Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Linux Business Operating Systems Software Security Linux

Green Hills Software Decides Linux Isn't So Bad 198

An anonymous reader submits a link to this report on LinuxDevices.com, which begins "An outspoken open source detractor has paid Linux a back-handed compliment. Green Hills Software (GHS), known for diatribes against Linux in military/aerospace applications, is shipping 'Padded Cell technology' intended to enable the company's proprietary real-time OS to take advantage of the wealth of Linux application software." You may remember GHS's Dan O'Dowd, who's claimed that the embedded Linux Tools Market is a myth and that the open source nature of Linux makes it a threat to national security.
This discussion has been archived. No new comments can be posted.

Green Hills Software Decides Linux Isn't So Bad

Comments Filter:
  • My father used to say that only fools don't admit when they're wrong (subtle message, SCO!).
  • by user9918277462 ( 834092 ) on Monday November 29, 2004 @09:52PM (#10949366) Journal
    Has any Linux distro gotten Common Criteria certification yet? Seems like that is the major barrier to large scale governmental/military adoption and not some small-time competitor FUD.
  • For real? (Score:2, Insightful)

    by Anonymous Coward
    Since their other claims seem to be completely made up and bogus, is anyone really sure that their claims now of product compatibility are accurate?
  • by Anonymous Coward
    If there is any threat to national security it is closed source software that is not peer reviewed and comes with the inherent risk of backdoors and vulnerabilities. These day we cannot afford using closed source software anymore. The dangers are simply too high. Open-source needs to be the standard for any type of critical application.
  • by Coryoth ( 254751 ) on Monday November 29, 2004 @09:58PM (#10949408) Homepage Journal
    This should be self evident to anyone. Admittedly the National Security Agency [nsa.gov] bothered to make additions to the Linux kernel to make it more secure, and freely returned their work to the open source community. That just shows that the National Security Agency doesn't know anything about National Security.

    When I'm concerned about National Security I know I trust a random small commercial software company. It would only make sense that they would be better informed about National Security than some lowly government organisation.

    Jedidiah.
    • by Detritus ( 11846 ) on Monday November 29, 2004 @10:18PM (#10949533) Homepage
      NSA's involvement in Linux amounts to a research project. Although I think it is interesting and useful, it shouldn't be mistaken for an endorsement by the NSA.

      I can't think of a single desktop operating system available to the public that is truly security aware, from design to implementation. The architects of Windows NT started out taking it seriously, but security quickly lost all battles to the proponents of compatibility, performance and "more features". OpenBSD is an example of how auditing is necessary but not sufficient.

      • NSA's involvement in Linux amounts to a research project. Although I think it is interesting and useful, it shouldn't be mistaken for an endorsement by the NSA.

        I agree. In many ways it was an attempt by the NSA to demonstrate how security should be done - it wasn't even considered an ideal implementation, but simply a demonstration of the right direction, and that it can be easily added to existing systems.

        At the same time, however, the NSA doesn't have any obvious issues with the open source nature of
        • More likely, the NSA were only appearing to contribute to the Linux kernel, while they were actually introducing subtle and cleverly obfuscated bugs that will allow them to read Osama's email, and tell on him to his mother if he blows things up.
          Also it allows them root access to any Linux running hospital in Saudi Arabia, and they can overprescribe anaesthetics when he next goes in for dialysis treatment.
          /evil> MWA-HA-HA-HA-HA <evil>
          • More likely, the NSA were only appearing to contribute to the Linux kernel, while they were actually introducing subtle and cleverly obfuscated bugs that will allow them to read Osama's email, and tell on him to his mother if he blows things up.

            I know you meant that comment (mainly) in jest, but that accusation has been levelled at the NSA before, when DES was being developed. They made changes to the design of the S-boxes, which, at the time baffled NSA outsiders and left some people suspecting they wer

      • by quetzalc0atl ( 722663 ) on Monday November 29, 2004 @10:59PM (#10949772)
        what you are saying is not entirely true. from the selinux website: "Recognizing the critical role of operating system security mechanisms in supporting security at higher levels, researchers from NSA's Information Assurance Research Group have been investigating an architecture that can provide the necessary security functionality in a manner that can meet the security needs of a wide range of computing environments." this statement clearly says that they picked linux for a reason...i dont know if "endoresement" is the right word. in addition: "Linux was chosen as the platform for this work because its growing success and open development environment provided an opportunity to demonstrate that this functionality can be successful in a mainstream operating system and, at the same time, contribute to the security of a widely used system. Additionally, the integration of these security research results into Linux may encourage additional operating system security research that may lead to additional improvement in system security." sounds like an endorsement to me
      • "OpenBSD is an example of how auditing is necessary but not sufficient."

