Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Needs Secure Coding Office

Posted by CmdrTaco on from the measured-in-klocs dept.

Trailrunner7 writes "If the United States wants to remain competitive in the global economy and prevent widespread penetrations of its strategic, corporate, and commercial networks, enterprises and government agencies should stop relying on commercial software and go back to writing more of their own custom code. 'If we're going to maintain our place in the world, software is not a strategic problem, it is the strategic problem going forward,' security expert Marcus Ranum said in a speech Tuesday. 'Covert penetration becomes something that you think about on a five, 10, or 20-year scale. Why don't we have a government coding office? We have a government printing office. Why don't we have a strategic software reserve? Our own software is probably a greater threat to us than anything other people can do to us.'"

4 of 236 comments (clear)

  1. Agreed by geekoid · · Score: 5, Insightful

    In house software for government jobs is the way to go.
    1) You own the code
    2) You're goal is to have software that works for a long time. You vendor does not share that goal. They want you to rebuy software every 5 years.

    3) It's a lot cheaper to maintain.
    4) It's written to get a job done. Once that's done, you don't have to worry about some revising the requires new hardware.

    --
    The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
  2. Re:What? by K.+S.+Kyosuke · · Score: 5, Insightful

    2. And the shelf-life of that software "reserve" is...

    At least a few decades, isn't it? At least Maxima, Emacs and others work perfectly on my modern PC.

    --
    Ezekiel 23:20
  3. Re:OpenBSD by Anonymous Coward · · Score: 5, Insightful

    Hire the OpenBSD boys. They have a proven track record.

    SELinux has a pretty good track record too, and they wouldn't even need to outsource.

    Really that's what they ought to be doing anyway: Not rewriting internal government clones of proprietary software, but giving the spooks a mandate to improve the security of open source software, and then use that.

  4. Re:What the hell is a strategic software reserve? by robot256 · · Score: 5, Funny

    The only thing it could possibly mean is a reserve of *coders* ready to jump at any problem or bug that arises. Oh wait, that's called the NSA. Just need to give them more resources and jurisdiction to fix any code anywhere in the government. That'd work great:

    Setting: Nondescript cubicle farm full of people working an eating donuts.
    Cubicle farm is suddenly stormed by a SWAT team with M16s and tablet PCs.
    Team leader:     "Everybody freeze! Hands off the keyboards! We've detected a buffer overrun condition! Move, move, move!"
    Guys with tablets rush to the PCs and networking closet and start typing like mad. Soldiers round up all the people into the middle of the room.
    A five-star general walks into the room.
    General:     "What's going on here?"
    Team leader: "Sir! We're neutralizing a threat in the PR office happy-hour scheduling system. We should be finished soon."
    General: "Good. I'll want a full report when this is over. We need to catch the idiot who's responsible for this."
    A soldier escorts an intern with hands behind his head to the leader.
    Soldier:     "This guy did it. We found non-compliant source code on his machine."
    Team leader: "Good work, sergeant. Hand him off to headquarters at 1300."
    General: "Glad to see that was taken care of quickly."
    Team leader: "All in a day's work, sir."