• Please keep all posts on the Rittenhouse verdict here: Rittenhouse Verdict. Note the moderator warnings in the thread. The thread will be heavily moderated with a zero tolerance policy for any baiting, flaming, trolling or other rule breaks. Stick to the topic and not the other posters. Thank you.
  • This is a political forum that is non-biased/non-partisan and treats every person's position on topics equally. This debate forum is not aligned to any political party. In today's politics, many ideas are split between and even within all the political parties. Often we find ourselves agreeing on one platform but some topics break our mold. We are here to discuss them in a civil political debate. If this is your first visit to our political forums, be sure to check out the RULES. Registering for debate politics is necessary before posting. Register today to participate - it's free!

Old Laws Are Keeping the US Navy from New IT Gear

Rogue Valley

Exordium and Terminus
Supporting Member
DP Veteran
Joined
Apr 18, 2013
Messages
67,960
Reaction score
51,764
Location
Barsoom
Gender
Male
Political Leaning
Independent
Old Laws Are Keeping the US Navy from New IT Gear

The service’s deputy chief information officer says outdated regulations 'make it a struggle' for the military to stay on the cutting edge....

defense-large.jpg
 

QuadpolarNutjob

DP Veteran
Joined
Aug 31, 2015
Messages
1,522
Reaction score
582
Gender
Male
Political Leaning
Centrist
if those laws have anything to do with using imported systems, they're critical laws that need to stay and be enforced.

outsourcing defense has brought down longer lived nations than ours.
 

OrphanSlug

A sinister place...
DP Veteran
Joined
Sep 24, 2011
Messages
26,478
Reaction score
23,085
Location
Atlanta
Gender
Male
Political Leaning
Independent
We seem to be talking about two different things here, but both require due diligence.

Dealing with "emerging technologies" *and* dealing with imported technologies.

For the most part we are talking about regulation on how information and technology standards are applied to the military, and in some ways it makes sense why there is more lean to caution than going after the latest technology buzz words. For example, "cloud" computing. In the balance is security over some of the most critical systems the military deploys.

I am not sure I have much problem weighting security and control much higher than chasing down emerging technologies from wherever hosted by whoever.
 

Oozlefinch

DP Veteran
Joined
Jul 13, 2009
Messages
14,377
Reaction score
10,724
Location
State of Jefferson
Gender
Male
Political Leaning
Moderate
if those laws have anything to do with using imported systems, they're critical laws that need to stay and be enforced.

outsourcing defense has brought down longer lived nations than ours.

Actually, as far as I am aware, pretty much all equipment the US military uses comes from the US. For example, Cisco is the provider for most networking equipment. And that is most definately a US company.

The issue here is twofold. For one, 99% of our equipment for networking is "COTS", or "Commercial Off The Shelf". In other words, the exact same equipment that businesses use worldwide. More often then I can remember, I have gone into military wiring closets, and seen the exact same Cisco switches that I have at home. And the servers are the same HP and Dell servers that corporations use worldwide.

The requirements for testing equipment is pretty strict, and it generally takes a year or more to certify a new piece of equipment for service. Even a thing like a new operating system takes years, to ensure that the replacement is as secure and compatible as possible. Even things like firmware upgrades and software patches have to go through multiple checks before they are deployed.

I am more then passingly familiar with this, both in the civilian and military computer systems. Often times, updates and security patches are long after those civilians use (both corporate and government-military), to ensure that they do not affect other systems, and are secure from harmful bugs and even computer espionage. In 2000 when I worked at DirecTV, we were only starting to consider the deployment of NT 4.0 from NT 3.51, even though Win2k was already out. I know that the Army only phased out Windos XP in 2011, then it was on the verge of being made obsolete.

It always amazes me when people expect the government or corporations to be using the "newest and best" at all times. They do not even consider not only the fact that most systems go through rigerous testing before they are deployed, but are generally the same equipment used worldwide.

Which means when it comes to networking equipment, Cisco and HP. And for servers, Dell and HP. And for operating systems, Microsoft.
 

Thoreau72

DP Veteran
Joined
Sep 26, 2012
Messages
29,638
Reaction score
7,637
Gender
Male
Political Leaning
Libertarian
Since when does any part of the Pentagon give a damn about the law?

This is more propaganda meant to increase budgets, nothing more.
 

beerftw

proud ammosexual
DP Veteran
Joined
Nov 13, 2011
Messages
18,913
Reaction score
5,520
Location
kekistan
Gender
Male
Political Leaning
Socialist
Simpleχity;1065768330 said:
Old Laws Are Keeping the US Navy from New IT Gear

The service’s deputy chief information officer says outdated regulations 'make it a struggle' for the military to stay on the cutting edge....

defense-large.jpg

The military has a tendency of not using cutting edge tech, and there is a reason behind it. The military likes redundancy, simplicity, and reliability. Most tech adopted by the military is used after tested, retested, then dumbed down to a level that has many failsafes.


An example for the navy using cutting edge tech, my father was in the navy, in the 80's they started using apple computers with floppy disks for all records, which was cutting edge then. It did not take long before they realized a simple disk error, or an emp, or a power outage could disrupt everything. Other branches suffered the same issues, which is why even today everything has some sort of paper backup.

The military fights wars, and wars are unpredictable, so cutting edge tech takes a backseat to proven and redundant.
 

beerftw

proud ammosexual
DP Veteran
Joined
Nov 13, 2011
Messages
18,913
Reaction score
5,520
Location
kekistan
Gender
Male
Political Leaning
Socialist
Actually, as far as I am aware, pretty much all equipment the US military uses comes from the US. For example, Cisco is the provider for most networking equipment. And that is most definately a US company.

The issue here is twofold. For one, 99% of our equipment for networking is "COTS", or "Commercial Off The Shelf". In other words, the exact same equipment that businesses use worldwide. More often then I can remember, I have gone into military wiring closets, and seen the exact same Cisco switches that I have at home. And the servers are the same HP and Dell servers that corporations use worldwide.

The requirements for testing equipment is pretty strict, and it generally takes a year or more to certify a new piece of equipment for service. Even a thing like a new operating system takes years, to ensure that the replacement is as secure and compatible as possible. Even things like firmware upgrades and software patches have to go through multiple checks before they are deployed.

I am more then passingly familiar with this, both in the civilian and military computer systems. Often times, updates and security patches are long after those civilians use (both corporate and government-military), to ensure that they do not affect other systems, and are secure from harmful bugs and even computer espionage. In 2000 when I worked at DirecTV, we were only starting to consider the deployment of NT 4.0 from NT 3.51, even though Win2k was already out. I know that the Army only phased out Windos XP in 2011, then it was on the verge of being made obsolete.

It always amazes me when people expect the government or corporations to be using the "newest and best" at all times. They do not even consider not only the fact that most systems go through rigerous testing before they are deployed, but are generally the same equipment used worldwide.

Which means when it comes to networking equipment, Cisco and HP. And for servers, Dell and HP. And for operating systems, Microsoft.

In my deployment from 2010 to 2011, most of our computers still used xp or 2k,and we even still had some old ste-ice computers running win95 with floppy disks. Only the newest computers had vista, which was already obsolete then and replaced by win7. We had multiple msd computers at the maintenance tent, all but one were win2k, one was xp. The xp one was so slow you could take a 10 minute nap waiting for it to load, and they wanted to upgrade them to vista then, luckily that happened after I left active duty.

For the most part though the os just needed to be stable, most of the militaries work was done over the internet through private govt servers with proprietary software exclusive to military, there was no need to upgrade until that product reached the end of it's service life.
 

Oozlefinch

DP Veteran
Joined
Jul 13, 2009
Messages
14,377
Reaction score
10,724
Location
State of Jefferson
Gender
Male
Political Leaning
Moderate
The military has a tendency of not using cutting edge tech, and there is a reason behind it. The military likes redundancy, simplicity, and reliability. Most tech adopted by the military is used after tested, retested, then dumbed down to a level that has many failsafes.

Actually, I can't think of anything the military uses that is "dumbed down". We use the same hardware and software as any corporation, with the exact same firmware. This does not need to be "dumbed down" at all, since those like me who actually administer it have had extensive training in it, and often have the exact same certifications that our civilian counterparts have (CCNA, A+, Net+, MCSE, etc). And all this infrastructure is completely invisible to the end users, just as it is in any corporation.

Same with the OS. It is just a standard OS, simply locked down to restrict what a user can do in it.

An example for the navy using cutting edge tech, my father was in the navy, in the 80's they started using apple computers with floppy disks for all records, which was cutting edge then.

