Archive for 'opensource'
Now this is how open source is meant to work.
In January 2007, the French defence ministry's Direction Générale de l'Armement began work (in association with BT) on a project called Milimail, to enhance Firefox's open-source cousin, the Thunderbird email client for military purposes. It's now known as Trustedbird - and lists among its additional features:
- Deletion receipts (MDN);
- Delivery receipts (DSN);
- Encryption/Signing with triple wrapping;
- RFC 2634 Security Labels and Signed Receipts;
- Address autocompletion with several LDAP directories;
- CRL download from LDAP directories;
- Manage Out of Office settings on a Sieve server
...only some of which I even begin to understand. But apparently, the key enhancement is the fact that you can 'know for sure when messages have been read, which is critical in a command-and-control organization' - according to Mozilla executive David Ascher, quoted by Reuters. And that's good enough for it to hook into NATO systems.
What's more, code from the French project found its way into Thunderbird's v3 public release last December - making the product better for everybody.
The recently revised UK government policy on open source seemed to focus solely on the procurement angle. But as Trustedbird demonstrates, there's potential for the benefits of open source to go much, much wider.
And if a particular open source product doesn't quite meet your exacting specification, that shouldn't mean you simply dismiss it. Ask not what open source can do for you, you might say; ask what you can do for open source.
A bit out of the blue, this morning saw a revision of the UK government's open source policy. And whilst it still doesn't quite endorse the notion that open source solutions are fundamentally better solutions, it does ratchet up the expectations.
Last year's revision to the 2005 policy statement introduced a subtle - but, I thought, very important - 'tiebreaker' clause: 'Where there is no significant overall cost difference between open and non-open source products, open source will be selected on the basis of its additional inherent flexibility.' I felt it read 'like a document which wanted to say more, but didn't feel able to.'
Well, in the intervening twelve months, the Cabinet Office appears to have grown a little in confidence. The 2009 policy included the following 'Supplier Challenge':
Building on the actions above, Government Departments will challenge their suppliers to demonstrate that they have capability in open source and that open source products have been actively considered in whole or as part of the business solution which they are proposing. Where no overall open source solution is available suppliers will be expected to have considered the use of open source products within the overall solution to optimise the cost of ownership. Particular scrutiny will be directed where mature open source products exist and have already been used elsewhere in government. Suppliers putting forward non-open source products will be asked to provide evidence that they have carefully considered open source alternatives and to explain why they have been rejected.
... to which has now been added:
If they are unable to provide evidence of fair consideration of open source solutions, their bid will be deemed non-compliant with government policy and the proposal is likely to be automatically be delisted from the procurement.
The only other significant change to the Action Plan itself is the introduction of a requirement for:
Clear guidance that where public sector organisations have procured ‘perpetual licences’ from proprietary vendors, a shadow licence cost will need to be applied to the cost of the licences. Where an agreement has been reached on behalf of the Crown, this price will be applied as the shadow cost. Where no agreement has been reached on behalf of the Crown, the shadow cost will be the non-discounted list price of that product from the vendor.
... but apart from that, and a few consequential tweaks here and there, it's all more-or-less word-for-word identical to last year.
So it's still a good document, fundamentally pointing in the right direction. But it now comes with an explicit threat to suppliers that if they can't demonstrate that open source can't be at least part of their solution, their bid is 'likely' (although not perhaps guaranteed) to be binned. Presumably because that explicit threat proved itself to be required over the past 12 months.
We're a year down the line, and it would be nice if there weren't quite so many statements in the future tense. It's also a shame we don't have some more inspiring examples to quote. But this revision hardens the policy in a potentially significant respect - and we should certainly give it a chance.
However, I have a nagging feeling that at some point, we're going to need a specific high-profile victory for Open Source, to give it real momentum in government. An order to replace a common proprietary product with an open-source equivalent. A department switching from Windows to Ubuntu? Replacing MS Office with OpenOffice? Neither of those seem likely.
