Posted on 08/18/2003 2:08:13 PM PDT by Feldkurat_Katz
A new policy by China's governing body the State Council will rule that all ministries have to buy only locally-produced software at the next upgrade cycle.
The move, aimed at breaking the dominance of U.S.-based Microsoft on desktop computers, will eliminate Microsoft's Windows operating system and Office productivity suite from hundreds of thousands of Chinese government computers in a few years' time.
Gao Zhigang, an official with the Procurement Center of the State Council, told reporters that the new policy will be in place by year-end.
At a special congress held to encourage ministries to upgrade to WPS Office 2003, a China-made office productivity suite, Gao said that only hardware pre-installed with domestic operating systems and application software will be purchased by government. Those seeking exceptions will need to submit a special request.
The new policy is expected to increase the number of government officials using domestic-made office software from a third to 100 percent eventually. Gao said that the new policy is meant to support the local software industry and protect state information security.
The new policy will continue till at least until 2010. These protections are standard and are not meant to discriminate against other countries, said the Council. China is a member of the World Trade Organization and it is unclear if the new bans contravene the body's charters.
"The domestic software industry is very insulated. There is poor interaction and partnership with user companies. The increased use of domestic software will make the China software industry more open," said Fei Lin, an official with the State Assets Supervision and Administration Commission.
The ban comes as part of China's efforts to challenge Western technology. Chinese software company Kingsoft used to take 90 percent of the market with its Chinese word processing tool, but lost nearly all market share to Microsoft Word when the product entered in the early 90s.
Experts say that the WPS system is the only product that will challenge Microsoft Office's dominance of the Chinese market.
In addition to commercial reasons for protecting local software, there are security concerns. China is placing official support behind the Red Flag Linux operating system, which they trust because the open-source code allows officials to see that there are no data spyholes installed by foreign powers. In response, Microsoft has been on a charm offensive, including granting the government inspection rights over Windows source code and creating a new CEO position for Greater China.
Recently, China rejected globally-dominant MPEG for its own audio-video compression standard, known as AVS. China is keen to move its IT infrastructure away from the dominance of Western companies and the fees levied by such firms.
ZDNet China's Zhang Xiaonan contributed to this report.
Unfortunatley, we're probably not going to agree on much then, if you care less about the destruction of America's most profitable company (yes, double the profits of IBM this last quarter), and instead wish that success to "a loosely-knit group of hackers from accross the net" (kernel.org). Sorry, but some of us are trying to protect America, not tear her apart and give her riches away to the rest of the world.
Don't forget you won't be able to sell that to China anymore, since Linux has officially taken over there (which is the basis of this very thread).
I'm afraid you have no idea what you're talking about. OSX is hardly a commodity when it requiures Apple hardware to run (or at least to be legal). Red Flag Linux? Boast of it if you wish.
I have told you number of times that Linux is a Western World creation. Linux was written by Europeans and Americans, not the Chinese, not the Soviets, not the Cubans. Sheesh! The things some people will say out of fear and hatred.
Not an endorsement of Linux? Shirley, you jest. :)
From the Security Enhanced Linux page from the National Security Agency:
As part of its Information Assurance mission, the National Security Agency (NSA) has long been involved with the computer security research community in investigating a wide range of computer security topics including operating system security. Recognizing the critical role of operating system security mechanisms in supporting security at higher levels, researchers from the NSA's Information Assurance Research Group have been investigating an architecture that can provide the necessary security functionality in a manner that can meet the security needs of a wide range of computing environments.
End systems must be able to enforce the separation of information based on confidentiality and integrity requirements to provide system security. Operating system security mechanisms are the foundation for ensuring such separation. Unfortunately, existing mainstream operating systems lack the critical security feature required for enforcing separation: mandatory access control. As a consequence, application security mechanisms are vulnerable to tampering and bypass, and malicious or flawed applications can easily cause failures in system security.
