On 06/11/2012 07:40 AM, Jerry Feldman wrote:
On 06/10/2012 09:59 PM, Jack Coats wrote:
Somehow I don't think you are very off base.
They need a 'standard OS' that they can have some
belief that they can understand, without 'hidden source',
and unknown, un-reviewed (by outside eyes), updates,
whether they are 'security', 'update' or 'other maintenance'.
As a corporate type working for 'big oil' in the past, I had
the same considerations, and they were ignored. Mainly
due to internal politics and theoretical 'financial issues'
that M$ said it was 'cheaper to run Windows than anything
else'. (insert more grumbles and whines here)
I am glad there are people taking security seriously in the DOD.
Whether they go with a 'closed' or 'open' source solution,
doesn't really matter. Secure, auditable, and maintainable
and upgradable is the most important.
It wouldn't be beyond the DOD to come out with edict
to use a 'home rolled' OS, but they don't have to good
a track record for long term software projects (COBOL
being the exception for business use, but ADA worked
it just wasn't the panacea it was supposed to be)
Agreed Jack. While working at Raytheon (for HP) most of our systems were
HP-UX.
Certainly Linux has fewer viruses, but is still open to a virus attack
unless the systems are monitored and hardened. Microsoft has long stated
that the TCO of Windows is lower than Linux. TCO calculations are very
subjective. If you have a mixed environment then you need both Windows
and LInux expertise. But, in the Linux case, DOD can control the OS
sources, as well as patches very closely. The main issues here are the
procurement process.
I would like to amplify this point and add, because Linux is open source
and free, the DOD can create its own very safe version of it.
Furthermore, the types of software needed to control the drones is
doable in an COTS (Consumer Off-The Shelf) distribution.
The DOD could easily create a "DOD OS" department with a trivial staff.
Their job would be to acquire some form of Linux, probably debian, and
audit every line of code. Once "blessed" just keep track of the patches
that come from outside. I can't believe they don't already. When I hear
that they are using Windows for *anything* I just cringe.
_______________________________________________
Discuss mailing list
[email protected]
http://lists.blu.org/mailman/listinfo/discuss
