Finally! SecDef signs Clarifying Guidance Regarding Open Source Software
It is official! As of the 16th of October 2009, the United States Department of Defense recognizes Open Source software as Commodity, Off the Shelf (COTS) software, eligible for purchase, read implementation, under the purchasing rules of the Department.
Why is this a big deal? Because, until this point, using Open Source software in any form within the DOD and associated programs required a great deal of scrutiny and in many cases, it meant that it could not be used. Now, before you jump up and tell me about this or that program, yes, Open Source software is used in a number of areas – many in custom applications, but the use is program by program, at the discretion of the program office. Just because on program office says yes to Open Office, does not mean that another program office can use Open Office automatically, even if the mission statement is essentially the same. I am greatly simplifying the issue – the intricacies of the Federal Acquisition Register are frankly byzantine even for those that understand it. This now allows program and departmental level organizations to be able to compete, in a true, fair and open competition the best solution for the mission, and that is a big deal, because up until now, that has not been the case.
As a side note, this memo was discussed in a meeting of Open Source folks I attended in DC more than two years ago. Then it was stuck in the Secretary of the Navy’s office, having been drafted by the staff of the Office of the Naval CIO. The big question everyone was asking at the time was not when would SecNav sign it, but when would SecDef sign it.
This has been a long time coming.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Devuan Beta Release
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The US Government and Open-Source Software
- The Humble Hacker?
- The Death of RoboVM
- BitTorrent Inc.'s Sync
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide