Tux + Linux Items

Help promote Linux and FOSS at the
Sample T-Shirt from the ERACC Cafe Press Store
ERACC Cafe Press Store

Open Source: Why Military Forces Should Use Linux

Why? Because the level of skill required to crack a Unix-like OS is much higher than that needed for a Microsoft OS. Further, properly configured Unix-like systems are much more robust than Microsoft systems. Were Military forces using properly configured and properly secured Unix or Linux systems we would not see items like these below being reported.

I just had a, “What were they thinking?!”, moment while reading this article at ars technica: Computer virus hits US Predator and Reaper drone fleet. First, it is not a “computer virus”, it is a Microsoft operating system virus. Second, using Microsoft operating systems for any critical Military computer systems is just wrong. I know the US Military has specifications for rugged computer systems that must be made in the USA. That makes sense. What does not make sense is the fact that the US Military will accept Microsoft operating systems on its critical, sensitive hardware at this date in time. That is like specifying a bank vault that can withstand a nearby nuclear blast, but allowing the builder to install a screen door for access to the vault. It is just a Bad Idea!

This was a deja vu moment as well. I was following news about Military systems back in the 1990′s and had a similar experience when I read about the US Navy “smart ship” running Microsoft Windows NT … and having a ship killing system failure: Software glitches leave Navy Smart Ship dead in the water. I completely agreed with Ron Redman, deputy technical director of the Fleet Introduction Division of the Aegis Program Executive Office, at the time when he stated:

“Unix is a better system for control of equipment and machinery, whereas NT is a better system for the transfer of information and data. NT has never been fully refined and there are times when we have had shutdowns that resulted from NT.” … and … “Because of politics, some things are being forced on us that without political pressure we might not do, like Windows NT,” Redman said. “If it were up to me I probably would not have used Windows NT in this particular application. If we used Unix, we would have a system that has less of a tendency to go down.”

Actually, after re-reading that, I disagree that NT, or any Microsoft OS, was or is “a better system for the transfer of information and data” when compared to a Unix-like OS. I would use Linux for that too. Especially in a critical Military system like a “smart ship” or a drone control center. Frankly I do use Linux for operational security and the secure transfer of information and data in my own small business. I thank God that I do not have to succumb to political pressure forcing me to use a Microsoft OS for my business. It seems to me, if I can figure out how to implement Linux for my personal and business use, surely the US Military can do the same for its critical systems infrastructure. Obviously some people in the Military “get it” when it comes down to what system is best for critical control systems. Now if only the Microsoft lobbyists can be shut down from affecting the decisions as to what systems are best for the US Military.

Microsoft still makes a decent gaming operating system. But that is about the sum total for which I would agree a Microsoft system should be used. Even there I am agreeing reluctantly only because the majority of current PC game development targets the Microsoft OS.

Hey, US Military folk and US Senators with military oversight, if it has to be from the USA, ever hear of Red Hat Linux? How about the US NSA’s own Security-Enhanced Linux? Perhaps it is time for you folk to rethink the requirements for Military computing systems and make one of these Linux operating systems part of the requirement. Or take the Linux kernel source code and use your own internal Military IT staff and programmers to collaborate and build a custom system just for Military use. Any of these would be a better option than relying on a “known to be owned” OS like any of those from Microsoft. I will be glad to introduce you to Linux if you want to pay me for a Linux consultation. Just sayin’ …

Custom PC from ERACC   Custom Notebook from ERACC

Discuss this article at:

Edit Sat Oct  8 20:57:30 CDT 2011: Due to a salient observation elsewhere, change “pwn” to crack in the first paragraph.

Share

30 comments to Open Source: Why Military Forces Should Use Linux

  • Hi. The Army is well aware of Linux, and I can tell you the commanding general of the Army’s Research, Development and Engineering Command has long experience with Linux and Red Hat. I’ve also talked to some folks at our High Performance Computing lab who are Linux users, both at work and at home. I’m presently the public affairs officer for the command, and I’m posting this from within Arch Linux running on a MacBook Pro (it’s my personal machine).

    All that said, RDECOM does not create every system the Army uses. It works with hundreds of partners in academia, industry and foreign countries to get the best technology for our Soldiers. As you know, we’ve been fighting two wars for quite a while now, and we have a lot of systems using a lot of different kinds of technology. The mission is to get capabilities to the field where and when Soldiers need them. Some do, indeed, use open source software. Some use commercial software. All help make our Army the most technologically advanced in the world.

