Forgot your password?
typodupeerror
Operating Systems Security Software The Military

Indian Military Organization To Develop Its Own OS 466

Posted by timothy
from the there-are-drawbacks-to-this dept.
An anonymous reader writes "Several newspapers have reported that DRDO (the defence R&D organization of the Indian military) is planning to create an OS. The need for this arose due to the cyber security concerns facing India and that all [conventional] operating systems are made outside India. About 50 professionals in Bangalore and New Delhi are expected to start work on this operating system." At least one of the linked articles says the new OS, though home-grown, would run Windows software.
This discussion has been archived. No new comments can be posted.

Indian Military Organization To Develop Its Own OS

Comments Filter:
  • I hope they name it CURRY
    • by jfengel (409917) on Sunday October 10, 2010 @10:52PM (#33856096) Homepage Journal

      Only if they write it in Haskell [wikipedia.org].

      • by syousef (465911)

        The same article links to an actual programming language called Curry based on Haskell.

        http://en.wikipedia.org/wiki/Curry_programming_language [wikipedia.org]

        • by jfengel (409917) on Sunday October 10, 2010 @11:20PM (#33856280) Homepage Journal

          Yep, but Haskell came first, and has broader name recognition (and so I thought it made the joke best). And Haskell apparently some real-world uses, which means it must have gotten a LOT better since I first beta-tested it, back when it was compiled into Common Lisp.

          Huge fan of it, actually. I don't get to work in it but my coding style was heavily influenced by the things I learned coding in Haskell. My main fondness: by the time you got the damn thing to compile, the program would generally work. Aggravating at the time, but it made me really respect how much work the compiler could do in spotting bugs if your language is REALLY bondage-and-discipline strong typing.

          The LP features of Curry won't endear it to anybody who didn't already grok Haskell, but they're certainly a neat addition, and a lot more than syntactic sugar.

          • It's called reactOS. It's basically windows (it's NT architecture based), but free. Quite frankly, I don't know why Linux has gotten so much attention in comparison to reactOS. The thing is, it's still a under-funded garage-project. If you could get 50 Indians and a good budget to help them out, I'm pretty sure that it would be better than starting from scratch.

            Here's the link if you're interested:

            http://www.reactos.org/en/index.html [reactos.org]

            • by erroneus (253617) on Monday October 11, 2010 @05:19AM (#33857496) Homepage

              The trouble with Windows [compatible] OSes is not that it should be capable of running software written for Windows. It is that Windows itself has design weaknesses for various reasons not the least of which are related to its DOS based origins and support for old, misbehaving "legacy" software. To write a Windows compatible OS, you would also have to mimic a wide range of idiosyncratic behaviors in order to support Windows applications.

              Now, if for some reason, all the bad-behaving software were cast aside and only good Windows software were used, the notion might stand a chance. I remain quite skeptical it, or any Windows-compatible OS, would become completely viable.

              Looking at it another way, the SaMBa project is constantly playing catch-up against the moving target that is Windows networking. And that is just one aspect of the Windows OS family. Imagine this on an entire OS? It would be hard pressed to actually work.

              They'd be better off making a BSD modified OS and pulling in WINE.

              • Re: (Score:3, Insightful)

                by hairyfeet (841228)

                Ooooookay, explain this one to me. How exactly is a Linux based OS with built in support for Windows drivers and software using "shims" ALA Wine going to Bring in "bad behaviors"? and DOS? Hello? It is 2010 and DOS has been dead for over a decade now. it is all WinNT based okay? I haven't actually seen a DOS program in the wild in damned near 8 years, and I deal with some old shit in SMBs. The last DOS program I saw was a DOS 3 based controller for a custom lathe.

                So let us please keep the FUD to a minimum.

                • Re: (Score:3, Insightful)

                  by BasilBrush (643681)

                  I can tell you a good 90%+ of infections are directly caused by the users installing random shit from the web without a second thought.

                  So, the new Indian OS can make itself 10 times more secure than Windows with the simple expedient of not allowing users to install random shit off the internet.

