Switzerland mandates all software developed for the government be open sourced
Switzerland mandates all software developed for the government be open sourced
Switzerland mandates all software developed for the government be open sourced
Switzerland mandates software source code disclosure for public sector: A legal milestone
Public money, public code!
IMO this should be the case for everything developed using public money, looking at you, pharmaceutical companies...
The issue becomes when things are developed with a mix of public and private money. I'm not saying we shouldn't tackle the issue, only that it can't be as simple as public money = public resource. If that were true, nearly all of us would be required to work for free, since we got the majority of our education through public funding.
Edit: It seems everyone ignored the generalization I was replying to. Yes, in terms of code it's actually relatively easy to require that a publicity funded project be open source and leave it at that. The business can decide if they want to write everything from scratch to protect their IP or if they want to open up existing code as a part of fulfilling/winning the contact.
In terms of other partially government funded projects, like the pharmaceutical example given, it's much more difficult to say how much of the process and result are thanks to public funding. That's really the only point I was trying to make, that it can get very hard to draw the line. With code, it can be relatively easy.
But it will be written in Schwiizerdütch, so no one outside of Switzerland will understand it. I think it's a dialect of Perl.
Your joke aside, which I thought was funny did remind me that as it happens, the Swiss do an amazing job in making things internationally accessible.
Take for example their spectrum management system that not only allows you to search for categories of users, handles kHz to MHz data entry, gives access to the legal provisions and then the legislation itself, does so in four languages.
They'll do with Swiss dialect of Lisp with grüezi instead of define.
This almost pleases RMS
This is the way it should be. Governments around the world have spent decades enriching big tech with public money, when they could have pooled their resources and built FOSS software that benefited everyone.
Same goes for science and everything else funded by tax payers.
Meanwhile my country's apps don't let you open them if you have Developer Options enabled on android :)
That's fucking hilarious
Same here, sure there's hacks and workarounds that don't require root... But still why the extra step...
I just want my window animation speed to be faster, why does that disqualify me from reading stuff sent to my government mailbox.
Which country?
India
Been contracting for the Swiss government for years, namely ASTRA. They have 0 concept of how that should happen. It's their IP, but they don't want to take it, host it, maintain it, or do anything else with it once the project is done.
Do they just expect others to foot the bill? Sure, free GitHub exists, but everything else? Open sourcing without maintenance is abandonware and usually useless.
In contrast, abandoned open source software can be picked up and updated by whomever gets paid to, where abandoned closed source software needs to be reimplemented from scratch at great expense to the tax payer.
Not only that, open source software can be adopted by the community (who already paid for the development through their taxes) for their own purposes. Consider for example the productivity impact on business that starts using tools that it cannot afford to develop itself.
Office things like document management, workflow management, accounting, but also tools used in the science community, transport and logistics, anything that government does is represented in some other way in society.
This is a big deal and I hope that it will reverberate across the globe and become the new normal.
Whilst we're at it, consider the impact of open data, where government datasets are available to the community.
I'll gladly upload my stuff into some repo they allow me to. I've inquired about it in the past - I wrote a piece of sw that fills a requirement hole left by a widely used SCADA tool - but they outright forbid it. That was about a year ago.
My point is less about open source and more about how they have no clue how to handle their IP even now. It's a nice gesture at best (at least currently. Maybe there's more on the way).
Whilst we’re at it, consider the impact of open data, where government datasets are available to the community.
That sounds like it would be pretty useful to get better quality statistical research papers (well, I guess quality would depend more upon the researcher), doable by people without corporate backing.
Isn't it already available in a lot of cases?
Whilst we're at it, consider the impact of open data, where government datasets are available to the community
*imagines Moscow* You still would need more trees and fix old rain drain system.
Step 1: all software has to be open source
Step 2: governments, required by law, to fund FOSS projects in their tech stacks. Helped by organizations which trace project funding and lobbying to promote FOSS security by providing funding; a huge incentive to not insert malware
Step 3: coders are afforded dignity (UBI); given funds geared towards affording a maintenance team. Regardless of country of origin. Vital infrastructure is vital infrastructure. Talent is talent.