        Not sufficient for what? Your implication is that OpenBSD is vulnerable, but this appears to be a throwaway comment.

        "The architects of Windows NT"

        IBM, or do you mean further down the road than that?

        • OpenBSD is based on an old architecture, design and code base, that while advanced for its time, is not suitable for a modern, secure operating system. It only looks good because most of its competition is so pathetic.

          Regarding Windows NT, I meant Cutler et al.

        • ""OpenBSD is an example of how auditing is necessary but not sufficient."

          Not sufficient for what? Your implication is that OpenBSD is vulnerable, but this appears to be a throwaway comment."

          Wow BSD fans are a sensitive bunch. Auditing is necessary but not sufficient to ensure a secure system. Systems can be compromised by poorly written applications and poor system administration. Microsoft Windows really seems to suffer from both of those issues. That and Microsoft is blurring the application/OS line wit
    • Your comments are bogus. While Green Hill's comments have always been self serving, your comments are no less self serving, and really a bit of a red herring.

      Green Hills is a well known US government contractor, not a "random small commercial software company".

      Of course everything they say is self-serving, but none the less, "random small commercial software company" they are not.

  • Not Exactly.... (Score:4, Interesting)

    by earthforce_1 ( 454968 ) <earthforce_1@y a h oo.com> on Monday November 29, 2004 @10:06PM (#10949454) Journal
    From reading the article, I think Green Hills have decided Linux APPs are not so bad, or at least something they feel they need. I don't think they have changed their position on Linux itself.
  • by zerperson ( 834966 ) on Monday November 29, 2004 @10:06PM (#10949456)
    Seriously people, allowing your OS to run apps from another OS isn't declaring the superiority of the other OS. It is simply a wise business decision. It can, in fact, be interpreted as an insult to Linux, depending on how you look at it. Consider this:
    GHS: "Our OS can now run Linux apps, so you don't have to use crappy Linux"

    This is exactly the same reason they came out with WINE. The WINE devs don't like Windows, so they give you an alternative with WINE. This is the same thing.
  • Linux sucks (Score:5, Insightful)

    by Doc Ruby ( 173196 ) on Monday November 29, 2004 @10:11PM (#10949480) Homepage Journal
    What is the submitter talking about? Saying "Linux sucks", then saying "here's something to run Linux apps that isn't Linux" isn't a compliment, or a retraction. It's emphasis. They never said that Linux doesn't have a lot of apps, or that it's not popular. Just that it's not good enough. And now they have something better.
    • You see, you have to trust that the certs that they've obtained were made by duly authorized auditors AND that they weren't bought, etc.

      You CAN'T be sure of anything- it's just a relative assurance. One that can be achieved with Linux (and has been for that matter...)- this guy at Green Hills Software is blowin' and goin' about all of this.

      His software is allegedly audited from start to finish. If there's an issue or a new feature you need in the mix, you need to pay them loads of bucks to implement it
      • Look, I don't accept their argument that their product is *better* than Linux, or that it even works at all. I'm just saying that their claims, strategy and product are all constent. I take issue with the Slashdot claim that their OS release is a "backhanded compliment" to Linux, therefore somehow hypocritical or contradictory. "Linux" is the OS, the apps run on Linux, they hate Linux, they replaced Linux with an OS they prefer, they keep the apps. Simple and consistent. I personally will continue to prefer
        • ...if you're doing avionics or highly classified systems, you're going to HAVE to have some auditor testing it for quite some time (and not a couple of weeks, either...).

          DO-178b requires certified software if it's involved with something that impacts flight safety. That means if you're flying on any aircraft, military or civilian, that flys in the US territories, if the software isn't DO-178b certified, the plane is grounded unless there's a pressing reason otherwise.
          • Sure, "better" for what, and according to whom are debatable. But we're not debating that in this thread (at least I'm not). I'm debating only whether GH is giving "backhanded compliments" to Linux, or acting hypocritically, or inconsistently in any way. They're not. Including making commercial claims that their product is better than their competition at what they both do: run Linux apps.
    • Not only does he say that but there are these little gems from TFA:

      "Like a padded cell, Integrity PC prevents Linux and other insecure and unreliable software from harming the rest of a system, while also limiting the harm it can do to itself," states O'Dowd."

