Slashdot Mirror
Green Hills Software Decides Linux Isn't So Bad
An anonymous reader submits a link to this report on LinuxDevices.com, which begins "An outspoken open source detractor has paid Linux a back-handed compliment. Green Hills Software (GHS), known for diatribes against Linux in military/aerospace applications, is shipping 'Padded Cell technology' intended to enable the company's proprietary real-time OS to take advantage of the wealth of Linux application software." You may remember GHS's Dan O'Dowd, who's claimed that the embedded Linux Tools Market is a myth and that the open source nature of Linux makes it a threat to national security.
Has any Linux distro gotten Common Criteria certification yet? Seems like that is the major barrier to large scale governmental/military adoption and not some small-time competitor FUD.
Since their other claims seem to be completely made up and bogus, is anyone really sure that their claims now of product compatibility are accurate?
Comment removed based on user account deletion
If there is any threat to national security it is closed source software that is not peer reviewed and comes with the inherent risk of backdoors and vulnerabilities. These day we cannot afford using closed source software anymore. The dangers are simply too high. Open-source needs to be the standard for any type of critical application.
This should be self evident to anyone. Admittedly the National Security Agency bothered to make additions to the Linux kernel to make it more secure, and freely returned their work to the open source community. That just shows that the National Security Agency doesn't know anything about National Security.
When I'm concerned about National Security I know I trust a random small commercial software company. It would only make sense that they would be better informed about National Security than some lowly government organisation.
Jedidiah.
Craft Beer Programming T-shirts
I have a life damn you! I am here on /. aren't I?
Most any company is going to look at things from their own point of advantage. If they did not feel they could make money on linux or it would actually hurt them, why would they praise it. So now they apparently think they can make money from it. At least they were open minded enough to reevaluate their position.
From reading the article, I think Green Hills have decided Linux APPs are not so bad, or at least something they feel they need. I don't think they have changed their position on Linux itself.
My rights don't need management.
Seriously people, allowing your OS to run apps from another OS isn't declaring the superiority of the other OS. It is simply a wise business decision. It can, in fact, be interpreted as an insult to Linux, depending on how you look at it. Consider this:
GHS: "Our OS can now run Linux apps, so you don't have to use crappy Linux"
This is exactly the same reason they came out with WINE. The WINE devs don't like Windows, so they give you an alternative with WINE. This is the same thing.
If they find a backdoor in the kernal and someone has stolen sensitive stuff through it, who's to blame?
Stuff so sensitive that it threatens national security has been stolen and your only concern is your scapegoat.
You work for the government, don't you?
KFG
What is the submitter talking about? Saying "Linux sucks", then saying "here's something to run Linux apps that isn't Linux" isn't a compliment, or a retraction. It's emphasis. They never said that Linux doesn't have a lot of apps, or that it's not popular. Just that it's not good enough. And now they have something better.
--
make install -not war
'Padded Cell technology' intended to enable the company's proprietary real-time OS to take advantage of the wealth of Linux application software."
Compliment? I think not. What they are saying here is that Linux application software is so insane, that it needs a "Padded Cell" just to be safe.
#!/
I think this course of events is sort of ironic. Possibly they were motivated for other goals in their previous outlook on linux. Either that or they feel its good enough and won't endanger their security for there product at least.
Or maybe they just want access to all the linux apps available. It doesn't necessarily mean a change of heart regarding linux; does anyone here think the WINE guys started WINE because they felt that Windows was a better platform? Or that the FreeBSD crew created linux binary compatibility because they thought linux was superior?
Nice troll. This is utter garbage of cause, but it is common misconception so I'll rebut it. Just because something uses a tool doesn't mean it is subject to the same licence as the tool. Firstly, if this were the case, then any document created in an open source word processor or text editor would need to be GPLed which is clearly not the case (and would be dangerous for writing confidential documents). Even if compiling something with gcc made it a dirivitive work (which it doesn't), only the binary would be a dirivitive of gcc, and the source code would be completely unneffected since it is not modified by gcc. BeOS was compiled by gcc for the x86 platform and it remained closed source and propritary with no legal challenges.
One only has to release the source code under the GPL to the people you distributed the binary to.If you keep it wholly in house you only need to give the source code to anyone. If you make it for a single client you only need to give the source code to that single client. Of cause anyone who you give the source to is allowed to pass it on, but it isn't like you have to just broadcast it to the world just because you changed it.
If you are not trolling and have read what I have just said and still don't think its fair, think about this: the program you are modifing was written by thousands of other people, many of them with commercial tasks just like you, and they have let you use their code. If you want to distribute the hacked kernel without sharing your code, how is it fair for the people who have contributed beforehand?
Oh, and if you are not a troll, you really need to get yourself a new lawyer quick, because that lawyer just caused you a lot of wasted time and effort.
