Many Security-Critical Military Systems Are Now Using Linux (linuxsecurity.com) 78
b-dayyy shared this article from Linux Security:
The United States government's respect for and acceptance of open-source development has steadily grown stronger over the past decade, and the U.S. government is increasingly using open-source software as a way to roll out advanced, highly secure technology in an economical manner. On August 8, 2016, the White House CIO released a Federal Source Code Policy that calls for new software to be built, shared, and adapted using open-source methods to capitalize on code that is "secure, reliable, and effective in furthering our national objectives."
The United States Department of Defense recognizes the key benefits associated with open-source development and trusts Linux as its operating system. In fact, the U.S. Army is the single largest installed base for Red Hat Linux and the U.S. Navy nuclear submarine fleet runs on Linux, including their sonar systems. Moreover, the Department of Defense just recently enlisted Red Hat, Inc., the world's largest provider of open-source solutions, to help improve squadron operations and flight training.
In a comment on the original submission, long-time Slashdot reader bobs666 remembers setting up Minix 30 years ago "for running email for a part of the U.S. Army. It's too bad the stupid people made me stop working on the project."
But the world may be changing. The article notes that Linux has now already been certified to meet the three different security certifications required by the United States Department of Defense.
The United States Department of Defense recognizes the key benefits associated with open-source development and trusts Linux as its operating system. In fact, the U.S. Army is the single largest installed base for Red Hat Linux and the U.S. Navy nuclear submarine fleet runs on Linux, including their sonar systems. Moreover, the Department of Defense just recently enlisted Red Hat, Inc., the world's largest provider of open-source solutions, to help improve squadron operations and flight training.
In a comment on the original submission, long-time Slashdot reader bobs666 remembers setting up Minix 30 years ago "for running email for a part of the U.S. Army. It's too bad the stupid people made me stop working on the project."
But the world may be changing. The article notes that Linux has now already been certified to meet the three different security certifications required by the United States Department of Defense.
Shhh! Nobody tell Trump (Score:2, Funny)
Re: (Score:1)
Re: (Score:2)
> I wouldn't take that job if it paid ten times as much.
When you have children to feed, or family with cancer, it is amazing what you will do to keep them fed, get them their medication, and keep a roof over their heads.
Re: (Score:2)
Re: (Score:2)
You did make the claim that "Sadly, neither would anyone else actually qualified and desirable. " would take the work for even 10 times the money". Such a claim does not seem well founded. If you're referring to the presidency, there are _many_ qualified and desirable candidates. They simply won't be elected by the US populace, which is a distinct problem.
Re: (Score:1)
Steve Ballmer (Score:5, Funny)
Is rolling over in his grave.
Even though he's not dead.
Re: (Score:2, Funny)
He's probably rolling around in money as we speak.
Re: (Score:2)
He's rolling around along the sidelines at Staples Center.
Re: (Score:1)
That's 5 million EACH TIME.
And in 2007, IRS said 75% of the 0.1% had used that exception at least once
So, no, MOSTLY getting rich is just being born
Re: (Score:1)
...So, no, MOSTLY getting rich is just being born
Oh, forgot to source "most rich born well" [cnbc.com]
Re: (Score:2)
Re: (Score:2)
Is rolling over in his grave.
Even though he's not dead.
Never stopped him before.
Great (Score:4, Funny)
Boxes with systemd running nuclear subs.
TFA said *Linux*. (Score:2)
If that does not imply GNU, then we might aswell call Android "Linux". :)
umm... yeah. (Score:2)
If that does not imply GNU, then we might aswell call Android "Linux". :)
Android is Linux and some call it Android Linux. GNU is not implied.
Is Android a GNU linux? (glibc, etc) (Score:2)
Re: (Score:2)
Curious how much of the GNU stack (glibc? gnu binutils? gnu coreutils? inetutils? gzip? bash? etc) Android uses.
Almost nothing, I think. Bionic is the C library. Nearly all of the command-line utils are from Toybox. The toolchain is llvm.
Intel and SystemD are vunerabilities (Score:1)
Re: (Score:1)
Re: Great (Score:1)
Re: (Score:2)
It says they use Redhat, which was one of the major proponents of systemd. Funny how Redhat's main source of revenue is selling support.
Re: (Score:2)
Support contracts. Not support per hour.
