# Thoughts on the Whitehouse.gov switch to Drupal

Yesterday, the new media team at the White House announced via the Associated Press that whitehouse.gov is now running on Drupal, the open source content management system. That Drupal implementation is in turn running on a Red Hat Linux system with Apache, MySQL and the rest of the LAMP stack. Apache Solr is the new White House search engine.

This move is obviously a big win for open source. As John Scott of Open Source for America (a group advocating open source adoption by government, to which I am an advisor) noted in an email to me: “This is great news not only for the use of open source software, but the validation of the open source development model. The White House’s adoption of community-based software provides a great example for the rest of the government to follow.”

John is right. While open source is already widespread throughout the government, its adoption by the White House will almost certainly give permission for much wider uptake.

Particularly telling are the reasons that the White House made the switch. According to the AP article:

White House officials described the change as similar to rebuilding the foundation of a building without changing the street-level appearance of the facade. It was expected to make the White House site more secure – and the same could be true for other administration sites in the future….

Having the public write code may seem like a security risk, but it’s just the opposite, experts inside and outside the government argued. Because programmers collaborate to find errors or opportunities to exploit Web code, the final product is therefore more secure.

More than just security, though, the White House saw the opportunity to increase their flexibility. Drupal has a huge library of user-contributed modules that will provide functionality the White House can use to expand its social media capabilities, with everything from super-scalable live chats to multi-lingual support. In many ways, this is the complement to the Government as Platform mantra I’ve been chanting in Washington. When you build a vibrant, extensible platform, others add value to the foundation you establish; when you join such a platform, you get the benefit of all those features you didn’t have to develop yourself.

Of course, it’s easy to imagine that the use of open source software will slash the government’s IT budget. After all, this software is freely downloadable. I have a feeling it’s quite a bit more complicated than that.

First off, government has a huge number of special requirements (remember the flap over President Obama’s blackberry?) Second, don’t underestimate the difficulty of doing business in Washington. Procurement is done through a complex ballet understood by few open source companies. Third, a big IT deployment like this requires coordination between many companies, each providing a piece of the puzzle. According to techpresident.com, no fewer than five firms were involved in the switch: prime contractor General Dynamics Information Systems, Drupal specialists Phase 2 and Acquia, hosting provider Terremark, and CDN-supplier Akamai. (Disclosure: O’Reilly AlphaTech Ventures is an investor in Acquia.)

The special nature of the government marketplace is one of the reasons why I launched the Gov 2.0 Expo, which will be held in Washington DC next May. There are huge opportunities for open source, web 2.0, and new media companies in government, but there are also challenges reaching that market. One of my goals for the event is to increase the visibility of cutting edge technology firms not just to government agencies, but also to the prime contractors who are putting together these complex procurements.

The net-net is that I suspect that simply using open source software won’t slash government IT budgets, at least not right away. What it will do is increase the amount of value we get for our money and the speed with which new technology can be adopted. Features that would have cost millions of dollars and years of development to add will now be rolled into the scope of current contracts.

It’s also important to realize that using open source is very different from contributing to open source. Despite the exaggerated claims in the AP story, that “the programming language is written in public view, available for public use and able for people to edit”, the White House has not yet released any of the modifications they made to Drupal or its operating environment back to the open source community. The source code for Drupal (and the rest of the LAMP stack) is indeed available, but the modifications that were made to meet government security, scalability, and hosting requirements have not yet been shared. In my conversations with the new media team at the White House, it is clear that they are exploring this option.

Giving modifications back to the Drupal community is the next breakthrough announcement that I’ll be looking for.

Releasing code is more than just being a good open source community citizen, though. Code sharing is a major cost-saving opportunity for government. There are countless government agencies at the federal level, not to mention at the state and local level, that perform similar functions. Yet each of them does its own development, driving up costs. Federal CIO Vivek Kundra has made a great step forward in web services by creating data.gov. I’m eager to see an analogous code.gov portal for government agencies to share their open source software code.

tags: , , ,
• http://twitter.com/devans00 devans00

I’m so happy to see the Whitehouse be such technology leaders. Thinks like the Drupal adoption give Open Source more legitimacy.