      "GHS says PCT enables the incorporation of "legacy applications and traditional operating systems, such as Linux," into high-security and high-reliability applications."

      Wicked. I was expecting a good ol' warm fuzzy Linux fanboi article and got a
  • Doublethink (Score:5, Funny)

    by fishdan ( 569872 ) * on Monday November 29, 2004 @10:22PM (#10949563) Homepage Journal
    From the article:
    O'Dowd says his company has achieved a kind of Linux application binary compatibility through technology that enables Linux applications to run under Linux

    When I read things like that, then I understand why I'm only an engineer and not a CEO, because I would NEVER think of using that phrase to try to get my point across.

    • In other news, Fireman_sam says his company has achieved perpetual motion through technology that enables motion to be perpetual. Nobel prize, thankyou.
  • by Anonymous Coward on Monday November 29, 2004 @10:30PM (#10949610)
    Disclaimer: I work for Green Hills Software

    There seems to be some confusion about this product. From what I've seen and heard (I haven't used this product directly yet), it is a method of running linux applications on top of the uber-secure real-time operating system, "Integrity". The linux applcation layer is sheilded from the rest of the system, and possibly from other linux-application layers. It's really more of like user-mode linux than a linux kernel.

    I hope that helps...
    • Green Hills (or its representatives) specifically criticized the "open source nature" of linux. It would seem your product takes advantage of available OSS products. I realize you and your company may have a specific view about security, and perhaps are only considering security, but I'm afraid you've burned some bridges by showing such disdain for the work of dedicated individuals. I hope you publicly praise the usefulness of open source apps as ardently as you criticize the "flagship" OSS product, linux.
      • by Anonymous Coward on Tuesday November 30, 2004 @12:56AM (#10950308)
        It's me again (the guy who works at GHS as per the grandparent of this post. I don't have a /. account)

        I don't feel that there is a "distain" for the work of the dedicated individuals who have worked on Linux. We offer development tools that can develop on and for Linux (as well as Windows and Solaris). Many (if not most) of our developers use Linux as the "host" operating system for developing INTEGRITY and MULTI (our compiler/debugger/code-editor/etc...). Linux is a fine operating system for desktop work.

        The concern is that Linux is not provably secure. With INTEGRITY, we can prove security and stability. We have a version of INTEGRITY that has been certified as DO-178B Level-A compliant, which means that it can run critical systems on airplanes. To achieve this, we had to make the kernel completely deterministic, and test and document every line of code. There is no dynamic memory allocation at the kernel level (no malloc()), there kernel never turns off interrupts, even when in an interrupt handler (granted, a processor usually turns interrupts off when an interrupt fires, but we turn them back ON at the earliest opportunity). You cannot say these things about Linux, and thus it is less fit for safety or security-critical systems.

        Lastly, in response to some complaints I have seen previously, Green Hills does offer the source to INTEGRITY to paying customers. There have been complaints that no one could trust INTEGRITY because they don't have the source code to it. These complaints are unfounded. Customers are free to examine the source and modify it to their wishes, and many do.

        • Going slightly offtopic: Do you need special training or certification to develop or modify DO-178B Level-A compliant software? I've wanted to get into avionics development for a while but there is not a lot of information out there about the actual guidelines that isn't hidden behind "seminars".

          BTW MULTI is a really nice compiler/debugger. I've got lots of interface suggestions though if anyone at GHS is interested in listening :)

        • Thank you very much for the informative clarification.

