Slashdot Mirror
Green Hills Software Decides Linux Isn't So Bad
An anonymous reader submits a link to this report on LinuxDevices.com, which begins "An outspoken open source detractor has paid Linux a back-handed compliment. Green Hills Software (GHS), known for diatribes against Linux in military/aerospace applications, is shipping 'Padded Cell technology' intended to enable the company's proprietary real-time OS to take advantage of the wealth of Linux application software." You may remember GHS's Dan O'Dowd, who's claimed that the embedded Linux Tools Market is a myth and that the open source nature of Linux makes it a threat to national security.
I think this course of events is sort of ironic. Possibly they were motivated for other goals in their previous outlook on linux. Either that or they feel its good enough and won't endanger their security for there product at least.
My UID is prime is yours?
My father used to say that only fools don't admit when they're wrong (subtle message, SCO!).
Eureka Science News - automatically updated
Has any Linux distro gotten Common Criteria certification yet? Seems like that is the major barrier to large scale governmental/military adoption and not some small-time competitor FUD.
Since their other claims seem to be completely made up and bogus, is anyone really sure that their claims now of product compatibility are accurate?
Comment removed based on user account deletion
If there is any threat to national security it is closed source software that is not peer reviewed and comes with the inherent risk of backdoors and vulnerabilities. These day we cannot afford using closed source software anymore. The dangers are simply too high. Open-source needs to be the standard for any type of critical application.
This should be self evident to anyone. Admittedly the National Security Agency bothered to make additions to the Linux kernel to make it more secure, and freely returned their work to the open source community. That just shows that the National Security Agency doesn't know anything about National Security.
When I'm concerned about National Security I know I trust a random small commercial software company. It would only make sense that they would be better informed about National Security than some lowly government organisation.
Jedidiah.
Craft Beer Programming T-shirts
I have a life damn you! I am here on /. aren't I?
I don't remember the GPL saying you had to give out the source. I only remember that you can if you chose to liscence it under the GPL
~Ilyanep
To get message, take amount of carrier pigeons at each stage mod 2. Then decode binary.
Choices in OS can be simple or hard. Some love linux and some don't and that makes up their mind. Others go about budgets and numbers to make decisions. Sometimes these can be inflated just to cover costs but under overall expectations of management. I don't see a problem with linux, it is quite different to other systems such as Windows or even Solaris for servers and user terminals. As far as some see functionallity. Just remember everything has good and bad. Windows has thousands apon thousands of bugs, virus, and compatability issues. Personally I use XP. It is ok but high maintenance at time. When I use linux, I choose SuSE. Patches come out as frequently if not more for it than Windows, but highly customizable. It depends on multiple factors. People can hack Linux, Windows and in some cases Mac. It is computer nature to have some problems because humans who can make choices and mistakes created it.
Nice troll, but that's not how the GPL works. ;3 For the benefit of anyone who believed it - you're only required to distribute source code to people you've distributed binaries to. If no one outside the company has a binary, there is no obligation to give the source code away outside the company.
Bít, zabít, jen proto, ze su liska!
Its hard to program a backdoor into the kernel when its open source. Intentional backdoors can be eliminated that way. Also unintentional backdoors when they are discovered are usually fixed promptly and the person to blame is the original coder for that part of linux
My UID is prime is yours?
If you use the property of someone else, they have the right to decide on restrictions (within legal limits). Given the number of copyright restrictions that tend to be splurged over any source code, I find it implausible that you were unaware of the implications of your choice to sell on the modified operating system.
Of course, if you were merely building applications on top of Linux then you will have no such problems - this is, I believe, what Adobe do with Acrobat Reader (the linux version is evil but that's not the point). In particular:
"Furthermore, after reviewing this GPL our lawyers advised us that any products compiled with GPL'ed tools - such as gcc - would also have to its source code released. This was simply unacceptable."
This is complete bollocks. Fire your lawyers.
For the love of God, please learn to spell "ridiculous"!!!
Most any company is going to look at things from their own point of advantage. If they did not feel they could make money on linux or it would actually hurt them, why would they praise it. So now they apparently think they can make money from it. At least they were open minded enough to reevaluate their position.
I forget which levels.
From reading the article, I think Green Hills have decided Linux APPs are not so bad, or at least something they feel they need. I don't think they have changed their position on Linux itself.
My rights don't need management.