• http://webtechman.com WebTechMan

Tim,

This is a huge leap forward for the open source community and our Government. The talks about change makes me feel good. The proactive action of change is good!

This action should help more people realize the value of crowdsourcing. I hope more people and organizations see this action as an invitation to join this journey of a collaborative society on the path towards Government as a Platform (Gaap). These type of actions are filling the “Gaap”.

Thanks for sharing,
Daniel Hudson

• http://www.usinadeletras.com.br/exibelotextoautor.php?user=pesp Penfield Espinosa

Hi !

Very impressive analysis. Far beyond the hype you showed that even White House has to contribute back the modifications to the source they did.

However, i’d like to ask you: isn’t it just in the case the product is sold or distributed ?

If memory serves (but sometimes it doesn’t) the contribution is only reinforced when there’s a distribution of the product: inhouse mods are exempt of that.

Just a question, not a statement.

All the best,
Penfield

• http://www.inigo.net Dan Frydman

If enough people were to take on the mods contributed back by the White House media / tech team, then it would end up being distributed and modified by the Drupal community.

In pitching for Drupal projects, sometimes the fact that it is Open Source doesn’t play well with traditional IT departments who want to be as secure as possible.

With an endorsement of Drupal from an organisation where security in contributed content is key, we should expect to see more security and therefore more acceptance.

Drupal just got a whole lot more acceptable. I’m sure Dries and the team at Acquia must be planning to roll out their next pricing plan – Presidential…

• http://alastairc.ac/ AlastairC

Drupal is GPL, isn’t the Whitehouse team obligated to release modifications to Drupal?

If they use Drupal as a library and only make separate additions, this may not be the case, but if they alter Drupal then surely that should be covered by the GPL?

• http://tim.oreilly.com/ Tim O'Reilly

Penfield and Alastair -

No open source license (including the GPL) requires that you share your modifications — unless you actually redistribute the software to others. If you merely use the software for your own purposes, you are free to keep modifications private under the terms of the license.

My argument for the government making its source code available has nothing to do with license terms, and everything to do with utility. You get more benefit from an open source project when you share and participate and engage with the community. And in the case of government, there’s the opportunity to extend the community to new groups who have similar needs as you do. This is how open source projects grow, extend, and respond to new markets.

• personne

Kind of neat, but they really aren’t using any interesting features. It’s not a web 2.0 app, there’s no end user contribution, the content is not even tagged or categorized. They’re just using Drupal for very basic content management features. It’s advertising RDF, but no content is available in that format. Aside from RSS, they could have used FrontPage for this level of functionality.

• http://www.metrostarsystems.com G.Irish

I keep hearing that whitehouse.gov “switched” to Drupal. Switched from what?

I am heartened by the new administration’s committment to applying open source technology but I hope they don’t blindly try to apply open sources apps to problems where the commercial solution may be better. If Kundra and company take a reasoned and nuanced approach I think they can achieve great things for gov’t IT.

• http://lewisshepherd.wordpress.com lewisshepherd

Commendable step, though if this is a move toward GAAP I’d be surprised; I think it’s more a function of the new web team being more comfortable with tools they already knew, and thus decided to switch. I’m not as pessimistic as ‘personne’ (nice one) above, though, since it’s early days yet, the functionality will come now that the platform’s set. I would love to see RDF usage but frankly the whitehouse.gov site is not going to be the best showcase for that in any case, that’ll be more relevant for other government sites. One thing I noticed was I got several 404 errors as I surfed around clicking links, including to new content pages (news releases e.g.). @carlmalamud reminded me that that’s common in a switchover, and I did notify the webmaster – at least I think I did, the only contact info I could find is the generic Comment form, so my 404 notifications are probably sitting in a pile with demands for the President’s birth certificate and recipe requests from the White House Chef :)

• http://www.workatplay.com Jordan Willms

Another big win for Drupal. The point here gang, is that Drupal is an extensible platform. While they may not be using it yet, they will. And the good news about Drupal is, they can try something “new” in social media without wasting hundred of thousands of your tax dollars on systems integration consultants.

• http://blog.mikediliberto.com Mike Diliberto

Tim,

This is great news in many ways.

