Slashdot Mirror
Linux Secure Enough For The Army
LordPixie writes " As summarized over at Defense Tech, the U.S. Army is soon to be infected with the infamous OSS virus. They have chosen Linux as the operating system for the abysmally named 'System of Systems Common Operating Environment,' a part of Army's planned Future Combat Systems."
Does MS and SCO know about this?
How many days until TPTB change this decision?
You are being MICROattacked, from various angles, in a SOFT manner.
...and he's currently playing tuxracer in his eyepiece.
Look, you can either take whatever acronyms they hand out, or suffer under "backronyms" like PROTECT and PATRIOT. They don't know how to do anything else.
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
they ordered about US$4.7e8 worth of Microsoft products for the next 6 years.
I'll give them credit for covering both options, though.
OTOH, it's possible they could have got a better deal waving around a credible FOSS initiative, like others have done recently.
"Provided by the management for your protection."
I personally object to software I develop being used for military applications. Luckily most of the F/OSS software I've created wouldn't be useful for them, but how ironic for the many people that create F/OSS because of humanitarian goals, to see it mis-appropriated for death and destruction. Not to mention how hard it is to stomach giving another free resource to the mis-named Defense Department when they already drain funding from social services, healthcare and education. (and yes, i realize that other people can still use Linux -- I just doubt that the DOD license purchasing budget will be reduced)
Ceci n'est pas un post
I can't wait for the Zealots to start arguing which distro is best:
-USA Army Linux Combat Integration System
-Deutsch Bundeswehr Linux Tactical Strike Module
-PRC Linux Command and Control
-Al-Quaeda Linux Insurrection III
You know, Mr Torvalds will have to do like Mr Nobel before it's all over.
"Piter, too, is dead."
The term "system of systems" refers to the fact that FCS is meant to allow the army to be able to reconfigure things easily and rapidly to allow the technology to be used for a wide range of missions. Yeah, it sounds a bit strange if you're not used to the terminology but they do pick these phrases, acronyms, and words for a reason. You can read more about FCS here. Basically, the idea is to use a collection of smaller, more manueverable vehicles (including tanks, guns, as well as unmanned ground and aerial vehicles) to accomplish a wide array of military missions. FCS will lack the heavy armor (e.g., 70 ton tanks) that we currently have which could make the force more susceptible to destruction. The advantage of using a lighter force, however, is that it doesn't take them so long to set up, they can move pretty quickly, and don't require as much support equipment and supplies (e.g., fuel). The army plans to make the lighter FCS unit survivable through a lot of fancy communication and data-sharing technologies. So the fact that they have decided to choose Linux is reasonably signficant. FCS will rely very heavily on the quality of their software.
GMD
watch this
As a sys admin for the military, most of us complain about our dependence on a private company in the government sector. This will allow the Army to create what they need, and add what they need, themselves. Computers in combat environments do things that no off the shelf software was designed to do. Most of our stuff has to be home brewed or contracted out. Linux gives the military more flexiblity in this field. I wish I could run linux on our client/server systems for desktops, but I'm stuck with Windows for now. We do run Unix for many of our supply systems... Unfortunately that Unix platform was provided by SCO..... Many years ago....
Sgt Jenkins: Finally we found Bin Laden. Better call in an airstrike with MS Airstrike TM.
Clippy: Hi thank you for using MS Aistrike would you like me to A: Explain countless options you already know or don't care about. B: Ask me a question I won't answer but I will keep offering to answer your question. C: Call airstrike on allied position.
Clippy: You just closed me, please remember I will randomly come back to annoy you.
Sgt Jenkins: Finally, lets see enter the coordinates, open several dozen tabs and extra control apps hidden all over the place edit the registry.
Windows: Do you want to download the latest version of Microsoft Airstrike TM?
Sgt Jenkins: Hell no just do it!
Windows: Windows Airstrike TM has crashed please submit a bug report.
Sgt Jenkins: Oh goddamn upgrade the damn thing.
Windows: installing latest updates that where released with MS knowing full well that in their own test 2 out of 5 machines did not survive.
Windows: please reboot.
Sgt Jenkins: Were screwed. Is there ever going to be an war in wich I will not get the weapons created by the company with the biggest bribes?
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
This news is that Linux has been chosen as THE os for the future replacing the other OSes currently in use. This is a far greater story.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
My theory is that some Linux fanatic in the DoD is giving the finger to a certain Unix vendor. Which one? Say the acronym out loud and you'll get it...
Most of the military embedded, comms and simulation systems have traditionally been developed on a Unix platforms, and the embedded work was typically done with VxWorks.
Migrating to linux means minimal porting costs from Unix platforms, it means preservation of the skill set already developed in military R&D outfits (FFRDCs) and it means freeing various corners of that world from the commercial interests of providers of proprietary *nix platforms. It also opens up a whole world of development environments for embedded systems. Porting from Unix to Linux can be combined with a refactoring exercise to make those systems more reliable, too -- whereas porting to say Windows -- would just be a complete mess. An ever-changing mess, as MS issues a never-ending stream of binary patches and updates and API changes and has a never ending string of vulnerabilities that cannot be patched in the field because nobody has the source.
Linux is the logical choice, the rational choice for these systems from the standpoint of simplifying and unifying software development processes, having access to a greater range of development tools, and for making these systems more reliable. The cost benefits of the software systems reliability, simplicity and visibility considerations compounds the savings on the licensing fees.
Those MS licenses they're also getting? Windows machines are used for administrative purposes -- think glorified typewriter, not the next guided missile system. It was far more worrying (and completely unrealistic, and probably politically motivated) when the military was considering standardizing their systems on MS--which is like hiring a secretary to drive a tank.
Linux will be the underpinnings of all the systems in the C&C and operations systems of the FCS. This has nothing to do with Army day-to-day operations or other existing combat systems.
It's a specific fighting force that they plan on employing in the future. It's very exciting stuff though.
THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
http://www.fcw.com/fcw/articles/2004/0830/web-sipr net-08-31-04.asp tells about two viruses (virii?) discovered on the classified military network SIPRNET, specifically, at the Army Space and Missile Defense Command. Apparently our missile control and space defense operates on Microsoft - but how did a virus enter the network? SIPRNET computers are not connected to any other network, and are generally behind locked, limited-access doors.
I would have figured that the Military would have been using Linux precisely because the open source tools and encryption possibilites are really well defined, and free of costs. With a bit of skill, a competant Linux sysadmin can make a RAID driven encrytped fileserver with ssh access and a solid firewall (and even Samba serving to windows clients) using current open source software, and without needing to pay for software. That, if anything, puts Linux ahead of just about any other commerical operating system out there, as far as the military's purposes are concerned.
READY.
PRINT ""+-0
Only if they redistribute it. I suppose that means, though, that if they start selling equipment to the Israelis or someone, it'll have to be without an any programming or else with the source.
Actually, this good be a good thing. Think about how aid to Saddam Hussein, the Afghani mujahadeen, and so forth has caused problems down the line. If the army is contractually obligated not to give or sell equipment to outside and foreign groups without also giving out the source code, they may be able to use this as a justification for not doing it. "Look, Ariel, baby, we'd love to sell you our tanks, but with all these terrorists running around it would be a security risk to give you our code. Which we'd have to do. Sorry...."
What was kind of humorous and interesting, if true, is the assertion that Thomson, one of the creators of UNIX, had written a backdoor in the binary distribution of UNIX that would add him as a user to whatever system it was installed on.
I don't think Ken Thompson ever did that, he just demonstrated how it could be done, even with a compiled-from-source operating system.
There is also the claim that Windows was "certified" at a higher level of security by the Army itself than Linux. Does anyone what criteria were used to assess the relative security of these OSs?
Oh, I'm sure it was Common Criteria, or something similar. And, really, it's no surprise that Windows has a higher certification; CC and related standards are built around assumptions of a closed-source development model, and that makes the standards very hard to apply to open source software.
The seven EAL certification levels defined by CC basically define different degrees of rigor in the specification, design and implementation processes. They assume a waterfall model where each step is completed before the next one is begun, and their goal is really to demonstrate that each step implements the previous steps faithfully, that is, that the design precisely meets the requirements, the implementation precisely implements the design, the testing precisely validates the requirements, etc. At the highest levels, semi-formal and even some formal proofs of correctness are required.
At the end of such a rigorous process, you have a high degree of certainty that the resulting product fully meets the stated requirements. Assuming that those requirements were written with security in mind, then there's a high probability that the product is secure. Oh, and there's also some stuff in CC about how access to the documentation and source is controlled and how the product delivery process has to work to ensure that no one can insert security-comprimising changes at any point in the process. And some stuff about how to vet the people involved in doing all of the work to make sure they're trustworthy.
This sort of development process is one good approach to developing a secure product, but it's not the only approach. Many of its requirements are only present because of the underlying assumption that the user of the product -- who relies on its security -- does not have access to the code. Most of the rest of it is an attempt to define a process that can produce secure code with limited human resources.
OSS, with it's "many eyes" philosophy takes a different tack. OSS relies on massive manpower and huge amounts of redundant effort to vet the code as it is, rather than trying to ensure that it is created as it should be. Instead of creating detailed requirements and design documents which can be checked with a low level of effort and then working hard to ensure that the code matches up with those, OSS developers just write the code (with an effort to make it secure) and then rely on "many eyes" to discover and close any weaknesses. The fact that the source is open eliminates the need for access controls used in high-security closed-source software.
It's really not clear that either approach is better, in general, than the other. Both have strengths and weaknesses and both do a good job, assuming the closed approach is executed properly by good people, and assuming the open approach attracts enough competent eyes.
What is clear, though, is that it's fiendishly difficult to apply the CC certification processes to open source code, or any code that is already written, but OSS source is even tougher. You have to essentially reverse engineer the code to produce design documentation, reverse engineer the design to produce requirements, vet the requirements for security, verify (to whatever level necessary, depending on the certification you want to achieve) that the design implements the requirements and the code implements the design. All very, very, difficult things to do. For
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.