Open Source Software: The Show Moves On

1
Open Source SoftwareThe Show Moves On

• ECPRD ICT WG Meeting
• House of Representatives
• Nicosia, Cyprus.
• 6 November 2003
• Andrew Hardie, Information Architect

2
OSS The Show Moves On

• Topics
• We have moved on from
• OSS is free!
• to
• OSS provides better security
• to
• OSS provides better diversity and choice
• OSS provides better value for money
• OSS provides open file formats

3
OSS The Show Moves On

• Topics
• Open file formats
• Microsofts Shared Source and File Format
  Licensing for Public Sector
• Other OSS developments
• Financial, Technical, Business and Political
  cases for OSS
• Recommendations
• Conclusions

4
OSS is free!

• Yes, but
• Cost of installation, support, people is far
  greater percentage of project/system costs
• Yes, and
• Updates are vital revenue stream for software
  companies, but OSS updates are free and,
  usually, faster in coming

5
OSS provides better security

• Yes and no
• Having the Source Code
• Doesnt make it inherently lower risk
• But, you can make wider assessments of the risks
• Having the Source Code
• Doesnt make the S/W any easier to install
• But, you can do what you want with the code
• fix, improve, reuse and redistribute

6
OSS provides better diversity

• Yes
• Different versions of Linux, optimised for
• Stability e.g. Debian
• Speed e.g. FreeBSD
• Full featured e.g. Red Hat
• European support e.g. SuSE, Mandrake
• CD bootable, turnkey firewalls, etc, etc.

7
OSS provides open file formats

• The new real issue (esp. in Public Sector)
• Remember Peru?
• Free access to public information by the
  citizen
• To guarantee the free access of citizens to
  public information, it is indispensable that the
  encoding of data is not tied to a single
  provider.
• Permanence of public data
• To guarantee the permanence of public data, it
  is necessary that the usability and maintenance
  of the software does not depend on the goodwill
  of the suppliers, or on the monopoly conditions
  imposed by them.

8
Microsofts Shared Source

• Provides view access to source code
• Some versions allow debug access
• None allow modification or distribution
• Availability limited - not available in Europe
  to
• Albania, Andorra, Armenia, Azerbaijan, Bosnia
  Herzegovina, Croatia, Cyprus, Estonia, Georgia,
  Iceland, Latvia, Liechtenstein, Lithuania, Malta,
  Moldova, Romania, Russia, San Marino, Serbia
  Montenegro, Slovakia, Slovenia, FYROM, Turkey,
  Ukraine

9
Microsofts Shared Source (2)

• Source code access is far too complex a way to
  solve transparent file access issues
• May have a role where MS S/W is used for
  democratic activities, e.g. e-voting, but
• Cannot be limited by country
• Must be available to election NGOs also
• Must be possible to report publicly on issues

10
Microsofts Shared Source (3)

• My opinion
• Not a suitable vehicle for solving the
  democratic information access issues for
  parliaments and other public sector bodies
• Not acceptable that a commercial company decides
  on a countrys worthiness on such an issue
• Often, the countries that may be least worthy in
  the companys eyes are precisely the ones in
  most need of the best possible democratic
  transparency

11
Microsofts Plan B

• Government and Parliament License Agreement for
  Archival, Forensic and Security Use of Microsoft
  Office File Format Documentation
• Recognises that the file formats are the issue,
  not the code
• Provides for certain limited,
  public-sector-specific uses of Microsoft Office
  binary file format documentation in a
  government's or a parliaments capacity as a
  Microsoft customer.
• Certain what? Limited how?
• Available to all countries, as of right, and on
  an equal basis?
• Binary only? What about XHTML? Is it Binary or
  HTML?
• What about email files?

12
Microsofts Plan B HTML issue

• Microsoft says
• Microsoft is committed to offering customers
  that use Microsoft Office the choice to create,
  edit and save files using one or more open
  formats, where such exist
• Microsoft Word 2003 allows people to save
  documents using Microsoft formats as well as
  open formats such as HTML and ASCII
• But, which HTML?
• Save as Web page (with Office-specific markup)?
• Save as Web page, filtered (traditional HTML)?
• So far, no clear answer

13
Microsofts Plan B access or escrow?

• licensed to develop future Office-originated
  document rendering technology for internal
  government or parliament use in the event no
  suitable alternative technology is then
  commercially available
• What does rendering technology mean? View?
  Analyze? Debug?
• Rendering (presentation display the paper
  says) isnt the issue conversion to
  non-Microsoft-dependent file formats is the
  issue!
• Is the plain English translation of the in the
  event bit really
• as long as Microsoft remains in existence and
  provides some kind of technology, of whatever
  quality, to support old MS Office file formats,
  you are not allowed to do anything? Or any other
  after-market co.?

14
Microsofts Plan B (4)

• licensed to identify certain meta-data
  underlying a given Office-originated document
• Identify - how? Which metadata? Document
  properties?
• And then do what with it? Just make a list?
  Export it?
• licensed to engage in Office-related security
  analyses
• And do what with the results? Tell Microsoft
  only?
• What about independent NGO scrutiny?
• What will be the position with WordML (Office
  2003)?
• Implication is that it will be, effectively,
  proprietary XML
• As for Longhorn XAML, who knows?

