Slashdot Mirror
Pentagon Creates 'Do Not Buy' List of Russian, Chinese Software (defenseone.com)
An anonymous reader quotes a report from Defense One: The Pentagon is warning the military and its contractors not to use software it deems to have Russian and Chinese connections, according to the U.S. Defense Department's acquisition chief. Officials have begun circulating a "Do Not Buy" list of software that does not meet "national security standards," Ellen Lord, defense undersecretary for acquisition and sustainment, said Friday. The Pentagon started compiling the list about six months ago. Suspicious companies are put on a list that is circulated to the military's software buyers. Now the Pentagon is working with the three major defense industry trade associations -- the Aerospace industries Association, National Defense Industrial Association and Professional Services Council -- to alert contractors small and large. Lord said defense officials have also been working with the intelligence community to identify "certain companies that do not operate in a way consistent with what we have for defense standard." Asked if programs and weapons were compromised by foreign software, Lord said, "These are more widespread issues. I don't think we're focused on one particular system."
What walls can we build next? Oh, right: 200-foot walls along all our borders to keep the monsters and zombies at bay....
Hey, Russia - if you're listening - put all Microsoft products on that list.
Great to know, a list of software that doesn't contain US government sanctioned backdoors. If the Pentagon doesn't like it, then you can be 99% sure it values your privacy and doesn't harvest your private data.
The irony, is that i might sound like a troll, but this is the truth.
Will get you off the list.
they are doing this?? Buncha Rip Van Winkies...
All that telemetry spying on your military.
A perfectly reasonable idea that will be used for all the wrong reasons. So, standard operating procedure, I guess
My do not use software list is... MS, Apple.
Because the current behaviour of Russia and China isn't very friendly to say the least, it's very aggressive. And with such a whimp as a president who just needs to hear the magic words and he will give you the droll lock and roll over for Putin like a pet for his owner.
And please don't compare the behaviour of Russia or China to US-Israel-stuxnet. On the one side nobody in his right mind wants to have a nuclear armed Iran and on the other the action taken was precisely directed towards one goal, uran enrichment and not against the goverment system of iran.
Just skimmed the article and pdf, don't see any specific software listed.
Debate with delusional people isn't possible, even without insult. But thanks so much for making it about politics and YOUR delusional ideology when it wasn't.
Wait, it is 2018 and this list didn't exist already???
Never debate with a moron.
US & Israel are good, always good, and will be good forever.
On the other hand, China & Russia are bad, always bad, and will be bad forever.
Stuxnet is good, but anything coming out of China / Russia is bad.
Is that what you are saying??
They will beat you with moron experience everytime
Man, way to bring me back to /.'s hayday. All we need now is for Netcraft to confirm it.
Yeah compile your list of software that runs on Chinese hardware, maybe its in the processor, or maybe the soundcard, perhaps the network card, or the router, or the switch or the USB controller, raid controller, flash memory, or the graphics card, who knows ?.
face it, you are fucked.
Facebook, Instagram, Twitter, Snapchat, Whatsapp, and other social media platforms that foreign countries contaminate with ad-buying.
It little behooves the best of us to comment on the rest of us.
... list?
It little behooves the best of us to comment on the rest of us.
When has a wall ever stood the face of time.
Our immgration policy will never be unrestricted. The days of 1600s, when ships full of British criminals will never happen. However, that was a pretty good criminal reform platform!
My friend you had the worst post of the week.
You can add the United States to that list of "Do Not Buy" software.
Proprietary software cannot be trusted. It must always be treated as potential spyware. Only free-as-in-freedom software can be allowed for critical tasks.
Circumcision is child abuse.
so it's a buy list?
Russia has engaged the US on the Syrian battlefield as an enemy multiple times this year, but China just wants to do business. Treating them the same way plays down the threat posed by Russia and inflates the one posed by China. It excuses Trump and vilifies Xi.
You know, that list is for government, not for "the little people", right?
Windows 98 sux. Run Red Hat 4.3 instead.
China has every intension of being the #1 power in the world. Plans to overcome everyone by all means, documented. They DO NOT *just want to do business.*
Show how not building a wall is the same as unrestricted free-for-all access to all and you are a genius ... but you can't, because you and your "arguments" are dog shit stupid.
Winning friends and influencing people, I see.
I'm looking forward to Russia and China releasing their own tit-for-tat list of consumer products that come with preinstalled NSA/CIA backdoors.
We have an illegal immigrant problem. There's your sign...to quote a redneck. Because that is all it takes to beat you, because you are dog shit stupid.
The military and its contractors gave away thousands of times more secrets than Snowden or Assange, but they still have their jobs, pay and security clearance.