When Argumentum ad Hominem falls short, try Argumentum ad Matrem
When I read things like that, then I understand why I'm only an engineer and not a CEO, because I would NEVER think of using that phrase to try to get my point across.
Nothing great was ever achieved without enthusiasm
They aren't converting to Linux. They are just adding a compatability layer so software for Linux can run on their proprietary OS.
Boffoonery - downloadable Comedy Benefit for Bletchley Park
This is a misunderstanding of the GPL - and there are TONS of misunderstandings of the GPL out there. The answer isn't to mod it out of sight. Instead, correct it. And let it stay visible so other people who have misunderstandings of the GPL can see it and learn something.
Don't just blindly mod down anything that says something bad/incorrect about the GPL. Correct it, and let people see the post and the factual corrections. Even if it is a troll, people can benefit from seeing this misconception shot down.
http://uptime.netcraft.com/up/graph/?host=www.gree nhillsoftware.com
-jpeg
Disclaimer: I work for Green Hills Software
There seems to be some confusion about this product. From what I've seen and heard (I haven't used this product directly yet), it is a method of running linux applications on top of the uber-secure real-time operating system, "Integrity". The linux applcation layer is sheilded from the rest of the system, and possibly from other linux-application layers. It's really more of like user-mode linux than a linux kernel.
I hope that helps...
IBM, the big blue company, decided a long time ago that Open Source isn't so bad.
Sun, the UltraSPARC Processors maker, decided that Open Source isn't so bad.
Intel, the 8086 Processor maker, decided that Open Source isn't so bad.
Munich, Germany's third-largest city, decided that Open Source isn't so bad.
"Microsoft decides Open Source isn't so bad" will be news.
My city: Barcelona.
Green Hills makes devtools and OSs for safety-critical embedded systems. They've been vocally anti-Linux-in-safety-critical-embedded-systems because Linux is a competitor (nothing particularly nefarious, just a company trying to make a case that their product has advantages over a competitor).
And now they made a compatability layer so their OS can run software written for their competitors' API. This is a change of heart how?
Especially considering how Green Hills has long had a compatibility layer for their more direct competitor vxWorks.
A legparnasom tele van angolnaval.
How does tracking an IE exploit to Microsoft help you track down the person that used it? Catching the person responsible for the incursion is the order of business. In what way is Microsoft's posited 'accountability' an aid to security in the first place, and what role does it play after an incursion?
One does not want to "catch" the people responsible for an exploit. One wants to close it. Accountability is an economic issue (who do we sue), or a scapegoat issue (who's head can we put on the block to protect our own), not a security issue.
Ironically it is only with closed source software that who created the exploit is really relevant after the fact, since they are the only ones that can close it, and you can never be sure that really have unless you have the complete source to audit (and in a real secure system you always, always, always build from personally audited source).
Nor does running open source code have anything to do with whether or not you know where the code came from. There's no logical connect between the two issues and Red Hat can tell you where every line of code in their kernel came from just as well as Microsoft can tell you where code in their kernel came from.
My previous post was a joke. It was clear from your original post that your point of view is that of someone from a business enviroment. Government security has an entirely different intent, view point and priority matrix than business security (except among some of the 'new generation', who almost all come to government security from business security backgrounds).
KFG
it's grudging acceptance that their own claims "there is no linux embedded tools market" and that "the Linux tools market will die" are patently false.
they're making a compat layer because their customers are demanding they support nonexistent tools for a dead market. yeah. that's the ticket.
Not quite... that's Greenhill Software, we're talking about Green Hills Software. According to Netcraft, they run NetBSD or OpenBSD: http://uptime.netcraft.com/up/graph/?host=www.ghs. com
wanting to exploit the popularity of linux and not "giving anything back" is hardly a compliment...
Get your torrents...
I'm a little disappointed with thie original post. The change of heart is about open source and the "free software" that runs on linux. Green Hills specifically criticized the open source nature of Linux. I think its pretty clear that much of the linux-compatible apps available are open source. They could have made many other criticisms of linux, but they specifically attacked OSS, and now, perhaps grudgingly, accomadating demand for it.
More likely, the NSA were only appearing to contribute to the Linux kernel, while they were actually introducing subtle and cleverly obfuscated bugs that will allow them to read Osama's email, and tell on him to his mother if he blows things up.
/evil> MWA-HA-HA-HA-HA <evil>
Also it allows them root access to any Linux running hospital in Saudi Arabia, and they can overprescribe anaesthetics when he next goes in for dialysis treatment.
Considering their complaint about Linux, valid or not, is its security, I don't see how this play deviates at all. The point of this compatibility later is to allow these possibly unsafe *applications* to run on a safe *operating system* by isolating their system calls, making them non-intrusive to the system's operation. Hence the product name, Padded Cell.
Although, that would really imply an app ca't even easily hurt itself, which is hardly the case. Padded Cell just has a nicer ring than Solitary Confinement.
In criticising linux, they have rather strongly criticized Open Source. Perhaps that was a strategic mistake, because much of the available software for linux is also open source. This is a change of heart. Its a shame the article isn't more clear about the conflict. Many of us (especially BSD fans) have long criticized linux, but champion open source and other "free" software
Jerry whats his name of Wind River/Vxworks frequently issued anti-Linux screeds, but suddenly stopped about the day before Wind River announced a Linux product.
With all bias aside, doesn't it make more sense to run important government systems with open software? Open software can be changed as much as they want; it's not like they're buying the latest Mandrake pack from CompUSA and popping it into the super-mega-warhead-doomsday-computer's cd drive.
The very last thing I'd like to know about would be the government placing a tech support call to a company that only sells them proprietary software. I find that somewhat unsettling.
But I'm not an expert; are there advantages to using code you can't see or modify to run government computers?
Esoteric reference.
BSD users, and perhaps we can include Apple OSX users among them, have made valid criticisms of linux for a long time now. None of us have sunk to the depths of declaring linux a threat to national security because it is open source. It is perfectly reasonable to act as Green Hills Software has, in providing a compatibility layer. The irresponsible public statements they have made is another matter.
No Kidding! Taken directly from a GNU C++ header file:
So... If they don't understand even the comments in C++ code, then why would I believe their statements regarding the superior quality of the rest of their operating system?
-- -pjk Perry Kundert perry@kundert.ca http://kundert.2y.net
Green Hills (or its representatives) specifically criticized the "open source nature" of linux. It would seem your product takes advantage of available OSS products. I realize you and your company may have a specific view about security, and perhaps are only considering security, but I'm afraid you've burned some bridges by showing such disdain for the work of dedicated individuals. I hope you publicly praise the usefulness of open source apps as ardently as you criticize the "flagship" OSS product, linux. As most OSS developers don't get paid, pride becomes that much more important, and Green Hills needs to recognize this.
Nice troll.
Nice fishie. Why did you bite on his fishing plug?
He's moderated down into the mud and you're just encouraging us to click on the 'below current threshold' link to see what he said that riled you.
"What's the frequency Kenneth?"
Here's what they said before:
The Linux operating system is developed by an open source process - a cooperative effort by a loose association of software developers from all over the world. With the knowledge that Linux is going to control our most advanced defense systems, foreign intelligence agencies and terrorists can easily infiltrate the Linux community to contribute subversive software.
etc., etc.
They made the argument that since Linux is open source it is subjected to the terrorists infiltrating it and injecting their malicious code. So now, you are saying they would like the applications developed with similar methods to run on their platform? Unless you argue that they are only targeting closed source applications for Linux that they believe are inherently more secure then you cannot justify both arguments. What makes those open source applications any different or any more protected from terrorists than Linux itself?
As for the resources to write their own apps, nobody has the resources to write every app possible. Even Microsoft. Windows wouldn't be nearly as popular if it could *only* run Microsoft applications, even though Microsoft does have a very large variety of applications that they make to choose from. As for Linux, Linus didn't even write every thing needed to make a complete OS -- Various linux distributions also use parts from GNU, X, BSD, etc. All perfectly legit, of course. No stealing here.
There's nothing wrong or dishonest with them providing an API that allows Linux applications to be run on their OS. And they're not saying that they like Linux -- the WINE analogy given at the beginning of the thread is extremely appropriate. They've just realized that embracing/supporting Linux in this small manner will probably help them make more money. It sounds like a wise business decision to me.
As for the idea that `open source is a threat to National Security', there is truth to that. Of course, `closed source' is a threat too, just of a somewhat different nature.
In the open source case, sure, the code can be reviewed, but there's a lot more opportunities for `bad' people to slip in a patch that looks good and so it gets approved, but in reality it opens a non-obvious back door of some sort.
In the closed source case, a similar opportunity exists to introduce bad code, but it's really only available either to developers that work at the company in question, or those who crack into said company. But on the other had, once in, far fewer eyes are likely to look at that code, so it doesn't have to be so carefully obfuscated.
Both situations can be defused if you can get the source and find people qualified to audit every line of it and find these holes and correct them, and then have them do it without cutting corners. It's a huge job, but it's certainly possible. As for getting the source code, I imagine the NSA has little problem getting access to Micorosft's source code should they need it for something.
Somewhat reminds me of a local tech paper's editor. Back in 1997/1998 he wrote a rather angry, extremely ignorant and mocking reply to a letter to an editor which spoke about Linux, mocking Linux as being old technology and of no use (and for the letter writer's gall to criticize AOL!).
Then, I remember in about 2001/2002 he was waxing poetic about Linux and answerting Linux questions right and left.
That's of course about the time I went to BSD (in situations where it isn't masochistic), hype serves no purpose.
