Dan O'Dowd, CEO of Green Hills Software, Inc. said "the proliferation of the Linux open source operating system through a growing number of U.S. defense systems poses a serious and urgent security threat" in a speech to the Net-Centric Operations Industry Forum in McLean, VA.
This seems to have the distinct flavor of sour grapes about it, given that the company involved is a producer of real-time embedded software systems, and is feeling some heat from competition with embedded Linux.
In what is becoming a traditional American business response to competition, the first thing you do is spread FUD all over the landscape. Then you go back and spread more FUD.
The absence of backdoors in Linux is directly attributable to its open-source origins, as this proprietary closed source fudmeister fails to see.
Update: Groklaw has some responses to this nonsense.
O'Dowd cites the presence of a hard-coded back door in Unix to support his position. Hmm, Unix, is that an open-source system? No, I didn't think so. So, what's your point here, O'Dowd? Open source is a risk because a closed source OS had a back door coded into it? Nobody noticed the back door because they weren't able to see the code.
One of closed-source's main "security" reliances is the closed, secret source itself. Microsoft has admitted as much in the past, and has demanded that exploits be kept secret when discovered (by ethical organizations, that is). The problem has been that these organizations have found that when they keep the exploit to themselves, Microsoft takes a very leisurely approach to fixing it. But when the security hole and it's exploit become public, Microsoft will move expeditiously to fix it.
Posted on April 10, 2004 12:34 PM