Petition Launched To Get The White House To Open Source Healthcare.gov Code
from the should-have-done-it-before dept
After the disastrous technological launch of the healthcare.gov website, built by political cronies rather than companies who understand the internet, there has been plenty of discussion as to why the code wasn't open sourced. At that link, there's a good discussion from On the Media, with Paul Ford, discussing what a big mistake it was that the government decided not to open source the code and be much more transparent about the process. It discusses the usual attacks on open source and why they almost certainly don't apply to this situation.And, now, a "We the People..." petition has been launched, asking the White House to open source the code to Healthcare.gov:
Release to the open source community the source code to healthcare.gov, specifically all code written by CGI Federal.Of course, there are a few issues with this. First of all, while things created by government employees is automatically public domain, works created by contractors is not. So while conceptually we can argue that the code should be open sourced, it's not required by law. Second, and more importantly, it's a lot harder to take proprietary code and then release it as open source, than it is to build code from the ground up to be open source (and it's even more difficult to make sure that code is actually useful for anything). Indeed, if the code had been open sourced from the beginning, perhaps they wouldn't make embarrassing mistakes like violating other open source licenses.
It is believed that the enrollment issues with healthcare.gov are likely due to poor coding practices in components that are unavailable to the world's development community to evaluate. Code funded by taxpaying citizens should be made available to the general public as government funded development is generally public domain software. Please release the code so we may help fix any found issues.
By this point, open sourcing the code isn't going to fix things, but if more attention is put on the issue of closed vs. open code in government projects, hopefully it means that government officials will recognize that it should be open source from the beginning for the next big government web project.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: healthcare.gov, open source, white house
Reader Comments
Subscribe: RSS
View by: Time | Thread
https://en.wikipedia.org/wiki/GT.M
https://opensource.com/health/12/2/join-m-revolution
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
M$ is a private corporation, they can do what they want with their code.
Healthcare.gov was funded by taxpayer money, so the government should at least included an open source requirement in the contract, but more likely own the codebase. I work for an software developer company, and the code I write is owned by the client (it's actually stored on their servers), with no problems.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Wow, you ain't paying attention Was Re:
Parts were because 3 days ago on this very website it was noted that GPLed/BSDed code was used and had the copyright notice removed.
[ link to this | view in chronology ]
It's also like trying to demand that the government reveal it's NSA spy program ... they simply aren't going to reveal that information.
My guess? Either the White House will ignore the petition (i.e., no response), they'll remove the petition, or issue the standard denials.
[ link to this | view in chronology ]
Re:
LoL
[ link to this | view in chronology ]
Re:
Details the sectors the Federal Reserve invests in ARE public knowlege, you jest have to read the financial statements, the notes to which are more dry then the US Penal code.
General information on the types of spying we do is normally public knowlege. Everyone knew the CIA could wiretap email providers, everyone knows you can wiretap cell phones. We didn't know how easily they could do it (very) and who they were wiretapping (everyone). But we knew they could. So even amongst spy programs, transparancy can be better.
The source code for a website is not crititcal to the national infrastructure. And given the coleslaw that is that code, the only reason to hide it is to hide how much hack that code actually is.
[ link to this | view in chronology ]
Re:
There's no nice way to say this, so: this is complete, utter, ridiculous bullshit. It demonstrates a nearly-complete misunderstanding of how security works in the real world. You are BADLY in need of remedial education in the fundamentals of IT security, and I suggest that you immediately avail yourself of the resources necessary to raise your comprehension level at least to that of "novice".
[ link to this | view in chronology ]
Re:
The healthcare.gov site doesn't concern foreign enemies, or anything like that. It's purely domestic, and the petition comes from American citizens willing to VOLUNTEER their time to help fix website problems.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
"To release that code would make the government's website vulnerable to attack"
Security flaws make the website vulnerable. Releasing the code would only make it public.
Familiarize yourself with the term Security through obscurity
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Just want to see it...
[ link to this | view in chronology ]
The rest of the web runs on Open Source
I'm sure this request will be ignored, which is sad because this administration was initially elected on promises of openness and transparency.
[ link to this | view in chronology ]
Re: The rest of the web runs on Open Source
It's always been this way -- anyone who has studied the history of the Internet (and ARPAnet) (and CSnet) (and Usenet) knows this. So do those of us who lived it. What you're doing right now online would not exist were it not for the things I listed in the first paragraph.