I especially like your comments about a “code.gov” portal. It would be great to have a “Government Software Developer Community”, much in the way that many Open Source firms have done. As you mentioned, there are surely some customizations that were needed to be made to make Drupal acceptable to government security standards, and all government Drupal users would benefit from having that code contributed back to a common development community.

I can see concern arising (whether justified or not) over whether sharing of certain source code has it’s own security implications.

• http://secondthoughts.typepad.com Prokofy Neva

Oh, this is awful news, and it will end badly. I can see the script-kiddies preparing the DDOS already.

Drupal is very balky and non-user-friendly. I’ve seen a number of projects fail due to over-reliance and expectation of magic from Drupal that ended up hugely over budget and still useless.

Now the American taxpayer, just like a lot of hoaxed managers, will be paying huge consulting fees for “free” opensource geeks to manage this cumbersome system. It’s a terrible racket.

Let’s have some transparency of budgets on *that* shall we? I’d love to see a meter running on this whitehouse.gov site showing how much is paid to consultants daily to keep all their lovely “opensource software” that is “free” running, and then compare it to the one-time fee of a license and a standard maintenance contract with proprietary code.

And why does the Obama Administration get to only “explore” the options of opening up the modifications? Isn’t there something about the licensing to use opensource code whereby you are supposed to “give back to the community”?

And this opensource hogwash also covers up the harsh reality of how little access the public really has to the CONTENT of this site, which is really the issue.

Beth Noveck, of the White House Office on Science and Technology, with her belief in collectivizing ideologies with “avant-gardes” for the workers in the form of “experts,” has made darn sure that her site is absolutely locked down, with only cadres framing the issues, and readers only able to contribute very briefly, very sparingly to precooked theses. Then there’s that awful MMORPG habit imported of “voting up and down” in sordid little fanboyz popularity contests to make “posts we don’t like disappear”. Ugh.

All the worst of the Internet geek culture is being shoveled into government now and it will take quite awhile to undo it.

The good news is that the very big public fail this will involve should be a significant blow to the illusions that opensource keeps perpetrating on the using public, and that will help to curb its excesses.

• Anonymous

@Mike Dilberto It’s called Apps.gov. An announcement like this makes me hopeful it will be shared on the gov side to get rid of all the wasteful propitiatory systems.

• Heather

I can’t resist a troll.

@Prokofy Neva
- You seem to be misinformed about the ‘free’ bit in open source. It’s more than free as in “free beer”. And yes it does cost to pay consultants, but you have alot more choice, and more R&D done (for free) by people who aren’t on your payroll.

Quote from Yelvington on Slashdot sums it up:
http://news.slashdot.org/story/09/10/25/1126210/White-House-Website-Switches-To-Open-Source?art_pos=1

start quote:

by yelvington (8169) on Sunday October 25, @11:05AM (#29864641)

* Whitehouse.gov is not running Drupal on a ten-dollar shared server at GoDaddy.com. * Any Drupal project of this scale involves layers of extremely high-performance caching and multiple firewalls. * The site’s administrative tools aren’t available from the outside. (This is not difficult to implement.)
I don’t know any details of the site’s technical architecture beyond the obvious, but it’s blazingly fast. My bet is that when you hit the site, you’re pulling completed pages out of RAM on a customized and hardened Varnish [varnish-cache.com], but that’s just a guess. The HTTP headers identify the server technology as “White House.”

end quote.

• http://www.gordiansknot.com Dan Deakin

Great to hear about this move from a few different perspectives. Most importantly it demonstrates leadership from the top on quickly leveraging great tools that meet the requirements for the project. Secondly seeing the intent to participate in the community sets an example for all of us. So much great work being done!
Dan

• Anonymous

@heather – don’t do it, that one is a notorious troll who lives full-time in second life with many, many axes to grind, preferably to an audience.

• http://www.davidevans.googlepages.com/dle David Lee Evans

It would have been nice if they would have described
what type of architecture they migrated from.
I Googled around a bit and the only information
that I was able to discovered was that it was
a proprietary content management system that had been in place since the days of the Bush Administration.