I suspect the only realistic win is the web browser - abandoning IE in favour of Firefox or Chrome/Chromium. And it's not as if we don't have good reason to do so.
Oh, one more thing. It's entirely to the Cabinet Office's credit that they have proactively offered the policy up for comment, working with the WriteToReply guys. It's WordPress-based, sitting on WriteToReply's hosted platform.
You might have seen coverage in the last few days of the Government's forthcoming ICT strategy - 'New world, new challenges, new opportunities' - which leaked out last week, and is due to be published next week to coincide with the Pre Budget Report. The first I saw of it was at UKAuthority.com, with follow-up coverage in places like Kable and Silicon.com. The key elements seem to be a move to cloud-based computing, a common desktop and common applications (known as the 'Government Applications Store', not a label I'm especially keen on); plus a restatement of policy on things like Open Source.
But here's where it gets interesting. One of the recipients of the leaked document was the Conservative Party. And they've taken it upon themselves to republish it, in full, on a commentable web platform. (Which happens to be WordPress. Just thought I'd mention that.)
I'm not going to offer any comment on the strategy itself just yet: there's something slightly uncomfortable about it being a leaked document, still apparently 'work in progress'. But it's a fascinating development nonetheless. We've seen academics and activists opening up documents like this: never a political party - although the only indication of the site's origins is the obligatory reference in the footer. No logos, no explicit definition of who 'we' are, when it says on its homepage:
We have built this website to share with you a leaked copy of Labour’s report on public sector IT, which was scheduled to be published in the days ahead. ... We think there’s a better way. ... we believe that crowdsourcing and collaborative design can help us to make better policies – and we think this approach should begin now. This website allows you to post your comments and suggestions on this leaked Government report. We want to hear your ideas – and we will be responding to your thoughts in the weeks ahead.
The makeitbetter.org.uk domain was only registered on Friday last week; and it looks like the content was copied-and-pasted into the site during Saturday afternoon. It's a modest build, using a plain off-the-shelf theme, and to be honest it lacks a certain finesse: no 'pretty permalinks', no mention of RSS, no subscribe-to-comments, etc. But it's up there, in double-quick time, whether or not the Cabinet Office wanted it up there. And it's a case study for how negligible-cost hosting plus free software, specifically WordPress, can change the game. As I may have mentioned here before.
It'll be fascinating to see what kind of comments it attracts. (Here's the site's comment feed, if you want to follow it.)
I'm sure we've all done it. You're creating a new WordPress installation, and for a bit of privacy whilst you build the thing, you choose not to 'allow my blog to appear in search engines like Google and Technorati'. But in the rush to get the site out the door, you forget to switch the setting to make it 'visible to everyone, including search engines'.
So I've created a laughably simple WordPress plugin called 'Robots.txt Reminder', which adds a notification message to the top of all Admin pages if it detects that (a) your blog is set to block search engines, and (b) your user capabilities allow you to make the change. It's kinda hard to ignore, but that's kinda the point.
Click here to download robotreminder.zip, then - assuming you're using one of the more recent versions of WordPress, and are able to do automated updating - upload the zip file as-is, by clicking on Plugins -> Add New -> Upload.
It's not the first plugin I've ever coded, but it's the first plugin I've ever 'released' like this, so please be gentle.
They're clearly sensitive to this question, as there's a whole section about it on the Glow website itself, specifically referencing my own current favourite, jQuery. 'On reviewing the major libraries we found that none met our standards and guidelines, with browser support in particular being a major issue,' they explain.
So why not contribute to something like jQuery, to make up for its deficiencies? Isn't that the whole point of open source? 'Many of the libraries had previously supported some of our "problem" browsers, and actively chosen to drop that support... Forking an existing library to add the necessary browser support was another option, and one that might have had short term benefits. However, as our fork inevitably drifted apart from the parent project we would be left with increasing work to maintain feature parity, or risk confusing developers using our library.'
Plus, crucially, this isn't about a bunch of geeks directing their spare-time volunteering efforts in one direction, rather than another. These are people being paid real money, taxpayers' money, to do this, at a time when the BBC is supposed to be trimming its ambitions. If they're at a loose end, perhaps they might want to address the News homepage's 416 HTML validation errors, and abandon the 'table' markup.
The explicit references to the internet in David Cameron's big speech on 'fixing broken politics' this morning don't come until the end. All MPs' expenses to be published online; the same will go for 'all other public servants earning over £150,000'. An Obama-esque pledge to put all national spending over £25,000 online. A commitment to 'publish all Parliamentary information online in an open-source format' (whatever that means). An end to the 'ridiculous ban on parliamentary proceedings being uploaded to YouTube'. All good, on the face of it.
But the underlying message throughout the speech, empowerment of the individual, is really only a reflection of the changes being brought about by the internet revolution. We expect to be able to do things now, in our daily lives, which seemed like science-fiction only a few years ago. It's really not that long ago that '28 days for delivery' was a standard; now we get fidgety if our delivery isn't here within 2 or 3 days. Your mobile phone has instant access to every fact in the world, within seconds.
So Cameron's talk of 'giving people the power to work collectively with their peers to solve common problems' isn't really the articulation of a great vision: it's a reflection of a reality that's already with (many of) us. Likewise, transparency isn't really something within his gift. 'At the length, truth will out,' Shakespeare wrote as far back as 1600; it's just that these days, it gets out a heck of a lot quicker.
Having said all that, there are some parts of the speech which make me feel a little uncomfortable. I find it difficult to hear an Old Etonian and Oxbridge-graduate speaking up for ordinary people feeling 'deprived of opportunities to shape the world around them, and at the mercy of powerful elites that preside over them'. And similarly, when he says 'we rage at our political system because we feel it is self-serving', I find my eyebrows raising at the use of the word 'we'. (A bit like when Five Live presenters talk about 'the media' in the third person.)
But the reality is, this is the man who currently seems most likely to be running the country in a year's time. The power will be in his hands. And whether he's doing it by choice, or just recognising the way the wind is blowing, he's talking about diluting that power, boosting transparency, and embracing the web. We like.
I wrote the other week about 'the implications of free': how the widespread availability of high-quality technology changed the rules when it comes to project management. Another example struck me today, around COI's ongoing consultation on improving government websites.
There's a lengthy section on measuring website usage, with detailed proposals around the new requirement for website auditing, kicking in imminently with the aim of ensuring that 'the rules for measuring the number of Unique User/Browsers, Page Impressions, Visits and Visit Duration have been implemented correctly'. Government websites' data will be audited twice a year, at a minimum cost of £1,740 per audit.
So what's the alternative in the post-free world? How about a centrally managed, mandatory, open-source web analytics package - like Piwik?
- It wouldn't stop departments running their own analytics packages, if they so desired. Not that many would want or need to.
- Implementation of appropriate standards - statistical, technical, privacy, transparency, etc - could be guaranteed by experts at the centre.
- Lower overall cost: in terms of purchase, ongoing licensing & support, and of course, auditing.
- Freedom to tailor it to particular government requirements, if any.
I must say at this point, I've got no direct experience of Piwik myself: but the demo looks great, and it's used by people I respect - such as Sourceforge and MySociety (eg TheyWorkForYou). Plus, as TWFY demonstrates, you can use Piwik alongside other tracking methods: they seem to have two others on the page too. It's still at version 0.something, but they're pledging to hit v1.0 'in 2009'. (Actually, can any of the MySociety gang share their experiences?)
Instead, where will the COI guidance leave us? Website owners will face a financial penalty (admittedly a relatively modest one) if they aren't using a 2-star rated ABCe Associate Subscriber. And how many of these 'recommended' analytics tools are open source, do you think?
We need to increase the pace. We want to ensure that we continue to use the best possible solutions for public services at the best value for money; and that we pay a fair price for what we have to buy. We want to share and re-use what the taxpayer has already purchased across the public sector – not just to avoid paying twice, but to reduce risks and to drive common, joined up solutions to the common needs of government. We want to encourage innovation and innovators - inside Government by encouraging open source thinking, and outside Government by helping to develop a vibrant market. We want to give leadership to the IT industry and to the wider economy to benefit from the information we generate and the software we develop in Government.
