• On CHOW: Sexy vampire party
December 19, 2008 8:07 AM PST

Open source makes serious headway in the U.S. Department of Defense

by Matt Asay
  • Font size
  • Print
  • 3 comments

As I listened to David Mihelcic, CTO with the U.S. Defense Information Systems Agency talk about the benefits of open source on Federal News Radio's presentation of "Open Source Solutions - 2 Years In Review," I couldn't help but be impressed with just how far open source has come in the past decade.

When I first got involved with open source back in 1998, it was perceived as risky (Rampant fear of the GPL and other open-source licenses), not secure (How can community development take care to lock out the bad guys?), and niche. In 2008, however, the CTO of a powerful agency within the U.S. Department of Defense boldly declares open source's superiority as a development model:

Open source brings to us the ability to have collaborative and agile development environments....Additionally, open source benefits the Department of Defense through...simplified licensing...and security....Security through obscurity just doesn't work.

And while Microsoft has paid for research that counterbalances the apparent rise of open source in U.S. defense agencies, it's hard to argue with the facts. The Pentagon is preparing guidelines to shepherd more open source into U.S. defense. Various U.S. defense agencies have gone on the record in support of open source. The U.S. Department of Defense has even sponsored an open source conference.

It's happening. Mihelcic's comments referenced above are just one more indication that the world's most demanding, mission-critical defense systems will increasingly run open source. For you Americans, if your country trusts your physical security to open source, isn't it time to trust your business' security to open source?

Matt Asay brings a decade of in-the-trenches open-source business and legal experience to The Open Road, with an emphasis on emerging open-source business strategies and opportunities. Matt is vice president of business development at Alfresco, a company that develops open-source software for content management. He is a member of the CNET Blog Network and is not an employee of CNET. Disclosure. You can follow Matt on Twitter @mjasay.
Topics:

Industry news

Tags:

US Department of Defense,

IT spending,

open source

Share:
Digg
Del.icio.us
Reddit
Recent posts from The Open Road
Apache: 'No jerks allowed'
Cloud to suck money out of market, report says
When open source isn't (open enough)
SAP wants an open Java process (pot, meet kettle)
Google shifts software value to operations, away from IP
Mobile: Still waiting to see what sticks
Google privacy controls: Most people won't care
Amazon's move mocks EU's fear of Oracle
Related
Defense Department issues new open-source guidance
WhiteHouse.gov now runs Drupal. What took it so long?
The difference a few years makes to open source
EU's MySQL inquiry may backfire for open source
A child porn-planting virus: Threat or bad defense?
Five awesome iPhone tower defense games
Google competes for the future; Microsoft, the past
What Red Hat's investment in EnterpriseDB means
Add a Comment (Log in or register) (3 Comments)
  • prev
  • 1
  • next
by bmn_1213 December 21, 2008 6:26 PM PST
The title is reversed. You are trying to say a dept making serious headway to open source
Reply to this comment
by rtechie December 22, 2008 4:52 PM PST
Yes and no. I work closely with the Defense department and while it's accurate to say that the Defense Department is using more open source in the sense they are working with more companies that are using open source it's a misnomer to say they are adopting support-free open source products in favor of commercial products.

Quite the opposite. Moreso than any organization on Earth perhaps, DoD has an elaborate test series and certification process products must go through. Considering the amount of effot vendors usually need to go throguh to pass such certification it seems unlikely that many open source products could pass without major handholding from a vendor. This is what happened with OpenSSL, and it's the only reason why OpenSSL is one of few open source products that is FIPS-certified and on the DoD approved products list.

And there is an extremely heavy emphasis on support contracts in the military due to CYA. Making your own solutions means you don't have a vendor to blame. This is not to say that certain parts of the DoD don't roll their own solutions, DARPA certainly does, but this is not wide practice.

Much of this has to due with the nature of IT staff in the military. There are a lot of 18-19 year olds with limited IT experience doing IT in the military. This is not to say that the military doesn't have smart people. But the reality is that the military has a lot of relatively inexperienced manpower, which limits their ability to roll their own (an more importantly, maintain their own) solutions.
Reply to this comment
by gmartin_cn December 29, 2008 5:34 PM PST
rtechie,

What you say may have some validity, but keep in mind that with budgets tightening, that may change.

Additionally, it isn't just about 'using Open Source'. What the forge.mil initiative that Mr. Mihelcic is referring to is doing is encouraging vendors who already provide solutions to the DoD to utilize common Open Source pieces in their supported solution(s) for the department. It is also about getting those same vendors to make common pieces of their solutions available for other vendors to utilize (if it makes sense to do so). Hopefully, there is also value provided to DoD vendors who don't always have to re-invent every single piece of tech themselves.

In the end, the DoD (and by extension, the tax payers) are tired of paying for 'vertically integrated closed-source solutions' that are out of date before they ever get deployed. If you listen to the entire broadcast archive Matt points to, you'll notice a very clear signal for a 'hybrid' model, where COTS software is used where it makes sense, and Open Source is pulled in for areas that it can add value.

Full disclosure - I work for CollabNet, and am the community management consultant for the forge.mil initiative that Mr. Mihelcic is referring to. If anyone is interested, I'm blogging periodically about the progress/issues we face as we roll out this set of sites for the DoD. You can check that out here: http://blogs.open.collab.net/oncollabnet/

Thanks.
(3 Comments)
  • prev
  • 1
  • next
advertisement
Click Here

A CNET Conversation with Eric Schmidt

CNET's Tom Krazit and Molly Wood sit down with Google CEO Eric Schmidt to discuss the future of Android, the Chrome OS, the problem of real-time search indexing, and more.

Verizon tests sending RIAA copyright notices

The No. 2 phone company, known for its reluctance to intervene in antipiracy cases, strikes an agreement to forward copyright notices on behalf of the music industry.

advertisement

About The Open Road

Matt Asay brings a decade of in-the-trenches open-source business and legal experience to the Open Road, with an emphasis on emerging open-source business strategies and opportunities. Matt is general manager of the Americas division and vice president of business development at Alfresco, a company that develops open-source software for content management. He is a member of the CNET Blog Network and is not an employee of CNET. Disclosure.

Add this feed to your online news reader

The Open Road topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET