Skip to comments.Open Source Is Becoming a Military Necessity
Posted on 08/18/2012 11:59:23 AM PDT by ShadowAce
One of the biggest lies told about open source is that it's insecure.
In letting just anyone use your code, that has to include the bad guys. They're bound to find a way to compromise it, the thinking goes.
But that's not the way it works in real life. Having every potential victim working on your neighborhood code watch turns out to deliver more security, not less.
Having everyone who might be the victim of an online break-in organized, finding bugs, writing and testing fixes, constantly improving security tools, works.
Don't believe me? Well, maybe you'll believe the National Security Agency or the Department of Homeland Security. The open source process works for them, too.
For a decade, one of the most popular intrusion prevention and detection systems has been Snort, created by Martin Roesch. But the company he built around that software, Sourcefire, only gives away the basic package. If you need extensions, if you want a more complete system, you have to pay. That code is controlled by Sourcefire.
There is nothing unusual in that. Many open-source businesses create free community and paid "enterprise" editions of their software. This is what Red Hat(RHT) is all about -- you can download Fedora Linux free or buy Red Hat Enterprise Linux. In both cases you get to see the code, but with the paid version you get the support needed to run it professionally.
But this model didn't work with Snort. The Department of Homeland Security, the military, and the NSA could not be "held hostage" to Sourcefire for improvements to the code, or for the specialized suite needed to protect the nation.
So the Department of Homeland Security got together with major contractors and formed their own open source project, the Open Information Security Foundation. OISF has its own intrusion system, called Suricata, whose syntax is based on Snort, so if you are accustomed to one you can use the other.
But Suricata will be a complete system, not just a "sniffer," as intrusion detection products are colloquially known. The whole Suricata suite will be open source. This process is now expanding, as I noted here at TheStreet.com on Monday.
In May, the National Security Agency co-hosted an Open Source Security Industry Day at a Johns Hopkins facility in Fort Meade, Md. As ZDNet's Steven J. Vaughan-Nichols reported, agency people described their needs for open source and urged suppliers to include open source in their offerings.
John Weathersby of the OSS-Institute, which is now affiliated with Georgia Tech in Atlanta, told me most of the day was devoted to small "breakout" sessions, where contractors answered hard, detailed questions put to them by key government customers. The affair wasn't just a series of sales pitches, he said. It was the first step in a negotiation.
Among the open source projects the NSA supports is Security Enhanced Linux (SE-Linux), for which it has developed an access control module called Flask, hosted at the University of Utah. Open source and security, in other words, do go together.
Open source can only provide tools. Procedures are also needed to assure that people maintain security. So the Cloud Security Alliance offers an integrated stack of such procedures, called the GRC Stack. GRC stands for Governance, Risk management and Compliance. This is maintained in an open process with the support of both contractors and software vendors.
Point is, open source and security do mix. They mix well. With more businesses moving toward cloud technology, much of it based on open source software, they are going to be doing a lot more mixing.
I expect to see some pretty bloody reprisals after the first multi-million dollar loss of data in the 'cloud'.
“Why the push to centralize to cloud locations rather than remaining distributed?”
I’ll claim ignorance here, but I thought “the cloud” was the definition of distributed computing and data management.
Various futurists have been arguing that the value of data is rapidly approaching zero during this age of accelerating change and ubiquitous information access. Put another way, the half life of a good idea is getting shorter and shorter. Business models based on husbanding data as if it has value (the crown jewels) are going to fade away and be replaced by business models built on the concept of exploiting new and publicly available data more rapidly than your peers.
I fear that if these predictions are true, the U.S. government and its love of classified data will fail to compete with faster governments not married to protecting mountains of information or data. Many of our larger businesses could follow suit.
We live in interesting times.
You are exactly correct...the value of data is plummeting. As we trend towards perfect information, it seems like markets will begin to correct instantly almost removing short term profit takers and liquidity from the markets.
As consumers increasingly use engines like amazon and google products, retailers will continue to die off and the profit model will continue to be destroyed.
I don’t know where it all ends. Combine this with the automation trend it seems we in a negative feedback loop that doesn’t have an obvious solution. I don’t know what happens when there are just no jobs and no ways for 80% of the population to make any money.
I agree. Even in a full-on information age, there will be a need to protect some data. I'm thinking it's a tiny amount though.
Please click the link.
The Republic you save may be your own.
Knock it off!
Knock off commenting on the thread spam which you used to forbid?
Knock THAT off?
RedMDer’s posts are not spam. He’s helping tremendously with our FReepathon and I appreciate it very much.
Look, if we had to go to commercial advertising to pay for this site, you’d probably see several with every click. They only raise a tiny fraction of a cent per impression.
He’s an incredible, wonderful, hard working member of our FReepathon team. :)
Which is why I’ve been a monthly donor since a few months after I signed up. I question the value of the (not) spam. Just my opinion.
It’s all true. :)
Well, thank you very much, but in MY opinion, the reminders on the threads help tremendously.
And I’m extremely grateful for our FReepathon team who work tirelessly to keep these fundraisers moving, especially during slow days like today. Thank you ALL very much!!
Companies increasingly outsource their IT to foreigners so they don't really care. It's all about price. A virtual data center of 100 servers can be created in the cloud in 2 days, while the track record in many IT shops is 2 months to provision a single physical server. The price of cloud computing is amazingly dirt cheap. Eventually companies will move to inhouse or more local cloud infrastructure.
Here's an intro to Amazon web services: http://aws.amazon.com/resources/webinars/
Thank you for Free Republic, Jim.
