Slashdot Mirror
Open Source a National Security Threat
n3xup writes "Dan O'Dowd, CEO of Green Hills Software, suggests that open source software has the capability of being sabotaged by foreign developers and should not be used for U.S. military or security purposes. He likened Linux with a Trojan Horse- free, but in the end a lot of trouble. O'Dowd thinks that unfriendly countries will attempt to hide intentional bugs that the Open Source community will have no chance of finding."
Understand the source perspective before you draw opinions. Green Hills is under threat from Linux due to the embedded software being integrated in more Government system. GreenHills is (was?) a large player in government based Embedded Operating Systems. I imagine you will see a similar stance by WindRiver maker of the popular Realtime Embedded OS VXWorks.
The threat comes from the length of time on some large government projects. Some systems have been around longer than you and me. In the proprietary world, your whole project is dependent on a set of companies staying in business for 30+ years. Now with Linux, you're no longer dependent on that string; you can leverage off the community providing updates or if necessary you as the developer can make the changes. Most people fail to say this with Linux; everyone just says hey it's free and cheap. But if you really want to sell Linux, try saying that your entire project doesn't fall on another proprietary solution, we will have the source code in hand - people will listen.
It's easy to retort GreenHills FUD by saying all changes will be baselined and a change control board will review any updates (easy enough huh).
While he has some great points, I think it's unlikely that al qaeda is likely to be able to plant a dibilitating bug - much less a backdoor or other serious security malware (mal-feature?) into anything that we have the NSA look over.
So that puts it down to Osama Bin Laden doing his best to fuck up linux, and only succeeding in placing a few periods where commas should be in the documentation. Yeah, that's worth his time and trouble. Ya sure Ya betcha.
Shouldn't this article immediately point back to other articles on
m l
how governments OUTSIDE the US are choosing open source for exactly
the same reason (who knows what M$ + NSA put in the closed windows
source that might hurt other nations)?
[World Govs Choose Linux For Security & More]
http://slashdot.org/articles/01/12/11/0132213.sht
How could you keep the bug from ever being found? I'm sure someone would eventually see it.
Better replace that open source nasty TCP ASAP then.
Omnis amans amens
We've seen this topic here before.
Remember this guy? He also wrote "Linux Security: Unfit for Retrofit" ( http://www.ghs.com/linux/unfit.html )
This was covered by LWN back in May: http://lwn.net/Articles/83242/
IIRC, GHS does development on embedded XP stuff? I don't remember the details...
Yeah, can't trust those commie FOSS developers. Instead, lets invest in "America", lets give money to companies who develop software overseas anyway!*
*We wanted to buy software from only American developers, but we couldn't afford it.
In the future, I would want to not be isolated from my friends in the Space Station.
" bugs that the Open Source community will have no chance of finding"
LOL yea, right
Nathan Friedly
already found new places to spread their FUD, now that everybody just starts laughing when they open their mouths?
suggests that open source software has the capability of being sabotaged by foreign developers and should not be used for U.S. military or security purposes
This is just a variation of the same old anti-OSS argument, being tied in to the anti-terrorism paranoia by some schmuck looking for his 5 minutes of fame.
Nothing to see here, move along....
Some embedded Linux providers even outsource their development to China and Russia.
GASP! Some XYZ providers even outsource their development to ABC and DEF (insert your favorite company and terrorist sponsoring country where necessary).
It would be incredibly naive to believe that other countries and terrorist organizations would not exploit an easy opportunity to sabotage our military or critical infrastructure systems when we have been doing the same to them for more than 20 years!
I think it has been proven that closed-source development doesn't help to change the possibilities that a "mole" has been planted or that a "hole" will be discovered.
One of the greatest misconceptions about Linux is that the free availability of its source code ensures that the "many eyes" with access to it will surely find any attempt at sabotage. Yet, despite the "many eyes," new security vulnerabilities are found in Linux every week in addition to dozens of other bugs. Many of these flaws have eluded detection for years. It is ridiculous to claim that the open source process can eradicate all of the cleverly hidden intentional bugs when it can't find thousands of unintentional bugs left lying around in the source code.
And it is ridiculous to claim that a closed development enviornment will make it any different.
In addition, under the internationally recognized Common Criteria for IT Security Evaluation (ISO 15408), Windows has been certified to Evaluation Assurance Level 4 (EAL 4), a higher level of security than the EAL 2 that Linux has achieved.
According to this article, obtaining EAL2 certification typically costs between $400,000 and $500,000. Looks like it is more money than security. In their infancy, why would Linux vendors decide to shell out large sums of money when the government wasn't interested in using Linux anyway?
This whole article is FUD. He's annoyed because Linux is making leaps and bounds and will possibly affect his market-share in the lucrative Defense and Aerospace industries. At least he came out and said it on his own legs and not by paying off a third party to "investigate" the "problems" with Linux and post their results to the world.
History shows that closed-source applications are not immune to tampering by third parties. For example, viruses exist for all major closed-source operating systems.
O'Dowd thinks that unfriendly countries will attempt to hide intentional bugs that the Open Source community will have no chance of finding.
At least the bugs will have thought and purpose behind them. Unlike Windows, where the bugs are the result of a complete lack of competency....
Of course, I disagree with the supposition in any case....
"All great things are simple & expressed in a single word: freedom, justice, honor, duty, mercy, hope." --Churchill
Isn't that the whole idea of open source? The guys working for our government can see the source code. Either this guy is clueless or working for someone with a vested interest.
On the flipside, what is to prevent our government from doing the same thing? If the "enemy" can insert malicious code, why can't our government?
So a closed source, proprietary OS, probably written overseas, is better how?
Or is everyone working for Redmond a US Citizen with a security clearance?
Maybe a Trojan horse with windows(not windoze) all over it, so you could see inside and see what (if anything) is waiting for you.
Remember you have the source and all bugs are shallow with enough eyes, this applies to evil code as well.
M$ windoze is the real trojan horse. The one you cannot see inside and not only that, is being forced upon you.
Yeah - Because we should let our own homegrown idiots hide bugs in the software. I guess they never heard of Tim McVeigh over there in the green hills.
Governments should not use OS without a proper security audit. Once you can verify the nature of the code, there should be no obstruction to using it.
Downmix - The Artscene News Source!
...with really big glass windows. All you need do is open your eyes to see what's inside.
IIRC, China has seen the source code to Microsoft Windows, whereas the U.S. government hasn't.
I think that's a pretty large security threat right there...
InThane
...ganda
Another man who speaks the awfull truth...
It's time we all put our superior software and ideologically correct ways of doing things to rest.
(We don't want them to find out we have been joking all along, do we?)
Dependency hell? =>
What if a terrorist gets a job at a software company? Where's the hope of catching the bugs then? It seems to me that closed-source software is more susceptible than open-source.
> Shouldn't this article immediately point back to other articles on
how governments OUTSIDE the US are choosing open source for exactly
the same reason (who knows what M$ + NSA put in the closed windows
source that might hurt other nations)?
Also, are they assuming that they should just trust whatever's in a closed source package?
What makes FOSS harder to check than ECSS?
Sheesh, evil *and* a jerk. -- Jade
Eisenhower warned us about these chumps.
I think it is much more likely that open source software will sabotage Green Hills Software.
- For the complete works of Shakespeare: cat
Didn't people find jabs taken at Netscape by IE devs? If they could have hidden their jabs, how easy would be to hide a simple buffer overflow vulnerability? Very easy. Of course, no one but the malicious programmer would know! Not to mention how safe is to outsource your development to India. Is a n underpaid dev in (insert random outsource target country here) safer in a closed source system than an open source dev who's work can be and will be seen?
One Word NSA....If it was so bad the NSA would not have their own version.
Got Code?
Of course, tricky agents of foriegn governments would never slip purposeful bugs into closed source software, only open source, since no one foriegn works on closed source, erm. Uh, Nevermind.
All your desktop microphones, webcams and email programs are belong to us if you use Linux. Use Windows for your military. (I'm having a hard time keeping a straight face, so I'll stop right here.)
And "unfriendly countries" would never be able to get one of their agents hired at a commercial company?
If they did, how would we (the buyers) know whether our closed source software was trojaned?
There are risks either way. At least with open source there's a much greater chance that such shenanigans will be caught.
Of course, Proprietary Software is, again, under the same risks. Especially given the massive trend towards outsourcing (which has few quality controls and little oversight) and replacing skilled employees with H1Bs. In fact, with proprietary software, it's even worse - you don't have a community of eyes that can look over the code and possibly find the trojans. They'll never get found.
It's not terribly shocking that a CEO of a software company might say this. What i'm worried about is when Microsoft is against the wall and pumps billions of dollars into congressional lobbying to get Open Source labeled "terrorist tool". Think they won't? Put an animal against the wall and in danger and you will see ferocity never imagined from that animal. See also: Survival Instinct. Write your congress persons now. Do not wait. Be polite. Get your facts straight. Do not rant and rave. Write and write again. Call. Now is the time.
Now then.. last time I checked alot of the new bugs found in Windows were revealed by geeks... the type of geeks who make open source in many cases.
I think I'd rather put my trust in someone doing it for the pure love (hate) of (bad) software, then someone doing it for money and no love at all.
I like muppets.
The U.S. government and military will be brought to their knees by...Finland?!
O'Dowd thinks that unfriendly countries will attempt to hide intentional bugs that the Open Source community will have no chance of finding
...for all of about 15 minutes... but by then someone will have released a patch.
He's right. The Open Source community will not find these "terrorist bugs"...
The only way I could see this happening would be through apps... but if ANY military groups were to use random apps without checking them out first, then they probably get what they deserve.
The main things to worry about would be the kernel, driver modules, x.org, and the rest of the things that make up the "Core" functionality of Linux. And those have such stringent (usually) controlls over what goes into the actual released product that the possibility of that sort of rampant code corruption is negligent...
Then again, this was never about facts or truth...
he did it all for the nookie... tha nookie...
"Our funds have never taken part in toxic or death spiral convertible financings of any sort" -BayStar's managing partne
Dan O'Dowd, CEO of Green Hills Software, suggests that open source software has the capability of being sabotaged by foreign developers and should not be used for U.S. military or security purposes.
Urmm , so what operating system do you use then Dan O'Dowd? and which newspapers and websites do you read?
You're obviously using a closed source operating system that is free of viruses, worms, holes and other security problems. What might this mystery closed source operating system that you are using that doesnt pose a threat to the nations security?
Electronic Music Made Using Linux http://soundcloud.com/polyp
Is he trying to tell that terrorists are better programmers than rest of the world?!?!? Is the non open source software any better if we are also getting thousands of exploits on that? I think he should seriously reconsider his analysis (if he did any).
While people argue against security by obscurity, the limited access to closed software makes it much easier to vet the contributions of the developers. It's practically impossible to take something that wasn't explicitly designed for security and make it secure. Windows got a rewrite -- perhaps it's time for Linux to get one too?
Try not. Do or do not, there is no try.
-- Dr. Spock, stardate 2822-3.
"Until Linux is certified to DO-178B Level A." Notice the Until. There is no reason that Linux could not be certified DO-178B Level A. If Linux is going to be used in "Life critical" situations it should be certified just the same as any other OS. Frankly Windows NT should have been held to that standard. If it had the Yorktown would not have been dead in the water because of an error in a SQL server. Yes the SQL server should also be test to that level as well is peoples lives depend on it.
The other question is with a closed source program how can you be sure that it does not have a backdoor in it? At least with Opensource you can check the code. I would hope that the people in the NSA and DOD do check the source for their build of Linux.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
The CEO of ACME Coal Power thinks that Nuclear Power Plants could be sabatoged by terrorists and pose a national security threat.
As if those same evil people couldn't just as easily have someone working within a closed-source software vendor... Only difference is how long it would take to uncover the hidden bug.
It would have to be an improvement.
I am very small, utmostly microscopic.
Imagine a large company making critical software for 95% of boxes. Imagine a major attack on that companies HQ! Imagine the chaos when there's nobody to issue patches for the next big virus/worm/trojan to attack said system!!
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
It is ridiculous to claim that the open source process can eradicate all of the cleverly hidden intentional bugs when it can't find thousands of unintentional bugs left lying around in the source code.
Yet OSS is good enough to run his web site on?
"I hate to advocate drugs, alcohol, violence or insanity but they've always worked for me" - HST
I have worked with one of the large government labs in the US that does development on weapons systems. One of the things that they have to do before they deploy a software system is go through the object code byte-by-byte to make sure their compiler did not insert any trojans into the compiled system.
Tell me again how having the source for the compiler and OS you're using would make that job harder?
Truly nothing to see here, folks. Just empty FUD that has been discredited.
Open Source is no more vulnerable to foreign developers sabotaging the code than closed-source software. After all, closed-source companies offshore to other countries, and hire foreign-born developers here.
Are all of Green Hills Software's developers born in the U.S.? Were their parents born in the U.S., too?
Gotta be careful about divided loyalties...
This should be from the "If-you-can't-with dazzle-them-brilliance-baffle-them-with-bullshit" department.
O'Dowd thinks that unfriendly countries will attempt to hide intentional bugs that the Open Source community will have no chance of finding.
If the source is open how can there be no chance in finding bugs or whatever else they wish to put in the source?
This is clearly FUD to protect their market from the steam-roller known as FOSS. Security through obscurity is already proven faulty.
I create RTOS OSes and Tools. Linux is moving into the RTOS market. That sucks. Most of my key clients are goverment, that also has the best margin. If Linux was insecure then I'd be okay, therefore I need an reason it is insecure.
Oh I know, because anyone can edit the code then anyone can put in a patch that could be compramised. Just look at the MyDoom virus today, that is a classic example of how closed source is much better from a security perspective.
Personally I'm not sure Linux would be a good RTOS at the very real time edge, there are some pretty specialised threading and timing elements down there. But he couldn't say that because no-one would bother listening.
An Eye for an Eye will make the whole world blind - Gandhi
The fact is that Green Hills products are no more secure, and may well be less secure, because they don't have the "many eyes" looking at their source code. We've had trojan horse attempts in Open Source software. They get caught quickly. But even if the source is disclosed, nobody outside of their tiny company has an incentive to do productive work on the internals of a Green Hills operating system in the way that people who modify GNU/Linux do. And security audits by such a small company can't catch everything.
The best example of this has been the Borland Interbase database. This was used for airline reservations, and had a trojan horse buried in it for 6 to 9 years while it was a proprietary product. The door could have been found by anyone who did an ASCII dump of the product, but those who did kept it secret, and probably took a lot of free flights. An Open Source coder found the door some months after the database went Open Source, and had an incentive to report it - at that point he was one of the people doing productive work on the database and only wanted it to work better and more securely.
This "black hats" (people who are motivated for bad purposes) vs. "white hats" (good purpose) phenomenon is important to consider when you evaluate the security of Open Source. Generally the only people who would look for vulnerabilities in proprietary software, outside of its manufacturer, are looking to exploit them! This is hardly the case with Open Source.
Thanks
Bruce
Bruce Perens.
I took a brief look at their website. It looks like the company specilizes in embeded systems. Mainly military systems. I have to think that this wouldn't be an objective article.
I understand that the military needs to be protectionist with its weapons. I'd think that OSS would make them feel more secure. I don't want the US military to be using Red Flag Linux on all its servers. (I'd hope that they'd be a little brighter than that.) It's the main reason that other countries don't want US MS to be in their military's computers.
I seem to remember a few years ago (possibly after 9/11, but I'm not sure) there was an incident where an employee of a company that has a governement contract to write software that manages government infrastructure was suspected of terrorist links and so they had to spend tonds of time seaching through the code to make sure the suspect had not programmed a back-door into the system. (I might be misremembering the details here, but that was the gist of it) it seems that closed source is a lot easier to hide things away than open source.
http://www.popularculturegaming.com -- my blog about the culture of videogame players
The Department of Homeland Security told me not to use closed source Internet Explorer, or else I'd be leaving my computer open to terrorists. Now Green Hills is telling me that by using open source Mozilla, I'm leaving my computer open to terrorists!!!!
WHAT CAN I DO!
It seems like everywhere I go people are using the politics of the moment as a crutch.
If guns kill people, then CmdrTaco's keyboard misspells words.
Standard FUD.
CEO of a software company eh? Well he must be on the up and up then! No way he could possibly be badmouthing linux because he has a vested interest in seeing more windows boxen eh?
Theres really nothing new here. First he talks about the "number of Linux vulnerabilities", of course no distinguishing between core "linux" and the plehtora of other applications out there. Maybe we need to look at the ratio of security issue exposed software, daemon applications and the like, to the number of vulnerabilities? lets face it, for every network service, everybody and his brother has written a server for linux that speaks it. Guess what, yah thats alot, probably even alot more than windows by far.
Then he goes on to what sound to me like obviously embedded systems. Aircraft controls etc. So we are going to count security bugs in ftp servers against a system thats never going to be connected to a network, much less run an ftp server in the first place?
I agree with him of course, Linux should not be used in applications that require certain certifications until it has those certifications. Wow, big revelation there. Earth shattering even.
All in all this is a stupid article written by someone who is either a) stupid enough to not realise that his arguments are pointless or b) someone trying to attack linux for his own financial interest or maybe c) both of the above.
Thats a good poll, What is it, a, b, or c?
-Steve
"I opened my eyes, and everything went dark again"
Having the "capability of being sabotaged" is still better than already beeing sabotaged (like MS-products, obviously, are).
Titus
Dan O'Dowd doesn't have a clue. He is ignorant (willfully or otherwise) of the Open Source truism that "many eyeballs make all bugs shallow" (Eric Raymond).
Contrast this with proprietary closed source. In that environment, it is easier for a terrorist mole to introduce a trojan horse that won't get much inspection on its way onto millions of systems.
The game of Go (Igo, Weiqi, Baduk) has the simplest concept and the deepest play.
The number of companies and "research" groups against Open Source seem to have spiked suddenly. Perhaps these companies are facing threat of extinction already ?
Historical and empirical evidence suggest that hiding intentional bugs a.k.a backdoors is in closed source software is far more dangerous and easier to get away with...
i.I thought we had covered our tracks completely while making windows dangerous for data...
With M$ allowing foreign countries access to the windows source code through their policies, I see windows as a much bigger threat. China, India and the former USSR have all signed up under their developers program. Coupled with the increased use of outsourcing in the aforementioned countries you'll see windows programs that are more likely to contain back doors and such so that if we ever get into a conflict with India or china, one command and all these windows programs will come crashing down. Kind of like the USN ship that was using NT 4.0 for their engine controll software. One divide by zero error and the ship had to be towed back in to port (true story). Just look at how fast vulnerabilites in the open source community are addressed compared to how long it takes M$ to correct theirs. Just a thought!
I think that the DoD should treat open source the same way as it treats ALL software, regardless of the where it comes from.....untrusted until it is reviewed and the risks are identified and mitigated. Why the analysis process would be any different for a proprietary app vs. an open source app makes absolutely no sense to me.
I'd also like to see these so-called "DO-178B Level A" certified operating systems. I wonder what kinds of software has been written to run on them? Is there a GUI toolkit, basic tools, etc? Or maybe Mr. O'Dowd would prefer that the government pay his company to provide that?
"No Comm, No Bomb"
(who knows what M$ + NSA put in the closed windows source that might hurt other nations)?
Cryptographic code for a start.
---
It's wrong that an intellectual property creator should not be rewarded for their work.
It's equally wrong that an IP creator should be rewarded too many times for the one piece of work, for exactly the same reasons.
Reform IP law and stop the M$/RIAA abuse.
becoming the tool for foreign born terrorist geeks to bring our defense down, because we all know how dangerous young pasty white geeks with glasses..
But lets give Accenture billions of dollars to build a major federal IT contract to secure the nations boundaries when they happily turn around and outsource the project to pasty white (or brown for us poor indians) geeks with glasses and pocket the rest of the profit.
Because we all know, Bermuda based Accenture is obviously an honest corporation with its best interests that are aligned with the rest of the nation.
Rapid Nirvana
O'Dowd, Could you yell that a little louder. I can't hear you over all ther _rest_ of the FUD.
Thanks!
INSERT INTO comment VALUE('Doh!') WHERE user='you';
Who needs to sabotage code when we have GHS tools to do it for us?
I spend more time re-writing their code than writing my own.
Open Source Drum Kit, LPLC deve board - mjhdesigns.com
testing!
Lasers Controlled Games!
Makes it sort of ironic when ghs.com runs
NetBSD/OpenBSD Apache/1.3.29 (Unix) PHP/4.3.3 7-Nov-2003 63.102.70.69
according to Netcraft.
