Feeds

Victory declared in the open source war that never was

But that's not all right then, really...

  • alert
  • submit to reddit

3 Big data security analytics techniques

The Initiative for Software Choice (ISC) has declared victory in the open source war that never was - Massachusetts' "Open Source Mandate", which would have outlawed the purchase of practically all non-open source software by state agencies, if it had ever existed. Which it never, ever did.

As The Register pointed out when the story broke last month, Massachusetts never said it was adopting a pro- open source policy, nor did it say it ever say it was mandating the purchase of open source software. It did say it would be adopting a broad-based strategy of moving its computer systems towards open standards. That didn't stop the BSA jumping in, nor the ISC, nor indeed (one must be fair) a rash of fevered speculation and Chinese whispers from the pro- open source camp.

The ISC's contribution is particularly amusing, because although the BSA had earlier cited "reports" in its delivery of the lead-filled sock, and didn't in so many words say that it necessarily believed these reports, the ISC charged in with its concern "that the open source software mandate recently announced by Secretary of Administration and Finance, Eric Kriss would incalculably harm Massachusetts public administration, its citizens, and its information technology (IT) industry and workers." This letter to Governor Romney requested a meetting to discuss the matter at his earliest convenience, and then fulminated its way well into a second page over the imaginary mandate.

Now, the darlings send us a copy of a letter to Kriss from ISC executive director Bob Kramer. This letter follows up on a meeting of the 8th October where Kriss seems to have explained that Massachusetts intends "where possible, to evaluate open source software on a level playing field with proprietary software," and to "implement the most cost effective solution that offers the best technology."

Which sounds pretty much like what we (and we note, Linux Insider) thought they'd said in the first place. But according to the ISC it's all Kriss' fault anyway. The 'Mass goes Linux' story, in its view, "may have been caused by a misunderstanding due to a lack of meaningful public-private dialogue." And not, apparently, by orqanisations with axes to grind shooting first and asking the questions afterwards.

But then comes what you might view as the ISC lead-filled sock. It continues: "Such dialogue can be extremely beneficial in informing complex policy decisions. We respectfully urge you to establish an open process that will facilitate a balanced discussion of your wide-ranging policy proposals, not only ensuring that the most cost-effective IT solutions get procured for Massachusetts, but also that taxpayers and the Massachusetts IT industry benefit too."

You could perhaps view the readiness of outfits like the ISC to hunt witches on the basis of rumour as amusing, but if you interpreted those two sentences as letting Kriss know his card has been marked, and that We Will Be Watching, it's perhaps not so funny. Overreaction of this sort has a tendency to create a McCarthy-like climate of fear, making it less likely that people will stick their necks out, and so more likely that the status quo will be perpetuated. So if an outfit were trying to defend vested interests, overreaction would be a useful tactic.

The ISC is of course not anti-open source, oh no, merely pro level playing field, so it cannot possibly have approached the Massachusetts matter on such a basis.

One other thing worth taking away from this sorry mess. Essentially, Massachusetts started this by espousing open standards rather than open source. Consider, however, the extent to which the two now go together. The extent to which you believe this is so is obviously going to relate to your personal level of commitment to open source and/or how much/little you believe in Microsoft's commitment to open standards. In the case of this particular story, the confusion seems in part to have arisen from a reporter mixing the two up, but it's actually going to be difficult to separate them in the coming wars for government software. On the one side, some people will say 'open standards' when they really intend to implement open source, while on the other, people will hear 'open source' when someone says 'open standards.' Whatever, just saying the latter won't protect you from the witchfinders, and 'open standards' may become a dirty word too... ®

SANS - Survey on application security programs

More from The Register

next story
OpenBSD founder wants to bin buggy OpenSSL library, launches fork
One Heartbleed vuln was too many for Theo de Raadt
Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor
Leaker claims big release due this fall as Microsoft herds us into the CLOUD
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Patch iOS, OS X now: PDFs, JPEGs, URLs, web pages can pwn your kit
Plus: iThings and desktops at risk of NEW SSL attack flaw
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Apple inaugurates free OS X beta program for world+dog
Prerelease software now open to anyone, not just developers – as long as you keep quiet
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.