Linux

Linux grabs its single biggest win

The U.S. Navy and Dept. of Defense have learned valuable lessons that translate to huge contracts for the Linux OS. What does this mean for open source and the community that drives it? Jack Wallen offers his take.
Northrop Grumman Transformational Fire Scout Vertical Takeoff and Landing Tactical Unmanned Aerial Vehicle system. Ever hear of it? It's a U.S. Navy drone, otherwise known as the MQ-8B Fire Scout. Why is it significant? Because recently the Navy decided to drop the Windows operating system that was running in favor of Linux. And just why did they drop the previous operating system?

A virus.

That's right...previously a virus had infected the operating system on the U.S. Air Force's drone control system.

A virus...on the system controlling drones. Think about it. Imagine the consequences of a drone or fighter plane suffering from a computer virus -- while armed! That was a significant enough "oops" to lead the U.S. Navy to migrate their drone systems from Windows to Linux.

When I read this, I was shocked. First and foremost, I couldn't believe such planes were controlled by anything powered with any flavor of the Windows operating system -- not when the U.S. Navy has enough intelligence and resources to even create their own OS. Once that shock flushed from my system, I had to wonder...who would be the one to run Combofix on the systems running those drones? What a horrible job that would be...having to take the fall for an infected computer system on a military aircraft.

Anyway...I digress.

The decision brings a 28 million dollar contract to the Linux community (who, exactly, will be getting this contract is unknown), but that is not all. Based on this (and other issues) with non-free software, the U.S. Department of Defense is laying out guidelines on how its agencies can use open source code. And even though the DOD's use of open source code will alter the GPL for said code (they can't, for obvious reasons, release any code they use and modify back into the wild), this is a huge deal for open source everywhere.

Think about it. The DOD has decided that open source is a more secure and reliable route than proprietary systems. That trickle down is going to have a serious, lasting effect in the world of Linux. Here's how I see this working:

  • DOD begins Linux roll out
  • US Government begins wide-spread roll out
  • Civilian security companies world-wide begin roll out
  • Universities fall in line
  • Consumers begin clamoring for better security on their OS

Although this could seem like a pipe dream (for this to rain down upon the consumers), if the masses really want to start getting serious about their security (and they should), this should be a lesson from up high that should not be taken lightly.

Windows is a good desktop operating system -- but one with many, serious security flaws. And although Microsoft is doing their best to tighten it all down, it's simply and fundamentally insecure. The U.S. Navy and Department of Defense get this now. Maybe it's time for the consumer to pick up on that thread and demand Linux on their desktops.

After all, if it's good enough for the DOD and the Navy, isn't it good enough for you?

I can already hear the naysayers proclaiming their usual litany of hate and doubt.

  • "Not enough games!"
  • "No support!"
  • "It doesn't run 'X'!"

Well, guess what, if there's enough demand for it, eventually those complaints will fade away. Think of it like a relationship -- you want to start a long term relationship built on a foundation of stability, friendship, and trust. Why? Because eventually the bedroom antics will dissipate and what remains will have to carry you into your twilight. Wouldn't you rather have an operating system built on that same, strong foundation? Your love of games will eventually fade away. If your platform is solid and secure, you'll enjoy it for many years to come. And if more people begin enjoying the Linux platform, eventually the games and the support and 'X' will arrive as well.

The U.S. Navy saw this.

Be the Navy.

About

Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website getjackd.net.

245 comments
grzegorzmaj
grzegorzmaj

I wonder why they didn't used Windows Embedded(basically modularized WinXP) and write protected system drive. And for all Linux lovers: Linux is not real time OS(while Windows CE is), also, Open Source software needs to be frequently updated because when there is security update everyone knows exactly about hole it updates. That is why there are lot of hacked websites based on open source stacks.

joef_z
joef_z

Google U.S. Army and Red Hat and you'll see the Army has long been using Linux. In fact, the last time I was in the presence of the Red Hat guys, I believe they said the Army is still their biggest customer seat-wise, but not dollar-wise. This was a year or two ago. Full disclosure: I'm the PAO for RDECOM, the Army's R&D command. We have quite a bit going on with Linux all the time.

pointabhishek
pointabhishek

Why did they decide to use Windows on first place. What a bunch of idiots!!!

asotelo
asotelo

POS(point of Sale) terminals use Windows 2000 in the background( it was the most robust in my own opinion), yet they're not constantly freezing or rebooting. All you see in the foreground is a pre-programmed GUI for selecting your menu items or drinks(restaurant) or sale items or sales tally at the grocery or department store. Maybe the drones have some sort of these interfaces. If this is the case I don't think it matters who is in the background, as long as the foreground program gives me my discount and accepts my credit card, I'm all for it!!!

maoriveros
maoriveros

The U.S. Navy and Dept. of Defense have learned not to use Windows - and the advice is surrounded by Microsoft advertising!!! I think TechRepublic should be coherent with reality...

asotelo
asotelo

Where the drone(s) were infected by a USB(thumb) drive?? I think I read an article about it. First off, I think that they were using personal drives to load programs on the drones, thus infecting them. Second, I think that Windows is good for some things, and Linux is good for others. It seems to me that you can make a system (especially a drone system) more secure by loading it with some sort of Linux that has been made especial for that specific drone. I for example use Knoppix to troubleshoot almost unusable Windows PC's and Laptops. Knoppix is made to load and run from a CD. It can bring a Windows system back to life by knowing what to add or delete or tweek.

4him2
4him2

What ever happened to Gov't designed ADA Programing Language

jfreedle2
jfreedle2

Linux is no more secure than Windows, it is just that nobody at this point in time wants to invest in writing a UNIX virus to infect Linux. It was probably an Open Source advocate that wrote a virus to infect the machines, and went to work and plugged it into the system to infect it. Most people choose systems that are stable, and run the applications that they need. Windows is pretty secure for most people's needs and easy enough to configure. Sure Microsoft rely's on Internet Explorer for the help system and therefore you can disable it being the default browser, you cannot completely remove it as it is part of the web browser control in the API. You may disagree with their decision to incorporate a web browser into the operating system, so you use something else that meets your liking. Unless you are well versed in Operating System design, you are no better than any Geek Squad member when attempting to evaluate a design of an operating system.

alphieboy
alphieboy

Oh yes it does! For it's newest warships it uses, guess what, "Windows for Warships". What's more, this folly extends to retro-fitting existing Nuclear-powered submarines including those with Nuclear Missiles! In spite of the outcry from myriad sources, including many within the prime contractor to the RN, BAE Systems forged ahead with the project. It truely beggars belief. Read more: http://www.theregister.co.uk/2004/09/06/ams_goes_windows_for_warships/ also: http://www.leshatton.org/wp-content/uploads/2012/01/A8.pdf

lammwa
lammwa

"And if more people begin enjoying the Linux platform, eventually the games and the support and ???X??? will arrive as well." You gorgot to mention the "viruses" : ) If the OS becomes used on a wide enoguh scope it will also be hacked, phised, trojaned, etc. Linux is fairly virus free because there is no "need" to target it... yet.

richard.bligdon
richard.bligdon

Piracy of Microsoft OSes has always been a problem.It didn't help that XP Pro was easy to pirate. Yet,according to one Linux article,in countries like Poland,India,China,etc where national pride runs deep,putting together your own national linux version,and leaving the security nightmares behind,as happened with one Indian company when they had to forsake Windows for,in this case,Suse Linux,the people have found something better than pirated Microsoft OS software.

