←back to thread

The state of Schleswig-Holstein is consistently relying on open source

(www.heise.de)
597 points doener | 1 comments | 07 Dec 25 13:21 UTC | HN request time: 0.001s | source
Show context
GnarfGnarf ◴[07 Dec 25 13:48 UTC] No.46181666[source]
I'm a Windows/macOS developer, but I strongly feel that all national governments need to convert to Linux, for strategic sovereignty. I'm sure Microsoft, under orders from the U.S. government, could disable all computers in any country or organization, at the flick of a switch.

Imagine how Open Source Software could improve if a consortium of nations put their money and resources into commissioning bug fixes and enhancements, which would be of collective benefit.

Apart from a few niche cases, the needs of most government bureaucracies would be well served by currently available OSS word processing, spreadsheet, presentation and graphics software.

replies(13): >>46181734 #>>46181848 #>>46181909 #>>46181927 #>>46181997 #>>46182103 #>>46182235 #>>46182308 #>>46182425 #>>46183228 #>>46184253 #>>46189067 #>>46203643 #
al_borland ◴[07 Dec 25 14:30 UTC] No.46181909[source]
Today when a government pushes for a backdoor we often see companies push back. The FBI publicly complained about iMessage encryption a lot, and currently Apple is also telling the government of India they aren’t going to install their “security” software… those are just a couple examples.

What happens when major OSS projects are controlled by the governments themselves? Will David still beat Goliath?

replies(4): >>46181928 #>>46182116 #>>46182117 #>>46182884 #
lucianbr ◴[07 Dec 25 14:57 UTC] No.46182117[source]
How does anyone "control" an OSS project in the sense that you are talking about, so the ability to insert backdoors or activate kill-switches? Maybe Linus controls Linux, but can he "flick a switch and kill" any running kernels? He might be able to insert backdoors, but will they go unnoticed? Would anyone be forced to install them? Just patch the code to remove the backdoor.

I feel that you wrote some words that only seem to make sense if we don't think about them too much.

replies(3): >>46182260 #>>46182274 #>>46182715 #
al_borland ◴[07 Dec 25 15:16 UTC] No.46182274[source]
The thought was that the government would effectively become the largest employer of OSS developers who would then be compelled to follow directions or be out of a job. Would there be enough independent developers to review millions of lines of code, patch out any back doors, or fork and maintain an entirely separate projects, since none of the government protects can be trusted?

Could the government also dictate the operating system and software people use to make sure it is the state sponsored one? If I’m not mistaken some similar actions have happened in N Korea and China.

I’m not saying this is an inevitable outcome, but just trying to think of worst case scenarios. A lot of terrible things have started with good intentions.

replies(3): >>46182309 #>>46182825 #>>46183473 #
1. lolc ◴[07 Dec 25 17:41 UTC] No.46183473[source]
You're saying that a state can upstream patches with planted backdoors. Thruth is, this is possible in all software. It's not specific to state-sponsored open source software. So your scenario is a reality whether you want it or not. And open source is not particularily vulnerable either. People forget this.

Now a lot of people would be angry if my state decided to spend money on security flaws. I imagine an elected representative try to explain how they wanted to misspend funds allocated to improve software and plant flaws instead. That would not go down well here or in Germany. Try to hire people for this in Germany and see how long you last till your little op is public.