15
My Plan

• Goal Parliaments must be able to publish and
  archive public interest information in a reusable
  open format that does not depend on any
  suppliers technology or licensing conditions
• (Note not, necessarily, create in this format)
• So, if Word is used to create, the questions now
  become
• Will Microsoft permit and support this?
• If not, why not?
• And, if not, the decision for Parliaments, etc.,
  would then be
• Does Microsoft have a role in this process at
  all?

16
My Plan (2) How?

• The with-Microsoft scenario
• Create in Word, with doc. properties, named
  styles for structure, etc.
• Convert to XHTML, retaining the Office-specific
  markup
• Retain this Word-XHTML file for corrections,
  etc (short/med-term)
• Also convert markup to generic XML, using UTF8
  coding (long-term)
• Microsoft then have no control over these
  converted file formats
• What Microsoft needs to do
• Publish the XHTML format and its relationship to
  Word Doc. model
• Agree the use of the information in it to
  perform such conversions
• Or, write a plug-in/filter to do the above and
  make it freely available
• Microsoft does not have to relinquish its
  proprietary rights over the binary file format
  or, even, the XHTML (if it claims it)

17
My Plan (3) How?

• The without-Microsoft scenario
• AbiWord, Open Office, etc (not necessarily no
  MS-Windows)
• Convert to XML, UTF8, etc. (If necessary)
• Lots of choices, also lots of cross-training and
  support issues, but not insuperable
• But also remember
• There is no such thing as an enduring file
  format
• There is no such thing as an enduring storage
  medium
• Archive now means a copy of online, not an
  offload of it

18
Other developments 1

• Two major studies on OSS
• Danish Technology Board report OSS in
  e-Government (now available in English)
• The essential requirement to be met for
  increased application of open source on the
  desktop and for greater competition to be
  established in the area is for the public sector
  to make sure that word-processed documents are
  exchanged in an open file format
• open source as infrastructure software
  entails substantially lower costs
• Significant socio-economic potential in the
  application of OSS. great economic scope for
  investments in both IT skills pilot development
  projects in choosing OSS

19
Other developments 2

• Italian Ministry of Innovation and Technology
  report (available only in Italian)
• Pub. Admins should not penalize or forbid use of
  OSS procurement criteria must be value for
  money
• Custom software must be fully (but not
  necessarily exclusively) owned by Pub. Admin.
• Necessary to support and facilitate reuse of
  custom software owned by Pub. Admins, and the
  spreading of best practice
• All proprietary packages bought under licence
  must be available for inspection and
  traceability. Pub. Admins. must be protected in
  the event supplier no longer able to provide
  support.
• Information systems of Pub. Admins must interact
  via standard interfaces that must not be bound
  to any one supplier

20
Other developments 3

• Italian Ministry of Innovation and Technology
  report (2)
• Documents of Pub. Admins should be stored and
  made available in one or more formats, one of
  which must be open others to be chosen at
  discretion of the Pub. Admin.
• Transfer of custom software and licences between
  Pub. Admins must be free from ties and should be
  encouraged
• Guidelines needed for planning and procurement
  of software in Pub. Admins. Must be effected via
  promotion and competence development in Pub.
  Admins.
• OSS can be a useful tool to reuse innovative
  software developed by research and technology
  innovation projects

21
Other developments 4

• UK government doing nine proof of concept
  trials of OSS in the public sector (managed by
  OGC/OeE, run by IBM)
• MS paying Cap Gemini Ernst Young to do audit
  of Newham Borough Councils IT systems, aimed at
  proving MS is cheaper in TCO full TCO studies
  notoriously difficult, but look forward to it!
• IBM has chosen Linux for new Blue Gene
  supercomputers 65,000 CPUs, 200 trillion Cps

22
Other developments 5

• Bad year for Microsoft virus and worm exploits
• SOBIG may be the most damaging ever
• SQL Slammer was the fastest spreading
• Welchia/Nachi, Blaster, etc
• Ten settlements in past year of class actions,
  claiming Microsoft used its monopoly to
  overcharge customers, at a cost of 1.55 billion
  5 more class actions pending
• MS agreement with SCO and their lawsuit against
  IBM
• Unclear signals from MS over file format issues
• All helps to keep OSS issue high on the agenda
  of public sector decision makers and legislators

23
Hot OSS Projects (Sourceforge as of 31 Oct)

• Gaim - instant messenger app.
• Winmerge source code compare/merging
• AMSN - MSN messenger clone
• Fire - instant messenger client for Mac OS X
• Compiere ERP and CRM
• eGroupware Enterprise collaboration suite
• POPFile automatic email classifier
• phpMyAdmin PHP front end for mySQL
• Tiki CMS/Groupware
• Filezilla FTP client and server for Windows

