A hat tip to Spaf for this one. Hillary Clinton held a town hall for State Department employees recently, where a recent transfer from one of the intelligence agencies asked why they couldn’t have Firefox, which was approved by NSA for use in the intel community. Secretary Clinton turned to one of her aides, Patrick Kennedy, who replied that they had to look into the budgetary issues. This drew cries of “but it’s free” from the crowd, which then got the “nothing is really free” explanation.
Clearly, you don’t have to actually know anything about managing IT to write about it for these publications. There is no such thing a “free” software, if by that you mean that the total cost of ownership is zero. Here’s what it takes to deploy Firefox to tens of thousands of desktops:
- Decide what lockdowns you need in your environment and build a local build of Firefox that implements.
- If you care about plugins, include in the lockdowns a restriction that plugins come from a local repository of approved ones.
- Package it.
- Distribute it.
- Support it.
- Rinse and repeat for each patch release.
What you can’t do in an environment where the user desktop is a managed resource is have users download and self-maintain a complex security-sensitive piece of software. I’ve worked in organizations that decided that the costs of doing the above was worth spending. But there was no illusion that supporting Firefox was free. Even a “best effort” support model requires people to execute it.
One encouraging note was that lots of IT professionals gave these articles the comments they deserved.