On the ‘Open Source, Open Standards and Re-Use: UK Government Action Plan’
As anyone interested in the politics and wider adoption of FOSS will know by now, the UK Government recently released an updated policy statement regarding “Open Source and Open Standards”. I made a brief comment on it when the news broke, but have now had more time to consider the document in more depth.
Firstly, It’s quite minor but nevertheless a shame that the pdf document was issued using Arial and Times New Roman embedded fonts that are not available on a free license. This leads me nicely to my second general point.
Why is there no mention of “Free Software“? There is a distinction between Open Source and Free software that, for some at least, is extremely important.
Anyway, having now read the pdf policy document in full, I want to air my thoughts on it.
After the preamble and introduction, in ‘The Way Forward’ we read this:
The Government considers that in order to deliver its key objectives a programme of positive action is now needed to ensure that there is an effective „level playing field‟ between open source and proprietary software and to realise the potential contribution open source software can make to wider aims of re-use and open standards. This programme needs to consist both of a more detailed statement of policies and of practical actions by government and its suppliers.
Notice how this is discussing a programme to generate policy statements and actions. I actually reckon this is really good stuff but am a little concerned about the fact there aren’t any demonstrable programmes or actions already created. In other words, it looks like we’ll have to wait for the bureaucrats to get their ink flowing before anything “real” happens. There are some actions at the end of the document, and although they are worthy in themselves they are rather broad and easy to spend years developing. Small, precise, tactical actions are what is required IMHO.
The objectives of the “programme” itself are pretty darn good from what I can tell. They read like a manifesto from RMS himself…
1. ensure that the Government adopts open standards and uses these to communicate with the citizens and businesses that have adopted open source solutions.
Nice – can I send documents to my MP or local council in ODF today then? (see toward the end of this piece) I don’t use any proprietary software in my business nor home (apart from my wife’s PC that is shortly to become Free too).
2. ensure that open source solutions are considered properly and, where they deliver best value for money (taking into account other advantages, such as re-use and flexibility) are selected for Government business solutions.
Once you do really take into account “re-use” it gets pretty hard to see how proprietary software represents value for money ["Sure Mr. Brown, just buy one copy of Office 2010 and re-use it across the country!"]. I look forward to seeing some detail here and the procurement guidlines for “properly” considering open source solutions.
5. ensure that there are no procedural barriers to the adoption of open source products within government, paying particular regard to the different business models and supply chain relationships involved.
Nice. Good objective.
The next section (6) is called “Policy” and stipulates the policy in broad but laudable terms:
(1) The Government will actively and fairly consider open source solutions alongside proprietary ones in making procurement decisions,
(2) Procurement decisions will be made on the basis on the best value for money solution to the business requirement, taking account of total lifetime cost of ownership of the solution, including exit and transition costs, after ensuring that solutions fulfil minimum and essential capability, security, scalability, transferability, support and manageability requirements.
(3) The Government will expect those putting forward IT solutions to develop where necessary a suitable mix of open source and proprietary products to ensure that the best possible overall solution can be considered.
(4) Where there is no significant overall cost difference between open and non-open source products, open source will be selected on the basis of its additional inherent flexibility.
These first policy item is sort of a catch-all but is quite vague and unmeasurable. I really want to see how they intend to implement, monitor and correct the bad procurement decisions.
The second and third points are indeed measurable and quite clear in their demands which is great.
The forth sounds very promising but again I’d want to know the detail; how the overall cost of the procurement can really be measured when you are comparing apples and oranges. This is a very difficult one to get right and the commercial vendors have many years of practice at coming up with exceptionally (ahem) creative pricing.
The Policy then goes onto non-open source software guidance:
Non-Open Source Software
(5) The Government will, wherever possible, avoid becoming locked in to proprietary software. In particular it will take exit, rebid and rebuild costs into account in procurement decisions and will require those proposing proprietary software to specify how exit would be achieved.