I wish my mod points hadn't expired!
The website is apparently Design News yet the background is one of the worst pieces of design I've seen. A very thinly striped background that strobes horribley when you scroll.
Yuck!
The author compares Linux to the Trojan horse. But the story of the Trojan horse isn't meant to point out the risks of accepting gifts. It's meant to point out the risk of accepting a gift, and failing to inspect it properly. It's ironic that the Chinese are adopting Linux because of the threat of a trojan horse in Linux. They seem to have learned the lesson of the horse, because they have picked an OS that can be inspected properly. Windows can't be inspected in the same way. Yes, I know about "shared source" but I haven't read where MS C++ .NET is a part of that. You have to be able to examine the entire tool chain, or you haven't looked inside the horse.
No weapon in the arsenals of the world is so formidable as the will and moral courage of free men.-Ronald Reagan
If this is a security issue, then the government should definitely not buy closed source from any software company that uses any offshore (non-U.S.) programmers. Who knows what those offshore programmers are inserting into the closed code. Of course, that rules out just about every large closed source maker in the world as I'm sure most have some non-U.S. development groups.
Two wrongs don't make a right, but three lefts do.
um, okay. lets see....Microsoft's operating system is probably developed in India. So, the problem is?
Well, he said it all, so it must be true; even though he backs it up with nothing. This is so wrong on so many levels I don't even know where to begin. His assetions are hardly worth addressing. Therefore, pure FUD.
Ok, I'll bite just once: I doubt there is a single weapon system procured by the DoD in the last 10 years that does not have a subsatantial portion of it outsourced overseas. Most procurments now require some % of it, by contract.
Research shows that 67% of those who use the term "research shows", are just making shit up.
That was my first reaction upon reading the opening sentence on /. - reading the article didn't change it one bit.
Correction to the OP's assertion that this is what the GH CEO thinks. We have no iea what he really thinks about this; we only know what he says. And what he says seems as likely to be about protecting GH's interest as protecting the national interest.
I'm not accusing him of being treacherous or anything. I don't doubt that he thinks GH software is good, and therefore good for the nation, you, me, our families, pets, neighbors, fire ants, and everyone else.
And he could really think what you think he thinks, but there's no way to know from this article. It just tells us what he says.
Absolutely, We all know that the programmers and testers of MS products goes through and bug-proofs their code much better than Open-Source can ever hope. {Lord Bilbo is choking on his tongue just for "saying" such a thing.} :)
I have a bumber sticker in my cubicle that says
Forgetting the obvious bias that the authors of this article have.
Lets turn the logic of this argument around for a while.
Why should any non-US government trust M$ o/s or tools for this very same reason. And indeed because the source is closed, how would we know.
If opensource software is not safe for US companies, then closed source software is not safe for ANYONE but MS to use.
There have been significant conspiracy theories in the past about how lightly M$ got off after being found culpable by the DOJ. Could there be some deal to undermine other countries by embedding spyware into the Operating System?
Sounds like the plot for "Pelican Brief II" (I want my part to be played by Jack Black!)
The same could be said with immigration, out sourcing, overseas internet connections etc etc...
Can we get someone to send a fresh piece of FUDge sent over to the hills?
The article rightly points out, Windows isn't going to be any better than Linux in this regard - one could argue that it might be a lot easier to buy a Microsoft developer to insert a trojan into Windows unnoticed than to get one into an open source system.
However, the problem with the article is that it just assumes that embedded Linux systems are being deployed in the military without appropriate checks on the companies supplying the code, and without any adequate testing or source review; this just sounds like uninformed FUD to me.
Their corporate brochure gives some insight to why GNU/Linux is dangerous to their bottom line. BTW, the link is to a +3M file on their web site so only download it if you're interested.
"I hate to advocate drugs, alcohol, violence or insanity but they've always worked for me" - HST
The difference between Open Source and Closed Source hacking is that Closed Source code is slightly more difficult to find.
Oh and it's err, slightly more illegal to muck about with...
that crack pipe and pass it back to Daryl..
-exactly. Always consider the *source* of information.
I'll see your outsourced terrorist FOSS programmer for your embedded software/OS and raise you two embedded radical Islamist programmers working at Microsoft. who enjoy recreational flying.
Lead Programmer at Major Defense Contractor: Hey, can you install this patch by the that new Pakastani contributor for our missile control module?
New programmer: Yeah, I looked at it. There was some weird code in there that I couldn't quite figure out. There was some one line Perl code with about 10,000 characters. Shouldn't we look at it? What does it do, exactly?
Lead Programmer: Naw. I don't think it really matters. I don't want to look stupid because I sure can't figure Perl out. Let's just go with the release early and often policy. We'll let the users report the bugs back to us.
---Technology will liberate us if it doesn't enslave us first.
Um, this was already tried last November. Not only was the exploit very subtle indeed but it was still detected and removed within 24 hours. This is about as effective a piece of FUD as AdTI's last effort, and it looks like they were so embarrassed by that one they are resorting to a new name. I'm guessing we won't be hearing from "Green Hills Software" again once they've been publically ridiculed either...
UNIX? They're not even circumcised! Savages!
Wouldn't it be easier to just hire someone in India to put the bug into closed source proprietary software. With all of the outsourcing we're doing, I think closed source is much more susceptible to malicious code insertion. How can you compare the effectiveness of just a small group of people looking at the codebase to thousands of people. The prior is much less secure.
Clearly, this guy must have Wiki and Open Source confused. He apparently thinks that anyone who wants to can come and put any line of code they desire into the source base without any sort of moderation.
Serves them right. Wait, theyre probably using the evil technology of Apache, which was bugged by al Quaeda to stop me from viewing this article.
cd pub; more beer
"O'Dowd thinks that unfriendly countries will attempt to hide intentional bugs that the Open Source community will have no chance of finding."
O'Dowd is clearly a blithering idiot then.
And it doesn't have to be in the Linux kernel. The classic example (at least 10 years old) is to hack up gcc so that it examines the code it's compiling, and if it decides that it's compiling /bin/login to do things a little differently, inserting a back door where there was none before.
However, while he does have a point, it's a very myopic point. Closed source software has exactly the same vulnerabilities, except for one critical difference -- only people within the company in question have a chance of detecting the problem -- the end user will never get to see the source and see if it's compromised. Granted, most open source users do not review all the source code that they use, but at least the option is there, and for the people where security is absolutely essential (like the NSA) they almost certainly use it.
Also, for a closed source company, the problem is even worse. The backdoor (or whatever) could be introduced when the code is finally compiled for distribution, and never get checked into whatever source control system they use. So the binaries get shipped out, but NOBODY has reviewed the source code in question (except our cracker friend) and once the bug does come to light (if it ever does) the company will look at the source code and scratch it's head -- it won't even have the source code in question to look at.
Isn't the problem described much larger for commercial outsourcing? These days most software used in the U.S. is partially written outside the U.S. At least with the open source software people concerned about security can build from source and perform an inspection on the source. With commercial software, no such precautions are available.
Same guy, same company, same crap
/ 15 /1733237.shtml?tid=106&tid=185&tid=190
http://developers.slashdot.org/developers/04/01
That was the original point that I was alluding to, but source doesn't have to be "Open" to be shared privately.
Downmix - The Artscene News Source!
whhaa ha ha ha ha,
and another HA!
Unless the military contractor can guarantee that every sub- and sub-sub- contractor's code libraries is clean the same problem will apply to closed source also. With open source any interested party can check for themselves.
---
It's wrong that an intellectual property creator should not be rewarded for their work.
It's equally wrong that an IP creator should be rewarded too many times for the one piece of work, for exactly the same reasons.
Reform IP law and stop the M$/RIAA abuse.
He was refering to closed source software.. Some companies will show their source for a security audit by a large company. For example microsoft let China view it's source code.
America is locked in a life or death battle of Good vs. Evil. Any openness or flexibility is weakness, which will be immediately exploited by our enemies to destroy our way of life. Open source hippies might be having fun, but they're frittering away our hard-won tech lead. The Internet itself, invented by the Pentagon, has been taken over by pedophiles since Al Gore reinvented it during the fake Bubble. God told President Bush to have Bill Gates take over the Internet, and all software development, to protect us from the hackers, and get rid of spam.
Freedom is Slavery.
Ignorance is Strength.
War is Peace.
--
make install -not war
At least OSS lets the prospective user review the source code. U.S. companies are rapidly outsourcing proprietary development to foreign countries. Key infrastructure software (and firmware) is being developed in countries such as mainland China (including code used for the U.S. telecom system). Meanwhile, the U.S. military is rapidly adopting off-the-shelf components to reduce costs. But, by all means, lets ignore this, and concentrate on OSS ...
[Insert pithy quote here]
The fix is simple, really.
Don't blindly use any open source for mission-critical applications.
Maybe this sounds obvious, but it probably didn't occur to the author that the military might want to hire programmers to go through the source, and test/adapt it to the military's stringent requirements.
In the end, a few hundred man-hours of testing and/or adaptation would still probably be cheaper than building your own, military-grade software from scratch.
Done.
When you can't compete, FUD.
The gauntlet is thrown down. I challenge this man to come up with a demonstrable "trojan horse" in an OS piece of software that cannot be found in a reasonable period of time by a security audit (the kind the government does of OS software to be used). Such fear mongering should be laughed at with, torn up, and spit upon whenever you see or hear it. It reminds me of Ridge getting up and saying, well, there's a threat around the election, but we have no evidence of it. Be scared (and vote for Bush). Yea . . . right. I didn't just fall off the turnip truck.
Get a life, and make better products, jerk!
...tizzyd
The cornerstone of open source is that it is OPEN SOURCE. The government is free to view and evaluate all the packages to their little, demonic hearts' content.
If I were a terrorist, I'd think I would penetrate a closed-source house (say, Microsoft or Green Hills) and hack some little nasties into their source.
But,, maybe that's why Dan O'Dowd isn't a very good terrorist.
:wq
O'Dowd thinks that unfriendly countries will attempt to hide intentional bugs that the Open Source community will have no chance of finding."
mere speculation. and certainly no more valid than a PROVEN case of bugs being left inside closed code which aren't found until they're exploited.
Seriously, if the military was using M$, why would anybody need to worry about sabotaging the code. I think nobody does it the M$ way. 5+ years since I have used M$ and the blue screen of death is still their speciality and with every new version the probability of seeing the blue screen increases.
Give that man a 5 for funny! i guess the end result is that as much as i love open source software, and as much as you CAN look at the code, most of us don't. nevertheless, i think the idea that the government CAN pay someone to investigate the code (above and beyond what the community does) makes me feel that open source software can provide a much safer base for high security issues. Mr. O'Dowd's comment holds some water for the fact that there isn't as much code reviewing as we would like to believe, but there is some and most importantly, the government can arrange for more.
At least it looks like somebody or something has got at his hair. Is that a toupee?
that a linux kernal cannot be designed to a set of requirements and specifications and then run through test and QA controls? Has he checked with the NSA on this?
He should be embarassed to call himself a software professional.
This is a perfect example of an article written around an intentionally misleading premise... in other words, an evil marketing screed.
Sheesh...
As opposed to closed source where the government does not have access to the source code so that they have 0% chance of searching for a problem much less finding one? Open source gives the government a great flexibility right now because they can audit and test the code before they use it. With closed source, they can only test the software.
MS used the same argument against releasing the source code of Windows to its competitors because it would pose a security risk. Six months later they relased portions of the source code to China. Where's the logic in that?
Well, there's spam egg sausage and spam, that's not got much spam in it.
I wonder if they also consider shareware and freeware as a possible threat.
You know, it's easier to hide funcionalities in Shareware/Freeware than in OSS - you can't look at the code and observe them at one glance. I wonder if it would not be easier to spread malicious code in PaintShopPro and others.
Al.
Who knows what nefarious people of any persuasion put in closed source and who knows what safeguards companies have in place to find it?
For example, given the performance of Microsoft software it sure looks like they don't have any meaningful code review that might catch deviant code of any sort.
to plant an exploit when there are so many already existing to be discovered?
Does anyone actually listen to Dan O'Dowd? Isn't it patently clear that Green Hills is spewing this FUD strictly for business reasons? It's just more of the AdTI crap, and carries no real weight. While there might be some in government who buy this line, certainly the NSA, DARPA, and the various Secret Labs don't. Personally, I see this as a scared man trying desperately to shore up a business that has become a dinosaur with numbered days.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
nothing could be further from the truth than Dan O'Dowd's claims.
a) he hasnt quite grasped the basic premises of OSS . or.
b) this is a blatant lie, FUD of the most common kind. or.
c) he is another guy fond of conspiracy theories, he should really try one of his own hacks with spielberg for his next project,who knows, he might get hired and make millions.
seriously, now, it might be true that a vast majority of linux users - may not even peek at the code. but, it is subject to the most intense scrutiny than any software ever written (by most, i mean the most number of countries, groups etc. as opposed to a single country, groups. etc), and it is open for everyone to see. It might actually be the guys at redmond who have incorporated quite a lot of hidden stuff in the OSes and its become so big that they simply cannot handle the complexity, hence the large holes and the security mess!
"This too shall pass..."
"Some embedded Linux providers even outsource their development to China and Russia."
If he's dumb enough to think the biggest threat is China or Russia, why is anyone listening to any part of his argument?
The really dumb assumption is that enemies will be able to anticipate what will be written on the embedded systems, and write bugs to exploit software that they have no source code to. Any sensitive programs will be developed in-house. My guess is they are going to maintain a seperate fork of a stripped kernel that will be easier to look through.
The greater risk is likely going to be on-site network security, not the software. Some clueless government employee will hook up a wireless router for his new dell, and someone nearby will find it.
For Air Traffic Control, these real time human-grade systems have their OS's (And all commercially available software) tested and audited to prove reliability. And frequently contractors have full source code visibility (through insane NDAs...) to commercial OSs (AIX and Solaris come to mind).
Bruce
Bruce Perens.
The government is very paranoid about foreign software, moreso from the closed variety. Entire suites of products have been dumped to their nation of origin, despite being a quality product. The govenment didn't want to take the risk that the product might write code that would re-program the RAID controllers to write secure data to an unused portion of diskspace for later (somehow) retrieval. And this is a country with whom the US has solid working relations. Sound crazy? Maybe. Maybe not, though. At least with OSS, developers can read every line if they want. Even then, software for use in secured environments still goes through the accreditation process.
Nothing but the finest in meaningless drivel
Time to get more serious than that: see some EU countries who bore the consequences.p endix.html#Lotus/
http://www.cosc.georgetown.edu/~denning/crypto/Ap
An example:
Before the US crypto export regulations were finally disolved the export version of Lotus Notes used to include a key escrow / backdoor feature called differential cryptography. The idea was that they got permission to export 64 bit crypto if 24 of those bits were encrypted for the NSA's public key. The NSA would then only have the small matter of brute-forcing the remaining 40 bits to get the plaintext, and everyone else would get a not-that-great 64 bit key space (which probably already back then NSA would have had the compute power to brute force also, only at higher cost).
So who would prefer a BlackBox over a fishbowl?
Ok, this type of argument has got to stop.
To me it seems that proprietary software has more potential for sabotage.
If someone, for some reason, wants to exploit some part of some open source software, A) everyone knows the source, many intimately B) it's unlikely that the vulnerability would be unknown or uncovered (since the source is open to all to be scoured - very very often very very thoroughly).
Closed-source software on the other hand A) has only select people who know and have access to the source, often not very intimately (because they are likely working on it for the paycheck, rather than satisfaction or enjoyment). B) Not only are vulnerabilities likely to be unknown; but a malicious programmer can slip backdoors and the like into closed software without detection much easier than "plain-sight" open software.
foreign intelligence agencies and terrorists can easily infiltrate the Linux community to contribute subversive software
Because it's IMPOSSIBLE for a foreign agent to get inside a corporate setting...
True, a clever open-source programmer could still theoretically hide his malicious routines - however, the source is after all open; so therefore his hiding would be the equivalent of camouflage - with closed source it's like fort-Knox. Fort-Knox keeps only that which is inside it safe.
how about the example of placing a bomb. is it better to A) hide the bomb? (hiding means it's covered by something) or B) in plain sight, say on a big platform that says "please look at me".
One last analogy: would you have a better chance thwarting an attack if A) you had a clear design of every possible way the enemy could attack. Or B) you had no idea whatsoever.
using his logic shouldn't we also stop buying foreign goods.. and we better close the borders.. bars on your windows might not be a bad idea either.
seems easier to address the reasons a terrorist would be upset in the first place than stop all the possible ways he could attack us. call it a preemptive preemptive strike.
We've seen too many examples of "consultants" who do exactly that - Laura Didio (Didiot) being a prime example, claiming to have seen the source code, etc., and it turns out she hasn't got a clue.
Then there's a problem with stuff that seemed secure at the time, but that, with advances in understanding, turns out to be insecure. So you would hav to do continuous audits on already-reviewed code.
The only trustworthy process is one that can be verified - in other words, open.
Dan fails to see the other side of the issue that, with open and transparent code, it is possible for many more people to help find these problems, instead of relying on the coders that initially developed the code. In my experience people are notoriously bad at evaluating their own code for bugs. After all, they wrote the buggy solution in the first place and assumed it was good when they wrote it. By opening up the code it alleviates this problem, by putting the error checking and bug searching in the hands of people that have no ego to protect or personal bias towards the code produced.
unless they had problems. Large secure systems like this are signoed off on once (and there most definately would be a code audit involved in that process).
After the signoff the code will not be updated unless serious problems are discovered, because the risk of introducing bugs to the system, let alone exploits, is too great.
The military are not running apt-get every night, they don't change anything they don't have to, and when they do it'll be thoroughly reviewed and tested.
Nothing more:= 1182
http://www.madpenguin.org/cms/index.php?m=show&id
Linux with kernel panic...
MadPenguin.org
to the source to Linux, BSD, and Windows(shared source initiative, yay!) They can decide what they want to use, and hell, they even have their own distro of linux.
It's interesting to see this guy say that he knows more about security than the NSA...
If you were a paranoid Iranian or North Korean computer user and look at Microsoft Windows would you think the same thing? Heck, why would a Chinese user think that MS and the NSA/CIA/alphabet soup is trying to snoop them? Because MS allows a select group to look at their source?!?
At least with Open Source you have the source to ultimately check for yourself. Vendors like Novel, IBM, and RedHat are supposed to be actively looking at the source to make sure no one is slipping stuff in that doesn't belong but if you don't believe them you can do it yourself.
So you have a Mr. Dan O'Dowd trying to a terrorist ghost threat into Open Source. The problem is that the source is there for you to inspect. With Microsoft the only word you have is their word that they aren't monkeying with the OS to monitor you.
IMHO, BSD and Linux are perfect for Military and security applications. You can inspect every corner of the kernel. You can freeze on a specific version because you always have that source code. You can branch and patch as you see fit. This seems perfect for the military and security branches. With Microsoft you have to "signup" (how much money does it cost to do that?) to view the source and then what? The only proof you have is that this particular version of Windows hasn't been monkeyed with. What about the patches and hotfixes? *shrug*
When it really boils down to it are you going to believe the source you compiled, you control yourself or Microsoft? I think Mr. O'Dowd's trust is ill placed.
There are a number of issues that play a part in the Green Hills argument. First of all, let me say that I have had the experience of using Green Hills products (non-military) for the past few years now.
First of all, coming from a company that charges *a lot* of money for an OS stands *a lot* to lose from a free OS. Therefore, GH would be expected to say that a GH product is better.
The fact that GH source code is not open source does not mean that no one ever sees it. I have access to the entire source, and, if so inclined, could use that information to create an attack myself or provide the source to someone else. Remember, even though the company signed a release for the source, that doesn't mean that money talks more.
GH has, up till this point, maintained a 'top dog' status in this area. In fact, when we asked for a driver for USB mass storage, the response was 'Well, where else would you get it? It is going to cost you.'
IMHO, GH has had a bit of a mini-Microsoft status within the military embedded world. This has certainly mirrored the PC OS world - one leading OS, some neat features, but when you really look at, how many ways are there to create a GUI or an OS. Let's be honest - an OS has queues, semaphores, a file system (replaceable, in GH), etc. So we are not talking about 'rocket surgery'.
The idea of Linux not being 'military grade' would really need to be made from an independent group. This is akin to MS saying that it has the best browser or GUI. Of course they are going to say that.
I for one welcome our new [insert main topic] overlords.
He should liken any government using closed source software with the Trojans themselves, who took the *gift* without examining the contents.
