I love the discussions on this topic:<p>"It will probably cost more in the long run."
"The NSA will just crack it and spy anyway."<p>So many people with the attitude that countries that find out their tech partners are actually performing espionage on behalf of the US government (and US security partners) should just tolerate it rather than do something about it.
If a country is big enough to have an air force then it is big enough to do something on its own about securing government communications.<p>How hard is it to write an email client?<p>With some calendar?<p>Is it complete rocket surgery or something in the realms of feasibly possible?<p>Wasn't gmail some 20%-er time by a couple of guys at Google? I don't think it took years or billions to get up and running.<p>I think you could have a tidy and secure webmail built by half a dozen people randomly chosen from Hacker News in six months. Sure it might not be as all singing and dancing as the oh-so-wonderful Microsoft Outlook but then again it might actually be better for the task in hand - facilitating communication for a government. Sometimes people have got to try rather than be all helpless. I am all for software re-use, open source and everything else deemed good software engineering, but, for a government wanting to keep their communications private some consideration has to be given to 'how hard can it be to write an email client?'
At least, that's an excuse to ditch proprietary solutions. I could back that up. But the source will probably be closed (as the voting machines, for instance), so I don't see any gains there, other than jurisdiction.<p>It probably won't do much for security though. If anything, vulnerabilities will be more likely. The only thing they've got for it is securing the physical comms. But even if the US (or any other superpower) doesn't compromise them, there are other ways of extracting the data.<p>And this being SERPRO, they'll likely use cutting edge technologies such as MD5 and DES.
Apparently this is the software currently being used to replace Outlook: <a href="http://www.expressolivre.org/modules/conteudo/conteudo.php?conteudo=3" rel="nofollow">http://www.expressolivre.org/modules/conteudo/conteudo.php?c...</a>
It would be nice if the Brazilian government adopted and helped to improve an existing open source solution (may I recommend Kolab?) instead of falling prey to NIH.<p>As others have mentioned, PIM is <i>very difficult</i> and if it's done wrong, you end up with metadata leaking across the Internet, security flaws, etc.<p>If the real issue is with the inability to see the source then open source is better than "Brazilian government"-proprietary, as the NSA could simply hack the source code repository, CIA could plant an insider, the list goes on. You could have someone whose job is to audit the integrity of the archive, but who watches the watchers? With open source the problem is simpler: everyone can watch the source code archive.
I would like to see how this turns out considering how miserably the US's Healthcare.gov site has been going. It sounds like the Brazilian govt. is using an internal group (the Federal Data Processing Service [SERPRO]) to do this, while the US sourced the work to a domestic company (CGI Federal.) I've got a gut feeling that Brazil's email system will fare better than our Healthcare.gov site.<p>Article about SERPRO launching their cloud platform. <a href="http://www.zdnet.com/brazilian-government-launches-own-cloud-offering-7000020738/" rel="nofollow">http://www.zdnet.com/brazilian-government-launches-own-cloud...</a><p>Some random info about the Healthcare.gov devs: <a href="http://www.washingtonpost.com/blogs/wonkblog/wp/2013/10/09/healthcare-gov-was-originally-built-in-a-garage/" rel="nofollow">http://www.washingtonpost.com/blogs/wonkblog/wp/2013/10/09/h...</a>
LOL.... BIG LOL! Only who lives here in Brazil should know that software engineering skills is not the requirement to be accepted in SERPRO team. And, considering the corrupt chain of outsourcing related to most of IT projects here, maybe would be safer for us to stay being spied by NSA and other agencies.
This is great. If service providers lose business because of cooperation with the NSA, then it's just a matter of time until those service providers have a compelling reason (Capitalism) that Congress, etc. can get behind.
I find it great that my country (Brazil) is not so mindless about technology. I hope that this anti NSA moves sparks an actual development in the industry here.