• http://tim.oreilly.com/ Tim O'Reilly

David Lee Evans -

I believe that the previous CMS was based on .Net. But that wasn’t why they migrated. The system as designed just wasn’t flexible enough. For example, when it was created under the Bush administration contract, I believe there was no support for comments…

As a result, the White House was cobbling together workarounds when what they needed were social media features like video with scalable live chat.

The White House new media team chose Drupal after looking at a lot of alternatives. They believe that the rich ecosystem of modules will give them a lot of what they want, and they hope that the extensibility of Drupal will help them to engage developers to build things that don’t yet exist but that they need.

And as for the lack of detail – government contractors are notoriously secretive about the terms of their agreements (generally for competitive bid reasons.) Apparently, there was a lot of back and forth to even get permission from the prime contractor to release the names of the subcontractors doing the actual work.

I agree that it would be great to see more transparency about the details of these federal contracts. The government needs to be setting the transparency rules, not getting permission after the fact from contractors, to get around THEIR rules.

But remember that this takes time. You can make new rules for new contracts, but it’s tougher to make new rules for existing contracts. And as far as I know, this was a multi-year contract signed late last year as a parting gift by the Bush administration. It’s a testament to the flexibility of the prime contractor that they were willing and able to change direction, under the terms of their existing contract.

• cak

Who cares whether this is open source, this is a far superior implementation to any other CMS out there, and gets rid of the Microsoft insecure stack.

Congrats to the Goverment on picking the best option. The fact that this needs to be applauded tells to the state of stupidity out there in gov and business. There is no reason to use an inferior CMS implementation.

• IBBoard

Tim:

No open source license (including the GPL) requires that you share your modifications — unless you actually redistribute the software to others. If you merely use the software for your own purposes, you are free to keep modifications private under the terms of the license.

Unless it is the Gnu Affero GPL, at which point any version that someone can connect to must have the source (including your changes) made public. Technically that’s because of a change in the definition “redistribution” in the license so that it covers “making available over a network” as well to stop GPL projects being used with major modifications and no returns.

Prokofy Neva: With regards “giving back”, see above – most licenses only trigger that condition when you share the code, and given that you got it for free in the first place then it isn’t exactly an unfair requirement.

As for the counters for cost, try the more realistic comparison of “initial tender, choice of project, development/licensing, consultants to maintain it, extra fees for additional features (probably at a premium for not having been defined at the start), and associated required license together with vendor lock-in” versus “selection process by administrator, consultants to maintain it, checks on code if you want to include additional plugins with no lock-in or other licences required” ;)

• http://www.chaordix.com Claudia Moore

While the discussion on “free” versus “realistic costs” of the Drupal technology is useful, we need also to ask what’s the value of how the technology is being put to use? When I hear Beth Novek and her peers speek about the White House’s open government and open platform commitment, I would encourage more focus on the ends not the means.

As Personne mentioned above – while it might show an encouraging shift in philosophy that the technology is open sourced, isn’t the real question whether the technology is being used to open up dialogue, collaboration, joint solutions with the public, private sector, other governments, peer agencies?

Consider that data.gov itself was a vital step to openness, but what made it valuable was opening up to a crowdsourcing competition for applications to make use of the data – apps for democracy http://www.appsfordemocracy.org.

• Tom

Ah, well it’s the government, it makes perfect sense that their web site shouldn’t work either. Now it can crash and we can be told a few more new excuses.

• http://members.apex-internet.com/sa/windowslinux apexwm

It’s about time other government offices starting using open source and Linux. Europe is way ahead of us in this regard, especially in the business world (many many European businesses and governments realize the tremendous benefits of open source), but I’m pleased to see this finally. NASA has been using Linux for years, but they also have a high demand for resources, and Linux is known to perform very well with high availability and number crunching. But, this article on whitehouse.gov is a pleasant surprise.

• Jack

@Prokofy Neva,

it seems you have no idea how websites are built. There’s no system that just works out of the box. A proprietary system would need just as much customization, to fit the specific requirements of whitehouse.gov, as did Drupal. Probably more since Drupal has orders of magnitude more ready-to-use modules than any proprietary system.

In any case, if they chose proprietary system, they’d have to pay just as much to the consultants to customize it. Probably even more since the pool of providers for a proprietary system is much more limited.

