The Galician Autonomous Region of Spain has a Plan 2012 to use Free Software

There’s something about Spain…

Years ago it was Extremadura switching to GNU/Linux over a weekend, more recently Andalucia switched. Now Galicia is investing nearly €1 million in promotion of FLOSS for business and government. They have already saved €2.5 million last year.

CC-NC_ND © 2007 by Virtua, a company that provides services for those migrating to GNU/Linux.

It looks like the Spanish Civil War all over again, only this time the Spanish are the winners.

Galicia has a Plan 2012 to use Free Software – Faro de Vigo.

About Robert Pogson

I am a retired teacher in Canada. I taught in the subject areas where I have worked for almost forty years: maths, physics, chemistry and computers. I love hunting, fishing, picking berries and mushrooms, too.
This entry was posted in technology. Bookmark the permalink.

37 Responses to The Galician Autonomous Region of Spain has a Plan 2012 to use Free Software

  1. oiaohm says:

    Phenom 99% as possible but a lot of users don’t use MS Office.

  2. Phenom says:

    Pogson, don’t forget that Office for Mac is the standard for Office suite there, too. Together with the marketshare of Windows, that brings the number to 99%.

  3. Phenom wrote, “I don’t give a rat’s rotten tail about what RMS thinks. Neither of e-mail attachments, nor of anything else.”

    we know, Phenom. We know…

    Phenom wrote of users of M$’s office suite, “These people, which happen to be 99% of PC-using software out there, don’t mind. “

    Nope. Not even close. M$’s share of installed base by OS as reported by a “partner” is 85.55%. Unit shipments are much lower, 50 million per quarter out of 90 million PCs. So, 99% is not even close.

  4. Phenom says:

    Pogson, spam filter fails again.

  5. Phenom says:

    Pogson, to be honest, I don’t give a rat’s rotten tail about what RMS thinks. Neither of e-mail attachments, nor of anything else.

    People send Office documents, because people collaborate. You can send a PDF only if you want to have something printed. If you, however, want the other party to review and modify your document, a PDF won’t do. In other words, people attach and receive happily Office documents because they find it convenient do get the job done. These people, which happen to be 99% of PC-using software out there, don’t mind. They can’t care less what the othet 1% think because of the zealotry of this 1%. You don’t want to work with zealots, you know.

  6. Phenom, here is RMS’ take on e-mail-attachments containing M$’s file formats:
    We Can Put an End to Word Attachments.

    Really, it is silly sending M$’s file-formats to the world assuming everyone has M$’s software and it is silly requiring of the world to receive M$’s file-formats. That is selling M$’s software for M$ for $0 and we are not M$’s slaves. If we must send an exact copy, we can use image-files like JPEG or TIFF or PDF. If the text is all that matters, just send text… If the file must be modifiable, text works. So does HTML. ODF is a good choice because any application should be able to use the open standard whereas even M$ cannot handle their own not-so-open standard properly.

    Ironically, even while M$ was busy screwing Netscape with exclusive deals, Netscape was recommending customers use M$’s file format for advertising copy (page 131 of the PDF):
    “Text File Format Microsoft Word or ASCII files only (We prefer Word 5.1 for Mac.)”

    I have often sent PDF for job-applications even when the ad required M$’s file-format because I know most of my employers can read PDF with little or no effort.

  7. Phenom says:

    Sorry, I meant 11 years (between 96 for Office 97 and 2007 and Office 2007).

  8. Phenom says:

    Pogson wrote: M$ spent $billions pressuring the world to use IE and M$’s office suite and M$’s file-formats etc.

    Hm, how that? Do you mean that IE should have not been free, or that MS Office should have been sold for much more money?

    Remember IE-only websites
    Yeah, it was definitely MS’s fault for this:
    “Netscape 4.x browser versions ignore style definitions if the user has JavaScript turned off.”
    (http://www.netmechanic.com/news/vol4/css_no17.htm)
    or
    “Navigator’s CSS implementation is pretty bad. I’m not making a terribly controversial stand there, since even programmers at Netscape have said as much”
    (http://meyerweb.com/eric/articles/webrev/199904.html)

    <iconstantly changing file-formats
    Hm, like the 97-2003 format of .DOC? How dare they change the format after 17 years? :-)

  9. Viktor wrote, of that other OS, “Nobody does tell you! You can install anything you want on that other OS the same way.”

    M$ spent $billions pressuring the world to use IE and M$’s office suite and M$’s file-formats etc. Remember IE-only websites, constantly changing file-formats, DRM and all the rest?

