China's Government Unveils 'China Operating System' To Great Skepticism

redletterdave writes "The government of China is not too fond of foreign mobile operating systems like iOS and Android, so the country cooked up its own homegrown solution: A Linux-based, open-source operating system called the COS, or China Operating System. But consumers have every right to be skeptical; China is using the recent NSA scandal in the U.S. to push its own product. A government-approved mobile operating system, especially in China of all places, reeks of its own backdoor exploits for governmental spying."

US Operating System

[Niterios]

Quick! Someone in the US pirate this and give them a taste of their own medicine!

before you go there

[dlt074]

remember, people in glass houses should not throw rocks. or something...

at this point i trust our current mobile OS's as much as i trust theirs. at least with theirs i have no doubts i'm being watched.

Re:before you go there

[Jane+Q.+Public]

I think it's "People who throw rocks at glass houses shouldn't be stoned." Or something like that.

Re:before you go there

[DigiShaman]

You're missing the entire point. How can the US be a "beacon of freedom" when we officially are a police state ourselves?! Effectively, our police state is now spreading (or legitimizing) totalitarianism around the world and not just from within. THAT is the problem!.

Re:before you go there

[Mashiki]

Lies. Obama stands for hope and change! It's unpossible that there is even more spying being done now under his government then there was before and the NSA and other letter agencies are acting outside the bounds of law, constitution, and bill of rights.

Re:before you go there

[mrchaotica]

I would trust theirs more. I may be watched by both, but at least China doesn't have police power over me.

Re:before you go there

[Desler]

Bush let them run wild, too, no matter that Obama didn't make anything better.

Re:before you go there

[Neo-Rio-101]

No it's "People who bang 7 gram rocks are going to get stoned"

Re:CHINKOS?

[Jeremiah+Cornelius]

It is restricted for US distribution as too secure, without NIST weak crypto or NSA backdoors.

Ahem!

[TheP4st]

"A government-approved mobile operating system, especially in China of all places, reeks of its own backdoor exploits for governmental spying"
As opposed to the reek of the daily NSA exploits published by Bruce Schneier?
In difference from for example the RSA back door this is open source , so the code is there to review for potential back doors for anyone with the necessary knowledge. I can imagine quite a few will do so only to be able and point fingers and say "see, see! they do it too!" and would be little surprised if there is a government sponsored team doing just that as I write with the hope there will be findings to detract attention from scandals closer to home.

As opposed to

[JavaLord]

A government-approved mobile operating system, especially in China of all places, reeks of its own backdoor exploits for governmental spying."

As opposed to an operating system created by an American corporation, which reeks of its own backdoor exploits for governmental spying.

Re:As opposed to

[girlintraining]

As opposed to an operating system created by an American corporation, which reeks of its own backdoor exploits for governmental spying.

As opposed to an operating system created by a [somewhere you don't live] corporation, which reeks of...

I think we're getting mired in our own nationalism instead of looking objectively at the facts. Mandarin and Spanish are both spoken more in the world than English. And China has billions of people. We only have millions. Why, exactly, doesn't it make sense for them to develop their own operating system? We're getting stuck on this circle-jerk about the NSA, privacy, etc., but the argument being made here is primarily economic, not political. And economically, it makes sense; The only question on my mind is... why did it take them so long to start?

It's Open Source at least...

When all the Shell Infrastructure Windows servers got shut down at Venezuela directly from Redmond after the compayy's subsidiary there got nationalized, we learned a valuable lesson: closed source software is an error, at least at any government instances.

At least the Chinese OS is open source, so it could be audited by the users. I'm not saying they can't place a piece of code in the mobile phones or computers after the community audited it, but to me it looks like a step in the right direction...

DavrOS

[Sponge+Bath]

Endorsed by Daleks everywhere as an alternative to NSA tainted American products!

Re:DavrOS

[Roger+W+Moore]

The Daleks dropped that when they found that DR-DOS made them run a lot faster.

Audit?

[twocows]

If it's open source, then just audit it. Find what pieces are different in what ways and review those sections. I guess that's easier said than done, but still.

Should be on low-end tablets in months

[Animats]

This should start appearing on low-end tablets within months. Especially the ones that use the Allwinner CPU. 100% China-controlled technology at last.

Where do you download the source?

Should be a fascinating read

[Weaselmancer]

Can't wait to have a look at it. We know there will be backdoors and other goodies in it. Should be absolutely amazing to see what it monitors, how it does so, whom it calls home to, and so on. Let's see what China considers an ideal piece of software.

I think this will be a powerfully interesting piece of software to study. We'll learn a lot from it, I'll bet.

Eh.

[fuzzyfuzzyfungus]

I'm skeptical of this system because it is at least the second (after 'Red Flag', possibly more of them than that, certainly a lot more if you count 'nationalist linux forks' generally, rather than just Chinese ones), and past attempts havent exactly set the world on fire with their success.

More generally, though, I'm skeptical largely because (at the present time) you basically have to shop like Richard Stallman (and possibly even harder than he does, if some TAO-level group has designs on you) to have a chance in hell to even see all the security-relevant software/firmware that goes into your system in anything other than a mixture of OSS components, proprietary userspace applications, and firmware blobs (often doing not-even-a-debugger-knows-what on the various totally undocumented application-specific processors hanging off various busses). So long as that's the case, even if your OS is FOSS and you've audited the hell out of it (odds are you haven't) and you have a robust security model designed to keep applications in check (obligatory XKCD, odds are that it will all come to nothing because your lowballing vendor has a BSP full of proprietary shit, your GPU vendor won't offer anything but a binary blob unless you abduct the entire Board's families and threaten to return them one slice at a time, and you don't have a clue what various surprisingly punchy microcontrollers and very-low-end ARM cores attached to dangerously useful (and mostly unexamined) busses are doing in their own memory spaces.