Both of your assumptions are false, therefore and you also seem to have a pretty unhealthy hatred towards open-source. For your information, government has been using open-source, in the form of all Linux servers it runs, for a very long while now. So it’s not like they are doing anything outrageous.

• R.T. McDonald

I applaud the switch to open-souce Drupal but now I’m confused. Wasn’t it the Obama administration that launched Drupal-based recovery.gov a day or two after his election? Then for “more transparency” they awarded a $9.5 million contract ($18 million if all options are used) to switch to a proprietary .Net system (as Tim pointed out, like Bush used for whitehoue.gov)? Something here just doesn’t make sense to me. Does one hand know what the other is doing in Washington?

• SteveF

Setting the record straight: I helped manage the WH.gov site as a contractor during part of the Bush years (2003-2006). At least during that time (and I know for at least a few years before I was there) we had a killer hand-rolled CMS running on… pause for effect… Apache, Perl, & PostgreSQL. It was an absolutely awesome system.

• http://tim.oreilly.com/ Tim O'Reilly

SteveF -

That’s awesome to hear. But FWIW, that was replaced at the very end of the Bush administration with a new content management system. I’ve only heard anecdotal information about it, but it sounds like it was quite expensive and very much less capable. That’s why I described it as a “parting gift.”

Of course, no one close to the action can go on the record, but I’ve heard bits from lots of people who should know.

• http://blogs.open.collab.net/oncollabnet/ Guy Martin

Tim,

This is very nice analysis of the situation, and I really like your take on a ‘code.gov-style’ collaboration area.

While I completely applaud the work that went into apps.gov, I also believe that we need something akin to what we at CollabNet are helping to build with ‘forge.mil’. The same sort of technology and community building expertise being applied to solve this problem for DoD can and should be applied to the civilian side of government as well. There is even an obvious ‘promote to production’ path possible from ‘forge.gov’ to ‘apps.gov’ once code has been vetted for full FISMA compliance.

There will be interesting authentication issues at first, but recent work in OpenID within government could provide an easier way to get both government and citizen participation going. I know from recent conversations I had at Gov20 events that the Open Source community definitely has the desire to participate in something like this.

• http://blackholelogic.com Kit Plummer

Really good to see the word “citizenship” be applied to the two-way street that is Open Source software – and promote the expectation that the Govies will actually contribute back, and participate as citizens.

Would love to see their contributions end up in the real communities, rather than a “framed” code.gov repo. Just put the stuff out at Github – we don’t need more community pools.

• Andy Lee

The HuffPo article is extremely misleading as to what the switch actually means.

====
The online-savvy administration on Saturday switched to open-source code for [sic] – meaning the programming language is written in public view, available for public use and able for people to edit. http://www.whitehouse.gov

[...]

Having the public write code may seem like a security risk, but it’s just the opposite, experts inside and outside the government argued.
====

This makes it sound like you or I can just change go into whitehouse.gov and change anything we don’t like. If I were a non-technical reader, I’d be alarmed at how cavalier the White House is being about security.

• SteveF

Tim, I should have been more clear. Not trying to rain on the parade; I think it’s awesome that Drupal, Lucene, etc. are getting some high-profile mentions. And I can’t comment on what happened in 2007-08 since I wasn’t there (& probably already violated some old NDA by mentioning the Apache- Perl- Postgres stack… oh well).

I also agree with your point about the WH gaining a lot of flexibility with the Drupal selection.

But 2 things concern me about the announcement. First, as a number of others have mentioned this seems like a clumsy attempt to get some “open gov” brownie points, and while Radar readers can see right through it I’m not sure WaPo and HuffPo readers can. That’s seems a little misleading and reduces the credibility of the administration a little.

Second, I generally get concerned by these types of announcements because they promote “me too” races by other agencies who could be directing resources toward higher priorities. We need only look at all the Recovery.gov clone sub-sites to see an example of this.

As a government contracting refugee I’m excited to witness the incredible changes happening in government. A lot of career government web pros were chomping at the bit to innovate, were already doing a lot of innovative things, and were already laying groundwork (e.g., GSA licenses with YouTube et al) for more innovation. The new administration finally provided the permission.

• Kevin Le

Tim, I think your thoughts are right on while the AP writer got mostly wrong in his article.

