this post was submitted on 26 Jul 2024
533 points (98.9% liked)

Technology

59696 readers
2677 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Switzerland has recently enacted a law requiring its government to use open-source software (OSS) and disclose the source code of any software developed by or for the public sector. According to ZDNet, this “public body, public code” approach makes government operations more transparent while increasing security and efficiency. Such a move would likely fail in the U.S. but is becoming increasingly common throughout Europe.

According to Switzerland’s new “Federal Law on the Use of Electronic Means for the Fulfillment of Government Tasks” (EMBAG), government agencies must use open-source software throughout the public sector.

The new law allows the codifies allowing Switzerland to release its software under OSS licenses. Not just that; it requires the source code be released that way “unless the rights of third parties or security-related reasons would exclude or restrict this.”

In addition to mandating the OSS code, EMBAG also requires Swiss government agencies to release non-personal and non-security-sensitive government data to the public. Calling this Open Government Data, this aspect of the new law contributes to a dual “open by default” approach that should allow for easier reuse of software and data while also making governance more transparent.

top 22 comments
sorted by: hot top controversial new old
[–] SorteKanin@feddit.dk 43 points 4 months ago (1 children)

Security concerns? Closed-source software is a security concern in itself!

[–] yeather@lemmy.ca 19 points 4 months ago

Probably meant for military applications or classified materials.

[–] Imgonnatrythis@sh.itjust.works 36 points 4 months ago (2 children)

This makes entirely too much sense. I'd love to see sanity prevail and this to trend, but I no longer have reasonable hope for much anymore.

I do secretly feel bad for any government workers that were using Photoshop and have to switch to Gimp though.

[–] skittle07crusher@sh.itjust.works 12 points 4 months ago (2 children)

GIMP is fucking awesome what are you on about

[–] Imgonnatrythis@sh.itjust.works 12 points 4 months ago

Glad you love it. This is kind of a tired debate but specifically if you are well versed in Photoshop and try to convert to Gimp you feel like, well, a Gimp. From personal experience I tried for a solid year and it never felt right. I could still do the things I needed but it took longer and was more cumbersome. Probably a different story if you grow up with it.

[–] BakedCookie@lemmy.dbzer0.com 8 points 4 months ago

Eh, really depends on the use case. For example if you want to edit something distributed in a psd format gimp won't even tell you something got imported wrong. So the file will import but will look wrong.

And then there's the UI. It just refuses to follow any current standards. Whether that's a good or bad thing depends on the user.

Personally I use affinity photo. Works for my use case and is a one time purchase product, which for me is ok.

[–] scratchee@feddit.uk 7 points 4 months ago

Soon: “Open source software or pirated copies of photoshop only

[–] Pistcow@lemm.ee 25 points 4 months ago (4 children)

I mean wouldn't everything be a security concern in relation to government agencies?

[–] adam@doomscroll.n8e.dev 34 points 4 months ago

I work for the UK government. Everything my organisation does is licensed in either MIT or OGL (https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/)

Developing code in the open really helps ensure you nail down your secure coding practices.

[–] Petter1@lemm.ee 14 points 4 months ago (1 children)

In my opinion especially security code needs to be open source…

[–] jabathekek@sopuli.xyz 5 points 4 months ago

Nothing like bored programmers on the internet to nitpick the governments code.

[–] cmnybo@discuss.tchncs.de 11 points 4 months ago (2 children)

If you don't release your source code due to security concerns, you just announced to the world that your software is vulnerable and you're relying on security through obscurity.

[–] cybersandwich@lemmy.world 3 points 4 months ago

Meh, not really. The risk with making it publicly available is that a nation state or leet hacker types can comb over it and find exploits or know what libraries/etc you are using so when a zero day pops up they can target you directly. Whereas without direct access to th source code they'd have to do their own enumeration and surveillance.

There is some security through obscurity.

Also, just want to point out: being open source doesn't mean it's more or less secure. There is plenty of vulnerable open source code out their.

[–] Pistcow@lemm.ee 3 points 4 months ago

never let them see you cry

[–] odium@programming.dev 7 points 4 months ago

I feel like a lot of the front ends can be open sourced.

[–] doggle@lemmy.dbzer0.com 8 points 4 months ago

This is really cool. I do wonder how often "third-party rights or security concerns" will be deemed to apply, though.

[–] mox@lemmy.sdf.org 6 points 4 months ago

“unless the rights of third parties or security-related reasons would exclude or restrict this.”

Without a narrow and specific definition of what qualifies, this clause looks to me like a free pass to ignore the law. I hope its inevitable abuse will lead to a quick shoring up of the language.

[–] model_tar_gz@lemmy.world 2 points 4 months ago (1 children)

Fuck does this mean LibreOffice might get actual sponsorship, funding, organizational support? And not be a buggy steaming pile of shit that crashes my computer every ten minutes???

An engineer can dream, right?

I hate spreadsheet and slide deck days. Please oh universe help me get back to my happy place: codeland.

[–] cmnybo@discuss.tchncs.de 9 points 4 months ago (1 children)

I've never had LibreOffice crash my computer. Sure, it crashes occasionally, but it never takes anything else with it.

If you're putting enough stuff into a spreadsheet to crash it, it's time to move to a real database.

[–] model_tar_gz@lemmy.world -3 points 4 months ago (1 children)

Nah, I work with real big data all the time—I’m a ML engineer/DataSci depending on the day.

It’s not crashing because I put a trivial couple hundred rows of data into a spreadsheet.

It crashes because there’s some conflict between its Java core and the Linux kernel I’m running it on. It’s been like this across many versions; I keep everything updated, etc. Tried many versions of Java, and OpenJDK because FuckOracle. I’m no Java developer though, so Inwouldnt be able to contribute unless they want to refactor the entire core to Rust in which case I’d love to help.

I send bug reports and it’s always just crickets—either they don’t know and don’t communicate that they don’t know, or don’t care, or more likely are just too busy with their realjobs to go on the hunt for a solution to a corner-case bug/crash scenario like mine probably is.

I use office programs so infrequently that I just deal with it. But if I was like my directors and managers who live and die by office productivity apps then I’d have to abandon LibreOffice and go to the closed-source solution.

[–] skittle07crusher@sh.itjust.works 1 points 4 months ago (1 children)

Agreed with “fuck Oracle,” but isn’t the JVM the same regardless of where you compile it, Linux or something else?

Something seems off with the idea of a conflict between Linux and Java (and I am no fan of Java!)

[–] model_tar_gz@lemmy.world 1 points 4 months ago

It’s supposed to be the same everywhere, yes, that’s the whole point. I’m just listing some of the things I’ve tried to find stability with the program on my machine. Maybe it’s not LO vs Linux kernel, but LO seems to work ok on an old MacBook I use sometimes. I don’t use Windows so I don’t have a user experience there to compare against.