Green Hills Software Decides Linux Isn't So Bad 198
An anonymous reader submits a link to this report on LinuxDevices.com, which begins "An outspoken open source detractor has paid Linux a back-handed compliment. Green Hills Software (GHS), known for diatribes against Linux in military/aerospace applications, is shipping 'Padded Cell technology' intended to enable the company's proprietary real-time OS to take advantage of the wealth of Linux application software." You may remember GHS's Dan O'Dowd, who's claimed that the embedded Linux Tools Market is a myth and that the open source nature of Linux makes it a threat to national security.
Good (Score:2)
Comment removed (Score:5, Funny)
Re:Good (Score:2, Flamebait)
Not Good (Score:2)
My mom warned me that asinine people often change what they say without admitting anything. I don't see any apology or retractions, do you? It is indeed foolish to act that way because people remember.
Speaking of government contracts (Score:3, Informative)
Re:Speaking of government contracts (Score:5, Informative)
Re:Speaking of government contracts (Score:3, Informative)
http://www.asia.cnet.com/news/software/0,39037051, 39177648,00.htm
Re:Speaking of government contracts (Score:2)
Re:Speaking of government contracts (Score:2)
EAL3 is just about the bare minimum the likes of the UK police will accept without good reasons (e.g. there's no EAL3-approved product in a given category, and having something is better than nothing).
--
Re:Speaking of government contracts (Score:2)
EAL3 is considered good enough for medical records, though, apparently.
--
Re:Speaking of government contracts (Score:2)
Re:Speaking of government contracts (Score:2)
Yes but to quote a Pentagon official: "We don't use that German crap!" Ironically enough if you change the word "German" to "proprietary" and you have what is rapidly becoming the German position on using Windows.
Yes: SuSe and RedHat, maybe Mandrake (Score:2)
For real? (Score:2, Insightful)
closed source is the real threat (Score:2, Interesting)
Open Source is a threat to National Security. (Score:5, Funny)
When I'm concerned about National Security I know I trust a random small commercial software company. It would only make sense that they would be better informed about National Security than some lowly government organisation.
Jedidiah.
Re:Open Source is a threat to National Security. (Score:5, Insightful)
I can't think of a single desktop operating system available to the public that is truly security aware, from design to implementation. The architects of Windows NT started out taking it seriously, but security quickly lost all battles to the proponents of compatibility, performance and "more features". OpenBSD is an example of how auditing is necessary but not sufficient.
Re:Open Source is a threat to National Security. (Score:3, Interesting)
I agree. In many ways it was an attempt by the NSA to demonstrate how security should be done - it wasn't even considered an ideal implementation, but simply a demonstration of the right direction, and that it can be easily added to existing systems.
At the same time, however, the NSA doesn't have any obvious issues with the open source nature of
The open source weapon against terrorism. (Score:3, Funny)
Also it allows them root access to any Linux running hospital in Saudi Arabia, and they can overprescribe anaesthetics when he next goes in for dialysis treatment.
Re:The open source weapon against terrorism. (Score:2)
I know you meant that comment (mainly) in jest, but that accusation has been levelled at the NSA before, when DES was being developed. They made changes to the design of the S-boxes, which, at the time baffled NSA outsiders and left some people suspecting they wer
Re:Open Source is a threat to National Security. (Score:4, Interesting)
Re:Open Source is a threat to National Security. (Score:3, Interesting)
Re:Open Source is a threat to National Security. (Score:2)
Not sufficient for what? Your implication is that OpenBSD is vulnerable, but this appears to be a throwaway comment.
"The architects of Windows NT"
IBM, or do you mean further down the road than that?
Re:Open Source is a threat to National Security. (Score:2)
Regarding Windows NT, I meant Cutler et al.
Re:Open Source is a threat to National Security. (Score:2)
Not sufficient for what? Your implication is that OpenBSD is vulnerable, but this appears to be a throwaway comment."
Wow BSD fans are a sensitive bunch. Auditing is necessary but not sufficient to ensure a secure system. Systems can be compromised by poorly written applications and poor system administration. Microsoft Windows really seems to suffer from both of those issues. That and Microsoft is blurring the application/OS line wit
Re:Open Source is a threat to National Security. (Score:2)
Green Hills is a well known US government contractor, not a "random small commercial software company".
Of course everything they say is self-serving, but none the less, "random small commercial software company" they are not.