If the Trojan Horse were really Open Source, it would have had a list of building materials, instructions on building the horse yourself, the number of greek warriors inside, how the warriors were armed, along with several notes from the Phoenicians commenting on the dangers of the included Greeks...
-- If god wanted me to have a sig, he'd have given me a sense of humor.
"Even if Linux were as secure as Windows"....
Isnt this Old news, isn't it HERE is a story. I actually posted it yesterday in a comment I intended as a joke, unfortunately it got modded as flamebait
Open Source would only be like the Trojan Horse if all of the citizens of Troy had been asked to come out and help build it first...
I wonder if that guy owns any Microsoft stock...
Slashdot Eds Link Anonymous Posts With Logged Posts
They Are Vermin Feeding On Each Other's Feces.
I Hate \.
Why should we believe that an open source project is significantly easier to infiltrate and hork than a proprietary software project? Certainly there have been past cases of companies shipping binary-only distributions that were already infected. And how many people around the world contribute scantilly reviewed code to Microsoft or Sun distributions?
The real solution to the problem isn't a change in licensing: it's implementing more formal review processes and preparing rapid recovery procedures for when the review processes fail. Both of those solutions are, if anything, more easily implemented for publicly licensed code than for privately licensed since (a) no permission is needed to perform reviews; (b) to rapidly recover from a disaster, access to the source is needed.
not for ebing against open source but for puttingup such a plain stupid FUD statement..
let me explain..
at the event of insertion of unsecure back door code both closed source and opensource code bases are equal..in that it coudl happen in the realm of possibilities inopen as well as closed source..
THE DIFFERENCE is that in the open source development structure everything is poen for both developer and public examination..and developers being curious will look at new code to figure out what it does..because of openess the amount of eye balls on code is 1000 fold when comparing to closed source..
In closed source such new code is not going to get that large amount of examination due to time limits and profit pressures.. they want code out the door..not necessarily code examine for problems..
Don't Tread on OpenSource
I'm a long time Linux user and have been around open-source for a long time. While the source of this article is obviously questionable, I work for a Defense Contractor and I'm here to tell you, the points raised in the article have some truth to them.
If you're selling products to the govt and those products use an operating system, the issue of being able to GUARANTEE that your code base is not and cannot be coerced is very real. Everyone has (or should have) seen the techniques used to obfuscate trojan horses by using a compiler or some other tool that makes this problem even harder.
The problem being eluded to here is about a chain of control of a code base that can be demonstrated to satisfy a DoD or other govt customer. While no process can ever be completely secure, the real point is, if you have a choice between a system that has been developed in a closed environment where you can keep an eye on everyone involved and and open-source development, the prior development is easier to verify. You can call it FUD but this is a real issue within the govt circles and WILL limit the use of Linux in certain applications.
Frank W. Miller
If you think that it's as hard to check code for correctness as it is to write the code in the first place, you can't be a developer, or you're not thinking clearly.
Writing code is one of the classic "genius" kind of activities - it's generally an NP problem. Figuring out the right answer is *immensely* harder than recognizing the right answer when you see it. A good design jumps out at you when you see it, but finding it starting from scratch can take a long time. It's like finding the answer to a riddle, or factoring a large number. When you have the answer, it's obvious. If you don't, it can seem impossible.
So even if they have to evaluate the whole body of the code initially, then all diffs with every revision after that, they've made an immense gain to use open source versus building it over again themselves.
Linux for Embedded Systems? is another more detailed "investigation" into using Linux for embedded environments. The article is written for the COTS Journal by another Green Hills Software Croonie. The ironic thing is that GHS was creating an adaptation layer for Linux to run under their RTOS (Integrity).
come on fhqwhgads
Even if Linux were as secure as Windows, Windows is the wrong benchmark.
BWAHAHAHAHA!!! I guess he missed the press release from Homeland Security telling us to avoid IE (OK, not quite the same thing, but M$ argues that it is...)
When all of your wishes have been granted, many of your dreams will be destroyed - Marilyn Manson
"will have no chance of finding..."
:P
right! because it's closed source... Only non-american programmers are smart... no one else will be able to decipher Dr. Evil's mini me bug... finally mexicans will be able to get green cards by the millions!
muahahahahahaha muahahahahaha
btw. I'm mexican
My penguin ate my sig
Even if Linux were as secure as Windows, Windows is the wrong benchmark. Defense systems should be held to a higher standard.
.. right?
:-)
As secure as Windows? He's kidding
When I worked for the AirForce, they had several instances in which systems were comprimised (desktops). Various worms came out of the blue and just hammered their network. My systems running Linux noticed it immediately. In fact I was told there was NO problem. After a few hours of watching the logs logging attacks over and over again I then noticed a general email sent out to all explaining there was a problem and instructions were provided.
As secure as Windows? God I hope not!
The Federal Aviation Administration (FAA) requires software that runs commercial (and many military) aircraft be approved as part of a DO-178B certification. DO-178B Level A is the highest safety standard for software design, development, documentation, and testing. It is required for any software whose failure could cause or contribute to the catastrophic loss of an aircraft.
Several operating systems have been DO-178B Level A certified. Until Linux is certified to DO-178B Level A, our soldiers, sailors, airmen and marines should not be asked to trust their lives with it.
If Linux isn't at this level then what is the point of the article? Linux is certified for various things in the military. Whenever I stand up a server I was asked what OS I would be running. Everyone was apprehensive it would be Windows which requires a whole heap of testing before it's allowed to run in production. As soon as I told security it was either Unix or Linux they would sigh and tell me to go ahead. Much more confidence there
Has Comcast disconnected your Internet account? Same here. You can read about it at http://comcastissue.blogspot.com
While I don't know what M$ + NSA put in the closed windows source that could potentially hurt other nations, it is clear that open source doesn't have this problem. If it would have malacious code, it would be open to everybody to fix it. That, I believe is a greater strength than the weakness it represents (which is to infest it with malicious code.)
Click on the Mystery Futures Link!
Please login to access my lawn
Think of H1-Bs as the new labor class. Regular employees are sub-optimal because they can quit their job and form unions. This is a threat to the efficient allocation of capital. The H1-B is good because it gives coporations more control of their resources. If you find H1-Bs a threat, it is because you are lazy and anti free enterprise.
Unless you have both the full source and the compiler/toolchain it was built with, a security audit is worse than useless, as you have no way of verifying your results.
In such a case, WYSINNWYG (What You See Is Not Necessarily What You Get).
For example: You get the full source and the toolchain. You do a build on the same platform using the same flags. Your final executable has a different md5 sum. You have to conclude that the either the source or the toolchain you received is not identical to the source that was used for the original build.
Without everything (full source, toolchain, build scripts and flags) you cannot verify that you even hae the right source.
Excuse me, but isn't it because "many eyes" were reviewing the source code that the bugs were found and fixed? And how fast have the patches come out after the bug was found? Now compare that to, oh, I don't know, Windows and some of the flaws there (including some that have been known for months) and still haven't been fixed?
Even if Linux were as secure as Windows, Windows is the wrong benchmark. Defense systems should be held to a higher standard.
Well, I should hope so. After all, why is the DOD, CIA, DOHS, FBI, and NSA paying all those computer programmers they hired? To create new mods for Doom3? I don't think so.
It's all fun and games until someone loses the key to the handcuffs.
Oops, sorry, can't do that - its that darned constipated closed-source disadvantage.
Money + NDA = "Open to me" source.
In the future, I would want to not be isolated from my friends in the Space Station.
omg i make teh poo on open sores
Users of open source should have a few subject matter experts on the staff to audit the code used, keep up with the developement and check that code hasn't been adulterated (md5 checksums signatures etc) - they will also be responsible for custom development for the agencies purposes. That way you spread the expertise, reduce your dependancy and capital concentrations like the Redmond monster. Anyway you cut it, you don't want critical systems operated by closed proprietary secret business material and dependant on a single source who uses it to control you and 'gate', so to speak, your performance. Msft and other businesses are not bastions of military security and enemy agents who want the code can probably groom moles to get access to it and smuggle microfilm back to the paterland.
try { do() || do_not(); } catch (JediException err) { yoda(err); }
If we're worried that our enemies can modify source code without us even noticing it (read: we're dumber than they are) I'm sure we have an even bigger problem to worry about than Open Source Software.
FLR
If the security is that damn tight, one can't use open source or proprietary -- they'll have to write their own code.
Our armed forces are going full to OSS specialy because they can look at the source and find anything fishy. Take our navy, for instance. They already have a custom made cryptography layer to run over linux to create secure communication channels.
Of course this is not an easy task but we are doing it slowly and with the help of the community and the academia. The ideia is to have an "Army grade" linux distro with all the code audited and cuntom, strong cryptography.
Scientia est Potentia
I don't know about this.... "Conclusive evidence" to me does not just mean they have a key with the letters "nsa" in it. "Conclusive" involves proof more than simply circumstantial evidence...
This guy isn't exactly brilliant at analogies, is he.
FOSS would be like the Trojan Horse if the Greeks had all sat on top of it instead of hidden within...
Hmm.. Come to think of it, the TH analogy sounds a lot more like closed-source software. You don't know, and are generally precluded by license from knowing, what's inside that thingy you just let in the gate.
Trouble making decisions? Just flip for it.
Here is Dan's email address if anyone would like to write him a note:
dan.o.dowd@ghs.com
I don't think he's recommending Windows as the alternative.
From the article: "Even if Linux were as secure as Windows, Windows is the wrong benchmark. Defense systems should be held to a higher standard."
In fact, I don't think it's being unreasonably cynical to say that he's suggesting Green Hills software as the alternative.
But whatever you choose, I think he's simply suggesting the military choose software from a vendor who might make the code available to them, but not to the entire world.
In general, the military doesn't certify code as secure until it's been around for a while, and most of what we think of as Linux and Open-Source is pretty new.
Yeah, Linux is untrustworthy. Enough so that the NSA chose to develop NSA linux with its own security extensions? What I'm getting at is that the government can make its own secure OSes by using Open Source.
Hiding in plain sight as in Linux may be a good tactic. He should be more concerned of the rather large possibility of being sabotaged in silicon rather than in software.
this is what I posted on his article, on designnews itself, where I'm sure he will read it:
In theory, of course, you're totally right in believing this. In practice, however, you're inescapibly wrong. First, since Linux is open source, the army implementing these linux embedded systems most likely read through the code to verify it's normal behavior and lack of serious design flaws, second, terrorists nowadays do not use computers for fear of being traced by the NSA or CIA with the net, thus preventing themselves from ever contributing code to Linux. Third and last, the linux kernel development team has now a signature follow-up on the internet, to make sure that each piece of code can be traced back to it's original author. It makes it that much easier to locate the developpers of Linux. Many of them are in countries that you failed to mention, like Japan, Australia, Finland and many other western countries that the US government trusts. Besides that, the open-source community is the best bug-tracking-solving community in the world. I believe it has happened for the webserver apache when the new version was shipped out with a security flaw less than an hour later the bug was traced in the code and a patch submitted. So, even in the case of a security flaw in the linux kernel, I believe that in less than 35 minutes the army computer specialists would be able to trace and fix the flaw. And those security flaws are precisely the reason the army orders pre-series of each equipment they will use and test them for a few months with anything that they're expected to meet in combat zone, one of them being loss of OS stability, control or even total power failure and recovery. You have only looked at the theoretical part of the problem, and propose no solution to the problems you see, therefore I consider your article a big rant against opensource, not constructive criticism, which in my opinion would be true partiotism.
---- I am certain of only one thing : I know nothing else.
> O'Dowd thinks that unfriendly countries will
> attempt to hide intentional bugs that the Open
> Source community will have no chance of finding.
And where would they hide these bugs ?
In your ass ?
Votez ecolo : Chiez dans l'urne !
If its "shared privately", how can you know that the people who are supposed to vet it have done a proper job, that they kow what they're talking about instead of blowing smoke out their asses?
That problem is not solved by using OSS rather than (shared source) proprietary applications. The auditor of OSS can be just as braindead as the auditor of the (shared source) proprietary applications.
We've seen too many examples of "consultants" who do exactly that - Laura Didio (Didiot) being a prime example, claiming to have seen the source code, etc., and it turns out she hasn't got a clue.
Once again, that is not solved by using OSS.
Then there's a problem with stuff that seemed secure at the time, but that, with advances in understanding, turns out to be insecure. So you would hav to do continuous audits on already-reviewed code.
Yes, you would. You would on both OSS and (shared source) proprietary software.
The only trustworthy process is one that can be verified - in other words, open.
The license isn't the issue here, it's the available of the code to the customers. The code can be available without being OSS.
Downmix - The Artscene News Source!
I'd be afraid to buy a system from China, Russia or some rogue nation.
They could put mini-terrorists in the system that can start sabotaging the equipment...
Scary stuff! Thanks for opening up our eyes!
100% Insightful
N S A. Three words. Not one.
Best Slashdot Co
so what: every country build its own OS
or boycott all OSes...
unsig
"Can you honestly tell me that the government is going to hire a panel of people to check in in-depth source changes on OSS projects?"
Simple answer; YES. (period) end of story. They CAN and DO rigrously check mission critical code for flaws whenever possible. (meaning they have the code, in the case of FOSS they do. and they do check the code in that instance.)
Furthermore....
There is a flaw in your argument. You are immediatly assuming that all code that is part of the kernel is compiled into every kernel that is compiled.
If there were some specialised kernel 'module' that had complex mathematical algorythms in it (for the sake of argument because these sorts of things are usually in libraries of code, not the kernel per-se) you would have a very small audience of people actually compiling and/or using this portion of kernel code. And if it were the reverse (as in common code used by many applications) there would be someone somewhere complaining about broken functionality. (hence fixed.)
Really, with FOSS software- if there is a bug, especially something that could have a negative impact on governmental/military apllications you need at LEAST 1 (one) person to discover it and it can be documented and fixed. As opposed to proprietary (windows) where there are problems with stability and security showing up constantly and it takes months if not years sometimes to fix things (even after many people notice them and many companies write articles about them)
....move along....nothing to see here....
Technocrat.net has had only one "story" in the past week.
Nice try, though.
Nothing to see here folks, move along please. Dan O'Dowd isn't adding any new information at all. Duh, any software can be sabotaged whether open source or not. All it takes is motive and ability, and not a whole lot of it. But at least with OSS, there is the ability of knowing just what you are using. I'm sure the Department of Defense has plenty of talented people who can assure them that Bin Laden hasn't hacked the Linux kernel. As for Windows, only Microsoft knows what's in there, so we just have to take their word for it. Now under those conditions, which would you choose?
To the making of books there is no end, so let's get started
-The "many eyeballs watching" approach that ensures maybe is not failsafe, but at least is something that can be done anywhere by anyone. Compare that with Windows, that when part of its source went somewhat open, was almost immediate an exploit based on how IE handles BMP files. Maybe Microsoft have his shared source agreements that enables government see at least part of the code used, but seems that don't was enough eyeballs to spot that.
- Open source is not simply a common blackboard where anyone can put something with high probability of being undetected. At the very least some big projects have its own way to incorporate developers or to approve modifications (think in linux or apache) or even trace them (at least in a project i am i receive in a mailing list with all cvs changes). With open source they are covering a lot of land, and at least most of it is somewhat safe against malicious code.
Without everything (full source, toolchain, build scripts and flags) you cannot verify that you even hae the right source.
The application does not have to be available under an OSS license to have the full source available.
Downmix - The Artscene News Source!
where we KNOW there are secret ways into in that HAVE been used to sabotage.
.xx domains)
granted, not too many government bodies have been targetted, but nations have (mass mailers that only targets
businesses have been targetted (DDoS against EvilCorp LLC)
and how many "terrorist spies" work for MS, Apple or IBM?
at least with open source you have a chance to fix it, may not be a good one, but it's better then your chance to fix a closed source bug.
The EXACT same arguments could be used against US corps that more dev offshore (oracle, msft, sun, others).
Are you saying OS == operating system or OS == Open Source. I agree with the first and it implies the second.
If a system is supposed to be secure a supplier should provide
1) source code for walk through audit
2) architecture documents for walk through audit
3) developer practices and audit documents
4) developer security test procedures and development test bed environment
5) results of test bed run on the supplied system
6) access to bug track database
All this provides transparency and confidence in the security of the supplied system.
NO operating system should be used without a proper security audit. If you can't inspect the source code then there is no ability to look for trojans or other backdoors left in the system. "Trusting" your supplier is not good enough, even if everyone at the supplier is security cleared and/or bonded.
Just because a system is a closed source, proprietary system does not mean it is more (or less) secure than an open source system.
No Defense for Linux Inadequate Security Poses National Security Threat Linux is being designed into future U.S. defense systems, including the Army's Future Combat System (FCS), the Land Warrior, and the Global Information Grid, which will connect future military systems into one network. [This is bad for my company because they are not buying my produts]This spread of Linux into defense systems is cause for serious concern. [At this rate I won't have a company in 5 years] Linux security is inadequate for defense use. [I don't pay these people so I can't trust them] The operating system used in defense is the foundation of its overall integrity. The operating system controls all of a system's functions, communications, and security; if it is compromised, an enemy can spy on, disable, or commandeer the entire system. [Much like Windows disabled a destroyer and let it go adrift for two hours] The Linux operating system is developed by an open source process. [That my comany cannot compete with] With the knowledge that Linux is going to control our most advanced defense systems, foreign intelligence agencies and terrorists can easily infiltrate the Linux community to contribute subversive software. [Nevermind my own company. Nevermind that we no not require security clearences either] The risk is particularly acute since many Linux contributors are based in countries from which the U.S. would never purchase commercial defense software. Some embedded Linux providers even outsource their development to China and Russia. It would be incredibly naive to believe that other countries and terrorist organizations would not exploit an easy opportunity to sabotage our military or critical infrastructure systems when we have been doing the same to them for more than 20 years! [Neverming there was no open peer review process, but there is one for Linux] Linux in the defense environment is the classic Trojan horse scenario--a gift of "free" software is being brought inside our critical defenses. If we proceed with allowing Linux to run these defense systems without demanding proof that it contains no subversive or dangerous code waiting to emerge after we bring it inside, then we invite the fate of Troy.[Nevermind that my code is just as subceptible to the same attack] One of the greatest misconceptions about Linux is that the free availability of its source code ensures that the "many eyes" with access to it will surely find any attempt at sabotage. Yet, despite the "many eyes," new security vulnerabilities are found in Linux every week in addition to dozens of other bugs. [My code does not has as many eyes, or as many protential hackers, so my code is safer] Many of these flaws have eluded detection for years. It is ridiculous to claim that the open source process can eradicate all of the cleverly hidden intentional bugs when it can't find thousands of unintentional bugs left lying around in the source code. [But I claim that all my developers can conceive of all possible buffer over flows and state machine exploits.] Linux is being selected for defense systems because of the perception that it is more secure than Windows. However, this conventional wisdom is unsupported by quantitative data. In fact, the U.S. National Institute of Standards and Technology (NIST) security vulnerabilities database lists more vulnerabilities for Linux than Windows in the last ten years. In addition, under the internationally recognized Common Criteria for IT Security Evaluation (ISO 15408), Windows has been certified to Evaluation Assurance Level 4 (EAL 4), a higher level of security than the EAL 2 that Linux has achieved. [Never mind that EAL level 4 seems to allow shoddy code, and that EAL was granted on a "customized" version of windows] Even if Linux were as secure as Windows, Windows is the wrong benchmark. Defense systems should be held to a higher standard. [I actually said something that is true. I had to to give this report credibility] The Federal Av
What complete FUD. I despise the current trend in the U.S. of companies and politicians trying to achieve their goals by spuriosly tying them to issues of national security. Don't like P2P? Claim that it's an essential communication tool for terrorists. Tired of that pesky 4th amendment getting in your way? Argue that sleeper cells are in our midst but those liberal loons at the ACLU won't give us the tools to catch them. Is OSS threatening your business model? Well then it becomes clear that OSS will make the U.S. open to attack. Anyone who disagrees obviously hates America.
The people who make these claims are the least patriotic of all, IMHO, using fear to manipulate the masses.
it's actually 3 letters...
With the knowledge that Linux is going to control our most advanced defense systems, foreign intelligence agencies and terrorists can easily infiltrate the Linux community to contribute subversive software.
And proprietary software is safer, how? It is just as easy, if not easier, to infiltrate a specific closed-source company (remember, the 9-11 hijackers were here for 3 years learning to fly jumbo jets) and program in their subversions directly. (See my comments about his compny's certifications below).
Some embedded Linux providers even outsource their development to China and Russia.
Unlike all the major proprietray developers who outsource all the work they can to China and Russia, too. How much of Green Hills' code is written overseas? By sweat-shop coders they never even meet?
