Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
The Military Open Source Linux

Many Security-Critical Military Systems Are Now Using Linux (linuxsecurity.com) 78

b-dayyy shared this article from Linux Security: The United States government's respect for and acceptance of open-source development has steadily grown stronger over the past decade, and the U.S. government is increasingly using open-source software as a way to roll out advanced, highly secure technology in an economical manner. On August 8, 2016, the White House CIO released a Federal Source Code Policy that calls for new software to be built, shared, and adapted using open-source methods to capitalize on code that is "secure, reliable, and effective in furthering our national objectives."

The United States Department of Defense recognizes the key benefits associated with open-source development and trusts Linux as its operating system. In fact, the U.S. Army is the single largest installed base for Red Hat Linux and the U.S. Navy nuclear submarine fleet runs on Linux, including their sonar systems. Moreover, the Department of Defense just recently enlisted Red Hat, Inc., the world's largest provider of open-source solutions, to help improve squadron operations and flight training.

In a comment on the original submission, long-time Slashdot reader bobs666 remembers setting up Minix 30 years ago "for running email for a part of the U.S. Army. It's too bad the stupid people made me stop working on the project."

But the world may be changing. The article notes that Linux has now already been certified to meet the three different security certifications required by the United States Department of Defense.
This discussion has been archived. No new comments can be posted.

Many Security-Critical Military Systems Are Now Using Linux

Comments Filter:
  • He'll probably insist it's 'fake software' and issue an executive order to make them use Windows 10 instead.
  • by 93 Escort Wagon ( 326346 ) on Saturday December 21, 2019 @02:49PM (#59545238)

    Is rolling over in his grave.

    Even though he's not dead.

  • Great (Score:4, Funny)

    by ArchieBunker ( 132337 ) on Saturday December 21, 2019 @02:55PM (#59545256)

    Boxes with systemd running nuclear subs.

    • If that does not imply GNU, then we might aswell call Android "Linux". :)

      • If that does not imply GNU, then we might aswell call Android "Linux". :)

        Android is Linux and some call it Android Linux. GNU is not implied.

        • Curious how much of the GNU stack (glibc? gnu binutils? gnu coreutils? inetutils? gzip? bash? etc) Android uses. If not much, than it's a good example of the distinction between a GNU/Linux (Debian, Red Hat, etc) and a non-GNU/Linux (the busybox-based linuxes in many wifi routers and other small embedded systems)
          • Curious how much of the GNU stack (glibc? gnu binutils? gnu coreutils? inetutils? gzip? bash? etc) Android uses.

            Almost nothing, I think. Bionic is the C library. Nearly all of the command-line utils are from Toybox. The toolchain is llvm.

    • Yeah, wish they would move off red hat and ditch systemd, probably using intel processors too
    • Linux != systemd and besides, what would you prefer? A BSOD box? Come on now... Obviously Linux is the safest choice by FAR.
      • It says they use Redhat, which was one of the major proponents of systemd. Funny how Redhat's main source of revenue is selling support.

        • Support contracts. Not support per hour.

          Good point, but somehow I wonder if you understood the implications?

      • He prefers to have to keep a daemon running all the time for each service that the machine might theoretically service a network request for.

        And another daemon to make sure the first group kept running. And then another one to make sure those ones kept running.

        • How often do you have daemons that just fail? I don't think I've ever seen that happen. In the rare case it has happened, how was it fixed before the advent of systemd?

          • How often do you have daemons that just fail? I don't think I've ever seen that happen. In the rare case it has happened, how was it fixed before the advent of systemd?

            More than none, that's for sure, but I've also done a bit of systems and network application programming, so I've been in a position to see the bugs.

            But even in a sysadmin role using only daemons that came with an OS distro, you'll still see it eventually. What if RAM got low during some maintenance or something? A long-running process that is rarely used can easily hit some sort of uncommon race condition. Software has bugs. Sysadmins enter wrong PIDs. It happens. In some cases the PHB has root on the serv

  • Old news... (Score:5, Interesting)

    by david.emery ( 127135 ) on Saturday December 21, 2019 @02:57PM (#59545260)

    The Future Combat Systems program used Linux as its standard operating system. SOSCOE, built on top of Linux, also had a lot of open source components (and some proprietary components, with a process defined for how these decisions were documented and reviewed/approved by the Government. In some cases, we used existing DoD site-wide licenses to save $.) https://en.wikipedia.org/wiki/... [wikipedia.org] This caused a problem for the one group who showed up with a 1.2m SLOC application in Visual Basic. We told them, "If you want to run that, you will be responsible for the life-cycle costs for provisioning Windows on those platforms, including OS procurement, OS maintenance, and training. That application does not meet DoD/Army open system standards."

    • And you thought Trump was a large apocalypse risk factor...

      Dear God, help us all...

    • by davecb ( 6526 )
      Linux is entirely sufficient for most confidentiality-oriented tasks, especially with SELinux bits turned on. It arguably would pass B1, if we were still using the old and very stringent orange book criteria. It probably exceeds anything in the (exceedingly weak, IMHO) "common criteria".
      • > especially with SELinux bits turned on

        Almost no one in industry actually _uses_ SELinux. They turn it off, very early, to be able to reliably install and use their particular set of proprietary internal software.

        • by davecb ( 6526 )
          I'm please to say I don't, nor does my employer for production servers. For workstations, less so (;-))
        • From perhaps 2001-2005 that might have been excusable.
          Fifteen years later, it's time to spend 10 minutes learning how to use setroubleshoot if you're writing custom applications that modify system files.

          • > if you're writing custom applications that modify system files.

            What is a system file? And where does it go? /opt/ ? /usr/local/ ? /home/ ? /var/cache/ ? /var/log/ ? When a developer is building on their MacBook and screaming that that you've broken their system and wasting their time because they want docker instances to have complete administrative to docker itself to control the other instances, and run in a shared filesystem and it works fine on their test environments?

            Investing some time in SELinux

            • Don't containers solve that problem? Have the containers use SELinux and develop it easily from the beginning.

              • > Have the containers use SELinux and develop it easily

                Excuse me? I thought that docker containers could not have their own distinct SELinux policy, they were dependent on SELinux policies published for the docker server. Since SELinux is a Linux kernel based tool, it's unusable for Macbooks or Windows hosts running docker. The laptop owner can run a virtual machine, a Linux VM. But I'd normally call that a VM, not a "container".

                Setting those up, running your software inside them, and stripping them down

        • Almost no one in industry actually _uses_ SELinux. They turn it off, very early, to be able to reliably install and use their particular set of proprietary internal software.

          What industry is that? My goodness. I'm glad it isn't like that in the software industry, it would really piss me off.

          • I will admit that SELinux is not high up my list of security priorities when working with a new developer or a new corporate partner. The battle to activate it has been too long, taken too many meetings, and led to too many cases of simply avoiding the problem rather than gratitude for a helpful set of security policies. I'll admit that I spend more of my time on password handling and on "random laptops are not permitted on the internal environment where traffic may not be as protected or encrypted".

  • Re: (Score:2, Interesting)

    Comment removed based on user account deletion
    • Does the military need to upgrade? It seems like a better idea to think of each military computer as a limited or single function device. Where it never allows software installs and only the programs and config it comes with is used.

      Then you don't upgrade, just image, while retaining the volumes storing documents and data.

      • But then you got no communication facilities and no remote control. So no coordination. Not a good idea, if literally a whole country depends on your team effort.

        And no, a VPN doesn't help. The VPN software, its libraries and the kernel it runs on, still can be vulnerable.
        Also, where would the data originate from? Your staff can't type it all in by hand. "I see a missile a heading for us. *types: spotted missile @ 329,102, dista...*BOOM*"
        Every signal entering your systems, even if it is from a camera or ju

    • by flyingfsck ( 986395 ) on Saturday December 21, 2019 @03:12PM (#59545310)
      Not true. Setting up your own mirror servers for RH is almost trivially easy. RH will even automatically bounce requests back to your own mirror servers if your clients are configured wrong.
    • Redhat 7 and 8 both have a major scalability flaw in that the os upgrade tool is a byzantine and bureaucratic utility that through shrugs and guesstimates attempts to give you a general idea of the potential for a successful upgrade.