  10. Viktor says:

    Why should I let M$ or you tell me what to run on my PC?

    That’s the whole point: Nobody does tell you! You can install anything you want on that other OS the same way. Contrary to Linux which makes it progressively harder for you if you need software which is not in the repository (unless you use one of those famous/infamous “rolling release” distributions).

  11. oldman wrote, “I am talking about REAL commercial software like like hyperion, Peoplesoft, oracle, SAP and a host of other programs sold for purpose.”

    Those folks don’t sell their software. They sell licences for the use of the software under very limited conditions. A developer can sell a licence to use FLOSS, too, but few do. It is more efficient to charge for other services such as supporting the software or keeping it available to an employer.

    oldman wrote, of my experience with that other OS, “That was 12 years ago, your experience with commercial applications is as out of date as your experience with the windows OS.”

    Has it been that long? Time flies when I am having fun. I last encountered that other OS two years ago in a school. It could not be kept running without part-time staffing. That was a no-go so we switched to GNU/Linux and cost of maintenance plunged thanks to Debian. Oldman, it is not just I who see the burdens of that other OS. Many large and/or competent individuals and organizations choose FLOSS because it works for them. Android/Linux, which is arguably the most successful OS on the planet in terms of people choosing it, is all FLOSS.

  12. oldman says:

    “GNU/Linux is commercial software, oldman. It is used in all areas of IT. People trust it with mission-critical tasks.”

    Spare me the bushwah Pog. You know full well that I am talking about REAL commercial software like like hyperion, Peoplesoft, oracle, SAP and a host of other programs sold for purpose.

    “I used crapware on that other OS from 1986 to 2000. I had enough of crapware to last a lifetime.”

    That was 12 years ago, your experience with commercial applications is as out of date as your experience with the windows OS.

    Judging the entirety of the software even from that time based on your narrow slice of experience is a load of garbage. The reality was that while a lot of the software from that time frame was not as rich in function and feature as it is today, it certainly wasn’t crap.

  13. oldman wrote, “Your blind adherence to the crap that the community has cobbled together is sad Pog.”

    I am not blind. I used crapware on that other OS from 1986 to 2000. I had enough of crapware to last a lifetime. The quality of software in Debian’s repository is mixed but it is fixable, costs little and is very flexible unlike anything I have seen on that other OS. Why should I let M$ or you tell me what to run on my PC?

    oldman wrote, “How about installing commercial linux software.”

    GNU/Linux is commercial software, oldman. It is used in all areas of IT. People trust it with mission-critical tasks.

    “Of or pertaining to commerce; carrying on or occupied with
    commerce or trade; mercantile; as, commercial advantages;
    commercial relations. “Princely commercial houses.”
    –Macaulay.
    [1913 Webster]”

  14. oldman says:

    “Viktor, offhand, can you tell us why anyone would want to install anything from outside the Debian repository when there are 30K+ packages in it and most humans are not familiar with them all but must search to find the packages that do what they want.”

    How about installing commercial linux software.

    How about installing a version of an application that has not yet been blessed by the software ghetto that is your local repository.

    How about exercising real freedom instead of promoting the kludgy ghetto that is the linux software repository into a glory.

    Your blind adherence to the crap that the community has cobbled together is sad Pog.

  15. kozmcrae says:

    Viktor wrote:

    “Ha ha ha ha ha ha …

    I laugh at you, Koz McRae.”

    Good. Keep at it, your brain needs the oxygen.

  16. Viktor, offhand, can you tell us why anyone would want to install anything from outside the Debian repository when there are 30K+ packages in it and most humans are not familiar with them all but must search to find the packages that do what they want. Often, the challenge is to sift through the descriptions to choose one of several choices that may well suit the need. That is a very big threshold that any application needs to pass before a user would be tempted to install from outside. I have only done it in a few cases when I wanted to test something or when I wanted a feature from the latest version. I think Google’s chrome browser and LibreOffice are the only things I regularly install from outside and it’s not really necessary, just my preference. APT has a “volatile” category that would accomplish that.

    I have 2000 packages installed on Beast and I could get by with fewer than 1K. I do all kinds of things normal users don’t like have several different apps for similar purposes, web applications and a dozen databases.

    The people who create and maintain the Debian repository are diverse, reflecting human need for IT pretty well.

  17. oiaohm says:

    Viktor “The many eyes have not only failed for a good five years, despite the source being available, no, some FLOSS programmers apparently lack basic skills in the C programming language. Where was the QA? Preparing for Steam on Linux?”

    In fact the it was found. When its a one line bug in thousands of lines of code is hard to find. In fact what lead coders to it in the first place was not a breach but automated code checking.