In fact, the U.S. National Institute of Standards and Technology (NIST) security vulnerabilities database lists more vulnerabilities for Linux than Windows in the last ten years.
This is such a broad statement it is tough to refute. Are they talking kernel only? The kernel is the only part the military should be interested in as far as security vulnerabilities go. Then how can they get equivalent numbers for Windows which doesn't easily allow you to separate the kernel? And Windows definitely should include all of the apps because any app vulnerability is a potential OS vulnerability. This statement needs a lot of amplification before it even approaches something like "truth".
DO-178B Level A is the highest safety standard for software design, development, documentation, and testing.
From Green Hills' web-site about DO-178B Level A certification:
"The certification package includes Green Hills Software services for all DO-178B Level A compliant verification activities for INTEGRITY-178B operating on processor architecture specified by a customer's requirements. All reviews, analysis and testing of the INTEGRITY-178B real-time operating system is performed by Green Hills Software using the customer's target processor system."
So DO-178B Level A verification is OK as long as you trust Green Hills. Remember my earlier comments about infiltrating proprietary companies? With a couple of fifth-columnists in a couple of key places terrorists can insert whatever code they like and then pass it right along in the certification stage.
If the government truly wants to use Linux in military operations:
1. Freeze the source right now. Fork it into their own private source control tree that nobody in the outside world ever sees.
2. Perform the entire DO-178B procedures (I don't remember what parts of it these are) that do a detailed analysis on the source code for all decision brnches, etc.
3. NEVER use any public patches or source code changes as-is; instead, any changes to the code must be examined at the source level to the same rigor as 2 above and then incorporated directly into their private source tree.
4. etc, etc.
And most NDAs contain clauses preventing you from releasing anything you find that would be detrimental to the company - for example, any statement that would intimate there is a security hole.
As if most software is not already developed outside the US...
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
However, this conventional wisdom is unsupported by quantitative data. In fact, the U.S. National Institute of Standards and Technology (NIST) security vulnerabilities database lists more vulnerabilities for Linux than Windows in the last ten years. In addition, under the internationally recognized Common Criteria for IT Security Evaluation (ISO 15408), Windows has been certified to Evaluation Assurance Level 4 (EAL 4), a higher level of security than the EAL 2 that Linux has achieved.
Is this not due to the fact that only people inside M$ can check their own code, and that they will not always disclose vulnerabilities?
Linux on the other hand almost always instantly discloses its bugs.
I hate to fall into the any-statement-against-Linux-is-FUD category, but this really is a poorly written and research claim.
Mr. O'Dowd claims - without reference to any data, or even Gartner studies - that Windows is "more secure" than Linux, which is specious enough when there are data. He suggests that foreign agents could easily place backdoors into Linux, without any particulars of where they'd plausibly be planted, or why such backdoors would not be addressed by a security review.
Mr. O'Dowd also offers no reason why proprietary software isn't vulnerable to the same kind of infiltration, especially since programming work is increasingly Worse yet, code written by somebody infiltrating a proprietary software house would generally subject to less scrutiny than that submitted to an open source project, because they would already implicitly trusted.
On the other hand, because Open Source projects regularly deal with unknown contributors, most of them have formal or informal mechanism to get to know potential submittors. If some massive patch arrives at Linus' doorstep from some unknown contributor, he's not likely to just merge it into the main kernel tree, rather he'd find out more about the contributo or pass the code around for careful review. Note that this is quite aside from the "many eyeballs" theory, which AFAICT hasn't really been verified one way or the other.
so, please explain to me again how open source terrorists are going to slip their malware under our noses?
Sounds to me like outsourced software development to Pakistan and China is a bigger risk since they can insert code and its closed source so you will NEVER have a chance to find it!
Are you saying OS == operating system or OS == Open Source.
I intended it to mean "Open Source," but I believe that proprietary software software should be audited by governments before used, as well.
Downmix - The Artscene News Source!
when people find bugs in my code.... "God Damn Terrorists are at it again! I'll fix it"
Isn't a bug inside an open source program much easier (and no doubt faster) to find than one in a 'closed' source application?
He's obviously not a developer then.
========
77 77 77 2e 6d 65 6c 76 69 6e 73 2e 63 6f 6d
And I suppose foreign intelligence agencies with malicious intent and under the guise of respectable software development companies can't introduce backdoors into military contracted closed-source software that the US military has no easy way of figuring out because of the fact that it IS CLOSED SOURCE.
Comment removed based on user account deletion
I remember reading about NSAKEY, it is NOT access for the NSA, i don't remember what it actually is for, but it has nothing to do with government spying
Snowden and Manning are heroes.
american software engineers putting bugs in their code that no one will find out. this is a lot more likely, seeing that it is not subject to hundreds of people scrutinizing it...
Isn't a lot of proprietary software being written overseas these days? How is that safer?
Proverbs 21:19
Borland. Interbase.
Getting a mole into Green Hills Software, Microsoft, etc is every bit as real of a threat as getting one into any open source project.
No it's not. It's much worse. Once a mole's damage is done in closed source, who is left to uncover it? Only those with access to source. And if the technical mole is able to exploit higher ups (ala blackmale, obsfusciation, etc.) or peers, it is probable the damage will never be uncovered until it is too late. This doesn't take into account a very strong motivation in closed source operations of hiding serious deficiencies (an apparent common theme at Microsoft, where serious holes go known but unattended for more than a year), as well as resource issues (bug fixes don't make money, they cost money) at underfunded or financially/directionally challenged closed source operations (e.g. SCO).
Contrasted with a mole impacting OSS - he/she has the opportunity of being uncovered during any submission peer review, as well as at any time later from any review of the source.
So Green Hills makes an excellent case against closed source. It just appears they got their acronyms mixed up again (CSS/OSS).
Seeing as how MSFT is now sharing Windows' code with the Chinese government... Did this author put ANY thought into his criticism of open-source at all?
Russian Russian Russian RussianDollSig DollSig DollSig DollSig
WTH is a "international bug" ? didn't know software bugs had different races Anyways, how do you hide a "international bug" when its open source? declare your variables in different languages? It's like obfuscating the code on the source level.
So, someone could put in bugs or backdoors in Linux? That would never happen with, say, routers from the largest router company in the world. Oh, wait. It already has. Other countries are dumping Microsoft. Why? Because it is a closed source they can not look at that may pack bugs or backdoors placed by the US company to help the US.
Of all the valid reasons to attack open source software, I can't imagine how they can imply an unknown piece of code is more secure than a known piece of code, even if possible enemies are contributing to the open source (unless, of course, every programmer at Microsoft has been given the proper clearance for all levels the OS they are working on will be used).
Learn to love Alaska
That said I think its equally likely that any of linux's competitors have the same thing happen to them. OSS I don't think is any extra security hazard other than it might be slightly easier for the enemy to find a bug since they have source. Chances are if a bug is found however, that it gets fixed pretty darn quick and the benefit of having source goes as far as finding bugs is concerned isn't that great as you can probably decompile the windows modules and play with that source to find holes.
"You can now flame me, I am full of love,"
I've heard that some government systems that hold classified data are still using NT4, and are preparing to use W2K, because the W2K audit isn't finished yet (or was only finished recently), and they install the systems with their own special NT4 CDs. They don't even use MS CDs to install the systems, and they don't run machines with OSs preinstalled by the manufacturer. They use their own CDs with their own patches applied.
I don't know this for sure, but it seems to me that the government is in a bit of a bind with MS products, because they're bloating and the audit process is falling behind. They're about to jump to W2K, which at least puts them in the Active Directory world, but they're not even thinking about XP at this point. W2K is much bigger than NT4, XP is much bigger than W2K, and Longhorn is massive (from an auditing point of view). It's got to be hard to manage these audits.
I think that from the government's point of view, the real issue is whether the code has been audited, not whether it's open or closed source. If it's audited, they feel they can use it, if it's not, they can't. Keep in mind that the machines themselves are closed off, guarded by men with guns, and are not plugged into public networks.
So it seems to me that a lot of the open vs. closed source would come down to how it affects the auditing process.
I don't know anything about the audit process (or any of the rest of what I'm saying here, really), so take this with a grain of salt, but...
It seems to me that open source would allow them to manage their own distro, with a small number of essential packages. Patches and updates could be audited on a continuous basis, as they come out. That has to be a much more manageable project than simply tearing into Longhorn from scratch when MS finally drops it.
If they have the source, they could make sure that whatever they were using could deal with whatever it needs to deal with -- new hardware, or whatever. I think the pressure of obsolete code (which they're probably feeling with NT4 now) would be less intense.
I have been suspecting american PROPRIETARY software for years of the same danger as Mr. Dowd suspects OSS. Backdoors, intentional errors, intentional exploitable bugs and so on. Reality already proved I was right.
As a solution of this strategic problem, I suggest U.S. military should use only proprietary and let the rest of world use open stuff.
There you are, staring at me again.
Gvernments should not use ANY software without a proper security audit. Case closed.
I think asserting that open source software is more dangerous is as laughable as asserting our fighter jets should be running MS Windows. Talk about a crash and forget the blue screen, just death.
I can picture it now, "Alert to all North Korean pilots: We have determined that the US F-16's forgot to close their bluetooth port with a buffer overrun vulnerability. Fly within 30 yards of any fighter to disable its flight control systems."
The only thing more dangerous than a file named -rf is renaming it -rf\ /
I must say he has balls - right now the entire internet is being deluged by packet storms from compromised windows machines, (even bringing down google for some folks) and he worries that foreign hackers just *might* compromise the Linux source tree?
Since when did you ever need the kernel source code to root somebody? It has been done to Windows, Solaris, HP/UX and countless other closed source platforms for years.
My rights don't need management.
Not exactly a process that scales well.
:)
:)
Everything scales well to a government budget.
And most NDAs contain clauses preventing you from releasing anything you find that would be detrimental to the company - for example, any statement that would intimate there is a security hole.
How is that a problem?
And anyways, an NDA wouldn't do them well if they are attempting espionage.
Downmix - The Artscene News Source!
This opinion is somehow secretly funded my Microsoft in an attempt to further their regime and smash the rebel Open-Source community into oblivion.
Jesus Christ, remind me never to buy software from this nutjob's company. Seriously, though, clearly his viewpoint stems from a personal interest in seeing that Linux not succeed in the market space that his company operates in. His diatribe is a classic knee-jerk, FUD response to a serious, credible threat to his little monopolistic piece of the lucrative US defense spending pie.
OK, please give your coordinates for the Tomcat we'll send by your house this afternoon.
"Forward he cried from the rear
and the front rank died.
And the general sat and the lines on the map
moved from side to side."
- Pink Floyd, from "Us and Them", _The Dark Side of the Moon_
Irony alert: BTW, the spoken quotes in DSotM are ironic counterpoints of stupid people, attention-grabbing bits of conventional wisdom that are wrong. For example, the Moon is all *bright*, flooded with sunlight, except for the occasional lunar eclipse and monthly "new moon".
--
make install -not war
It's wrong that an intellectual property creator should not be rewarded for their work.
It's equally wrong that an IP creator should be rewarded too many times for the one piece of work, for exactly the same reasons.
Lessee. IP creator shouldn't be rewarded too many times because it would stifle his creativity?
I find your reasoning shakey.
> AFAIK Patents do expire after sometime, when exactly GPL code becomes public domain ?
When copyrigth expires, of course. What is your problem here ?
Gvernments should not use ANY software without a proper security audit. Case closed.
I agree completely.
Downmix - The Artscene News Source!
Lets say the United States uses a contractor, that has a foreign national as part of their staff, but does not know it, and this national is in charge of building some software. The foreign national knows exactly where to place key code segments to crash the program (lets say a missle interception program) when they want too. The foreign national knows exactly what test cases are being done, and knows how to avoid them, therefore hte software looks bullet proof. The software is approved as working, and is shippped. But the U.S. Government does not know, is that one line in tens of millions, checks for an override code. Now, unless an extensive code review is done -- which is supposed to be done, but not always done -- to go over all lines as they are checked in, this bug will make it past the checks. Once the code is delivered, the chances, at lesat from what I can imagine, that it getting caught till the damage is done, is super small.
:)
Now, if the code was open source, it would get reviewed, and looked at constantly. Yes, again, what are the chances of someone finding that bug, but I am sure they are greater than someone trying to find a bug in closed software....
The Austrailan voting system has been open source now for a number of years, and that system has just gotten more secure over time. I think that is a prime example of something that is borderline needing to be secure, and how open source worked. I Think it can work again, and that the US. should adopt it, if our greedy companies do not get in the way first.
By the way, the top paragraph was completely hypothetical -- no one wants CIA agents at their door.
-A
Uh, isn't this going to show up when they *field test* the weapon??
Who needs to code audit? It's as simple as the General saying: It didn't hit the target go back and fix it until it does.
I imagine code is to some degree the least of their worries.
If this is true for open source then it is 10 fold for closed source comercial software with all the outsourcing and visa holders! At least with open source we can find these mythical backdoors. The Outsourcing and visa trends are a much greater risk to National Security than Open Source if you use this lunatics logic.
Shared Source was always about marketing and FUD. Closed source is THE biggest security threat.
This is precisely why Brazil, China, and even Germany are moving towards open-source. The US Government cannot insert backdoors into this stuff that would affect anyone not wanting to be affected, unlike Microsoft stuff. Remember the NSA keys in the Windows NT crypto libraries?
The US can continue to run Windows, be our guest, but the point is moot since much of US Government software is developed in India anyways. No back doors there, for sure.
- - - Non Caffeine Drink or Drink Error
I went to Green Hills Software page 1st. Just to see who this is.
/.? Why would this get even a 2nd look by anyone? I might see the somethingawful forums laughing at this but to have a posting here?
And I'm a little upset. Is OSN actually letting these guys astoturf on
This whole thing smells bad. Maybe it's a slow news day but there are better anti-linux rants than what is coming from that lame ass website. Nothing to see here, move along.
Really, I know what I'm doing...Ohhhh, look at the shiny buttons!
I have no idea if something like this could be possible, but just playing devils advocate here.
Say, the software was used for target calculations for an artillery piece. For the sake of argument, say some "rogue" developer has added a bit of code that takes the coordinates from the GPS in the unit. Checks to see if they are in, say, a middle eastern country. If so, the shells, which found the target just fine in testing, are now missing the mark by 500 yards.
Not paranoid, just askin.
He's totally creeping out the Great One, eh...
Maybe they would introduce a bug that takes the fractions of a penny that are rounded off when computing interest in banks, deposit it into their own account? Like in Superman!
---
Lousy rotten karmic retribution.
Its about time somebody brought this up!
If you want to develop software for a sensitive government project, you must go through an intense security clearance process that costs upwards of $25,000, paid by your company. With this in mind, it seems crazy for the government to turn around and place its faith in a publicly available OSS system. What does the US DOD know about the people that wrote the software? None of these developers have been through a security clearance! Does Linus Torvalds have a TS/SCI/Poly clearance with the US government? There is a good chance they may actually be subversive, especially if they develop the OSS while working for a hostile (or even non-hostile) government! This is not terroristic paranoia, but common sense.
As for the theory that OSS is more secure because thousands of eyes are constantly scanning the source for bugs, hacks, and holes, how many people in the world have actually taken the time to go through the hundreds of thousands (millions?) of lines of code? As this article points out, there are probably only a few dozen people in the world who understand the source well enough to make an informed judgment on the codes security, or to make any changes to fix discovered issues.
Unless the government hires some OSS gurus, verifies their security clearance, and puts them to work actually examining the OSS code in its entirety, the government should not place any trust in the security of OSS.
Of course, the same issues apply to closed source software (CSS), especially in this outsourced world. However, I believe (I hope) that the government makes special arrangements with CSS companies to ensure their software's security.
Personally, I think the government should develop its own OS. It certainly has the resources to do so.
test
If all this should have a reason, we would be the last to know.
bitch
The U.S. military and government (For example, Horizontal Fusion, the catalyst for the Net-Centric Transformation of DoD, is heavily leveraging web services, JSR-168, et cetera... ) is increasingly using Open Source with talented people behind the wheel. e.g. Many software programming books following open standards and what not are penned by Defense Intelligence Agency (DIA) employees... And the government has groups actively focused on Information Assurance (IA).
And I, for one, work in the industry and gee, know what I'm doing and can read other people's code.
Pure FUD.
I do not agree with the article at all. Open source definitely has more eyes on the code then any company could ask for on their code. With that said, to get a real buy in, the PHB's have to see value. Your WHOLE IT department could be behind it but if other folks higher up then IT gang up, they can shoot it down. Not just the IT department has to be in agreement with using Open Source but the whole company has to. If they aren't, all you will here is complaints and they will search out anti-linux fud whether the fud is true or not. DOn't get me wrong, Linux is great, but in some cases more political then technical it will get shot down. It's that simple. If your trying to push Linux in your company start out small. Build in house examples to demo to the other areas that shows what it will do. The SLashdot readership may already know that Linux is great, but if Suzy in accounting doesn't like it or the Human Resources VP hates it, then it's not going to be the system you go with.
Gorkman
Linux Proves Security of Open Source: First Back-Door Attempt Thwarted"
- sigs are for wimps.
Then go with closed source, like Windows, which is partially financed by Saudis. Since Saudis have a large control over Microsoft, don't you think they can have their own backdoors? Oh, yeah, but I forgot that Saudis were close friends of the US Army, well, until November 2004.
It's possible, and HAS happened that KNOWN, and TRUSTED engineers have put bits of code that would pass initial scrutiny and still be dangerous.
Wasn't there recently an article about a router with a backdoor shipped out in its code? How about all those darn "easter eggs" floating around in Windows and Office and other programs?
I would challenge you to compile a new Intel C library using a Microsoft C compiler from 6 years ago too. Heck, compile glibc using an IRIX compiler from six years ago.
You can drag out all the scenarios you want and whether it's Linux or it's *nix or BSD or Windows you're going to have the same audit challenges and not even have access to the source code without negotiating with all your suppliers.
--- I wish I could hear the soundtrack to my life. That way I'd know when to duck.
Why is it necessary for Slashdot to give additional "air-time" to this loon every time he publishes his FUD? The guy obviously has a partisan stance, is biased, and has a financial stake in having his stuff believed.
Suggestion: Next time he publishes a white paper suggesting that open source will cause the fall of western civilization, we respond with a resounding "plonk".
Is this a dup? I dunno, but Green Hills FUD was discussed on groklaw at great length over 3-1/2 months ago.
Doesn't Microsoft outsource to other countries? I wouldn't be to surprised if Green Hills does as well. WTF? What a hypocrite. Wouldn't that be putting our security at risk considering we all know that Microsoft surely doesn't check their code as well as hackers do.
Microsoft has been showing its source code to governments and corporations for the last few years. China is one example. Does anyone seriously believe that a terrorist could NOT get a copy of that source?!
Heck, what would stop a terrorist from getting someone employed at Microsoft and simply stealing the code?!
But, then again, Windows is such an easy target for exploitation, getting the source code probably wouldn't be worth the bother. It'd be like stealing a key to a building without locks.
If someone says he and his monkey have nothing to hide, they almost certainly do.
...or does this guy have the world's ugliest hair?
What would stop a another country from paying off a developer from a proprietary software company to do the same thing as open source?
As said here about 100X the issue is testing.
The more I learn about science, the more my faith in God increases.
It's as simple as the subject. Open-source software is just another option. Don't like it? Buy the commerical software, or pay for its development by a trusted company or agency.
However, governments DO use closed-source software from companies and people they do not know. Who says Microsoft is not paid by X government that, through mass-adoption of Windows and other MS applications around the planet, now has control over a laaaaaarge number of computers in all countries of this world?
In other words, simply buying commerical software is not any more secure. What's worse, there is not way you will be able to check the sources. With OSS you have that option, and it is up to you, the user of the software, to check it or not check it.
Simpy
Fox reports hen-house security measures unnecessarily strict. Neville Isdell asserts that coke tastes better than pepsi. Teenage boy swears to girlfriend that, now that he's all worked up, it could cause permanent injury if he doesn't let him.
-Peter
As has been said many times before:
Closed source is no guarantee of lack of tainting. Even with security checks its perfectly possible to have a hostile programmer working on the software.
I'd just like to put in a word for the NSA et al. They're perfectly capable of making their own decisions, and are probably far more qualified than anyone here. They know how to minimise risk using whichever development model they like...
It is of course very possible that open source software could be written on behalf of the military. The people who keep the official version for use within the military/government will go through all code submitted with a fine tooth comb being very conservative with what patches they accept from the outside world...