richard.bligdon
richard.bligdon

Back when MS parted ways with IBM over the OS/2 project,their claim was that they had to because Windows suddenly 'took off',but there was also a rumour that IBM told them "The OS is too unstable and insecure,because you have the Graphical Shell too close to the Kernel."IThey refused to change it,so IBM pulled out. Who knows,but rumours aside,it's basically true and then there's the Registry(that's a nightware discussion all by itself-and the root of a lot of the problems!). If you crashed an NT OS,on reboot you saw a msg about 2 os2 sys files missing! Back when Win95 came out,I went to OS/2 Warp 3 and had no complaints!My Soundblaster card didn't quite work right,but I learned a lot and a had a fast,stable OS and NO crashes,or bugs,when everybody else was crying in their soup! Some of the Windows problems are: *Programs can make API calls to the system AND modify the registry(that's a whole nightmare subject in itself!!!) -the virus writers know this! *Back doors -the virus writers know this also! *Bloated ,insecure and unstable code -kind of like putting together a ramshackle car with all different parts and hoping it doesn't fall apart! *Unesecure Services on by default -some can't be turned off! *Windows Servers crash and require reboots. *no matter how fast the PC is,after a while it WILL slow to a crawl!You can 'clean; it out,but you can only do so much! *10 x as many yearly patches,updates,etc as other Oses. Side Note: Some years back,when a virus worm attacked and knocked out the computer systems of several banks and a police department near here,a municipality that was running Novell Netware never had their computer systems compromised at all.Thankfully,in part due to a decision MS helped them make,because of their definition of a 'small business' and the cost of 'MS Exchange' which would have added thousands of dollars to their costs,causing them to have go Netware/Groupware.etc!Now,Netware can be run on Linux! *Nix advantages: *FREE!!! *Promotes thinking and learning programming ,etc. *need a driver,ask and you may have one by days end,which is what happened to Linus Torvalds in his early days. *programs need root priviledges in order to be installed. *Programs can make API calls to the system,but they can't modify anything and one's program config files exist in the home folder only,so if an intruder breaks into the system(not likely) he/she cannot likely access the whole system(ie: C drive in windows parlance)... *Can run on PCs that can't run newer Windows OSes.Case in point: I have an AMDx2,2g ram PC upstairs that can't rin Windows 7,but after seeing it slow to a crawl under XP,I put Ubuntu on it in a dual-boot(when Xp's time runs out,that PC will become solely *nix)and man,did it fly,so who cares! In these difficult economic times,companies will have to get past MS's FUD about TCOS and evaluate THE REAL COST....particularly in terms of: OS and Software Licensing Costs.Security,Hardware and other important issues. All government agencies and schools in North America should switching to Open Source,the same as they are in Europe and many Asian communities. Isn't it time,we all got off the "Johnny it's time to upgrade again,but,you old hardware can't run the new Windows(or Mac)OS,so you'll have to fork out for a new PC -AGAIN!

robertyawe
robertyawe

This is just history repeating itself, Microsoft got to the top of the hill by decimating its competition therefore remaining alone at the top of a rather skinny pole while Linux was busy creating a new hill with a wide base. It was only a matter of time before Microsoft's arrogance, that comes with unexpected success, started affecting their position. The time in nigh for the next technology revolution but first the dictator must fall. The field is now wide open for developers across the world be it in Silicon Valley or Calcutta, Adelaide or Mogadishu its a free for all wait for bruising and new billionaires

andrew232006
andrew232006

Yes, many things would be different if most people used linux. But they don't. And if I switch to linux, there will be 1 more person and no one will notice, except me when I spend another night editing config files and recompiling software attempting to get the tv-out to work on my computer. Also my interest in video games isn't going away.

arick
arick

You would have thought that they would have learned the first time. Remember back in 1997 when the Navy forced a contractor to use an OS from Microsoft. The Navy war games in 1997 brought whole new meaning to the common expressions "Blue Screen of Death" and "Dead in the Water". It's obvious from this article on Wikipedia that, with more then one Admiral's career on the line, the Navy forced its contractors to do a Galileo retraction. http://www.greenspun.com/bboard/q-and-a-fetch-msg.tcl?msg_id=0024SN http://en.wikipedia.org/wiki/USS_Yorktown_%28CG-48%29

paulfx1
paulfx1

But there are several add on extensions that make Linux a real time OS. I happen to use RTAI myself. There are a lot of hacked websites because there are a lot of system administrators who are not very good. If it was the software then every website would be hacked. I can remember years ago I stumbled across a pretty gross security blunder searching for the term phpinfo. What turned up wasn't what I'd expected. I doubt many that had their system information so publicly displayed was aware of it. I believe all that has been long taken care of on both sides. Point being it wasn't really the software's fault if you left that file publicly accessible. It wasn't really Google's fault if it crawled your server then listed you either.

NickNielsen
NickNielsen

The virus was carried in on thumb drives and probably used Windows' auto-run feature to install. Since the equivalent Linux feature won't run Windows programs, it wouldn't have been an issue.

paulfx1
paulfx1

They liked the API. Apparently it did work for them until they hit a snag. No one can foresee everything.

NickNielsen
NickNielsen

Most chains use either IBM or NCR POS systems, simply because the Windows-based POS systems do not scale as well. I support five different grocery chains. They all use IBM's OS4690 POS systems. Sears, Macy's, Kmart, Walmart, JCP and Target all use the 4690 OS.

Deadly Ernest
Deadly Ernest

POS set ups some years back for a client, the POS systems we checked most used their own proprietary GUI systems working on a Unix base. A few were even based on some proprietary accounting software that had a built in OS they wouldn't say what it was, except you needed a special app to have the output formatted to go to a Windows system if you wanted that. Also, some of the cheaper ones worked as an app on Windows but wouldn't work as a stand alone as you had to buy a computer for each work station as well as their gear.

jeslurkin
jeslurkin

..is inefficient as well as insecure. Linux can be modded by the end user to eliminate USB, and Microsoft would have mod Windows.

Deadly Ernest
Deadly Ernest

no one has yet said you can NOT create a virus for Linux, just that because the code is much better written and much more secure it's a bloody site harder and requires a person with a much higher level of coding knowledge and experience than your average Windows virus scriptkiddy. Compare it to physical security of a building. It's impossible to make any building absolutely 100% secure, but any fool can break in through a plywood door, unprotected windows, and simple latch style locks; while it takes a highly skilled expert to get in when you have security grills on all windows and doors and the locks are high security key deadbolt locks. Microsoft Windows uses latch locks on plywood doors in loose frames while Unix and Linux use high security key deadbolt locks in steel covered doors in tight fitting steel lintels. Microsoft made a corporate decision that includes many security holes in the base design of Windows and there is nothing they can do about that now unless they go back and do a total redesign to remove the components they embedded in the core as part of justifying a marketing strategy back in 1995 - they deliberately sacrificed security for a marketing claim. BTW Win 3.11 on DOS is still much more secure than any current version of Windows, simply because it's from before the change to dump security for marketing.

jeslurkin
jeslurkin

...the Queen knighted BG. Astounding!

paulfx1
paulfx1

I'm sure the fanatic fanbois will disagree but some folks are just beyond talking any sense to. No one likes Linux more than I do, but I try to keep things in some perspective.

anil_g
anil_g

designed and the open source model fixes things better and quicker. That's the point argued elsewhere.

Deadly Ernest
Deadly Ernest

core code is so good it can't be hacked to the advantage of the hackers, and as soon as any new code that has an issue is found it's replaced in a matter of hours or days, not months or years like Microsoft take. Because the code is open and viewable by all there are a lot more people checking the Linux code for problems than there are doing the same for Windows. In short, it's a better design and better tested.

paulfx1
paulfx1

Then every seat is counted in the plus column. It has often been said that if it wasn't for software piracy Windows wouldn't be nearly as popular as it is today. Microsoft makes the big money selling their server OS anyways. They probably prosecute that more than desktop OS thefts.

paulfx1
paulfx1

Once you get something to work on Linux it works forever. I've setup Linux systems then ran them 24/7/365 until the caps on the motherboard let go. Which BTW took over 8 years to happen. If Ron Popiel peddled OSes he'd hawk Linux, just set it, and forget it! Also when things don't work it is nice to at least have the option of recompiling in order to gain functionality. What recourse do you have in Windows? What are you going to do throw rocks at Billy Gate's windows? I mean really now.

anil_g
anil_g

I'm not trying to be mean but nobody cares if you run Linux or not because we're all getting better results with Linux without you. But the point is, that a greater overall uptake of Linux / UNIX would save the world billions of dollars while immensely improving outcomes.

Deadly Ernest
Deadly Ernest

a config file in that time. Mind you I regularly have to use Regedit and Msconfig to fix problems in Windows machines for people to stop excessive software load up as everything new loaded in Windows seems to always be set to run at start up.

pgit
pgit

Most distributions provide a real time kernel. If I'm not mistaken, your thousand-plus core conglomerate super computers use an RT kernel. It is worth repeating though that winCE was (is?) RT. A feat I imagine Microsoft doesn't care about repeating?

grzegorzmaj
grzegorzmaj

If system drive is read only, you couldn't install anything on it, after restart it wouldn't be there.

pgit
pgit

Nowadays a lot of proprietary systems are integrated with windows to whatever degree necessary. But back in the dumb-terminal days all the systems I ever saw were on some flavor of Unix and were built from the ground up, including that kernel being exactly no more, or no less, than what was absolutely needed. Talk about secure... and stable. The last one to go I just couldn't understand why the client gave it up. He went with a straight up windows app, requiring a licensed windows workstation on every terminal, which introduced costs, bugs, overhead (making ops slow) and worst of all... facebook, youtube and other distractions the employees now kill efficiency with. The guy's business has suffered, but gosh those big LCDs sporting Vista (yep, Vista) sure look purdy. He's definitely one of those types that'll never admit he's made a mistake, I doubt I'll ever hear from him again. BTW I absolutely love the folks with a grimy Pentium II machine, 13 inch monitor and a trusty old app still clicking away on win98. They're the types that get real work done. I've got a few of them scattered around the hills. Why spend a dime when what you have is getting the job done?