(6) Where non open source products need to be purchased, Government will expect licences to be available for all public sector use and for licences already purchased to be transferable within the public sector without further cost or limitation. The Government will where appropriate seek pan-government agreements with software suppliers which ensure that government is treated as a single entity for the purposes of volume discounts and transferability of licences.
Nice: “The Government will, wherever possible, avoid becoming locked in to proprietary software.” A fine objective if ever I read one.
I’m not sure about number 6 though. I guess it depends largely on existing contracts as to the flexibility they have with their current licenses but this must be sending shivers through Redmond right now.
Open Standards didn’t get much coverage. I guess it says what it must but open standards are one of the reasons we have FOSS today. The IETF who gave us amongst others RFC 793 and 791 (without which the Internet wouldn’t exist) and the W3C who protect and publish the open specifications for the world wide web are light-years ahead of the ISO as we have seen recently with the OOXML debacle. At least this part of the policy will be very easy to monitor. Send your Doctor, MP or Councillor an ODF document for example.
For IT and digital standards, the ISO is becoming totally redundant. Thinking back to when I was a lad, we had X.25, X.400, X.500, the ISO 7 layer reference model OSI and a ludicrously complex network management protocol known as CMIP. In their full specifications, these are all virtually obsolete now although some have been used in a cut-down form for modern standards like LDAP for example. But the reality is the ISO/ITU (CCITT) take too long, and try to be too clever. So Mr Brown and Mr. Watson, please do be careful – there are standards, and then there are standards…
The “Re-use” section gets really interesting and shows quite a good understanding of what FOSS is all about. But how on earth do they expect to achieve this
… look to secure full rights to bespoke software code or customisations of commercial off the shelf products it procures, so as to enable straightforward re-use elsewhere in the public sector.
without paying an arm and a leg for it. Can you imagine Larry or Steve agreeing to giving “full rights” (whatever that means) without a blank cheque? I can’t. In the same paragraph the following sentence is a really excellent policy:
Where appropriate, general purpose software developed for government will be released on an open source basis.
In the US public sector they have, for some time I believe, had a policy that basically means stuff created by and on-behalf of the public belongs to the public and is in the public domain. When I read stuff like this from what is the most draconian Government we have had in generations I am somewhat sceptical and really wonder how much actual input Number 10 and the policy makers have had in this document. The state that wants to restrict the citizen’s liberty whilst protecting the state itself so judiciously doesn’t feel like the same state that will write open source software. Time will tell on this one.
In the final section “Action Plan” there are 10 actions presented for the Government. These actions cover producing published guidance on procurement which will include words like:
a standard form of words for Statements of Requirements to state positively that the Government’s policy is to consider open source solutions on their merits according to total lifetime cost of ownership.
and
The CIO Council and the OGC, working with industry and drawing on best practice from other countries, will institute a programme of education and capability-building for the Government IT and Procurement professions on the skills needed to evaluate and make the best use of open source solutions . The aim will be to raise the level of awareness, skills and confidence in the professions in the different licensing, support, commercial and cost models associated with open source solutions.
Which is very interesting to an Open Source Consulting Business like my own 
As is the following which I feel is particularly strongly worded compared with the rest of the document:
Government Departments will challenge their suppliers to demonstrate that they have capability in open source and that open source products have been actively considered in whole or as part of the business solution which they are proposing. Where no overall open source solution is available suppliers will be expected to have considered the use of open source products within the overall solution to optimise the cost of ownership. Particular scrutiny will be directed where mature open source products exist and have already been used elsewhere in government. Suppliers putting forward non-open source products will be asked to provide evidence that they have carefully considered open source alternatives and to explain why they have been rejected.
Well, well, well:
The Government will specify requirements by reference to open standards and require compliance with open standards in solutions where feasible. It will support the use of Open Document Format (ISO/IEC 26300:2006) as well as emerging open versions of previously proprietary standards (eg ISO 19005-1:2005 (“PDF”) and ISO/IEC 29500 (“Office Open XML formats”). It will work to ensure that government information is available in open formats, and it will make this a required standard for government websites.
