Second in Series of White Papers on Linux Security Issues
Dan O'Dowd, Green Hills Software founder and CEO, today issued his second white paper in a series focused on the urgent security threat posed by the use of the Linux operating system in U.S. defense systems, including the Future Combat System and Global Information Grid. Available at http://www.ghs.com/linux/manyeyes.html, the white paper "'Many Eyes' -- No Assurance Against Many Spies" debunks the fallacy that the "many eyes" with access to Linux source code ensure that it is free of Trojan horses or other malicious software.
"Now that foreign intelligence services and terrorists know that we plan to trust Linux to run some of our most advanced defense systems, we must expect them to deploy spies to infiltrate Linux," O'Dowd said. "The risk is particularly acute since many Linux contributors are based in countries from which the U.S. would never purchase commercial defense software. Some Linux providers even outsource their development to China and Russia.
"The assumption that Linux is safe for defense systems is based on the dangerous misconception that the so-called 'many eyes' looking at Linux source code will find any malicious bugs hidden in Linux by foreign intelligence agents or terrorists. This misconception is based on the silly assumption that looking at source code is an effective way of finding bugs.