It's me again (the guy who works at GHS as per the grandparent of this post. I don't have a /. account)
I don't feel that there is a "distain" for the work of the dedicated individuals who have worked on Linux. We offer development tools that can develop on and for Linux (as well as Windows and Solaris). Many (if not most) of our developers use Linux as the "host" operating system for developing INTEGRITY and MULTI (our compiler/debugger/code-editor/etc...). Linux is a fine operating system for desktop work.
The concern is that Linux is not provably secure. With INTEGRITY, we can prove security and stability. We have a version of INTEGRITY that has been certified as DO-178B Level-A compliant, which means that it can run critical systems on airplanes. To achieve this, we had to make the kernel completely deterministic, and test and document every line of code. There is no dynamic memory allocation at the kernel level (no malloc()), there kernel never turns off interrupts, even when in an interrupt handler (granted, a processor usually turns interrupts off when an interrupt fires, but we turn them back ON at the earliest opportunity). You cannot say these things about Linux, and thus it is less fit for safety or security-critical systems.
Lastly, in response to some complaints I have seen previously, Green Hills does offer the source to INTEGRITY to paying customers. There have been complaints that no one could trust INTEGRITY because they don't have the source code to it. These complaints are unfounded. Customers are free to examine the source and modify it to their wishes, and many do.
"Linux can be a threat to national security because any computer-savvy terrorist can hack it."
no, it can't. that's like saying "a door can be a threat to my personal security because any lockpick-savvy burglar can pick it."
if a burglar were to pick a lock on one of your doors and thereby jeopardize your personal security, it would be he, not the door, who posed a threat to you.
likewise, if a "computer-savvy terrorist" were to "hack" into some sensitive linux system and thereby compromise national security, it would be he, not the linux system, who posed a threat. the system he used to do so would merely be the vector.
maybe it seems like hair-splitting to you, but not to me. bad premises lead to bad conclusions.
thanks for listening.
if i'm a grammar nazi, you're an illiteracy nazi.
The Australian OSDC http://www.osdc.com.au/ is being held in Melbourne over the next three days. During this conferenence there is a paper discussing Mr O'Dowds comments over the last few months. This back flip just adds weight to the arguments to be presented at the conference. It feels good to be vindicated.
I thought that he was trying too strongly to make the case that those that want to use Linux for real-time applications will not buy tools and those that want better performance for hard-real-time will not choose Linux.
It is also obvious that a general-purpose operating system is not going to work as well in a real-time environment as one specially designed for that purpose. It's the reason why, for example, if you are an organization that wants a system to break encryption keys fast, you build a special-purpose machine that includes hardware designed to do quick computations of prime numbers, not commodity hardware with lots of extra features you don't need and won't use, that slow down the primary purpose of breaking codes.
He seemed to be arguing the point far too strongly, as if he had a hidden agenda. Okay, presuming his argument is valid, so what if Linux as a general-purpose O/S is not as good at handling hard-real-time as a specially designed one? He could have argued that in about 1/5th of the space his article uses. What is also interesting is, despite all his talk about how bad Linux is, he seemed to ignore examples where Linux is considered good enough for real-time use in many cases, and was unable to mention any alternative which might be better, such as some open-source alternatives that have been mentioned here on Slashdot.
I had a suspicion but I wasn't sure. And now it's clear: his company sells real-time operating systems in competition with Linux. So he claims Linux is not good enough. Where have we heard this before? :)
The lessons of history teach us - if they teach us anything - that nobody learns the lessons that history teaches us.
Im not the biggest Linux fans in the world, in fact i advise all of my clients against using Linux. If they decide to use Linux, they do pay my company and myself more for consulting services and application development.
... ) job for them then I don't see you pushing Windows stuff on them).
:)
After taking a peek at your website and blogs (there is a reason I did not want to stay long, and it had less to do with what you were saying and more with the way you were presenting stuff) I get the feeling you haven't mastered Linux enough to use it for your own purposes. As a self-proclaimed geek I would have expected to see you run your own DNS- and web-server, either on Linux (really easy with SuSE 9.1 Prof. - Oh, you dislike anything FOSS and especially Novell since they will sue SCO [you realize that SCO's going to be done and burried when IBM is finished with them, so why do you think Novell is doing it? One hint, it isn't greed, like I said they won't get anything from SCO after IBM squashes them]) or Microsoft Windows (though if you REALLY consult people and want to HELP them instead of just wanting to do a quick and dirty (... and insecure and expensive and
Don't worry guys, Linux is STILL a threat to National Security
Only to people like you that can't "hack" it or press a few buttons to "fix" it allin a few seconds (which by the way only works if Microsoft releases a patch). There are reasons why Windows is so insecure, amonsgt the many is the fact that it has bred a large crowd of "consultants" that think their only job is to press a few buttons in a GUI and that's it.