The results of several previous research projects in this area have been incorporated in a security-enhanced Linux system. This version of Linux has a strong, flexible mandatory access control architecture incorporated into the major subsystems of the kernel. The system provides a mechanism to enforce the separation of information based on confidentiality and integrity requirements. This allows threats of tampering and bypassing of application security mechanisms to be addressed and enables the confinement of damage that can be caused by malicious or flawed applications.
Linux was chosen as the platform for this work because its growing success and open development environment provided an opportunity to demonstrate that this functionality can be successful in a mainstream operating system and, at the same time, contribute to the security of a widely used system. Additionally, the integration of these security research results into Linux may encourage additional operating system security research that may lead to additional improvement in system security.
This work is not intended as a complete security solution for Linux. Security-enhanced Linux is not an attempt to correct any flaws that may currently exist in Linux. Instead, it is simply an example of how mandatory access controls that can confine the actions of any process, including a superuser process, can be added into Linux. The focus of this work has not been on system assurance or other security features such as security auditing, although these elements are also important for a secure system.
The security mechanisms implemented in the system provide flexible support for a wide range of security policies. They make it possible to configure the system to meet a wide range of security requirements. The release includes a general-purpose security policy configuration designed to meet a number of security objectives as an example of how this may be done. The flexibility of the system allows the policy to be modified and extended to customize the security policy as required for any given installation.
There is still much work needed to develop a complete security solution. In addition, due to resource limitations, we have not yet been able to evaluate and optimize the performance of the security mechanisms. Currently, we can only support the x86 architecture and have only been able to test it on Red Hat distributions. Nonetheless, we feel we have presented a good starting point to bring valuable security features to Linux. We are looking forward to building upon this work with the Linux community.
Security-enhanced Linux is being released under the same terms and conditions as the original sources. The release includes documentation and source code for both the system and some system utilities that were modified to make use of the new features. Participation with comments, constructive criticism, and/or improvements is welcome.
Golden Eagle, I'm not trying to rub your nose in anything at all. I am just trying to demonstrate that you're dislike of Linux is evident in your post but it is unwarranted and unjustified. Linux is just a computer operating system. It is just a tool! Like any tool, it can be misused.
I posted this whole thing to avoid having it taken out of context. If you think Linux is such a security risk, you are welcome to contact the White House, the Department of Defense, and the National Security Agency to tell them they're in bed with the Communist Chinese! Do you think that Congress should step in, and outlaw the use of Linux? Would this be an appropriate response to the Chinese? While you're at it, cough up the dough to port FreeRepublic to ASP. :)
Absolutely agreed.
With all due respect I would say that:
Linux was chosen as the platform for the work because of its growing success and open development environment. Linux provides an excellent opportunity to demonstrate that this functionality can be successful in a mainstream operating system and, at the same time, contribute to the security of a widely used system. A Linux platform also offers an excellent opportunity for this work to receive the widest possible review and perhaps provide the foundation for additional security research by others.
...constitutes if not an endorsement, certian evidence of Linux's legitimacy and utility. No one says that Linux has no flaws or that ndows is the only operating system with flaws. They used Linux because it suited the needs of several of their research projects, was widely available, well know, and as such a good vehicle for distributing their security model -- a model I might add that in theory could be programmed into Windows.
Liberal Classic you are correct, and thank you for so respectfully pointing that out. My normal objection to the NSA Link being used is that the user typically is trying to claim that the NSA version of Linux is 'airtight' secure, which I would imagine you agree that is not the intent of their work.
I will however agree with your point that they have certainly invested into researching it, and are proclaiming that additional research is a positive endeavor, and that's it's nature as a 'souce open' product makes it ideal for classroom type experimentation.
However unfortunately, I am of the belief that publishing the government works publically of an organiztoin such as the NSA in a source open environment exposes much of our government reasearch and processes to potentially confrontational advesaries. They are not entitled to this data. This is actually a leftover of the same policies at the DOE from the Clinton administration, where all doors are flung open for anyone wanting to rob the IP bank.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.