          There is obviously a need for products like Integrity.
          Being able to run Linux apps is just the topping on the cake.
        • The comparison is not a valid one, as the operating systems are designed for entirely different purposes - stock Linux is not even a hard RTOS, and has no requirements or process documentation, which means it's not even a candidate for certification under DO178-B. The claim of Linux being less secure, safe, or stable rests entirely on which version of Linux you are talking about. There are DO-178B Level A compliant versions of Linux on the market, as there are Level A compliant versions of Windows CE and th

  • No news (Score:3, Funny)

    by Uukrul ( 835197 ) on Monday November 29, 2004 @10:33PM (#10949623)
    IBM, the big blue company, decided a long time ago that Open Source [ibm.com] isn't so bad.
    Sun, the UltraSPARC Processors maker, decided that Open Source [sunsource.net] isn't so bad.
    Intel, the 8086 Processor maker, decided that Open Source [intel.com] isn't so bad.
    Munich, Germany's third-largest city, decided that Open Source [usatoday.com] isn't so bad.

    "Microsoft decides Open Source [opensource.org] isn't so bad" will be news.

    • Re:No news (Score:3, Interesting)

      by Nimrangul ( 599578 )
      Sorry to break this to you, but not everyone on that list is really on your side.

      IBM is mostly supporting Linux as a shtick rather than completely backing the system and it's ideals, they are not opening up their code in a great big flood of free IBM software.

      Sun cannot keep it's mind set straight on what it thinks about damn near anything.

      And no, Intel thinks that open isn't so good. It has outright refused requests for proper specs on it's hardware from open source developers that just want to make dr

  • by Maniakes ( 216039 ) on Monday November 29, 2004 @10:38PM (#10949645) Journal
    Green Hills makes devtools and OSs for safety-critical embedded systems. They've been vocally anti-Linux-in-safety-critical-embedded-systems because Linux is a competitor (nothing particularly nefarious, just a company trying to make a case that their product has advantages over a competitor).

    And now they made a compatability layer so their OS can run software written for their competitors' API. This is a change of heart how?

    Especially considering how Green Hills has long had a compatibility layer for their more direct competitor vxWorks.
    • it's grudging acceptance that their own claims "there is no linux embedded tools market" and that "the Linux tools market will die" are patently false.

      they're making a compat layer because their customers are demanding they support nonexistent tools for a dead market. yeah. that's the ticket.
      • Not necessarily. They compatability layer does nothing for devtools (the "there is no linux embedded tools market" article is about a claim that people who are too cheap to buy a 'real' OS are too cheap to buy commercial devtools) - it is so that embedded software originally built to run on embedded Linux will run with minimal modification on Green Hills's "INTEGRITY" RTOS.

        This way, they can go to potential customers who are 'misguidedly' building embedded software on Linux and say "Your OS is TEH SUX, but
        • i have to admit, telling your customers they are stupid sounds like a truly winning marketing scheme to me. i hope they continue it to its logical conclusion.

          at least they havent stooped to threatening customers... yet.
    • And now they made a compatability layer so their OS can run software written for their competitors' API. This is a change of heart how?

      A compatibility layer with something that they claimed was a national security risk? Call the unAmerican Activities Committee, Batman! They must hate their customers to so blatantly risk their security like that. Did they figure all was lost when Microsoft sold their source code to China and the KGB? Or did Green Hills see their market share eroding. Sound like they

      • A compatibility layer with something that they claimed was a national security risk?

        The "security risk" was the possibility of 'bad guys' inserting subtle bugs into Linux that could be exploited on the battlefield. On first glance, I'd call that unlikely but possible.

        The compatability layer allows software written for embedded Linux to run on Green Hills's OS. Thus eliminating the alleged risk (unless Zambian spies break into the Green Hills office and insert bugs in their code). Am I missing something
    • In criticising linux, they have rather strongly criticized Open Source. Perhaps that was a strategic mistake, because much of the available software for linux is also open source. This is a change of heart. Its a shame the article isn't more clear about the conflict. Many of us (especially BSD fans) have long criticized linux, but champion open source and other "free" software
  • compliment??? (Score:2, Insightful)

    by torrents ( 827493 )
    wanting to exploit the popularity of linux and not "giving anything back" is hardly a compliment...
  • I'm a little disappointed with thie original post. The change of heart is about open source and the "free software" that runs on linux. Green Hills specifically criticized the open source nature of Linux. I think its pretty clear that much of the linux-compatible apps available are open source. They could have made many other criticisms of linux, but they specifically attacked OSS, and now, perhaps grudgingly, accomadating demand for it.
  • by dmh20002 ( 637819 ) on Monday November 29, 2004 @11:21PM (#10949873)
    Jerry whats his name of Wind River/Vxworks frequently issued anti-Linux screeds, but suddenly stopped about the day before Wind River announced a Linux product.
  • national security (Score:5, Insightful)

    by potpie ( 706881 ) on Monday November 29, 2004 @11:25PM (#10949899) Journal
    With all bias aside, doesn't it make more sense to run important government systems with open software? Open software can be changed as much as they want; it's not like they're buying the latest Mandrake pack from CompUSA and popping it into the super-mega-warhead-doomsday-computer's cd drive.

    The very last thing I'd like to know about would be the government placing a tech support call to a company that only sells them proprietary software. I find that somewhat unsettling.

    But I'm not an expert; are there advantages to using code you can't see or modify to run government computers?
    • GHS will allow paying customers access to the source; for things like DOD projects, where there are certain certifications required to use software, opening the code and *documenting every single line* is a prerequisite.

      The advantage to using the sort of OS GHS really sells for embedded computing is that their OSes are provable in many senses - deterministic, etc. Windows and Linux are not. GHS isn't trying to compete with desktop Linux; their product isn't capable of that. They are, however, competing
  • by xtermin8 ( 719661 ) on Monday November 29, 2004 @11:27PM (#10949906)
    BSD users, and perhaps we can include Apple OSX users among them, have made valid criticisms of linux for a long time now. None of us have sunk to the depths of declaring linux a threat to national security because it is open source. It is perfectly reasonable to act as Green Hills Software has, in providing a compatibility layer. The irresponsible public statements they have made is another matter.
  • "I'm not so bad once you get to know me".
  • by strlen ( 117515 )
    Somewhat reminds me of a local tech paper's editor. Back in 1997/1998 he wrote a rather angry, extremely ignorant and mocking reply to a letter to an editor which spoke about Linux, mocking Linux as being old technology and of no use (and for the letter writer's gall to criticize AOL!).

    Then, I remember in about 2001/2002 he was waxing poetic about Linux and answerting Linux questions right and left.

    That's of course about the time I went to BSD (in situations where it isn't masochistic), hype serves no pur
  • The Australian OSDC http://www.osdc.com.au/ [osdc.com.au] is being held in Melbourne over the next three days. During this conferenence there is a paper discussing Mr O'Dowds comments over the last few months. This back flip just adds weight to the arguments to be presented at the conference. It feels good to be vindicated.
  • by rfc1394 ( 155777 ) <Paul@paul-robinson.us> on Tuesday November 30, 2004 @06:38AM (#10951318) Homepage Journal
    I thought that Dan O'Dowd's EE Times article [eetimes.com] was rather heavily pushing about why he felt Linux was inadequate for use in hard real-time applications, as if he was trying much too hard to argue the point.

    I thought that he was trying too strongly to make the case that those that want to use Linux for real-time applications will not buy tools and those that want better performance for hard-real-time will not choose Linux.

    It is also obvious that a general-purpose operating system is not going to work as well in a real-time environment as one specially designed for that purpose. It's the reason why, for example, if you are an organization that wants a system to break encryption keys fast, you build a special-purpose machine that includes hardware designed to do quick computations of prime numbers, not commodity hardware with lots of extra features you don't need and won't use, that slow down the primary purpose of breaking codes.

    He seemed to be arguing the point far too strongly, as if he had a hidden agenda. Okay, presuming his argument is valid, so what if Linux as a general-purpose O/S is not as good at handling hard-real-time as a specially designed one? He could have argued that in about 1/5th of the space his article uses. What is also interesting is, despite all his talk about how bad Linux is, he seemed to ignore examples [linuxdevices.com] where Linux is considered good enough for real-time use in many cases, and was unable to mention any alternative which might be better, such as some open-source alternatives that have been mentioned here [redhat.com] on Slashdot [slashdot.org].

    I had a suspicion but I wasn't sure. And now it's clear: his company sells real-time operating systems in competition with Linux. So he claims Linux is not good enough. Where [theregister.co.uk] have [microsoftmonitor.com] we [zeropaid.com] heard [forbes.com] this [silicon.com] before [microsoft.com]? :)

  • Just amazing how money can change someones tune...Wait for a couple more years or so and he'll be praising Linux...And denying he ever said anything bad about it.

    StarTux

Any sufficiently advanced technology is indistinguishable from magic. -- Arthur C. Clarke

Working...