There is an old -- but still highly relevant -- explanation of this here: http://www.netaction.org/articles/freesoft.htm
What that author said, 15 years ago, is even more true today. Closed software/protocols/formats/standards are of no importance to the Internet and may safely be immediately dismissed with prejudice, as may anyone advocating them. Moreover, that author's points understated the situation even then, and of course today they are massive underestimates of the state of affairs: open-source rules, and only inferior, primitive, backward-thinking people use closed-source software.
[ link to this | view in chronology ]
Re: Re: The rest of the web runs on Open Source
I am wondering about the ways in which the HTTP framework gets structured predominantly by corporate enterprise. Perhaps an issue of my ignorance, but I understand that the Internet is much 'deep'er than the majority of us experience (vis-a-vis Google, Microsoft, Facebook, Twitter, etc). If it is the case that the Internet is much deeper, and that it was perhaps organized later by corporate manipulation, is this not a counter argument to your intervention about an open source genealogy inviting open source solutions?
Again, I am not familiar on the debate between the depth of the Internet, and how it is controlled through private sector enterprises. I am assuming here that somehow the HTTP framework (?) has come under the purview of corporations and governments, and so open source struggles as a basis for performance and intervention.
Any thoughts are very much appreciated.
[ link to this | view in chronology ]
Re: The rest of the web runs on Open Source
Reality, releasing code wille expose vulnerabilities that will exist until fixed.
Seems like we got some non-practitioners commenting from their ps3.
[ link to this | view in chronology ]
Re: Re: The rest of the web runs on Open Source
Seems like we got some non-practitioners commenting from their ps3.
30+ years of experience, including installing the firewalls for multiple Fortune 100 companies, and I'm writing this from OpenBSD. Nice try.
[ link to this | view in chronology ]
Re: Re: Re: The rest of the web runs on Open Source
[ link to this | view in chronology ]
Re: Re: Re: The rest of the web runs on Open Source
Nice try again, keep at it. When you are at 40+ years of installing firewalls, maybe you will qualify for some vocational training.
[ link to this | view in chronology ]
Re: Re: The rest of the web runs on Open Source
Funny that you bring the subject of hacking and Sony up at the same time:
https://en.wikipedia.org/wiki/PlayStation_Network_outage
Incidentally, where can I get the source code for the PlayStation Network?
But kidding aside, both closed source and open source software are equally vulnerable to attack.
The difference is that in the open-source world, once a bug is found, it is often quickly fixed, even in a matter of minutes some times. In the closed-source world, that is not so. Just look at how terribly Oracle or Microsoft handle software updates: Oracle is negligent, holding back java updates even where there are already exploits in the wild, and Microsoft is incompetent, often releasing updates that wreck people's machines (see the deployment of Windows 8.1 for the latests failure).
Also, in the open-source world, if someone introduces some sort of suspicious bit of code, that code is more likely to get caught before it even makes it into any production environment by virtue of the code being scrutinized by many people. Compare that with closed-source code, where code can have all sorts of backdoors and you will never know about it until someone hacks you. For and example of this, see the most recent D-link router fiasco, where they found that D-link routers had an unpatched backdoor for over 5 years.
Open-source is not a silver bullet, but anyone that claims that open-source is inherently less secure is being ignorant at best, and FUDing at worst.
[ link to this | view in chronology ]
I wanted to change the world
[ link to this | view in chronology ]
Contract for hire is whatever the hiring agent says it is.
If I contract you to work for me, and all rights are assigned to me as "work for hire", you don't have copyright. I do. And if I release that source, then tough cookies. Sure, it's not automatic, but "works for hire" exists.
-C
[ link to this | view in chronology ]
The more you add to a project the later it becomes
It's too late to open source it, it's too late to send in a surge of more tech people.
[ link to this | view in chronology ]
Re: The more you add to a project the later it becomes
Actually its not to late open source the code. Whether the code is open source or not is primarily now a political decision.
The problem is the tech surge will likely slow down process because the new people will need time to read and understand the code they have never seen before. Plus they have to be briefed on what the problems are, again more time needed.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Probably too late, need to start over
[ link to this | view in chronology ]
[ link to this | view in chronology ]