If Team China manages to solve these problems(especially acute in cellphones because the cellular baseband which makes wifi interfaces look like GNU-paradise by comparison in terms of openness and robustness), then I'll be damn interested, no matter how much their 'yet another shitty fork of something that they could have just audited' linux-derivate OS bores me. If they don't manage to solve them, or don't even bother, that this is just some balance-of-trade enthusiast crying into his beer about Android's ubiquity in the Chinese smartphone market, who cares?

Red Flag Linux

[game+kid]

I thought this sounded like a dupe*, but Red Flag Linux is apparently not a Chinese government project as I began to think for some reason**.

*On China's part, not Slashdot's!

**Like, totally not because of the name or anything. ;)

Linux is for Communists!

[smooth+wombat]

Here we have absolute proof that Linux is for Communists. Just as Steve Ballmer said. Only a commie would use free software to write code so they don't have to pay the evil capitalists their 30 pieces of silver.

MaOS

[orledrat]

I'm not upgrading. I'm sticking with MaOS. I like my standards open.

Re:MaOS

[broken_chaos]

It's a wordplay on "Mao", the guy famous for kickstarting communism in China.

Re:MaOS

[The_Star_Child]

I still haven't received my $50 perk for donating to Mao's kickstarter.

What happened to Kylin?

[NuAngel]

So there was that Kylin Linux distro, then Ubuntu Kylin, and "Red Flag Linux," and now... a mobile one? Interesting key word, though, is that the article calls this an Open Source mobile OS. User "war4peace" noticed this, as well. I'll be the first to admit that I am *NOT* a coder, but how many backdoors can you hide in something that is open source? I'm sure it's large and it would take time to go through, but if it is open source it *could* be gone through, right?

Re:What happened to Kylin?

[Jeremi]

how many backdoors can you hide in something that is open source?

Quite a few, if you're clever (although of course you only need one). Code that introduces a vulnerability can be very subtle -- so subtle that even if someone discovers it, they are likely to think it is a bug rather than something that was placed there deliberately.

input system

[phantomfive]

If they get foreign language input systems working in Linux, then who cares? At that point they've already improved the community, which is the beauty of open source.

May Not be Open Source

[ZombieBraintrust]

According to zdnet.com it is not open source. However, due to "safety concerns", COS is not an open source system, revealed a 21cbh.com report.

If so then they are likely in non complience with the licenses involved.

Re:May Not be Open Source

[0123456]

If so then they are likely in non complience with the licenses involved.

I am shocked that the Chinese government would not comply with software licenses.

My Linux is better than you Linux

[Tough+Love]

The debate is no longer about whether Linux should rule the world, but which flavor should.

Re:on the other side of the world

But, they DO affect you. People wonder why the economy gets into crunches, jobs go away, and if there are jobs, it is barista level or minimum wage. So, that country on the other side of the world you rather have spy on you has its citizens working, getting free college, while you and your friends are trying to compete for minimum wage scraps.

Look at the US solar industry. China came in, slurped critical manufacturing plans, ran out... six months later, panels were coming onto US shores for cheaper than the rare earth cost. Congress did nothing (although when Harley was in trouble, they made sure that anything anywhere near an imported bike was extremely taxed as punishment. Maybe Harley is far more critical to US national security than energy independence, but what do I know.)

So, go and laugh, cheer on people who make China and Russia stronger, and US/European interests weaker. It is only your job, your future, and your kids' hope of a future that you will lose. If you want your daughters and sons to be treated like Roma when they have to emigrate to another country to survive, then be my guest. I prefer to have the country I live in retain a sustainable economy, so my kids don't have to emigrate as refugees like my ancestors did from Germany.

Re:Linux?

[amicusNYCL]

An entire nation of a billion people that actually manufacture essentially all electronics where this might conceivably be used, and they use Linux? The government of China can't come up with something of their own?

I'm pretty sure that one of the reasons that Linux exists is so that everyone who wants to develop an operating system doesn't need to start from scratch. Whether the government of China is going to contribute anything back to Linux is another question. Even so, Linux does not belong to any government or nation. It was started by a Finnish guy who now lives in America and has contributors all over the world. If there's ever been a single piece of software that more or less belongs to everyone, it's Linux.

Red Flag Linux

[unixisc]

And they have their own - Red Flag Linux. Just stage it on top of whatever they run, and they're off to the races

Both for firewalls too?

[ron_ivi]

And wonder if it makes sense to use as a firewall in front of a US-friendly one.

Seems a pair of firewalls ought to be configurable so unless *both* have a back door you're safe.

choices for when buying connected gear

[TheGratefulNet]

lets ask ourselves: who is going to spy on us with this gear?

if in the US and its the US spying, that's bad. they can do damage to you.

if in the US and its china spying, do I really care all that much? I would avoid using any payment methods but as for worrying about what I would say online, I'd think that the foreign governments would not really be able to do much to me no matter what I say.

your own local government has the ability to thoroughly ruin your life. to me, that makes them the stronger danger to my privacy and freedom.

pinkOS - "better RED than READ"

[TiggertheMad]

I was about to say, this would be a perfect OS for use in the USA, because the NSA will be completely locked out. Sure, the politburo would know all about your applesauce cupcakes recipe, but that's the price of freedom from domestic oppression, right?

But then I got to thinking, a few years back there was a NIX branch that the NSA created or approved that was hardened out of the box, presumably to be used internal to the NSA and other alphabet soup groups. One would think that they wouldn't be crazy enough to backdoor their own system, so this might be a wonderfully secure system to keep the NSA fucks off your box...