I support this move to Step 1
Where is the list of pauper gov'ts which force talent to get a job rather than be a talent and then maintain their projects with dignity!
Those jobs are mostly nonsense. Geared towards wasting our time building:
-
yet another stupid web site
-
yet another stupid smartphone app
-
yet another stupid cloud base server instance
-
Used to be Lufthansa gave you toblerone
All governments should take notice
Open source will always be the best option, especially with a government supporting it! Imagine what government funding could do to accelerate improvements to Linux
Russia does some of it, probably most countries in EU and China do it.
"unless precluded by third-party rights or security concerns", so this bill does nothing
-
I imagine that the company would have the burden of proof that any of these criteria are fulfilled.
-
Third-party rights most likely refers to the use of third-party libraries, where the source code for those isn't open source, and therefore can't be disclosed, since they aren't part of the government contract. Security concerns are probably things along the line of "Making this code open source would disclose classified information about our military capabilities" and such.
Switzerland are very good bureaucracy and I trust that they know how to make policies that actually stick.
-
It does one thing: make every contract have a clause specifically to combat this...
I still think a good chunk of the code will be visible. You can have all the code up to the point where you call the proprietary function. Obviously you won't get to see what's inside that function but you can guess. Also, a lot of proprietary libraries have that functionality really well documented.
I work for a company which creates software for the government. Super exited for more OSS projects.
the government.
The Swiss government? What's it like?
Yep, the swiss government. Complicated is probably the best word to describe it. We are a very decentralized country (which makes sense for a country that was founded as a coalition to fight the royals that oppressed its people, none of those partners want someone to rule them) so every canton (state) does a lot of things differently than the other ones. But it is nice to see that after years of neglect they try to actually push digitalization by establishing common standards and systems.
It's nice, although a bit cheesy ;)
That's fucking amazing
Hopefully more governments will follow this. At the very least, the taxpayer should have the right for whatever software's source code that it funds development.
This makes me curious in the US on whether or not government app source code would be provided via a FOIA request.
You'd think so, but the answer is no. They've employed companies like Microsoft, Oracle, etc. to write up the security handbooks that says proprietary software is more secure. Heck, even electronic voting systems in the US is closed-source.
Generally, works of the US government are public domain.
However, most apps are produced on contract with development companies, and I expect the contract specifies that the rights remain with the developer.
Short version: no
Long version: I’m pretty sure; no. I believe that; tools used like apps would not be subject to FOIA.
I deal with public records requests at work… email, documents etc. sure thing, but I’m pretty sure that the AG would laugh at you requesting the source code for apps we use.
—- I could only wish that we were mandated to use only open source software
I think that's a good call.
If the people are paying for it through taxes, it shouldn't be contracted out to some company who lock further development behind their continued involvement.
I guess it's not convenient to have Microsoft and Apple scan your company images and employee emails. Even take screenshots automatically if they can get away with it.
Appearently other countries are fine with this, which surprises me much more.
I guess the corpo version of windows have these sort of things turned off? But ms can turn them on whenever they want.
This is specifically about software developer for the government. Microsoft office is then not included.
Switzerland being based af ngl 😎😎😎
Everything about this post is annoying.
Switzerland be W Rizz Skibidi af ngl 🤪
I hope more governments do this, especially after how unsurprisingly shit (read: insecure) microsoft has become.
Has become? When was it ever not?
Yeah it's always been shit but I do think they may have been referencing how the number of exploits and malware has only gotten worse over the years
Specifically I was referencing the recent Russian cyberattack on US government servers that were/are run by microsoft. The flaw was known about for years but no one did anything about it because profit.
Awesome!
Now there is some common sense.
There going to face a whole bunch of compatibility issues when dealing with other countries imho. However, i personally find this to be a good thing. Its at the very least a strike at the heart of big systems controlling the masses.
That's a very surprisingly amazing thing of them!