Want to see the list! Where is it? Who is making it? NSA? FBI? CIA? What is the purpose of the list and how can we use it to make software safer? This is so cool! Need list!
We just got hacked by the Russians and now you whine like a bitch when the government actually does something about it?
Are you fucking stupid or a Russian bot?
Much of this, used in many telephone companies, is developed in Moscow.
-- I ignore anonymous replies to my comments and postings.
Citation needed on the "would help us economically". AFAIHR, it would basically be as effective as handing a few hundred billion dollars to a couple construction conglomerates - once the construction is done, how does the wall itself improve the economy? It produces no value - no products or services that are needed or desired. And if we're going to stimulate the economy by throwing money at projects, how about ones that actually provide value - overhaul the highways and bridges (lower transportation costs = lower economic friction), or build some protection against natural disasters (a penny of prevention is worth a dollar of repair).
I'm also calling false dilemma on your "either we get a wall or we get unrestricted immigration". Nobody is arguing in favor of unrestricted immigration, and the status quo is in fact heavily restricted immigration. The best argument against the wall is that it already exists in the places where the cost/benefit makes sense to have a wall. Our net immigration with Mexico itself is negative - more people now emigrate to Mexico than immigrate from. The total flux is only positive because of immigrants from central/south America via Mexico. If your sole concern is preventing illegal immigration to the US, the best place to build the wall would be on the borders between Mexico and Guatemala, and Mexico and Belize. ("Mexico is going to build a wall, and we're gonna pay for it!", as it were)
The general argument being made by "us liberals" is:
1) Building a wall is a fuckton of money and a not insubstantial amount of environmental damage for negligible impact on immigration
2) We should not violate our own laws regarding due process, search and seizure in an attempt to enforce immigration laws
3) We really, really should not violate international humanitarian law while enforcing immigration (the "detention camps" are definitely breaking a few of these).
4) Illegal immigrants who have a valid claim for asylum should not be deported unless necessary - it is generally unethical to deport someone if it will result in their death at the hands of an angry dictator or warlord.
Additionally, I would present a further argument, which is not generally discussed among liberals so I'm not sure if it's popular or not:
5) Abuse of legal visas (H-1B etc.) causes economic problems on par with or greater than those caused by illegal entry, and a wall does jack shit to stop it.
There are longstanding US immigration laws and policies. The laws were in place way before Trump was ever elected. All he has done is push for existing laws to be enforced as written. And the way in which people have been detained and separated from their underage children is the direct result of enforcing laws already on the books. Laws and policies that were put into place by the Legislative branch not the Executive branch. Those eager to dump the consequences of those laws are now basically arguing anyone is welcome. Bringing a child along now guarantees entry into the US with no danger of being detained until your individual case is adjudicated. And making an asylum request due to hardships in their home country is just icing on the cake.
And it is not the President who is responsible for the DACA program status. He turned DACA over to Congress so they could create legislation to continue the program. DACA was first implemented as a Executive Order. The constitutionality of that order has been on question since it was first issued. Turning the DACA program over to Congress was the proper thing to do.
Why don't those traveling from Central America to escape their hardships make their final destination Mexico? Surely they would be safe from whatever they were running from in their home country. Why does Mexico allow people across their southern border as long as their final destination is the US? There is a lot of money being made off the people traveling to the US. The human traffickers bribe the Mexican political and law enforcement officials to look the other way.
Of course the real solution is preventing anyone who is not as US citizen, passport, and green card holder from taking one step across the border. There are US consulates in Mexico where you can make your application to enter the US. Those found wandering around in the southwestern deserts can be picked up and escorted back over the border. And if the US is suppose to allow anyone in why can't the US just go into the countries people are running away from, kill all the trouble makers, and claim the country as a US protectorate? Then no one would need to immigrate to the US?
Recall, from another Defense One article, the Russians are using every trick possible to gain ground in cyber warfare. One of their biggest fronts is finding and not disclosing software vulnerabilities. This means that you don't even have to actively install Russian software for them to potentially be able to get into your computer.
I am a security analyst and recently took a trip to Russia. There are a lot of jobs out there. And they pay well. The Russians are looking for every way to "hook" into American systems through social engineering. And they pay REALLY well once you have been working for them for a few years, you gain their trust, and they put you on "assignments" frequently involving US government contracts. I had a few offers when I was in Vladivostok. They knew who I was and still tried even though they knew I wouldn't budge.
Hear hear! Damn well said!
America was built on unrestricted immigration. The huge waves of immigration was essential in invading the existing countries of North America and exterminating their citizens. Also the Apollo program, the Manhattan project, and the space shuttle were designed by immigrants.
