

Ask HN: Require governments to open source their code? - nopal

I recently learned that my city's web site [1] was upgraded at a cost of $75,000 [2].<p>Given the budget, the work described is not impressive. But as a developer, I understand that there are lots of ways a project can become more costly than a set of features would imply.<p>This story got me thinking about whether it's a good idea to require more transparency with regard to information technology. I would love to see the code that was delivered so I could judge myself whether or not it's worth what was paid.<p>Does anyone know of any government bodies that require their contractors to open source their work?<p>I understand that there would be challenges to open sourcing this type of code. I the code wouldn't be designed to be generic enough to run in other environments, and I understand that there are changes that would have to be made in order to obscure sensitive details. But, I do think it would be possible for a government to open source its code base without exposing itself to attack.<p>As a hacker, would you like to see the code that powers your governments' sites? Would it lead to cost savings and higher quality code?<p>[1] http://www.louisvilleky.gov/
[2] http://www.wfpl.org/2010/07/21/metro-government-upgrades-website/
======
mgkimsal
The code itself would only be one portion of the project price. You may look
at code that might only take 1 week to produce, but it may have taken 5 weeks
and 4 iterations to get to that point, specifically because the committees in
charge did not know how to express their needs.

That's not to say I don't think open sourcing code is a good idea - in general
I do. But don't use the code as the sole data point when judging whether it
was worth what was paid.

I have done some work for the state of NC, and I took over a project a few
years ago that was in a total mess. I had asked to rebuild it, and was told
'no' initially. So the first year dealing with it was basically patching and
rewriting and _learning_ how that system was built. It took _far_ longer to
understand spaghetti PHP than it would have to just ask what they needed and
rebuild it, but there was no trust in me at that point (given what they'd been
delivered at that point, I suspect they didn't trust anyone to deliver
something moderately decent and usable!) Someone looking at what I'd
'delivered' for $x just looking at the code would have been horrified, but it
was not solely my decision.

It might not lead to cost savings directly, but possibly over the long term.
Other gov't entities might be able to reuse it and get their own savings, but
the original entity might not see any direct savings initially.

I've also been involved using data from a fairly high dollar value NC-based
project, and I'm rather appalled at how bad the data I'm given is curated. The
entire project has taken years, run well in to the 8 figures, and from the few
data points I've interacted with it on, plain shoddy. But... independents and
small businesses basically would never be given a chance to work on 'mission
critical' stuff, so those projects go to the big consulting houses and shops,
who get to milk the taxpayers for years delivering substandard results which
few ever even see directly, and fewer would know how to fix. That's what's so
frustrating.

That said, open sourcing more govt code is a good idea.

~~~
nopal
I agree that it shouldn't be the sole data point.

For example, one report that I heard said that some hardware was included in
the $75,000. That information should be released alongside the code.

As you mention, there are lots of reasons that cause a project to go longer
than necessary and become overly expensive.

I think there should be some sort of standard for reporting on these types of
projects. A report was compiled at various points during a project could be
very useful. I could see such a report including a status update from a
project manager, costs to date, costs estimated to be remaining, code produced
and impediments. (along with whatever I haven't thought of)

I think we, as technical people, should be pushing for this type of openness,
although I'm not sure how to begin.

