Linux -- Government Acceptance vs. Actual Use 210
sdriver writes: "As someone who works in the Space/Science/Military field (as a contractor) I thought I'd share some links to how much Linux really is being used. This one is the U.S. Military using Linux. This is another. This one is about realtime Linux stuff for the U.S. Military. Then there are some general arguments about Open source here and here. For those of us who have hardcopies of this magazine will notice most advertisments feature Linux along with VxWorks as a typical target platform. Not the "other" guys."
It's no surprise or secret that for all its tripwire maze of requirements, the U.S. government uses plenty of Free software already. Still, a re-examination of the POSIX requirement would seem in order. Or perhaps the Feds would like to save money by funding the development of an add-on POSIX implementation layer for Linux -- after all, that sounds "good enough for government work." ;)
There are a few problems with Linux for the DOD (Score:1)
The real problem is, if you port the DII COE to Linux, it's just one more platform. Currently, there's a COE requirement that all new DII COE certified software must work on all the platforms for which there is a DII COE kernel, currently, they are HP, Sun, and NT.
So as far as the government is concerned, it doesn't save them any money. If they contract out a program to work under the DII COE for linux, the government will probably need to pay to develop it for HP, Sun, and NT as well. In the end it will be only added cost with little added value, since they can run the same software on the boxes they currently own in the first place.
And then there's all the restrictions. No bash or csh scripts. Use korn shell instead. No SUID shell scripts. Perl is not a default language. Even little things like the default umask are not to be changed. System administration is quite a pain.
And even with the restrictions, which distribution do you use? Slackware, Red Hat? Expecting DII COE to work with both is quite a task, since it wants control of quite a few administration details, and both are different in that area. Not all binaries compiled for slackware will work for redhat and vice versa. And that's a problem since the COE packages must be delivered precompiled.
And then if you want things like perl, or gzip, or Netscape, and all the things that COE didn't provide (usually called Commercial Of The Shelf, or COTS software), the government must pay to have those repackaged to the COE package format. This might include things like Gnome, Kde, StarOffice, BIND, Sendmail, etc.... And of course, each platform must be packaged separately.
Ack.
perhaps... (Score:1)
Re:This shouldn't *be* news... (Score:1)
Certain Universities have access to Microsoft source, too. It's always done under NDA.
I guess you're just wrong. Sorry.
Linux / Open Source alive & well in local govt. (Score:1)
Re:Fear, Uncertainty and Doubt (Score:1)
User error: An operator enters in a wrong number. The ship becomes operates perfectly; however, unexpected actions occur.
Application error: An operator enters in a wrong number which should be trapped. The ship becomes crippled. The OS does not crash or become crippled.
Application error: A wrong number is entered and not trapped by the application, which corrupts a critical database. Terminals accessing the data become useless. The ship is crippled until the database is restored. The OS does not crash or becomes crippled.
Driver/Hardware/OS error: An incorrect input into an application causes a driver to send inproper information to a device. The device becomes inoperable until a reset occurs. The OS may crash.
OS error: The OS receives an input that shoul d be trapped, and the OS crashes or becomes inoperable.
The Yorktown was disabled in September 1997 due to an application and OS error. The user input was not handled properly by the application, plus the application crashed the machine (i.e., blue screen of death). Unless the OS crashed due to a poorly-written driver to specialized hardware, I would say that it is due to problems with Windows NT. Howver, fully-supported network cards, video cards, mouse, keyboard drivers should be fully operational under any conditions. NT still has problems, but Linux is much better.
OpenBSD....Already fits the bill (Score:1)
Re:What about Windows? (Score:1)
Of course, I didn't post this. Someone else did, although I did write it on ma-linux.
you would be a lot better thinker if you thought about your own words rather than just spew out your random thoughts.
Re:Is it NT's fault? (Score:1)
I guess I just find it to be kind of a challenge to argue, er I mean beat my head against the wall.
Re:Fear, Uncertainty and Doubt (Score:1)
What do you think it means by LAN consoles and remote terminal units crashing?
They might have had a web app server, and the web pages don't come up.
Think about it... Have you ever dealt with endusers? When they say "My computer crashed." what does that mean?
You can tell by the tone of the whole article that it is not technically specific. They talk about a database overflow in one instance, and a divide by the number zero elsewhere...
Come on, put your thinking cap on!
Linux zealots are idiots? (Score:1)
Re:The failure of moderation... (Score:1)
You're trying to read something into the article to prove your own personal biases.
Re:perhaps... (Score:2)
It's no longer accurate to say that if Red Hat had spent the money to get their distro certified, that it would be Version 4.2 that would be certified as compliant by now. Enough time has elapsed that they'd probably have Version 5.0 certified.
If a specific version of a specified Distribution is certified as POSIX compliant, that has no bearing on any other version, or any other distribution.
Summation: it's not gonna happen in an Open Source world.
USAF and Linux (Score:2)
Re:NAvy dUmMies (Score:2)
Well thank you for ruining all my hopes and dreams.
Re:WTF?! (Score:2)
The other thing to note about the story is that you heard about it only because it had happened before on other occasions.
The headline should have been:
Courtmartialled For Choosing Microsoft!
But instead it barely made the goverment computer news and mainstream media REFUSED to cover it at all. (I know this because I submitted the story as a lead several reporters.)
Re:Unbelievable... (Score:2)
I seem to know at least as much as you. I know exactly what you're saying, but you made the claim that the OS was not at fault. What facts presented in the article allow you to conclude that? The facts seem to support my conclusion more than yours since yours relies on the "inept reporter" being wrong about the OS crashing, which we don't know for sure. Additionally, it wasn't the reporter who said the OS crashed, he was paraphrasing a memo from Vice Admiral Griffin, apparently using the memo's exact words for that portion. I would assume that the Admiral got that information from someone who was administering the system. But again, none of this is really confirmed. But it certainly doesn't support your claim that the OS was not at fault.