And Albert whatsisname was an immigrant, and he turned out to be a pretty good physicist.
"When the going gets weird, the weird turn pro" -- HST
You sure are stuck on penis. So why should I listen to your inflammatory, faggot ass?
Your only argument against Trump is people fellate him? Yeah, jealous much?
"When you think government spyware, Buy American!"
This space for rent
Since when does slashdot link to stories with tracking on them - ?oref=d-topstory - ? I thought that was against the slashdot code.
Best case scenario Beau just copied the link from somewhere else with the tracking already on there.
First they built a wall for the Mexicans, and I did not speak outâ"
Because I was not Mexican.
Then they limited entry to Arabs, and I did not speak outâ"
Because I was not an Arab.
Then they revoked fundamental and absolute constitutional limitations on the government ability to infringe upon specific rights at the borders, and I did not speak outâ"
Because I was not near the border.
Then they came for meâ"and there was no one left to speak for me.
*rattling cell bars*
A wall that opposes entry for those outside may also oppose escape for those inside.
A bar code on every scalp ... no, well ... I guess that's a bit unrealistic. It would take forever to tattoo the whole population. A tracking chip in every scalp ... I suppose the same problem applies here.
A ha! A tracking chip near every scalp! That's the solution! I mean we can train people to volunteer to carry these things next to their heads and eventually mandate they be provided as mandatory identification. Papers? Computer technology made most papers obsolete decades ago!
How long has this been going on?
They forgot to put Cisco on that list of backdoor-ed software
No you said it yourself. "Invading" but then you conflated invasion with immigration. That is stupid. Those are different things. Your argument is invalid.
Page 11 reads like a recommendation what to invest in ^_^
So far the only arguments against the wall have been a constant stream of infantile, verbal filth and absolutely zero reasoning or fact.
Does a pretty good job solidifying Okian's stance.
Okian is a Russian plant.
What about Tibet? True, Tibet was conquered by the "Chinese" empire when China itself was under Mongol rule. So in that sense, it was the Mongols that conquered Tibet. Tibet, having regained independence after the Chinese overthrew the Mongols, was actually an independent state before the Red (Mainland) Chinese under chairman decided to "liberate" it from its Buddhist religious overlords.
Actually the irony is that you can not be sure of that at all precisely for the same reason we can not trust so much of the software on and off this Pentagon list. Your post is currently moderated as "Interesting" but would be better moderated as "Funny" because it might be a joke, but it certainly isn't true.
The way we come to trust a program is by examining its source code, then modifying that program to suit our needs, running the version of the program we trust, and we can help our community by distributing a copy of the program and its source code under a free software license. These are the four freedoms of free software—software users are free to run, inspect, modify, and share for any reason even commercially. Therefore free software is worth trusting; when those who are skilled and motivated to do the vetting do that work, they can come to trust that software. Those who trust their efforts can get copies of programs from them.
Nonfree software (proprietary, user-subjugating software) is frequently malware and is untrustworthy by default. We don't know what's in it and we're unable to inspect its source code. This means we can't "be 99% sure it values your privacy and doesn't harvest your private data". Perhaps it does that but is part of a malware scheme separate from the US Government and American corporate malware schemes we've come to learn about. We also don't know if they have "US government sanctioned backdoors" but direct the spied-upon data somewhere else. If we find out a proprietary program is malware we can't do anything to fix that program (modification is not legally allowed), and even if we modify a copy of the binary we can't legally distribute a copy of that fixed binary to others to help our community.
Therefore this list doesn't help us evaluate trustworthiness at all. At best it uses a proxy for trustworthiness—nationality (if that even means anything, considering software development firms hire worldwide): the nationality of people or an organization that had something to do with writing the code. But that's not terribly helpful. If the NSA hired a contractor to write a program, then released that program as free software, we could vet that program's source code and that code might be useful to us in the free world despite that the code came from the NSA (which is justifiably widely untrusted in so many of their other activities). In another example we're told that Apple's iTunes contained a security flaw that went unpatched for years and "allowed intelligence agencies and police to hack into users' computers for more than three years". I'm guessing people working with both the NSA and Apple come from many countries.
Digital Citizen
Fixed fortifications are a monument to the stupidity of man -- General George S. Patton
The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
Immigrants actually add value to the American economy, so it's not clear what you're on about...
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
If you had a valid argument you'd make it instead of crying about how you're being treated. You know who has a valid reason to cry? Asylum-seekers fleeing political situations created in large part by American greed, especially when our government kidnaps their children and locks them in cages.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
DACA was initially rejected by POTUS as beyond his authority. But he saw the flagging numbers in the 2012 election and did it anyway, knowing that court challenges would be resolved after the election. There are already conditions for declaring asylum but hey, what are a few bribes to stand in the way of vote-seekers who try to ensure a permanent underclass?