                  Your post actually demonstrates that there IS something fundamentally wrong with Windows.

                  Sadly there is no "keep user from doing dumb shit" button in ANY OS, and if you come up with one could buy MSFT and make Ballmer

                • Re: (Score:3, Insightful)

                  by jedidiah (1196)

                  A Unix based OS with the facilities in place to assimilate Microsoft's shoddy product isn't safe. That's rather the whole point. Microsoft didn't leave their poor design and engineering choices behind with DOS. The legacy of DOS is laziness and incompetence. The fact that it is not quite as obvious any more doesn't mean that Microsoft still isn't doing incredibly stupid things and doing them haphazardly.

                  Blaming the user simply doesn't cut it. Microsoft makes crap that's inherently dangerous to operate due t

                • Re: (Score:3, Insightful)

                  by kikito (971480)

                  Linux has a "keep user from doing dumb shit" button. It's called non-root access. And it works.

                  It's not security by obscurity, it is real security.

                • Re: (Score:3, Informative)

                  by GooberToo (74388)

                  ReactOS does pull in wine - last I read. But as the wine developers will tell you, Windows basically sucks. There are so many hacks and kludges which have been developed in Windows over the years, the wine guys are forced to constantly re-implement them. Far too many applications actually demand improper behavior from the OS APIs to function properly. Even worse, this behavior can depend on which MS OS variant its running under.

            • by BasilBrush (643681) on Monday October 11, 2010 @06:41AM (#33857750)

              They don't want open source, they want their own proprietary OS. Code that they control, and isn't available for scrutiny by those that would attack them.

              And I expect the comment about running Windows software in one of the articles was a mistake on the part of the journalist or the politician. Possibly a language based misunderstanding. I expect they mean windowing software. A desktop gui rather than a cli.

              It just doesn't make sense to make it Windows compatible. It's a monumentally hard thing to do, as demonstrated by the timescales of WINE. And the result would be a system with many of the same vulnerabilities as Windows, and thus it would break the primary objective.

              • Re: (Score:3, Informative)

                by digitalunity (19107)

                They can have it. They could use BSD as a base.

                Or they could just start with Linux and the GNU tools and make their own variant. The code is all theirs. The GPL only requires source code be provided when the software is transferred. Merely providing the software for use doesn't entitle each person sitting behind the keyboard to a copy of the source. If it's all under control of the DRDO at all times, they are not required to provide the source code to anyone.

                Also, the GPL is only effective due to strong cop

            • by v1 (525388) on Monday October 11, 2010 @08:24AM (#33858144) Homepage Journal

              At least one of the linked articles says the new OS, though home-grown, would run Windows software.

              Brilliant. If you're into security, there's one rule of thumb you can always count on. Don't develop your own. Invariably you'll overlook something obscure and subtle and will create a weakness big enough to fly a 747 through. Stick with time-proven methods that have been under the microscope for years and have withstood the test of time and had all the bugs, shortfalls, and subtle problems worked out of them. Basically, you're not smarter than all the people that have contributed to making the currently available selections as secure as they presently are.

              If they're going to create an entirely new os themselves, in-house, for the sake of security, they're about to re-learn the above lesson.

              And sorry, but runs Windows? The whole security problem there to begin with is its never-ending craving to run old software that just wasn't bothered to be written securely. Look at the giant headache that was the breaking of windows software when XP came out. Then when Vista came out. Then when 7 came out. This is going to be a whole new level worse. They may say it can run Windows software, but either it won't run MOST of it, or they're just going to be defeating one of the primary purposes of writing their own secure OS to jimmy it to run any sizeable portion. If they're insisting on making their own OS, they may as well expect to have to write their own software too. In for a penny, in for a pound.

    • Would that mean they'd need to call for 'take out' instead of 'tech support'?
  • Oh for Chrissakes, another nation rebranding an existing OS and calling it their own. It's fucking pathetic. What do they think, that the hackers will be fooled and won't think it's just Windows?

    • I wonder why they don't just make a fork of OpenBSD?

