[amsat-bb] NASA and Open Source

Joseph Armbruster josepharmbruster at gmail.com
Fri Jul 17 20:29:59 UTC 2020 

Bruce,

Yeah, NASA (and other government agencies) have been promoting OSS for
quite some time and some even have some long-standing projects, ref:
WorldWind.  And something worth noting, is that with the government,
what they mean by OSS can sometimes be misleading.  There is GOTS
(Government Off The Shelf) OSS and non-GOTS OSS.  Meaning, it could be
regular OSS lib, but accessible only in a repository that is only
accessible by government contractors / programs that have a need, and
never really return code to the public domain (but do maintain
changes).  This is quite commonplace.  I am not sure if that's what
they mean in this case of the grant, specifically.  NASAs WorldWind,
has source repositories in the public domain and has for many years (I
may be in the commit logs somewhere), so some definitely do work that
way.

Projects like GDAL have benefited greatly from government / OSS
integration.  But then, you have situations like LAS Tools Right Now,
where the main developer purportedly made some kind of a threat about
adding malicious code to it, so gov agencies are asking everyone to
immediately uninstall QGIS (open source GIS package, that utilizes las
tools out of the box).  I don't know if this has been validated but
you can find bits and pieces around the net about it.  Which brings me
to my next point.

Sometimes, if you're working a government contract and you want to use
a particular OSS library, they do not allow you to just download it
and use it.  You can however, purchase it through a trusted
third-party company.  All due to liability issues.  As a result, you
can literally burn, box and sell, literally Free software.  The
problem is, what if libtiff pokes a hole in the firewall every three
image opens?  And, don't laugh, i've seen weird stuff happen over the
years.  The funniest, was an API function to "create a folder" at a
path, that, if the folder already exists, it would actually traverse
the folder and delete all files / folders found underneath it.  No
joke.  Now, due to some bad // \\ path handling in the lib, when
passed a path like this: C://something//and//some//place, it
accidentally started wiping everything in the root of the C:/ drive.
The first tool user that experienced that, was not a happy camper :-)
The OSS path handling lib wasn't explicitly malicious, it was just bad
path handling in the lib causing the problem, but bygons.  Liability
is a royal PITA.

Joseph Armbruster
KJ4JIO

On Fri, Jul 17, 2020 at 2:18 PM Bruce Perens via AMSAT-BB
<amsat-bb at amsat.org> wrote:
>
> I am reading a NASA Grant application today, and noticed this text:
>
> Program elements will give preference to proposals that include a plan for
> committing
> software as Open Source Software (OSS), beginning at the inception of the
> proposed
> work. This plan will include the identification of software components
> developed as part
> of the proposed work, and designate a permissive, widely accepted OSS
> license and a
> public repository hosting service for these components.
> _______________________________________________
> Sent via AMSAT-BB at amsat.org. AMSAT-NA makes this open forum available
> to all interested persons worldwide without requiring membership. Opinions expressed
> are solely those of the author, and do not reflect the official views of AMSAT-NA.
> Not an AMSAT-NA member? Join now to support the amateur satellite program!
> Subscription settings: https://www.amsat.org/mailman/listinfo/amsat-bb

More information about the AMSAT-BB mailing list