from ForgottenFlux@lemmy.world to technology@lemmy.world on 26 Jul 2024 15:15
https://lemmy.world/post/17976870
Switzerland has recently enacted a law requiring its government to use open-source software (OSS) and disclose the source code of any software developed by or for the public sector. According to ZDNet, this “public body, public code” approach makes government operations more transparent while increasing security and efficiency. Such a move would likely fail in the U.S. but is becoming increasingly common throughout Europe.
According to Switzerland’s new “Federal Law on the Use of Electronic Means for the Fulfillment of Government Tasks” (EMBAG), government agencies must use open-source software throughout the public sector.
The new law allows the codifies allowing Switzerland to release its software under OSS licenses. Not just that; it requires the source code be released that way “unless the rights of third parties or security-related reasons would exclude or restrict this.”
In addition to mandating the OSS code, EMBAG also requires Swiss government agencies to release non-personal and non-security-sensitive government data to the public. Calling this Open Government Data, this aspect of the new law contributes to a dual “open by default” approach that should allow for easier reuse of software and data while also making governance more transparent.
threaded - newest
I mean wouldn’t everything be a security concern in relation to government agencies?
I feel like a lot of the front ends can be open sourced.
I work for the UK government. Everything my organisation does is licensed in either MIT or OGL (www.nationalarchives.gov.uk/doc/…/3/)
Developing code in the open really helps ensure you nail down your secure coding practices.
In my opinion especially security code needs to be open source…
Nothing like bored programmers on the internet to nitpick the governments code.
If you don’t release your source code due to security concerns, you just announced to the world that your software is vulnerable and you’re relying on security through obscurity.
never let them see you cry
Meh, not really. The risk with making it publicly available is that a nation state or leet hacker types can comb over it and find exploits or know what libraries/etc you are using so when a zero day pops up they can target you directly. Whereas without direct access to th source code they’d have to do their own enumeration and surveillance.
There is some security through obscurity.
Also, just want to point out: being open source doesn’t mean it’s more or less secure. There is plenty of vulnerable open source code out their.
Security concerns? Closed-source software is a security concern in itself!
Probably meant for military applications or classified materials.
Without a narrow and specific definition of what qualifies, this clause looks to me like a free pass to ignore the law. I hope its inevitable abuse will lead to a quick shoring up of the language.
Fuck does this mean LibreOffice might get actual sponsorship, funding, organizational support? And not be a buggy steaming pile of shit that crashes my computer every ten minutes???
An engineer can dream, right?
I hate spreadsheet and slide deck days. Please oh universe help me get back to my happy place: codeland.
I’ve never had LibreOffice crash my computer. Sure, it crashes occasionally, but it never takes anything else with it.
If you’re putting enough stuff into a spreadsheet to crash it, it’s time to move to a real database.
Nah, I work with real big data all the time—I’m a ML engineer/DataSci depending on the day.
It’s not crashing because I put a trivial couple hundred rows of data into a spreadsheet.
It crashes because there’s some conflict between its Java core and the Linux kernel I’m running it on. It’s been like this across many versions; I keep everything updated, etc. Tried many versions of Java, and OpenJDK because FuckOracle. I’m no Java developer though, so Inwouldnt be able to contribute unless they want to refactor the entire core to Rust in which case I’d love to help.
I send bug reports and it’s always just crickets—either they don’t know and don’t communicate that they don’t know, or don’t care, or more likely are just too busy with their realjobs to go on the hunt for a solution to a corner-case bug/crash scenario like mine probably is.
I use office programs so infrequently that I just deal with it. But if I was like my directors and managers who live and die by office productivity apps then I’d have to abandon LibreOffice and go to the closed-source solution.
Agreed with “fuck Oracle,” but isn’t the JVM the same regardless of where you compile it, Linux or something else?
Something seems off with the idea of a conflict between Linux and Java (and I am no fan of Java!)
It’s supposed to be the same everywhere, yes, that’s the whole point. I’m just listing some of the things I’ve tried to find stability with the program on my machine. Maybe it’s not LO vs Linux kernel, but LO seems to work ok on an old MacBook I use sometimes. I don’t use Windows so I don’t have a user experience there to compare against.
This makes entirely too much sense. I’d love to see sanity prevail and this to trend, but I no longer have reasonable hope for much anymore.
I do secretly feel bad for any government workers that were using Photoshop and have to switch to Gimp though.
Soon: “Open source software or pirated copies of photoshop only”
GIMP is fucking awesome what are you on about
Glad you love it. This is kind of a tired debate but specifically if you are well versed in Photoshop and try to convert to Gimp you feel like, well, a Gimp. From personal experience I tried for a solid year and it never felt right. I could still do the things I needed but it took longer and was more cumbersome. Probably a different story if you grow up with it.
Eh, really depends on the use case. For example if you want to edit something distributed in a psd format gimp won’t even tell you something got imported wrong. So the file will import but will look wrong.
And then there’s the UI. It just refuses to follow any current standards. Whether that’s a good or bad thing depends on the user.
Personally I use affinity photo. Works for my use case and is a one time purchase product, which for me is ok.
This is really cool. I do wonder how often “third-party rights or security concerns” will be deemed to apply, though.