New DoD Memo On Open Source Software 146
dwheeler writes "The US Department of Defense has just released a new official memo on open source software: 'Clarifying Guidance Regarding Open Source Software (OSS).' (The memo should be up shortly on this DoD site.) This memo is important for anyone who works with the DoD, including contractors, on software and systems that include software; it may influence many other organizations as well. The DoD had released a memo back in 2003, but 'misconceptions and misinterpretations... have hampered effective DoD use and development of OSS.' The new memo tries to counter those misconceptions and misinterpretations, and is very positive about OSS. In particular, it lists a number of potential advantages of OSS, and recommends that in certain cases the DoD release software as OSS."
Re:But ... (Score:3, Informative)
Government agencies are required, IIRC, to respect* private copyrights, and releasing software that is derivative of private works that are under a copyleft license under the same license might be consistent with (and might even be necessary, if the software is released at all, to comply with) those regulations.
* As I understand, its not bound in the same way a private party is, but is restricted under the law in what it can do with copyrighted material without the permission of the copyright holder.
there's a few useful bits of software already (Score:5, Informative)
In addition to using externally developed free software, various parts of the military have periodically released and continued to support some decent bits of software. BRL-CAD [wikipedia.org] is from the Army Research Lab, and Delta3d [delta3d.org] is from the Naval Postgraduate School, to pick two examples off the top of my head.
Mil uses lots of Linux and BSD (Score:3, Informative)
Re:But ... (Score:5, Informative)
No software these days is developed from scratch, and the Government would be paying way, way more if it tried and probably getting significantly worse products. Most major programs utilize some proprietary code, for which the Government pays for "Government Purpose Rights". That means that the Government can use the software and often even demand the source code and deliver it to other contractors. But no one is allowed to use it for non-Government projects without contacting the original author and attaining their own license. It's kind of a Government version of dual-licensed open source.
Re:This is great... (Score:4, Informative)
Re:there's a few useful bits of software already (Score:2, Informative)
SimKit, Discrete Event Simulation Library, also from the Naval Postgraduate School....
http://diana.nps.edu/Simkit/ [nps.edu]
Sean
Re:Crash! (Score:3, Informative)
Holy SHIT chair-throwing jokes are old... and weren't even that funny to begin with...
Some Points on the Memo (Score:5, Informative)
Most government program/project managers are very slow to try new things like OSS. Generally, this is not due to laziness or not being technically up to date, but rather because the number of rules and regulations that they can get hammered for failing to follow is so large that they tend to continue to follow a safe path unless it is incredibly clear that they won’t get in trouble. This memo is designed to give top cover and make clear to all PM’s that using OSS is more than acceptable, it is actually preferred.
1) Although I can't say for sure how much the new administration's personnel in the Pentagon had to do with being signed, it probably was very little since the memo had been in production for years (rumor was that Dr. Pepper was going to give a free soda to everyone if it came out before 2010, but I don't think that's true). Over beers, one of the people involved with its writing told the story of being asked whether the memo would be out before Thanksgiving and responding, "Without a doubt." That was in 2007!! It probably emerged more from the "Open Technology Roadmap" by John Scott, Mark Lucas, and JC Herz for Sue Peyton in 2006 than any political changes.
2) Much of the memo just clarifies parts of the DoD's official position on OSS, especially areas that were major targets for FUD by contractors who are trying to sell proprietary systems to the government. For example, they would claim that procurement law requires commercial software to be used, and OSS wasn’t COTS. This was addressed by the 2003 memo, but still the misinformation persisted. Additionally, procurement law requires that software either be warranted or the source code available. Vendors would claim that since OSS isn’t warranted, it couldn’t be used, neglecting the second part of the requirement about source code.
Re:This is very odd... (Score:5, Informative)
I wrote the memo (mostly). Here's some historical context:
In 2001-2002 (or so), the Defense Information Systems Agency was in the process of certifying RHEL as being compliant with the Common Operating Environment, which was like a DoD-version of the LSB, sorta. Rumor has it (was before my time) that a certain OS vendor (popular in the desktop space) took exception to this fact and drafted an unsolicited memo for the DoD CIO, which effectively would have banned OSS.
The DoD CIO at the time was a guy named John Stenbit. Stenbit was (and is) a strong-willed visionary, who wasn't about to roll over for anybody, so he (through DISA) commissioned a survey of how much OSS was currently in use in DoD. The study got farmed out to MITRE, specifically a guy named Terry Bollinger. The results of the study were that OSS was being used in lots of places across DoD, in some cases for mission-critical things, and interestingly extensively by the information assurance community. (e.g. snort)
So Stenbit got someone to write a new memo, which he signed in 2003. It said roughly: OSS is okay, it's just like other software, but make sure that you get approval before you use it. (Same as anything else.) Stenbit retired from gov't in 2004.
In April 2008, the Deputy CIO (Dave Wennergren) got the idea that we ought to have updated DoD guidance on Open Source Software. I believe it was suggested to him by Scott McNealy (Sun), Art Money (former DoD CIO from 1999-2001), and Bill Vass (Sun, but former gov't executive under the DoD CIO). Dave asked around if there was anybody on the CIO staff at the time who knew much about OSS. That ended up being me.
I was a CS major at MIT, class of '95; used to work down the hall from Richard Stallman. I was on ROTC scholarship and later served about 6 years as an active-duty officer. I started working as a civilian in gov't in 2002, and in 2004 I took a position with the office of DoD CIO - partially so that I'd be in the right place to advocate OSS in gov't.
Four years later, I got an golden opportunity: I got the task to figure out what the updated OSS guidance should say.
I drafted the memo, with help from lots of folks, including David Wheeler, John Scott, LtCol John Barrette, Dave Emery, Terry Bollinger, MaryAnn Kiefer, Roger Loeb, Frank Petroski, Monique Pryce, JC Herz, and probably others I forgot to mention. I briefed the concept to Wennergren. Got feedback. Revised. Sent out to other offices in the Office of the Secretary of Defense (OSD) for coordination. Sent to the Military Department CIO offices for coordination. Spent many, many hours coordinating and revising with the Office of General Counsel (OGC) for the OSD, the Army, USAF, and Dept of Navy. It was mostly done a year ago, but it kept getting held up because someone wanted to review and comment.
One paragraph in the memo is traceable to a particularly heinous licensing debacle with a particular software vendor (not Microsoft) that affected a particular software project, and could have been avoided by using OSS.
The lawyers were by far the biggest delay. I wanted to reference the Open Source Definition (published by the Open Source Initiative), but lawyers wouldn't let me, on the grounds that doing so could be considered an endorsement of a non-federal entity, which would violate the Joint Ethics Regulation. I argued that this was a ludicrous interpretation of the JER, and eviscerates the authority granted to the CIO by the Clinger-Cohen Act. But after months of no-progress, I compromised and the final memo does not reference the OSI.
There was no direct involvement by the White House for the 2009 memo, and I don't think for the 2003 memo either. The generally favorable attitude from the current administration toward "openness" meant that I (and I think Mr. Wennergren) felt a pro-open memo would be well received, but we didn't consult with the WH, nor does the WH get that deep into agency policy - even for an agency as big as DoD. If the WH wanted to push po
Re:Oh Jesus (Score:1, Informative)