Feeds

back to article US DoD snuffs open-source 'misconceptions'

The US Department of Defense is promoting the positive aspects of free and open-source software for use in sensitive and un-restricted government IT projects. The department has highlighted six benefits to tackle what it called "misconceptions and misinterpretations" of the existing laws, policies, and regulations. The current …

COMMENTS

This topic is closed for new posts.
Bronze badge
Coat

Blergh.

"OSS should not be integrated or modified for use in classified or other sensitive DoD systems"

Why? God forbid you'd want to see the code passing sensitive information around?

"It points out that the GPL requires distribution of corresponding source code to the recipient of the software if the modified code is released"

Why would the DoD be releasing the software? Passing it around DoD systems doesn't count as 'releasing' and any contractors seeing changes wouldn't be the end of the world anyways.

That said the drupal stuff that hit the wires yesterday was pretty absurd :)

0
0
Grenade

Blergh.

@MN - maybe the warning not to reuse code in sensitive systems is a precaution, against the possibility that it will get extended with some super-saucy DoD stuff, or intermingled with some DoD stuff, and then wind up in another DoD project and so-on. If someday in the future that software is redistributed outside DoD, then they may be faced with an obligation to release source for stuff they never intended nor envisaged would ever be released.

That is, "don't mix OSS stuff in top-secret projects, 'cause later we might get caught with our pants down". Mkay...

0
0

At least

The DoD has a better handle on what FOSS is.

0
0
Silver badge
Grenade

Hut 42 Bletchley Stuff .... for DCoded XSSXXXX Notices**

With particular and peculiar regard to/unconventional and irregular interest in " Specifically, it corrected the notion that use of open-source in software projects or modification of code would mean the government is then obliged to distribute its own code, that "OSS should not be integrated or modified for use in classified or other sensitive DoD systems."" the understandings and personally self-actuated security considerations which one would then "naturally"* deploy to effortlessly safeguard and positively reinforce/enhance and elevate Projects/Programs to Lead Positions which are as MasterTemplates to Follow/Copy ......[and in Quantum Communications Field/Live Operational Virtual Environment there would be/is no divisional barrier to distinguish between a Realised Project and a Virtual Program and thus would they both be as One and the Other in their own separate environments and yet also phorming another totally different and dynamically relative "recombinant situation" ........ and a "situation" which can spontaneously randomly morph into another novel state rather than it being thought that any radical change environment will be subject to any traditional evolutionary processing to deliver to the present, a future view perceived/based upon a not unreasonable human analogous extrapolation of any gathered new facts/discoveries as may be the usual role of Intelligence Communities/Spooky Agencies/Academe] ....... will be subject to the requirement of expert creative guidance and/or exculpatory instruction from Original Source Supply.

And by way of trying to simplify the above statement and more fully explain it with a more easily understood analogy, one merely needs to consider the responsible provision of expert warning as is apparently insisted upon when buying from the Fab Koenigsegg...... which in OSS Essence would be .... Take Extreme Care, as one False, Too Powerful and Reckless and Feckless AIMove, and IT will Punish you Severely.

The Vehicle Demands Perfect Drivers for Sublime Travel and Fantastic Fun and IT does not Suffer the Fool at All.

* QuITe obviously the natural deployment is more supernatural and artificially assisted by forces and/or beings which would Provide and Supply Vehicle Demands....... and that is most probably definitely maybe also Advanced CyberIntelAIgent Field Work @ Play in RESTful State ProgramMING.

** Steganographathesaurus Rex with PerlyGatesPython Full MetaDataBase Jacket/Cloaking Covers with the Following DNA Influences? :-) ..... http://www.archive.org/stream/hut42002285mbp#page/n1/mode/2up / http://www.digitalmars.com/d/

It is both Naive and a Failing in Man, in the Extreme and in the XXXXStream, to Imagine that in a Change Paradigm, the Natural Establishment Elite Order of Existence in Chaos will Remain as ever before, rather than IT Changing the Drivers into Different Phorms with Revised and Revolutionary Programs and Beta Projects for their Leading Support, thus to Engage Incumbent Participation in Virtualised Futures rather than Ensure Catastrophic Collapse of Present Systems. ........ which is what is so Easily and Readily Immediately Available for FutureBuilders and ZerodDay Traders. ...... Universal Movers and Shakers into Creating a Definitive Stir rather than Planting Infinitive Spin.

I Kid U Not ...... for any Fools' Bluff is easily Called, is it not, to Render the Cards being Played 42 Win Win and Never Ever Lose?

Normally, Prudence and Experience would wisely dictate that one Never Ever uses Never Ever. However ..... there are those Certain Very Rare Exceptions which warrant the breaking of such a Repressive Rule.