      Citation needed for the claim that scalability relies on hot upgrades of live systems. Whenever I'm in a situation that requires scalability, we explicitly abandon that whole type of process. Instead, we would create an upgraded image, and then deploy them. If you're upgrading each installation, of course that doesn't scale, but your setup isn't even intended to scale if you're doing it that way.

      You didn't even know that you can run your own server to host updated packages? (note the difference between the

  • DoD finally had enough of poorly reinvented Unix. Hell, even Microsoft is starting to get it!
    • To me it sounds more like they got tired of poorly reinvented VAX/VMS and changed over to poorly reinvented Unix. [trollface.png]

  • I presume they use customized systems, not just Ubuntu thrown on there.
    Because that's where open source shines.

    The difference in workflow between a system that is perfectly specialized and customized, to fit you and your situation like a glove, and an off the shelf solution, is night and day. It makes or brakes your business (advantage). (Imagine airplane pilots having to deal with Windows, macOS. We'd all be dead. And not because it is bad for the average home user.)

    Yes, corporate closed source can be cust

  • Commodity garbage [hardware and software] has no business running any critical systems.

  • by Gravis Zero ( 934156 ) on Saturday December 21, 2019 @04:18PM (#59545474)

    Windows for Warships is still a thing!

    • by AHuxley ( 892839 )
      So the people learning all about the US Navy can use a MS GUI to sail with.
      Until the computer game stops and the ship is stuck on rocks.
      • Until the computer game stops and the ship is stuck on rocks.

        What if they remembered to include glass windows in addition to the microsoft ones, then would they be able to see the rocks?

        What if they had a whole team of people looking out the windows?

        • by AHuxley ( 892839 )
          Re "What if they had a whole team of people looking out the windows?"
          The US Navy has too few people who are not resting, sleeping, eating to allow for that.
          So the person with no skills is doing ship steering while getting educated by the person who should be "looking out" and who other tasks too.
          Too few people to teach, too few smart people learning... no people to do the ""looking out" part ...
          Too few people with skills on duty at any time. Too many people with not much skill trying to learn while doi
          • Re "What if they had a whole team of people looking out the windows?"

            The US Navy has too few people who are not resting, sleeping, eating to allow for that.

            It may be that the requirements of spending time looking out the window are a big part what they're doing instead of eating, sleeping, and resting.

            NATO nations and the US Navy keep on accepting people with few skills and for non academic reasons.

            You seem to be wanting to handwave at racism, but you lack the courage of conviction because you know you're just an angry loser. And you don't want to say it too strongly because you know you didn't look it up, and don't even know if warships do actually accept people who scored too low... or not.

            • by AHuxley ( 892839 )
              Yet the ships keep on falling apart and are not able to sail without getting near the rocks. The collisions.
              Lack of staff skill?
              Lack of the ability to teach?
              Teaching staff expected to sail, teach and look after crews? Too much work with too few experts?
              Not much expert crew left to "sail" when they have to educate, test, review and watch over new crew.

              Re "requirements of spending time looking out the window" ... not if the few skilled crew has to be teaching, looking after systems... while on duty .
              • How about trying to bring back some merit again, adding a lot more expert staff just to "teach"?
                 

                ROFLCOPTER

                You tell `em Cap!

                If them whippersnappers would just listen to you for once they'd have all these problems solved by now and they'd merit drooling down their chins while they type.

                • by AHuxley ( 892839 )
                  Its that or keep on staying port with the contractors... or a lack of basic navigations skills...
                  Teach better and fixing design problems would be a very simple and easy start :)
                  Within a decade competency would return...
                  Most other nations mil seems to be able to master the navigation part :)
    • by bobs666 ( 146801 )

      It was a long time a go when I saw a news article about the Navy Converting to windows due to the fact it was said that most enlisted men could only deal with windows.

      It was a week or three later when a new state of the art destroyer had to be towed back to port, after sea trials where software failures disabled the ship.

      Lest hope in the last ten years they are learning.

