4/28/2004 - Dan O'Dowd, Green Hills Software founder and CEO, issued his second white paper in a series focused on the urgent security threat posed by the use of the Linux operating system in U.S. defense systems, including the Future Combat System and Global Information Grid. Available at http://www.ghs.com/linux/manyeyes.html, the white paper ’Many Eyes’ — No Assurance Against Many Spies” debunks the fallacy that the “many eyes” with access to Linux source code ensure that it is free of Trojan horses or other malicious software.
“Now that foreign intelligence services and terrorists know that we plan to trust Linux to run some of our most advanced defense systems, we must expect them to deploy spies to infiltrate Linux,” O’Dowd said. “The risk is particularly acute since many Linux contributors are based in countries from which the U.S. would never purchase commercial defense software. Some Linux providers even outsource their development to China and Russia.
“The assumption that Linux is safe for defense systems is based on the dangerous misconception that the so-called ‘many eyes’ looking at Linux source code will find any malicious bugs hidden in Linux by foreign intelligence agents or terrorists. This misconception is based on the silly assumption that looking at source code is an effective way of finding bugs.
“Hundreds of bugs that attackers can exploit to penetrate Linux security are identified every year. Many of these critical security bugs have been in the code for years without being detected by the ‘many eyes’ looking at the source code. How can anyone believe that the open source process can eradicate all of the cleverly hidden intentional bugs put in by foreign intelligence agents and terrorists when the process can’t find thousands of unintentional bugs left lying around in the source code?
“Many people believe that it is impossible for any operating system to have no known bugs in security-critical code, implying that no operating system is really secure. But that is not true. There are no outstanding bugs in our DO-178B Level A certified INTEGRITY-178B real-time operating system. This is the true reliability and security that our national defense systems need.”
The white paper reviews the mechanisms that can be used to infiltrate and compromise Linux and its source code and explains why malicious code can easily escape detection. The paper also contrasts the vulnerability of Linux with the designed-in security of Green Hills Software’s INTEGRITY operating system.
The next Linux security white paper in the series, “Linux Security: Unfit for Retrofit,” will be published on May 3. Prior white papers and articles are archived at http://www.ghs.com/linux.html.
About Green Hills Software
Founded in 1982, Green Hills Software, Inc. is the technology leader for real-time operating systems and software development tools for 32- and 64-bit embedded systems. Our royalty-free velOSity microkernel, INTEGRITY RTOS, C/C++ compilers, MULTI and AdaMULTI Integrated Development Environments and TimeMachine debugger, offer a complete development solution that addresses both deeply embedded and high-reliability applications. Green Hills Software is headquartered in Santa Barbara, CA, with European headquarters in the United Kingdom.
Green Hills Software, the Green Hills logo, MULTI, INTEGRITY, velOSity, AdaMULTI and TimeMachine are trademarks or registered trademarks of Green Hills Software, Inc. in the U.S. and/or internationally.
North American Sales Contact:
Green Hills Software, Inc.
30 West Sola Street,
Santa Barbara, CA 93101,
International Sales Contact:
Green Hills Software Ltd.
Dolphin House, St. Peter Street
Winchester Hampshire SO23 8BW,
Tel: +44 (0)1962 829820
Fax: +44 (0)1962 890300
Previous Page | News by Category | News Search
If you found this page useful, bookmark and share it on: