Open Source Software In the Military

JohnMoD writes With the advent of forge.mil, etc. the military seems to be getting on board with free and open source software. A working group meeting is going to be held at Georgia Tech in Atlanta, August 12-13, 2009. There's a pretty good lineup of speakers including a Marine from the Iraq-Marine Expeditionary Forces, who was on the ground and saw the agility open source gave to him and his soldiers. A number of OSS projects are going to be meeting there: Delta 3D, OpenCPI, FalconView, OSSIM, Red Hat, etc. Looks like there will be some good discussions."

Re:WOW

[symbolset]

It is funny that people assume that open source means more secure. It means more potential for security, since you can undertake an enormous, in-depth code review, but given the amount of code in some projects (the Linux kernel, Apache, etc.), that is not something that is likely to happen.

Just because you're not doing it, don't presuppose that nobody is. The code review of all the major pieces is ongoing, extensive and in-depth. It's done for a lot of reasons: motivated self interest on the part of organizations with large user bases (NSA, .mil, governments, large corporates), product development (all the commercial vendors), security professionals (for experience props) and others.

Stuff does occasionally get through, but it's almost always pointed out and fixed right away.

One downside of commercial software is that code audits can only be done by two groups: the vendor and the black hats.

TCP/IP was military

[ritzer]

Anyone on this forum heard of TCP/IP? Maybe I am getting old, but I remember the internet as a DARPA project. Source got distributed and ported to whatever you OS you happened to be using. Sounds like open source to me.