I'd be grateful if COI would consider this as Puffbox Ltd's contribution to the consultation exercise. Thank you.
I'm in the early stages of spec'ing up a new site build. The client helpfully provided a wireframe sketch of the homepage, which included - deep breath - a news ticker. And for the first time in living memory, I haven't recoiled in horror. In fact, I'm quite happy to give it to them.
Previously, my response would have been to open up a cost-vs-benefit discussion. In my experience, people (arguably the less web-literate?) like to see tickers, but they don't actually ever use them. So is it worth me programming a function nobody really wants, just so you can pretend to be the BBC? Maybe, maybe not. Generally speaking, the ticker idea soon falls off the mockups.
Suddenly, any approach based on cost-benefit analyses goes out the window. The cost is virtually zero, so if there's any potential benefit to be derived from doing something, the test is passed. That doesn't mean we should throw everything at any given project; but it does mean we might as well drop it in, and see if it works.
For me, this is the challenge of the Open Source Era for big corporate clients like government. Procurement and project management processes have been built up to handle projects costing millions. We spend huge amounts of money ensuring that we don't waste all the money. But what if the cost of the job is zero, or something close to it?
This is why I'm bit perplexed by COI's new WordPress-based consultation on Improving Government Websites. There's a huge section on measuring costs: they're suggesting you might/should report an associated cost against each of nearly 200 activities. But how can you put a cost against something like (for example) RSS feeds in a WordPress build, when they're built-in, in numerous different ways, whether you like it or not?
The line which jumps out at me from today's new government 'Action Plan' on open source software is quite a neat encapsulation of the entire document:
Where there is no significant overall cost difference between open and non-open source products, open source will be selected on the basis of its additional inherent flexibility.
Fundamentally, the policy on Open Source hasn't changed much, if at all. Instead of just considering Open Source, civil servants now have to 'actively and fairly' consider it. I'm not sure what practical difference that tweak will make: but the subtext is pretty clear.
Likewise, I don't imagine the 'tiebreaker' clause will be invoked very often, not explicitly. But what's important is that it doesn't say there's potential to be more flexible, it says - rightly - that the flexibility is inherent.
The Action Plan reads like a document which wanted to say more, but didn't feel able to. It sets out to reassure the bureaucrats that Open Source isn't a risk, is already widely used, and can be taken seriously. It talks up the notion of 'open source culture', and warns against procedural barriers. It goes as far as it can towards saying 'please use it more!' - but in the world of procurement politics, and billion-pound budgets, perhaps you can't realistically expect it to go any further. Opposition politicians aren't under such restraint, of course.
Will this make a difference to me, as someone who ultimately makes most of his living from selling open source to government? Not really. In fact, I feel as if Puffbox has been putting a lot of these principles into practice for some time. We didn't need to be told to; we just felt it was right to do so.
I've always felt perfectly comfortable making the case for open source on its own merits, and had plenty of success too, without having to wave around a Cabinet Office document - the 2004 policy has literally never come up in conversation. And whilst it might be useful to have a list of officially approved products (action point #4), I don't expect departments to accept documentation in OpenOffice format (#8) any time soon.
Writing on Comment Is Free, Hazel Blears reckons Labour's problem is that it has become distanced from its voters. 'The problem is the powerlessness within the system for the majority of people,' she writes. 'People feel that their views disappear into a black hole, without the slightest echo.'
Hazel's solution is 'a healthy dose of direct democracy': more directly elected mayors, a reinvigorated co-op movement, and online petitions. 'Petitions, especially on-line, should be used to guide the deliberations of local councillors and ministers,' she says. 'Petitioners should be able to press for debates in council chambers and even parliament.'
If that inspires anyone to set up their own petitions system... don't forget that the Downing Street petitions system, built by MySociety, is 'open source', meaning you can download and use it free of charge.