Linux: unfit for national security?

Electronic Engineering Times ^ | 19 April 2004 | Charles J. Murray

[TheEngineer]

Open source is SAFER than closed source with regards to national security. For a very good reason ALL NEW CRYPTOSYSTEM ALGORITHMS

>>>> MUST <<<<

must be published and reviewed before they are accepted by the various standards committees.

Non issue. Closed source systems, such as Windows, use industry standard encryption methods whose algorithms are widely published. Disagree? Then point out a MS-only method of encryption. I'll wait.

[TheEngineer]

I'm surprised that Spafford doesn't consider the Immunix Cryptomark ( http://www.immunix.org/cryptomark.html ) a viable solution to his concerns.

Maybe it's because Immunix doesn't consider it a viable solution to his concerns...

Availability
Earlier versions of CryptoMark suffered significant speed penalties due to two poor design choices. A new version is under development; more details will be posted here when development nears completion.

[TheEngineer]

No one in the defense community is going to say, "Yeah, let's try Red Hat for the flight control systems on the F-22." That is ludicrous. Off-the-shelf linux is not even a real-time OS; it's a multiprocessing system, which is a different thing entirely. Security aside, you don't put a time-sharing system where you need guaranteed response time to interrupts.

Red Hat isn't the only linux around, Nick. There are plenty of realtime flavors of linux. Ask some of the OSS cult members to broaden your horizons.

[Knitebane]

Oh, for crying out loud - so basically, your complaint is that he's not enough of a one-stop-shopping security outlet?

No, my complaint is that he has shown a remarkable tendancy to single out one particular OS for his negative attention, even though it doesn't have the worst security record.

It's like Consumer Reports screaming that Goodyear's tires have a tendency to have their tread wear off after 100,000 miles or so.

Yeah, it's literally true, but it's a ton better than a couple of decades ago when one was lucky to get 50,000 miles out of a set of tires, and by the way, why are you singling out Goodyear?

Oh, you own a lot of stock in Firestone? Hmmmmm.

[KillTime]

NSA Selinux

[TechJunkYard]

How much of Windows development is outsourced? How many H1Bs are working on it in-house? It certainly can be subverted; you can't trust code unless you write it yourself and compile it on a compiler that you wrote yourself.

The point is moot anyway. Nobody is going to trust Windows in these kinds of jobs.

[general_re]

Here, let me help you with that...

[Knitebane]

Not applicable.

I made a statement and then emphasised it with an analogy. This is a perfectly acceptable tenet of debate.

[Dimensio]

If it's a fact, that means it's been proven.

Ah, but note the careful wording of his statement. Governments can add code for subversive purposes. The open-source nature of Linux means that this is possible. Now, whether or not this has actually happened remains undemonstrated.

[TechJunkYard]

.. old-school bearded roadapples that yearn for the glory days of proprietary Unix.

Ken Thompson, one of the original Unix developers, put a back-door into the compiler. It stayed hidden for years, until Thompson revealed it himself.

Someone tried to back-door the Linux kernel last November. It was caught.

That said, I wouldn't trust my life to a stock Linux kernel.

[chilepepper]

Oh my! This is SOOO difficult, how will I ever find an example?

Well, how about LAN Manager's passwords? or NTLMv1 ? Or how about PPTPv1 ? Remeber those ? Or how about Windows Printer and File sharing passwords? Or how about Microsoft's special proprietary version of the OPEN SOURCE Kerberos for Active Domains???

Microsoft loves proprietary stuff. The problem is that they will frequently use a good, proven openly known system in a STUPID WAY, for example the idea of breaking up a 14 character password into TWO SEPARATE 7 character DES passwords, as they did in Windows 2000 and Windows NT, naturally without telling anyone about it until it became really easy to crack NT passwords and the extent of their stupid system was pointed out by others

programmers just do things differently when they know the entire world may look at what they are doing...and make a laughing stock of their stupidity if they really F***U*

[Knitebane]

Now, whether or not this has actually happened remains undemonstrated.

And can never be demonstrated with closed source.

[TechJunkYard]

Or how about Windows Printer and File sharing passwords?

Ha! Before W95-OSR2, these passwords weren't even encrypted before being sent out over a network.

[Quick1]

Security through obscurity is no security at all.

[Knitebane]

Ken Thompson, one of the original Unix developers, put a back-door into the compiler. It stayed hidden for years, until Thompson revealed it himself.

You are, of course, referring to KT's legendary presentation to the Association of Computing Machinery.

Thompson stated that while he did develop a compiler that did what he had stated could be done, it was never distributed beyond his group's test machine.

Someone tried to back-door the Linux kernel last November. It was caught.

Thus demonstrating that the "many eyes" concept has been proven to work.

That said, I wouldn't trust my life to a stock Linux kernel.

Nor would I. Nor would I trust my life to a stock Windows kernel, Solaris kernel, HPUX kernel, VMS kernel or BSD kernel.

A properly modified, QA'd and tested Linux kernel, on the other hand, could certainly be stable enough for a life-critical job.

That's not to say that what is being done out there has been done with sufficient safeguards to be considered for life-critical operations, but it certainly could be.

[general_re]

Riiiight. "Oh, you own a lot of stock in Firestone? Hmmmmm."

Sure. Whatever.

[TheEngineer]

Well, how about LAN Manager's passwords? or NTLMv1 ? Or how about PPTPv1 ? Remeber those ? Or how about Windows Printer and File sharing passwords? Or how about Microsoft's special proprietary version of the OPEN SOURCE Kerberos for Active Domains???

Irrelevant. None of the above are encryption algorithms, which I specifically mentioned.

The problem is that they [Microsoft] will frequently use a good, proven openly known system in a STUPID WAY...

In the past, Microsoft has made some major security blunders. No one disputes that. But keep in mind what Spafford is saying...

Linux, Windows and Solaris operating systems should not be used in such applications, Spafford said... Although Spafford said that virtually no developers would attempt to use Windows in such high-security applications, many are already employing Linux, believing it is sufficiently secure.

You can try to turn this into a "Microsoft is worse than Linux" thread, but that doesn't change the fact that the article isn't about that.

[Knitebane]

Here, let me help you with that...

[GOP_1900AD]

I can state with assurance that active GRU, ErBu and ISI are writing code for Microsoft (or are directing false flag recruits who are writing it). How can I be so sure? Quite simply, I personally hired a PRC national on an H1B a couple of years ago. I did not have to conduct the sort of investigation which would have revealed any active duty status in armed forces or intel of the PRC, CIS or Pakistan. Given that, said forces have no doubt placed assets in our high tech companies. It is simply not a requirement to look for such assets as part of hiring and screening processes. Also of note - Sun, HP, and IBM are no better, and their own OSs are likely similarly compromised.

[general_re]

You should read that some time - it's not an analogy when you imply that critics have something to gain by criticism, it's classic ad hominem.