    I invite you to visit our web site or our blog, http://armytechnology.armylive.dodlive.mil/. We’re also on Facebook, Twitter, YouTube and other sites. Our primary social media guy is in training for a few weeks, so it might be a bit slow, but keep checking back to see what the Army is up to.

    • Hi Joe,

      I was tempted to write “Hi G.I. Joe”, but that would have been trite. ;) Thanks for the comment and the URL. I and others will likely take you up on your offer to follow along on the US Army web log, etcetera. I am not a “social media” kind-of guy, but I will read the occasional blog post. Anyway, keep up the good work. Again, thanks for dropping in.

  • For the record, to those individuals in “the military” who wince at the use of “the military” to lump all divisions together. I am fully aware of the separate divisions of the US Military. I am also aware that many decisions about technology are made in each division separately. I simply contend that no critical military system in any division should be running a Microsoft OS at this time in history. Microsoft has a proven track record of its operating systems being suborned over and over. They should not be used in sensitive, critical systems, period.

    Added later: My curiosity being piqued by Joe from The Army (above), I spent some time web searching for Linux in military hands. I found some articles:

    The Air Force’s secure Linux distribution
    Open-source use goes unmeasured, unchecked“The military branch was already using Linux and other open-source applications in 75% of its divisions, and in half of those, open-source use had already reached mission-critical status.”
    Only one-third of agencies pass the Federal Open Technology Report Card – However the DoD is part of that one-third.

  • I looked around at some of the most stunning (in the sense of disappointing) news about how Windows has produced a major problem and found out one that is pretty saddening cause it involves lives.

    You remember the Spanair plane crash that happened about a couple of years ago in Barajas Airport in Spain? It was reported (or rather, gossiped) that a computer involved in checking the plane had been compromised with malware. After revisiting the information available about the crash, the affected computer is a central node where alarms from planes are processed. If a plane (or a system in a plane) reports 3 alarms, it is sent for revision…. well… this is the system that failed to check for the 3-alarm report which I assume had already been sent from the plane. Had the computer been working correctly, the crash could have been avoided. How about that?

    http://www.elpais.com/articulo/espana/ordenador/Spanair/anotaba/fallos/aviones/tenia/virus/elpepiesp/20100820elpepinac_11/Tes

    Or its translation (thanks go to google… hope the link works):
    http://translate.google.com/translate?sl=es&tl=en&js=n&prev=_t&hl=es&ie=UTF-8&layout=2&eotf=1&u=http%3A%2F%2Fwww.elpais.com%2Farticulo%2Fespana%2Fordenador%2FSpanair%2Fanotaba%2Ffallos%2Faviones%2Ftenia%2Fvirus%2Felpepiesp%2F20100820elpepinac_11%2FTes

  • Al Nonymous

    The original article was published by Wired.com, not ars technica:

    http://www.wired.com/dangerroom/2011/10/virus-hits-drone-fleet/

  • Shawn

    No, they shouldn’t be using Linux. They should b using a real-time operating system. Linux is just no good enough for that application.

    • Mike

      Shawn, will you please share your real-time operating systems?

    • Zac

      Linux does in fact have a real time kernel. I have compiled and used it in dozens of audio applications which require a real time kernel, such as live effects processing and video mixing.

      Since the Real-Time part relies only on the kernel and the application that needs RT status, it is as simple as replacing just the kernel and writing and compiling the application. All other aspects of the operating system (office software, TCP/IP stack, etc.) are the same.

  • I strongly agree.
    Don’t worry for military linux users, they are aware of linux advantages as many combat systems use Red Hat to lead radars, weapons systems, sensors…
    Regarding Debian, it is perfect for remote controlled vehicles as shown in the following website:
    http://paparazzi.enac.fr/wiki/Main_Page
    The drawback is that everybody can use such a system for ANY purpose…

  • WorBlux

    I don’t think that linux is good enough for some of these applications. A formally proven real-time kernel or formally proven microkernel like L4 should be the only sort of systems allowed to touch the bare metal of military weapons. Linux is probably good enough for command and control, and is certainly better than some other popular OS’s.

  • J S

    The problem for using Linux or Windows really boils down to middle and upper level leaders are used to Windows. They know how to get a letter to print and whatnot. It’s all about familiarity, not strategic thinking. That’s how things get set up that way. The switch, whether military command or the local school district, gets bogged down with “well it will cost us this much more for training”. Fear of the unknown holds it all back, which is amazing given their training for courage under fire. How many iPhones are being used by the Divisions now? Somehow the same command avoiding Linux got a “linux-like” phone OS to do what they want/need…

  • 2eurocents

    No they should not use Linux. They should continue using Windows for as long as possible.

