Is open source practical for military use?
Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: Is open source practical for military use?

  1. #1
    Senior Member
    Join Date
    Jan 2003
    Posts
    274

    Is open source practical for military use?

    This guy sure doesn't think so. Clicky.

    What do you think?

    As a former soldier I don't think I'd want to trust my life to something completely open source, however, I think if Uncle Sugar got away from using exchange servers in favor of something non-proprietary that would be a good thing.

    To me, this article smacks of a guy who makes a living selling MSFT products to the government expressing sour grapes, but I do think he brings up valid issues. I also, however, doubt that orderly room clerks would ever be downloading something from sourcefire that is going to change the dynamics of the battlefield.

    Talk amongst yourselves.

  2. #2
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    Well sir,

    My answer is "no"................I have mil and weapons of mass destruction experience, and we tend not to trust open source.

    Now, that is irrational, I know...............the enemy can buy and reverse engineer the closed sorce stuff?...........

    All I can say is which side of the court martial table would you prefer to be sitting?

    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #3
    Junior Member
    Join Date
    Mar 2003
    Posts
    11
    No I do not think the Military will ever trust open source.

    In the past year I have implemented several new systems to the Post I am on, all of them COTS and it almost takes an act of congress to get it approved for use on the Global Information Grid.

  4. #4
    Junior Member
    Join Date
    Jul 2004
    Posts
    12
    The militery is still running Windows 98 in some places. The technology may be state of the art in the militery but its still using Vietnam equipment. I am in a Signal Bn and we are using at least 30 year old stuff.

    The militery is already using Linux in alot of areas.

    http://slashdot.org/articles/03/03/0...id=103&tid=163

    Not to mention that the NSA also put out its own form of Linux

    http://www.nsa.gov/selinux/index.cfm

  5. #5
    Member
    Join Date
    May 2002
    Posts
    93
    Another military guy weighing in.

    When you folks are talking about all this 'important' stuff, its on a total seperate network, one that is not connect to the www. So whether or not open or closed programs are used, Joe Q. Public cannot physically/logically access the classified networks anyway. So the point is moot.

    Just a side note, most of the important stuff is running off of some type of open source software/operating system. From database to perimeter security, open source is out there, at the very least as a backup/secondary measure.
    Tachyon

    |-----|Alcohol is my anti-drug |-----|

  6. #6
    Member
    Join Date
    May 2002
    Posts
    93
    In addition:

    The author of that rant is the CEO of Green Hills Software Inc. Check out their partner list: http://www.ghs.com/partners/index.html

    Now they have their hand in alot of pots. Since they program custom 'embedded' software for everything from anti-lock brakes to satellites, who's to say that they couldn't embed something into their software, granting them a backdoor into almost anything? Even the CEO asks this question

    "Who would intentionally introduce malicious code into software that they knew was going to be used in military and critical infrastructure systems?"

    Is he saying we trust him just because he has a monetary interest in the product? Can't we say the same about all the problems with closed programs like Windows? Did Bill Gates leave in vulnerabilites just so he has the government and the DoD by the short hairs, doomed to upgrade and patch till the end of time? Sounds like a good business model to me.

    My point, if its open source, and anyone can 'introduce' malicious code, then its an atrocity. But when it code is purchased without source from a coporation, and its riddled with holes and vulenerabilities, then its a 'business model'

    I call bullshit.

    /rant
    Tachyon

    |-----|Alcohol is my anti-drug |-----|

  7. #7
    Banned
    Join Date
    Nov 2003
    Posts
    1,161
    Why is air traffic control software not open source? Why is subway transit system software not open source? Why is NORAD software not open source? Why is SMG or LOCK software not open source? ect....

    Do you even know what the CMM is?

    http://www.sei.cmu.edu/cmm/

    Open source is level 1.

    *echo*

  8. #8
    Senior Member
    Join Date
    Jan 2004
    Location
    Hawaii
    Posts
    351
    Open-source would be devastating to the military...www access or not...There is always a way. Linux has just as many holes as Windows does, but you don't hear about them..because as far as 90% of the world is concerned, Windows is the only OS. Many people I speak to know of two things: Windows, and Mac...and no one knows a damn thing about Macs. Windows is the most widely used OS in the world, therefore more vulnerabilities are found and exploited, as well as more viruses being written for it. Besides, I don't think the military would completely abide by the GNU-GPL, eventually turning Linux, and the open-source community's hard work, into a military-run project.

    My $.07

    A_T
    Geek isn't just a four-letter word; it's a six-figure income.

  9. #9
    Senior Member
    Join Date
    Oct 2001
    Posts
    786
    The military wouldn't develop OpenSource Software, the example being for things like missile guidance systems. Why would you build something and let the enemy have the same thing?

    The government has interests in computer technology. Ever heard of the NSA key built into Windows? I know someone here on AO mentioned finding references to it. Heard about those laptops in Afghanistan with encrypted information on their HDDs? You can probably (safely) assume that the government had a very easy time recovering the information.


    Personally, I'd like to see things like the expensive annual licensing for exchange (e-mail) servers change to an opensoruce alternative. That is a lot of money. But it won't happen anytime soon, because there is a lot of stuff tied into using Microsoft products that is ages old.

    I was at a (military) school in Japan, and they are primarly Windows. For a while I was working with the techs to setup an Apache server to be used inplace of an IIS one to face out to the world, but after hearing that it had to support AD and other MS features built into IIS, it was abandoned. Also because the techs would have to maintain the server and be responsible if it wasn't IIS. It is sad to think of how closely tied that computer is to the military networking infrastructure over there, and how it is just a huge gaping hole out there on the Internet, simply to maintain compatibility. May they be lucky and avoid Internet problems...

    On a brighter note, that computer gets Internet access via one of the biggest military networking hubs/backbones in the area, where there are several people watching network traffic, etc., and actively working on...um...exploring...the Internet. So anyone who decides to ***** with it will have their packets traced back to them.

  10. #10
    I say they should and could, but with a catch. By choosing OSS they would have free access to the source code of their choice (UNIX, BSD, Linux) and could alter it to their exact needs. However, make it closed source. For example, the NSA released it's SELinux patch for Linux based kernels to add extra layers of security to the kernel and processing stacks. Who knows what else they could have working behind their walls on open source?

    See my point?

    Work with the base OSS and then fork it to the government/military's specific needs. Then, close source that fork and lock it up. This way the source code isn't in the hands of civilians(linux) or in a buisness's grasp (Microsoft), but is fully underwatch, management, and kept secured by the military itself (those who would manage the project specifically).

    I see tons of opprotunity if they follow that model, and I wouldn't doubt that NSA, CIA, and other similar high-technology groups have already done so.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides