Chủ Nhật, 11 tháng 4, 2004
Linux unsafe for Defense apps?
Interesting assertion from the head of one of the real-time OS vendors. While he has a vested, business interest in suppressing embedded Linux... one wonders whether there isn't some merit to his statements. The key question: is anyone performing the strict vetting of the Linux kernel and its modules that the Green Hills RTOS underwent?
A storm has erupted in the embedded community, with real-time operating systems house Green Hills charging that Linux is fundamentally insecure and wide open to security breaches by "foreign intelligence agencies and terrorists." ...
...O'Dowd claimed the salient issue is that Linux isn't held to as a high a security standard as is the proprietary "Integrity" RTOS made by Green Hills. "If all they would do is hold Linux to the same standard they hold us to, I'd be happy... At the [Federal Aviation Administration], they have received from us documentation of every single line of source code and tests of every line of code and boundary condition. It costs us $500 to $1,000 a line to review our source code. It would cost billions of dollars to review Linux." ...
...O'Dowd's tough stance may attract attention because he is also taking an unusual public stab at a competitor — embedded Linux powerhouse MontaVista Software. "MontaVista is outsourcing their development to Russia and China. That's not wrong if you're building toaster ovens," O'Dowd said in an interview. "If you're building national security applications, that's a different story. Nobody's even checking if there's anybody putting anything [dangerous] into Linux." ...
EE Times -Green Hills calls Linux 'insecure' for defense
Slashdot followup
When you buy a RTOS, you usually aren't getting compiled executable code. You usually get source code that you need to port to the hardware you are building.
Data sheets like this [ghs.com] implies that Green Hills adheres to this common practice. So all the open source is more trustworthy than a black box arguments don't apply. Anyone who wishes to deploy a system based on Green Hills' RTOS can audit the code, it isn't hidden from them. Also, this PDF [ghs.com] linked says:
INTEGRITY178B has been audited and approved by the FAA for DO178B Level A use.
Which to me implies that it has had a more thorough external audit than most open source packages.
One final argument is that an RTOS is usually very small. Their Velocity [ghs.com] RTOS can run in 3KB of RAM. When the OS is stripped down to something that small, a full audit seems like a much less daunting task.
This implies that he isn't arguing security through obscurity. He is arguing for the cathedral approach vs. the bazaar. Don't get me wrong, he still is spreading FUD. Its just a different FUD than you think. He is ignoring the role that Linus Torvalds and some of his trusted lieutenants like Alan Cox play in planning a direction, vetting ideas, and protecting the stability of the code base. Patches don't just come out of the blue from anonymous sources and applied without any examination, no matter what Dan O'Dowd may think...
Slashdot followup on O'Dowd's assertions
The Rundown -
The Rundown... just posted this review of the DVD on Amazon.
Can't you just imagine the Hollywood pitch meeting that resulted in "The Rundown"?
"Let's see... 'The Rock' will be this really tough bounty-hunter who gets sent to the Amazon River basin to bring back a wanna-be archaeologist (Seann William Scott)... he has to get him out of this hick mining town run by the evil boss (Christopher Walken)... but, in the process, they get lost in the rain-forest! While trying to get back to civilization, they stumble across a priceless treasure and have to keep it from the bad guys! See, it's 'Romancing the Stone' and 'Commando' all in one! It's a can't miss movie!"
Surprisingly, it _is_ a can't miss concept. The lightweight plotting is fleshed out with humor and decent acting by all players. Scott is nothing to write home about, but Rosario Dawson's barmaid character adds beauty and depth. Walken does his usual turn playing the psychotic mine owner. And the Rock has all the requisite charisma, athletic ability and charm to fully justify a 'Rundown 2'.
This is a light, fun action movie that is simple entertainment at its best.
The Rundown (Widescreen Edition)
11 Types of (College Hoops) Message Board Posters
Found a link to this post on the Peegs (Indiana) message boards:
This is off a Big Ten message board, I just thought I'd pass it along.
The 11 Types of College Sports Message Board Posters:
1. John Wooden: The Xs and Os guy who thinks he's the only one on the board who knows what a pick and roll is. Quote: "The reason Wisconsin always get so many foul shots at home is because our inverted swing offense puts opposing players in defensive situations they aren't accustomed to...(bleep). Maybe if you ever played organized basketball you would understand this."
Natural habitat: Iowa City, Champaign, Madison, Lawrence
2. Odysseus: The "classy backstabber." Makes every compliment backhanded. Quote: "Hey guys, congrats on winning the Big Ten from a Spartan fan, even though it was clearly a foul, and your title will always have a asterisk, and your mom's a dirty whore. See you in Indianapolis!!!"
Natural habitat: Madison, East Lansing
3. Blanche DuBois: The pathetic faded debutante holding on to past glory. Quote: "Putting on the Indiana uniform is a greater honor that winning three Nobel Prizes and sleeping with Britney Spears in the same night
Natural habitat: Bloomington, Lawrence, Chapel Hill
4. Fox Mulder: The conspiracy theorist. Quote: "Obviously ESPN is controlled by a secret cabal of Duke grads. I mean, Digger Phelps and Dick Vitale are both 33rd level Freemasons. Put it together, people."
Natural habitat: Champaign...everybody else is in on it.
5. The Voice of the People: The person who always tries to get people to e-mail members of the media to tell them how much we hate them; and why, therefore, they should say nicer things about us. Quote: "Here is Terry Boers' e-mail.e-mail the Score and tell them what a bunch of effing morons they are for not devoting four hours a day to Illini athletics. We need to get the Chicago media behind us!"
Natural habitat: Champaign, Iowa City
6. The Invisible Hand: The person who claims to have intimate connections with coaches, players and recruits. Often creepy. Quote: "I don't want to give away my sources, but I can state with absolute certainty that Shaun Livingston ate corn within the past 24 hours."
Natural habitat: Durham, Lawrence, East Lansing
7. The Fanboy: The seventh grader on his dad's computer. Quote: HEY GUY DON'T YOU THINK PEIRRE PIERCE SHOULD BE TEH BIG TEN POY!!?!??? HE IS TEH SHIZNIT!?!?!?
Natural habitat: Iowa City, Champaign, Ann Arbor
8. Sister Mother Superior: The grammar police, who tries to win arguments by pointing out spelling errors. Often replies using larger than necessary words to show linguistic dominance. Hilarity usually ensues. Quote: "Perhaps I would take "you're" [sic] arguments more seriously, were you to more rigorously adhere to the syntactical rules of the mother tongue. As it is, your (notice how it's spelt) ruminations leave me nonplussed." Natural enemy of: The Fanboy.
Natural habitat: Ubiquitous
9. The CyberLawyer: The person who takes message board arguments way too seriously. Quote:
"If you believe that Devin Harris is better than Deron Williams, please state ten distinct reasons. Cite carefully following Bluebook format. Any failure to comply with these rules will result in me winning. If you use statistics, please include standard deviation figures for each category."
Natural habitat: Madison, Champaign, Iowa City
10. Keyser Sose: The classic hit-and-run artist who gets a password three days before the big game, flaps incessantly, then disappears, never to be seen again. Quote: "Ten Reasons Missouri will beat Illinois:"
Natural habitat: Missouri
11. Rodney Dangerfield: The person who believes that any failure of anyone else to conform to their own rose-colored view evinces a lack of respect for themselves, the program and the United States of America as a whole. Quote: "It's disgusting that the Big Ten coaches didn't put Greg Brunner on the first team. Obviously they don't know anything about basketball.it's a slap in the face to all of us."
Natural habitat: Ubiquito
11 Types of Message Board Posters
Đăng ký:
Đăng Nhận xét (Atom)
Không có nhận xét nào:
Đăng nhận xét