That must have been the early 1980's. Back then, there was no "standard" for what a "Military Computer" was. Units simply bought their own and used them however they wanted. Then in 1986 they finally came out with a "standard desktop computer". I still remember when I had to unbox one for the first time in 1988. We had been using an old IBM DisplayWriter word processor (daisy wheel printer, 8" floppy), and we got our new computer. A Zenith 80386 with a 1.2m floppy and a 40 meg hard drive. Cutting edge at that time!

And oh the software! DOS 3.3, WordStar, Lotus 1-2-3, Dbase 3, and *drum roll* - Windows 1.02R. And yes, the exact same versions used in companies and homes worldwide. Also with the set came an Alps P2000 printer. Nope, no mice yet.

Then in 1991 I was in another office (using the exact same model computer) when I worked on my first "Military Network". It ran Banyan Vines, on a coax thinnet connection.

From the late 1980's on, military computers had to start meeting strict requirements. For a while in the early 1990's I even remember when they were trying to make all of them TEMPEST certified.

And yes, I saw the exact same thing in the civilian world as well. In 1995 I was involved in rolling out the first "Corporate Computer" at Hughes Aerospace. Just like the military a decade before, there was no standard. Each department just bought their own and used it until they had to replace it. We replaced them with either a P90 Dell with Win 3.11, or a Power Mac (for the first 4 months, the Macs were scrapped after that and pulled from service). We were pulling out of service systems that dated back to the 1970's. TRS-80s, propriatary HP machines, 8086 DOS boxes, even a couple of Atari STs, Commodore Amigas, and lots of old Macs going back to the original model.

In fact, the Mac PowerPC 6800 was a hard lesson for a lot of companies on the absolute need to conduct extensive testing before rolling out any new hardware or software. I could fill pages about what a disaster they were, and not just at Hughes. For years later I would run across them in companies ranging from Chevron, Disney, DirecTV, even US Borax and others. But that was an expensive lesson to companies nation wide.
 

Oozlefinch

DP Veteran
Joined
Jul 13, 2009
Messages
14,377
Reaction score
10,724
Location
State of Jefferson
Gender
Male
Political Leaning
Moderate
In my deployment from 2010 to 2011, most of our computers still used xp or 2k,and we even still had some old ste-ice computers running win95 with floppy disks. Only the newest computers had vista, which was already obsolete then and replaced by win7. We had multiple msd computers at the maintenance tent, all but one were win2k, one was xp. The xp one was so slow you could take a 10 minute nap waiting for it to load, and they wanted to upgrade them to vista then, luckily that happened after I left active duty.

Well, in the military most computers will run the exact same OS until the regional G-6 mandates that they all be upgraded. And generally this happens when after a certain date they "flip a switch", and no computers with an old image can log onto the network. However, this only affects computers that are connected to a SIPR-NIPR network. If they are stand-alone machines, what OS they run does not matter.

And for specific use machines, they may very often run some absolutely antiquated systems. As recently as 2007, I ran across a computer that was still used every day to run a $100k+ rock etching machine that was an 80386 and ran Windows 3.1. They wanted a larger hard drive, because the 80 meg drive was full. I opened it, scratched my head, and told them I could not help them. Sure, I could add another drive. But I had no idea where I could find another MFM hard drive! I imagine I could have dug around to find an ISA IDE card, but it would have been 2 decades old at least, and no guarantee how long it would last.

Finally I had to sell them one of my old systems. P3-800, which I was able to use Ghost to transfer their OS and software without major issue. But I told them at that time they had better start trying to contact the maker of that cutting machine, once that computer died there was simply no way to replace it.

But STE/ICE? I have not seen one of those in decades.
 

jbi

DP Veteran
Joined
Sep 20, 2012
Messages
420
Reaction score
55
Gender
Undisclosed
Political Leaning
Undisclosed
I'm honestly surprised that the US military is not using a customize version of Linux, from both a security and flexibility perspective
 

Oozlefinch

DP Veteran
Joined
Jul 13, 2009
Messages
14,377
Reaction score
10,724
Location
State of Jefferson
Gender
Male
Political Leaning
Moderate
I'm honestly surprised that the US military is not using a customize version of Linux, from both a security and flexibility perspective

Linux is not all that secure, never has been.

Heck, it is not even an "operating system", it is actually hundreds of them, written by thousands of different people. The only reason it is basically "secure" is that with so many variations, a hack that works on one rarely works on another. So instead the hackers look for exploits in the systems that the majority of people use.

Then you have the issue of software. Since many of us also have to do work from home, the DoD would have to make 2 different versions of programs. One for their custom Linux, then another for the majority of people who use Windows machines at home.
 

beerftw

proud ammosexual
DP Veteran
Joined
Nov 13, 2011
Messages
18,913
Reaction score
5,520
Location
kekistan
Gender
Male
Political Leaning
Socialist
Well, in the military most computers will run the exact same OS until the regional G-6 mandates that they all be upgraded. And generally this happens when after a certain date they "flip a switch", and no computers with an old image can log onto the network. However, this only affects computers that are connected to a SIPR-NIPR network. If they are stand-alone machines, what OS they run does not matter.

And for specific use machines, they may very often run some absolutely antiquated systems. As recently as 2007, I ran across a computer that was still used every day to run a $100k+ rock etching machine that was an 80386 and ran Windows 3.1. They wanted a larger hard drive, because the 80 meg drive was full. I opened it, scratched my head, and told them I could not help them. Sure, I could add another drive. But I had no idea where I could find another MFM hard drive! I imagine I could have dug around to find an ISA IDE card, but it would have been 2 decades old at least, and no guarantee how long it would last.

Finally I had to sell them one of my old systems. P3-800, which I was able to use Ghost to transfer their OS and software without major issue. But I told them at that time they had better start trying to contact the maker of that cutting machine, once that computer died there was simply no way to replace it.

But STE/ICE? I have not seen one of those in decades.

Xp was the oldest we had that accessed servers, 95 steice computers were offline maintenance computers. And yeah my old unit still had a few of them floating around for one reason or another, but they were next to useless except on outdated equipment, since the military stopped updating them a long time ago, and the pdf files the army uses for etm's require a higher version of adobe than win 95 could handle.

I know we had alot of 2k computers, but do not remember if they could access a server or not.
 

beerftw

proud ammosexual
DP Veteran
Joined
Nov 13, 2011
Messages
18,913
Reaction score
5,520
Location
kekistan
Gender
Male
Political Leaning
Socialist
Actually, I can't think of anything the military uses that is "dumbed down". We use the same hardware and software as any corporation, with the exact same firmware. This does not need to be "dumbed down" at all, since those like me who actually administer it have had extensive training in it, and often have the exact same certifications that our civilian counterparts have (CCNA, A+, Net+, MCSE, etc). And all this infrastructure is completely invisible to the end users, just as it is in any corporation.

Same with the OS. It is just a standard OS, simply locked down to restrict what a user can do in it.



That must have been the early 1980's. Back then, there was no "standard" for what a "Military Computer" was. Units simply bought their own and used them however they wanted. Then in 1986 they finally came out with a "standard desktop computer". I still remember when I had to unbox one for the first time in 1988. We had been using an old IBM DisplayWriter word processor (daisy wheel printer, 8" floppy), and we got our new computer. A Zenith 80386 with a 1.2m floppy and a 40 meg hard drive. Cutting edge at that time!

And oh the software! DOS 3.3, WordStar, Lotus 1-2-3, Dbase 3, and *drum roll* - Windows 1.02R. And yes, the exact same versions used in companies and homes worldwide. Also with the set came an Alps P2000 printer. Nope, no mice yet.

Then in 1991 I was in another office (using the exact same model computer) when I worked on my first "Military Network". It ran Banyan Vines, on a coax thinnet connection.

From the late 1980's on, military computers had to start meeting strict requirements. For a while in the early 1990's I even remember when they were trying to make all of them TEMPEST certified.

And yes, I saw the exact same thing in the civilian world as well. In 1995 I was involved in rolling out the first "Corporate Computer" at Hughes Aerospace. Just like the military a decade before, there was no standard. Each department just bought their own and used it until they had to replace it. We replaced them with either a P90 Dell with Win 3.11, or a Power Mac (for the first 4 months, the Macs were scrapped after that and pulled from service). We were pulling out of service systems that dated back to the 1970's. TRS-80s, propriatary HP machines, 8086 DOS boxes, even a couple of Atari STs, Commodore Amigas, and lots of old Macs going back to the original model.