  • Podsgrove

    What I think is even more unbelievable than the American military trusting their systems to Windows software is that the Iranians, after building their nuclear plant in the teeth of American opposition, used dodgy American software to control their centrifuges and left themselves wide open to the CIA Stuxnet attack. If ever there was a ‘what were they thinking’ moment ….

  • TPS

    Isn’t this pretty much just people hating Microsoft? Seriously if someone wants to get into a system badly enough then they are going to get into it. If the military uses Microsoft then the attackers are going to write code for that – if they use Linux then they’ll write attack code of that – same with BSD, OSX, etc etc.
    It’s also important to remember that there are some people in the military that are not very technically proficient and it’s advantagous to use an OS that those people are familiar with. I do agree that in some highly critical systems the military should take the time to develop harden software platforms -be it a custom version of Linux, BSD or even Windows. The problem stems partly from the fact that COTS systems are cheaper and easier for the military to acquire and use. The down side is that they are also exposed to all the malware that goes with it.

  • DB

    for a real-time linux distro checkout concurrent’s red hawk linux http://www.ccur.com. They also have an embedded real-time variant.

  • Josh

    Most of this article is FUD. The Older GCS systems used by the Air Force and some of our Allies does have a few Windows systems. Mostly used for mission logs, email, and interacting with web based utilities. The Army has a more advanced version called UGCS, which is Linux based.

  • Joe

    I can’t imagine how could I catch/detect linux malware if get infected… I can only imagine that this could be done only by hardcore hackers, not by us average users.

  • Jake

    First- the United State Air Force has its own version of Linux. It’s called Lightweight portable security. You can find it here.
    Second- it's entirely possible to write viruses or hack ANY OS.
    Third-No where in the article does it actually state they were using Windows.

    • Justen

      It is true that the article doesn’t overtly state that they are running Windows, however the software and tools they mention as being in use to remove the virus are Windows-only; one may assume that they are competent enough to not be trying to using Windows virus removal software in linux, therefore…

  • kzimm

    With nearly 25 years as a software engineer working primarily for the USAF, I can assure you that when I left 4 years ago, the truly critical data was all processed on *nix systems, and had no direct connection to the outside world (internet). Windows was for administrative work and *unclassified* web-based work.

    As for real-time and/or formally-proven kernels, those are actually used where needed. (In the 90s, I was responsible for maintaining the formal proof for a multi-level-secure communication system.) But most of the military’s needs can be easily met with Linux.

  • Tom

    I don’t pretend to have the exact answer, but I do know what to stay away from, and that’s all things Microsoft. They are notorious for rushing products out the door that haven’t been fully tested, not only for functionality, but also for safety. The biggest security breach on your computer is Microsoft OS.

    For the kids doing homework, I would even rather them have a Mac, especially now that it runs a Unix flavor. The only reason MS is so prevalent in the marketplace is because Bill was a marketing genius, and was able to convince so many people that MS was the way to go, even while other companies had far superior products.

    While I agree that Linux is a viable choice for many situations, there are several choices available. FreeBSD was used on many web servers because it is a Unix flavor and it was free, produced right here in the USA.

    With the advent of LibreOffice there is no reason an upper level manager that has no time to learn another office product couldn’t pick up on what to do with this while having his morning coffee. I was amazed at how simple the transition was. And there are other software packages that are equally simple to transition to.

    I cringe at the thought of MS software running on high-profile equipment that involves the safety of our nation. Surely our military branches have more intelligence than that!

  • Justen

    Yeah I loled hard at that article too. I can’t even come up with a response that is not completely flippant and dismissive. There’s just nothing I can say that is non-obvious about how stupid this is, and no way to express the degree to which I am flabbergasted at the idea that something as dangerous as THE CONTROL SYSTEM FOR A ROBOTIC MILITARY WEAPON WITH LONG-RANGE FLIGHT CAPABILITY AND EXPLOSIVE PAYLOADS (!!!) is running Windows. Can we at least try to avoid being hit by UAVs until the terrorists invent their own, instead of lending them ours?

    Every time you install Windows, the terrorists win. How’s that one?

  • Justen

    If you consider command-line use the realm of “hardcore hackers” then yes, probably. There are however plenty of nice, friendly utilities for monitoring system security and checking for malware in linux. AIDE is a good choice for monitoring system-critical files, and rkhunter is good for looking for malware. There’s also a more comprehensive suite called OSSEC that does both those tasks and more, but I’ve only just started using it so I can’t comment on it much. There are, of course, tons of other tools out there.

    Chances are you’re not going to need them though; as has been said before a combination of factors in *nix environments, including the security model, the diversity of the *nix ecosystem, and the way most *nixes handle software management vastly reduces the potential of anyone creating a successful virus.

  • Robert

    Neither this article, nor any of the comments, seem to acknowledge the reality of military procurement operations. The Pentagon can only purchase weapons systems which the U.S.Congress authorizes. Once a new weapons system is authorized, the military command in charge of this system must go through an extremely complex procurement process that requires bidding, demonstrations, review of bidder capabilities, etc. etc. Plus political pressures from numerous congressmen and senators. It’s not like Pentagon Generals just get to buy what ever they want. To win one of these bids requires considerable cost to the company which finally wins the contract. I suspect the decision to use Microsoft software in these systems is made by the company which developed the hardware, probably because Microsoft provided a really good incentive of some kind for them to do so. The place to require these systems to use a specific type of software needs to be made at the time system specifications are being written, or at the congressional approval step. I seriously doubt that there would ever be a blanket ban against Microsoft software imposed by the U.S.Congress (the only place such a ban could come from) because most of Congress and the White House use Microsoft software. Your going to have to get that changed first…

  • Ray

    I’m a Soldier working in a tactical network operations section with responsibilities including networking and information assurance. There are a number of systems we use Linux or Unix operating systems for, however, not all of them. I am not a proponent of the idea to use Linux for everything. It’s my belief that every application needs to use the operating system that best suits the requirements of that application. Is that done in practice? Sometimes.

    • Hi Ray,

      Thank you for your comment and for your service to your country. I agree that one should use the appropriate tool for the job. After all, I do use a hammer for nails and a screwdriver for screws. :) I just do not agree if you are saying that Microsoft systems are good for implementation in sensitive, high security, high reliability, critical use situations. I think Microsoft systems are great for games, though I don’t use them for that either. :)

      Frankly, I also know that FOSS Unix / Linux are basically the building materials *and* tools *and* finished products one can use when it comes to general use or specific use computing. It is just that one needs to define the problem and then implement the solution with either Unix or Linux. Using FOSS one can even tailor existing software to one’s own needs or build a new solution “from scratch”. I’ve known an ex-military programmer or two. This would easily be within their capabilities.

      If a “solution” is “canned” and “ready” for some other closed, proprietary operating system then the choice is whether or not to relinquish one’s freedoms in favor of allowing someone else to control one’s computing experience. Giving up control over my computing is not something I will do easily. I would rather my friends in the branches of our military have more control over the software tools used, not less. FOSS software and systems do give one that freedom and control. Microsoft and Apple systems do not.

  • Yeah really nice…if they use linux they will be free and they will have all freedom .But i don’t think that all of their soft which they use can be used in linux or have version of linux so what my opinion is if they have all the application they use in normal windows and if those can be used in linux than they must use linux….

  • nick

    In my experience, windows or linux doesn’t directly control the process, but a PLC does instead. software running on windows/linux communicates with the PLC to direct the process, but does not directly control it itself. I doubt the military wouldn’t take the lessons of US industries that do this (pretty much all process industries that don’t want to lose hundreds of thousands of dollars on a bluescreen/kernel panic — power, oil, gas, chemical) and directly control drones with a desktop OS without a PLC in between.

  • Ripratm

    While as a unix admin (Solaris professionally and Bsd for personal use) I feel that unix is the better operating system for my taste. However I don’t think Windows is nearly as bad as its made out to be. While I’ll give a slight edge to unix in terms of security I think it’s the admins that make far more of an impact on how secure the system is vs what OS it’s running. I would say the grand majority of the windows hacks is due bad administration (whether that’s crappy system setup from the start or not patching properly).

    Also in my experience only about 10% of windows admins actually know what the hell is going on. Don’t get me wrong I’m not bashing windows and I think true Windows admins would agree with me. But there are a lot of MCSE out there or “windows admins” who are basically pc repair or second level tech parading as admins that dont know what they are doing and don’t grasp the the whole picture beyond just clicking through menus. I think if you get a good admin they can secure a windows server on par with Linux.

    If you have a crappy admin doesn’t matter the OS. Just a case of crap in crap out.

Leave a Reply

  

  

  

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Follow the directions below to post a comment if you are human. After 3 failed tries reload the page to start with new images.