This article is basically written for politicians to try and scare politicians into banning the FOSS competition. I doubt it would work if the military and friends didn't want it that way, they will make up their own minds.
I was looking through the authors citations and it seems that his quote concerning the number of vulnerabilities in Linux compared to those in Windows is pretty questionable. The database, as you can see here, has one selection for Linux and many for Windows. It seems that the U.S. National Institute of Standards and Technology considers components of Windows, such as Internet Explorer not to be a part of the operating system, thus listing vulnerabilities of the compenents separate from those of the OS. At the same time, Linux vulnerabilities include Sound Blaster driver issues and problems with third party software such as Symantec Antivirus.
From the article:
"It would be incredibly naive to believe that other countries and terrorist organizations would not exploit an easy opportunity to sabotage our military or critical infrastructure systems when we have been doing the same to them for more than 20 years!"
It would be incredibly naive to believe that bitter employees and terrorist infiltrators would not exploit an easy opportunity to sabotage our military or critical infrastructure systems when we have been doing the same to them for more than 20 years!
The software industry, as a whole, does not
do DoD-level security checks on their new
employees. And with more software employers
migrating operations overseas, there will be
an even greater risk that these new employees
will not get any vetting. When closed source
software companies migrate their operations to
places like China or India or Russia, vetting
the employee or thorough screening of the code
will not be a top priority. Time-to-market
pressures and hold total costs down are factors
that are contrary to security, whether that is
employee or code quality. To top even these
concerns, there is the issue of theft of IP
to contend with, with the prospects of future
competition from ex-employees that have your
company's code.
The argument against F/OSS in favor of closed
source commercial code is totally without merit.
With more development of Microsoft or Oracle or
other closed source programs moving overseas,
the risk of trojaned code goes up, not down.
As more F/OSS becomes adopted in the commercial
and government marketplace, the pressure on
closed source software to keep NRE and TCO
costs down will result in even sloppier code
than the IT industry has experienced to date.
F/OSS begins to look far more attractive as
the closed source software companies continue
to hide behind EULAs and Declarations of
Suitability as their software turns to trojaned
mush. The trend is accelerating, so get used
to it.
This is a serious issue that has almost nothing to do with Linux and/or OSS other than the obvious I trust my computer the most only when it is turned off and un plugged ( note I say the most, not absolutely ) When I fly I trust the pilot only because he/she has a vested interest in all of us arriving safely. And yet even that is not a given...
Right. So they can build a 100% secret product that could run on Windows.
Think about that for a second. If they are building applications, does it matter how secure that code is if it runs on Windows? Or would you rather that they build apps that runs on a modified Linux kernel, where they could at least hire someone to check the code? Microsoft is not accountable to anyone, including the government and military. THAT scares the crap out of me.
My beliefs do not require that you agree with them.
Windows' EAL4 rating is based on a NON-HOSTILE Protection profile (also known as a Common Access Protection Profile (CAPP)), meaning that hardly any threats were listed on its' PP. A quote from this site says it all: So if you say "This system will never be hooked up to anything that could possibly be malicious", it is very easy to say "Yes, in this setting, Windows lives up to its' PP quite well!" and give it an EAL4. Pure crap.
With the first link, the chain is forged.
Hmm,
In the 'New' Battlestar Galactica - the first attack was to shut down all the fighting ships computers...
But how could he know if Windows is any better than Linux? Windows could be full of backdoors and auto-bluescreen codes - and I am not even talking about the ones that exist 'by accident'!
BSOD- please reboot...
Can you honestly tell me that the government is going to hire a panel of people to check in in-depth source changes on OSS projects? People who are familiar enough that they can catch an exploit that may only take 3-4 lines of code to perform?
Care to put your money where your mouth is?
Let's see if you or your minions can sneak a bug into the Linux kernel or a major component like you describe. It would have to be severe enough that it would plausibly disable or degrade a weapon under combat conditions, but not be caught by field testing of that same weapon. It must get released and be in circulation for six months without discovery.
Shall we make it a $100 bet? I'd be willing to go as high as $2500, and if you want to go higher, I'm sure I can find a consortium. If you want, we can use Long Bets to make sure the money goes to charity.
Terrorists are cheaper than Americans.
"Many eyes" is not necessarly better (or trust orthy). You also assume that the OSS project is large enough to be under such public scrutiny.
But on to the next point:
So what happens when the customer wants the code reviewed, but each reviewer has to be approved by the code manufacturer?
The more difficult that they make the process, the more of a chance that they have of losing a potential client the size of a government agency.
OSS is no easier to validate than a proprietary application to which the source is available.
Downmix - The Artscene News Source!
IT Guy #2: (puts down Moauntain Dew) Yeah?
IT Guy #1: I just installed the update to GNOME.
IT Guy #2: (Picks up Cheezy Poofs) Yeah?
IT Guy #1: Should it default to something called the "I Love Osama" theme?
IT Guy #2: (Searching for Ding Dongs) Dunno.
IT Guy #1: It has a picture of the smoking World Trade Centers on the desktop.
IT Guy #2: (Found Nutty Ho-Ho in pocket instead) Huh.
IT Guy #1: And the screensaver is the Nick Berg video.
IT Guy #2: (Looks tiredly in direction of bathroom) Huh.
IT Guy #1: Aw, crap. It just installed the Anthrax2WstrnDevl worm on every machine from here to the main data center in Atlanta.
IT Guy #2: So blame the Windows Longhorn server in the marketing cluster.
IT Guy #1: Eh. Good plan.
And so on and so forth...
--- Ban humanity.
Americans are wedded more closely to M$ products than any other country. If anyone has something to fear from OSS 'intrusion' it is the Chinese and the Indians. They are deploying OSS everywhere they can because they have found M$ products too expensive to deploy in volume.
Americans and their foreign allies could be inserting small snippets of code into distros sold or downloaded to foreign countries. These snippets could be used to open backdoors for US intelligence agencies.
So goes the paranoia, that is.
Funny how the story takes on a different perspective when the treat is from America. Now it looks rather sensible and we (the US, that is) should be encouraging US hackers to start inserting code with all due speed!
What? The Chinese have their own distro?
Okay, then we will just go after India and the commercial interests of both countries (nearly 1/2 the worlds population - cool!).
If you give into paranoid rants from system vendors, you definately get what you pay for.
"Rocky Rococo, at your cervix!"
or...
paying Green Hills Software a couple of million dollars to merge in your trojan.
What on earth makes it easier to trust closed source? Doesn't it make better sense to go with the code base that has the most eyes of accountability on it??
Perhaps Green Hills is the first patron saint of close source? Perhaps Green Hills is our messiah? Green Hills is our savior... Green Hills loves us... they'd never do anything bad to us! Only trust them, only trust them... only trust them now....
This guy must play golf with Darl or something...
Wait a minute, what do you mean failing company? Their projection for 2004 is almost $70M, if that is 1H04 annualized, then I'm fairly certain that's going to be accurate due to holiday sales in the channel and companies that renew their budgets at the end of the fiscal year. Average growth rate, keeping in mind they have been there for 20 years, is 30% - I don't know many technology companies that achieved that; not many at all. The only dip in growth was 2002, and that wasn't nearly as bad as most companies when the bubble burst (remember the "network appliance" frenzy?). 2003 net is $11.4M - that's profitable to me. It is quite probable that there is a lot more money to be made in the market which could explain the increases in linux market share, but I don't think its driving this company into "failing" by any means - in fact, they look like a decent investment opportunity after looking at their financials. Of course, the company is private and the CEO owns 97%, but what can you do :)
I'd say somebody in the government is keeping a very close eye on what happens in the Linux kernel. So much so, that they are submitting patches and code to the kernel themselves.
Kinetic stupidity has a new brand leader: Allen Zadr.
Do follow the link on the parent post. Even more important than the definition of EAL is the protection profile that is used. To quote the overview of that profile, it "provides for a level of protection which is appropriate for an assumed non-hostile and well-managed user community requiring protection against threats of inadvertent or casual attempts to breach the system security. The profile is not intended to be applicable to circumstances in which protection is required against determined attempts by hostile and well funded attackers to breach system security. The CAPP [Controlled Access Protection Profile] does not fully address the threats posed by malicious system development or administrative personnel."
Or, as translated into colloquial English on the link " Don't hook this to the internet, don't run email, don't install software unless you can 100% trust the developer, and if anybody who works for you turns out to be out to get you you are toast."
If the problem is that non-Americans are working on software that the U.S. military is using, I wonder what he thinks of Indians, Chinese, etc working at American companies? I also wonder what he thinks of SAP which is a German Company? Or how about MS, IBM, Novell, etc all of which have substantial development groups located outside of the U.S.?
What a bizarre article.
The statement "Yet, despite the "many eyes," new security vulnerabilities are found in Linux every week in addition to dozens of other bugs." Shouldn't one consider that the "many eyes" are the developers finding those weekly bugs? Wonder how many eyes are looking for Green Hills software bugs?
As long as people are involved, mistakes (bugs) will be made. But saying that malicious code is more likely in a product where someone CAN examine the code verses a product where no one can is just plain stupid. There is obviously an undisclosed agenda here (might that be selling a DO-178B Level A rated real time OS, aka Integrity? Getting a lot of Linux competition, eh?).
As to the standard DO-178B...the first 90% of the article is about security, then you mention DO-178B. DO-178B is not a security standard. DO-178B is a FAA safety related standard for software. Any software certified under DO-178B can still be full of unknown security holes. The standard may be required for software used in flight related applications but it does not mean the software is also secure.
The level A rating doesn't even mean "most secure" as the article seems to imply. It means that if the software crashes, it will not affect other software that is running. In other words, the software is ISOLATED, not secure.It is amazing the things companies will say when they are losing ground to a competitor.
The NSA: The only part of the US government that actually listens.
It's wrong that an intellectual property creator should not be rewarded for their work.
It's equally wrong that an IP creator should be rewarded too many times for the one piece of work, for exactly the same reasons.
Reform IP law and stop the M$/RIAA abuse.
Your sig is complete bullshit. The only person who should have the right to decide what "too many rewards" are for a work is the copyright/patent holder. Otherwise we're talking about censorship and government control of industry.
Or do you think Congress should decide that "640k copies of Windows should be enough for everybody?"
IP law is FINE. It's doing exactly what it's supposed to do...it's keeping people inventing new things to get around other people's patents. Choice in solutions is a good thing...and having a dozen solutions that do the same thing is NOT a choice!
Hey freaks: now you're ju
For military and security purposes, you want access to the source code and you want your own people to review every single line for intrusion opportunities.
Your BEST option is open source, because you get to:
A) Review every single line, compile it, configure it and install it yourself.
B) Save money by not having to develop it from scratch yourself.
I'm afraid I have to give that guy a hearty DUMBASS.
Dumbass.
Just as parent post suggested. Except, the govenment is already auditing open source, and customizing the Linux kernel to it's own needs... Does nobody remember NSA Secure Linux?
Kinetic stupidity has a new brand leader: Allen Zadr.
STUPID ARGUEMENT
The code does not have to be modified by evil people. ALL CODE HAS BUGS So all code should be checked, and not just by the people that write the code. The entire point of Open Source is that LOTS of people check the code for bugs. The difference between an "Evil Easter Egg" and a "bug" is just the intent of the programmer. Open source is MORE likely to catch an "evil Easter Egg/bug" than a closed source technique. Having a Spy try to sneak one is ridiculous because the the same bug detection routine will also detect the evil easter eggs.
But closed source DOES have one advantage over Open Source: secrecy.The problems with Open Source Defense programs are 1) "They" know exactly how good our programs are and 2) "They" can use them themselves.
Because of these two things it is not a good idea for most Defense purposes. We want the bad guy to NOT know how good our stuff is and we do NOT want them to have the same quality stuff.
excitingthingstodo.blogspot.com
O'Dowd is obviously making some kind of lame attempt to "diss" open-source software, probably because he fears it.
If he posted this on Slashdot, he would be considered a troll and modded down appropriately. His comments look like a well-crafted troll to me. One might think he said it just to giggle with delight at all the Slashdotters in an uproar.
...then it's made of nice, transparent Plexiglas.
Err, copyrights and patents are only valid for a limited time; the government is already controlling how much the copyright/patent holder is entitled to...
IP laws are entirely artificial, government granted special privileges. Of course it's reasonable for governments to try to fine-tune what level of privileges are granted. Sadly, they've been siding with big bucks rather than the public good lately.
Your mentioning censorship (which has absolutely nothing to do with IP protections) makes me feel like I'm responding to a troll...
Bits and pieces of Windows are developed in India, China, USA and god knows where else. On top of that any large software company employs LOTS and LOTS of foreign nationals who can just as easily sabotage the code from over here if they're smart enough to push their stuff unnoticed through code reviews.
The issue here is that defense institutions should be reviewing every piece of code they're running. This can be prohibitively expensive and long process, but if they want security, that's the only way. That's possible with any OS they run, because they can have whatever source code they want, proprietary or not, in exchange for those fat, nice military contracts.
We can all either die a horrible death due to irresponsible proprietary programming, and the security threats it increasingly represents in the enterprise as computing continues to spread to the masses,
OR
We can be crushed by the horrible threat of Open Source software which falls prey to Evil Foreign Interests...you know, those naughty, evil programming hordes not already writing virus/worm code for the security holes all too common in proprietary software in popular use.
Give me a break! Ignoring the fact that I trust the QA models followed by *most* F/OSS coders found in the mainstream (of that set) more than those of their proprietary counterparts, this smells of someone heavily invested/funded by corporate interests. Nowhere else would one find an argument against something you can see, and check yourself being based on the fact that you can see, and check it yourself.
I undestand concern over security in code. I just think the guidelines that define what good security is, and the rules by which it is governed should be universal...regardless of the development model being used to create it.
Who is this guy?
Does he really think that there is a greater % of USA developers working on Windows than are working on Linux?
Does he believe that the DoD won't check the kernel code itself dor backdoors?
Does he think that the DoD is happy that they need a court order to look at the windows kernel?
Is he even aware that for most important defence system, the DoD write its own OSes?
This article is the worst kind of FUD. Preying on NAtionalism, Fear and that wonderful old Fear of Terrorism card to get us off Linux.
He's trying to plant that image of Osama Bin Laden gleefully grinning into a laptop screen as he inserts a backdoor to the Linux kernel so he can launch nukes for a hilltop over Tora Bora.
Someone needs to rebut this gues argument to death.
May the Maths Be with you!
Let's see, Green Hills Software makes closed, embedded operating systems. Direct competition with uLinux, RTlinux and eCos. Self-serving comments? Couldn't be.
'Sides, is the army really worried their HP print server will send out copies to an outside IP? I'm assuming they have better security then that. Maybe I could be mistaken...
My Other Computer Is A Data General Nova III.
This also ignores the fact that the infiltrator has to spend time building up a reputation to get himself able to submit patches to the source, then if you catch him submiting bad code you just block that guy. It's much cheaper for you to stop him than it is for him to try to screw you up.
The part of the government I work for insists on using Open Source ideology whenever and wherever they can. I could never talk about what systems, but you (slashdot crowd) may be suprised at how widespread open source software is. And in what systems such software is used.
I can tell you from previous experience at a private company, that open source software is used quite frequently in systems that the government purchases. The linux kernel would be a prime example.
This talk about open source being un-american, un-patriotic, or a threat to national security is PURE BS. The people crying about these things now are way too late. It's funny as hell too. =)
Nope. Open source is still the best way to go, along with open government. When you let people hide "stuff", and when it's connected to massive political power and heaps 0 money, that's when crimes occur. The best bet is openness, bar none. It is not perfect, but it's the best design yet.
Sure, there is a threat in the Open Source movement. But, how is that threat compared to offshoring? I don't think they are any different. Yet, when a threat is something that enhances the bottom line, security concerns are not raised.
There are different types and levels of certification of software used by the govenment. For example, a lot of the FIPS (Federal Information Processing Standards) guidelines apply to crypto. And there are levels of them. The simpliest levels only require passing a test suite, but the more complex levels REQUIRE external line-of-code auditing, formal mathematical models, etc... Very expensive, very in depth.
I've worked on projects which went for lower level certifications, and while there is a lot of BS, it's also clear that there it would be nearly impossible to trojan the code and anything other than the lowest levels of code.
Software has specs just like everything else. The higher the risk, the higher the inspection bar. The flavor of Unix used to control the Boeing 777 airplanes was audited in amazing depth because a bug could have life-or-death consequences. The code used to host some less-than-critical NASA webserver is likely off-the-shelf. If it fails, big deal. The impact is commisurate with price.
As for trojans, I beleive sneaking something nefarious into FOSS is a lot harder than into something commerical because the source of the FOSS is always available for inspection. With closed-source, you give the code to an auditer, they audit it as quickly as possible (because it is a business) and give it back. Once the source is returned, there is no oppertunity to audit. There is no chance of some motivated nerd with a personal project downloading the source and stumbling accross something the auditers missed. If the end-user notices something "fishy", they have no way to investigate it themselves in their own environment.
Okay.... one last point...
On a project I was involved with, we used a very fancy cryptographic co-processor to do things. The co-processor was certified to FIPS-3, and later became certified to FIPS-4. (which was a BIG deal, it was the first device of it's type to EVER to reach that level) Funny thing was, every once in a great while, my code would reject a valid digital signature. It took a long time, but it turned out that the card's firmware had a bug which caused a certian mode if SHA1 to digest incorrectly if a certain pattern of bits occurred in a few specific places. It was a bug in the software, not a trojan, but the point is that even in a closed source environment which is heavily audited, stuff slips through. I doubt I would have been able to determine the bug was in the software if I wasn't an expert user of the software, and didn't have a direct line to the engineers who made the hardware. (We work for the same parent company...) A third-party customer (even the government) would have had a LOT harder time. If the source was open, that third-party is at least on equal footing should they choose to look into matters themselves.
Let me comment as one who has some background in NSA/NIST/TCSEC/CC evaluated software.
... not functionality or speed or compatibility ... can come before security in any design or coding task.
If you bet your life or your country's safety, you want something like Evaluated software doing the protecting. And not just EAL4 level stuff like NT. Look at the common criteria and look at the definitions of what the software evaluation levels are appropriate for.
Evaluation at a greater than EAL4 leval means that the documentation and test development each take much more time than the coding. The Evaluation itself (assuming the vendor has all his docs and tests complete) takes twice the time of the development. The Evaluation is done in a 4 tiered process with each of the 4 entities (lab, validator, tecnical approval board and vulnerability tester) having access to the source code and to the developers documentation and to the developers themselves.
High levels of evaluation require single source development under a single set of development standards.
Code developed, in our group, is reviewed in writing by 3 of the most senior architects of the product. Each reviewer objection or concern must be satisfied until it passes to the next reviewer.
So that means that we can document that 7 security trained people or outside organizations have looked at any code that is declared "Evaluated".
The object code is delivered in a trusted distribution methodology such that there is end to end verification (including while loading and while running) that the code that was developed and evaluated is the code you are running.
Now compare the Linux method of development and distribution.
To say that the code is Linux code is locked down and tested is to say that the barn door is locked too late in the process for the kinds of things the author of this posting is citing as potentials for happening. The emphasis must be on security over all, designed in from the begining and nothing
Is every Linux improvement preceeded by a security review?
Is there a security guru that can stop ship?
Is the security guru trained in security?
Is the security guru management supported?
Developing and deploying secure software is a time consuming, expensive, specialty that only a very few companies attempt.
The evil Open Source claims that bugs are shallow because of the "Many Eyes".
The "Many Eyes" does not work for the good guys. If many eyes of good guys look at the source, they are blind to the security problems. But if "few eyes" of the bad guys look at the source, the security problems will be glaringly obvious, and they can exploit those weaknesses. Does that help you slashdotters to understand better?
The very openness of the source only helps bad guys find the security problems! Don't you get it? Terrorists can look at the open source and find bugs! But if skilled contributors look at the same source, they will never see the security problems. Open Source is a threat to National Security! (And causes impotence!) Even worse, it affects Microsoft and they might end up having to live on the 5-9% margins that the rest of the industry lives on!!!
I'll see your senator, and I'll raise you two judges.
In general, the military doesn't certify code as secure until it's been around for a while, and most of what we think of as Linux and Open-Source is pretty new.
From a security standpoint, the newer code in Linux is an advantage. It means that a larger portion of the code was written AFTER the need for secure coding practices had been demonstrated. Particularly concerning buffer overruns.
If the CEO of Green Hills wants to be a Grade A bunghole about this, don't drag the Wind River people into it. Are you going to drag the QNX people's name through the mud on this next because they write a proprietary embedded OS? If the Wind River people said something then cite it, otherwise they don't deserve being implicated in this at all. In the vernacular of the early 80's, that's just majorly uncool---unfair to the max.