In fact, the Mac PowerPC 6800 was a hard lesson for a lot of companies on the absolute need to conduct extensive testing before rolling out any new hardware or software. I could fill pages about what a disaster they were, and not just at Hughes. For years later I would run across them in companies ranging from Chevron, Disney, DirecTV, even US Borax and others. But that was an expensive lesson to companies nation wide.

When I say dumbed down I do not mean made so simple a monkey can use it, I mean it is simplified in design to a point that it is redundant enough that it can reliably serve the military. For example when win vista was coming out, the army was starting to roll out xp, xp was outdated then, but the military wanted something tested and reliable. Vista was a disaster at launch, many operating systems are, which is why it makes sense for the military to wait to adopt new tech.


And yeah it was back in the early 80's. but they kept many of those computers until the early 90's. Their big problem was not so much even the apple or the floppy disks, it was that they rushed in to buy the latest and greatest, and failed to consider what would happen if those computers failed, which caused them to rethink their computer infrastructure, digital backup systems, and paper backup systems.


That also leaves out the problem if ship A ran apple computers, ship B ran mac computers, and ship c ran ibm computers. There is no interchangability between them. Heck when I was in the national guard we still had mac plus computers from the early 90's sitting in the shed, in military grade sliding computer boxes.
 

jbi

DP Veteran
Joined
Sep 20, 2012
Messages
420
Reaction score
55
Gender
Undisclosed
Political Leaning
Undisclosed
Linux is not all that secure, never has been.

Heck, it is not even an "operating system", it is actually hundreds of them, written by thousands of different people. The only reason it is basically "secure" is that with so many variations, a hack that works on one rarely works on another. So instead the hackers look for exploits in the systems that the majority of people use.

Then you have the issue of software. Since many of us also have to do work from home, the DoD would have to make 2 different versions of programs. One for their custom Linux, then another for the majority of people who use Windows machines at home.

Linux is just the Kernel and is inherently more secure than windows as the end user does not have root access by default.

Being free and open source, the US would have full access to the complete source code and could place whatever custom front end they wanted onto the kernel.

Software and training would be a significant expense true... but than they would not be tied to the whims of one software company.
 

beerftw

proud ammosexual
DP Veteran
Joined
Nov 13, 2011
Messages
18,913
Reaction score
5,520
Location
kekistan
Gender
Male
Political Leaning
Socialist
Linux is just the Kernel and is inherently more secure than windows as the end user does not have root access by default.

Being free and open source, the US would have full access to the complete source code and could place whatever custom front end they wanted onto the kernel.

Software and training would be a significant expense true... but than they would not be tied to the whims of one software company.

Security wise linux is actually not very superior at all, in the unix world, linux focuses more on compatibility and user friendliness. The unix like or based operating systems known for superior security are bsd 4.4 and it's derivatives, and solaris. Minix is much more secure as well but is a unix like micro kernel, so it is in it's own world.

Also military computers with windows do not grant anyone easy access to anything, all fouo computers require a cac card to even
access anything, and if they are hooked to the military networks, they are constantly monitored, and restricted. The military has windows and it's software custom tailored for military use, and has actually worked extremely well.
 

Oozlefinch

DP Veteran
Joined
Jul 13, 2009
Messages
14,377
Reaction score
10,724
Location
State of Jefferson
Gender
Male
Political Leaning
Moderate
When I say dumbed down I do not mean made so simple a monkey can use it, I mean it is simplified in design to a point that it is redundant enough that it can reliably serve the military. For example when win vista was coming out, the army was starting to roll out xp, xp was outdated then, but the military wanted something tested and reliable. Vista was a disaster at launch, many operating systems are, which is why it makes sense for the military to wait to adopt new tech.

The biggest factor in this is software compatibility.

The history of the X86 platform can be traced through several clear generations.

DOS, the original.

Windows 3X, the first GUI OS. 85% of DOS software obsolete.

Windows for Workgroups 3.11/NT 3.51. First true networkable version of Windows, made the rest of DOS obsolete, as well as 50% of 3X software.

NT4/Win2K/95, this made 95% of all previous programs obsolete.

XP, a huge jump, but made 75% of previous programs obsolete.

And it continues to this day. Now much of this obsolescence was in the Kernal, where the newer OS simply could not run the older code. Other parts were because of changes in how networking was handles, or memory. Sometimes it was in the security behind an older version which rendered security on a newer one vulnerable if continued to be used.

Back when I first got on a "Military Network", as I said it was Banyan Vines. No real security at all, simply a way to share folders so we did not have to use "Sneaker Net" to get a report or request from one area of the unit to another. Heck, we did not even have user names and passwords! Just turn on the computer and you were in. Kind of like the "password security" on a 95 machine. Even today, most do not know that if you simply hit the escape key at the prompt it will ignore the passowrd and take you right in. And yes, the code was there to actually tighten it up, but it was feared by Microsoft that home users were not ready to remember user names and passwords and that millions would lock themselves out without an easy to use back door.

That also leaves out the problem if ship A ran apple computers, ship B ran mac computers, and ship c ran ibm computers. There is no interchangability between them. Heck when I was in the national guard we still had mac plus computers from the early 90's sitting in the shed, in military grade sliding computer boxes.

And that was common in that era prior to the PowerPC fiasco. In the previous decade every other computer platform (Amiga, ST, etc) had imploded, so we were left with only X86 LIM (Lotus-Intel-Microsoft), and Macintosh. And many in Government and Industry feared giving to much power to either one or the other. And remember, this was much more then just "Apple Vs. Microsoft". The platforms each used CPUs made by different companies, so it was also Intel Vs. Motorolla. We had yet to see the rise of AMD to give Intel competition. And the dominant business application was not run by Microsoft with Office. At this time, MS office was largely a joke, only it's word processor was favored (and that ironically among the Macintosh crowd). No, the Software giant was Lotus, with Lotus 1-2-3, and their early networking applications (Lotus Notes was the e-mail system used inside most corporations in the early 1990's).

Everybody was afraid at that time that if they gave everything to one company, it could hurt them in the future (especially after watching Commodore, Atari, HP, TI, and other implode). So diversify became standard. Make multiple standards, and in the end see which one works out the best.

And in the Government like in the corporate world, the X86 was the winner. So the rest were eventually phased out.

And yes, I do remember in Okinawa in 1990 visiting a maintenance shop on Okinawa that was using an Amiga. It was the only military owned Commodore I think I ever saw.
 

Oozlefinch

DP Veteran
Joined
Jul 13, 2009
Messages
14,377
Reaction score
10,724
Location
State of Jefferson
Gender
Male
Political Leaning
Moderate
Linux is just the Kernel and is inherently more secure than windows as the end user does not have root access by default.

Being free and open source, the US would have full access to the complete source code and could place whatever custom front end they wanted onto the kernel.

Software and training would be a significant expense true... but than they would not be tied to the whims of one software company.

And do you think the "End User" in a military computer has "root access by default"? Hell, they can not even change the screen resolution or add a printer without having somebody from S-6 come and do it for them. You are now bringing in something that really does not apply, because military and government computers are highly restricted in what they are able to do. It takes a great many months to finalize an Image to be used on these systems, and they are tested many ways for security and stability. Both subtle as well as brute-force.

And software would be an impossability. You are then demanding that every single program that the military uses, from word processing and spread sheets to CAD-CAM, diagnostics, and even drivers be custom written. Absolutely throwing everything back to pre-1980's era of compatibility. A giant leap backwards, just go ahead and dump every advance in the last 30 years and go back to mainframes with dumb terminals.

Yea, I remember those days. I also remember the last 5 years before Y2K when every corporation was struggling to find as many COBOL, PASCAL, FORTRAN, and other outdated language programmer to help them rewrite their old code from 20+ years ago so that it could work on modern machines. Even my mom made some money, selling some old backup tapes she had saved from a project for a utility company she had done in the mid 1970's. Her copy had the raw source code, while the one then in use had been changed and re-compiled several times over the decades and was almost indecipherable. I think she got around $10k for those tapes if I remember right.

You are demanding that the US Government then become it's own Software Publishing Company, and to stop using the software from all others. Are you even aware of the expense you are demanding? Replace everything made by companies like IBM, Microsoft, Adobe, ESRI, AutoDesk, and a thousand other companies and replacing them all with custom made versions. Not only can I see the huge cost, but also the liabilities. The lawsuits for copyright infringement, the inability to get good coders because the Industry will get the best ones because it can pay more.

