Linux in Government: GNU/Linux Clears Procurement Hurdles
In the first quarter of 2004, sales of GNU/Linux servers increased 56.9% over the same period in 2003. That performance follows six consecutive quarters of double-digit growth for the free operating system, according to a report by IDC. Although Linux currently has the best growth rate of any operating system globally and has cleared major procurement hurdles for government entities, Linux gains remain limited compared to those of other government vendors.
In a recent article in internetnews.com, Sean Michael Kerner interviewed me with regard to gains made by Linux in government. His article focused on the decision by Munich and Bergen to deploy Linux. Here's what Sean wrote:
According to Tom Adelstein, Linux and open source consultant, the Munich decision is a failure in the Microsoft political machine. "It makes a similar statement about Microsoft, as does the EU's decision to fine Microsoft for anti-trust violations," Adelstein told internetnews.com. "The Munich voters represent a large body compared to cities in the U.S. This was more of a popularity contest than a technical decision. I would not call it a win for Linux as much as a defeat for Microsoft," he said.
Sean did not want to go where I wanted to lead him. He wrote a positive article that made the gains in Europe seem like Linux was winning the OS wars. That may provide plenty of excitement for readers, it's simply not the whole truth.
Linux usage in government and education in the United States remains small at best. Microsoft still owns an astounding 95% of the market. In spite of logic and reason, government decision makers cannot pull themselves away from Microsoft, even in the face of US government warnings.
Microsoft owns the mindshare of information technology in this country. After settling anti-trust suits with Sun Microsystems for somewhere around two billion dollars, people saw that as a win for Redmond. In the past couple of years, Microsoft has settled anti-trust and copyright infringement litigation at a dizzying rate, and people still shrug their shoulders as if to say, "It's okay, I'll just reboot again". That's the Microsoft two-step.
In the government and educational sectors, people easily can add up the cost savings. You don't need a rocket science pedigree to see the savings or the vast amount of software available to run schools and governments. Still, people shrug their shoulders and sign purchase orders for Microsoft products.
In a June 30th article in eWeek, Steven J. Vaughan-Nichols wrote:
The state of Mississippi has launched a Linux-based, mobile public safety system that links police, fire and emergency services to a single DB2 database. Sen. Thad Cochran, R-Miss., announced the successful initial deployment of the public safety system, Mississippi ASP (Automated System Project)--a mobile data infrastructure that's based on IBM eServer hardware and IBM DB2 and Novell SuSE Linux software-at a press conference at the University of Southern Mississippi.
That sounds great, doesn't it? Unfortunately, Linux plays a minor role in this project. The system is really based on Microsoft .NET technology, not Linux. The vast majority of the funds went to the purchase of products from InterAct Public Safety Systems. One of InterAct's core competencies is converting legacy Cobol system applications to .NET applications.
IBM did sell hardware to ASP and did deliver SuSE Enterprise Linux software, but that is not where the money went. You did not see Microsoft executives throwing a fit over the ASP project, because they know their solution dominates. Ultimately, the advocates at ASP and southern Mississippi will have an open-source project, but it's years away.
Microsoft has done such a grand job of owning the mindshare in the technology field, it even has Linux advocates attacking Sun Microsystems and Novell promoting .NET technology in the form of Ximian's Mono programming language. Okay, shrug and reboot--do the Microsoft two-step.
On July 1, 2004, the Executive Office of the President of the United States issued a memorandum for Senior Procurement Executives and Chief Information Officers. The memorandum emphasizes the President's previous memorandum titled "Maximizing Use of SmartBuy and Avoiding Duplication of Agency Activities." In this latest memorandum, OMB 04-16, the President issued the following ground-breaking statements:
This reminder applies to acquisitions of all software, whether it is proprietary or Open Source Software. Open Source Software's source code is widely available so it may be used, copied, modified, and redistributed. It is licensed with certain common restrictions, which generally differ from proprietary software. Frequently, the licenses require users who distribute Open Source Software, whether in its original form or as modified, to make the source code widely available. Subsequent licenses usually include the terms of the original license, thereby requiring wide availability. These differences in licensing may affect the use, the security, and the total cost of ownership of the software and must be considered when an agency is planning a software acquisition.
Microsoft government advocates have fought the eventuality of this pronouncement. In the past, we had to fight the proprietary language in Requests for Proposals from all government entities, which kept open-source projects out of the procurement mechanism.
In May 2004, Oracle helped Red Hat achieve its Common Criteria certification. Version 3 of Red Hat Enterprise Linux was certified to meet Evaluation Assurance Level 2 (EAL2) of the Common Criteria certification, which means it can be deployed in government and in the DoD. It also means Red Hat and Oracle can sell into security sensitive markets, such as federal insurance banks, stock brokerage firms and other government contractors.
In January 2004, less than a year after achieving Evaluation Assurance Level (EAL) 2 for SuSE Linux Enterprise Server 8, SuSE earned (EAL) 3, the next level of certification. Atsec Information Security GmbH, along with IBM, assisted SuSE with the certification process. This was the first major accomplishment for Enterprise Linux.
Common Criteria provides standards for security for mission-critical software. Certification costs millions of dollars and provides a seal of approval recognized by government agencies and enterprise IT professionals. Countries that recognize the Common Criteria include the United States, Canada, the United Kingdom, Australia, New Zealand, Germany, France and Japan.
If one takes those wins alone, you can understand why GNU/Linux sales have increased in double-digit figures for approximately two years running. IBM, HP and Oracle have done a good job of promoting GNU/Linux through their partnerships with Red Hat and/or SuSE. The IBM Linux Competency Center has a great number of open-source projects of which few people are aware.
- Linux Kernel Testing and Debugging
- NSA: Linux Journal is an "extremist forum" and its readers get flagged for extra surveillance
- Tails above the Rest, Part III
- Wanted: Your Embedded Linux Projects
- RSS Feeds
- The 101 Uses of OpenSSH: Part I
- Dolphins in the NSA Dragnet
- Tails above the Rest: the Installation
- Are you an extremist?
- Tails above the Rest, Part II