    “some FLOSS programmers apparently lack basic skills in the C programming language.”
    This could have been a simple delete line tapped at the wrong time.

    “Where was the QA?”
    It was the QA that found it. Even with windows it takes years to dig out the existence of some bugs.

    In fact the error was at first highlighted by static code checkers as possible suspect. Running these you need the source code and flagging for missing breaks in switches is a recent add.

    Viktor just because you have the source code does not mean its bugless but at least you can be sure it is as bugless to the best of current day tools.

    Please be aware lots of people have checked sudo.

    Viktor about time you do the research on the bug only reason it was found was the QA and the improvement in tools todo QA. So how many bugs do those old binaries you have without source that cannot be checked have.

  18. Viktor says:

    For the general user there is no need to install software outside of the repository system.

    Ha ha ha ha ha ha …

    I laugh at you, Koz McRae.

    Because it’s not easily possible and foregoes the repository system, Linux loons make automatically a dogma out of it:

    “You don’t need to install software outside the repository system.”™

    That’s a good one. Never gets old.

    Why, oh why, then has, for example, Crapbuntu gone to the lengths of implementing their “Personal Package Archives” to address this deficiency, to address the users’ need to install software not in the repositories?

    I pity you, fool!

    And WRT to sudo:

    http://nakedsecurity.sophos.com/2012/05/21/anatomy-of-a-security-hole-the-break-that-broke-sudo/

    The many eyes have not only failed for a good five years, despite the source being available, no, some FLOSS programmers apparently lack basic skills in the C programming language. Where was the QA? Preparing for Steam on Linux?

  19. oiaohm says:

    iLia
    “So the Linux distribution that use them are also crap?”
    sudo does provide some security. UAC is swiss cheeses even worse crap.

    Sudo is being deprecated on Linux for a better system.

    Of course to change network settings iLia use to require sudo or su for root privilege under windows still does. Linux today has networkmanager sitting on dbus under policykit controlling what applications can touch network settings.

    Linux is reducing number of items you are using the crap sudo method for. iLia you have not noticed the Linux deprecation of the sudo method. Removing sudo from usage is not a small process. In fact policykit allows more transparent secuirty raising and the policykit ask for password most people mix up with a sudo dialogue as well. The areas changed are fairly invisible unless you know what you are looking at. Like mounting drive from filemanager that is a dbus call and the secuirty window that appears there is policy kit. So replacing decanted mount programs of old running graphical or going to the command line to mount.

    The new system is entering Linux without people noticing and windows is still using the older crap model alone.

    kozmcrae
    “Performing sudo on any software in the repository is not a direct security risk.”
    Still a risk because attackers application name could match something you expect to show a sudo message. dbus and policykit solutions are better.

  20. kozmcrae says:

    iLia wrote:

    “oiaohm:So sudo and UAC are both crap.”

    Performing sudo on any software in the repository is not a direct security risk. With one exception in the history of GNU/Linux, the distro repository system has kept the users safe. You can go look up that one exception for extra credit if you wish iLia.

    Installing software outside of the repository system carries with it the same security risk as it does with Microsoft’s Windows users downloading software from all over the Internet. For the general user there is no need to install software outside of the repository system.

    Thank you iLia for giving me an opportunity for sharing this information with the readers of Robert’s blog. I know you are well aware of how secure the repository system of software disbursement is but some of them may not.

  21. iLia says:

    oiaohm:So sudo and UAC are both crap.

    So the Linux distribution that use them are also crap? Am I using a crappy OS? I mean Ubuntu. Is the most popular Linux distribution crap? And what about Mint? Does it use sudo?

    Mr.Pogson fix you antispam stuff, it doesn’t work. If it is some FLOSS you can fix it yourself.

  22. kozmcrae wrote, “So far all the malware is dependent on social engineering.”

    If you call installing an app from an app-store social engineering and all the vulnerabilities were in such apps as installed, that would be true but a lot of malware exists in the Java world and there’s no reason some of that kind of thing cannot get into Dalvik. Certainly apps can be compromised by contrived data being sent to them. The thing about mobile apps is that they are all new. Very few are more than a couple of years old and in the rush to get to market first some corners have likely been cut. I expect that will shake out and Google will have to police the app-store (Android/Market) better and put some better controls in Android. I expect those wanting to “root” their Android/Linux devices will be appeased eventually by having most Android/Linux devices ship with a GNU/Linux part built-in or an “un-locked” versioning for Android. There is a trade-off between securing the system tightly and making it easy for users to do what they want with it. There will be room for both in */Linux on ARM.