Can I say that again… “The Government will support the use of ODF” and a lovely phrase for OOXML “open versions of previously proprietary standards”. That’s possibly the kindest description of the worst specification ever written. Kudos for the clear mandate for ODF.
The last action is probably the most important of the lot:
Government will communicate this policy and its associated actions widely and will expand it as necessary. It will engage with the Open Source community and actively encourage projects that might, in due course, develop into „Government Class‟ products. It will keep the policy and progress on the actions under review, and report on progress publicly.
Firstly, I want to see how this policy is going to be communicated to the huge oil tanker called the UK Government. Secondly, it is spot on to want to engage with the FOSS Community but they will have to put in place some mechanisms, resources, on-line locations etc. where this engagement can take place. And the Government will have to learn very fast that for FOSS to work, the community has to collaborate in all directions and its members must give as much, if not more, than they take to get real benefit. It’s a bit like love… The more you give, the more you get back.
My biggest concern with this is the executive. Over the last 10 years or so their insistence on draconian lawmaking and interference in our liberty does make me sceptical about the commitment from the top dogs and hence the drive to pull this off. But, I will support this effort in whatever way I can until that scepticism is either proved wrong or right.
To conclude this rather long post then, I think this could be a huge and historical turning point in the health of FOSS here in the UK and I am very excited about the tone and sentiment behind this policy document. The authors (Our Government) have started to roll a very large ball down a very long slope. If the current Government do not take this seriously, or should the administration change and turn away, then the ball will roll out of control. If they do what they say and keep close to the community then I honestly believe there could a very bright future ahead of us.
OOXML Fataly Flawed?
Thanks to Roy’s tenacity and constant vigilance, I have learned how it now appears the MS Office binary format that is wrapped in XML and is now known as IS 29500 (OOXML), an ISO Standard Office Document Specification (ROTFL), is giving hackers everywhere a field day.
It is now official and also confirmed that OOXML files are not just insecure but there are also persistent attacks against new flaws (without any security patches being available, i.e. zero-day).
There are some good links and sources to this article so recommended reading for anyone who is considering using Office 2007 or receives an OOXML document (the ones ending in x, e.g docx, pptx and xlsx). IMHO your automatic response should be to return it directly to the sender, do not attempt to open it, and ask for them to send it to you in an open format such as ODF or PDF or even plain text. I would also suggest that you provide a link to OpenOffice.org in the reply.
In the last few scant months, there have been several major and very serious security flaws and attack opportunities with Microsoft’s software. Surely, it must be becoming clear to everyone by now:
If the foundations are weak, the walls crumbling, the windows broken and the roof collapsing; it’s time to move.
UK Government: Starts The Push For FOSS?
How’s this for an interesting statement from our beloved Government:
The Government considers that in order to deliver its key objectives a programme of positive action is now needed to ensure that there is an effective ‘level playing field’ between open source and proprietary software and to realise the potential contribution open source software can make to wider aims of re–use and open standards. This programme needs to consist both of a more detailed statement of policies and of practical actions by government and its suppliers. The key objectives will be to:
* ensure that the Government adopts open standards and uses these to communicate with the citizens and businesses that have adopted open source solutions
* ensure that open source solutions are considered properly and, where they deliver best value for money (taking into account other advantages, such as re–use and flexibility) are selected for Government business solutions.
* strengthen the skills, experience and capabilities within Government and in its suppliers to use open source to greatest advantage.
* embed an ‘open source’ culture of sharing, re–use and collaborative development across Government and its suppliers, building on the re–use policies and processes already agreed within the CIO Council, and in doing so seek to stimulate innovation, reduce cost and risk, and improve speed to market.
* ensure that there are no procedural barriers to the adoption of open source products within government, paying particular regard to the different business models and supply chain relationships involved.
* ensure that systems integrators and proprietary software suppliers demonstrate the same flexibility and ability to re–use their solutions and products as is inherent in open source.
Whoa! This comes from the Chief Information Office Council. Yes, the Government is so big they can’t have just one CIO like even the biggest Enterprise, they have to have a whole council of them
You can download the whole Action Plan in PDF form from here.
If you write about FOSS and Government, you can use this tag #ukgovOSS to get it picked up and syndicated on a special public FOSS Aggregation page.
Well, I’m quite encouraged. I need to read it more thoroughly but there’s some very encouraging words in this “plan”.
7 things you probably didn’t know about me
Thanks to Andy Lockran, I now feel compelled to continue this meme.
I found out there are rules:
- Link to your original tagger(s) and list these rules in your post.
- Share seven facts about yourself in the post.
- Tag seven people at the end of your post by leaving their names and the links to their blogs.
- Let them know they’ve been tagged.
So, here are 7 things you probably didn’t know about me.
- 1. I used to be a fully paid up member of the Abba Fan Club before I discovered Judas Priest
- 2. In my late teens I used to attend and help with the preparations of the site for the – now illegal – Stonehenge free festival.
- 3. I lived in Munster Road, Fulham, London for a couple of years and really loved it.
- 4. I used to take my holidays on one big event over Christmas and go away for 4 or five weeks. One trip I spent 4 weeks in India with an Indian family which was fascinating.
- 5. I have a *really bad* sense of balance and consequently activities like skiing are out!
- 6. I bought my first pint when I was about 13.
- 7. The best meal I have ever eaten was at a 3 Michelin star restaurant called la Côte Saint Jacques in Joigny, Nr. Paris.
The seven people I would like to pass on the gauntlet to are:
- 1. Alan Pope
- 2. Jack Hughes
- 5. Miles Berry
- 6. Alan Bell
- 7. Bob Sutor
My response so far from Jeremy Hunt MP
so this relates to a previous article where I wrote to my MP
Jeremy Hunt MP
House of Commons
London SW1A 0AA
Thank you very much for your e-mail to which you will receive a reply shortly.
I receive a large number of emails each day and I try to respond as quickly as possible, especially to my own constituents. If you are a resident of South West Surrey, please ensure that you have included your full name, address and postcode in your correspondence.
Thank you for taking the time to write to me.
Jeremy Hunt MP
Member of Parliament for South West Surrey
Shadow Secretary of State for Culture, Media and Sport
Tel: 020 7219 6813
Just an automatic response so far, but I will keep you posted if anything useful comes back. If anyone else shares my opinion that the UK National Standards body should be within the scope of the Freedom of Information Act then please feel free to write to your MP to see if you get more of a response than I did. You can write or email directly or use http://www.writetothem.com to be walked through the process of writing the email with all the correct information on it. It doesn’t matter where you live in the UK, any MP would do, however if there are some people in John Denham’s constituency a response from him would be particularly interesting as the BSI reports into his department.
Asterisk, Zaptel, Oslec and Ubuntu Server [Updated]
I have recently migrated my server at home from a custom Linux build to Ubuntu Server (8.10 Intrepid). The main migration went very smoothly and I learned a few new tricks on the way too.
One function the server performs is as my telephone system for work and home. It runs Asterisk. I have a couple of IAX2 trunks from our VOIP provider for mine and my wife’s businesses and I also have a cheap x100p clone analogue card for PSTN backup purposes. On my old system software, I had compiled the device drivers (zaptel) and kernel modules for the card manually and used a, frankly fantastic, echo canceller called Oslec (the Open Source Line Echo Canceller). You can read the couple of posts I made about when I first tried it out here.
On my new server OS, I installed the Asterisk server via Ubuntu’s package management system sudo apt-get install asterisk. After some digging around on the ‘net (and it wasn’t obvious) I discovered that the zaptel drivers (for the PSTN hardware) need to be installed slightly differently:
sudo m-a -t build zaptel Which retrieves the zaptel package and builds it for your running kernel.m-a prepare in advance of this to retrieve your Linux kernel headers.
The m-a (Module Assistant) command will compile and create a .deb package in the /usr/src directory. On my system the package was called zaptel-modules-2.6.27-11-server_1.4.11~dfsg-2+2.6.27-11.27_i386.deb.
It can then be installed using dpkg: sudo dpkg -i zaptel-modules-2.6.27-11-server_1.4.11~dfsg-2+2.6.27-11.27_i386.deb.