Thank you very much, dearest Jim. As it happens, RedMDer works harder than anyone, and he holds the full time job! Talk about dedication, RedMDer is his name. I might add, his creations are some of our very best.
It's appreciated by many and myself!
Thank You for that and for your dedication, hard work, donations and thoughtful informative posts as well.
We’ve been huge users of cloud based technology for a very long time. I can remember working for weeks and months on systems designs back in the 70’s and 80’s and we’d develope huge complex flow charts with boxes and circles and arrows pointing every which way. But there was always one cloud shaped symbol on the most critical systems chart that was labeled, and then a miracle happens here.
I don't mind the prompts and graphics in the threads during a FReepathon, not one bit. To me they're a reminder:
FREEDOM IS NOT FREE.That's why I became a monthly donor myself some way back. Just want to do my little part.
NEITHER IS A GREAT WEBSITE!
God Bless America, and God Bless the Free Republic team who is working to keep her free!
Information in the cloud or wherever it is: Yesterday, I put my name in search and up came all this information on me. I then put in my friend’s name, and lots of info. came up on him and his wife’s name was also there. They can turn their computers on and send email, but they don’t know how to use the internet. For instance, someone gave him a Kindle one Christmas and he didn’t use it for a year until I visited them so I could connect it to Amazon for him. Yet, there is all this information on him on the net.
My name has a facebook acct. but I don’t write there and have no picture there. Have never done twitter at all.
Working in the Republican Party or other political organizations will get your name on the web even if you don’t put it there (like me).
What I am saying, is, if you are alive and take any action at all, information about you will be on the web.
I really don’t like that and I can’t get that info. off there.
Don-o, we appreciate you and all of our monthly donors and ALL of our donors very, very much. FR could not survive without your loyal support.
But here’s what’s happening. We have about 800 loyal monthly donors who contribute a good portion of our funding needs. And then another 1500-1600 donors who make up the rest. And many of our monthly or regular donors end up donating twice or more during the FReepathons too.
And the FReepathons are taking longer to complete. And for many reasons. One is the economy. Many of our members have had to cut back on expenses just to get by. Another is lack of enthusiasm. As the godless liberals take more and more control over our government and our society, and as the Republican party continues failing to slow it down, and worse are actually becoming part of the problem, our members are getting discouraged.
And the members who are not super pissed at the Republicans lack of ability to get the job done, get super pissed at me for no longer supporting the obviously failing, ineffective RINO candidates.
So, even though we’ve always been able to raise the funds we need, it’s taking longer to do so. Out of the 200,000 or more people who visit FR every day, sometimes many times a day, we have less than 2% of them who actually donate to help keep the site going.
It does get very discouraging at times. This fundraiser happens to be running a couple days ahead of the pace set by the prior fundraisers this year, and I hope the pace continues.
We’re getting real close to the yellow right now and then we’ll be on the home stretch. The “300 FReepers with $50 challenge” issued by I_be_tc last week was hugely successful and I suspect the next batch of checks received at the PO Box will have several more of those. When Amy next picks up at the PO Box, it’ll be the first batch received since that challenge was issued.
God bless our monthly, dollar-a-day, and mail-in donors. When we process their batches of contributions as received, they keep our FReepathons bumping along nicely.
And the efforts of our dedicated FReepathon teams on the threads help urge new members to become donors. If more of our members who use and enjoy FR daily would help support the site, these fundraisers wouldn’t take so long.
Plus, we have the New Monthly Donor campaign going strong. TheOldLady and her team of generous NMD Sponsors and our dedicated FReepathon teams are doing a terrific job of keeping the number of monthly donors from falling off as discouraged people drop out of that program.
So, please do not give our hard working FReepathon team members a hard time. As I said, if we had to depend on commercial advertising, we’d probably have to have 5 or 6 ads on every page. And that would be 24/7, 365 days per year.
And commercial advertising is very intrusive. I’m noticing lately that when I visit news sites and the blogs that are posted here I’m seeing more and more ads that are personally aimed directly at me. I’m noticing that if I search for something on google, or look at something on Amazon, etc, they’re placing tracking cookies on my computer and whenever I visit news sites or blogs, even the friendly conservative sites, I’m getting ads for the products I just viewed.
Now, a lot of people are not going to like that. They’re going to turn off the cookies or find ways to block the ads in the first place, then the revenue falls off. And don’t even want to talk about the demands the advertisers will put on us regarding content and commentary. Chick-Fil-A, anyone?
It’s a never ending vicious cycle. Thank God for our loyal FReepers!!
OK Jim, I am mailing you a check for $50.
Thank you very much, dayglored!!
Thank you very much, vox_freedom!!
Thank you and your team for their very hard work and thanks
for keeping this site ad-free. Facebook ads annoy the heck
Keep the faith! FReeRepublic will survive and become stronger!
Woo hoo!! Thank you very much, Ditter!!
Jim, I only wish I could give more. If I could invest in some securities and have the gains each month go straight to you, I’d do it in a heartbeat. I’m changing jobs and living arrangements in the next few weeks - when the dust settles, maybe I can ratchet things up.
Free Republic is funded solely by contributions made by liberty loving grassroots conservatives like you who enjoy and use it. We take no money from and are not beholden to outsiders or corporate string pullers or party king makers.
Beholden to no one!
That’s the down side of the Internet. It hurts. Personal privacy is lost.
God bless and keep you, dearest Marcella. You’re the very best.
Thank you very much, LUV W!!
Thank you very much, arderkrag! Good luck and God bless.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.