Securing Open Source Software at the Source

Not that one. The report and legislative proposals are available here: Cyberspace Solarium Commission - Report

Here is the relevant section of the report: https://twitter.com/aramaswamis/status/1405577829438349321

Here is the relevant legislative proposal:

image1498×1558 336 KB

Here’s the actual language that made it into the House NDAA (https://www.congress.gov/bill/117th-congress/house-bill/4350/text) (note that the language slightly differs from the proposal):

image1048×1034 188 KB

However, this provision (the “critical technology security centers” proposal) didn’t actually make it into the Senate NDAA or the final compromise version that was passed through conference committee (see https://rules.house.gov/sites/democrats.rules.house.gov/files/17S1605-RCP117-21-JES-U1.pdf):

image1374×330 47.2 KB

For reference – the process for any bill to pass in the US Congress is (see https://www.youtube.com/watch?v=OgVKvqTItto !):

1. House and Senate each pass their own version of a bill
2. Members of the House and the Senate are appointed to a “conference committee” which creates a compromise version of the bill
3. House and Senate both vote to pass on the compromise version of the bill
4. President signs the bill, bill becomes law

Would love to hear your thoughts on this! I think coalescing around a few policy / legislative proposals and pushing for them when talking to staffers is a good idea. Need to think more about it.

The alternative is … we have no public budget assignation for securing OSS. Public funding should not be the sole source of funding, but I don’t see why it can’t hurt, so long as projects do not become dependent on a single source (government funding) to stay afloat.

Here are some other US government sources of OSS funding I’m aware of:

NASA: NASA Funding Opportunity: Support for Open Source Tools, Frameworks, and Libraries - #18 by aterrel - News & Announcements - Pangeo and NSPIRES - Solicitations Summary

Open Technology Fund: OTF | Projects we support

NSF (kind of): NSF Award Search: Award # 2020900 - GCR: Collaborative Research: Jumpstarting Successful Open-Source Software Projects With Evidence-Based Rules and Structures and NSF Award Search: Award # 1348450 - An open source framework for metadata exploration and discovery of Polar Data

I’m already working on the Alternative. The alternative consist on:

Learning How to Capture Value from FOSS projects

Value Capturing is the most effective way for sustaining public goods. A good example of this concept is how the Hong Kong Mass Transit Railway (MTR) was developed:

The city government supports sells public land to the public transport authority at lower rates. The transport authority then sells or leases the land at rates that capture the value enhanced by public transport development. The increased value realized from the land is enough to pay for better public transport infrastructure.

With the same principle, we could define how Open Source and Public Domain Content could capture value from their maintenance and quality content, already accessible to the community of users.

No matter how users access to the content, or how they’re adapting the OSS product in their customized applications. What good FOSS projects already have nobody could take it from them: This valuable asset is the Prestige of the project, the Reputation that is conferred to its developers by their historical track of quality assurance efforts.

I’ve already learned how to convert that intangible aspect, The Prestige, into money. Thanks to Smart Contacts and DeFi developments. That Prestige could be staked as collateral in financial services. My solution is called DAOVOTION.

Currently I’m developing an article in Medium explaining this concept with real-world examples, Stay tuned.