Seriously people, allowing your OS to run apps from another OS isn't declaring the superiority of the other OS. It is simply a wise business decision. It can, in fact, be interpreted as an insult to Linux, depending on how you look at it. Consider this:
GHS: "Our OS can now run Linux apps, so you don't have to use crappy Linux"
This is exactly the same reason they came out with WINE. The WINE devs don't like Windows, so they give you an alternative with WINE. This is the same thing.
The parent post opitimizes the msft line of BS - to the letter. Of course it's all cr@p. I strongly expect the entire story was a work of fiction - with an agenda.
JMHO.
If they find a backdoor in the kernal and someone has stolen sensitive stuff through it, who's to blame?
Stuff so sensitive that it threatens national security has been stolen and your only concern is your scapegoat.
You work for the government, don't you?
KFG
What is the submitter talking about? Saying "Linux sucks", then saying "here's something to run Linux apps that isn't Linux" isn't a compliment, or a retraction. It's emphasis. They never said that Linux doesn't have a lot of apps, or that it's not popular. Just that it's not good enough. And now they have something better.
--
make install -not war
While this may be true in general for Linux, it is not out of the realm for a vendor, who has hacked the code for their own purposes, who knows they have a very limited and captive audience (i.e., US Government agencies), and the project doesn't require some sort of code escrow arrangement that would let US Government programmers look at the code in case there are aforementioned problems that might be related to discovered backdoors, buffer overflow exploits, etc.
As far as embedded Linux being a crock, how many WSP54G and WSP54GS wireless routers has Linksys sold? I know that because it's Linux-based served as basically the primary reason I bought one.
'Padded Cell technology' intended to enable the company's proprietary real-time OS to take advantage of the wealth of Linux application software."
Compliment? I think not. What they are saying here is that Linux application software is so insane, that it needs a "Padded Cell" just to be safe.
#!/
Nice troll. This is utter garbage of cause, but it is common misconception so I'll rebut it. Just because something uses a tool doesn't mean it is subject to the same licence as the tool. Firstly, if this were the case, then any document created in an open source word processor or text editor would need to be GPLed which is clearly not the case (and would be dangerous for writing confidential documents). Even if compiling something with gcc made it a dirivitive work (which it doesn't), only the binary would be a dirivitive of gcc, and the source code would be completely unneffected since it is not modified by gcc. BeOS was compiled by gcc for the x86 platform and it remained closed source and propritary with no legal challenges.
One only has to release the source code under the GPL to the people you distributed the binary to.If you keep it wholly in house you only need to give the source code to anyone. If you make it for a single client you only need to give the source code to that single client. Of cause anyone who you give the source to is allowed to pass it on, but it isn't like you have to just broadcast it to the world just because you changed it.
If you are not trolling and have read what I have just said and still don't think its fair, think about this: the program you are modifing was written by thousands of other people, many of them with commercial tasks just like you, and they have let you use their code. If you want to distribute the hacked kernel without sharing your code, how is it fair for the people who have contributed beforehand?
Oh, and if you are not a troll, you really need to get yourself a new lawyer quick, because that lawyer just caused you a lot of wasted time and effort.
When Argumentum ad Hominem falls short, try Argumentum ad Matrem
When I read things like that, then I understand why I'm only an engineer and not a CEO, because I would NEVER think of using that phrase to try to get my point across.
Nothing great was ever achieved without enthusiasm
They aren't converting to Linux. They are just adding a compatability layer so software for Linux can run on their proprietary OS.
Boffoonery - downloadable Comedy Benefit for Bletchley Park
This is a misunderstanding of the GPL - and there are TONS of misunderstandings of the GPL out there. The answer isn't to mod it out of sight. Instead, correct it. And let it stay visible so other people who have misunderstandings of the GPL can see it and learn something.
Don't just blindly mod down anything that says something bad/incorrect about the GPL. Correct it, and let people see the post and the factual corrections. Even if it is a troll, people can benefit from seeing this misconception shot down.
Ther were several deaths due to a medical device called Therac-25. http://courses.cs.vt.edu/~cs3604/lib/Therac_25/The rac_1.html
For business purposes, accountability counts for something, but not for national security. The good thing about open source, is that as easy as it might be to install a backdoor, its even easier for someone to diagnose such a problem, possibly proactively. I think its much easier to find, or even train someone, to deal with linux internals than any proprietary system.
http://uptime.netcraft.com/up/graph/?host=www.gree nhillsoftware.com
-jpeg
Disclaimer: I work for Green Hills Software
There seems to be some confusion about this product. From what I've seen and heard (I haven't used this product directly yet), it is a method of running linux applications on top of the uber-secure real-time operating system, "Integrity". The linux applcation layer is sheilded from the rest of the system, and possibly from other linux-application layers. It's really more of like user-mode linux than a linux kernel.
I hope that helps...
IBM, the big blue company, decided a long time ago that Open Source isn't so bad.
Sun, the UltraSPARC Processors maker, decided that Open Source isn't so bad.
Intel, the 8086 Processor maker, decided that Open Source isn't so bad.
Munich, Germany's third-largest city, decided that Open Source isn't so bad.
"Microsoft decides Open Source isn't so bad" will be news.
My city: Barcelona.
If the source to the app were open, not only could the government programmers look at the source, but so could anyone else who wished to. On the other hand, with closed-source software the scenario that you've described could take place, since the vendor basically controls who can see the code and under what circumstances. (Or was this your point and I misunderstood what you posted?)
:)
I don't think there's any shortage of people paranoid enough to want to see every bit of source that the government codes
And it's the battle of the trolls!
Green Hills makes devtools and OSs for safety-critical embedded systems. They've been vocally anti-Linux-in-safety-critical-embedded-systems because Linux is a competitor (nothing particularly nefarious, just a company trying to make a case that their product has advantages over a competitor).
And now they made a compatability layer so their OS can run software written for their competitors' API. This is a change of heart how?
Especially considering how Green Hills has long had a compatibility layer for their more direct competitor vxWorks.
A legparnasom tele van angolnaval.
"the open source nature of Linux makes it a threat to national security." saying linux sucks because its Open Source and than saying "here's something to run Linux apps" is hypocracy, not emphasis. There's little reason to think their offering is better either.
While it may seem weird having Linux running in a padded cell, it means their dev team and their customers can get more work done.
And it provides another real alternative to Microsieve, meaning fewer reasons for government organizations and businesses to give in to Leviathan.
And their engineers will get used to using Linux tools.
How does tracking an IE exploit to Microsoft help you track down the person that used it? Catching the person responsible for the incursion is the order of business. In what way is Microsoft's posited 'accountability' an aid to security in the first place, and what role does it play after an incursion?
One does not want to "catch" the people responsible for an exploit. One wants to close it. Accountability is an economic issue (who do we sue), or a scapegoat issue (who's head can we put on the block to protect our own), not a security issue.
Ironically it is only with closed source software that who created the exploit is really relevant after the fact, since they are the only ones that can close it, and you can never be sure that really have unless you have the complete source to audit (and in a real secure system you always, always, always build from personally audited source).
Nor does running open source code have anything to do with whether or not you know where the code came from. There's no logical connect between the two issues and Red Hat can tell you where every line of code in their kernel came from just as well as Microsoft can tell you where code in their kernel came from.
My previous post was a joke. It was clear from your original post that your point of view is that of someone from a business enviroment. Government security has an entirely different intent, view point and priority matrix than business security (except among some of the 'new generation', who almost all come to government security from business security backgrounds).
KFG
They didn't simply not praise it, they called it a threat to national security! Perhaps this was the statement from a single wayward individual- but some more explanation is in order, and an apology would be preferable.
it's grudging acceptance that their own claims "there is no linux embedded tools market" and that "the Linux tools market will die" are patently false.
they're making a compat layer because their customers are demanding they support nonexistent tools for a dead market. yeah. that's the ticket.
Not quite... that's Greenhill Software, we're talking about Green Hills Software. According to Netcraft, they run NetBSD or OpenBSD: http://uptime.netcraft.com/up/graph/?host=www.ghs. com
wanting to exploit the popularity of linux and not "giving anything back" is hardly a compliment...
Get your torrents...
IBM is mostly supporting Linux as a shtick rather than completely backing the system and it's ideals, they are not opening up their code in a great big flood of free IBM software.
Green Hills Software products aren't open source, what Green Hell has done is use Linux, not more not less.
If IBM isn't really supporting Linux, Green Hill position it's worse than that.
My city: Barcelona.
Yes, "Informative" was definitely the correct moderation of this post. Jeebus Christ.
I'm a little disappointed with thie original post. The change of heart is about open source and the "free software" that runs on linux. Green Hills specifically criticized the open source nature of Linux. I think its pretty clear that much of the linux-compatible apps available are open source. They could have made many other criticisms of linux, but they specifically attacked OSS, and now, perhaps grudgingly, accomadating demand for it.
More likely, the NSA were only appearing to contribute to the Linux kernel, while they were actually introducing subtle and cleverly obfuscated bugs that will allow them to read Osama's email, and tell on him to his mother if he blows things up.
/evil> MWA-HA-HA-HA-HA <evil>
Also it allows them root access to any Linux running hospital in Saudi Arabia, and they can overprescribe anaesthetics when he next goes in for dialysis treatment.
A compatibility layer with something that they claimed was a national security risk? Call the unAmerican Activities Committee, Batman! They must hate their customers to so blatantly risk their security like that. Did they figure all was lost when Microsoft sold their source code to China and the KGB? Or did Green Hills see their market share eroding. Sound like they were full of bull all along. Oh yeah,
They've been vocally anti-Linux-in-safety-critical-embedded-systems because Linux is a competitor (nothing particularly nefarious, just a company trying to make a case that their product has advantages over a competitor).
Some people think it's OK to lie. No change of heart there afterall, is there?
Friends don't help friends install M$ junk.
Considering their complaint about Linux, valid or not, is its security, I don't see how this play deviates at all. The point of this compatibility later is to allow these possibly unsafe *applications* to run on a safe *operating system* by isolating their system calls, making them non-intrusive to the system's operation. Hence the product name, Padded Cell.
Although, that would really imply an app ca't even easily hurt itself, which is hardly the case. Padded Cell just has a nicer ring than Solitary Confinement.
In criticising linux, they have rather strongly criticized Open Source. Perhaps that was a strategic mistake, because much of the available software for linux is also open source. This is a change of heart. Its a shame the article isn't more clear about the conflict. Many of us (especially BSD fans) have long criticized linux, but champion open source and other "free" software
Jerry whats his name of Wind River/Vxworks frequently issued anti-Linux screeds, but suddenly stopped about the day before Wind River announced a Linux product.
thanks.
*hangs head in shame*
-jpeg
My mom warned me that asinine people often change what they say without admitting anything. I don't see any apology or retractions, do you? It is indeed foolish to act that way because people remember.
Friends don't help friends install M$ junk.
With all bias aside, doesn't it make more sense to run important government systems with open software? Open software can be changed as much as they want; it's not like they're buying the latest Mandrake pack from CompUSA and popping it into the super-mega-warhead-doomsday-computer's cd drive.
The very last thing I'd like to know about would be the government placing a tech support call to a company that only sells them proprietary software. I find that somewhat unsettling.
But I'm not an expert; are there advantages to using code you can't see or modify to run government computers?
Esoteric reference.
BSD users, and perhaps we can include Apple OSX users among them, have made valid criticisms of linux for a long time now. None of us have sunk to the depths of declaring linux a threat to national security because it is open source. It is perfectly reasonable to act as Green Hills Software has, in providing a compatibility layer. The irresponsible public statements they have made is another matter.
No Kidding! Taken directly from a GNU C++ header file:
So... If they don't understand even the comments in C++ code, then why would I believe their statements regarding the superior quality of the rest of their operating system?
-- -pjk Perry Kundert perry@kundert.ca http://kundert.2y.net
To give them the benefit of the doubt, they could be claiming that within their secured environment, Linux applications, even the dreaded 'open source' ones, can run more securely. It's not that complex a claim, they're saying that their underlying OS is more secure. It's like saying making Open Source apps run on Irix or Solaris, etc.
"What's the frequency Kenneth?"
Green Hills (or its representatives) specifically criticized the "open source nature" of linux. It would seem your product takes advantage of available OSS products. I realize you and your company may have a specific view about security, and perhaps are only considering security, but I'm afraid you've burned some bridges by showing such disdain for the work of dedicated individuals. I hope you publicly praise the usefulness of open source apps as ardently as you criticize the "flagship" OSS product, linux. As most OSS developers don't get paid, pride becomes that much more important, and Green Hills needs to recognize this.
No, they are just being hypocritical like SCO, because they don't have the resources to write their own apps from scratch and figure it is easier to simply steal from your enemies.
My rights don't need management.
Nice troll.
Nice fishie. Why did you bite on his fishing plug?
He's moderated down into the mud and you're just encouraging us to click on the 'below current threshold' link to see what he said that riled you.
"What's the frequency Kenneth?"
Actually, it's a bit trickier than that.
If you "distribute" GPL'd software, you need to either ship the source with the binary, or else you need to have a written offer to make the source available to *any third party* on request, for a reasonable fee (i.e. to cover media costs).
That said, many large companies consider distribution within the company to not actually be distribution per se. I don't know if this has ever been tested in court though.
Chris
"I'm not so bad once you get to know me".
As for the resources to write their own apps, nobody has the resources to write every app possible. Even Microsoft. Windows wouldn't be nearly as popular if it could *only* run Microsoft applications, even though Microsoft does have a very large variety of applications that they make to choose from. As for Linux, Linus didn't even write every thing needed to make a complete OS -- Various linux distributions also use parts from GNU, X, BSD, etc. All perfectly legit, of course. No stealing here.
There's nothing wrong or dishonest with them providing an API that allows Linux applications to be run on their OS. And they're not saying that they like Linux -- the WINE analogy given at the beginning of the thread is extremely appropriate. They've just realized that embracing/supporting Linux in this small manner will probably help them make more money. It sounds like a wise business decision to me.
As for the idea that `open source is a threat to National Security', there is truth to that. Of course, `closed source' is a threat too, just of a somewhat different nature.
In the open source case, sure, the code can be reviewed, but there's a lot more opportunities for `bad' people to slip in a patch that looks good and so it gets approved, but in reality it opens a non-obvious back door of some sort.
In the closed source case, a similar opportunity exists to introduce bad code, but it's really only available either to developers that work at the company in question, or those who crack into said company. But on the other had, once in, far fewer eyes are likely to look at that code, so it doesn't have to be so carefully obfuscated.
Both situations can be defused if you can get the source and find people qualified to audit every line of it and find these holes and correct them, and then have them do it without cutting corners. It's a huge job, but it's certainly possible. As for getting the source code, I imagine the NSA has little problem getting access to Micorosft's source code should they need it for something.
My immediate questions after reading your post are these: Would trust your life to Microsoft Windows?
From there, it breaks down into to trees:
If so, why? What's the difference between Linux and Windows in your eyes that suddenly makes Windows safe?
If not, what operating system WOULD you trust with your life? What makes it trustworthy where Linux and Windows are not?
Somewhat reminds me of a local tech paper's editor. Back in 1997/1998 he wrote a rather angry, extremely ignorant and mocking reply to a letter to an editor which spoke about Linux, mocking Linux as being old technology and of no use (and for the letter writer's gall to criticize AOL!).
Then, I remember in about 2001/2002 he was waxing poetic about Linux and answerting Linux questions right and left.
That's of course about the time I went to BSD (in situations where it isn't masochistic), hype serves no purpose.
Note to moderators: both "funny" and "insightful" apply to parent post! Stranger things have happened. Just a thought: maintain public-readonly source repository, use internal subtle-but-evil-injecting-filter and compile, and distribute clean-looking-but-subtle-screwed binaries. Just out of curiosity, I checked NSA site, but it looks they don't even distribute binaries, source code only, and nicely sorted into different packages.
It's me again (the guy who works at GHS as per the grandparent of this post. I don't have a /. account)
I don't feel that there is a "distain" for the work of the dedicated individuals who have worked on Linux. We offer development tools that can develop on and for Linux (as well as Windows and Solaris). Many (if not most) of our developers use Linux as the "host" operating system for developing INTEGRITY and MULTI (our compiler/debugger/code-editor/etc...). Linux is a fine operating system for desktop work.
The concern is that Linux is not provably secure. With INTEGRITY, we can prove security and stability. We have a version of INTEGRITY that has been certified as DO-178B Level-A compliant, which means that it can run critical systems on airplanes. To achieve this, we had to make the kernel completely deterministic, and test and document every line of code. There is no dynamic memory allocation at the kernel level (no malloc()), there kernel never turns off interrupts, even when in an interrupt handler (granted, a processor usually turns interrupts off when an interrupt fires, but we turn them back ON at the earliest opportunity). You cannot say these things about Linux, and thus it is less fit for safety or security-critical systems.
Lastly, in response to some complaints I have seen previously, Green Hills does offer the source to INTEGRITY to paying customers. There have been complaints that no one could trust INTEGRITY because they don't have the source code to it. These complaints are unfounded. Customers are free to examine the source and modify it to their wishes, and many do.
When it's closed, you don't really know if they got some guy in Moscow to write it, do you?
You can put it in the contract that everyone who touches the code has to have a security clearance. Not that they do that in this case, but they could. The often do at the application level.
I imagine they will create tons of bugs by trying to make a non free interface layer that will be difficult to write and maintain.
True, but I think the "security risk" alleged was not simply buggy code, but rather well-understood exploitable bugs. Back doors and the like.
Proprietary software doesn't eliminate the risk. It does make it possible to screen everyone who touches the code (although they don't do formal security clearances at Green Hills, I expect they do a lot more in the way of background checks on potential employees than an open source project does on potential contributors), and it does drasticly limit the pool of people who can edit the code. But as you pointed out, open source has the counterveiling advantage that there are many more eyeballs that might spot any malicious code. I don't know which is safer, but I'm not prepared to call the Green Hills guy a liar.
A legparnasom tele van angolnaval.
"Linux can be a threat to national security because any computer-savvy terrorist can hack it."
no, it can't. that's like saying "a door can be a threat to my personal security because any lockpick-savvy burglar can pick it."
if a burglar were to pick a lock on one of your doors and thereby jeopardize your personal security, it would be he, not the door, who posed a threat to you.
likewise, if a "computer-savvy terrorist" were to "hack" into some sensitive linux system and thereby compromise national security, it would be he, not the linux system, who posed a threat. the system he used to do so would merely be the vector.
maybe it seems like hair-splitting to you, but not to me. bad premises lead to bad conclusions.
thanks for listening.
if i'm a grammar nazi, you're an illiteracy nazi.
I'm an open source developer. I'd be scared s**tless if I found out someone was relying on my code to build a cruise missile.
- Linux is growing.
- FreeBSD is dying.
The GPL is the cause of both results. Hope this helps.You see, you have to trust that the certs that they've obtained were made by duly authorized auditors AND that they weren't bought, etc.
You CAN'T be sure of anything- it's just a relative assurance. One that can be achieved with Linux (and has been for that matter...)- this guy at Green Hills Software is blowin' and goin' about all of this.
His software is allegedly audited from start to finish. If there's an issue or a new feature you need in the mix, you need to pay them loads of bucks to implement it or buy the source (for loads of bucks), implement the feature, and then spend loads of bucks to get it certified.
Nice. I'd rather take RTEMS, Embedded Linux, or something similar, and skip the buying their software since all of the previously mentioned will do the same thing and RTEMS has certified in those contexts- Hell, it was the baseline OS implementation for several of our surface to surface missile systems.
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
The Australian OSDC http://www.osdc.com.au/ is being held in Melbourne over the next three days. During this conferenence there is a paper discussing Mr O'Dowds comments over the last few months. This back flip just adds weight to the arguments to be presented at the conference. It feels good to be vindicated.
As a SCO supporter, let me point out that (by incorporating this new interface) the Integrity operating system has become a derived work of Linux (itself a derivation of IBM's AIX and, through it, of SYSV Unix). As such, the system is now owned by The SCO Group. We are, however, offering customers of Integrity a special deal. If they immediately buy a binary license for Integrity from The SCO Group (US$10,000 per processor o.n.o.) we guarantee that we shall not sue them for Green Hill Software's misappropriation of our Intellectual Property.
As someone with absolutely no connection with Microsoft (though they may have paid a few million dollars for a study by the organisation I work for) I would like to point out several major concerns for potential Integrity customers. First, they should be aware of the huge costs of converting from proprietary systems based on Outlook, ActiveX controls and Access databases to a solution based on open standards. This can amount to millions of dollars. Secondly, there are great security risks in using programs whose code is available to every security expert in the world to examine -- our totally unbiased study shows the folly of this with huge numbers of critical bugs allowing complete system compromise and taking years for resolution. You would be much safer with Microsoft and our security by obfuscation. Lastly, be aware that by using GPLed software, you will become obliged to make the source code of all your applications publicly available, together with all the data those applications ever process and all of your employee credit card numbers. This is consequence of the GPL's viral nature.
Not only does he say that but there are these little gems from TFA:
;)
"Like a padded cell, Integrity PC prevents Linux and other insecure and unreliable software from harming the rest of a system, while also limiting the harm it can do to itself," states O'Dowd."
"GHS says PCT enables the incorporation of "legacy applications and traditional operating systems, such as Linux," into high-security and high-reliability applications."
Wicked. I was expecting a good ol' warm fuzzy Linux fanboi article and got a "Linux suxors! With our awesome software you can sandbox that legacy, buggy, hole-ridden sucker! Woot!"
I call subterfuge on this submission.
Cheers
Stor
"Yeah well there's a lot of stuff that should be, but isn't"
Depending on who was using it, I think I'd rather have some cruise missiles running Linux than (e.g.) INTEGRITY. I've worked with INTEGRITY, it seems like a hell of a nice system (although for our application it was overkill and too expensive).
MULTI, on the other hand, makes me want to kill myself. GHS guy, sorry, but that product literally makes me want to die every time I have to use it.
---
Mod me down, you fucking twits. Go ahead. I dare you.
(I read with sigs off.)
Having worked on computer systems for 10 years, 6 in the military and now for the largest wireless company, I disagree with your assertions.
1. If the military puts a 2 foot plastic fence around a secure area, then blames the people that stumble over the plastic fence
2. If the bank uses a wood door for its safe, then blames the robber who broke the door.
The fact is when you're in the business of selling doors and fences (like the OS company above) then the quality of the door or fence is in question.
Linux was never designed to be a 100% secure environment; apparently they are claiming there's pretty close. Well I am sure some 200K LB bank safe door is breakable but I would rather have it protecting the bank money the door on my home.
SmoothXP
"Give a person a fish and you feed them for a day; teach that person to use the Internet and they won't bother you for weeks"
Im not the biggest Linux fans in the world, in fact i advise all of my clients against using Linux. If they decide to use Linux, they do pay my company and myself more for consulting services and application development. Green Hills actually just added a layer by which to run more Linux application software, this is in no means an endorsement for Linux it just helps customers run Linux binaries. Personally for embedded I like Windows CE. This isnt a big deal at all. Don't worry guys, Linux is STILL a threat to National Security :)
I thought that he was trying too strongly to make the case that those that want to use Linux for real-time applications will not buy tools and those that want better performance for hard-real-time will not choose Linux.
It is also obvious that a general-purpose operating system is not going to work as well in a real-time environment as one specially designed for that purpose. It's the reason why, for example, if you are an organization that wants a system to break encryption keys fast, you build a special-purpose machine that includes hardware designed to do quick computations of prime numbers, not commodity hardware with lots of extra features you don't need and won't use, that slow down the primary purpose of breaking codes.
He seemed to be arguing the point far too strongly, as if he had a hidden agenda. Okay, presuming his argument is valid, so what if Linux as a general-purpose O/S is not as good at handling hard-real-time as a specially designed one? He could have argued that in about 1/5th of the space his article uses. What is also interesting is, despite all his talk about how bad Linux is, he seemed to ignore examples where Linux is considered good enough for real-time use in many cases, and was unable to mention any alternative which might be better, such as some open-source alternatives that have been mentioned here on Slashdot.
I had a suspicion but I wasn't sure. And now it's clear: his company sells real-time operating systems in competition with Linux. So he claims Linux is not good enough. Where have we heard this before? :)
The lessons of history teach us - if they teach us anything - that nobody learns the lessons that history teaches us.
From the article:
"Like a padded cell, INTEGRITY PC prevents Linux, non-memory-protected operating systems such as Wind River's legacy VxWorks, and other insecure and unreliable software from harming the rest of a system while also limiting the harm it can do to itself," explained Dan O'Dowd, founder and chief executive officer of Green Hills Software.
'and other insecure and reliable software'? Sounds like a true convert.
David
Just amazing how money can change someones tune...Wait for a couple more years or so and he'll be praising Linux...And denying he ever said anything bad about it.
StarTux
Going slightly offtopic: Do you need special training or certification to develop or modify DO-178B Level-A compliant software? I've wanted to get into avionics development for a while but there is not a lot of information out there about the actual guidelines that isn't hidden behind "seminars".
BTW MULTI is a really nice compiler/debugger. I've got lots of interface suggestions though if anyone at GHS is interested in listening
That is also why, if the govt was considering going mainstream with linux, they can hire their own team of developers to custom code the kernel and all the software on the system. You can benefit from better applications for the military and conceal most of the source code that way so that it is private.
_
Free 27" Sony WEGA TV
The GH attitude towards Open Source insecurity is very healthy. The OS should never trust the apps to "behave"; it should operate on the assumption that processes are malicious and incompetent, and will damage each other and the user. Replacing Linux with their own OS makes the reality of widespread Linux apps less risky, at least in their view. If only Microsoft worked this way, we wouldn't have so many viruses, worms, and BSOD's.
All this whining about GH whining is a ton of BS. Are Linux enthusiasts a nation of marketdroids, more concerned with tracing problem reports to "FUD" than to fixing the problem? GH is simply saying Linux + OSS apps is unacceptable. They can't stop people from running the apps (too popular, too much invested training, too many distributors to take on, etc). So they're "fixing" Linux, the OS, by replacing it with something they say is better. What "accountability" is necessary? They found a problem, and set about fixing it. If only the Linux whiners would also put their money where their mouth is, the kernel's extra debugging might take the wind out of GH's sails.
--
make install -not war
Someone modded the parent of my initial post up, therefore someone beleives it and so I think the issue that the troll was meant to provoke needed clarification.
When Argumentum ad Hominem falls short, try Argumentum ad Matrem
The "stealing" might refer to SCO's varied statements about the validity, while they are also shipping (and advertising (e.g. mozilla was mentioned on the defaced page the other day)) software under the GPL (yes I know mozilla is under more than the GPL, but it is just what I remember spotting. They use other Free stuff too.)
Thank you very much for the informative clarification.
There is obviously a need for products like Integrity.
Being able to run Linux apps is just the topping on the cake.
The GPL/LGPL are horrid beasts that attempt to inflict a world view. When you add code to a GPL infected program, the virus steps into your code and covers it. This is because you've created either a combined or derived work by incorporating any portion of a GPLed program (even a header file or library). The GPL requires you to provide source code upon request for 3 years. You may charge for media and shipping, if you feel like it, and don't have to provide it electronically. This is only required, however, if you redistribute the covered code. If you are using it for an inhouse application, or for a server (for example), as long as you're not redistributing the program you've not fallen under the GPL.
If your code is acting bloated, and is running rather slow, it's likely and predicted that some loops you will unroll.
Thanks for the info. We have a sales rep so one of these days I'll collect all the good ideas from the team and send it on. I hope nothing gets lost in the engineer->sales->engineer translation train.
You can put it in the contract that everyone who touches the code has to have a security clearance.
And you can require CIA and FBI officers to have security clearances too. Doesn't mean they're not working for Moscow.
The comparison is not a valid one, as the operating systems are designed for entirely different purposes - stock Linux is not even a hard RTOS, and has no requirements or process documentation, which means it's not even a candidate for certification under DO178-B. The claim of Linux being less secure, safe, or stable rests entirely on which version of Linux you are talking about. There are DO-178B Level A compliant versions of Linux on the market, as there are Level A compliant versions of Windows CE and the fine INTEGRITY operating system that Green Hills makes.
I would disagree with the assertion that Level A compliance is a guarantee of security - it means partitioning integrity is confirmed with full structural coverage to the MC/DC level(and requirements-based coverage), but that is not a measure of security. There are stricter standards for correctness and reliability than MC/DC statement coverage, like the proofs of correctness (or expanded-state model checking verification) used to verify cryptographic algorithms. It's definitely a good start, but it isn't the end.
Ultimately, I agree with most of what you're saying, but the specialized nature of safety-critical design does not broaden well for comparison across the board.
You can order a copy of the DO-178B guidelines from RTCA (the publisher), although the standards make about as much sense as the standards for NASA or the FDA.
...if you're doing avionics or highly classified systems, you're going to HAVE to have some auditor testing it for quite some time (and not a couple of weeks, either...).
DO-178b requires certified software if it's involved with something that impacts flight safety. That means if you're flying on any aircraft, military or civilian, that flys in the US territories, if the software isn't DO-178b certified, the plane is grounded unless there's a pressing reason otherwise.
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
Our group wound up buying the IDE from Metrowerks and using an in-house RTOS, so no extraction of revenge possible.
But yeah; INTEGRITY seems nice, from my (control systems engineering) perspective as someone who doesn't like dealing with writing software. MULTI, on the other hand, is entirely counter-intuitive to my mind.
---
Mod me down, you fucking twits. Go ahead. I dare you.
(I read with sigs off.)