  23. kozmcrae says:

    iLia wrote:

    “Actually it means that Android/Linux security is far from being absolutely secure.”

    The security mind-set Google has so far deployed towards its app store is deplorable, yes. That’s the case with every app store though with the exception of Apple’s. For some reason the commercial sector has yet to adopt the security measures the non commercial sector (distro repositories) has. That is just plain stupid. The best way to distribute software securely has been demonstrated many times over throughout the past decade. It’s not rocket science.

    A customer purchasing or downloading an app from the vendor’s app store should have confidence that the app is malware free. But that is not the case with today’s app stores. Third party app stores should always be treated as suspect.

    The weak link is user education. So far all the malware is dependent on social engineering. That type of malware bypasses all technical security measures. All the mobile platforms saw an increase in malware no matter what their market presence was.

  24. Viktor says:

    I’m laughing a you Viktor!

    I’m always happy if I can bring laughter to persons with mental issues.

  25. oiaohm says:

    iLia of course I could pull up the same on windows its longer. http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=windows

    sudo is being deprecated that bug is not its only fault in its place dbus and policykit frameworks are being used.

    policykit can checksum the binary its giving permission to. Sudo cannot neither can UAC.

    With UAC on windows it has more holes than you can think. Yes you can swap an approved binary with another one and UAC will accept it worse load that other binary up in privileged mode.

    So sudo and UAC are both crap. UAC lacks proper means to extend as well.

    Also lot of the Linux CVE list drivers that if you are not using them the exploit does not exist either.

    Back doors in windows drivers normally don’t get a CVE number. So CVE number under represent how bad windows is and it still cannot beat Linux.

    Basically iLia you are a MS troll you never bothered to check the link you were providing to see how bad Windows was right and then read the list to see if there was a error in the listing system. Windows driver secuirty bugs that exist and never get fixed not being list where Linux driver secuirty bugs are listed.

    At this point CVE proves Linux is more Secure than windows on all counts.

  26. iLia says:

    Notable in these findings is a significant number of malware samples obtained from third-party applications stores, which do not enjoy the benefit or protection from Google’s newly announced Android Market scanning techniques.

    So what? Actually it means that Android/Linux security is far from being absolutely secure.

    And Microsoft is going to open their own App Store.

    And why there are antiviruses for Android/Linux and GNU/Linux. Just for fun or there is some real need?

  27. iLia says:

    And don’t forget this one about sudo. It is so secure that:

    … an attacker could masquerade as an authorised internal user, even from outside the network.

  28. Viktor says:

    Good thing is: GNU/Linux evangelists like Pogson, Koz McRae and Ohio Ham can claim all they want. It’s never gonna be tested in reality because GNU/Linux won’t be able to increase its market share enough to become relevant. And even if that should happen GNU/Linux won’t need malware, its quality and usability issues will be quite enough to piss users off. They will exclaim: “God! Ballmer, take my money!”

  29. oiaohm says:

    Ivan still there is less malware added per month for android than added to windows.

    Also the life cycle for android malware is shorter. So it does die out faster.

    Even so.
    “Notable in these findings is a significant number of malware samples obtained from third-party applications stores, which do not enjoy the benefit or protection from Google’s newly announced Android Market scanning techniques.”

    Android backs the problem with windows. Notice that most Android infections have been user installed stuff from untrustable sites.

    Anti-virus companies are still ambulance followers instead of true solutions.

    Is not the direct way to solve this problem instead of trying to convince people they need an anti-virus but to provide an app store on subscription that is virus free to your customers.

    Ivan the android numbers and research document were a key problem with Windows is. Users and the fact they get applications from bad sites.

  30. kozmcrae says:

    “That lie ignores the obvious fact that the web runs on GNU/Linux and largely is not owned by malware…

    nope”

    Did you even read the report before you spoke Ivan? Nope.

    First off, Juniper uses a broad definition of malware, which includes:

    • 30 percent of applications have the ability to obtain the device location without users’ explicit consent

    • 14.7 percent of applications request permissions that could lead to the initiation of phone calls without user knowledge

    • 6 percent of applications requested the ability to
    look up all the accounts on the device, including
    email and social networking sites

    • 4.8 percent of applications were able to send an SMS message without users’ involvement and knowledge

    All of the current malware are of the social engeneering type and require the ignorance of the user to install an infected application from an app store.

    The problem is with the app store’s policy on security, which is beginning to change, and user education on how to avoid malware. All of the mobile platforms saw an increase in malware, not just Android.

