It’s been three decades since Linux launched the modern world of free and open source software, but you would have barely known it at a state legislative hearing on Tuesday.
The hearing, regarding two bills aimed at getting the New Hampshire government to use more non-proprietary software, covered debate points about security, cost, maintenance and control that have not been changed from the days when Digital Equipment Corp. reigned over New Hampshire’s tech roost. In fact, CED was mentioned more than once.
The other bill (HB 1581) by Lex Berezhny, a Grafton Republican, would reinstate the requirement for state agencies to use open source software when it comes to “the most effective software solution “. That requirement existed in state law from 2012 to 2018, he said.
Gallager said the two bills were crafted separately. “The fact that you have people from both parties thinking about this issue independently shows that there is a wide spectrum of support,” he said.
The Executive Department and Administration Committee sent the two bills to the subcommittee.
New Hampshire has long had a thriving open-source software community, but despite the field’s philosophical connection to “live free or die,” they’ve had little success getting state laws or regulations to support the concept. Concerns about the lack of central oversight in open source programs, which are often developed by volunteers, have haunted the field from the start.
The definitions of free and open source software may differ — Gallager said part of his bill’s worth would be to put some of those definitions into state law — but generally they refer to programs that enable the user to review or modify the code as needed. , which proprietary software almost never does.
Proponents say it allows users to get the most out of their software, freeing them from the whims of companies that might change or discontinue useful software or raise its price, and limits security or privacy concerns because everything is open to inspection.
Opponents say the company’s lack of development and oversight creates unpredictable programs that lack good backup, raising security, privacy and maintenance issues.
“Who handles their tech support, who handles their updates, who handles their issues? If they’re not making money doing this, if there’s no financial incentive, how is the government supposed to…rely on this kind of process for a free product? asked Rep. Stephen Pearson, R-Derry.
Despite the term, free software is not necessarily free of financial cost, a distinction geeks associate with the terms “libre” (free to use) and “gratis” (free to obtain). Many great companies are built on the sale and service of free software.
Tuesday’s hearing drew the state’s most prominent free software advocate, Jon Hall, a programmer whose legacy in the field stretches back three decades. (Hall is the person who brought up DEC, a former employer, during his testimony. He also mentioned the Morris Worm, a 1988 bug that first brought media attention to the possibility of pirated software spread online.)
Among his arguments, Hall said that studies have shown that free and open-source software is cheaper in the long run than software from Microsoft or other vendors because you don’t have to buy regular licenses or be forced into software upgrades or give up. equipment such as printers, as they are no longer supported.
Even when free and open-source software has higher costs due to training, he said, those costs have benefits.
“Where does the money you spend go? You can send millions of dollars to Redmond (Washington, Microsoft headquarters) or Silicon Valley, or pay local software developers,” Hall explained.
On the other hand, Denis Goulet, commissioner of the Department of Information Technology, said Gallager’s bill would impose significant and difficult to quantify costs on the state. “It would take a year, two years, to figure out what it would cost” because of the training on the new systems, he told the committee. “That wouldn’t be small.”
Goulet, who opposed Gallager’s bill and did not speak about Berezhny’s, said the state already uses open-source systems as needed, pointing to its web content management system.
“I estimate that 85% of systems contained one or more open source libraries,” he said. Software libraries are pieces of code, data, or other procedures that can be inserted into a program to help it run.
Goulet also raised questions about open source security, citing a serious bug called Log4j in a free open source library that has been incorporated into a myriad of apps, many of which are used by the state. The bug produced a global alarm due to the number of vulnerabilities it causes.
“We’re scrambling as I speak to fix it,” Goulet said.
Open source proponents, on the other hand, said that Log4j is an example of the security benefits of open source, because users can examine the code of open source programs that use Log4j and decide on their own patches, at least rather than having to wait passively for private companies to do so. issue a fix.