Not Exactly.... (Score:4, Interesting)
Re: Exactly.... (Score:2)
Re: Exactly.... (Score:3, Insightful)
Steal? What are they stealing? You can't steal something that is given away! [well, yes you can. You can certainly steal more than your share of soup at the soup kitchen, but in the case of Linux, if you take it from me, I still have it. No stealing possible. And they're not stealing (or even taking) anything anyways.]
As for the resources to write their own apps,
Re: Exactly.... (Score:2)
Wow, sort of like how Linux has WINE? (Score:5, Insightful)
GHS: "Our OS can now run Linux apps, so you don't have to use crappy Linux"
This is exactly the same reason they came out with WINE. The WINE devs don't like Windows, so they give you an alternative with WINE. This is the same thing.
Missing the point? (Score:4, Insightful)
Although, that would really imply an app ca't even easily hurt itself, which is hardly the case. Padded Cell just has a nicer ring than Solitary Confinement.
Re:Missing the point? (Score:2, Insightful)
That was my first thought to. Far from being a compliment, what they're doing now is -entirely- consistent with GHS's previous position.. "Linux is so insecure and dangerous that you should only run it sandboxed in a secure virtual environment provided by a 'real' operating system.."
Linux sucks (Score:5, Insightful)
Better is a debateable thing... (Score:2)
You CAN'T be sure of anything- it's just a relative assurance. One that can be achieved with Linux (and has been for that matter...)- this guy at Green Hills Software is blowin' and goin' about all of this.
His software is allegedly audited from start to finish. If there's an issue or a new feature you need in the mix, you need to pay them loads of bucks to implement it
Re:Better is a debateable thing... (Score:2)
The problem is... (Score:2)
DO-178b requires certified software if it's involved with something that impacts flight safety. That means if you're flying on any aircraft, military or civilian, that flys in the US territories, if the software isn't DO-178b certified, the plane is grounded unless there's a pressing reason otherwise.
Re:The problem is... (Score:2)
More than that (Score:2)
"Like a padded cell, Integrity PC prevents Linux and other insecure and unreliable software from harming the rest of a system, while also limiting the harm it can do to itself," states O'Dowd."
"GHS says PCT enables the incorporation of "legacy applications and traditional operating systems, such as Linux," into high-security and high-reliability applications."
Wicked. I was expecting a good ol' warm fuzzy Linux fanboi article and got a
Re:conversation about green hills (Score:2)
All this whining about GH whining is a ton of BS. Are Linux enthusiasts a n
Doublethink (Score:5, Funny)
When I read things like that, then I understand why I'm only an engineer and not a CEO, because I would NEVER think of using that phrase to try to get my point across.
Re:Doublethink (Score:2)
apparently linux is good enough for some things (Score:2, Informative)
oops, wrong website! (Score:4, Informative)
Think User Mode Linux, but no on Linux (Score:5, Informative)
There seems to be some confusion about this product. From what I've seen and heard (I haven't used this product directly yet), it is a method of running linux applications on top of the uber-secure real-time operating system, "Integrity". The linux applcation layer is sheilded from the rest of the system, and possibly from other linux-application layers. It's really more of like user-mode linux than a linux kernel.
I hope that helps...
Re:Think open source, but not open source! (Score:3, Insightful)
Re:Think open source, but not open source! (Score:5, Informative)
I don't feel that there is a "distain" for the work of the dedicated individuals who have worked on Linux. We offer development tools that can develop on and for Linux (as well as Windows and Solaris). Many (if not most) of our developers use Linux as the "host" operating system for developing INTEGRITY and MULTI (our compiler/debugger/code-editor/etc...). Linux is a fine operating system for desktop work.
The concern is that Linux is not provably secure. With INTEGRITY, we can prove security and stability. We have a version of INTEGRITY that has been certified as DO-178B Level-A compliant, which means that it can run critical systems on airplanes. To achieve this, we had to make the kernel completely deterministic, and test and document every line of code. There is no dynamic memory allocation at the kernel level (no malloc()), there kernel never turns off interrupts, even when in an interrupt handler (granted, a processor usually turns interrupts off when an interrupt fires, but we turn them back ON at the earliest opportunity). You cannot say these things about Linux, and thus it is less fit for safety or security-critical systems.
Lastly, in response to some complaints I have seen previously, Green Hills does offer the source to INTEGRITY to paying customers. There have been complaints that no one could trust INTEGRITY because they don't have the source code to it. These complaints are unfounded. Customers are free to examine the source and modify it to their wishes, and many do.