Wwwaiiiiiittt... So does this mean OS too? Is an entire country switching to the dark side? Linux, I mean Linux
"Windows wasn't developed for the Swiss government, it was developed for the general public and we adopted it off the shelf."
Found the Swiss, can't even take a joke¡
the right side
Together monkey strong!!
Tangential, but there's a long list of government github accounts here: https://government.github.com/community/
Can't wait for our US government to catch up never.
They actively fight progress in some areas.
bites lip, damn Switzerland…. that is hot as fuck
If only other non-podunk countries would follow suit.
Is Switzerland podunk now?
Is their Microsoft deal about to expire?
Good. Now try ODF, to have a choice aside from MS Office.
common switzerland W
after the recent microsoft hacks this is probably a good call
Nothing "recent" about Microsoft hacks, it's been happening for decades, the only difference is that the victim was you, now for a change, we have been made aware that Microsoft itself was hacked, but only because it impacted people outside Microsoft.
Microsoft was forced to reveal that it was hacked back in November 2023, and still hasn't managed to prove that their systems are not still compromised today in July 2024. Just so we're clear, their internal network was breached.
We also don't know if it started in November, or if that's just a convenient date because nobody externally has yet discovered evidence to show any different.
If the Lemmy repository was hacked and malicious code was added, people here would lose their shit. That's what hit Microsoft and the fact that it's only talked about in ICT professional circles is a good indication of just how bad this really is.
So, yeah, open source, open data, open governance, all of it.
I wonder how this will impact us infrastructure types. I am sure there must have been an exception to the rule at least once in my career but I can't recall any, code I have made for all governments has been open source and if you lost it somehow I would just email it.
My only concern would be the systems that my code runs on top of won't be willing to share. It is one thing to demand it from me, another to demand it from Siemens. Then you add in very low level code for individual devices such as VFDs
I guess the nightmare would be that PLC/DCS/VFD makers would basically be blacklisted and I would have to work around that fact.
My only concern would be the systems that my code runs on top of won’t be willing to share. It is one thing to demand it from me, another to demand it from Siemens. Then you add in very low level code for individual devices such as VFDs
It is about code they pay to create...
Nice, so everyone will see the shitty code used by the administration
As opposed to what?
I’m curious if this also applies to military or intelligence software. I’m guessing at the very least software embedded in weapons systems is not included. If I understood the article correctly there were some exemptions for security reasons.
This doesn’t seem like a big deal?
The fact the code is open sourced is much less significant than the fact now the Swiss government will need to negotiate complete ownership of any software they commission.
That’s going to make things more expensive for them, and limit the vendors prepared to work with them.
Their systems, their call 🤷♂️
No, that is counter intuitive. It may appear more expensive at first, but on the long run it is a lot more cheaper. It avoid vendor lock-in, recurring increase of dev costs and licensing and lots of other plagues of closed proprietary development like blackbox development and justification of hidden complexity as a driving factor on costs. I worked with legacy closed proprietary sw development and lock-in combined with legacy complexity made man-hour costs exorbitant. These are partially solved by open-sourcing, as kicking out a team and putting a new one is easier, but most importantly transparency as a driving factor on quality of development.
At least for ASTRA, for software developed in their projects that's already the case. Frameworks etc. used are not covered, but all source code for PLC and SCADA are theirs and you're required to hand over all code as part of documentation at the end. As a zip on a USB key, never to be looked at again.
the fact now the Swiss government will need to negotiate complete ownership of any software they commission.
I can't find it
And still I wonder why almost all public institutions use Micro$oft & Co...
Nothing to see here, Same BS, Laws that do nothing, See GDPR,
That's disappointing, they should mandate obligatory WhatsApp use country wide.
please tell me this is a joke
you forgot the /s
Open Source code for Science/Mathematics/Medicinal related fields 👍
Open Source code for Security/Social Media/Psychological related fields 👎
Security shouldn't be based on ofuscation but on a good cryptographic algorithm concept.
Remember when Apple was demanded to give their cryptographic key to the government to unlock """terrorists' phones"""
Cryptography is in state of quantum uncertainty here