      • Mod parent up. (Score:3, Interesting)

        by khasim (1285)

        Seriously, if you think your people are good enough to write a SECURE operating system from the ground up, then shouldn't they be good enough to take existing code and determine whether that is secure enough for them?

        Even Linux for that matter. The NSA has already done some of the work with SE Linux.

        • Re: (Score:3, Insightful)

          by slashqwerty (1099091)

          Seriously, if you think your people are good enough to write a SECURE operating system from the ground up, then shouldn't they be good enough to take existing code and determine whether that is secure enough for them?

          Security needs to be designed in from the ground up. Take a look at Windows, Linux, and MacOS. New exploits are constantly being discovered in those systems because security was not a key part of the development process when they were written.

          Windows, Linux, and MacOS were all written in

          • Re:Mod parent up. (Score:4, Informative)

            by Chrisq (894406) on Monday October 11, 2010 @04:10AM (#33857320)

            Security needs to be designed in from the ground up.

            Well OpenBSD it practically is. Some articles claim it is written ground up for security, but in reality they audited the entire BSD codebase many years ago, rewriting large parts [openbsd.org] and all new code is ground-up secure. In practice it is extremely secure, many of the bugs that occur in other BSDs or linux turn out to have been fixed months or years before in openBSD

          • Re: (Score:3, Insightful)

            by TheRaven64 (641858)

            If you want a secure system you make sure every action and every module of code is authenticated before it runs

            Absolutely not. In a secure system, none of the modules trusts that the others are bug free.

        • Re:Mod parent up. (Score:5, Insightful)

          by Tim99 (984437) on Sunday October 10, 2010 @11:57PM (#33856436)
          Back in the day, the informal metric that we used was: "It is twice as hard to work out someone else's code, than to rewrite it yourself."

          If you take out all of the stuff that you really don't need for your own internal secure system, and limit the approved hardware, a focussed team might be able to produce something in a couple of years.
          On the other hand, a well developed bureaucracy can spin the time-frame out to decades.
      • Re: (Score:3, Informative)

        by MBGMorden (803437)

        If their intention is to "run Windows software", as the summary states, then I think they'd get farther along by forking ReactOS.

        Sure, its basis isn't "written at home", but unless it's merely a matter of national pride, you still have essentially the same advantage with OSS. Namely, that you can look at everything and verify what it does before using it in a security-critical environment.

    • Re: (Score:3, Insightful)

      by nashv (1479253)
      I find it amusing that some people think that a nation's defense research organisation, which helps build ICBMs, supersonic aircraft, tactical software and so on, needs advice from someone who reading slashdot on how to write an operating system.
      • Re:Oh For Chrissakes (Score:5, Interesting)

        by Daniel Dvorkin (106857) * on Sunday October 10, 2010 @11:19PM (#33856268) Homepage Journal

        I find it amusing that some people think that a nation's defense research organisation, which helps build ICBMs, supersonic aircraft, tactical software and so on, needs advice from someone who reading slashdot on how to write an operating system.

        Well, in the US -- I don't know about the Indian military -- the same defense establishment that operates those ICBMs etc. also mostly runs Windows. Which is a pretty clear indication that they do need help, and the Slashdot crowd would probably be a good place to get it.

        This is at least partly personal experience talking. When I was a medic in the USAF, one of my secondary duties was "computer systems security NCO" for the ER where I worked. Which mainly meant light sysadmin duties, trying to keep machines patched and virus-free with absolutely zero support from the actual hospital IT staff, and debunking "I LOVE YOU virus" warnings and similar bouts of hysteria that Col. So-and-so forwarded to everyone's e-mail ("it must be true, the Colonel said it!") Actual security was a joke.

        • Re: (Score:3, Informative)

          by nashv (1479253)
          Granted, militaries are usually incompetent when it comes to IT. But this isn't the military, this is the DRDO, which typically includes people like this. [iitb.ac.in]
        • Re: (Score:2, Interesting)

          by Anonymous Coward
          HA! You were a medic? Being a medic in the Air Force is like being a Maytag repairman. Lotta good pussy, though.