    This is not the same kind of security problem that you have with Microsoft where you just have to visit a rogue Web site to get infected. So any comparison falls short. The closest the report came to such a comparison was a proof of concept browser security breach. The browser was not named although Juniper seems to think that that type of infection vector will take of real soon now. We will see.

  31. Ted says:

    Love the new anti-bot mechanism. :)

  32. Ted says:

    “Even though the savings are of the order of $1 per capita per annum”

    Chicken-feed on the national scale. Their MPs probably claim more in expenses. Military projects would spend more without blinking.

    “They have to hire a few system administrators and programmers after all.”

    A “few”? This is a COUNTRY, not a small business or school.

    The numbers of admins and techs would be in the thousands, and most of these would have to be the current workers who have been retrained. Do you really think the public sector would stand for it if a huge swathe of them were made redundant?
    Then add on project managers, consultants, and other support staff. Any savings on software licensing would be eaten whole by the cost of the retraining and migrations.

    And as for programmers – it would be a full-time job for lots of large teams to rewrite software, in some cases from scratch. Do you really think commercial software producers will meekly hand over source code so it can be ported to Linux and they make no money from it?

    “That lie ignores the obvious fact that the web runs on GNU/Linux and largely is not owned by malware… ”

    It could be argued that the web really runs on Cisco IOS or the Juniper or HP equivalents. Take the routers and switches away, and the servers are just space heaters…

    And you ignore the fact that most malware is aimed squarely at the desktop. Large commercial systems like insurers or banks are protected by professionals, carefully change-controlled and proactively monitored.

    At the other end of the Linux pool – cheap web hosting – malware is by no means unknown;

    http://www.theregister.co.uk/2009/09/12/linux_zombies_push_malware/

    Desktop Linux may one day hit a tipping point where it becomes an attractive target for the malware authors, and it will be made all the more attractive by the attitude of developers and users that magic fairy dust somehow protects it. IMO, FlashBack shows that the same day is fast approaching for the Mac.

  33. Ivan says:

    That lie ignores the obvious fact that the web runs on GNU/Linux and largely is not owned by malware…

    nope

  34. iLia repeated the lie, “when Linux becomes so popular the malware authors and criminal hackers will pay much more attention to it.”

    That lie ignores the obvious fact that the web runs on GNU/Linux and largely is not owned by malware…

    Why wouldn’t those people pay M$ ~$1K or so to run that other OS if it were more secure? The fact is it is less secure and the money is better spent otherwise.

    Spain’s economy is not doing that poorly:

    • “Spain’s mixed capitalist economy is the 13th largest in the world, and its per capita income roughly matches that of Germany and France. However, after almost 15 years of above average GDP growth, the Spanish economy began to slow in late 2007 and entered into a recession in the second quarter of 2008. GDP contracted by 3.7% in 2009, ending a 16-year growth trend, and by another 0.1% in 2010, before turning positive in 2011, making Spain the last major economy to emerge from the global recession.”
    • “GDP – per capita (PPP):

      $30,600 (2011 est.)
      country comparison to the world: 43
      $30,400 (2010 est.)
      $30,600 (2009 est.)”

    see CIA World Factbook

    Even though the savings are of the order of $1 per capita per annum, the money reinvested in the economy has multipliers. They have to hire a few system administrators and programmers after all. Then there’s less expenditure on malware, re-re-reboots, phoning home etc.

  35. iLia says:

    Welcome to stone age of software, Spain!

    Instead of repairing their economy, they try to get some savings on software.

    Maybe instead of using quite poor FLOSS, the Spanish and other EU countries should start protecting their economies from the cheap import from China, South Korea and Turkey and start brining jobs back?

    Maybe it is high time for Europeans to stop this austerity crap and start developing their own industries by lowering taxes and raising entrance duties?

    The problem of Europe is that without sound economy based on the industrial sector any austerity savings, budget cuttings and tax raisings are pure nonsense.

    And some economy of $10-20 millions will not save their economy.

    How much in-house software should be ported on Linux, and how much it will cost?

    By the way this company Virtua proposes simply to use virtualization and clusters:

    El secreto está en la tecnología punta de terminales virtuales Linux con clusterización y virtualización de servidores, de VIRTUA que permite replantear los métodos de migración a software libre que hasta ahora se han utilizado.

    So no No-Windows here! And the customers will have to give to Virtua access to all their data.

    And the last drop, now when Linux becomes so popular the malware authors and criminal hackers will pay much more attention to it.

    So goodbye security!

  36. kozmcrae says:

    Ha ha ha ha ha. Ha ha ha ha ha.

    I’m laughing a you Viktor!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>