Good point, but somehow I wonder if you understood the implications?
Re: (Score:2)
He prefers to have to keep a daemon running all the time for each service that the machine might theoretically service a network request for.
And another daemon to make sure the first group kept running. And then another one to make sure those ones kept running.
Re: (Score:2)
How often do you have daemons that just fail? I don't think I've ever seen that happen. In the rare case it has happened, how was it fixed before the advent of systemd?
Re: (Score:2)
How often do you have daemons that just fail? I don't think I've ever seen that happen. In the rare case it has happened, how was it fixed before the advent of systemd?
More than none, that's for sure, but I've also done a bit of systems and network application programming, so I've been in a position to see the bugs.
But even in a sysadmin role using only daemons that came with an OS distro, you'll still see it eventually. What if RAM got low during some maintenance or something? A long-running process that is rarely used can easily hit some sort of uncommon race condition. Software has bugs. Sysadmins enter wrong PIDs. It happens. In some cases the PHB has root on the serv
Old news... (Score:5, Interesting)
The Future Combat Systems program used Linux as its standard operating system. SOSCOE, built on top of Linux, also had a lot of open source components (and some proprietary components, with a process defined for how these decisions were documented and reviewed/approved by the Government. In some cases, we used existing DoD site-wide licenses to save $.) https://en.wikipedia.org/wiki/... [wikipedia.org] This caused a problem for the one group who showed up with a 1.2m SLOC application in Visual Basic. We told them, "If you want to run that, you will be responsible for the life-cycle costs for provisioning Windows on those platforms, including OS procurement, OS maintenance, and training. That application does not meet DoD/Army open system standards."
1.2m lines of VB ... in the world's leading milita (Score:3)
And you thought Trump was a large apocalypse risk factor...
Dear God, help us all...
Re: (Score:2)
Re: (Score:2)
> especially with SELinux bits turned on
Almost no one in industry actually _uses_ SELinux. They turn it off, very early, to be able to reliably install and use their particular set of proprietary internal software.
Re: (Score:3)
It's not 2001 anymore. Google setroubleshoot (Score:2)
From perhaps 2001-2005 that might have been excusable.
Fifteen years later, it's time to spend 10 minutes learning how to use setroubleshoot if you're writing custom applications that modify system files.
Re: (Score:2)
> if you're writing custom applications that modify system files.
What is a system file? And where does it go? /opt/ ? /usr/local/ ? /home/ ? /var/cache/ ? /var/log/ ? When a developer is building on their MacBook and screaming that that you've broken their system and wasting their time because they want docker instances to have complete administrative to docker itself to control the other instances, and run in a shared filesystem and it works fine on their test environments?
Investing some time in SELinux
Re: It's not 2001 anymore. Google setroubleshoot (Score:1)
Don't containers solve that problem? Have the containers use SELinux and develop it easily from the beginning.
Re: (Score:2)
> Have the containers use SELinux and develop it easily
Excuse me? I thought that docker containers could not have their own distinct SELinux policy, they were dependent on SELinux policies published for the docker server. Since SELinux is a Linux kernel based tool, it's unusable for Macbooks or Windows hosts running docker. The laptop owner can run a virtual machine, a Linux VM. But I'd normally call that a VM, not a "container".
Setting those up, running your software inside them, and stripping them down
Re: (Score:2)
Almost no one in industry actually _uses_ SELinux. They turn it off, very early, to be able to reliably install and use their particular set of proprietary internal software.
What industry is that? My goodness. I'm glad it isn't like that in the software industry, it would really piss me off.
Re: (Score:2)
I will admit that SELinux is not high up my list of security priorities when working with a new developer or a new corporate partner. The battle to activate it has been too long, taken too many meetings, and led to too many cases of simply avoiding the problem rather than gratitude for a helpful set of security policies. I'll admit that I spend more of my time on password handling and on "random laptops are not permitted on the internal environment where traffic may not be as protected or encrypted".
Re: (Score:2, Interesting)
Re: not a great metric to judge an OS by. (Score:3)
Does the military need to upgrade? It seems like a better idea to think of each military computer as a limited or single function device. Where it never allows software installs and only the programs and config it comes with is used.
Then you don't upgrade, just image, while retaining the volumes storing documents and data.
That only works if it's offline. In a bunker. (Score:2)
But then you got no communication facilities and no remote control. So no coordination. Not a good idea, if literally a whole country depends on your team effort.
And no, a VPN doesn't help. The VPN software, its libraries and the kernel it runs on, still can be vulnerable.
Also, where would the data originate from? Your staff can't type it all in by hand. "I see a missile a heading for us. *types: spotted missile @ 329,102, dista...*BOOM*"
Every signal entering your systems, even if it is from a camera or ju
Re:not a great metric to judge an OS by. (Score:5, Informative)
Re: (Score:2)
Re: (Score:2)
The Leapp utility is for in-place upgrades on a live system.
Don't do that on mission-critical systems. Bad monkey.
Re: (Score:2)
Redhat 7 and 8 both have a major scalability flaw in that the os upgrade tool is a byzantine and bureaucratic utility that through shrugs and guesstimates attempts to give you a general idea of the potential for a successful upgrade.
Citation needed for the claim that scalability relies on hot upgrades of live systems. Whenever I'm in a situation that requires scalability, we explicitly abandon that whole type of process. Instead, we would create an upgraded image, and then deploy them. If you're upgrading each installation, of course that doesn't scale, but your setup isn't even intended to scale if you're doing it that way.
You didn't even know that you can run your own server to host updated packages? (note the difference between the
IMHO Man! it is you! (Score:1, Offtopic)
Back in my time, trolls were actually funny.
You actually pulled somethig!
You're just ... sad.
Henry Spencer was Right! (Score:1)
Re: (Score:2)
To me it sounds more like they got tired of poorly reinvented VAX/VMS and changed over to poorly reinvented Unix. [trollface.png]
Customizability is key for professionals. (Score:2, Redundant)
I presume they use customized systems, not just Ubuntu thrown on there.
Because that's where open source shines.
The difference in workflow between a system that is perfectly specialized and customized, to fit you and your situation like a glove, and an off the shelf solution, is night and day. It makes or brakes your business (advantage). (Imagine airplane pilots having to deal with Windows, macOS. We'd all be dead. And not because it is bad for the average home user.)
Yes, corporate closed source can be cust
horrible horrible! (Score:1)
Commodity garbage [hardware and software] has no business running any critical systems.
Not warships! (Score:3)
Windows for Warships is still a thing!
Re: (Score:1)
Until the computer game stops and the ship is stuck on rocks.
Re: (Score:2)
Until the computer game stops and the ship is stuck on rocks.
What if they remembered to include glass windows in addition to the microsoft ones, then would they be able to see the rocks?
What if they had a whole team of people looking out the windows?
Re: (Score:1)
The US Navy has too few people who are not resting, sleeping, eating to allow for that.
So the person with no skills is doing ship steering while getting educated by the person who should be "looking out" and who other tasks too.
Too few people to teach, too few smart people learning... no people to do the ""looking out" part
Too few people with skills on duty at any time. Too many people with not much skill trying to learn while doi
Re: (Score:2)
Re "What if they had a whole team of people looking out the windows?"
The US Navy has too few people who are not resting, sleeping, eating to allow for that.
It may be that the requirements of spending time looking out the window are a big part what they're doing instead of eating, sleeping, and resting.
NATO nations and the US Navy keep on accepting people with few skills and for non academic reasons.
You seem to be wanting to handwave at racism, but you lack the courage of conviction because you know you're just an angry loser. And you don't want to say it too strongly because you know you didn't look it up, and don't even know if warships do actually accept people who scored too low... or not.
Re: (Score:1)
Lack of staff skill?
Lack of the ability to teach?
Teaching staff expected to sail, teach and look after crews? Too much work with too few experts?
Not much expert crew left to "sail" when they have to educate, test, review and watch over new crew.
Re "requirements of spending time looking out the window"
Re: (Score:2)
How about trying to bring back some merit again, adding a lot more expert staff just to "teach"?
ROFLCOPTER
You tell `em Cap!
If them whippersnappers would just listen to you for once they'd have all these problems solved by now and they'd merit drooling down their chins while they type.
Re: (Score:1)
Teach better and fixing design problems would be a very simple and easy start
Within a decade competency would return...
Most other nations mil seems to be able to master the navigation part
Re: (Score:2)
It was a long time a go when I saw a news article about the Navy Converting to windows due to the fact it was said that most enlisted men could only deal with windows.
It was a week or three later when a new state of the art destroyer had to be towed back to port, after sea trials where software failures disabled the ship.
Lest hope in the last ten years they are learning.
Windows or Linux where security is important... Hm (Score:1)
I guess (Score:3)
It's the year of Linux on Army desktops then.
Re: (Score:2)
Single Largest RHEL Install Base (Score:2)
In fact, the U.S. Army is the single largest installed base for Red Hat Linux and the U.S. Navy nuclear submarine fleet runs on Linux, including their sonar systems. Moreover, the Department of Defense just recently enlisted Red Hat, Inc., the world's largest provider of open-source solutions, to help improve squadron operations and flight training.
I wonder how much they're paying for support?
Someone needs to tell the DoD to put RHEL only on the front-end, and buy a support contract for that, and then install CentOS everywhere else.
Re: (Score:2)
They're paying a lot for support! I know of several past efforts to reduce support costs, including taking the NSA-funded SE Linux and expanding it to cover the same features as RHEL. But I don't know what happened as a result of those efforts, I haven't tracked this closely since I retired.
Re: (Score:2)
But I don't know what happened as a result of those efforts, I haven't tracked this closely since I retired.
It turns out you have to hire so many engineers, doing it yourself costs as much as buying RedHat. The support contract is cheaper than that. Because they have other customers, too.
Duh! (Score:3)
look at all the telemetry that Microsoft is building into their OS's.
Government needs to question the very fact that MS is just not a suitable or safe OS to install because it takes very little effort to compromise the OS and more and more malware is going to be coming out to take advantage of all the built-in spying that the Microsoft OS is going to be doing.
Re: (Score:3)
What if the Government has the source code, and MS shares all the telemetry with them anyways? Then maybe it is just a feature, right? And they could turn off any parts they don't like, since they have a custom version.
It makes sense from a security perspective... (Score:5, Interesting)
It actually isn't too painful to implement SELinux, AppArmor and similar system-level tools on RHEL, and it is only a minor hassle to check for and mitigate hundreds of CVEs and other security vulnerabilities, 90% of which are config issues, not code issues. Yes, it is a large time-suck, but it isn't difficult if you are patient and careful.
Most security-critical military systems aren't desktops or servers, but are embedded and real-time systems, primarily sensors, controllers and the like. Such systems generally run dedicated applications, and have no human "users" logged in. For example, the "Advanced Arresting Gear" on the USS Ford contains around 40 embedded RHEL systems. Advances in microprocessors have permitted Linux to displace most of the diverse array of real-time operating systems (RTOSes, such as VxWorks) previously used for such purposes.
Remember, we're talking about the OS here, not the network, which has its own massive attack surface. The most security-critical systems are air-gapped, shielded, separately-powered and otherwise as isolated as possible. You generally must have direct physical access to do anything to these systems, and even with that access, administrative activities can only be done when the system is completely off-line. On some systems, the USB ports (for media and keyboard) are literally disconnected until a mechanical interlock enables them. It can also sometimes require two people working on separate systems in separate rooms to do the correct coordinated actions to propagate updates to an integrated suite of systems. Needless to say, updates are both rare and robust (tested to hell and back).
Re: (Score:2)
Most people here who think SELinux is hard never actually tried to use it!
What happened to them was, they installed a bunch of optional shit that most people don't need, and that only works if you set it up, and that tends to cause SELinux errors when installed but not configured, and instead of solving that, they turn off SELinux. Because their GUI desktop spams the errors to popups.
Re: (Score:1)
If they tried it anytime recently they shouldn't have that tough of a problem unless they're doing custom stuff. Such as moving where the system expects to find things. Moving the web server to a new dir? Have to tell selinux.
Had a guy do that one time, activated the server and created millions of errors in the logs.
Shared security (Score:2)
As they should! (Score:1)
It's certainly a good tool for this kind of job.
Certainly not the worst development of this decade (Score:2)
And now that IBM owns RedHat, it's likely going to continue.
If you look at the price of what it costs to install OpenShift on-premise, you can see the $-signs in Ginni's eyes already....
Thank you (Score:2)
I know the NSA had a secure distro. It is about time People are starting to use it. Perhaps in the future the armed forces will conquer the desk top.