          Joking aside, flyboy. 2Axxx scum here, and we ran console apps cobbled together over win2K and NT4 on our classified shit. Kinda scary, eh? At least we had the mighty STU-3. [wikipedia.org]

          signed, -- Terrudiger Abercrombie
  • Confusion (Score:5, Funny)

    by DoofusOfDeath (636671) on Sunday October 10, 2010 @10:26PM (#33855944)

    WINE doesn't stand for "Wine is not a complete, Windows-compatible operating system sans the security vulnerabilities".

    • Re:Confusion (Score:5, Insightful)

      by icebike (68054) on Sunday October 10, 2010 @10:35PM (#33855996)

      Mod parent insightful.

      If you are going to run windows software you can bet they will start with with a Virtual Machine approach or Wine, and neither one buys them much security without diligence.

      he idea that a government funded military lab would develop from the ground up and achieve something that would run windows but wasn't as vulnerable seems highly unlikely.

      Budgets lapse. People Come and Go. It would be a mess.

      • Most attacks can be avoided by having a secure firewall. The cyberattacks were all successful because the machines were connected to the internet "naked" - no firewall device.

    • by drolli (522659)

      Although....

      Wine with apparmor may be safer than Windows 2000....

    • Re: (Score:3, Funny)

      by interkin3tic (1469267)

      WINE doesn't stand for "Wine is not a complete, Windows-compatible operating system sans the security vulnerabilities".

      No, but WINACWCOSSTSV sure does.

  • Cost (Score:5, Funny)

    by DoofusOfDeath (636671) on Sunday October 10, 2010 @10:28PM (#33855958)

    I can't wait for the poor bastards to try outsourcing development to India.

  • by SplashMyBandit (1543257) on Sunday October 10, 2010 @10:29PM (#33855968)
    I hope the DRDO does better than their previous projects. For example, the Arjun tank has not been a good use of Indian taxpayer money, but internal politics seem to keep it and similar projects alive: http://en.wikipedia.org/wiki/Arjun_MBT [wikipedia.org]
    • by ZDRuX (1010435)
      Sounds exactly the same as their counterpart in the U.S.. Oh, and Canada too, wait.. make that most countries.
    • by iammani (1392285)

      Mmmm, I wouldnt call it internal politics. Its rather to encourage local development of military hardware. In this case, it was the first attempt at an indigenous (completely indian made) tank. Due to improper planning, the project was delayed by years and they even ended up purchasing some of the components from other countries (Israel mainly). Though not a success, I would consider it a good start, and would expect future indian made tanks to be build cheaper and better

      There are many other such DRDO proje

  • The Wheel (Score:5, Funny)

    by Voulnet (1630793) on Sunday October 10, 2010 @10:31PM (#33855974)
    The Wheel: It's tired of getting reinvented.
  • by Anonymous Coward on Sunday October 10, 2010 @10:32PM (#33855978)

    A buddy of mine just revealed some news to me. He's been reliable about this shit in the past and he's in a position to know, so I trust it but YMMV.

    Backstory: Microsoft eats their own cooking ("dogfood") except in cases of epic failure. Like Hotmail running on NT. Or Visual Safe Source for Windows's RCS. They use a heavily modified version of perforce and a hierarchy of repositories. Yeah, it's a mess and there are a number of technical as well as human/social problems.

    Well, multiple groups within Microsoft have had enough and switched to git for day-to-day work (using a gateway to push their changes to an upstream p4 repo). They're trying hard to drop 4 entirely and go with git. From what I know of their development practices, they really need something like git (Linus, himself, agrees). But who's going to tell Balmer that they're switching to software written by arch-enemy Linus Torvaldes? You might think they'd prefer that (we're using your free software, faggots!), but chances are VSS 2011 will contain some sort of half-assed distributed RCS support.

    • by nschubach (922175)

      Well, multiple groups within Microsoft have had enough and switched to git for day-to-day work (using a gateway to push their changes to an upstream p4 repo).

