When is 25 percent more than one quarter of the cost?
Leading by Example
Governments need a better understanding of the flexibility and security of open source software.
Recently, I visited a country that is considering a new law regarding government software purchases. To paraphrase the law, it requires that free and open source software be purchased for government uses unless no free and open source solution exists. If a proprietary solution is chosen, the solution must be justified. I happened to arrive on the day the subcommittee was considering this law, and they invited me to give my input.
I mentioned some of the common arguments in favor of FOSS. I told them that although private companies can make the case for short-term expediency through proprietary solutions, governments must consider additional criteria. A government handles public money, and therefore must take the long-term view. Governments need to consider the effect on their country if the software becomes unavailable some time in the future. What happens if the company goes out of business or simply stops producing a product? Does the government have the source code for the solution in escrow? If so, can the government find the programmers familiar enough with that software to change it to meet the government's needs? Who pays the cost of upgrading that proprietary software – which could include new hardware – and migration? What happens if an economic embargo is imposed by the country of the company producing the software? Can the government continue to get the software support necessary to keep their software working?
If the software is open source, the government can continue to use, update, and customize the program regardless of what happens to the company or person who originally wrote the software. In fact, in many cases, the government might not have to do anything at all because a community project will spring up to maintain the program.
Governments need to understand the flexibility and security that FOSS offers. Having ownership and control of the software they use allows governments to change the software to meet their requirements, rather than having to change requirements to meet the needs of the software.
The legislators told me that their country was small and they would not be able to find all the programmers necessary to write all the software they need. I pointed out that if they align with the FOSS community, they can join forces with others to develop the software every government needs, yet still reserve the right to change portions critical to their own needs.
The legislators argued that there should not be a law mandating FOSS. I pointed out that the only thing their law was doing was mandating that the choice of software be justifiable. Justification is something that should always be required in government.
Several legislators argued that the law might reduce the technological solutions that they might choose. I argued that this was not an issue of technology, but of business practices, and that technological goodness as a part the solution had not been compromised by this proposed law – in fact, it had been strengthened by requiring the justification.
Some legislators mentioned that proprietary software generated revenue for their people. Channels sold the software, installed the software, integrated the software, educated and certified others in how to use the software. "All of these things," I said, "can be done with free and open source software, to an even greater degree." Because the source code is available, it is much more possible for value-added resellers to change and integrate the various pieces of software into a better solution than it is to "warp" two non-changeable pieces to work with each other.
Finally, they mentioned that, in most cases, the software royalties were less than 25 percent of the costs, and therefore "were insignificant." As a taxpayer, I found this interesting. What consumer would not look hard at a 25 percent reduction in costs? And particularly if that 25 percent is probably going to leave their country in royalty charges to a company in a foreign land?
I pointed out that, by using FOSS, they could either save this 25 percent or use the savings to pay a local programmer to tailor the software to their needs – a local programmer who would buy local food, live in local housing, and pay local taxes.
After listening to my arguments, the legislators loosened up a bit. I could see that it was not their own arguments they were using, but those that were supplied to them by vendors of proprietary software. With that, I left the legislators to vote on their new law. I hope they choose the right path.
Buy this article as PDF
HP's annual Cyber Risk report offers a bleak look at the state of IT.
But what do the big numbers really mean?
.NET Core execution engine is the basis for cross-platform .NET implementations.
The Xnote trojan hides itself on the target system and will launch a variety of attacks on command.
Spammers go low-volume, and 90% of IE browsers are unpatched.
Adobe scrambles to release patches for vulnerable Flash Player.
Four-inch-long computer on a stick lets you boot a full Linux system from any HDMI display device.
New statute would require companies to report break-ins to consumers.
Weird data transfer technique avoids all standard security measures.
FIDO alliance declares the beginning of the end for old-style login authentication.