Drupal is very easy to install and get started on. But in the case of whitehouse.gov, it takes quite a few number of contractors and subcontractors as you said. I am sure there is a good reason for it. Who knows what code got modified or how much of custom code was added, but unless these modifications find their way back to the main development branch of Drupal, after future versions of Drupal, the source code of the main Drupal branch and the whitehouse.gov will be very different. When that happens, it won’t be easy to upgrade. This is not to say that’s impossible. But it won’t be cheap and it won’t be free. The WH media team more than likely would need to bring in the same or equivalent firms to do the upgrade. While Drupal is easy to deploy, no one would expects building whitehouse.gov to be a simple task. Otherwise why would it take that many firms to build it in the first place. So it is just wrong to expect any kind of upgrade after these modifications and custom code to remain easy, “can de done in the matter of days and free to tax payers” as the AP writer wrote.

• http://www.drupaler.co.uk Greg

Amen to the contributing point! This is a tub I thump in front of all of my clients. No, it’s not just being nice. You’ll save yourself MONEY. Because someone else will help you with the burden of managing and bug-fixing your product. Win, win.

• Rick

> able for people to edit

Is that English?

• Kenneth Gonsalves

only problem is if you switch to spanish on the site, there is no way to switch back to english.

• http://www.sanjeevg.com/ Sanjeev

I too am glad to see the US Govt giving OpenSource the platform to grow – this should help in getting the much needed funding to scale OpenSource products to enterprise class solutions. However I’m a bit concerned on the pace at which this’ll happen – Would hate to seem the recovery.gov story repeated

http://www.sanjeevg.com/2009/10/open-source-president-goes-drupal.html

• http://ilabra.org Ivan

Mr Orielly, you write that – “Giving modifications back to the Drupal community is the next breakthrough announcement that I’ll be looking for.”

The truth is this has been happening for almost five years. The US Government and specifically projects within DoD have been the single largest contributer in terms of dollars, and have put in lot s and lots of code back into the community.

These include the open id server and provider code, drupal semantic web code and lots of other goodies.

I even tried to put in a proposal to the gov 2.0 conf in Dc explaining how this happened and what the risks and issues were with “patron” projects inside the gov fire wall, and why success inside gov of open source and web style architectures is dependent on factors well beyond the technical capacity of a given product.

http://groups.drupal.org/node/9010

describes some of the work to date and ongoing

http://drupal.org/node/162356

is about the open id provider module sponsored by SPAWAR (the navy engineering command)

much of this work was in relation to Dr. Wells work, learnings from Strong Angel, Dr Rassmussen, and new ideas about open source, and sustainable development for ICT. Drupal was one community and project in this wider effort, which 5 years on results in tech transfer to the whitehouse (the loop will hopefully continue), of some of the more mundane cms style capabilities any modern web site ought be powered by…

not many people know this story, it doesn’t fit neatly in the 2.0 narrative. But you next big announcement was made in a small gov basement nearly a half a decade ago.

• http://tim.oreilly.com/ Tim O'Reilly

Ivan -

Thanks for your comments and links. DOD has been way ahead of the curve on contribution to open source, and there are lots of other pockets of government that are doing the same.

But the point of my post is that the White House is still not there yet.

There are lots of people who still feel that they need permission to contribute back to open source projects. Having the White House take a strong position on giving back to open source projects would have a positive effect.

• http://friendfeed.com/mikechelen Mike Chelen

There are several ways to give back to an open source project, including posting bug reports, writing guides, and helping discuss features.

While writing code is one of the best among these options, they are all quite useful to the community :)

• http://pingv.com Laura Scott

@SteveF, as one of the people who’ve questioned the open source/open government linkage (albeit one you possibly haven’t read or intended), I would question that the WhiteHouse.gov effort is some attempt at a symbolic gesture to bamboozle the public into thinking this means ipso facto open government.

They are somewhat related, but that link is pretty obscure, and I don’t think the very small minority of people in the country — let alone the minority of people in tech, frankly — who know what open source is would be confused by this. And the rest probably see the announcement as a minor tech news headline they glance at and move on from without a second thought.

