I am a public school teacher in a large urband district. Our board requires us to have vendors (such as OBS) complete a form so we can have permissions to download approved software to our school-owned devices. For me, I will need OBS downloaded to Windows. Can anyone help? Here is the form needing completed from OBS: https://docs.google.com/forms/d/e/1FAIpQLSdy-s3WOmeOJxuMUKqVRBzA1alolWI0xtiAnRsZoNoCXLIBwQ/viewform
Digital Review Needed from OBS
- Thread starter jpstivers
- Start date
John Hartman
Member
The link you posted says
The questions on the form seem more appropriate to a multi-user program running on a server than something on an individual PC like OBS.
OBS is free, open source software, developed in large part by volunteers. Asking one of those volunteers to spend time filling out a form like this seems a bit odd.
And the form says
But you don't need to provide any such information in order to install and use OBS. You chose to make an account here to post your question, but you don't need to do that to install use OBS. So it isn't clear that this requirement should apply to OBS.
The questions on the form seem more appropriate to a multi-user program running on a server than something on an individual PC like OBS.
OBS is free, open source software, developed in large part by volunteers. Asking one of those volunteers to spend time filling out a form like this seems a bit odd.
And the form says
"Enter into a contract" is not a trivial thing; nor is the million-dollar insurance that vendors need to have.
Lawrence_SoCal
Active Member
Installing random software is a good way to get hacked. So any enterprise with a reasonable security policy would have a process to vet what gets installed in its environment
Open Source software, without a corporate licenses/support version (think Red Hat Linux) falls into the gray area, that some enterprises (and certainly less technically-inclined education institutions) won't have taken into account up front.
So, jpstivers, you can fill out the form as well as any of us other volunteers. And likely many of the questions won't apply to something like OBS. Sorry, for basic security reason, I don't open up random URLs so I won't open that Google Doc to check it
My suggestion would be to go back to your District IT Department and ask what the process is for well-known Open Source software?
That said, to John Harman's point, there is typically 2 ways to install software
1. the 'traditional' approach requiring local admin rights .. and where Organizational IT can prevent undesired installs (user doesn't have local admin rights)
2 and then software than does NOT require admin to install and exists strictly within a single user profile space (ex. Chrome using this method to work around restricted user rights)
OBS has a portable install method that does NOT require local admin rights. But I'm not advocating ignoring your district policy (which exists for a good reason). Its just that policies are written for a generic use case, and free open-source [FOSS] doesn't fit neatly into that bucket. Depending on your district's policy strictness on complete supply chain security, and possibly whether you can find someone in IT who already knows OBS and would be willing to vouch for it, you may be stuck. For higher security environments, FOSS often doesn't fit/work.
The reality is that lots of places use OBS, but it is trust. I'm not aware of an on-going independent certified security audit of the source code [there may be such, but I haven't heard about it].
Open Source software, without a corporate licenses/support version (think Red Hat Linux) falls into the gray area, that some enterprises (and certainly less technically-inclined education institutions) won't have taken into account up front.
So, jpstivers, you can fill out the form as well as any of us other volunteers. And likely many of the questions won't apply to something like OBS. Sorry, for basic security reason, I don't open up random URLs so I won't open that Google Doc to check it
My suggestion would be to go back to your District IT Department and ask what the process is for well-known Open Source software?
That said, to John Harman's point, there is typically 2 ways to install software
1. the 'traditional' approach requiring local admin rights .. and where Organizational IT can prevent undesired installs (user doesn't have local admin rights)
2 and then software than does NOT require admin to install and exists strictly within a single user profile space (ex. Chrome using this method to work around restricted user rights)
OBS has a portable install method that does NOT require local admin rights. But I'm not advocating ignoring your district policy (which exists for a good reason). Its just that policies are written for a generic use case, and free open-source [FOSS] doesn't fit neatly into that bucket. Depending on your district's policy strictness on complete supply chain security, and possibly whether you can find someone in IT who already knows OBS and would be willing to vouch for it, you may be stuck. For higher security environments, FOSS often doesn't fit/work.
The reality is that lots of places use OBS, but it is trust. I'm not aware of an on-going independent certified security audit of the source code [there may be such, but I haven't heard about it].