24
Hot OSS Projects (Freshmeat as of 31 Oct)

• CK-Ledger - accounting and back office system for
  SMEs
• wmalms - monitors sensor chip temperature, fan
  speed, and voltage
• WebSprockets - framework for rapid prototyping of
  RDBMS-based dynamic Websites
• Minirsyslogd - syslog receiver for hardened log
  receiver hosts
• Jameleon - automated testing tool for application
  features, with tied test cases
• LANforge - unified multi-prot. net traffic
  generator WAN simulation
• UBS - run the operations of a radio station
  completely unattended
• GtkAtlantic - client for playing Monopoly-like
  board games
• Layer 7 packet classifier - classify packets by
  application, not port
• yesCoder - program to hide data in ASCII text
  files

25
OSS in Parliaments Financial Case

• Would OSS be cheaper?
• Hidden factors (pro)
• Downtime (esp. servers) planned unplanned
• Future legacy data management costs (file
  formats)
• Future changes to commercial license terms and
  costs
• Hidden factors (con)
• Retraining costs (users support staff)
• Availability of skills (but this is chicken
  egg!)
• Enterprise management facilities still lagging
  behind
• Increased service management costs (IDC
  Gartner reports)
• Only about 5 of total IT cost anyway

26
OSS in Parliaments Technical Case

• Would OSS be more secure?
• Outlook victim of success or bad code?
• Before Outlook, there was sendmail
• Do many eyes make all bugs shallow?
• Decisions made by OSS bundlers (e.g. port
  service enabling), esp. changes to defaults
• Once OSS becomes mainstream, hackers will
  target it this is inevitable

27
OSS in Parliaments Technical Case

• Would OSS be better?
• Web/Net appliances OSS already better
• Enterprise servers it depends on task/load
• Database servers hampered by SQL variations
  and enhancements
• Clients Microsoft still dominant, but
  position is changing significantly now
• OSS client developers must look beyond just
  writing Microsoft clones

28
OSS in Parliaments Business Case

• Change management in Parliaments
• Change to use structured information
  (reusability, high quality questions, etc), i.e.
  internal efficiency
• Change to use Web-centric approach
  (accessibility, transparency, etc), i.e.
  external effectiveness
• Change to use open file formats democratic
  access cannot depend on need to purchase or
  licence specific software
• Change to OS, Applications, or both, as well?
• But, given that the first three have to be done,
  why not?
• A planned migration path is possible, once
  proprietary file formats have been replaced by
  app/platform neutral ones

29
OSS in Parliaments Political Case

• If
• More virus/worm attacks
• Another increase in MS licence costs
• Lack of support for open file formats
• Bad corporate governance revelations
• Anti-trust decisions (Europe case in progress)
• Class action suits and settlements
• i.e. enough bad publicity, and
• Then, very quickly, the issue of OSS may become
  politically hot are you ready for that?

30
OSS in Parliaments - Recommendations 1(From Den
Haag, 2002, slightly updated)

• Reconsider your network architecture
• Are you supplier-dependent by design?
• How can you redesign to avoid supplier
  dependence?
• Move away from shared drive and folder models
  old, platform-dependent
• Consider Web-based storage and retrieval
  techniques, and P2P
• Play to the strengths of the Web and its ways
• HTML was, and still is, a notoriously bad
  mark-up language
• HTTP protocol so simple as to be almost
  obstructive
• URL/URI addressing what made the Web fly
• REST Representational State Transfer model
  (Fielding)

31
OSS in Parliaments - Recommendations 2(From Den
Haag, 2002)

• Reduce dependence on things that break REST
  model
• Use URI, addressable resource model wherever
  possible
• Avoid XML-RPC, SOAP for Internet
• Reduce dependence on proprietary content formats
• Migrate your legacy document collections
• Word, WordPerfect, WhatEver, to non-proprietary,
  e.g. XML
• SGML to XML most SGML parsers are commercial
• No need to change any of these recommendations!

32
OSS in Parliaments - Recommendations 3(New for
2003)

• Given that file formats is now a big issue
• Time for that new Information Architecture!
• Create an environment for program and content
  reuse
• Start with the content, not with the products
  (paper, web, etc)
• Follow the Internet development model
• Agile model speculate, collaborate, learn
• Play with your data experiment with structures,
  then do DTD
• Code early, test often, feedback fast
• Any project that has run for 3 months and has
  only paper to show for it is already in trouble!

33
OSS in Parliaments - Recommendations 4(New for
2003)

• Metadata
• Go for quick wins. Devise simple metadata
  structures for
• Members and their constituencies (needed
  everywhere)
• Ministers, Ministries, etc., answerable to
  Parliament (constantly referred to)
• Parliamentary Question/Answer pair (uses both of
  the above)
• Legislation progress (business process metadata)
• Use them, learn, then move on to more complex
  content
• Bills
• Debate Reports
• Committee Reports
• How much of this will be in ParlML?
• First suggested in Stockholm, 1999

34
Open Source SoftwareThe Show Moves On

• Good luck with your projects!
• Thank you.
• Andrew Hardie, Information Architect
• ash_at_cellar.demon.co.uk