But embracing open source itself in such a public way is a big step, imho. The DOD, pragmatic under all its politics, has embraced open source for years. But to have a political office — the highest in the land — trust its public face to open source means a lot just on its own, without any due or undue association with open government.

A lot of career government web pros were chomping at the bit to innovate, were already doing a lot of innovative things, and were already laying groundwork (e.g., GSA licenses with YouTube et al) for more innovation. The new administration finally provided the permission.

I’m scratching my head as to why this is a “concern.”

@Tim: Great post!

• Gernz Brütöl Bruff

This of course will be a BIG PROBLEM for the open source scene, as the zillions of security problems drupal has will fall back to the perception of all open source beeing so bad programmed.

Nearly every week another one of the real dumb security problems comes up with drupal or one of the modules, all of them are not really new, no, it is really extremely ridicolous to see drupal STILL have so many sec problems from the past that really are hard to find anywhere else nowadays. Of course the underlying problem is a total primitive and backwarded programming style that is hard to maintain and opposes every modern programming paradigm that evolved from 20 years web programming.

Of course open source is great and there are great tools – but this selection of drupal for this important site shows one more time that there are too many people out there who do not know enough about existing open source tools.

It is like you would build your new supercomupter with windows95.

They have very bad consultants.

• http://Itkino.com D I

Interesting that in the new apps.gov website, I found WordPress, but not Drupal.

• Seth

I just find it humorous that PHP is almost universally panned as a language (even when the argument is made that the programmer is what can lead to the common issues with the language) but the move to Drupal (written in PHP) is extolled without reservation.

• Keneth Nimmo

So now the Obama socialist whitehouse is attacking the capitalist pig Microsoft. Very impressive. First stealing from me to keep banks that should have gone under afloat, then stealing 30 percent of GM from the shareholders and giving it to the union, after that health care, now free enterprise. This administration sucks.

• Jack

This administration is garbage and not good for the country, Obama is a another Jimmy Carter

• Kawika

Awesome news. This is a huge victory for open source in general, and drupal in particular.

• Admiral Ben Derdondat

Well I guess Obama’s site was using Silverlight before, another open source project.

Anyway, carry on congratulating yourselves…

• Krishan Gopal

@Admiral Ben Derdondat

Silverlight is from Microsoft. You comment is like promoting silverlight under opensource.

• http://www.kaancan.co.cc patrik

woww :D

• http://GROUNDWORKCONTRACTORS.INFO jimkottar

I came across your site when this site is very help full. ,I’m very interested in this story. Thanks for this information.

• http://3dblogger.typepad.com/wired_state Prokofy Neva

Tim,

I marvel that you talked about videos and live chat. There is nothing remotely like that on whitehouse.gov even a year later!

There is no interactivity *at all*. You can fill out a form that looks like it was made in the 1990s (!), and it “goes nowhere” until you start getting White House spam in your email on various general topics. There are no polls, no “likes,” and of course no “forums”. There’s nothing to do but dutifully “virally spread” whatever propaganda is put up for that day.

While it might be unrealistic to expect the government to put up a forums on whitehouse.gov, there are other things they could do that let people know that when they send a comment or proposal, that they are being heard, and that they are in a context, i.e. a map showing other people who may have asked about the same topics, etc. Creativity could be put into really making this be REALLY open, instead of merely fetishizing the opensourcedness of it all, instead of looking at content.

Once again, I demand to know the cost of the consulting and maintenance of this supposedly “free” solution. We’re given all kinds of factoids in the transparency caper — let’s have this, too. Extensions and add-ons aren’t a reason to say it has such versatility when it has none except some techno shiny to click here and there and see a photo or video.

Open source is definitely not open government — that’s because it’s not open to start with as a governance system itself!
http://3dblogger.typepad.com/wired_state/2010/11/10-reasons-why-you-dont-want-to-adapt-geek-open-source-culture-even-if-you-use-open-source-tools.html

Of course it’s a concern, Laura, you’re just not looking beyond the tiny clique of tekkies that you reference admittedly.

