[vox] [Fwd] Warning CPR provisions for OpenSource under attack
Bill Kendrick
nbs at sonic.net
Mon Aug 30 13:03:40 PDT 2004
Here's the last one from Owen. Now that I've got them all posted here,
we should probably move the thread over to 'vox-outreach'...
-bill!
OK... Last one on this for a little while...
As promised, here are the written comments I submitted to the CPR website
at <http://cpr.ca.gov/feedback/>:
I am writing in support of recommendation SO10. For an unrelated
reason, I recently attended the public testimony portion of the San
Jose CPR meeting on August 27th. I was not familiar prior to that
with the content of recommendation SO10, so, I had not filed a comment
card and was unprepared to speak.
However, in seeing no less than three representatives of the
commercial software industry testify, it became clear to me that it is
important for the committee to hear from people who do not have a
vested interest in the sale of proprietary software. Each of the
representatives presented a gloom-and-doom perspective of open source
software and tried to accentuate the benefits of proprietary software.
I agree that there is some good commercial software available.
However, each of the people testifying against SO10 is representing a
group comprised of companies that sell software, and, thus, have a
vested interest in continued proprietary software sales.
It was stated that Open Source software or "Free Software" has hidden
costs in the form of support. This is simply not true. The "FREE" in
"Free Software" refers to freedom in the constitutional ("Free
Speech") sense more than in the commercial ("Free Beer") sense of the
word. Because the software itself is made available without charge in
most cases, this is a common misconception. The reality is that there
is no effort by the Open Source community to hide the fact that
supporting a production installation of any software costs money.
However, those costs are no greater on Open Source than on Commercial
Applications. In fact, because anyone can compete for the support
business on Open Source software on a level playing field, these costs
are often lower for open source.
It was stated that Open Source software is more difficult to use.
This is flatly false. There is a wide variety of Open Source
software, just as there is a wide variety of proprietary software.
Some of it is well written and well documented, some of it isn't, just
like in proprietary software. A recommendation to use Open Source
where feasible is not a recommendation to use poorly written or
difficult to use software. That's not feasible.
Finally, it was stated that Open Source software carries security
concerns. The reality is that ALL software carries security concerns.
Open Source at least allows the government to fully review the actual
behavior of the software if they so choose. It also comes with the
advantage that a wide and diverse community of developers and users
can also review the source. Finally, once a vulnerability is
discovered, any competent developer has full access to all the tools
necessary to resolve the issue, so, the state would not be stuck
waiting for the software vendor to develop a solution. The solution
could come from anywhere, literally, including in-house resources, if
necessary.
A Ms. Maldonado (sp?) testified on behalf of State IT employees. I
was very impressed with her testimony, and, urge the committee to give
it significant weight. While many of her recommendations may seem
self-serving, they are an accurate reflection of what I have observed
in over 15 years of IT experience. While she did not specifically
mention open source, I think it is clear that in-sourced development
resources would easily be able to leverage existing Open Source
software to speed application development and lower total application
cost to the state, while delivering software that meets the states
needs today and can be improved and expanded to meet future needs. By
returning these development contributions to the open source
community, the state could further benefit from synergistic
contributions by other developers, possibly even other in-house IT
professionals in other states.
Finally, if the committee has any questions or would like any further
clarification or information about any of the topics I have addressed
today, please don't hesitate to contact me. My email address and
phone number are submitted with these comments.
Thank you for your time and attention to these comments.
Owen DeLong
More information about the vox
mailing list