News & Press
Using Linux Software in Defense Systems Violates Every Principle of Security Says Green Hills Software's CEO and Founder
MCLEAN, VA—April 8, 2004 - The proliferation of the Linux open source operating system through a growing number of U.S. defense systems poses a serious and urgent security threat, Dan O'Dowd, CEO of Green Hills Software, Inc. said today in a speech to the Net-Centric Operations Industry Forum in McLean, VA.
The Linux operating system is being developed by an open source process—a cooperative effort by a loose association of software developers from all over the world. "The very nature of the open source process should rule Linux out of defense applications," O'Dowd said. "The open source process violates every principle of security. It welcomes everyone to contribute to Linux. Now that foreign intelligence agencies and terrorists know that Linux is going to control our most advanced defense systems, they can use fake identities to contribute subversive software that will soon be incorporated into our most advanced defense systems."
In addition, developers in Russia and China are also contributing to Linux software. Recently, the CEO of MontaVista Software, the world's leading embedded Linux company, said that his company has "two and a half offshore development centers. A big one in Moscow and we just opened one in Beijing—so much for the cold war." Also, the CEO of LynuxWorks, another embedded Linux supplier, acknowledged that his company has a development center in Moscow.
Linux software, including contributions from Russia and China, is spreading rapidly through the Defense Department because it can be freely downloaded from the Internet without a license agreement or up-front fees, bypassing legal, purchasing and security procedures. A recent survey conducted over a two-week period by the Mitre Group, found 251 Department of Defense deployments of Linux and other open source software.
Linux has been selected to control the functionality, security and communications of critical defense systems including the Future Combat System, the Joint Tactical Radio System and the Global Information Grid. "If Linux is compromised, our defenses could be disabled, spied on or commandeered. Every day new code is added to Linux in Russia, China and elsewhere throughout the world. Every day that code is incorporated into our command, control, communications and weapons systems. This must stop," O'Dowd said.
"Linux in the defense environment is the classic Trojan horse scenario—a gift of 'free' software is being brought inside our critical defenses. If we proceed with plans to allow Linux to run these defense systems without demanding proof that it contains no subversive or dangerous code waiting to emerge after we bring it inside, then we invite the fate of Troy," O'Dowd said.
Advocates of the Linux operating system claim that its security can be assured by the openness of its source code. They argue that the 'many eyes' looking at the Linux source code will quickly find any subversions. Ken Thompson, the original developer of the Unix operating system—which heavily influenced Linux—proved otherwise. He installed a back door in the binary code of Unix that automatically added his user name and password to every Unix system. When he revealed the secret 14 years later, Thompson explained, "The moral is obvious. You can't trust code that you did not create yourself. No amount of source-level verification or scrutiny will protect you from using untrusted code."
"Before most Linux developers were born, Ken Thompson had already proven that 'many eyes' looking at the source code can't prevent subversion," O'Dowd noted.
"Linux is being used in defense applications even though there are operating systems available today that are designed to meet the most stringent level of security evaluation in use by the National Security Agency, Common Criteria Evaluation Assurance Level 7 (EAL 7)," O'Dowd said. "We don't need cheaper security. We need better security. One 'back door' in Linux, one infiltration, one virus, one worm, one Trojan horse and all of our most sophisticated network-centric defenses could crumble. We must not abandon provably secure solutions for the illusion that Linux will save money. We must not entrust national security to Linux," O'Dowd concluded.
About Green Hills Software
Founded in 1982, Green Hills Software, Inc. is the technology leader for real-time operating systems and software development tools for 32- and 64-bit embedded systems. Our royalty-free velOSity microkernel, INTEGRITY RTOS, C/C++ compilers, MULTI and AdaMULTI Integrated Development Environments and TimeMachine debugger, offer a complete development solution that addresses both deeply embedded and high-reliability applications. Green Hills Software is headquartered in Santa Barbara, CA, with European headquarters in the United Kingdom.
Green Hills Software, the Green Hills logo, MULTI, INTEGRITY, velOSity,
AdaMULTI and TimeMachine are trademarks or registered trademarks of Green
Hills Software, Inc. in the U.S. and/or internationally. All other trademarks
and products are the property of their respective owners.
North American Sales Contact:
Green Hills Software, Inc.
30 West Sola Street,
Santa Barbara, CA 93101,
International Sales Contact:
Green Hills Software Ltd.
Fleming Business Centre
Hampshire SO50 9PD
Tel: +44 (0)2380 649660
Fax: +44 (0)2380 649661
Green Hills Software, Inc.
Lynn J. Robinson
Patterson & Associates