Reasoning is perfectly sound when one considers that the estates of long dead artists are still lobbying for copyright extensions.
Tell me how the deadbeat families of dead artists promote creativity?
Are hard to secure.
It's not fud you idiot. You obviously are no expert. What about the trojan horse in linux a couple of months ago ?
You can't throw out the 'fud' allegation at every organization that doesn't use linux.
Linux wasn't meant from the beginning to be secure like openvms which the military does use.
Linus only takes patches from the people responsible for appropriate parts of the kernel. To get a patch through requires convincing those individuals -- and they do check the patches. In my experience, getting patches into the kernel is not a trivial matter, in fact it is frustratingly difficult. Futhermore, even if you succeed in getting a patch into some esoteric driver, the less mainstream it is, the less likely it will be in an active kernel.
If the various world governments will go through the trouble to audit defense contractors' code, then they can save themselves some trouble and audit Open Source code instead; any vendor establishing from that base will require less time in audit later. If the governments do not demand an independent audit of contractors' code, then that is where you will find the weak link. With Open Source, you always have the opportunity to audit at any time, diff against previously audited sources, and compile customized code with minimal audited feature sets.
Green Hills is saying "Trust Us! Trust Us!" Open Source is suggesting you trust what you can independently verify before your own experts' eyes.
As for the tool chain issue, you are seriously glossing over the obvious -- all the statements you have made apply to proprietary vendors as well. The solution is simple: don't upgrade the tool chain until the changes pass inspection. This is standard operating procedure for all mission critical deployments.
-Hope
No, they aren't ignoring, they are denying it. Because it's bunk.
- Accountability has very little to do with preventing problems and everything with placing blame after they happen.
- Open source has more loci of "authority" than closed source, chained in a check-and-ballance system that greatly improves their effectiveness. And the cap stone is, I get to make an informed choice about what I run on my boxes.
- It isn't true that closed source developers don't have to worry about backdoors, but it may well be true that they believe that they don't. There have been many cases of backdoors in popular closed source programs (Remember "Netscape engineers are wennies"?) but can you name one backdoor that made it into a widely used open source product?
- As far as knowing the identity of the person who supplied a patch, this is just plain nuts. I can (and have) easily tracked down the person who wrote/submitted a patch to an open source product, and the person who accepted it--often, I can have an e-mail wigning its way to them in miuntes. But I can't recall ever learning the identity of a programmer who made a change in a closed source product, or even being offered the means to.
-- MarkusQThis is at least the third time O'Dowd or one of the other unhappy campers at Greenhills has managed to get this published. I suppose that it is nice to keep count, but it is hardly "news".
...Since they shut it down completely.
--LordPixie
s/countries/Microsoft/g;
Glog!
Closed source programs that originate from off-shore outsourced locations are dangerous to national security because:
1) the source code is hidden
2) the off-shore origination is unknown
3) the security clearance of the off-shore origination is unkown
4) the off-shore developers have layers of seperation for direct responsibility of malicious code
When an open-source developer releases code, their is a direct degree of pride in work and reputation of name. Open source can then be reviewed by local programmers with proper security clearance and background checks before inclusion in critical systems.
Most that are strongly anti-opensource are mearly wishing for the old days when things like the GPL were little known and companies would blatantly steal intellectual property of the individual developer.
$5 / month hosted VPS on linux = awesome!
This just in, OUTSOURCING is a security risk!!!
you guys are idiots, get the facts right first
1) Green Hills' Integrity RTOS is not closed source. "INTEGRITY is available in binary distributions, Binary with BSP Source, as well as affordable full source code distributions."
he's talking about an open-source development method where lots of people from all over are contributing code. they probably have a team of a few guys who do the entire OS, and know everything about the OS. plus, they pay people to review everything and certify it!
2) because they "support" Linux doesn't mean they are hypocritical. their development tools support linux-- who cares what your desktop OS is, that doesn't have to be secure. the embedded OS in the field does.
3) NSA SE-Linux. Jesus, this doesn't mean linux is secure!!!!!! "This work is not intended as a complete security solution for Linux. Security-enhanced Linux is not an attempt to correct any flaws that may currently exist in Linux. Instead, it is simply an example of how mandatory access controls that can confine the actions of any process, including a superuser process, can be added into Linux. The focus of this work has not been on system assurance or other security features such as security auditing, although these elements are also important for a secure system."
**simply an example of mandatory access controls** that's it.
get things straight before you go spouting bs
On some architectures, anyway.
Best Slashdot Co
(make note of the retort to the FAA example--obviously the article was not well researched)
This article lacks depth. While O'Dowd makes no factually incorret statements, his argument against the use of open source software in critical applicataions (patricularly military applications) is quite flawed.
Firstly, O'Dowd argues that code is contriuted by authors in countries the US would not consider purchasing from for national security reasons, including China and Russia. He takes this fact alone and leaps to the conclusion that this leaves the door open for malicious coders to sabotage code.
Mr. O'Dowd has made a fatal mistake in his reasoning. Such a fact might be of concern when considering propretary code, however since complete access to the source code is both legally and monetarily free it allows for the military (or any other organization) to carefully scrutinize the code before compilation and deployment. In fact, the kernel maintainers (none of whom are security threats) control what changes become part of the standard release already--as part of a very transparent process. The same cannot be said about Windows or any other proprietary code--the ability to view or alter proprietary software is encumbered by very high monetary and legal requirements.
Furthermore, the leading proprietary alternatives are engineered by very large, multinational corporations, and as such you cannot guarantee the origins of that code either. I've personally heard of a case where a programmer for North-American based proprietary software vendors has been linked with Al'Qaida symethizer groups. At least in the case of Linux, you can personally verify the legitimacy of the code.
As for the Common Criteria specification level of Linux vs. Windows, much has to be done to a Windows implementation to make it conform--its approval at a certain level merely means it is POSSIBLE to secure it to a certain level. Windows certainly does not arrive out of the box with even rudimentary security measures implemented. The same is true with Linux-based systems--technically, a Linux system is a pile of source code waiting to be compiled, so it's security is largely an exercise in configuration rather than the way its fundamentally designed. Of course, should a certain level of standards requirement need to be met, you can bet Linux will be made to conform--the NSA is working to make the most secure Linux system available to the masses right now.
O'Dowd is very correct in stating that Windows should not be the standard developers should aspire to in terms of stability, performace and security, however in suggesting an alternative he suggests the FAA as the place to look for stringent security and stability requirements. This is certainly a good place to look, however he has shot himself in the foot, because the FAA has decided that in upgrading its common ARTS system that the best platform on which to build is--surprise surprise--Linux! An informative article on how the FAA is using Linux details how Linux is being used to phase out an aging, obsolete and very proprietary system.
Mr O'Dowd's company specialses in offering proprietary solutions and has a very close relationship with Microsoft, so it is natural that he would be critical of the competition. It is a shame he is not able to make a more compelling argument for his case. I suggest he and his company adopt a more open-minded approach and consider the best solution for any particular application, whether it be proprietary OR open source.
Contract yourself out, or form a company...contract with DoD to do source audits. Anyone that gets in and sells the govt. on this early could make a killing.
If you happen to do this before I do...remember me with a cut of the $$ for the idea....hahaha.
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
http://www.usatoday.com/tech/news/2002/02/07/tech
The next part is told at http://www.nationaldefensemagazine.org/article.cf
The army did not take Linux out of sheer stupidity, not knowing other alternatives---the army took Linux after serious considerations of its rich and expensive experience with several other alternatives.
Mr. O'Dowd speaks of Linux being worse than Windows, and Windows being almost as bad as Linux. Looks like his Green Hills Software was part of the firs expensive exprience of the army, first losing its contracts to Windows, and then to Linux.
Take a look at this.
It's amusing because O'Dowd makes a point of saying the FAA's standards of reliability and security should be what we aspire to, suggesing Linux isn't up to the task. The FAA obviously disagrees.
You do not have to press the "Enter" key when reaching a line end.
The text box will automatically wrap text onto the next line.
Doing it manually is annoying on a forum like this.
Very easy to hide any code you want.
Secure operatings sytems tend to be microkernels.
the devio driver for USB wasn't even looked at over the whole of the 2.5 release series, it's got lots of bugs, and doesn't work on usb2.
There are also a few other areas of the USB system that havn't been updated or looked at for a while.
The patchs I sent about 10 months ago fell on almost dead ears. I think I'll raise a kernel bug and post the patchs again.
thank God the internet isn't a human right.
or is this just a rehash of an old story?
When copyrigth expires, of course
? That's what i am asking !
When can i take the source code of GIMP and release a closed source (commercial) Super-PaintBrush ?
Why I cannot find the word expire in GPL ?
but if the military found F/OSS software to be superior, then so be it. If they're worried about it coming into the hands of their enemies, the DoD's implementation does not have to go back into the public via GPL. Since the Military isn't "Public" in many aspects, I don't believe they should be bound by the GPL in the sence that any changes used and put in place inside their tanks or jets can be used in the public anyhow, it shouldn't be released.
make sense?
just my thoughts.
Guess according to yor standards, only open-source is acceptable from a security standpoint.
You certainly can have some very reasonable security standards, that can only be met by open source software. You can also come up with security standards that not only require open source software, but even requires each user to review and compile the source on their own. That would be a bit too unrealistic. Somebody should come up with ways to verify that available binaries are really build from sources they claim to be, and ways to know who have reviewed which parts of the code. If all relevant parts of the source have been reviewed by people you trust, and correct building also has been verified, you don't want to do that on your own.
Do you care about the security of your wireless mouse?
Unless my memory's foggy, didn't the Dept. of Homeland Security and CERT advise everyone recently to stop using closed-source Internet Explorer, developed by an American company, and switch to open-source Mozilla, an international effort for security reasons? Nah, I must've dreamt that...
The article claims that since unintentional bugs are so hard to find, it's ridiculous to think that the intentional bugs can be caught. I don't know about you, but I wouldn't be surprised at all if intentional bugs are easier to spot than unintentional ones. I've found that unintentional bugs are often far cleverer than anything I can think up myself.
As if Micro$oft and other closed-source DOD suppliers don't use H1B Visa software developers.
Or even better, a foreign intelligence service can offer H1B developers *and* H1B QA people who can cover the tracks of the H1B developers as they plant Trojans against the US.
Or even better still, the spymasters could arrange to bid on outsouced pieces of the Windows OS and other products to Indian Consulting firms, that way there's even more code to hide Trojans in!
Hmmm....
I never understood the point of his FUD, up until he started writing about this, I would not have considered Linux a viable alternative to Integrity (One of the RTOS's from GHS), for a varaity of reaons. ....
Keep in mind that this is not a destop, workstation, or server OS, this is hard real-time. You can't use something like Integrity for a desktop or server (well, it might be possible, but I doubt that it would perform as well as some *nix or even NT/2k/XP). And you shouldn't use something like Linux or Windows Super Server of the Year Edition for flight control. He actaully has me wondering how well the latest "real time" patches for Linux actaully perform
On a side note, I know a few people who work at places like Northrup and Lockheed, and from what I've heard, on a lot of projects, code is changed, documented, changes logged, and tested on almost a line by line basis (Obviously not counting a curly bracket or something like that as a seperate line). The versioning software keeps track of who changed what on what line, and when. That's not something you will find in Linux, any open source developers here up for that level of documentation? On the other hand, it is true that that's something you won't find from microsoft either.
I always prefer to start the year off with a bang - or, to be more precise, a series of loud hums, a crackle or two, and
nsa crypto keys in nt
The June issue had an article from GHS, and one from LynuxWorks. COTS Journal is published for developers (Systems, hardware, and software) of commerical off the shelf products, which is essentailyl a standard for military procurement where possible (You can get a computer, OS, etc, "off the shelf", but something like a sub or cruise missle is another story)
? id=100128
? id=100129
LynuxWorks: http://www.cotsjournalonline.com/home/article.php
GHS: http://www.cotsjournalonline.com/home/article.php
I always prefer to start the year off with a bang - or, to be more precise, a series of loud hums, a crackle or two, and
Since a lot of "closed source" software is written overseas now what's the difference?
At least the "open source" is open (or so they tell me)
I smell a desperate software company about to be swallowed in the last few ripples of the Big IT Bubble Burst of the 90's.
"If any question why we died, Tell them because our fathers lied."
A bug that cannot be found... 'tis not a bug at all.
... and in the DRM, bind them.
I find it interesting that open source software is considered a risk because individuals from other nations are allowed to participate in the development of the code...
How does this differ from corporations which provide software to the military who outsource their development to individuals from other nations?
The only difference is that the OSS model involves corporations giving up some of their control over the rights of the product and corporations don't like that.
Otherwise, the article makes assumptions of differences between OSS remote participation and outsourcing which has no material relevance.
The idea of outsourcing being more secure because security checks are done can be argued, but even security checks fail and someone who is cleared can decide to sabotage. The problem is that once someone is vetted, they are trusted. This is actually worse than the OSS model where no matter who you are, the code is reviewed with the same level of scrutiny as anyone else's code.
I can think of so many instances of calling support, having to provide my personal identifying information to an individual who was either not in my state or not even in the US.
Sounds more like a double standard of judgement from the corporate viewpoint that is prejudiced against OSS projects.
Winged Power Photography
What Dowd fails to mention, in all of this, is that Level A certification requires a detailed specification of requirements that the system must implement. These requirements must be covered by test cases that give full requirement coverage (or appropriate analysis) and structural coverage (for Level A, it is MC/DC statement coverage). The Open Source methodology is a long way from being a DO-178B compliant process, and rightly so - the rules for change control of a Level A-certified product are the exact opposite of the "release early, release often" method embraced by a typical open source program, because the development objectives are entirely different. This does not mean that an open source program can not be certified to Level A - it means that it requires a great deal of work on behalf of the organization submitting it for Level A compliance, first.
DO-178B is the most rigorous safety evaluation standard in the aerospace, automotive, or defense industries. There is no difference in the DO-178B certification guidelines for verifying a closed-source vs. open-source application. The problem that both of them have to come up with is documentation of the process used to produce the product, along with design and architectural requirements for the application that can be independently verified for full MC/DC statement coverage by an independent third party. Each application must be shown to accomodate space (memory access) and time (real-time scheduling) partitioning requirements on any device it is run on.
Most Level A OS's are a RTOS with (if you're lucky) ANSI and POSIX libraries for I/O and math. There are companies that have modified Linux for use in real-time embedded applications, but the standard Linux scheduler is not real-time, and does not perform space partitioning of application memory (which means it can be Level E, but nothing above that). If it does not affect safety-critical parameters, it doesn't have to be Level A - Levels D or E are acceptable.
This person is already too late. We already run Microsoft Windows.........
Whoa, he comes out and says it like that? Man, if I were part of the Gringo-hater crowd, that'd give me fuel for years!... :-)
Dan O'Dowd fails to see the due diligence involved in Open Source projects. Many times before programers have discovered clever attempts to hide malicious code in Linux source and other separate programs. He fails to see or is refusing to acknowlege how smart and persistent the programers involved really are. If its there someone is going to notice and send up an alarm. When it happens it gets taken care of quickly.
Specks
Batteries not included
A lot of other governments are moving away from Microsoft b/c they're pretty sure we're using Windows to spy on them.
Unfortunately, you can't guarantee that someone looking to subvert windows in a subtle way won't be hired by (or more interestingly, license their code to) Microsoft- so with closed source you basically get the worst of all possible worlds.
microsoftword.mp3 - it doesn't care that they're not words...
The relevant bit is section 8, clause 8:IP law is NOT fine. Measured against the US Constitution and the intentions of the founders, it is severely broken and dysfunctional. "Limited" is rapidly becoming "unlimited" (95 years?!) and "promote the progress" is becoming "secure perpetual revenue streams for corporations".
For every problem there is a solution that is simple, obvious and wrong.
> Why I cannot find the word expire in GPL ?
For the same reason that, at the end of the movies, you have the copyright date, and not the end-of-copyright date.
Because copyright is extended by disney each time steamboat willy (early 20's) is about to become public domain.
To be clear, the answer is "probably never". Complain to you congressman.
Note that, if the GPL had the word expires in it, it will mean that, at this point, you would NOT be allowed to DISTRIBUTE the gimp ITSELF.
Understand the the GPL is a license that GIVES you the right to distribute, not a license that LIMITS what you can do (like all other EULAs).
What you want is to know when the code will be public domain/BSD licensed. This have *nothing* to do with the GPL. Wait for copyright to expire, or see with the author of the code. Tough.
I just want to say that I have no problem, in principle, with using open source for something like the RTOS in a flight control system, or some other hard real-time application.
My issue is with trying to make a hard RTOS out of a *nix base, I don't think it's the best approach to take. The only OSS RTOS I know of is XMK, which is nice, but only supports microcontrollers. Is there a true OSS counterpart for high end RTOS's yet?
I always prefer to start the year off with a bang - or, to be more precise, a series of loud hums, a crackle or two, and
he is terminally paranoid. I understand that he has a vested interest in FUDing FOSS, but let's attack his argument for a second:
First of all, what truly important piece of software would possibly be part of open public development? I thought this was specialized enough of a field that the only people who had any competence with what you were making were already trusted anyway. Wasn't SELinux developed *inside the NSA* before it was released?
Secondly, assuming a vital piece of software WERE being developed publicly, someone trying to insert malicious code would have to make it past a few barriers, the first being the most complicated. He would have to: 1) Know what his deliberately inferior code would probably do in the finished product versus what a non-ciminal would want it to do. 2) Get it past the critical eye of a few other developers, 3) Slip through some kind of government screening. And all the while NOT make anyone suspicious.
And even then the results are not guaranteed. What is your cyberterrorist counting on? I sincerely doubt that he could have snuck a back door into the code given all those hoops. I don't think the deliberate bug can be both significant and unknown at the same time. Is he hoping that his bug will cause the software to make a slight miscalculation? Whoopty shit. Whatever agency he or she is working against will be annoyed for a little while and then fix the problem.
Even if his deliberate bug caused a catastrophic failure, it can and will be traced back to HIS contribution, and if some terrorist group stands up and says "Ha ha! Look what we did! And here's why!" (and if it's Al-Qaeda we can be almost certain of this) That man is immediately under FBI surveillance and probably arrest.
In any case, inserting a bug would be a lot of work. A lot of work for an uncertain return, and success will mean almost inevitable detection.
Why some terrorist would bother with this approach is beyond me. It's so much easier just to fill a truck with dynamite.
So much so that the various parts of the U.S. federal government now advise their security-conscious staff to no longer use Microsoft's Internet Explorer web browser.
We were talking about *rewriting the software from scratch*. That *does* require a design, and a good design *does* jump out at you (after you spend some time examining it). It is IMMENSELY easier to see that a design is good than it is to come up with a good design.
The examples you're talking about are not design issues, they are implementation issues. Yes, they require code inspection. They don't jump out at you, generally, they require looking in depth. That does nothing to invalidate my point that it will take much, much more time to rewrite a system and validate that it's good than it will to take a written system that's seen use and validate that it's good.
Anyone who claims that they can rewrite software and validate it faster than they can validate software that has already seen production use either isn't a professional developer or isn't thinking clearly. Making that claim doesn't indicate you're stupid, or not a professional developer, it just indicates you made a mistake. Are you really trying to defend that claim after having the error pointed out?
Just to anticipate another straw man, I'm also not saying that you shouldn't rewrite parts of the software that are insecure. I'm not even saying that it never makes sense to rewrite something that wasn't written with security in mind. I'm just saying that it's crazy to claim offhand that you are going to write from scratch software that's better than something proven to work, or that you will have fewer security holes writing from scratch than you will get from something that some magical guy who has built a reputation in the community to the point he can submit patches and then introduces subtle enough bugs that review doesn't find them.
And I'll say it one more time: a secure design *sure as hell does* jump out at you much more readily when it's in front of you than when you have to figure one out from scratch.
..
..
14. Friendly fire isn't.
-- jimmycarter
A liar always assumes eveyone else is lying. A poor coder who ensures a living by obsfuscating code behind proprietary rules and can't endure a decent code review, assumes that every one else is a crappy coder as well. I feel the exact opposite is true, and I also think the figures support that kind of view. OSS is NOT perfect, it has many issues and will constantly be an ongoing project, but the openness ensures that should you company/country etc ACTUALLY WANT to check for security you can cross check EVERY LINE OF CODE, how can any closed source EVEN COMPARE. Consider the denial of liability and a closed source, should there be a problem there is NO RECOURSE.
errr....umm...*whooosh* *whoosh* Is this thing on ?