  • Windows or Linux where security is important... Hmmm? Tough choice
  • by nospam007 ( 722110 ) * on Saturday December 21, 2019 @04:29PM (#59545508)

    It's the year of Linux on Army desktops then.

  • In fact, the U.S. Army is the single largest installed base for Red Hat Linux and the U.S. Navy nuclear submarine fleet runs on Linux, including their sonar systems. Moreover, the Department of Defense just recently enlisted Red Hat, Inc., the world's largest provider of open-source solutions, to help improve squadron operations and flight training.

    I wonder how much they're paying for support?

    Someone needs to tell the DoD to put RHEL only on the front-end, and buy a support contract for that, and then install CentOS everywhere else.

    • They're paying a lot for support! I know of several past efforts to reduce support costs, including taking the NSA-funded SE Linux and expanding it to cover the same features as RHEL. But I don't know what happened as a result of those efforts, I haven't tracked this closely since I retired.

      • But I don't know what happened as a result of those efforts, I haven't tracked this closely since I retired.

        It turns out you have to hire so many engineers, doing it yourself costs as much as buying RedHat. The support contract is cheaper than that. Because they have other customers, too.

  • by SirAstral ( 1349985 ) on Saturday December 21, 2019 @05:14PM (#59545620)

    look at all the telemetry that Microsoft is building into their OS's.

    Government needs to question the very fact that MS is just not a suitable or safe OS to install because it takes very little effort to compromise the OS and more and more malware is going to be coming out to take advantage of all the built-in spying that the Microsoft OS is going to be doing.

    • What if the Government has the source code, and MS shares all the telemetry with them anyways? Then maybe it is just a feature, right? And they could turn off any parts they don't like, since they have a custom version.

  • by BobC ( 101861 ) on Saturday December 21, 2019 @05:50PM (#59545728)

    It actually isn't too painful to implement SELinux, AppArmor and similar system-level tools on RHEL, and it is only a minor hassle to check for and mitigate hundreds of CVEs and other security vulnerabilities, 90% of which are config issues, not code issues. Yes, it is a large time-suck, but it isn't difficult if you are patient and careful.

    Most security-critical military systems aren't desktops or servers, but are embedded and real-time systems, primarily sensors, controllers and the like. Such systems generally run dedicated applications, and have no human "users" logged in. For example, the "Advanced Arresting Gear" on the USS Ford contains around 40 embedded RHEL systems. Advances in microprocessors have permitted Linux to displace most of the diverse array of real-time operating systems (RTOSes, such as VxWorks) previously used for such purposes.

    Remember, we're talking about the OS here, not the network, which has its own massive attack surface. The most security-critical systems are air-gapped, shielded, separately-powered and otherwise as isolated as possible. You generally must have direct physical access to do anything to these systems, and even with that access, administrative activities can only be done when the system is completely off-line. On some systems, the USB ports (for media and keyboard) are literally disconnected until a mechanical interlock enables them. It can also sometimes require two people working on separate systems in separate rooms to do the correct coordinated actions to propagate updates to an integrated suite of systems. Needless to say, updates are both rare and robust (tested to hell and back).

    • Most people here who think SELinux is hard never actually tried to use it!

      What happened to them was, they installed a bunch of optional shit that most people don't need, and that only works if you set it up, and that tends to cause SELinux errors when installed but not configured, and instead of solving that, they turn off SELinux. Because their GUI desktop spams the errors to popups.

      • by ebvwfbw ( 864834 )

        If they tried it anytime recently they shouldn't have that tough of a problem unless they're doing custom stuff. Such as moving where the system expects to find things. Moving the web server to a new dir? Have to tell selinux.
        Had a guy do that one time, activated the server and created millions of errors in the logs.

  • Are they going to share the security enhancements with the community?
  • It's certainly a good tool for this kind of job.

  • And now that IBM owns RedHat, it's likely going to continue.

    If you look at the price of what it costs to install OpenShift on-premise, you can see the $-signs in Ginni's eyes already....

  • Thank you for the quote!

    I know the NSA had a secure distro. It is about time People are starting to use it. Perhaps in the future the armed forces will conquer the desk top.

1 Angstrom: measure of computer anxiety = 1000 nail-bytes

Working...