Slashdot Mirror

← Back to Stories (view on slashdot.org)

Indian Military Organization To Develop Its Own OS

Posted by timothy on from the there-are-drawbacks-to-this dept.

An anonymous reader writes "Several newspapers have reported that DRDO (the defence R&D organization of the Indian military) is planning to create an OS. The need for this arose due to the cyber security concerns facing India and that all [conventional] operating systems are made outside India. About 50 professionals in Bangalore and New Delhi are expected to start work on this operating system." At least one of the linked articles says the new OS, though home-grown, would run Windows software.

8 of 466 comments (clear)

  1. Re:Who can be trusted? by bsDaemon · · Score: 4, Informative

    It was Ken Thompson, the man himself, that you're referring to. The talk in question can be found here: http://cm.bell-labs.com/who/ken/trust.html

  2. "Trusting trust" attack can be countered using DDC by dwheeler · · Score: 4, Informative

    You're talking about the trusting trust attack, which was made famous by Ken Thompson.

    Thankfully, you can counter the "trusting trust" attack using a technique called "Diverse Double-Compiling" (DDC). See the linked PhD dissertation for details.

    --
    - David A. Wheeler (see my Secure Programming HOWTO)
  3. Re:Why not do *BSD or Linux code review and use it by dachshund · · Score: 3, Informative

    Seems to me that plenty of countries (including the US) manufacture weapons for use and for distribution to other countries. Thing is, you're not at war most of the time, and you're almost never at war with everyone.

  4. Re:offtopic but hilarious by man_of_mr_e · · Score: 3, Informative

    Hotmail does run on Windows. When it was purchased it did not, and it took them some time convert it. The "stories" about conversion failures were rediculous, the timelines did not give enough time for a real conversion of such systems, and people probably mistook various prototype testing as real attempts.

    Sourcesafe was also never meant for anything other than workgroup projects, not large scale. As such, nobody would be expected to run something the size of the windows code base on vss. Nowadays, Microsoft has an enterprise class version control in Team Foundation Server, but I imagine they have a lot of legacy to convert to move that to TFS any time soon.

    They also ran a large part of their internal processes for years on an AS/400, including accounting and other aspects. Microsoft didn't have applications to do what they needed on Windows, and didn't really want to invest in building them. However, now that they bought Great Plains.. that's a different story.

    Due to legacy concerns, they aren't likely to convert from p4 for a very long time, although the beauty of git is that in workgroups you can use git and push changes upstream. If anything, they're most likely to convert to TFS, for long term overall project.. Already most of the tools development, web development, etc.. is done on TFS.

    --
    If you need web hosting, you could do worse than here
  5. Re:Mod parent up. by Chrisq · · Score: 3, Informative

    Security needs to be designed in from the ground up.

    Well OpenBSD it practically is. Some articles claim it is written ground up for security, but in reality they audited the entire BSD codebase many years ago, rewriting large parts and all new code is ground-up secure. In practice it is extremely secure, many of the bugs that occur in other BSDs or linux turn out to have been fixed months or years before in openBSD

  6. Re:Already an open source alternative to windows by erroneus · · Score: 4, Informative

    The trouble with Windows [compatible] OSes is not that it should be capable of running software written for Windows. It is that Windows itself has design weaknesses for various reasons not the least of which are related to its DOS based origins and support for old, misbehaving "legacy" software. To write a Windows compatible OS, you would also have to mimic a wide range of idiosyncratic behaviors in order to support Windows applications.

    Now, if for some reason, all the bad-behaving software were cast aside and only good Windows software were used, the notion might stand a chance. I remain quite skeptical it, or any Windows-compatible OS, would become completely viable.

    Looking at it another way, the SaMBa project is constantly playing catch-up against the moving target that is Windows networking. And that is just one aspect of the Windows OS family. Imagine this on an entire OS? It would be hard pressed to actually work.

    They'd be better off making a BSD modified OS and pulling in WINE.

  7. Re:Mod parent up. by TheRaven64 · · Score: 3, Informative

    Until the early to mid '90s, the term 'UNIX Security' was considered a joke. In comparison to systems like OS/370, VMS, and so on that were designed for security, UNIX was a toy. It didn't even have access control lists for files, and trust was entirely binary - if your web server needed to be able to bind to port 80, it also got the ability to modify every single file on the system, write directly to devices, and so on. Linux adopted the UNIX lack-of-security model from the start, although has recently gained some slight improvements.

    In contrast, Windows NT was designed to be secure from the start. Every kernel object (file, thread, process, and so on) has an access control list associated with it. This can grant fine-grained permissions to individual users or processes. Unfortunately, the kernel was then given to the UI and DOS compatibility teams, who decided that world-accessible was the correct permission for pretty much everything and that the default user should be the administrator, who can override most permissions.

    Plan 9 is closer to what the UNIX model would look like if security had been a concern. It's recursively virtualisable, so you can trivially jail processes.

    --
    I am TheRaven on Soylent News
  8. Re:Mod parent up. by MasterRat · · Score: 5, Informative

    As someone who knows a bit about the origins of NT, with regard to Windows NT, you are full that substance that leads to substantial growth in the business...

    Windows NT first several beta's booted using the OS2LDR.EXE file from prerelease versions of OS/2 2.0. The first thing you saw on the console was "OS2LDR.EXE ...". Eventually OS2LDR.exe got renamed, but it remained the same through at least the first release (I left Micrografx before the next release of Windows NT came out). In the end, Windows NT was more secure than it was when it started, but it was not "secure".

    Windows NT was not designed for security -- The first version was hacked together using bits of OS/2 2.0 code, ports of existing Windows code, etc. For the record, I worked at Micrografx when they (a) had source code and early binaries of Windows NT, and (b) was part of the team that worked on OS/2.

    With regard to your spurious example implying ACLs make something secure, again, you've been shoveling out the stables. ACLs do not make something secure (they may contribute to a security solution) and the lack of ACLs does not make something insecure. Security is not about how you achieve something, security is about what is achieved. Fundamentally, the only truly secure computer is one that not connected to a network, kept behind several locked doors, with guards that are so well paid or loyal such that they cannot be bribed. This goes on and on, no software added after security is certified, no external access other than keyboard, no externally accessible disk drives/cdrom/usb, etc. Everything else is a careful balancing act of risk, vulnerabilities, and mitigation.