Insecurity Threat

by Doc Searls

On April 9, EE Times reported on a speech given by Dan O'Dowd, CEO of Green Hills, an embedded operating system company. Here are a few of the pull quotes:

The open source process violates every principle of security. It welcomes everyone to contribute to Linux. Now that foreign intelligence agencies and terrorists know that Linux is going to control our most advanced defense systems, they can use fake identities to contribute subversive software that will soon be incorporated into our most advanced defense systems."

If Linux is compromised, our defenses could be disabled, spied upon or commandeered.

Every day new code is added to Linux in Russia, China and elsewhere throughout the world. Everyday that code is incorporated into our command, control, communications and weapons systems. This must stop.

Linux in the defense environment is the classic Trojan horse scenario--a gift of 'free' software is being brought inside our critical defenses. If we proceed with plans to allow Linux to run these defense systems without demanding proof that it contains no subversive or dangerous code waiting to emerge after we bring it inside, then we invite the fate of Troy.

Before most Linux developers were born, Ken Thompson had already proven that 'many eyes' looking at the source code can't prevent subversion.

We asked Eric S. Raymond, open-source advocate and UNIX historian, to respond. He wrote:

Well, for starters this guy is abusing the Thompson example in a couple of ways. Technically, the C compiler was not open source at the time Thompson put in his back door--you needed an AT&T source license to see it legally. But the more fundamental point is this: nothing prevents someone at a closed-source shop from doing exactly the same thing.

O'Dowd is making the unstated assumption that somehow closed-source development prevents the placement of code unexpected by users in a way open-source development doesn't. The widespread prevalence of easter eggs in closed-source code, like the Mac dogcow or the flight simulator embedded in Excel '97, shows this is nonsense. Managers are essentially helpless to prevent this sort of thing.

If I were an enemy spy, I would much rather bribe a closed-source programmer to slip a deadly easter egg into DOD software than send a patch to an open-source project--my risk of detection would be far less that way.

In another rebuttal on a forum at, "Concerned Citizen" replied, "Let's not forget that the terrorists that Mr. O'Dowd refers to used proprietary software for attacks on the USA. They have Windows machines and Flight Simulator, you might recall." He concludes:

Linux will be "hardened" for use in military systems. It will take time, and it will cost money. The results will be every bit as good--no, better--than what we see today. Such work is underway, and SE Linux by the NSA is but a start. But the hardening will take less time, eventually be more secure, and cost far less than the hodge-podge of incompatible proprietary systems, some from vendors who have gone out of business or pay lip-service to value and utility, or who simply don't care to truly improve their code thus endangering us and our troops. Your argument is tired and worn out, Mr. O'Dowd. Time to give it a rest.

The last word, of course, belongs to the market. For that we have this, from Business Week:

Dana Myers is known as the penguin lady at chip giant Texas Instruments (TXN). Since 2002, Myers has overseen development work on compact versions of the open-source Linux operating system used to run chips and circuit boards in mobile phones and other electronics products. And during the past year, Myers has boosted the size of her development team by 75%, to nearly 100 people. "All over the world, customers are asking us for Linux", says Myers.

Doc Searls is Senior Editor of Linux Journal.

Load Disqus comments