Re:The failure of moderation... (Score:2)
As others pointed out, a crashing app taking down the OS is the fault of the OS, or at least the OS administrators who let the app run with priveleges that allow it to crash the OS. This again may be the fault of the OS, or at least the designers choice of OS if they can't make the app run without having that level of control.
Question... (Score:2)
If it was just an app crashing, why the hell would they have to tow the damn ship back to harbor to fix it?
Unbelievable... (Score:2)
I don't normally stoop to name calling. But you take the cake. You are a hypocritical idiot. You take the same information, from the same article, and claim in this post [slashdot.org] that it was not the fault of the OS. If the information in the article is so suspect and cannot be reasonably analyzed due to its likely innacurracy, then how can you make such a claim? But you don't stop there. Now you claim that I am trying to read something into the article and make conclusions based on my personal biases. Give me a break. I made an analysis of the facts as they were presented in the article and from that determined that it was probably both an application and OS failure. For some reason you seem to think that your analysis and biases hold more weight than anyone elses. You should quit complaining about stupidity on Slashdot. From reading your posts, you are a prime contributor.
Re:Fear, Uncertainty and Doubt (Score:2)
The key point is that this was an application failure, it was not an OS failure.
No, the key point is that a crashing application should not take down the OS, and certainly not all the other NT machines on the LAN as well. This indicates an OS failure in addition to the application failure, or at the very least a design flaw of the highest magnitude (which could possibly include the choice of NT as the OS).
Re:Question... (Score:2)
My point was that restarting the app shouldn't require the ship to be towed back to the harbor. However, I can see a system-wide crash causing that to happen. All in all, it sounds like a poorly designed system, whether part of the problem is NT is not entirely clear, but from the article, it appears that NT was part of the problem.
Re:Unbelievable... (Score:2)
"System" may or may not mean or include the OS. Your own biases are leading you to interpret it as meaning that the OS did not crash, which the statement certainly doesn't support. Interpreting a "system crash" as an OS failure (among other things) makes more sense than interpreting it as meaning that the OS did not crash. At least in the absence of further information.
As for your "tip," I don't think I'm especially biased toward Linux anyway. It's not my primary OS. I only run it on one 486 box at home for a firewall.
Use of Linux in the Dept. of Defense (Score:2)
As far as server certification goes, our use of Linux is known and acknowledged by the regional IT coordinators. There aren't currently any problems accreditting these Linux servers: they are configured by the same guidelines as is required of any Unix/POSIX system. Obviously there are some differences, but there were already allowances in the process to deal with Solaris, HPUX, AIX, DG/UX or whatever variant of Unix the system was designed with.
While true that Linux isn't currently certified for DoD use, and is operating via a waiver, Windows NT was put into place in a very similar manner over a much longer timeframe, since 1996! Just recently Windows NT received the necessary certification for government use (C2).
SGI is working to bring C2 certification to a Linux distribution by late 2000 / early 2001 ( see http://slashdot.org/articles/00/04/12/1035205.sht
Along with OpenMotif, and the other interoperability enchancements being made to Linux every day, I don't think there will be any insurmountable problems using Linux in the DoD in the future. But that's just my opinion.
-Falcor
Re:And I suppose M$ doesn't let any hooha write co (Score:2)
Actually Darwin's point was that the most successful organisms end up with the most surviving prodigy. In other words, the bearded Mormon polygamist from the 1850's with 5 wives and 54 children was almost certainly more successful biologically than your ancestors.
Success as Darwin would define it doesn't have anything to do with being smarter, or stronger, it has to do with successfully passing on your genes. You could be of sub-par intelligence, and weak, but if you have lots of children that survive you will still be more "successful" than the Professional Wrestler with a PHd in Astrophysics that decided to stop at one child.
Not that any of this matters, I just don't particularly care if I am off topic.
Re:GPL Does permit non-distributed modifications (Score:2)
--
The failure of moderation... (Score:2)
This article about the Navy cruiser was widely discredited as it relates to the problem being a fault with NT.
A divide-by-zero error is an application issue, not the operating system, unless it were to have occured in a device driver or in the kernel itself. Which seems highly unlikely given that the articles talk about the fault being caused by bad input data.
Fear, Uncertainty and Doubt (Score:2)
This is an example of one such person. The fact that anybody picked up on this story without any sort of critical thinking skills kicking in is highly disappointing.
Even more unfortunate is how it was moderated up, and the posts pointing out how it had already been discredited have been moderated down.
Let me basically summarize the article and the simple understanding one has to use to read it:
Basically the article talks about the Navy deploying a system to automate portions of their ship. The system was built to run atop Windows NT 4.0 server.
Somehow bad data was entered into the database. A zero was entered into some record by the system admin, says the article.
This caused the application to crash with a divide-by-zero error because of a lack of assertions on input parameters in the application.
The key point is that this was an application failure, it was not an OS failure.
What is surprising is the number of people who claim to be intelligent but cannot understand the distinction.
Sigh...
Re:Question... (Score:2)
I've had this happen with some poorly written systems in the past, and usually it requires a DBA or someone to go in and correct the bad data element in a table.
It is definately a case of a bad system design, no application should be that intolerant of input parameters that it fails to work. Especially not on a war ship.
If they didn't have a DBA or developer or whatever on board to fix it, they would have had to tow it back to the docks.
I suspect it's reasonable to assume that a warship out at sea doesn't have an open radio network port handy to telnet into.
Somehow I don't think our military is going to make the same mistake as Khan did in Star Trek II.
Re:Unbelievable... (Score:2)
Here's a tip.
Take the article, replace every occurence of the word NT with Linux.
Perhaps then your biases won't get in the way.
Re:Is it NT's fault? (Score:2)
You are trying to insert something in between the lines.
