How Linux reads your fingerprints, helps national security

GH: More like a hostage negotiator.

LXF: Have you seen any of the IT projects that are going on in the UK? Like the NHS IT project, for instance. That's an enormous project, and a black hole for tax-payers' money. Do you think there's anything inherent in a government that makes them think along such large lines?

GH: Well that's interesting, because in the United States we're heading in the opposite direction. The federal CIO has declared an end to large procurements, so rather than having one $500 million contract, we have 100 $5 million contracts. And it was the reason for the change, not just because it's more efficient and because there's less risk, but also because the current procurement system can literally not keep up with advances in technology.

At the DOD, the lead-in time for a top-level program takes 48 months to get from initiation to requirements. You haven't even put a bid out, you haven't even made a tender yet, but you've spent four years developing requirements. And in those four years, the entire world has changed. And so it's just not practical to run an IT project like that.

Open government

And so, in 2012 in the Appropriations Bill for the Defence Department, Congress ordered the DOD to come up with alternative acquisition strategies specifically for IT to fix this problem. They were asking for things like continual involvement of the user, an iterative, evolutionary approach... and what they were describing was that they wanted an agile IT project.

And so, subsequently, we've seen this model all over the government, with a more iterative approach and projects broken down into tiny chunks.

LXF: Our secretary of state has said that should happen, that you should break down contracts in to small chunks, but as yet, that's all that has happened: that he has said that it should happen.

GH: Well, from what I understand, since the early 2000s the UK Government put out a number of very large contracts with very long performance terms, like 10-year engagements.

I'm thinking specifically of the MOD, which visibly took most of its IT organisation and threw it up for ransom to a consortium of five companies... what were they called? Fujistu Siemens, those kinds of people. And you're getting exactly what you paid for, right?

Not only was it a huge amount of cash up-front, but also the government has no negotiating position, because any change they want to make translates into more money that you have to pay the consortium.

And so that's what agile IT combats: not only is it more iterative, but there's more competition for each iteration.

LXF: Do you see that agile, more responsive development... do you think that's a key advantage of open source in big government projects, as compared with open file formats, for example.

GH: Yeah, so, what's more important? Open source or open standards, right? I think they both solve a different set of problems. When you have an open standard, you're creating a market. You're creating the opportunity for many people to perform the same task.

So if I'm using a standard like, say, IMAP for email, then I can ask any number of IMAP servers, and I don't have to change clients every time I change my server, because if I'm on IMAP I can compete all my IMAP servers against each other, which will drive down the cost.

With open source, what I'm giving myself is a vendor of first resort or of last resort, and I always have that option. So that even if... you can have an open standard and if only one company implements it you're just as locked-in as you were before.