His last attempt was back in January.
Forgive me, I am not a software expert, I am not worthy.
But...
I thought one of the major point of open source software was the ability to examine that source code. Upon examination, if an error or security problem was detected, such an error could be fixed by the user.
Is this not the case?
With the assumption I've made, all the cards are on the table. I further assumed that close source software would be more secure than open source only if the user was also the programmer and the source was never revealed to anyone. Close source software from a third party would be completely untrustworthy...for all of the reasons mentioned in this article.
What the hell have I missed here?
. Quit playing Monopoly with Bill. Switch to one of many non-Microsoft products today.
/* au contraire, Pierre */
int
main (void)
{
return 0;
}
I think a better fear would be that a closed source company submitting bad code to the open source projects.
This would pose a good way to put bad press on open source systems.
as proven by this previous story...
m l
http://slashdot.org/articles/04/03/02/0719247.sht
With both closed and open source software, there needs to be checks for accuracy. It doesn't matter. At least with open source, there are many many more people using the code and more chances to test edge cases. The DoD is not going to run anything that is mission critical without regression tests.
I posted this comment directly to Mr. O'Dowd's article, but re-issue it here:
I think that Mr. O'Dowd represents one extereme end of the community, and a very
paranoid one at that. His argument has a certain degree of merit, but he, like most of
those posting comments, has missed the point. I could post a lengthy rebuttle to Mr.
O'Dowds points, but that would be useless as his statements are based on his beliefs
and belief systems are difficult to change. Instead, I will say this...
Mr. O'Dowd in an attempt to strengthen his position rattles off a number of socially
obscure references to government security standards and policies. Attempting to
create emotion in favor of your position by spouting off vague and obscure references
to security standards shows, well, Mr. O'Dowd's insecurity at best. I do not dispute the
relevence to his position, but I do dispute the FACT that Linux has not passed nor
been tested to meet these standards. Let me be direct. If Linux is going to be used in
operational areas where these standards exist, then it MUST pass them now doesn't
it? These standards exist and MUST be adhered to whether the source is open or
proprietary. Using them as a means of disqualifying Linux in operational areas is silly.
Attacking Linux by saying that because it is open source someone can "easily infiltrate
the Linux community to contribute subversive software" is also rubbish. Going back to
Mr. O'Dowd's argument about the standards compliance, he totally destroys this as a
valid point. The clearance process for the software to be in compliance with the
standards he mentioned would prevent this from happening, just as it does for
proprietary code. Basically, when the government and matters of national security are
involved, there is no such thing as closed code. The code is scrutinized very carefully
no matter what the source.
So what does this all mean? Well, Mr. O'Dowd, as I mentioned above, is at an extreme
end of the spectrum. His comments, although alarmist and defensive in nature, have a
certain amount of value. I believe there are enough checks and balances in place to
see that our nations secrets and its critical systems remain safe. One thing also to
keep in perspective is that NO SYSTEM, open or proprietary is safe from attack or
vulnerabilities. That is an unrealistic ideal. However, I do not think that open source
software poses any less or greater a threat to security, but does offer a much more
flexible solution than a proprietary counterpart.
Jason Lockhart
Director, HPC and Technology Innovation
College of Engineering
Virginia Tech
He didn't say we should use Microsoft Windows, merely that we shouldn't use OSS for sensitive operations. In fact he even discourages the use of Windows just as much as Linux for sensitve government work.
Mathematics is made of 50 percent formulas, 50 percent proofs, and 50 percent imagination.
it's laughable to think that code could be inserted into the linux kernel that would allow some 3rd party to take over the computer. The basic os security code is pretty set in stone (i think), so any changes big or small in that area would be noticed by many many people. oh no, al qaeda has hijacked linux. yeah right
I know I'm going to be modded up on this
Lest us not forget that WE'VE been planting trojans in software shipped overseas too. I recall a story here regarding deliberately sabotaged software shipped to some Russian pipline project. As I recall, the trojaned pipeline test software was designed to operate the pipeline at 10X normal pressure and cause an explosion...which it properly did, setting back the Russian government's energy plans.
When other governments start using OSS, they may be freeing themselves of these US planted trojans. I believe THAT is the major fear of the US government... Not that they will fail to detect a foreign planted bug in some fighterjet, but that OUR planted bugs will be found by China/India/Pakastan/Iran/etc... This would also seem to explain our government's looking the other way with regard to the Microsoft settlement. Remember that the anti-trust settlement was made within a week or so of September 11. Remember also the "Green Lantern" project, where our government was activly looking for ways to co-opt peoples boxes.
Software than cannont be easily trojaned creates just one more difficulty for our spy agencies. As with the gangster who was using pretty secure encryption, the government is now forced to use things like hardware keystroke loggers (meaning they have to have physical access to the unit), sneek-and-peek, you get the idea.
The US government has an interest in keeping people using insecure systems. How easy to you think it was to open those Windows laptops captured in Afganastan? Why, the NSA had those famous "NSA-KEY" entrys to Windows!... Easy as pie. The last thing they want is for KSM and OBL to start putting strong-encrypted filesystems on their Linux laptops in Afganastan. No way to plant the backdoor!
Expect to see a lot more of this type of FUD... The US Government has plenty of time and money to make sure that their Linux systems are safe, they just don't want others using them...
That should be ggp, not gp. My post was the grandparent, the origional was the great grandparent.
Mathematics is made of 50 percent formulas, 50 percent proofs, and 50 percent imagination.
Mr. O'dowd obviously does not know how OSS works. There actually are code reviews, ya know? People are going to look at the code and say "hey, what does this piece of code do?" Sheesh..
but the question remains...
What kind of idiot is he?
A slight parody on one of my favorite Far Side cartoons.
Quote: The NSA has not fixed, or even seriously tried to fix, the security problems (documented in this series of white papers) that make Linux unsafe for defense systems.
[...] If secrecy isn't important to security, then why does Linus Torvalds keep the means of accessing the core Linux development tree a secret from all but a few people?
Another FUD dose says
The GPL was designed by Richard Stallman to prevent you from making a profit from distributing his software (which makes up a large part of Linux).
Any sufficiently advanced libertarian utopia is indistinguishable from government.
That's a pretty good obscure set of circumstances. Does it mean it can't happen? No. But contrast this with proprietary methodology wherein a coder has (usually) unrestricted access to the code base. Hmmm. Sounds more plausible there!
Of course, the key thing to note here is that anyone who has to dredge the dread forumla that terrorism + open source == Disaster!!! is probably desperate to save his flagging business.
Wood Shavings!
- Godai
Where the developers make no attempt at finding bugs.
Backdoors, anyone?
Whatever it is I'm complaining about, I'm sure the Republicans did it. This is
To say that the code is Linux code is locked down and tested is to say that the barn door is locked too late in the process for the kinds of things the author of this posting is citing as potentials for happening.
So what's stopping the DoD from taking the source code base and doing their own testing and certification on it? Considering you claim to have had a background in this, I'm surprised you didn't think of this. This may save them some time in the long run, since they don't have to go through the effort of developing the software itself.
If I decide to use a library or module from another developer (OSS or otherwise) in something that I am doing, I always take the time to test it to make sure it at least does what I want and is adequate for the task at hand. Now, my own projects don't require a terrible amount of security, but if they did, I would be certain to do some testing in that area as well.
So I just don't get your point. You don't have to develop the code yourself in order to certify it if you have the full source available to you. And then once you have certified it, after making any corrections that you need on your copy of the source, then you lock THAT down. What came out of the original source base is irrelevant at this point. It only matters what you improved upon and certified.
Karma: Frotzed (mostly due to the Frobozz Magic Karma Company)
One's about money (pumping stock price) and one is about dirty, anti-social hacker-types. Guess which one wins?
Yeah, right.
It's a fallacy to claim 'A' is false becuase the person saying it is 'B'.
Yes, but that's not what happened. You've got causality backwards. What happened is that a person said 'A', which is false, so we started looking into his motivations for saying 'A', and discovered that he is 'B'. The fact that he is 'B' doesn't make 'A' false - you're quite correct there. The fact that 'A' is false, however, is why we uncovered the fact that he is 'B'.
I had never heard of Greenhills software before this nonsense came up. So I certainly didn't assume he was wrong because he is from Greenhills. I assumed he was wrong because he was wrong, and then googled Greenhills to see if I could find out his motivation for lying.
Note: the lie is not that OSS can be insecure - that's plainly true. The lie is that proprietary software in inherently more secure than OSS. The truth is that software security depends on how well the code is audited, which has nothing to do with whether it's open or closed, but open does provide more opportunities for auditing. Background checks are a red herring - the world is full of sleeper agents.
There was an article a few months ago in
Electronic Engineering Times.
It is a biased article which has been
ignored or laughed at by people with a brain.
You are now entering Green Hill Zone...
Please run to the right and collect the most rings possible.
When you look at the state of the world, how can you not become a radical, liberal anarchist?
Seriously. Los Alamos has had TONS of problems. Remember the Chinese spying scandal under Clinton ? Los Alamos. Intrusion tests have resulted in attackers breaching the facility and leaving with a wheelbarrow filled with nuclear material. More recently, the Los Alamos lab has been losing Classified Removable Electronic Media left and right. Employees have had security badges stolen. Hell, CREM's have been found for sale with obvious confidential labels in nearby stores.
I'm far too lazy to get appropriate links for all of their issues. I've got some examples in a post I made yesterday, but those aren't Los Alamos specific. Why not peruse the summaries and madcap linkage from someplace like DefenseTech ? The vast majority of those articles detail the University of California's complete mismanagement of the Los Alamos facilities.
And 'Liberal Whacko' is a strange term to hurl at them. "Completely oblivious to security concerns".
--LordPixie
Does anyone remember that Canadian company that was making US DOD software... and outsourcing some or most of the programming to China. I beleive that the DOD wasn't fully aware of where the work was being done until later in the game. Not that either of the parties involved had malicious intent, BUT, that in itself seemed far more vulnerable than code that EVERYone can see, and audit, and comment on.
That is why this articles assertions are so silly. The government is in MUCH more danger buying closed system where they have to trust the vendor than open systems where they can do a complete audit themselves.
I love the statements about a country introducing bugs that nobody in the community could find. I mean *HELLO*! If someone can devise it and write it there is someone else out there smart enough to find it in plain sight. For goodness sake: we have people reverse engineering closed systems like Windows where they don't have the source. We're to believe these people are too dense to catch cleverly hidden bugs in software they HAVE the source too?
Anthony Papillion
Advanced Data Concepts, Inc.
"Quality Custom Software and IT Services"
... because the US Corporations and Governments are commited to a never ending war against everyone not them.
Welcome to 1934... Germany. Except for the Net porn of course.
Cause Al Qaeda is reaallly technical...
YES. Open source share of the market is barely 5% and is causing panic with its potential to change computing practices for private and public sectors.
If it happens (god forbid) and the 95% of closed minded people cross over and switch, open source will lose its advantage.
For years, foreign institutions used Microsoft software with its shortcoming without raising paranoia hell.
Its interesting how we raise trust questions when other people are involved, yet we expect them to trust us.
By C.O.O Trusst International.
A number of postings have done an excellent job of describing why open source is not a security threat and, in fact, can be more secure because the source code itself can be audited, signed, etc...
This is a long discussion and I may have missed it. But I have not seen a mention of why Greenhills might be motivated to make the claim that open source is a security threat.
Greenhills sells proprietary compilers for embedded systems. They also sell real time operating system software. Their business model is under threat by open source. This is especially true in the area of real time embedded operating systems. With their compilers they can at least show that for a given embedded processor their compiler produces better code (this is not that hard to do against GNU for a number of architectures). But with real time operating systems (RTOS) they have less of an edge. Linux is becoming more and more widely adopted. Increasing numbers of people have experience with Linux.
Greenhills, one can speculate, fears a serious erosion of their RTOS business. This business is probably bigger than their compiler business (few people make much money on compilers these days). Taking a page from Microsoft and SCO they are attacking Linux using FUD. If this also helps their compiler business ("Who knows what trojans open source compilers might generate?"), all the better.
Let's see here, Microsoft won't release Source Code to the Open Source Community, but they'll gladly release the source code to the (Red) Chinese Government? (BTW: China is the new cold-war rival, now that Russia has been Democracized, but nobody mentions this)
I think if any software is a threat to National Security, it is Proprietary Software, and Capitalist Software Development Corporations who send their projects over-sea's to be developed.
The U.S. Marine corps. rely heavily upon Windows-Based operating systems for most of their inter-communications software.
Sad, but true! =(
the only permanence in existence, is the impermanence of existence.
This same hypothetical genius would have a much easier time at some proprietary copmany, where his code is not seen after the product ships...
Wizard mode was not (IIRC) a backdoor; it was a system admenistration account that required a password set by the site administrator.
There was a bug that allowed BG's to gain access, but (again, IIRC) it wasn't a backdoor put there by somebody so that they could later gain access to systems that weren't theirs.
-- MarkusQ
Hmmm vs what. One mega conglomerate corporation that will only show the source code to you if you sell your soul to them?
Seems to me if you pay 500 coders to review code for bugs, it still does not equal 50,000 or even 5,000 who do it just because they want to contribute. Seems like it would be very difficult for foreign countries to hide those bugs.
And what of outsourcing. Does he think that software that is closed source will be anymore secure?
Regardless if they go open or closed source there will be bugs to be found, and a country that really wants to can dedicate the monies and people needed to find and exploit those bugs.
I am Bennett Haselton! I am Bennett Haselton!
I wonder if there is an entry in Microsofts check book with the name "Dan O'Dowd"
Hmmm....what would be easy to sabotage, software that you have the source code to and can see all the code in the program or a proprietary program that has no source code to look at and compare with other versions?
Nice try Dan!
If I were a foreign adversary of the United States, and I wanted to exploit software to gain a strategic advantage, I would not go with F/OSS. There would be too many eyes, too many curious geeks with nothing else better to do than inspect my work, and too many other routes for my target to get source code other than what I have tainted. Rather, I would worm my way into a company selling proprietary software to government and industry. There are fewer eyes, so I would have fewer people to "manage". Influence a developer, one person in QA, and perhaps a secretary and I could have almost anything I want put in place and distributed across the planet, with the help of the DMCA to cover my tracks.
The KGB said, go for the secretaries. The secretary holds the keys, the trust of others, and can go where s/he wishes. Monolithic organizations are vulnerable exactly because they have few internal firewalls; if you *can* get in then you become part of the trusted architecture, and then there is no mechanism to get you out.
a threat
to
National
Security?
I don't trust my government to protect me from terrorism if that terrorism could be used to their advantage, like increasing public popularity for war with a country like Iraq to bring them our version of freedom and democracy.
Looking back its obvious to understand why these wars aren't popular, but today it seems like its very difficult to convince our leaders that diplomacy is the prefered method, or in the case of terrorism to strike directly at those groups responsible for the terror.
Those dang new fangled computer. We need to go back to the abbacus, slide rule, and humans to maintain security. Oh wait -- those were not 100% secure either.
1 30 26,1215022,00.htmlc le/ArticleID/18007/1 8007.html/ mi_m0FOX/is _15_5/ai_65859250
The Navy already uses Windows NT. How secure is Windows again? If they can secure Windows NT, I am sure they can secure open source.
http://www.guardian.co.uk/life/feature/story/0,
http://www.winnetmag.com/Arti
http://www.findarticles.com/p/articles
This crap was reported months ago.
/.
Must be a slow news day at
This guy was an idiot when it was first reported and he's an idiot today.
Nothing new to see here. Move along.
Didn't hear him complain when McAfee off-shored its antivirus development to India.
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
Sure, a rogue coder could try to slip something into the Linux project. It would probably get caught rather quickly.
Now ask yourself this: Could there be any rogue coders working for software companies putting out proprietary software? You bet there could! And I doubt that the offending code in a proprietary project would get caught quickly if at all. No, it's not Open Source that presents the security risk here.
The race isn't always to the swift... but that's the way to bet!
This is the reason that Linux has strong crypto stuff built in now, before it was a kernel patch from outside the united states.
The problem Dan Dowd, with this (I'm guessing financially motivated?) idea is that if this were true we'd be seeing problems already; the fact is open source gets audited by those that understand whatever parts of the code and bugs get exposed and fixed.
Common bloody sense would have code (or a download for that matter) that comes from a source not trusted be "hella audited."
Another thought, all software comes from source right? So, wtf is this guy talking about?! Is he talking about not trusting people, or spreading fear in an attempt to profit himself in some way?
Trying to pass a MALWARElaw? Talking a stab at linux with the intent of decieving the un-initiated? Not hard to do if the un-initiated consist of some who watch TV, play PS/XBOX and have win98/XP.
It does not fly with the initiated.
How about rephrasing it:
ALL software
has the capability of being sabotaged by foreign developers and should not be used for U.S. military or security purposes.
They will soon be running on nothing. Or wait, You can always run Dan's Green Hills Software v6.66
Here is another thought:
ALL software to be used for U.S. military or security purposes, needs to be audited for potential sabotage from ALL sources foreign and domestic.
You going to tell me nobody in the US has evil intent?
You going to tell me all those government workers know how to lock down their own windows boxes? That they understand security?
I know the govt. has training, but it isn't enough. Users can never be trusted!!!!!!!!!!
PDA, CD's, DVD's who couldn't just walk up with a device and fsck up everyones day?
What's to stop that?
remove usb ports, serial ports, parallel ports, 1394's, floppys, cds, dvds, make workstations into kiosk terminals, put the whole network into a vault with deadly force.
Dan, you fucking idiot!
Oh my god, the inventor of the transistor did not have a security clearance, but we are using them in military hardware! What if he hid a evil back door in there?
There is one area where one seldom expects backdoors, and it's called BIOS. No access to the source and no possibility of replacing vendor BIOS with your own (at least now).
"Long run is a misleading guide to current affairs. In the long run we are all dead." (John Maynard Keynes)
I call BS - at least with (F)OSS, you have thousands of individuals auditing the code - and removing any potential problems. With closed-source, you're simply screwed! Sounds to me like the guy, who claims OSS a Nat'l Sec. threat, isn't exactly a philanthropist. Actually, it sounds like there is a lot of green waiting for him behind that assertion...
it seems they run a flavour of bsd and apache. i guess they just don't like gnu/linux but other open source is ok.
a national disgrace?
.com triggers nazIE frenzIE? (Score:mynuts won, we've already bought shares?)
.combined?
BearingPoint, trustworthycomputing.com, etc..., now those, are scarIE things to be forced to tout.
failure to steal
by Anonymous Coward on Monday July 26, @10:28AM (#9801214)
the last bullast?
scurvIE bastards. what are they doing tryng to steal a lousy.com (froogles) from some disabled guy, if they've got buckets of billyonerrors' gangster hostage monIE, to be fair about it?
stallman worth more than corepirate nazIE rag? (Score:mynuts won, our other sponsor too?)
by Anonymous Coward on Sunday July 25, @06:38PM (#9796682)
as a matter of fact, just what he's forgotten, is likely more relevant to communications/commerce, than everybodIE in the kingdumb of payper liesense/stock markup FraUD softwar gangster felon execrable,
so, whois ready for the gnu millennium?
never mind robbIE's fauxking PostBlock censorship devise, it's still under development?
consult with trust in yOUR creators.... peaced off (& acting on it) by having their population/planet's security/future, squandered by a handful of megalomaniacal corepirate nazi felon execrable. see you there?
Green Hills Software, Inc. has registered INTEGRITY 5.0 PPC as conforming to the 1003.1-2003 System Interfaces Product Standard.
Coincidence?
It's 11pm, do you know what your deamons are up to?
"My proprietary program went to the pentagon, and all I got was these silly battle plans:"
Free Software: Like love, it grows best when given away.
So there. I can sling the FUD as well as they can.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Really the solution the DoD problem is to use QNX. It's a real time OS prefect for the real time events of the battle field, small, reliable, and closed source.
You'd think moles would have sufficiently penetrated Microsoft by now, if that be their goal. And in a proprietary environment there would be fewer eyes to spot the sabotage...
Embedded systems vendors are moving to Linux to keep up with the changing hardware and needs of their customers.
Does this address the needs of all embedded systems users? Of course not. I can see in really high-security fields you need to have 100% control of things. The critical embedded devices in power plants come to mind in that case where you may be replacing a 10 year old device and need to ensure that you have exact compatability.
However, these are outlying cases and will strain almost ANY OS group to satisfy. (Especially as they still need to move forward with their technology as well.)