asotelo
asotelo

Each terminal is in itself a PC, that has to be dependent of the Server. I have installed several at Target, Chilli's, etc. They all boot up to win 2K and have touch screens that let the user (waiter, waitress, cashier) punch in stuff. Also, at the kitchen are what is called a "bump" bar, that takes the place of a keyboard and the screen only has the menu items coming up to be cooked or prepared. These mini-CPUs, rely on the server for all the processing, they are the size of a medium size book and they only have video output and keyboard input (for the bump bar) Maybe you're talking way back, it is all standardized now.

jfreedle2
jfreedle2

Unless you are an expert at Operating System design and have read the entire source code of all variations of Linux distributions and Windows to compare the differences, you have no expert authority in which to classify Linux is secure by design. Linux is no more secure than any other operating system generally available from what I can tell.

anil_g
anil_g

I'm so sorry. That's not at all appropriate. http://news.bbc.co.uk/2/hi/3428673.stm I hope that wasn't the Queen's personal decision. Was there a Labour government in power at the time? Another sign of the degeneration in values and understanding. Of course, they also knighted Idi Amin, and then retracted it. There's still time.

asotelo
asotelo

Thanks Paul, I took two years of machine shop in high school (70's) and I wish we had all of these tools that I see on that website. It was all done with calibrators and eye balling. I found the webpages fascinating, especially the screenshots.

pgit
pgit

The 3 distros I use most provide a RT kernel, and they are highly altered and differ greatly from the stock kernels, or any of the other specialty kernels like server, laptop etc. The people who need them are few and far between, they all seem to have very odd hardware the system is running. CNC is cool, my city here is ground zero for CNC in the US. One of the better manufacturers of machine tools is based here, and there's a LOT of CNC shops around here, with a corresponding ton of highly qualified operators hanging around.

paulfx1
paulfx1

Or if it is then it must be missing some important features to make it useful. I run a real time application under Linux and it needs a patch called RTAI in order to work. When the module associated with that patch is loaded what I'm running is no longer vanilla Linux, not even close. A supercomputer would not be too super running a full RT OS. Real time is like putting brakes on everything. Or looking at it another way when you run real time then your computer is only as fast as its slowest part. Learn more here: https://www.rtai.org/index.php?&MMN_position=1:1 This is what I do with my RT: http://www.linuxcnc.org/ It gives my PC massive geek sex appeal!

NickNielsen
NickNielsen

to the computing power required. The virus was not discovered on the drones themselves, but on the PCs the pilots use to control the drones. It may not have been possible to make the drives read-only.

asotelo
asotelo

Thank you Nick, I called them both POS, when in reality one is pretty much a restaurant system like you said. My main Idea, was to point out that different foreground GUIs may have different background engines.

NickNielsen
NickNielsen

There's not really that much difference on the back end, but the front ends are quite different between the two.

Deadly Ernest
Deadly Ernest

straight POS - the majority of straight POS systems are little more than a box with an embedded minimalistic system to scan the item, refer to the database and add it to the list for the sale - not much more than a cash register with a scanner attached. However, since I last did research in that area (several years ago for someone setting up a business) more and more have moved over to the combined operations theme which require a lot more.

pgit
pgit

I remember a few years back (pretty sure it was in the XP days) windows update servers got hacked and all h e double toothpicks broke out. Microsoft quietly ran update on Linux servers and apache while they straightened out whatever the problem was with IIS. My guess is the "solution" involves multiple employees tasked full time with watching every bit of activity incoming to their update servers in order to manually shut off questionable or threatening traffic asap.

Deadly Ernest
Deadly Ernest

the expert testimony of the many people who are such experts and have the experience to know what they're talking about - of which there are many. Hell, some years ago when Microsoft decided they wanted to improve the security inn Windows and introduce what they now call UAC, they hired a whole bunch of top Linux coders to do it for them. The employment terms included them spending part of their MS paid time working on Linux project and the rest applying that knowledge and skill to Windows. The biggest complaint many had was when they said they needed to rework the whole Windows kernel to put in decent security they were told they couldn't. Some left Microsoft as they didn't want to get involved in what they saw as a half-arsed attempt at providing security to Windows. Some stayed and did "the best they could with what they had to work with."

AnsuGisalas
AnsuGisalas

...that get knighted. The knighthood was about his foundation, which he started AFTER earning all the bucks on MS. So, the knighthood had up to two reasons: 1) He stopped doing MS. 2) He continues to give huge chunks of cash to charities. Most people knighted have less going for them.

NickNielsen
NickNielsen

but it was Tony Blair's Labour Party.

Editor's Picks