Jack, spare me the condescending arrogance I so often hear from geeks. Duh, I know how websites are made. Herrr, I use Drupal myself at various jobs. I’ve seen systems put in at various settings. I’ve seen how Drupal takes ages and ages and has numerous problems and customized proprietary solutions simply take less time and have less surprises. (There are some VERY big places in Silicon Valley that have had some really awful and expensive experiences with Drupal, perhaps you simply haven’t heard.)

This silly notion that “ready-to-use modules” really work and aren’t buggy and aren’t in fact inappropriate sometimes is simply belied by Drupal forums themselves.

A proprietary system and its consultants comes from a company with people who show up for work on time, who have a bottom line to consider, who look for a profit, and who have systems in place for billing, tech support, etc. None of that is present in the open source movement that just does whatever it feels like, and relies on unreliable “communities” to help the occasional paid consultant.

*The user* cannot access these arrogant freaks who will only talk to other geeks and scorn ordinary people complaining about their software. The consultants on open source projects I’ve seen become utterly obsessed only with their problematic software, never looking to the user problem because they just aren’t schooled to care. A proprietary software solution company comes in usually on a bid, and has a full-services solution that includes user training and troubleshooting.

It doesn’t matter if the government, like big IT that vacuums up your free open source products, has Linux. So what? That doesn’t make Drupal less cumbersome or the essentially open source shill less phony. That old tiresome “you’re soaking in it” argument is about as lame as telling someone they couldn’t criticize Bush because they lived on Platform America.

The *user does indeed matter*. I have used at least 6 types of CMS systems, open and proprietary. There is no *question* that a commercial online system like Typepad is simply easier to use and has more help; after that, comes a proprietary solution in a workplace setting that might only be available on a limited time basis but is more reliable; and definitely third place is the open source software and its uneven pools of consultants with their open-ended meter running and balloon payments always waiting at the end of every project.

• http://ep0ch.net/ Jason Merlin

Tim,

This is very nice analysis of the situation, and I really like your take on a ‘code.gov-style’ collaboration area.

While I completely applaud the work that went into apps.gov, I also believe that we need something akin to what we at CollabNet are helping to build with ‘forge.mil’. The same sort of technology and community building expertise being applied to solve this problem for DoD can and should be applied to the civilian side of government as well. There is even an obvious ‘promote to production’ path possible from ‘forge.gov’ to ‘apps.gov’ once code has been vetted for full FISMA compliance.

There will be interesting authentication issues at first, but recent work in OpenID within government could provide an easier way to get both government and citizen participation going. I know from recent conversations I had at Gov20 events that the Open Source community definitely has the desire to participate in something like this.

• http://www.acnedietsreview.org Anthony

I know sadly little about Drupal. What I do know is that it is a very versatile platform. Maybe its natural security is questionable, but anyone experienced or security conscious can easily make tweaks or find someone else to do so in order to make it more secure. The way it was described seemed consistent with the policy we’ve had for a long time. “Keep up appearances and work behind the scenes.”

• http://www.bestcookwaresetsreviews.org T. Mason

Drupal is a very powerful system as such I can understand why Whitehouse.gov would want to switch to Drupal.

• http://vitamincfoods.org/ Elizabeth Holmes

Just my humble opinion, heard Drupal is a very powerful and secure system and it should be wise of the Whitehouse to have to use it for its powerful and stable features.

• stan_in_usa

Sounds great, but BSD Unix would also have been a nice choice.

• http://bluelighttherapyreviews.com Angeline S

I do agree that Drupal system is a powerful one and it is a reliable choice that the Whitehouse would want to use.

• http://www.howtogetridofhemorrhoidsnaturally.org/ Jason Brown

Yeah despite Drupal system is a powerful system but it is also quite complicated especially for beginner. With proper training and education, everyone should be able to handle it. Other than that everything is very good about Drupal.

• http://new-acne-treatment.com Daniel Obrien

Drupal is one of the best platform currently with lots of features, but i think there must be specific reasons for using drupal by the government. As they said its must be done for making the site more secure i guess.

• Asad

Love for drupal

• http://www.bestlawnmowersreviewsratings.com/ Michael Smith

To what I know Drupal is a very powerful platform with varied features that are useful for security and a host of other purposes.

• http://www.howto-getridofbackacne.org/ S. Jones

Can’t think of a better platform other than Drupal for govermental security.