I would say that the OSS route in that case may actually provide you better security as long as you archive both the code and the software used to build the code (including the OS and the hardware if necessary too). If your requirements are in fact that strict then you're going to either have to have complete control of the code you're relying on or have escrow agreements that ensure you'll be able to obtain the code if your vendor happens to go out of business.
--- I wish I could hear the soundtrack to my life. That way I'd know when to duck.
Is where this company will be buried when they die. Soon.
Meh.
and I guess Green Hills management never heard of the deadliness of a compiler backdoor as explained by Thompson.
THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
And most NDAs contain clauses preventing you from releasing anything you find that would be detrimental to the company - for example, any statement that would intimate there is a security hole.
That its true. But then again, a published white paper detailing how a test set up that we tried in our labs exposes a shocking vulnerability that everyone else can re-create is completely fine.
Or! We say "Hey, fix this in the next update. You have a security hole." And they do.
In the future, I would want to not be isolated from my friends in the Space Station.
Now shut the fuck up; QED.
THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
Anyway you don't need opensource and foreign goverments to include bugs. MS has been doing it for years. They put them in and seem to have the greatest difficulty getting them out.
No these are just the bleatings of a scared CEO worried that opensource will make closed source less and less attractive. What he is saying that the US goverment should buy complete solutions and not worry about the cost or the bugs or that they can't check it or fix it or add things they need.
The US goverment and a lot of others could easily develop their own OS. With opensource they don't have to but I would be extremely suprised if the US military does not have experts in its service who understand every little bit of the linux kernel. The MS kernel is another matter as been proven by the continues delays in XP service packs, even MS doesn't understand its own software. At least with opensource you can always take a look youreselve AND FIX WHAT YOU FIND.
What MS shared source initiative? Well there are plenty of service men around here, anyone ever seen a US-army compiled version of a windows OS? No? So unlike Linux even a giant like the US army can't roll their own Windows version, minus unneeded security risks + extra security, you know like they done with Linux?
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
And if it is such software as used to direct guns I would bloody well hope they check it and check it again. But I would be puzzled why it would be opensource, I never really felt the need for to control a howitzer. Well actually I felt the need but am not allowed to.
Lets not forget that in a not so distant past it was the military that developed computers NOT private companies. The idea of the an army buying its software from the shelf is a rather new idea and not one that makes a lot of sense. Almost everything they use is specially developed on their order, why should software be different?
Can anyone confirm if US army linux use is a "standard" distro or have they rolled their own?
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
This same argument is one of the reasons why many other countries, notably in South-America, prefer open source over closed source, esp. US closed source.
That said, it's always convenient to assume an enemy outside, while the risk from the inside might be bigger. Employees (or OS developers) in the US can be bribed or simply disgruntled. And how many US closed source products are (partly) developed in other countries?
And of course, the interests of corporations might cause more problems (e.g. loss of (access to) data, spyware, revocation of your license key) than 'terrorists' might.
if MS uses the same networking code used in OSS and just wraps it around with its windows stuff ?
In like respect, then the US gov shouldn't use closed-source software that was developed in any part overseas, nor should they use software that was developed in large part by blue card workers, as there's a higher risk involved there as well.
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
It's ridiculous to suppose that the maintainer of a project would accept contributions without reviewing them and understanding what they do. Green Hills wants you to believe that good intentions are the only thing preventing people from trojaning major Open-Source projects.
And before you mod me down just check the number of friendly fire incidents in other armies. They have their incidents but to a far lesser extent. Somewhere in the US training their is a role that makes americans shoot in situations where they could have made sure of their target.
Of course that is presuming all the incidents were really accidents. If you are paranoid then this could also seen as a weapons test. Is the patriot system capable of downing a low flying tornado, can a britsh tank be destroyed by an A-10?
I am reminded of the incident where an american warship shotdown an civilian iran airliner. The "excuse" was that the captain thought he was under attack from a flight of iran fighters. Makes sense except if you know just the tiniest bit about modern warfar. In the falkland war modern british warships proved extremely vulnarable to argentinian(not sure about the country) air-to-ship missles. So any captain under attack from the air should be extremely worried. Iran had the same kind of missles but with several years more advancement.
So why exactly did the captain only fire 1 missles at what he claimed he thought was a wing of incoming fighters (an airliner has a far bigger radar signature then a fighter). Why were no-other orders given like increasing speed for better manuavrabity, preperation for firefighting, preperation for missle intercepting defences, call for air support etc etc etc. Why when the missles hit was the claim maid "we got him" not them, or any question of "where are the other" why was he totally not looking for a second attack wave? Why was there no suprise when they found the wreckage?
Of course only a paranoid person could possible question the outcome of the hearing that totally failed to ask any of these questions.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
I agree that Open Source moves fast. I agree that anyone who wishes to certify the Linux kernel will need to certify the gcc compiler as well. In my experience, this is not necessarily true of Open Source code in general, at least not the important projects.
Your argument seems largely over the relative penalty of forking code and its subsequent maintenance.
First of all, any code that meets certification is going to result in a fork of some type, whether it is open or proprietary. The changes necessary for compliance are often not something you want to merge back into the development branch, and in some cases, getting multiple certifications will require conflicting changes.
The second issue is that backporting features, fixes, even security patches will void a certification. Either the new code is re-audited and re-certified, or the application implementor needs to have policy in place to deal with these patches.
All of this is true for proprietary and open source. Green Hills does not have any magic security clearance that allows them to release operating systems without going through the same certification process as everyone else. If security restricted applications are using non-certified versions of Green Hills software under the auspices that previous versions were deemed secure, then at least one failure of the trust chain has been identified.
In closing, one trusts the code because they trust the auditors. That trust does not extend to the authors of the code, whoever they are.
-Hope
Would you really want your code to be used by these evil, paranoid fucks as part of a system that kills people ?
*I* said that validating the quality of a program is easier than writing a program to that same degree of quality. Apparently you were too dense to realize that when I originally said writing a program is harder than validating a program, I meant that the two programs had the same purpose and degree of quality, as opposed to writing "hello world" versus validating ssh.
From the original post:
And what the original post appeared to be arguing, which I took issue with, is that writing + validating is easier than validating, which is obvious bullshit.
That's what I've been arguing all along (writing + validating is lots harder than just validating). Provide an example of where I've misunderstood my own argument or even misunderstood the text of someone else's.
And of course, a publishing white paper detailing how to find the security hole would be viewed as a terrorist act in these weird time - as has already been stated by some idiots^H^H^H^H^Hyou know whos.
He is onto something. I have seen the future all of these systems running Linux will lead to the war of machines verse man. Fat, yet oddly skinny little geeks will be mowed down.
Score me 10 for insightful mofo moderators.
Who is to say that a rogue country doesn't insert insurgents within private industry to plant bugs and harmful code inside propietary software? Furthermore, the responsability to find such code falls into the hands of a few within the company, whereas the entire world has the ability to proof open source software. Making software proprietary and allowing only a few to view and modify the code does not in any way make it anymore secure. Take Microsoft for example, they unintentionally sabatage their own software and we rely entirely on them to find, correct and prevent such happenings.
More to the point... while this is certainly possible in the mathematical sense, it wouldn't suprise me in the slightest if using some form of social engineering offered a much quicker and more certain method of compromising security.
File under 'M' for 'Manic ranting'
I believe that, given enough time, any cleverly crafted "bug" that was secretly inserted into the Linux kernel (or other open source software) would be detected by human beings during the normal course of code auditing and testing. Code being checked in to an OSS project falls into one of two categories: fixes for existing bugs, or new features. Short of a rewrite of a key routine, it would be difficult to insert a clever bit of subversive code into a bug fix. As for new features... well, until such code has been used and tested extensively, it should be viewed with suspicion. Indeed, many new features in Linux are often still marked as experimental long after these features are in common use. Such features can always be conditionally omitted from compilation.
Subverting the compiler tools is a slightly sneakier way to achieve the same end-goal, but a government funded project would presumably make sure that the approved tools for development, including the compiler, are all well-tested and thoroughly code reviewed.
The one genuine threat of a trojan horse sleeping in open source software would be something that was placed there by a superintelligent operator. I'm talking about something that would happen after a Vingean Singularity, though. Only something of superhuman intelligence could scatter a plethora of seemingly unrelated bugs throughout the many source files of a project, bugs that would work in concert to create an unforeseen outcome under very specific circumstances. A human programmer might find one or two of these, but chances are that most would be too cleverly hidden to be found by a human at all... and of course, the net effect is the result of emergent behavior of all the little pieces misbehaving together in a certain pattern.
Yes, I know, this is really pie-in-the-sky philosophizing at this point. But I think about the Skroderiders in Vinge's A Fire Upon the Deep, and I wonder if our military systems could ever be compromised in such a way.
Please remove your tinfoil hat and read the rest of my comment...
they usually fix the problems you find.
Oh sure, they never want to take the blame, but when you have a reproducible fault ( pinpointing it down to the module for them never hurts...) they usually capitulate. They frequently aren't very happy (especially when it in some ancient protocol that nobody* uses) but they do it.
And lets say they don't want to fix the problems you find: your system doesn't make it past safety review, white paper or not. So you and them are back to square 1; and they no longer have that huge order for 100,000 units anymore. SO yeah, that NEVER happens.
In the future, I would want to not be isolated from my friends in the Space Station.
It's impractical for any one organization to review 50mloc. By the time they've finished reviewing it, it's already obsolete.
That's why open source is better - it is subject to continuous peer review.
If a team of 100 programmers were given the full source code for the latest version of Windows, would they be able to properly review it before the next release obsoletes it (3 years from now, supposedly). No. So, the question becomes, would they be able to properly review it within the next decade? Maybe. Would it be worth it? Probably not.
if we take this guy at his word, then it's reasonable to think that non-US countries shouldn't use closed source, US-developed software because it could contain nasties as well.
The US govt isn't everyone else's best friend at the moment, and appears to be working particularly closely with US software companies at present in terms of pushing US' interpretation of intellectual property onto much of the world. It's more than feasible that the US govt could have said "Look, software vendors, we'll push your interests out into the world, but there's a favor you can do for us in return. Here's some source code we want you to bolt into your products for overseas distribution"...
At least FOSS gives people the opportunity to examine the source of what they're going to be running. No, most people don't bother, but with Windows, Solaris, etc. it's not even a possibility.
1. Military/Government switches to OSS.
2. Military/Government helps develop OSS.
3. [Everybody] Profit[s]
Like my momma always said, if your not part of the solution...
-Coach
"Never upset a goalie, getting hit with a blocker is an unpleasent experience - facemask or not." -Me
Suck my balls, Green Hills.
This was all gone over, like, a month ago. There were two or three FUD rants, uh, I mean "articles" written by this guy. It's all kinda blown over now, hasn't it? I mean, no one believed him the first time. Why give him a voice again?
--
If I actually could spell I'd have spelled it right in the first place.
I am a Land Warrior developer.
It's a box with no network connections apart from a stack developed by the US to funnel certain types of messages from one machine to another, and another stack talking to a radio that the military guarantees as encrypted and unhackable. It has various hand written device drivers to speak to our peripherals (guns and helmut mounted displays and the like.)
There are no other ports open. Ever. There will be no login, no telnet, on a very stripped down machine. And even so, intruder detection software is part of the requirements.
I don't care what the GreenHills CEO stuck into the kernel, how is it going to be activated?
Via Netcraft:
http://www.ghs.com was running Apache on NetBSD/OpenBSD when last queried at 27-Jul-2004 14:52:40 GMT - refresh now
FAQ
OS
Server
Last changed
IP address
Netblock Owner
NetBSD/OpenBSD
Apache/1.3.29 (Unix) PHP/4.3.3
7-Nov-2003
63.102.70.69
Green Hills software
NetBSD/OpenBSD
Apache/1.3.14 (Unix) PHP/4.0.2
13-Dec-2000
63.102.70.69
Green Hills software
sig mind freed
Greenhills Software was once an honorable company. Today I am thankful that their name is not on my resume.
When a company pulls an SCOX, one wonders why. This is the second time this **** has sounded this note. If anyone knows of any skeletons in his closet, this would be a good time to start working to discredit him. Is he taking money to say this? What?
I think we've pushed this "anyone can grow up to be president" thing too far.
... through spreading deliberate misinformation.
I see the majority of comments are cries of "FUD" and "closed source has the same issues" and "Linux is secure; many eyeballs". I don't disagree. I think O'Dowd's arguments are largely bollocks. Security sensitive software will always be auditted whether it's open source or closed source. His implications that some deviant from Eurasia can slip trojans into the ICBM control systems if they're running on Linux are totally bizarre. We all know that's not true.
But there is a kernel of truth in his claims. I've worked on Defence programming contracts. You have to get a security clearance (eg, Secret) before you're even allowed to look at the source code, let alone modify it. I was working on a non-critical messaging system (basically e-mail) and I still needed clearance. The Defence Department wouldn't have it any other way. If the company violated this rule - eg, allowed me to write code without getting clearance frst - then there would have been severe reprecussions for everybody involved. Gaol time is one of many possibilities.
So what O'Dowd is saying is partially true. There is some benefit from closed source because the developers can have security and background checks before they even see the source code. It's not a make or break requirement but it is one of the many factors that were considered when auditting our product. Most FLOSS projects don't have security clearance (and nor should they) so that is a negative mark against FLOSS. But as other people point out there are plenty of other ways to verify the security of a product. And many non-FLOSS software products used within Defence are written by developers without security clearance (I'm looking at you, Windows). So while O'Dowd does raise a valid point, I still don't think it's a very important one.
NB: our messaging system ran on top of Windows so I thought the strict security requirements for our product were rather pointless.
I've been writing code or managing projects since 1969. I worked on Multics which was used for multi-level security at the Pentagon http://www.multicians.org/history.html#tag7.4.
They did not, and could not, trust us.
I've never seen a security conscious customer just blindly accept any code from anyone.
1. Find out what tests the goverment wants run on "secure" software,
2. figure out which of these tests are interesting and new, and
3. perform them on Linux, etc.
What about mean outsourcing of closed source projects. I find it a lot more likely that an obscure, underpaid programmer in a 3rd world country will introduce a backdoor into a closed source project than into an open source one.
"I don't mind God, it's his fan club I can't stand!" E8
So there is room enough for one to make for cultural differences interfering in performance.
All one has to do with OSS, is hand-comb the source if it is a security issue: the source is there, and one can blend in acceptable bits.
Of course, security costs, and one have to have people doing this sort of stuff anyway for other things. If you're going to trust software to potentially billions of dollars of equipment, national security, and lives, i suppose it might be worth the effort.
My recollection was that was what the Russians did. A home-grown DOS that they had complete control and access to the code to. You don't need fancy guis for the systems: just a modular approach to the show.
OS/2 - because choice is a terrible thing to waste.
1. to add bugs ... could never happen right?? ... filipino teenagers add them on their own for free!!
...
Oh not needed
2. Windows98 was developed in India. Now if they knew it was going to be used in Pakistan
And I suppose all Microsoft code is made in the US? Maybe it's a better idea to stick with OpenSource at least you can see the source!
If you know that trick, you must read a slashdot a lot!
McDonald's pointed out that those foreign Chinese restaurants are undermining our American way of life.
Gee whizz. There ought to be a law against such blatant self-interest. Oh, I forgot, it's the politicians who make the laws. Silly me.
I am anarch of all I survey.
So let me get this straight... in the midst of dozens of Microsoft worms and viruses sweeping the Internet, Microsoft itself sent out pressed CDs with trojaned binaries on them, and this moron is claiming that LINUX is insecure because it COULD BE the victim of a trojan? What the hell is his alternative? Full and constant auditing, as is done with OpenBSD, or SELinux?
Doesn't Microsoft have warnings that say "Not for military use"? It would suck to bsod while entering nuclear launch codes...
So I guess off shore outsourcing is dangerous for national security too. Or if it helps your company increase short term profits while you place your workers in the unemployment line, it is safe, but if it competes with you, it is un-American. Bah!
-- I ignore anonymous replies to my comments and postings.
At first, it seems that this article is the usual FUD backed by various opponents of open source. It's not really even attacking Linux when you read between the lines; it's actually attacking open source itself.
However, I do find the last paragraph to be at least a logical observation:
Several operating systems have been DO-178B Level A certified. Until Linux is certified to DO-178B Level A, our soldiers, sailors, airmen and marines should not be asked to trust their lives with it.
This is something I can readily agree with. For example, on the Space Shuttle they use a QNX-based realtime OS to power many functions of the craft. QNX has been around since 1980, and is by design a stable embedded system. Linux is relatively new, and is a more general-purpose kernel.
This brings me to where I really have a problem with the article: According to the NIST (at least on the word of the author), Linux has had more security vulnerabilities than Windows in the last 10 years. Well, unless by "Linux" they mean the kernel plus EVERY open-source application ever written for the OS, that is just not possible. I think they are using the confusion between Linux the kernel and "Linux" the publicly accepted shorthand for GNU/Linux to spin a bad picture of security in open source.
I also find it interesting that they are not going after BSD. After all, while not GPL, BSD is still under an open source license, right? Is it perhaps because OpenBSD has had ONE security vulnerability in its entire lifespan? Or maybe it's because the BSDs are not (yet) on Microsoft or SCO's radar. I'm interested to know who funded this particular "article".
Morgan
That's fine, but then no country outside the US should ever use Windows again for the exact same reason. With Windows, you don't even have the chance to see if there are backdoors, and why would you trust a commercial entity to not do bad things if you don't trust a few thousands hobbyists?
(I guess someone said this already, but I just don't have the time to read through almost a thousand comments today, sorry.)
Like Rome, their desire for cheap labor, and them themselves becoming .
.
....
.
.
.
.
.
.
.
.
...
soft and seeking elitist lifestyles, they corrupted from within
Eventually the many who slaved away so a few could live ridiculously
lavish lifestyles with many houses, and more wealth than 10 ppl
could spend in a normal lifestyle grew tired of seeing their
families and friends suffer
Think Enron, WorldCOM, Global Crossing, "Ad Naseum"
Things are good enough for now, but when an UNLIMITED number of
mexicans may cross the border for cheap low end labor, and the
L1 visa remains UNLIMITED in the numbers that can enter to work here
The US will start to speed it spiral into a cess pool
Mexican Truck drivers can now enter the US with trucks that
do not meet the safety standards required by US drivers
They do not have to meet the log requirements, they do not pass
the same driving test US drivers have to go thru
This is nothing but greed, graft, and coruption
There is alot more going worng than the short list I have
presented here, and it is getting worse, not better
You think it is bad now, you have not seen anything if the
corporate whores have their way and continue this race to the
bottom . Their temple to cash, is going to just crash
We cannot pay this high standard of living expense if their
idea is to reduce us to third world wages
Something has to give
Peace,
Ex-MislTech
google "32 trillion offshore needs IRS attention"
let me guess. the U.S. Government and/or military will NOT have a custom made kernel they create themselves? they'll just use the trojaned horse version off the shelf...puh-lease
To Mr Heskett's point/challenge of:
In the open source world it becomes difficult if you want to work with a compiler 6 years old, let alone 2 or 3 or 4 years old. As a test, get the latest glibc and compile it with a 3 year old copy of GCC.
My point/contention was that this problem is not limited to the open source world. Maybe glibc is a bad choice for a library compilation challenge, but the issue holds true of trying to compile most any modern C library on a 3 year old C compiler be it Linux, *nix, or Windows.
--- I wish I could hear the soundtrack to my life. That way I'd know when to duck.
I know I'm a bit late pointing this out, but there are flaws in Shapiro's argument. I've taken the time to enumerate them for those who are interested.
And, as I've pointed out before, GNU/Linux has been certified to EAL3 as SuSE Linux Enterprise Server V8, so this oft-referenced EAL gap is closing.
Without the ocmplete source and toolchain, you canot verify anything definitively.
Who placed that restriction on the toolchain? You did.
If a company cannot provide what the government needs to audit the software, then it will lose a potentially huge government contract.
Downmix - The Artscene News Source!
Making sure (even if they had some time left) that they don't accidently use that bit of evil code themselves whilst some how forcing a foreign government to use that particular evil bit of code at the same time.
Spy vs Spy is always done behind closed doors, doing it out in the open for some strange reason just does not seem to work. Besides being sneaky in hardware works far more effectively (much harder to find, much harder to fix) software one quick patch and all that effort is wasted (have you checked your CPU or ram lately/ever).
Chaos - everything, everywhere, everywhen
Today software is a moving target - it's impossible to be 100% sure of anything as things are upgraded, patched, rewritten, on a daily basis, so proprietary closed-source just can't keep up in the audit department.