      Are you trying to give the network auditors more work? ;)

    • by dwywit (1109409)
      Hell, Microsoft even used AS/400s for a long time: https://cs.senecac.on.ca/~tmckenna/offline/MS400.html [senecac.on.ca]
    • by man_of_mr_e (217855) on Sunday October 10, 2010 @11:47PM (#33856396)

      Hotmail does run on Windows. When it was purchased it did not, and it took them some time convert it. The "stories" about conversion failures were rediculous, the timelines did not give enough time for a real conversion of such systems, and people probably mistook various prototype testing as real attempts.

      Sourcesafe was also never meant for anything other than workgroup projects, not large scale. As such, nobody would be expected to run something the size of the windows code base on vss. Nowadays, Microsoft has an enterprise class version control in Team Foundation Server, but I imagine they have a lot of legacy to convert to move that to TFS any time soon.

      They also ran a large part of their internal processes for years on an AS/400, including accounting and other aspects. Microsoft didn't have applications to do what they needed on Windows, and didn't really want to invest in building them. However, now that they bought Great Plains.. that's a different story.

      Due to legacy concerns, they aren't likely to convert from p4 for a very long time, although the beauty of git is that in workgroups you can use git and push changes upstream. If anything, they're most likely to convert to TFS, for long term overall project.. Already most of the tools development, web development, etc.. is done on TFS.

    • Dunno about other areas, but the Codeplex division uses hg (which is no secret AFAIK)

    • Re: (Score:3, Interesting)

      by cronius (813431)

      From what I know of their development practices, they really need something like git (Linus, himself, agrees). But who's going to tell Balmer that they're switching to software written by arch-enemy Linus Torvaldes? You might think they'd prefer that (we're using your free software, faggots!), but chances are VSS 2011 will contain some sort of half-assed distributed RCS support.

      From http://lwn.net/Articles/403903/ [lwn.net] :

      Microsoft's CodePlex.com has announced the donation of $25,000 to support the development of the Mercurial source code management system.

      Looks like they've found what they're looking for.

  • by E-Sabbath (42104) on Sunday October 10, 2010 @10:34PM (#33855990)

    They already own DRDOS.

  • So many 'fun' comments... If there is one country that is good in software it's this country. Hell, even MS probably has coders working for them there. And if they really manage to make an os that can run windows binaries without all the overhead and presumed NSA-backdoors (not that they need one given the rate new remote exploits come out for every windows version) this is a very smart thing to do. Nothing to make fun about. I would have great interest in an OS that can run windows binaries without all the
  • by ad454 (325846) on Sunday October 10, 2010 @10:40PM (#33856016)
    I know this is obvious, but come on...

    Seriously, why not take a *BSD or Linux OS release and do a full source code review on it? It will take a lot less effort than creating anything from scratch, plus they can submit bug reports and code fixes back to the corresponding opensource projects. (Everybody wins!!!) Any mature OS would not be plagued by bugs that commonly occur in large new code bases. After reviewing and approving the OS, they can simply track changes of future releases in order to maintain trust.
    • by thoughtsatthemoment (1687848) on Sunday October 10, 2010 @10:48PM (#33856058) Journal
      Simple reason: "Everybody wins" is not an option in real wars.
      • by bsDaemon (87307)

        Exactly, and sharing vital technology with the enemy is mostly just a good way to ensure that everybody loses. Parity and equilibrium aren't good once the war starts getting hot, because then you end up with WWI.

      • The answer is to not have an unnecessary war. And besides, they could not contribute back if they really want to 'wage war,' although keeping up a fork would bear an added cost, but still probably be less than starting from scratch.
      • The idea that an OS is equivalent to a weapons system is absurd, and thinking of it that way (which means it should be kept secret from potential enemies) is pretty much a guarantee of failure. "Everybody wins" is very definitely an option in the network security realm.

      • by dachshund (300733) on Sunday October 10, 2010 @11:17PM (#33856250)

        Seems to me that plenty of countries (including the US) manufacture weapons for use and for distribution to other countries. Thing is, you're not at war most of the time, and you're almost never at war with everyone.