And the training, oy vey! An engineer will spend 4-8 years learning to master something like AutoCAD. But to work for the Government, they will then have to dump all of that experience, then start all over again learning the new "Government approved program". And yes, I cut my teeth on Lotus 1-2-3 in the day. And when we made the switch to Excel I had to learn all over again. Yes, most of it was compatible, but not all. I had to re-learn a lot of ways to do things, because Microsoft did it differently then Lotus. And that was before we had Colleges dumping out tens of thousands of users and administrators skilled in using Excel.
 

Oozlefinch

DP Veteran
Joined
Jul 13, 2009
Messages
14,377
Reaction score
10,724
Location
State of Jefferson
Gender
Male
Political Leaning
Moderate
Security wise linux is actually not very superior at all, in the unix world, linux focuses more on compatibility and user friendliness. The unix like or based operating systems known for superior security are bsd 4.4 and it's derivatives, and solaris. Minix is much more secure as well but is a unix like micro kernel, so it is in it's own world.

Also the fact that each is in and of itself largely it's own OS.

Trying to compare BSD and Solaris is like trying to compare DOS 3 and NT4. Yes, there are similarities, but the way things were done in each are so different that a vulnerability in one will be almost guaranteed to fail.

Consider the infamous BSoD bug in 3.X-9x machines. A simple command (there were actually many of them) could cause the entire computer to crash. This command could even be inserted into websites so that when visited the computer would crash. That code was completely re-written for Win95 OSR2, but more bugs were found. The problem plagued the 9x platform until it was finally dumped for XP, which totally rewrote the way such software calls were handled.

The main safety of the various UNIX clones is simply that there are so damned many of them. And a vulnerability of one is likely not a vulnerability in another because it literally is a completely new operating system. As opposed to say the Microsoft-Apple Operating Systems, where one follows the previous, which follows the previous. And millions of people are using these versions, so an exploit can affect many more systems as opposed to an exploit found to gain access to a system running say Lindows.

A few years ago I worked for a Telephony company and we administered VOIP systems nationwide (as well as Canada and Australia). And it was interesting to see that every time we put a new system online with a static IP address, within hours a series of brute-force entry attacks would commence from various IP addresses registered out of China. However, we were using some rather obscure hardware specific to the VOIP industry, in a system that did not involve any actual physical "computers" at the locations. Simply boxes that worked like phone switching devicces, and some more advanced terminals which used a variation of LINUX loaded onto flash cards.

The irony was that the uniqueness and simplicity of the system is what kept it safe. All the dozens of hackers which would try to penetrate our system never seemed to get that what they were basically trying to do is little more effective then trying to hack into a "Smart Fridge" or "Smart Toilet". Even if they did somehow manage to get in through all of the security, all they would be able to do would be to make a phone call to a pre-registered phone number, saying they were Inmate XXXXX at the YYYY State Correctional Institute.

Normally the brute force hacking attacks would go on for about 2 weeks, then ease off to a more exploratory attempt for anywhere from a couple of hours to a day or so. Then they would just stop. Even as a network administrator with full access to everything on the system, it was sometimes interesting to see what had been put onto the system. I remember having inmates complain at one facility about dropped calls and poor call quality, so I dug around the network, and behold, I found something unexpected. We made the system only to handle phone calls and allow the required staff to record and monitor the calls. But some bright guards discovered that that since we used the Internet, they could hook up their own personal Slingbox devices and watch TV shows and movies while they were bored at work.

Well, I simply throttled the bandwidth to the MAC addresses of their video stremaing toys, and a few days later we had the guards calling to complain that they were having "Internet issues". Call quality improved to where the inmates no longer called, and providing entertainment for the guards was not part of the contract. So we told them to suck it up and get their own Internet for that or pay us extra and we would provide it for them. If I remember, the price agreed allowed us to upgrade from a T-1 to a fibre link, so problem solved all around.

But the point is, nothing in computer systems or networks is really all that easy. Somebody can spend hours trying to break into a site, and finally do so, only to realize all they gained control of is a switch that turns the porch light on and off. And often times, the best security is to simply use some of the dumbest and most obscure equipment that exists. Sure you can hack into a telephone control system in a company, but then what? The most you can pretty much do is re-write it's command codes so it no longer works. Then as an administrator somebody like me would replace it in an hour or so with a functioning unit, put it on the bench to find out what happened, and if it was hacked change all the security so it would not happen again.
 
Top Bottom