Rant No Defense for Linux

Brian Kelsay BLKELSAY at kcc.usda.gov
Wed Jul 28 13:04:08 CDT 2004 

This is exactly why there are multiple versions of Linux.  One for each special job.  This is why 
you should pay for specific versions of Linux.  The certifications cost big bucks.  IBM, SuSE and 
RedHat paid big bucks to get the (I think) EAL level 2 and 3 Cert.   Windows was only able to pass 
level 3 and 4 by unplugging from the network.   I think this is also why the NSA was interested in 
making SELinux and contributing their changes back.   They would like an all-around more secure 
Linux.  They can also become involved in computer crime investigation (if you read Cuckoo's Egg), 
so this makes their job easier if OSes are harder to crack and run worms on.

The Green Hills guy is obviously writing from a selfish perspective.  He probably knows about 
LynuxWorks DO-178b Level A Cert., but by failing to mention it he completely destroys his 
credibility.  Not all situations, even in the military, require software that doesn't fail ever.   
If they did the cost of all systems would be too high.   By having some that are (aviation, space 
travel, military ship control) you get the design strength and security you ask for where needed 
and, with Linux, some positive changes can be fed back into the more general distributions.

The point I'd like to make is that with this article and the desktop one I brought up yesterday, 
Linux needs to maintain APIs for the different modes it used in.   Meaning, design an API with a 
good general use in mind and for some items make it very strict, secure and don't change it.  That 
has been Windows problem.  Multiple versions of the VBA and c lib .dll anyone.   The fact that 
programs written for Windows are allowed to replace those core .dlls is a major flaw in my opinion. 
  I'm just saying I don't want Linux to EVER travel down that road.  I think you can currently have 
multiple versions of libs on Linux with various apps requiring one or another, although I haven't 
been watching this lately, and that is the way dependencies should be.  The libs should be 
separate, yet linked to the apps that need them.  When no apps require a lib any longer it may be 
discarded.   Windows tries to do this, but it seems to forget if anything requires a .dll and then 
asks the user to discard it.  How do I know if a lib is no longer required?

Rant, discuss, enjoy,

Brian Kelsay

>>> "Brian Densmore" <> 07/27/04 05:06PM >>>
> >> From: Charles, Joshua Micah (UMKC-Student)
>>Several operating systems have been DO-178B Level A certified. Until 
> >Linux is certified to DO-178B Level A, our soldiers, 
> sailors, airmen and marines should not be asked to trust their lives with it.
> 
> He makes a point here, I think.

Then I guess he's saying we should all trust Linux.

Here's a Linux version certified to DO-178b Level A
http://www.embeddedstar.com/press/content/2003/4/embedded8445.html 
Lynxworks embedded Linux.

Let's see a Windows version of that. Sure his company has one. It's not that hard to do.
Also the EAL4 level Windows he's talking about you can't buy at Best Buy.
It's a custom build and you're not going to get it for $200.

This guy is *Nothing* but another M$ FUDDER. Nothing to see here, move along.

The only point this guy could possibly make is that we shouldn't necessarily trust
a generic out-of-the-box Linux version to run as a real-time OS. You'd want to buy
a Linux Real-time OS version for something like that.

Brian

P.S. Groklaw and /. have already rebutted all this guy's BS

More information about the Kclug mailing list