Open Source Software In the Military 91
JohnMoD writes With the advent of forge.mil, etc. the military seems to be getting on board with free and open source software. A working group meeting is going to be held at Georgia Tech in Atlanta, August 12-13, 2009. There's a pretty good lineup of speakers including a Marine from the Iraq-Marine Expeditionary Forces, who was on the ground and saw the agility open source gave to him and his soldiers. A number of OSS projects are going to be meeting there: Delta 3D, OpenCPI, FalconView, OSSIM, Red Hat, etc. Looks like there will be some good discussions."
I'm in the Military, (Score:2, Interesting)
and do I honestly think I'll ever see any of this stuff?
Absolutely not. They have civilian contractors to do all the cool stuff. I'm a network administrator who is denied administrative rights. My MOS (job classification) is an E4 and out position. Basically I have no chance of attaining any leadership skills in my job. Big change from when I joined six years ago. I'm seriously considering leaving communications for something that I can actually advance in, even if I wouldn't be as happy in it, but I could be wrong about that.
This turned in to an off-topic rant. My bad.
Anyway, I'll be joining tomorrow when I can get access to a computer that I can use my ID card in. Until then, I'll just not be able to look around it and - most likely - correctly speculate what the program is like for a junior enlisted servicemember, even if they know Linux well.
NMCI (Score:3, Interesting)
I know that a number of Navy scientists have scratched their heads regarding why the NMCI [wikipedia.org] abomination [nmcistinks.com] used Windows rather than Linux on the desktop.
I wonder if they'll smarten up when they roll out NGEN, which will replace NMCI.
MS's "help" for the brass (Score:5, Interesting)
If anyone caught Gen. Patraeus's briefing last week, I forget where it was but it was a public briefing, he constantly referred to Microsoft. Usually, the phrasing went something like, "if Microsoft will allow this". I noted that several of his slides were a bit odd in that there were arrows that really pointed no where and had no information content that I could discern. In the Q&A afterward, he actually pointed out the MS person who helped him create the slides. That would explain the totally useless arrows. But I was struck that MS actually has a representative to help the brass do Powerpoint. Until that changes, DoD will always be enthralled by MS and their Powerpoint bulletpoints.
Just as a brief aside, there is a Stargate SG-1 episode where the General has been replaced by some other Air Force General and he calls O'Neill into his office to complain about the fonts and the fact that he'd prefer there be more bullet points in his report. The look on O'Neill's face was just too good.
Re:I'm in the Military, (Score:3, Interesting)
25B - Information Technology Specialist
SOP - Standard Operating Procedure
SIGO - Signal Officer (Guy in charge of communications in a line unit, aka combat unit)
CDR - Commander
PL - Platoon Leader
BN - Battalion
BDE - Brigade
PLT - Platoon
DOIM - Directorate of Information Management
ESB - Expeditionary Signal Battalion
COMSEC - Communications Security
SIPRNET - Secure (or Secret) Internet Protocol Router Network (As opposed to NIPRNET, or as they call it now LandWarNet, AKA the Internet)
JNN - Joint Network Node
WLC - Warrior Leader's Course
BNCOC - Basic Noncommissioned Officer Course (now called ALC, Advanced Leader's Course. Follow-up was ANCOC (Advanced) which is now called SLC, Senior Leader's Course)
MTOE - Modification Table of Organization and Equipment (Where people and things are within a unit)
MOS - Military Occupational Specialty (See 25B above)
CSM - Command Sergeant Major
JCU -Joint Communications Unit
And to answer the parent's questions, Yes, I am a 25B in a signal unit. I wrote an SOP for my previous unit, which was a line unit. I made the web page for that unit too. I have done training for the unit, and being in a signal unit, all I ever do is cross-train. I can't honestly remember the last time I did anything geeky in the sixteen months I've been on this post, except for the two weeks we were prepping for a deployment.
I'm still an E-4 after six years for a few reasons:
Yes, I'm maxed on school, both military and civilian. 5 classes from graduation actually, and am going while in the military.
Morale isn't very high with this poster, but that should be pretty apparent.
Resistance (Score:4, Interesting)
I've been working as a software developer in a military research lab for about 7 years. My primary area of work is development of middleware to allow interoperability between DoD systems that otherwise have no such capability. I'm a big proponent of using general open source solutions as well as the military having their own "open source" for situations that might not be appropriate for public distribution, but are very relevant across the entire DoD.
The resistance always comes in people guarding their products, ultimately to protect jobs and/or profit. The contracting companies have their stovepipe systems, and typically they want to be the sole source of development/maintenance. Even government entities keep things closed off from one another; I've had many instances where I've been told to either partially distribute or not distribute DoD-owned software (including source) when requested by another element of the DoD. Too many people are worried about their intellectual property, which makes it very difficult to tear down these political barriers. This ultimately results in the exact same functionality being developed many times over, which I've seen all too often. We're making some progress, but it's going to take significant buy-in from someone high up (read: with star(s) on their shoulder) to push the agenda. Otherwise, it continues to be a large amount of talk without much in the way of results.
Speaking of large amount of talk, I recently met with one of the key speakers at the aforementioned conference (Major James D. Neushul). This individual is a risk to adoption of open source principles...not because he opposes them, but because his mouth exceeds his knowledge. He speaks largely in buzzwords and jumps between concepts as soon as you corner him on the technical inaccuracies of his claims, but he does so with fervent insistence of his correctness. At one point in our discussion, he actually stated that the ideal solution right now is for every computer, down to the individual warfighter level, to be running an instance of a web server and use web applications. He also wrote the "specification" for an XML version of a widely-used bit-oriented messaging format (VMF), except he didn't write schemas, but rather a description of how one should make the schemas. It's a pretty scary stance to assume that a set of tag-naming rules is going to result in compatibility of all the independently developed schemas. It's unfortunate that this individual is probably going to alienate many skilled and otherwise open-supporting engineers....such as myself and my entire engineering team, all of whom are on-board with opening up DoD capabilities...yet none of us can tolerate his sloppy, bravado-laden approach.
Re:WOW (Score:3, Interesting)
"Security professionals" cannot necessarily spot a well engineered, well hidden backdoor in millions of lines of code, as there might be in the Linux kernel. Given the widespread use of Linux in banks and governments, it would not surprise me if different groups of people have been busy trying to hide some sort of vulnerability.
This is not to say that commercial software is not vulnerable. It is just as easy to bribe a programmer at some major proprietary software house to introduce code as it is to sneak code in through patches in an open source project. The real issue here is introducing third party code, that you have not overseen from its inception, into a high-security environment and trusting it. This is the reason why the NSA has never approved any computer system for handling all classification levels -- it is not economical to develop a custom system, but it is not secure to trust a third party system, so the compromise is keeping top secret data on a physically separate computer from unclassified data.
I am not trying to imply that some hacker is going to be able to take over the military's computer systems -- that only happens in Hollywood. More likely, if such a vulnerability were to be introduced, it would involve weakening a random number generator, or an encryption implementation, or perhaps even making it easier to create a covert channel without being caught. Even just slightly weakening the security could have far reaching consequences for an espionage campaign -- and slightly weakening the security would also make detection that much harder.