Re:Think open source, but not open source! (Score:2)
Going slightly offtopic: Do you need special training or certification to develop or modify DO-178B Level-A compliant software? I've wanted to get into avionics development for a while but there is not a lot of information out there about the actual guidelines that isn't hidden behind "seminars".
BTW MULTI is a really nice compiler/debugger. I've got lots of interface suggestions though if anyone at GHS is interested in listening
Re:Think open source, but not open source! (Score:2)
Re:Think open source, but not open source! (Score:2)
Thanks for the info. We have a sales rep so one of these days I'll collect all the good ideas from the team and send it on. I hope nothing gets lost in the engineer->sales->engineer translation train.
Re:Think open source, but not open source! (Score:2)
Thank you very much for the informative clarification.
There is obviously a need for products like Integrity.
Being able to run Linux apps is just the topping on the cake.
Re:Think open source, but not open source! (Score:2)
The comparison is not a valid one, as the operating systems are designed for entirely different purposes - stock Linux is not even a hard RTOS, and has no requirements or process documentation, which means it's not even a candidate for certification under DO178-B. The claim of Linux being less secure, safe, or stable rests entirely on which version of Linux you are talking about. There are DO-178B Level A compliant versions of Linux on the market, as there are Level A compliant versions of Windows CE and th
Re:Think open source, but not open source! (Score:2)
MULTI, on the other hand, makes me want to kill myself. GHS guy, sorry, but that product literally makes me want to die every time I have to use it.
No news (Score:3, Funny)
Sun, the UltraSPARC Processors maker, decided that Open Source [sunsource.net] isn't so bad.
Intel, the 8086 Processor maker, decided that Open Source [intel.com] isn't so bad.
Munich, Germany's third-largest city, decided that Open Source [usatoday.com] isn't so bad.
"Microsoft decides Open Source [opensource.org] isn't so bad" will be news.
Re:No news (Score:3, Interesting)
IBM is mostly supporting Linux as a shtick rather than completely backing the system and it's ideals, they are not opening up their code in a great big flood of free IBM software.
Sun cannot keep it's mind set straight on what it thinks about damn near anything.
And no, Intel thinks that open isn't so good. It has outright refused requests for proper specs on it's hardware from open source developers that just want to make dr
Re:No news (Score:2)
see zdnet artcle here [zdnet.com]
or the slashdot article here [slashdot.org]
Dog bites man. General Franco still dead. (Score:5, Insightful)
And now they made a compatability layer so their OS can run software written for their competitors' API. This is a change of heart how?
Especially considering how Green Hills has long had a compatibility layer for their more direct competitor vxWorks.
it's not a change of heart (Score:3, Interesting)
they're making a compat layer because their customers are demanding they support nonexistent tools for a dead market. yeah. that's the ticket.
Re:it's not a change of heart (Score:2)
This way, they can go to potential customers who are 'misguidedly' building embedded software on Linux and say "Your OS is TEH SUX, but
Re:it's not a change of heart (Score:2)
at least they havent stooped to threatening customers... yet.
Selling out their cusotmers. (Score:2)
A compatibility layer with something that they claimed was a national security risk? Call the unAmerican Activities Committee, Batman! They must hate their customers to so blatantly risk their security like that. Did they figure all was lost when Microsoft sold their source code to China and the KGB? Or did Green Hills see their market share eroding. Sound like they
Re:Selling out their cusotmers. (Score:2)
The "security risk" was the possibility of 'bad guys' inserting subtle bugs into Linux that could be exploited on the battlefield. On first glance, I'd call that unlikely but possible.
The compatability layer allows software written for embedded Linux to run on Green Hills's OS. Thus eliminating the alleged risk (unless Zambian spies break into the Green Hills office and insert bugs in their code). Am I missing something
Re:ugh (Score:2)
You can put it in the contract that everyone who touches the code has to have a security clearance. Not that they do that in this case, but they could. The often do at the application level.
I imagine they will create tons of bugs by trying to make a non free interface layer that will be difficult to write and maintain.
True, but I think the "security risk" alleged was not simply buggy code, but rather well-under
Re:ugh (Score:2)
And you can require CIA [cnn.com] and FBI [cnn.com] officers to have security clearances too. Doesn't mean they're not working for Moscow.