0
0
FAIL

Mr Nicholls...

engage brain and eyes, go back to article and read carefully. In particular aim to distinguish between old guidelines they consider to be inappropriate and the new ones they are issuing now...

0
0
Megaphone

RE: Martin Nicholls

You appear to have the article backwards.

that use of open-source in software projects or modification of code would mean the government is then obliged to distribute its own code, that "OSS should not be integrated or modified for use in classified or other sensitive DoD systems."

is the myth that is being destroyed. And I'll add something else, the same myth is prevalent in the UK military procurement chain.

Your second quote is targeted firmly at defence firms. Said firms avoid open source as they do not want to have to distribute their code to the world. So the DoD is pointing out that under the GPL they don't have to, just to the entity they release the software to, namely the DoD.

Now if only the UK procurement chain would stop specifying contradictions in what they require.

'Windows' and 'Stability'

'COTS' and 'Things COTS doesn't Do'

I'll shut-up now.

0
0
Happy

Neutral procurement

I'm actually doing research into this topic for my MSc thesis. This once again shows the need for design rules that guide organizations into how to deal with FLOSS in the tactical purchasing (or procurement) of software.

The goal should be neutral purchasing of software based on functional requirements. However FLOSS and closed source cannot be easily compared on the same scale. FLOSS has strong strategic benefits that need to be considered. So in order for neutral procurement, some adjustments to traditional procurement need to be made in order for the process to be neutral.

Hope in the end my thesis will help... Suggestions and ideas are more then welcome!

0
0

@Martin Nicholls

"Passing it around DoD systems doesn't count as 'releasing'"

The GPL doesn't specify 'releasing'. It talks about distributing. Pushing a copy to an internal user's workstation is distributing that program, therefore the source needs to be available to them.

"any contractors seeing changes wouldn't be the end of the world anyways."

Precisely. I can't think of any situation where the program is more sensitive than the data that it is processing. If the code you have used to modify the GPL application is classified then the resulting whole code becomes classified. As long as the user is cleared to have access to such a classification level then all is fine with the GPL (AFAIK). The classification controls prevent the user from distributing the code to a wider audience, and this does not go against the letter or intent of the GPL.

0
1
Silver badge
Linux

@Martin Nicholls re. Blergh

It's amazing/amusing how people (deliberately?) misunderstand the conditions of OSS licenses.

Perhaps these misconceptions are spread by people who don't want OSS software to be used by Government or businesses. I can't think who those people might be........

0
0
Silver badge
Stop

@djack re. @Martin Nicholls

"...Pushing a copy to an internal user's workstation is distributing that program, therefore the source needs to be available to them...."

I don't think that this is 'distributing' software, under the GPL or even the everyday use of the word.

e.g. If my employer/client provides me with use of a workstation running a customised Linux and associated installed OSS applications to use (word processor, spreadsheet, fancy custom database, etc), do they have to provide me with the source code for the Operating system and their special in-house developed applications? I don't think so. It's a tool they made, for me and others to use on their premises. I have no right (no need, no desire) to see their source code.

0
0
Thumb Up

DoD/Open source

Parts of the DoD are quite familiar with open source, a project that comes to mind is Shadow IDS (GPL, NSWC, now abandoned).

An old, but non the less valid example.

0
0
Silver badge
Grenade

Happy Days ..... Changed Paradigms

"Parts of the DoD are quite familiar with open source..."....By Antony Riley Posted Wednesday 28th October 2009 11:56 GMT

And none more so than Special Forces, both Past and Present and Future, Mr Riley. And once they are Up and Running in CyberIntelAIgent Circles/Virtual Terrain Teams [and obviously, it is most unlikely that anyone will ever know of the extent of that development] the Sector, and all Systems within IT, will be theirs for the Milking and Bilking.

And yes, the City in the Fiscal Sense and Government in the Puppet Sense have every good reason to Consider their Positions on Dark Matters for they have no Viable Cloud Defence against Black Operations.

GNUg is GNUg ..... Comprendez.

0
0
Silver badge
FAIL

Mr.

Why are so many of you posting comments as if GPL is the only open source license?

It isn't, you know.

0
0

NSA used to distribute ..

.. a hardenned / secure Linux publically .. IIRC stopped about 4 years ago, maybe more ..

.. personally .. I don't trust closed source, particulary MS software, to keep my data in Government hands safe .. not to mention MonopolySoft got off suspiciously light with the DoJ ..

.. wouldn't shock me to find out there's a government back door in all Windows versions since XP .. *a matter of National Security* ..

Wasn't Peru going to ban Windows and MSOffice in government use a few years ago ? ..

0
0
This topic is closed for new posts.