This went fine and I had read on launchpad that as of an earlier version of the zaptel package the Oslec echo canceller was now the default. Unfortunately this didn’t quite work as I expected. The zaptel module was in fact using the standard MG2 EC which is not very good with my x100p card at all.
After a bit more digging around in the source code, there is a file in the zaptel package called zconfig.h which is where the chosen EC is defined. It is specified as MG2 in the package. What I did to fix it was as follows.
Unpack thezaptel.tar.bz2package that was in/usr/src.Edit thekernel/zconfig.hfile so the line#define ECHO_CAN_MG2is commented outand added in a line that reads#define ECHO_CAN_OSLECinstead.Re-assemble the zaptel package:sudo tar jcvf zaptel.tar.bz2 modules(“modules” is the directory name where the zaptel package extracts to).Delete the existing zaptel-blah-blah.deb file and the modules directory too.Re-run them-a -t build zaptelcommand.
Thanks to Tzafir Cohen on the asterisk mailing list for this. There is a far simpler method to use for the time being although this is a known bug and is now fixed in the development tree so I guess it will be unnecessary once the package has been updated. Do please check first if you are following this in the months to come. Anyway, instead of the commands above, these commands work for me and are far simpler:
sudo m-a -f get zaptel-source This simply gets the source package and saves it in /usr/src.
sudo ECHO_CAN_NAME=OSLEC m-a -t a-i zaptel And this builds and installs the modules and tells the build scripts to choose the Oslec EC by default. The -t switch puts the command into text mode so you actually see what is going on. I find the process rather opaque and uninformative without this switch.
After rebuilding, the zaptel module now requires, and loads the Oslec EC by default. The command modinfo zaptel is a good test. The output of it should be something like this:
filename: /lib/modules/2.6.27-11-server/misc/zaptel.ko
version: 1.4.11
license: GPL
description: Zapata Telephony Interface
author: Mark Spencer <markster@digium.com>
srcversion: 4433ADDE0493C798A455677
depends: oslec,crc-ccitt
vermagic: 2.6.27-11-server SMP mod_unload modversions 686
parm: debug:int
parm: deftaps:int
Note the “depends” line.
You could also type lsmod | grep 'zaptel' once you have reloaded your server:
zaptel 199844 5 wcfxo
oslec 16668 1 zaptel
crc_ccitt 10112 1 zaptel
This command shows the oslec ec module installed along with the the zaptel and wcfxo drivers.
One final point to note. If you just want to load a particular telephony hardware driver and not all of them, I think you need a file /etc/default/zaptel like this with the relevant driver(s) uncommented:
TELEPHONY=yes
DEBUG=yes
# Un-comment as per your requirements; modules to load/unload
#Module Name Hardware
#MODULES="$MODULES tor2" # T400P - Quad Span T1 Card
#E400P - Quad Span E1 Card
#MODULES="$MODULES wct4xxp" # TE405P - Quad Span T1/E1 Card (5v version)
# TE410P - Quad Span T1/E1 Card (3.3v version)
#wct4xxp_ARGS="t1e1override=15" # Additional parameters for TE4xxP driver
#MODULES="$MODULES wct1xxp" # T100P - Single Span T1 Card
# E100P - Single Span E1 Card
#MODULES="$MODULES wcte11xp" # TE110P - Single Span T1/E1 Card
#MODULES="$MODULES wctdm24xxp" # TDM2400P - Modular FXS/FXO interface (1-24 ports)
MODULES="$MODULES wcfxo" # X100P - Single port FXO interface
# X101P - Single port FXO interface
#MODULES="$MODULES wctdm" # TDM400P - Modular FXS/FXO interface (1-4 ports)
I can’t recall the exact origins of this file and whether or not it is really necessary, but I had it on my old system and the Ubuntu provided zaptel init script checks for it’s presence; although it doesn’t look like it does much with its contents though…
Hopefully this will help others and also act as a bit of an aide memoir for me when I next build an Ubuntu server with Asterisk.