Re:Open source nature of Linux is a threat ! (Score:2, Interesting)
compliment??? (Score:2, Insightful)
Open Source issue, not just a linux issue (Score:2, Interesting)
Following in the footsteps of Wind River (Score:3, Interesting)
national security (Score:5, Insightful)
The very last thing I'd like to know about would be the government placing a tech support call to a company that only sells them proprietary software. I find that somewhat unsettling.
But I'm not an expert; are there advantages to using code you can't see or modify to run government computers?
Re:national security (Score:2)
The advantage to using the sort of OS GHS really sells for embedded computing is that their OSes are provable in many senses - deterministic, etc. Windows and Linux are not. GHS isn't trying to compete with desktop Linux; their product isn't capable of that. They are, however, competing
BSD Rules!- how to critique linux (Score:5, Interesting)
Obligatory Agent Smith quote (Score:2)
Somewhat reminds me.. (Score:2, Interesting)
Then, I remember in about 2001/2002 he was waxing poetic about Linux and answerting Linux questions right and left.
That's of course about the time I went to BSD (in situations where it isn't masochistic), hype serves no pur
Counldn not have come at a better time!!! (Score:2, Interesting)
I thought it was rather heavy handed (Score:5, Informative)
I thought that he was trying too strongly to make the case that those that want to use Linux for real-time applications will not buy tools and those that want better performance for hard-real-time will not choose Linux.
It is also obvious that a general-purpose operating system is not going to work as well in a real-time environment as one specially designed for that purpose. It's the reason why, for example, if you are an organization that wants a system to break encryption keys fast, you build a special-purpose machine that includes hardware designed to do quick computations of prime numbers, not commodity hardware with lots of extra features you don't need and won't use, that slow down the primary purpose of breaking codes.
He seemed to be arguing the point far too strongly, as if he had a hidden agenda. Okay, presuming his argument is valid, so what if Linux as a general-purpose O/S is not as good at handling hard-real-time as a specially designed one? He could have argued that in about 1/5th of the space his article uses. What is also interesting is, despite all his talk about how bad Linux is, he seemed to ignore examples [linuxdevices.com] where Linux is considered good enough for real-time use in many cases, and was unable to mention any alternative which might be better, such as some open-source alternatives that have been mentioned here [redhat.com] on Slashdot [slashdot.org].
I had a suspicion but I wasn't sure. And now it's clear: his company sells real-time operating systems in competition with Linux. So he claims Linux is not good enough. Where [theregister.co.uk] have [microsoftmonitor.com] we [zeropaid.com] heard [forbes.com] this [silicon.com] before [microsoft.com]? :)
Money (Score:2)
StarTux
Re:and... (Score:2, Funny)
Re:GPL: Intellectual Theft (Score:2)
Re:GPL: Intellectual Theft (Score:2)
If you "distribute" GPL'd software, you need to either ship the source with the binary, or else you need to have a written offer to make the source available to *any third party* on request, for a reasonable fee (i.e. to cover media costs).
That said, many large companies consider distribution within the company to not actually be distribution per se. I don't know if this has ever been tested in court though.
Chris
Re:GPL: Intellectual Theft (Score:2, Informative)
Of course, if you were merely building applications on top of Linux then you will have no such problems - this is, I believe, what Adobe do with Acrobat Reader (the linux version is evil but
Do I smell a linux bashing softie liar? (Score:2)
JMHO.
Re:GPL: Intellectual Theft (Score:5, Informative)
Nice troll. This is utter garbage of cause, but it is common misconception so I'll rebut it. Just because something uses a tool doesn't mean it is subject to the same licence as the tool. Firstly, if this were the case, then any document created in an open source word processor or text editor would need to be GPLed which is clearly not the case (and would be dangerous for writing confidential documents). Even if compiling something with gcc made it a dirivitive work (which it doesn't), only the binary would be a dirivitive of gcc, and the source code would be completely unneffected since it is not modified by gcc. BeOS was compiled by gcc for the x86 platform and it remained closed source and propritary with no legal challenges.
One only has to release the source code under the GPL to the people you distributed the binary to.If you keep it wholly in house you only need to give the source code to anyone. If you make it for a single client you only need to give the source code to that single client. Of cause anyone who you give the source to is allowed to pass it on, but it isn't like you have to just broadcast it to the world just because you changed it.
If you are not trolling and have read what I have just said and still don't think its fair, think about this: the program you are modifing was written by thousands of other people, many of them with commercial tasks just like you, and they have let you use their code. If you want to distribute the hacked kernel without sharing your code, how is it fair for the people who have contributed beforehand?
Oh, and if you are not a troll, you really need to get yourself a new lawyer quick, because that lawyer just caused you a lot of wasted time and effort.
Re:GPL: Intellectual Theft (Score:4, Insightful)
No Kidding! Taken directly from a GNU C++ header file:
So... If they don't understand even the comments in C++ code, then why would I believe their statements regarding the superior quality of the rest of their operating system?
Re:GPL: Intellectual Theft (Score:2, Interesting)
Nice fishie. Why did you bite on his fishing plug?
He's moderated down into the mud and you're just encouraging us to click on the 'below current threshold' link to see what he said that riled you.
Re:GPL: Intellectual Theft (Score:2)
Stop modding "Troll" (Score:3)
This is a misunderstanding of the GPL - and there are TONS of misunderstandings of the GPL out there. The answer isn't to mod it out of sight. Instead, correct it. And let it stay visible so other people who have misunderstandings of the GPL can see it and learn something.
Don't just blindly mod down anything that says something bad/incorrect about the GPL. Correct it, and let people see the post and the fac
Re:Stop modding "Troll" (Score:4, Interesting)
not only that, it's a positively ancient troll from usenet, which morons repost repeatedly all over the net:
the original post from 2002 [google.com]
slashdot repost [slashdot.org]
news.com repost [com.com]
the author of the original article in 2002 has quite a history of trolling:
troll history [google.com]
My guess is he now works for SCO.
Battle of the trolls (Score:2)
As a SCO supporter, let me point out that (by incorporating this new interface) the Integrity operating system has become a derived work of Linux (itself a derivation of IBM's AIX and, through it, of SYSV Unix). As such, the system is now owned by The SCO Group. We are, however, offering customers of Integrity a special deal. If they immediately buy a binary license for Integrity from The SCO Group (US$10,000 per pro
Re:That figures, (Score:3, Informative)
RTFA (Score:4, Informative)
Re:It is true (Score:2, Insightful)
"Linux can be a threat to national security because any computer-savvy terrorist can hack it."
no, it can't. that's like saying "a door can be a threat to my personal security because any lockpick-savvy burglar can pick it."
if a burglar were to pick a lock on one of your doors and thereby jeopardize your personal security, it would be he, not the door, who posed a threat to you.
likewise, if a "computer-savvy terrorist" were to "hack" into some sensitive linux system and thereby compromise national secu
Re:It is true (Score:5, Insightful)
Stuff so sensitive that it threatens national security has been stolen and your only concern is your scapegoat.
You work for the government, don't you?
KFG
Re:It is true (Score:2, Insightful)
One does not want to "catch" the people responsible for an exploit. One wants to close it. Accountability is an economic issue (who do we sue), or a scapegoat issue (who's head can we put on the block to prot
Re:It is true (Score:2)
I don't think there's any shortage of people paranoid enough to want to see every bit of source that the government codes :
Re:What I saw when I first clicked on this... (Score:2, Insightful)
Compliment? I think not. What they are saying here is that Linux application software is so insane, that it needs a "Padded Cell" just to be safe.
Re:Compliment (Score:5, Insightful)
Or maybe they just want access to all the linux apps available. It doesn't necessarily mean a change of heart regarding linux; does anyone here think the WINE guys started WINE because they felt that Windows was a better platform? Or that the FreeBSD crew created linux binary compatibility because they thought linux was superior?
Re:Compliment (Score:3, Insightful)
Here's what they said before:
The Linux operating system is developed by an open source process - a cooperative effort by a loose association of software developers from all over the world. With the knowledge that Linux is going to control our most advanced defense systems, foreign intelligence agencies and terrorists can easily infiltrate the Linux community to contribute subversi
I'm no Linux zealot, but... (Score:2)
My immediate questions after reading your post are these: Would trust your life to Microsoft Windows?
From there, it breaks down into to trees:
If so, why? What's the difference between Linux and Windows in your eyes that suddenly makes Windows safe?
If not, what operating system WOULD you trust with your life? What makes it trustworthy where Linux and Windows are not?
Re:I'm no Linux zealot, but... (Score:2)
Re:Not a big deal (Score:2, Insightful)
After taking a peek at your website and blogs (there is a reason I did not want to stay long, and it had less to do with what you were saying and more with the way you were presenting stuff) I get the feeling you haven't mastered Linux enough to use it for your own purposes. As a self-pr