IP: Open-Source Fight Flares At Pentagon Microsoft Lobbies Hard Against Free Software

[Dave Farber <dave () farber net>]

------ Forwarded Message
From: "Robert J. Berger" <rberger () ultradevices com>

Open-Source Fight Flares At Pentagon
Microsoft Lobbies Hard Against Free Software
http://www.washingtonpost.com/wp-dyn/articles/A60050-2002May22.html

By Jonathan Krim
Washington Post Staff Writer
Thursday, May 23, 2002; Page E01

Microsoft Corp. is aggressively lobbying the Pentagon to squelch its
growing use of freely distributed computer software and switch to
proprietary systems such as those sold by the software giant,
according to officials familiar with the campaign.

In what one military source called a "barrage" of contacts with
officials at the Defense Information Systems Agency and the office of
Defense Secretary Donald H. Rumsfeld over the past few months, the
company said "open source" software threatens security and its
intellectual property.

But the effort may have backfired. A May 10 report prepared for the
Defense Department concluded that open source often results in more
secure, less expensive applications and that, if anything, its use
should be expanded.

"Banning open source would have immediate, broad, and strongly
negative impacts on the ability of many sensitive and security-focused
DOD groups to protect themselves against cyberattacks," said the
report, by Mitre Corp.

A Microsoft Corp. spokesman acknowledged discussions between the
company and the Pentagon but denied urging a ban on open-source
software. He also said Microsoft did not focus on potential security
flaws.

Spokesman Jon Murchinson said Microsoft has been talking about how to
allow open-source and proprietary software to coexist. "Our goal is to
resolve difficult issues that are driving a wedge between the
commercial and free software models," he said.

John Stenbit, an assistant secretary of defense and the Defense
Department's chief information officer, said Microsoft has said using
free software with commercial software might violate the
intellectual-property rights of companies such as Microsoft. Stenbit
said the issue is legally "murky."

The company also complained that the Pentagon is funding research on
making free software more secure, which in effect subsidizes
Microsoft's open-source competitors, Stenbit said.

Microsoft's push is a new front in a long-running company assault on
the open-source movement, which company officials have called "a
cancer" and un-American.

Software is designated open source when its underlying computer code
is available for anyone to license, enhance or customize, often at no
cost. The theory is that by putting source code in the public domain,
programmers worldwide can improve software by sharing one another's
work.

Vendors of the proprietary systems, such as Microsoft and Oracle
Corp., keep their source codes secret, control changes to programs and
collect all licensing fees for their use.

Government agencies use a patchwork of systems and software, and
proprietary software is still the most widely used. But open source
has become more popular with businesses and government.

The Mitre Corp. report said open-source software "plays a more
critical role in the DOD than has been generally recognized."

The report identified 249 uses of open-source systems and tools,
including running a Web portal for the Defense Intelligence Agency,
running network security for the Army command in Europe and support
for numerous Air Force Computer Network Defense tools.

Among the most high-profile efforts is research funded by the National
Security Agency to develop a more secure version of the open-source
Linux operating system, which competes with Microsoft's Windows.

The report said banning open-source software would drive up costs,
though it offered no specifics. Some government agencies have saved
significantly by using open source.

At the Census Bureau, programmers used open-source software to launch
a Web site for obtaining federal statistics for $47,000, bureau
officials said. It would have cost $358,000 if proprietary software
were used, they said.

Microsoft has argued that some free-licensing regimes are antithetical
to the government's stated policy that moneymaking applications should
develop from government-funded research, and that intellectual
property should be protected.

Microsoft also said open-source software is inherently less secure
because the code is available for the world to examine for flaws,
making it possible for hackers or criminals to exploit
them. Proprietary software, the company argued, is more secure because
of its closed nature.

"I've never seen a systematic study that showed open source to be more
secure," said Dorothy Denning, a professor of computer science at
Georgetown University who specializes in information warfare.

Others argue that the flexibility provided by open-source software is
essential, enabling users to respond quickly to flaws that are found.

"With open source, there is no need to wait for a large software firm
to decide if a set of changes is in its best interests," said Eugene
Spafford, a computer-science professor at Purdue University who
specializes in security.

Jonathan Shapiro, who teaches computer science at Johns Hopkins
University, said: "There is data that when the customer can inspect
the code the vendor is more responsive. . . . Microsoft is in a very
weak position to make this argument. Whose software is the largest,
most consistent source of security flaws? It's Microsoft."

Stenbit said the debate is academic and that what matters is how
secure a given piece of software is. To that end, the Defense
Department is now prohibited from purchasing any software that has not
undergone security testing by the NSA. Stenbit said he is unaware of
any open-source software that has been tested.


------ End of Forwarded Message

For archives see:
http://www.interesting-people.org/archives/interesting-people/