Rant No Defense for Linux
Brian Kelsay
BLKELSAY at kcc.usda.gov
Wed Jul 28 13:04:08 CDT 2004
This is exactly why there are multiple versions of Linux. One for each special job. This is why
you should pay for specific versions of Linux. The certifications cost big bucks. IBM, SuSE and
RedHat paid big bucks to get the (I think) EAL level 2 and 3 Cert. Windows was only able to pass
level 3 and 4 by unplugging from the network. I think this is also why the NSA was interested in
making SELinux and contributing their changes back. They would like an all-around more secure
Linux. They can also become involved in computer crime investigation (if you read Cuckoo's Egg),
so this makes their job easier if OSes are harder to crack and run worms on.
The Green Hills guy is obviously writing from a selfish perspective. He probably knows about
LynuxWorks DO-178b Level A Cert., but by failing to mention it he completely destroys his
credibility. Not all situations, even in the military, require software that doesn't fail ever.
If they did the cost of all systems would be too high. By having some that are (aviation, space
travel, military ship control) you get the design strength and security you ask for where needed
and, with Linux, some positive changes can be fed back into the more general distributions.
The point I'd like to make is that with this article and the desktop one I brought up yesterday,
Linux needs to maintain APIs for the different modes it used in. Meaning, design an API with a
good general use in mind and for some items make it very strict, secure and don't change it. That
has been Windows problem. Multiple versions of the VBA and c lib .dll anyone. The fact that
programs written for Windows are allowed to replace those core .dlls is a major flaw in my opinion.
I'm just saying I don't want Linux to EVER travel down that road. I think you can currently have
multiple versions of libs on Linux with various apps requiring one or another, although I haven't
been watching this lately, and that is the way dependencies should be. The libs should be
separate, yet linked to the apps that need them. When no apps require a lib any longer it may be
discarded. Windows tries to do this, but it seems to forget if anything requires a .dll and then
asks the user to discard it. How do I know if a lib is no longer required?
Rant, discuss, enjoy,
Brian Kelsay
>>> "Brian Densmore" <> 07/27/04 05:06PM >>>
> >> From: Charles, Joshua Micah (UMKC-Student)
>>Several operating systems have been DO-178B Level A certified. Until
> >Linux is certified to DO-178B Level A, our soldiers,
> sailors, airmen and marines should not be asked to trust their lives with it.
>
> He makes a point here, I think.
Then I guess he's saying we should all trust Linux.
Here's a Linux version certified to DO-178b Level A
http://www.embeddedstar.com/press/content/2003/4/embedded8445.html
Lynxworks embedded Linux.
Let's see a Windows version of that. Sure his company has one. It's not that hard to do.
Also the EAL4 level Windows he's talking about you can't buy at Best Buy.
It's a custom build and you're not going to get it for $200.
This guy is *Nothing* but another M$ FUDDER. Nothing to see here, move along.
The only point this guy could possibly make is that we shouldn't necessarily trust
a generic out-of-the-box Linux version to run as a real-time OS. You'd want to buy
a Linux Real-time OS version for something like that.
Brian
P.S. Groklaw and /. have already rebutted all this guy's BS
More information about the Kclug
mailing list