On the Other hand: Re: [ISN] Auditors warn of foreign risks to weapons software

InfoSec News isn at c4i.org
Fri May 28 08:46:43 EDT 2004

Forwarded from: The Unknown Security Gal 

Dan O'Dowd Reminds World of UNIX Creator Ken Thompson's Security Stunt
"We must not entrust national security to Linux," he declares.
April 11, 2004, http://linuxworld.com/story/44468.htm 

In a speech intended to serve us a wake-up call to anyone relying on
the "many eyes" that look at the Linux source code to quickly find any
subversions, the CEO of Green Hills Software last week reminded his
audience how UNIX's creator Ken Thompson installed a back door in the
binary code of UNIX that automatically added his user name and
password to every UNIX system - a secret he revealed only 14 years

By LinuxWorld News Desk 
lwmeditors at sys-con.com  

In a speech to the Net-Centric Operations Industry Forum in McLean,
Va., Dan O'Dowd, CEO of Green Hills Software Inc., argued that the
proliferation of Linux through a growing number of U.S. defense
systems poses a serious and urgent security threat,

"The very nature of the open source process should rule Linux out of
defense applications," O'Dowd said.

"The open source process violates every principle of security. It
welcomes everyone to contribute to Linux. Now that foreign
intelligence agencies and terrorists know that Linux is going to
control our most advanced defense systems, they can use fake
identities to contribute subversive software that will soon be
incorporated into our most advanced defense systems," he continued.

In addition, O'Dowd noted, developers in Russia and China are also
contributing to Linux software. Recently, the CEO of MontaVista
Software, the world's leading embedded Linux company, said that his
company has "two and a half offshore development centers. A big one in
Moscow and we just opened one in Beijing."

Linux has been selected to control the functionality, security, and
communications of critical defense systems including the Future Combat
System, the Joint Tactical Radio System and the Global Information
Grid, said O'Dowd.

"If Linux is compromised, our defenses could be disabled, spied on, or
commandeered. Every day new code is added to Linux in Russia, China
and elsewhere throughout the world. Every day that code is
incorporated into our command, control, communications and weapons
systems. This must stop," he added, before continuing:

"Linux in the defense environment is the classic Trojan horse scenario
- a gift of 'free' software is being brought inside our critical
defenses. If we proceed with plans to allow Linux to run these defense
systems without demanding proof that it contains no subversive or
dangerous code waiting to emerge after we bring it inside, then we
invite the fate of Troy."

One of O'Dowd's most telling points came when he debunked the claim by
Linux advocates that its security can be assured by the openness of
its source code, arguing that "many eyes" looking at the Linux source
code will quickly find any subversions.

Ken Thompson, the original developer of the Unix operating system
(which heavily influenced Linux) proved that this just isn't true,
O'Dowd argued. Thompson installed a back door in the binary code of
UNIX that automatically added his user name and password to every UNIX

O'Dowd told his audience that, when Thompson revealed the secret 14
years later, he declared:

"The moral is obvious. You can't trust code that you did not create
yourself. No amount of source-level verification or scrutiny will
protect you from using untrusted code."

"Before most Linux developers were born, Ken Thompson had already
proven that 'many eyes' looking at the source code can't prevent
subversion," said O'Dowd. "Linux is being used in defense applications
even though there are operating systems available today that are
designed to meet the most stringent level of security evaluation in
use by the National Security Agency, Common Criteria Evaluation
Assurance Level 7 (EAL 7)."

"We don't need cheaper security. We need better security. One 'back
door' in Linux, one infiltration, one virus, one worm, one Trojan
horse and all of our most sophisticated network-centric defenses could
crumble. We must not abandon provably secure solutions for the
illusion that Linux will save money. We must not entrust national
security to Linux," O'Dowd concluded.

About the author

LinuxWorld News Desk gathers stories, analysis, and information from
around the Linux world and synthesizes them into an easy to digest
format for IT/IS managers and other business decision-makers.

Related Sites 

· Biography of Ken Thompson <http://www.bell-labs.com/history/unix/thompsonbio.html>  

More information about the ISN mailing list