I came across an NPR Article this morning discussing malware believed to have been installed by China on many small office / home routers across the United States.

National Cyber Director Harry Coker Jr. alluded to the fact that the US does the exact same thing by advising The House Select Committee on the Chinese Communist Party to “continu[e] operating with confidence, not yielding the initiative, not merely staying on the defensive, but being as strong as the United States has always been”

The vulnerability that was exploited was “outdated Cisco or NetGear devices that were no longer subject to software updates.” These vulnerabilities were present because proprietary equipment and software was no-longer being maintained. This is far less likely to have occurred with routers using FLOSS, like OpenWRT. Such routers regularly receive updates for many years after the original equipment manufacturer has stopped supporting them.

Only with FLOSS hardware, software, and shared standards can nation states have digital sovereignty, compatibility, and security. If all sides are using the same FLOSS standards, then they can host their own services without dependence on a foreign tech sector, they can maintain international compatibility, and any vulnerabilities affect all parties equally. Therefore, it is in the best interest of each party to contribute fixes which ensure their own infrastructure is secure, and simultaneously provide security & functionality to each other party.

  • GreyBeard@lemmy.one
    link
    fedilink
    arrow-up
    39
    ·
    11 months ago

    I’ve always felt that public money should require public code. It makes total sense, unless you are a politician who wants to give favors and earn kickbacks.

    • WhatAmLemmy@lemmy.world
      link
      fedilink
      arrow-up
      19
      ·
      edit-2
      11 months ago

      Sane way that publicly funded science should be published and freely accessible.

      It’s a pipe dream, coz capitalism.

      • Vinegar@kbin.socialOP
        link
        fedilink
        arrow-up
        4
        ·
        11 months ago

        Capital interests certainly oppose the public domain, but I don’t think it’s a pipe dream, I think it’s a policy change. Everything has swung in favor of private capital for long enough that it’s time for the pendulum to swing back toward the public interest. I think the iron is hot, and right now is the time to start imaging and building better institutions.

      • makeasnek
        link
        fedilink
        English
        arrow-up
        2
        ·
        11 months ago

        Things are definitely moving in this direction, a number of changes at the federal level are happening in the US. The US and EU have many grant/funding programs where open publishing is a requirement, not an option.

    • Vinegar@kbin.socialOP
      link
      fedilink
      arrow-up
      9
      ·
      11 months ago

      Absolutely, and I’m glad someone else has thought the exact same thing! “Public money == public code”.

    • Letstakealook@lemm.ee
      link
      fedilink
      arrow-up
      2
      arrow-down
      2
      ·
      11 months ago

      When the government contracts for IT equipment, it comes with terms about maintenance, updates, and life cycle. It would require a much higher cost, especially in FTE funding, to ensure that open source code is viable and safe before deployment. I’m not implying that there are zero risks or errors with contracts, though they do provide some benefits.

      • ShortN0te
        link
        fedilink
        arrow-up
        3
        ·
        11 months ago

        to ensure that open source code is viable and safe before deployment.

        It takes the same amount of time to develop closed source as open source software. So doea validating and certifying it.

        Not sure why it should be more expensiv to put the moeny towards a OSS solution.

        • Letstakealook@lemm.ee
          link
          fedilink
          arrow-up
          1
          ·
          11 months ago

          Because the government would have to hire the employees directly for this, versus the company that is contracted to do so.

          • ShortN0te
            link
            fedilink
            arrow-up
            1
            ·
            11 months ago

            No. You can write in the contract that the Software needs to be open.

  • TCB13@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    11 months ago

    Only with FLOSS hardware, software, and shared standards can nation states have digital sovereignty, compatibility, and security

    This is not about sides and FLOSS, governments don’t care about that. This is about consulting companies and vendors selling their BS and under the table money.

    • Vinegar@kbin.socialOP
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      11 months ago

      I disagree, those consultants and lobbyists are working for proprietary vendors. If, instead, public grant money & public purchasing contracts were mandated to go towards free and open source technology, then the nation’s technology infrastructure would eventually become free and open. Such a mandate would reduce the opportunity for corrupt contracts in the first place, because it would be substantially more expensive to start a project from scratch if there are already viable solutions in the public domain assuming wasteful & bloated contracts will be underbid by contracts that fork or add features to existing projects.

      Public money for public code can dramatically reduce the waste caused by corrupt grants & contracts. If a project falls through, then at least the technology would be in the public domain for another organization to pick-up development. Currently, when a project falls through, it is usually a total loss because the technology remains intellectual property that can not be reused.

      Just like with the Linux kernel, if a free and open source solution exists, it can be adapted to meet countless needs with far less effort and cost than starting from scratch with a proprietary solution.

      • TCB13@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        11 months ago

        . If, instead, public grant money & public purchasing contracts were mandated to go towards free and open source technology, then the nation’s technology infrastructure would eventually become free and open

        Yes, and who pays the guys who have the decision power when it comes to FLOSS vs non-FLOSS? Those exact same proprietary vendors. There’s nobody lobbying around for FLOSS because there’s no money.

        • Vinegar@kbin.socialOP
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          11 months ago

          Ah, I see how what I wrote before didn’t clearly express what I was thinking, and didn’t address the issue of private contractors intentionally pushing for bloated contracts.

          If public money for public code is mandated at the federal level, then private contractors would be bidding for work that ends up in the public domain. I am assuming that wasteful & bloated contracts will be underbid by contracts that fork or add features to existing projects. Either way, if the end result is in the public domain, then the project is still reusable.

          I definitely don’t believe that such a mandate would be easy to implement, or separate from a wider policy platform. I see private capital influencing government decisions as the crux of the problem with passing such a mandate. However, private capital influencing government decisions is an issue that unites many activists, organizations, and social movements. If FLOSS can be integrated into organizations and social movements pushing for institutional reform, then that might be a viable pathway toward meaningful policy change.

  • makeasnek
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    edit-2
    11 months ago

    Very true. Just like how FLOSS money (Bitcoin) provides sovereignty to nation states who don’t want to be subject to the policies of the US. And sovereignty to individuals who don’t want to see the value of their currency eaten away by supply inflation or seized by their corrupt government. The US dollar imposes a tax on every person and country who uses it via its built-in inflation rate, even though many of those users had no opportunity to vote on US government policy.

    USD, and other currencies like those maintained by France etc is also used as a tool to control entire economies and nations. It’s traditional imperialism and mercantilism just with a few extra steps, extracting trillions of dollars of value from poorer nations and keeping them locked in cycles of poverty. The World Bank and other lenders literally insist that they not invest in things in education for their population.

    There is a fantastic overview of how this works at the nation state scale here from the Human Rights Foundation https://youtu.be/7qRWurFaUD0?list=PLe0djdakvnFb0T-oZAeF49A-EZChise4n&t=14009 and another one on how France abuses its currency influence in Africa to keep the colonial legacy alive https://www.youtube.com/watch?v=_-u1Pjce4Lg&pp=ygUxaG93IGZyYW5jZSBjb250cm9scyBlbnRpcmUgZWNvbm9taWVzIGZyYW5jb2RvbGxhcg%3D%3D

    A few countries have chosen to embrace Bitcoin, the blowback from the world bank etc has been very telling. They do not like the idea of a country that doesn’t want to get stuck in a cycle of debt, restructuring, and subservience to the dollar.