Enterprise Software

China chooses FreeBSD as basis for secure OS

What OS would you choose as the basis for your security hardened software platforms? China has made a decision remarkably similar to my own, and it has U.S. officials worried that the Eastern power may be pulling ahead in the realm of information warfare preparedness.

Earlier this month, in China blocks U.S. from cyber warfare, the Washington Times reported that "China has developed more secure operating software for its tens of millions of computers and is already installing it on government and military systems, hoping to make Beijing's networks impenetrable to U.S. military and intelligence agencies." The article goes on to explain that China has developed a custom, security hardened OS called Kylin, which was revealed in recent Congressional hearings. As the specter of "cyber warfare" grows more vivid, US policy makers and security specialists are rightly concerned at the fact that China is taking such direct action to protect itself from potential foreign information warfare threats — that this may set the US at a disadvantage.

In China installs a secure operating system on all military PCs, The H reports that China claims the design of the OS is proprietary on its official Kylin Website. The H also reports that:

an analysis of the code (Chinese page link) in the kernel indicates that it is in fact a hardened version of FreeBSD 5.3.

While I could paraphrase the message, The H put it succinctly:

This has lead to concern over the state of open source development in China. Furthermore, the advisor said that US systems, which use off-the-shelf American software, such as Microsoft products, open source software, and foreign applications, would be less secure and more vulnerable to back doors allowing access during "times of war".

The harsh truth of the matter is that corporate influence in government has succeeded in retarding the progress of information technology advancement in US defense policy by weighing down decision making processes with political favoritism. Meanwhile, the fact that Chinese government officials are not beholden to powerful public corporations frees them from the kind of untoward influence that has resulted in software acquisition contracts motivated more by reƫlection concerns than by security concerns in the US. All too often, the selection process in US government specifically excludes all options except a very few vendors for software acquisitions. The result is that China appears to be well ahead of the curve, selecting the best OS for the job regardless of vendor influence in the West.

When the US Department of Defense is the target of no fewer than 128 information infrastructure attacks per minute from China, and we discover that China is engaged in working toward 100% military deployment of security hardened FreeBSD while the US DoD is almost universally using off-the-shelf Microsoft Windows systems, it becomes clear that there's definitely something wrong with US information security policy.

(note: Initially, this article misidentified the Washington Post as the source of the article China blocks U.S. from cyber warfare. The actual source was the Washington Times, and this article has been edited accordingly.)


Chad Perrin is an IT consultant, developer, and freelance professional writer. He holds both Microsoft and CompTIA certifications and is a graduate of two IT industry trade schools.

Editor's Picks