Nowhere does the article state it took out the LAN... It says it took out LAN consoles and remote terminals.
What does that mean? The article doesn't tell us, but one can imply that these were basically Network computers attached with maybe say a Java app, or a web page, or something.
Come on, you can't possibly be sitting there with a straight face and telling me that you actually think an NT Server going into BSOD would take out a LAN? Give me a break.
This again is a lack of critical thinking skills.
Uh, an SSE won't be around in a battlefield... (Score:2)
Not all critical DOD servers are in locations where civilians would be allowed to begin with- nor, would you really want them to allow people there. Giving them the resources to do this stuff easier would be a godsend.
It works at Sandia (Score:2)
Linux:
Is much, much faster for an affordable box. The HP C360 computers we got a year or two ago were about as fast as PII500 boxes, but at three times the price. We've got nicely parallel code, too, so the dual PIII700 systems they're using now come in handy.
Is easy to port UNIX code to, especially if you standardize on gcc and GNU make to keep the Makefiles identical (or use something like autoconf, I suppose). There were a number of source code changes we had to made, but they were all of the "bug which didn't trigger under HP-UX" variety, not bugs in Linux.
Is much better supported. Yeah, that's right. We've got enough geeky interns like me (and highly qualified Unix sysadmins) around to handle any software issues, and being able to run down to Best Buy for hardware certainly beats most proprietary vendors. HP in particular canceled support for that C360 line, that being the final straw. Of course, this may be an HP problem; we've got Sun servers with an amazing "we'll send a tech over right away with a new board" support contract and no worries there.
Sucks when you run out of memory, in 2.2 at least. I got used to keeping a top window running and a kill command ready when testing fast, leaky code; that's because while I can kill the offending process when the VM runs low, the Linux kernel is more likely to hard kill the X server or do something else that will hose the system to the magic SysRq key point.
Has limitations, but has the source code to work around them. There's a max 4kb SysV message size limit in the kernel, for example, but I modified an IBM employee's 2.1 kernel patch to make that limit runtime configurable.
Comes with desktops that are a lot more enjoyable to work on. Some of us booted to KDE, some to Gnome, but everyone was quite happy never to see a CDE panel again.
Scales much better than HP-UX. We're working on prototype satellite groundstations, and being able to put everything on a ThinkPad blows away the anthro cart "portability" there was before. Hell, how much RAM does an iPaq have? It has enough CPU power to run our software, anyway.
Re: (Score:2)
Correct POSIX (Score:2)
So what's the problem? Not enough POSIX testing? Done on the wrong phase of the moon? Completed but nobody would sponsor the actual certificate? If I was a Linux co in a position to sell to the military, and "proper" POSIX certification cost (say) $US20,000, I'd being sending the money today.
The Overlooked Detail (Score:2)
The failure of a single computer disabled an entire warship.
Let's be honest: if you can disable a warship by disabling a single computer, it doesn't matter what OS the machine is running. DOS, NT, Macintoshes, Linux, *BSD, Solaris & OS/390 are all equally vulnerable to a lucky shot that causes physical damage to the hardware.
The solution? Either multiple computers, or a distributed OS that can continue to run processes even while individual units are failing.
'Nuff said.
Geoff
Re:It's interesting to note... (Score:2)
When you look at systems other than PCs used for standard office applications, there is a wide variety of hardware and operating systems in use, including open source operating systems.
Re:It's interesting to note... (Score:2)
Wrong. There are large numbers of PCs running NT at NASA, although Windows 9X is probably more common on desktops. The standard PC desktop software package is Windows 9X/NT, Microsoft Office, Netscape and Eudora.
Sheesh (Score:2)
Re:GPL Does permit non-distributed modifications (Score:2)
If you make some chages and distribute that modified version to some people, you must also make the patch/full source available to them... but nothing requires to make this available to other people.
So, DoD may make changes, distribute it to Navy/... and only distribute the patchs to these, thus, not releasing the modified version/source to the public.
Military and Linux (Score:2)
This was back around 1993. I remember it well because I set it up at our base.
I guess as long as everyone stays quiet about it, then it is ok, right? *nudge* *nudge*
Gov't/Military likes to dictate requirements (Score:2)
This is also true of software. Why use COTS when you can spend another couple hundred K and get 2 extra features?
Maybe if Red Hat starts a GSA cu5t0m m0d division, that will satisfy their needs.
Re:Sheesh. (Score:2)
Ever run an NT shop? You don't just apply service packs or upgrade to the newest version 'just because it came out'. You do it when it is necessary to maintain your level of service, or to fix security reason.
And you'll get a whole lot more detail out of linux than you will any other OS.
We're talking large servers here.. why on earth would you 'want to upgrade because a new version is out'.
Re:GPL Does permit non-distributed modifications (Score:2)
There was a situation like this with some guy modifying Doom GPL code (or something like that, I forget the exact situation).
Re:Sheesh. (Score:2)
First of all, at least with Free software it is possible to audit the source, whereas with proprietary software, it probably isn't. That's advantage #1.
Now, of course most users don't have the time or technical knowlege to audit source code themselves. So? The point is, as long as some people do, and if, as a responsible system administrator, you keep track of what they find, you get the benefit of their work. With Free software, many, many people have the source and some of them will audit it.
On the other hand, makers of proprietary software don't usually search for and correct security problems until they have already been found, and often exploited. Very few people have the source so it is unlikely to be audited. That's advantage #2.
Even better, a bunch of companies and/or government departments could form a consortium to fund auditing, and all share the results. With proprietary code, that would be extrely difficult. For example, I'm sure that the US Navy has access to the Windows NT source code, but so what? As you point out, they may not have the time or expertise to really audit it. And even worse, they can't easily form a community group to support auditing, because everyone would have to have access to the source, and Microsoft just isn't going to let that happen. Advantage #3 for Free software.
Finally... you claim that Linux is riddled with major security problems. Well - that's a questionable assertion. Furthermore, it is common knowlege that NT is worse, despite the fact that Linux ships with far, far more capabilities than NT does. Don't believe me - just check BugTraq. But don't make the mistake that Fred Moody did a couple of weeks ago, [slashdot.org] and add up the numbers wrong. That would be really embarassing.
Torrey Hoffman (Azog)
Can't use it, though (Score:2)
And, interestingly enough, one of the things on the Air Force's checklist to secure an NT server is to disable the POSIX subsystem. It is apparently a security hole pretending to be a kernel component.
So, the DoD mandates that you have POSIX, but also mandates that you not have POSIX.
Everybody got that?
And in the wider view... (Score:2)
Pretty much. Taking a look at the big picture, it pretty much comes down to one thing: The DoD loves paperwork. They thrive on it. Whether or not the product you're choosing actually works or not doesn't matter, as long as it has all its certification paperwork. This isn't likely to change any time soon.
This tends to conflict with the open, rapid, community-effort, bazaar [tuxedo.org] style of development. The rapid revs and loose organization don't lend themselves to certification. Even if they did, most certs require you to retest for every change. Since many of Open Source's strengths stem from the rapid revs, this makes things difficult.
And, yes, I realize that you could "freeze" a particular distribution, certify it, and then rev less often. But again: Taking full advantage of Open Source means you have to accept rapid revs.
This isn't to say things are impossible, or that we should give up, or anything else. I'm just pointing out a source of conflict.
No, it IS real (Score:2)
--
Re:Linux probably wouldn't be any worse than this (Score:2)
[1] The reason that the Navy used NT was that federal law states that they must go with the lowest bidder. They had specified POSIX-compliant, because they wanted a Unix system. Well, NT is technically POSIX-compliant, so some !^#*$ company put in the low bid with NT as the underlying OS. If this ever causes any problem in battle, I'd like to see every single one of them shot. What sort of inept moron would put NT on a piece of vital equipment?
Hell, we don't even allow NT in our DMZ...
Re:NAvy dUmMies (Score:2)
[1]Surface Warfare Officer, i.e. the most numerous branch of Naval officers
Re:Linux use in the US Army (Score:2)
I've seen Linux used in the Army to do things that were just not possible with M$ products, cost being a BIG factor. With all the cutbacks with the military budget, it's just not possible for units to spend several thousand dollars on software. Or the several thousand dollars on licenses. When people (i.e. officers) are shown how flexible linux is (not to mention free), it's not uncommon to hear them make suggestions to problems by saying, "Well, can't you just download something off of the internet?"
Open Source the best thing to happen to DoD? (Score:2)
Obviously, you would still have your screening process which would involve an intense security code-review. Not really a problem.
I think in the end, you would still have a linux.mil distribution, but it could track current development MUCH faster than with any other OS. The real trick would be convincing the pencil-pushers that contributing their security fixes back to the projects would be a good thing. Everyone who has had to maintain such a thing knows that you don't want to be stuck maintaining even a 5-line patch over more than 1 or 2 versions of a large piece of software, but most of the people setting policy have never had to do that.
The thing that's going to kill Open source software usage is, though, is the people who think that any program written under Linux must be GPLed. Even *BSD ships a lot of GPLed software, and thus hackles get raised. Someone needs to take on the role of championing GPL PR. I don't mean this is the sense that the GPL should be pushed over the *PL of the week, but that the misunderstandings about what the GPL means should be countered.
Re:perhaps... (Score:2)
-
POSIX compliant means it's been certified as such. That means that people have to audit the code and suchlike.
You get your code audited, you get a pretty certificate to hang on the wall, your code is certified POSIX compliant. The code does not change. It's not like, before the audit it wasn't compliant to the POSIX specification, but after the audit it is. The code does not change. Either yout code is compliant to a set specification or it isn't. All the auditing in the world won't change this.I'm sorry if I sound a little flamey, but what the hell.
G
Re:perhaps... (Score:2)
- Still, Torvalds had high ambitions. He was writing a toy, but he wanted it to have many, if not all, of the features found in full-strength UNIX versions on the market. On July 3, he started wondering how to acomplish this and placed a posting on the USENET newsgroup comp.os.minix, writing:
- Hello netlanders,
Linux has been POSIX compliant since it was a hack project in Minix. But compliant and Has-Paid-Us-Lots-Of-Fees-And-Is-Certified compliant are two very different things.Due to a project I'm working on (in minix), I'm interested in the posix standard definition. Could somebody please point me to a (preferably) machine-readable format of the latest posix rules? Ftp-sites would be nice.
G
Ooopsie. (Score:2)
It doesn't really make a lot of sense in this thread.
Sorry.
G
Re:perhaps... (Score:2)
-
Wrong. Linux has aimed to be POSIX compliant. It's close enough that most people won't notice, but until someone has poured over it, you can't be sure.
You boldly state that I am wrong, but you do not go on to back this statement up.Compliance to a specification is like a scientific hypothesis: you cannot prove it true, you can only prove it false, by finding an example where it fails.
Going through the rigourous POSIX compliance tests is like testing a scientific hypothesis, and you can understand why many scientists would choose to not accept a theory as being valid until is has been scientificly tested.
But the mere fact that a scientific hypothesis has not yet been tested does not mean that the hypothesis is not in fact correct. And just because Linux has not been tested to ensure that it implements the POSIX spec. correctly, does not mean that it does not actually do so.
(POSIX compliant) != (certified POSIX compliant)
It is possible that there is a fault in Sun's implementation of POSIX in Solaris. Testing cannot possibly hope to check every possible combination of variables. It is possible that the Linux implementation is absolutely perfect. Having Linux tested would be nice, but is pretty impractical for an OS growing and changing so quickly.
Linux has not been put through the standard set of POSIX compliance tests, but the set of functions that are required by POSIX are put to test by millions of machines every day. I have not heard of there being any known faults in Linux's POSIX compliance. If you know of any faults in Linux state them. Otherwise, you do not flatly state that Linux is not POSIX compliant, as you do not have any evidence to back this statement up.
G
Re:Shall I repeat myself? (Score:2)
-
The plural of "anecdotal evidence" is not "data."
True, but it is now you who is doing the pedant-stylie hoop jumping.What does an OS have to do to be compliant with the POSIX spec.? It has to support a variety of functions, e.g. fork, and implement them correctly. How many times do you think that the fork instruction has successfully executed on Linux boxes around the world, in the time you have been reading this post? Are you actually suggesting that the fork instruction is not correctly implemented, or are you just playing word games?
There are two ways that you can really test code. Check it in theory, by independant code review, and check it in practice, by running test data through it. I would suggest that:
-
The core of the Linux kernel is constantly under a far higher level of scrutiny than I'm sure would be necesary to complete the POSIX certification process. Many eyes make bugs shallow. And opensource software has a lot of advocates in academia - very intellegent and experienced computer scientists.
-
No testing process can test every every possible combination of variables. Linux is being put through its paces live on a hell of a lot of machines around the world, and is passing the test. Data? No. But a lot of anecdotal evidence.
Anyway, although it carries less wieght, "anecdotal evidence" is a form of data. I [personally] have no firm evidence at all that there is such a thing as gravity. I haven't performed any tests. I only have anecdotal evidence that I cannot fly. But I have a hell of a lot of evidence - experience from every day of my life. This is not proof, but then nothing can ever be proven, only disproven. It is firm enough for me to choose not to jump off tall buildings.I believe in gravity until someone demonstrates otherwise, and I believe that Linux is POSIX compliant until someone demonstrates otherwise.
Smile,
G
compromise FUD (Score:2)
Anyone can hack Linux but they can't force you to run their version. The official kernel and distros are the ones you'd stick to and are probably safer in terms of scrutiny, just look at the recent MS "netscape programmers are weanies" debacle. A security hole (back door!) right there in the proprietary closed source system.
As usual the security issue is FUD. Any security expert knows that security through obscurity is no security.
Re:The DoD is above the law, the law is above GPL (Score:2)
But since the GPL only applies if someone redistribues or sells the software, this probably wouldn't ever happen. I mean, why on earth would the DoD redistribute the software with their changes in it. According to them, that would probably be a threat to national security.
Though, the government has been known to do shadier things than sell software and break a public licesnse to raise a buck or two...*shudder*
Re:Linux probably wouldn't be any worse than this (Score:2)
First: This article is dated 1998. Now I know that technology has not advanced that quickly in the past two years but I think that that discounts the idea of the system being a Java app, or a web page [slashdot.org].
Second: The Battleship's hardware system (like the missile launch system for instance) is very likely not going to be a part of the NT operating system hardware list. Ie:
Device Manager:
- CDROM
- Disk drives
- Display adapter
- Hard disk controller
- Infra-red missile tracking
- Keyboard
- Missile launch/guidence
- Monitor
- etc
Therefore the Battle systems are most probably controled through a proprietry software system that runs on top of NT and uses NT for communicating. Bringing me toThird: I find the idea that a Battleship's main system being run by a large number of independant and separate programs is highly unlikely. All the systems would need to be synchronized and interdependant to operate in a realtime enviroment. The missile systems need to get targeting data from the radar/tracking systems etc. This would all work in a combined effort. I would envisage that the whole system would be operated by a central, intergrated master system and the individual controlers (ie human users) would be running a remote client that interacts with the realtime system. A bad bit of data in the master system (an application) could result in the entire system being crippled. At some point in the system, everything needs to be synchroized and that also means that that point is a potential show stopper for the whole system.
This is not a case of someone trying to view dynamic VBScripted content in netscape, and crashing the ship. This is a case of the system (Ships system, not the individual OS) being controlled by a grand application (the battle system) and that application being disabled by bad data. Kind of like when your perl script CGI trys to put text in a number field of your backend database and takes out your entire dynamic website. The operating system is ticking along fine but the system (the web site) is dead in the water.
That said I still think NT is a pain in the a$$. But I would like to condemn it for the the things it is guilty of, not just what I can pin on it based on olympic conclusion jumping. (Hmmm. Demonstraion sport at Sydney perhaps? Where's SOCOG's number.)
Re:Linux zealots are idiots? (Score:2)
Why don't you READ what he is SAYING and apply some critical thinking.. there was one server.. the other "terminals" on the LAN were probably all using that app. The app crashed, the ship went dead, because everything was using that app. The "LAN" didn't really die, but the app that everyone used did. This is the conclusion any rational person (who knows something about computers) would come to after applying non-ideologically colored logic to an article that is -- again to any said rational, computer techie person -- written by a technologically clueless journalist talking to average end users about the incident.
GEEEZ! I know this is flamebait, but I got so mad reading this damn thread..... I can write a shitty app in linux, tie a ship together with a LAN, have the app crash (NOT take down the OS), and you know what? none of those terminals will work there either. Nothing on the ship (computer wise) will work. Does that make linux a shitty OS?
---
Re:Question... (Score:2)
---
Re:GPL Does permit non-distributed modifications (Score:2)
This raises an interesting question about the GPL: if person A modifies GPL code and gives the binary to person B only, can person C complain about it? If not, then what's to stop a person taking GPL code, modifying it, and giving the binaries only to people who are willing to sign an agreement where they promise never to ask for the source code? That would effectively let person A distribute binaries without having to distribute the source code.
Imagine buying a piece of hardware with an embedded version of Linux. When you open the box, you inherently agree to a license. Part of that license says you agree not to ask for the source code.
--
Free Speech for Programmers and New DeCSS Mirror (Score:2)
http://www.goingware.com/decss [goingware.com]
We now return you to your program.
POSIX compliance? (Score:2)
Free or Doesn't Pay (Score:2)
Which is why companies like IBM and HP special GSA notices on all of there software.
Re:NAvy dUmMies (Score:2)
You may laugh about how kludgey those ancient tape drives are, or maybe about the 10MB hard drives the size of washing machines, and yes, they're old and slow. But when the ship takes a missile or torpedo hit, or an electromagnetic pulse, these slow and old systems keep on running. You won't see a BSOD as the clunky old hardware transmits the launch signal of death to the missile launchers.
Go Navy! Beat Army!
Yet more DOE Linux usage. (Score:2)
Of course, we're now using Linux for the usual SAMBA and webserver stuff as well.
This link to the Avalon [lanl.gov] system at Los Alamos may be reachable from the outside. I'm inside the firewall right now, so I can't verify if the link will work for the rest of you (it works for me). There is another relatively new Beowulf cluster at Los Alamos, 128 dual processor P-III's, IIRC, named Rockhopper. Sorry, don't have any links for that machine. Some of the folks who put that machine together now work for the TurboLabs division of TurboLinux.
Nice article (Score:2)
It can be summed up like this: "If we used Unix we wouldnt have this problem."
hehehehhe
peas,
-Kabloona
Re:Linux? (Score:2)
Can you just imagines the news?
Reuters: This just in - The US government has decide to standardize it's military computers on an open source operating system developed mostly in Canada. Interestingly enough, "OpenBSD" as they like to call it is based on the work of some computer scientists from the University of California at Berkeley a couple decades ago. Apparently everything the US has to offer pales in comparision when it comes to the security of OpenBSD. An admiral that wished to remains anonymous said, "It's about time those canookies and hippies did something to watch our ass. After all, we've been watching theirs for all these years."
Where's the boundary drawn by the GPL? (Score:2)
One can make a good argument that the answer is 'yes'. When I worked for a U.S. Navy laboratory, we couldn't, for example, get a license for unlimited use of a software package for the lab and then let the entire U.S. Navy use it. There's some point at which you're dealing with a separate entity, even if it's within the overall organization. Perhaps someone familiar with the GPL could elaborate on how it defines the boundaries.
Re:What about Windows? (Score:2)
Windows NT got through the back door via a "Posix subsystem" on the kernel. Using this subsystem you can boot into the Posix subsystem but not use the other Windows NT (2000) features. The Posix subsystem uses programs from such other vendors as Mortice Kern Systems to give it Posix compatibility. DEC's VMS used a similar technique.
But just because an OS has a Posix subsystem does not mean that the applications that run on the other subsystems are Posix-compatible at all. Microsoft Office is not, for sure.
In addition, many computer systems used by DOD are supposed to have a certified level of security--C2, even B1 in some cases. Windows NT did get C2 certification, but only for the NT 4.0 version, not for the 5.0 version many departments bought. This includes both hardware and software in one security level.
No doubt RedHat or VA Linux or IBM or Compaq could cobble together a GNU/Linux or OpenBSD or whatever system and pay the money to have an independent body certify it at the appropriate security level. At least one Posix-certified version of Linux has been released. Then DOD could buy the Linux or BSD OS and hardware from an approved list.
I worked for the Navy as a contractor Unix sys admin. We had on our base about a thousand SCO Unix clients running on Everex-type PCs. The idea of the managers was to dump SCO and go to Microsoft Windows NT. Linux could have been chosen as the client instead of Windows, but it would have to be locked down.
The huge Solaris enterprise systems that ran the base used Oracle databases and ran many old Cobol programs too. It's possible that Windows could run those programs, but they would need a great deal of rewriting. Linux as yet probably doesn't have the beef to run the big Navy RAID systems and databases--but Linux will get there soon. Maybe IBM will port CICS to Linux--it's already on AIX.
The reason for "standardizing" on Windows NT was that it would be "uniform" across the network. A stupid reason, and one that will cost the Navy lots of money. For example, there is no reason to give many of the users a whole Office platform--all they do is enter numbers into a database screen in their job. On the other hand, getting Windows email working right will be a nightmare for such a huge system. The big brass don't listen to the users any more than Billg does.
There are a lot of Linux users in the military, and they would love to talk some sense into the brass on this subject. Government Computer News has been educating them for years. But military brass are the last to regain any common sense.
Re:Sheesh. (Score:2)
It means you have to take responsibility YOURSELF for ensuring that you stay consistant with whatever setup you want.
Is that supposed to be an advantage? What you're saying is that I'm supposed to audit millions of lines of code if I want upgrade to a newer version of RedHat or pick-your-distro.
I don't think it's reasonable to blame the users when a Linux package is released with major problems, particularly major security problems (which, unfortunately, Linux is riddled with).
--
Re:Beware L3g10n$ of h4x00r$ (Score:2)
Seriously, I'd think that national defense might trump copyright?
Re:Progess at the Government level (Score:2)
A valid point, underscored by Toshiba Machine [japanlaw.com]'s, gaff several years ago, of actually selling silent submarine technology to Russia. People [anl.gov] have been executed in the US for less.
Vote [dragonswest.com] Naked 2000
Re:Progess at the Government level (Score:2)
No, no, you got it right, the trick is the Rosenbergs should have:
Contributed in a big way to Ike's campaign
Been incorporated (It wasn't us it was the corporation! Kill it!)
Vote [dragonswest.com] Naked 2000
I work for the DOD and.... (Score:2)
The federal government can't afford to pay compeditive rates to IT professionals. So, they pay lower rates to second-rate employees. These employees aren't smart enough to learn Linux yet. Perhaps in a couple years when Linux is easier to use, the DOD will adopt it.
I personally tried to get my section to convert our web server to Linux, but we're sticking with NT because that's what our people know.
In case you're wondering, I'm planning on quitting once I graduate. Until then, it's good experience and looks good on a resume.
Not surprising... (Score:2)
Re:Unbelievable... (Score:3)
Some inept journalist who says "The system crashed". What does that mean? We had our Oracle server crash the other day, yet at no point was it the fault of the OS(HPUX).
The Oracle server problem caused all the apps on the remote terminals to fail to function as well.
You can go right ahead and call names. You really aren't in a position to do so considering you appear to have very little understanding of system design or how an OS functions in relation to it's applications.
This shouldn't *be* news... (Score:3)
...because the government shouldn't have shackled themselves to such a proprietary system as Windows in the first place.
I mean, I understand that there weren't many open systems back when the DoD, for example, started migrating from MS-DOS to Windows for servers. However, there have always been operating systems where you could at least view and audit the source, if not give it away.
IIRC, AT&T Unix was always fairly "open" in the sense that you could contract with them to look at the code. Somehow I doubt that the government ever got that option from Redmond.
What about Windows? (Score:3)
BTW, there's actually another reason: All gov't computers are required to
be fully POSIX compliant, which MS OS's are not.
"...shall have a POSIX compliant, multi-user, multi-tasking OS [operating
system] that is capable of providing the following services concurrently:
print, file, communications, networking, and database."
I've brought this up lightly at the Dept. of Ed. and people didn't care.
-brian
On Thu, 27 Jul 2000, Przemek Klosowski wrote:
> Government Computer News column by S.M.Ryan:
>
> http://www.gcn.com/vol19_no20a/opinion/2449-1.htm
>
> brings up the topic of a Federal Acquisition Regulation Council rule,
> known as the 'blacklisting rule', that requires the government to
> do business only with vendors that it finds 'responsible'. He writes:
>
> The proposed standard remains the same: no finding of
> responsibility for vendors with "an unsatisfactory record
> of integrity and business ethics." But the new proposed
> rule requires contracting officers to rely more on
> objective measures, such as findings or decisions by U.S.
> courts, administrative law judges and boards of contract
> appeals.
>
> Could some enterprising contracting officer therefore
> conclude that Microsoft, the world's largest software
> company and a major seller to the federal government, has
> an unsatisfactory record of integrity and business ethics
> based on Judge Thomas Penfield Jackson's detailed ruling?
>
> I think the answer is yes.
>
> If this comes to pass, it would be quite explosive, and would
> certainly be a good argument for the Supreme Court to decide the
> Microsoft case quickly.
>
>
> p
>
>
> NB for the legal eagles among us, I think the crucial passage is 52.209-5 (D),
> page 40833 of Federal Register Vol. 65, No. 127, Friday, June 30, 2000
> and can be obtained via http://www.arnet.gov/far/ProposedRules/99010.pdf
>
--
Brian C Merrell
merrell@tux.org
Sheesh. (Score:3)
'Anyone can modify it' means two things.
1) The source is available
2) It's LEGAL to modify it.
Nothing more. It doesn't mean that 'anyone can walk into your installation and 'modify' your stuff.
It means you have to take responsibility YOURSELF for ensuring that you stay consistant with whatever setup you want.
Is it NT's fault? (Score:3)
sheldon wrote:
Do you include yourself in this list?
While it is true that a typo killed the application, the application killed, not just the computer it was running on, but all of the computers needed to run the entire ship.
Now, is that an application error or a system error? Who knows? I wouldn't think that an error in a single application would be able to take out an entire LAN, or even the computer on which it was running without some help from the underlying operating system.
That is why I am dissatisfied with the explanation that the error was an application error and the implication that it would have happened under any operating system.
Its already in use here and there. (Score:3)
This is very informative! (Score:3)
WWJD -- What Would Jimi Do?
Re:Linux probably wouldn't be any worse than this (Score:3)
It givesa a whole new meaning to core dump.
The warp core, she's dumping all over me cap'n, she can't take much more, she's gonna blow!
Mostly POSIX (Score:3)
Best quote in that article (Score:3)
I can see it now.
[Primary system failure]
BSOD- Divide by zero error
[Switch to backup NT systems]
BSOD- Divide by zero error
[SDIW- Ship Dead In Water]
Commander: "What the... Fucking Windows NT! Get Bill Gates in here."
[Bill Gates enters]
Commander: "You told us SP6 would be more stable, faster and have better failure protection."
Bill: "It does, it's over 400 times less likely to.."[BLAM, Commander blows his head off]
Yes I shamelessly stole this scenario from the Southpark movie.
Steven
Re:Linux? (Score:3)
"Hi, Bob, How's it going?"
"Oh, Pretty good, yourself?"
"Can't complain, got a new DSL, just trying it out."
"Nice, what are you looking for?"
"Oh, just the usual, some prOn pix of the Joint Chiefs."
"Look on
"Thanks! Catch ya later, dude!"
"No prob, say 'Hi' to 31337 7rO11 8OY for me."
Vote [dragonswest.com] Naked 2000
Some thoughts... (Score:4)
Linux vs Goverments (Score:4)
- avoid backdoors intentionnally placed by the software manufacturer (code can be checked for backdoors). Think of a world where Microsoft keep the US Government in hostage "you stop pissing us off with those anti-trust trials or whe shutdown all your NT system...". And, with the UCITA, they could even have the right to do it !!! Not speaking of information leaks (spying) by the various backdoors (or data corruption ?) Risks from a closed-source system are far to high or governments !
- vendor independance. Think of the case here Microsoft stops to make MS Windows products. All updates stopped, no more bugfixes, no new licences for the new machines to be incorporated in the network, no new-hardware support,... If that ever happens, the system would have to be changed fast, involving many costs (reinstallation, porting of in-house programs to the new environment, buying of replacements for some programs,...) Such a transition would be very disruptive if it has to happen from one day to the day after.
Beside this, the availability of sources is very interresting for military purpose. It allows them to put in their own modifications to harden the security, to cut off unneeded parts (to avoid the security problems into these parts), to hardcode some usually dynamically fixed values (IP address of the NIC for example),... many advantages not provided by MS Windows.
Correct link... (Score:4)
--
*Condense fact from the vapor of nuance*
25: ten.knilrevlis@wkcuhc
Who cares? (Score:4)
The ones in charge clearly don't have any clue whatsoever.
Besides, do you want free software considered to be vital military equipment? That's kind of a scary thought. A little close to the "munitions" argument over encryption software.
---
Despite rumors to the contrary, I am not a turnip.
Linux use in the US Army (Score:4)
Don't let the hoopla fool you. The US Army currently uses Linux as the OS for their Warlord Notebook Intelligence Analysis System.
It is a light weight, cost effective counterpart developed by Mystech Software (later Sterling Software and now I have no clue) to compete against ILEX's All Source Analysis System - Remote Work Station (ASAS-RWS or just RWS for short). The RWS sits on Sun architecture and Solaris 7. The RWS code from ILEX really sucks too.
So, Mystech/Sterling developed the Warlord Notebook using Government Furnished Information (GFI) derived software and MySQL on top of Red Hat 4.2 initially before migrating to Red Hat 5.0 and then 6.0. It was cheaper (by far... as in free! The Army only had to pay for contract support and that was even optional) than the RWS system which was proprietary code from ILEX (which sucked), Oracle 7i (which rocked but at $2k per licence) on top of Solaris and were forced to accept support contracts. The system proved to work so well that some units dropped their RWS's completely for Warlord notebooks. There are a few other factors involved in that as well (such as a laptop notebook vs a Sparc pizza box and monitor... what a weight difference!) and it was generally liked by the users (unlike RWS).
But... money and politics play out and at last word, ILEX was gaining the upper hand again and Warlord Notebook was going to phased out. Not due to performance or cost, but due to the fact the Dept of the Army had spent SOOOO much money with ILEX that they didn't want to throw it away.
It's a crying shame.
I don't drink because I have to, I drink to stop the voices in my head!
Its the local DAA that is the real issue (Score:5)
I had to jump through more hoops just to get Perl installed on a few systems that we were using for development work. These were for systems that were not connected to anything outside of the room that they were in (they were classified, but only at the 'secret' level.
The argument being that all 'freeware' is not permitted by USAF regulations. The problem was that the regulations were talking about binary only distributions, not source code. I had fun pointing out that the main AF Publications web server (the one that holds all of the regulations) was running on apache and linux
I eventually got around the problem by purchasing the O'Reilly Perl resource kit, so it was now 'purchased COTS (commercial, off the shelf)' software, and that is ok. I could sit at home, burn this stuff to CD's and sell it to the government for a ton of money... That was ok, but I could not download it for nothing. Your tax dollars at work.
Like I said, this will vary widely from location to location depending on the local DAA and what they are willing to accept the risk for. Unfortunately, most DAA's are GS-14 or 15 (top of the civil service management ladder) and lifetime civil service employees, and thus do not have much real world experience or knowledge.
But anyway, I'm much happier now as a consultant for internet startups where OpenBSD and OpenSSH are accepted. Now I can do my job and really secure the systems
DARPA Interest in Linux (Score:5)
Parts of this system, probably significant ones, will make their way into fielded systems in the next ten years. Also, there are a great number of DARPA research programs that involve Linux. In other words, the *future* military systems are being developed *now* under Linux.
It isn't big yet, but I'm willing to wager that because of today's research, the next generation of military software will be Linux based...
Beware L3g10n$ of h4x00r$ (Score:5)
Is anybody else tired of hearing this? "Linux isn't right for us, because of all the hackers out there that will crack our machines". I was with them through POSIX, Motif (God knows why), NFS and CDE, but they lost me at posting the source online. As if /usr/src was openly accessible over the network by default.
Isn't part of the Open Source Creed the Right to Fork?
Mebbe someone with better GPL knowledge can say whether or not the DOD would have to release the source if they made modifications to the kernel to make themselves happy.
Or, I suppose, they could go with FreeBSD, and use the BSD license.
DOE uses linux (Score:5)
I work as a sysadmin at a DOE facility. We recently decided to include Linux on our unix supported system list, set up a program to buy linux boxes, and started getting a lot of interest. For the stuff we do, a $5k linux box will equal the $30-50k suns and sgis. Before you freak and say I am wrong, it works for us. For our applications. Most of our stuff does not have a 64 bit requirement, so that's not an issue. Basically, we just found what we needed to integrate into our environment (shared filesystems, main applications, etc), made sure our config stuff was cross-platform (PERL is the language of the gods), and put it up. We now have guys who can do work on a $10k machine (including a huge monitor) that would normally have required a $80k machine before.
Linux is breaking the paradigm. Scientists jsut like to see the numbers. You say, "Benchmark this box vs your workstations". They are shocked with the results. For the longest time, sgi and sun (and to a lesser extent hp, but I still love PA-RISC) dominated the market for a reason. Then, more recently they dominated the market because of reputation and past.
Face it, it's hard to beat an x86 cluster for computationally bound tasks for the $$. As a desktop, a $5k x86 box is _insanely_ fast. _INSANELY_. Ask any of my scientists that say "Hey, can I borrow your box to run on? It's just faster than this *insert traditional unix box here*".
Linux? (Score:5)
If the gov does use Linux widescale, I would think they should scrutinize all the distros, and come up with one STRONGLY suggested one so all machines will be compatible and fixes can be applied everywhere at once.
"relaxing the requirements for POSIX compliance" (Score:5)
Well, okay, you can have Motif.
---------///----------
All generalizations are false.
Linux probably wouldn't be any worse than this (Score:5)
NT Cripples Navy Cruiser [infowar.com]