        • An OS is more like the blueprint for the weapons sold. Most countries sell weapons (often old versions) but most of time not the technology.
      • Re: (Score:3, Insightful)

        by Jeff DeMaagd (2015)

        With some 100% home grown OS, then we can be pretty sure that some large military contractor wins, at 250% of the quoted cost. Whether that results in something that's usable in war is an open question.

  • 6 months after the OS is declared done, all of the developers will have anchor babies in the US and their replacements will determine that the code base is a mass of unintelligible crap.

    LK

  • Didn't read TFA, but running windows apps in a reasonable time frame without windows pretty much entails a linux+wine stack or capitalizing on ReactOS. I'm leaning toward the latter in this case, I don't think the military needs something like directX, but a win2k substitute could do the trick if they have a massive windows based investment in terms of existing custom softwares.
    • Or maybe they had to promise "window" apps to their leaders and will deliver apps which do indeed have "windows", just not the microsoft kind. I doubt anybody will notice the difference.

  • Trusting Trust (Score:3, Insightful)

    by wcl3 (1308145) on Sunday October 10, 2010 @11:12PM (#33856234) Homepage
    They have a lot to do - they'll have to bootstrap this thing from the assembler on up if they are serious about security - http://cm.bell-labs.com/who/ken/trust.html [bell-labs.com]
  • Less Secure (Score:5, Insightful)

    by Doc Ruby (173196) on Sunday October 10, 2010 @11:37PM (#33856360) Homepage Journal

    It seems to me that an OS developed by an org that's never made an OS before, by 50 people, that isn't examined by many people around the world in many different contexts and from many different approaches, is going to be less tested and less secure than other OS'es. Not to mention the lack of applications, and the burden of creating all the applications from scratch, and a developer community for them, and again the smallness and isolation of that community and its apps leaving security to a very few very busy people.

    If I were responsible for protecting India's IT infrastructure, I might start an Indian state project to create an OS. But I'd just start with Android or Linux, and assign the people I have to investigating its open code for security holes and starting applications needed by essential Indian users. A lot less work, a lot more global partners to use (and many to omit from trust without losing everyone). Leveraging the English speaking skills of educated Indians to partner with people around the world to secure India.

    Reading the press, it seems they're really talking about a component in their new line of spy and military satellites. They mention they've got orders from other countries. So probably this venture is not at all calculated on security rissk, but rather on a perceived market opportunity. In which case it is even more likely to totally fail, but not after wasting a lot of time and money better spent on actual Indian security risks.

    Probably some general's nephew thinks he can sell some Linux clone to the government, and so the rest of the state and media apparatus starts talking it up.

  • gollygOS
  • by ka9dgx (72702) on Sunday October 10, 2010 @11:49PM (#33856402) Homepage Journal

    'Though it will be a real-time system with Windows software, source code and architecture will be proprietary, giving us the exclusivity of owning a system unknown to foreign elements and protect our security system,' Saraswat said after unveiling a training facility at the Centre for Artificial Intelligence and Robotics (CAIR), a defence lab in this tech hub.

    Classic first timer mistake.

    No mention of capability based security either.

    At best they end up with a bad clone of Windows or Linux.

  • Why stop with the OS? I.e., what about the microcode in the CPU and etc.? Is India also going to write their own microcode?
  • I'm in awe. (Score:5, Insightful)

    by Tumbleweed (3706) * on Monday October 11, 2010 @12:03AM (#33856464)

    Obviously, they're not going to develop any such thing. Ever. This is one of the most brilliant job security moves I've ever seen in the computer industry. Kudos!

  • by VincenzoRomano (881055) on Monday October 11, 2010 @02:03AM (#33856898) Homepage Journal
    I hope the new OS will be a microkernel one, like L4Ka [l4ka.org] (or L4 [l4hq.com] in general) or Minix [minix3.org].

What the scientists have in their briefcases is terrifying. -- Nikita Khruschev

Working...