad guys" will get it.

For the first point, the GPL does not require changes to be merged back into the main development area. It allows (and encourages) projects to FORK the source code into new projects when different applications are desired. This keeps the original projects clean from "feature creep" and gives the different (competing) development teams control of their own development. The limitation that the GPL imposes is that if an organization wants to DISTRIBUTE the executable versions of their software, they would need to include an offer to distribute the source as well. Since it is not in the US military's interest to distribute their software, there is no real concern of (b) the "bad guys" getting the software.

In that vain, the "bad guys" would have access to the baseline version if they can figure out what software has been forked into military applications. If the US military is foolish enough to operate this using defaults that are hackable, then it serves them right. I personally think that they are more qualified than that.

A last concern is (c) THIS IS BEING FUNDED BY TAXPAYER MONEY AND IT SHOULD BE OWNED BY THE TAXPAYERS. This is false. I mean, the funding does come from taxes, but the public has no more of a claim for software that is developed for military applications using FOSS software than they do over the software, hardware, and designs of any other piece of military equipment ever designed. These instruments are created for the purpose of providing national security. If the designs were made public, then security WOULD be compromised. Ergo, in the interests of national security it's important for that information to be kept private.

Final point, the GPR (Government Purpose Rights) license. This is a thinly veiled government source license that I have seen the military force on subcontractors in recent years to force Boeing, Lockheed, and all the rest to "play nice". The GPR license is a requirement on contracts so that the government gains the right to send software developed by Lockheed over to Boeing for further analysis. Believe it or not, frequently in legacy codebases you see "Proprietary of XYZ Corporation" and for the most part the government tries to acknowledge these rights. However, they realize that many things are developed over and over again by different companies because they are prevented from leveraging off of each others work (at the cost of the taxpayers). It is encouraging, therefore, to see the government prevent this with GPR.

Re:Clarifications on Military Open Source

More to the point is that military developments almost without fail make it into the public if they have a significant public use. Flight, radar, medicine, etc. Hell, the military has probably had the best return on investment of any government run endeavor. So many people bitch about the military, but it was military members that were first putting their lives at risk testing things like supersonic aircraft and space travel. Guess who had the joy of being the human guinea pigs for things like the Anthrax vaccines.

If you really wanna bitch DARPA will take their internet and go home...

Re:Old News

The House's proposed National Defense Authorization Act for Fiscal Year 2009 is new, and it's what TFA is about.

Re:Old News

There was never anything actually preventing Government developers from considering Open Source previously. This will simply remind some Dev Managers that the option exists, even though their actual developers have probably been using it for years. The side effects of this bill will most likely bring out Microsoft's and other proprietary software house's lobbyists out of the woodwork. They've only painted another target.

Re:Old News

Yes, and it will probably give them leverage when negotiating with those vendors.

Re:Old News

From a non-USA point of view, I think this is a great step for open source solutions, but more for software in general.

It's been know that whatever the US military puts their hands on, that can grow to a great size. The whole Arpanet->Internet analogy may or may not be flawed for this. A lot of innovation comes from military funded projects.

The open source model is a great source (no pun intended) of innovation and combining those two points could lead to a massive step forward.

/PersonalOpinion

Re:oh boy

now it is great to know that the gov't will want me to release the software i write.

First, that's not what TFA (or even the summary) says. Second, there are a lot of companies writing, documenting, and using open source software. Open source <> "no profit".

our small business is gonna make it, i promise!

I wouldn't exactly call your business "small", Mr Ballmer! ;)

Re:oh boy

Two organization enter..one with heavy firepower.
Yes, I would enjoy watching that.

Re:Mostly inteligence - not code

Just one counter example: selinux came from the NSA. A pretty big "give back".
http://www.nsa.gov/selinux/ [nsa.gov]

There is a LOT of government written code available. In fact many of the biggest and most complex free software systems were developed and given away by the US government. It's just that they typically do not write word processors and games so your typical home user does not see it.

I can think of many examples most from the areas of science and enginerring. Here is one
http://www.nec2.org/nec_hist.txt [nec2.org]