This was all before the welfare state.
Citation needed. We have always had legal immigration. Please cite your sources for the undocumented immigrants that contributed to the Apollo and Manhattan projects.
Man, way to bring me back to /.'s hayday. All we need now is for Netcraft to confirm it.
... and a Beowolf cluster of Natalie Portman’s hot grits.
#DeleteChrome
Becuase the US is the one who put the troublemakers in place, for starters.
Ask Microsoft and Oracle for their best Malware today!
Maybe they had trouble finding it because systemd didn't mount the drive correctly?
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
good
Putin says it's safe so hey, what can we do?
I hate article like that one. I want to see the list!
What value? More profit for the CEO's because they keep the wages low?
Otherwise you print a "do not buy" list. America is the land of the free until they feel the competition.
"Why don't you adopt our wonderfulvalues?" they ask. Well, it's because you don't follow them.
Asked if the military's security expectations were arbitrary and unfair, Pentagon Spokesman Squamous Turdstocking III said, "It's not that we're catagorically against back doors in our software. We just want to make sure only Russia and our Commander In Chief have a set of keys.
I've calculated my velocity with such exquisite precision that I have no idea where I am.
It beggars belief that any "power" relies on the software built by other "powers". Even the software from your "friends" is likely to have hidden exploits, because they will want to know what your plans are.
What walls can we build next? Oh, right: 200-foot walls along all our borders to keep the monsters and zombies at bay....
Which was a campaign promise, which a lot of people want, which would help us economically, and which should be at the very least debated without rancor.
Show us how unrestricted immigration will benefit us and we'll listen.
Debate by insult is not debate.
Show how the wall will benefit, and also while you're at it show how every country without one (so basically every country) has unrestricted immigration. How is the wall coming though? Because you're right, it was a promise, is Mexico still paying?
Wanna buy a shirt?
https://www.redbubble.com/people/stealthfinger/shop?asc=u
It's sad that everything has become political and you cannot be sure that there are any security reasons for these listings.
Assorted stuff I do sometimes: Lemuria.org
When has a wall ever stood the face of time.
The Romans built a wall around my home town of Chester, large parts of it are still there... granted it has been repaired, and maintained, with parts rebuilt over the years.
The Chinese built long stretches of wall centuries ago that are still standing.
Walls can last a long time if properly built and maintained... the question is- is it smart to build the walls in the first place? In the 21st century a wall isn't very much of a barrier anymore.
"That's the way to do it" - Punch
I guess hacking from Zionist for the last 20 years doesn't matter. Or do they just bribe better.
"Hello, I'm 'Okian Warrior'. I'm a complete dumbass."
"I think that the only two options are a huge stupid fucking wall or 'unrestricted immigration'. The reason I think this is, I am a stupid cunt."
Project Paperclip?
https://en.wikipedia.org/wiki/Operation_Paperclip
Known war criminals avoided a court date.
Everyone in the defense industry should be required to buy American. It's fucking insane that we let Chinese and Russian technology into the industry at all.
Hiding behind the law doesn't make you any less of a racist piece of shit.
Slavery was once defended by rule of law. So was segregation.
One would ask why they were ever allowed to be on the list in the first place.
Don't buy any software that's for sale.
Seriously, there's a strong correlation between: lasting security, honesty, open source, and free (as in beer). Certainly, for anything where security is a concern (e.g. chat), start by eliminating everything but FOSS (which is usually free as in beer).
Wrong. USA has had highly restricted immigration from the 1920's on and from the 1880's for immigrants from China. The policy was loosened in the 60's. The Apollo program for example was helped by the USA spiriting Werner Von Braun out of Nazi Germany ... not that he immigrated... well maybe forcefully immigrated. Not the same.
Russian cyber security firm, Kaspersky Lab, is being investigated by the F.B.I. for possible links to Russian security services. Quote from NY Times 9/12/2017. US govt put out notice to remove this anti-virus from all government not only DOD computers within 90 days ordered by Elaine C. Duke, the acting secretary of Homeland Security. Boxes with embedded code, like routers, cable modems, computers desk & laotop, etc may be infected with backdoor or corrupted software put there in China's production factories by People's liberation army cyber experts. Unless we know the embedded code is pristine, we have given our country's cyber system access to America's enemies. Look at Stuxnet code launched against Iran's nuclear enrichment machines, Iran had no idea that they had been hacked but good. We need AI, machine learning or something to detect the malicious low level code that controls hardware and keep our systems from harm both foreign and domestic sources.