Microsoft to share windows source code with indian army

Dark Sorrow

Respected Member
Senior Member
Joined
Mar 24, 2009
Messages
4,988
Likes
9,931
I Dont think you understood my posts, When did I ever suggest not using/building on top of linux (or something else)?
Sir, I believe you said that we should completely develop a new OS from scratch locally on which I said it won't be feasible and security testing would remain and major issue.
Developing application on top of Linux kernel would be more appropriate.
 

DingDong

Senior Member
Joined
Oct 24, 2014
Messages
3,085
Likes
7,794
Country flag
Sir, I believe you said that we should completely develop a new OS from scratch locally on which I said it won't be feasible and security testing would remain and major issue.
Developing application on top of Linux kernel would be more appropriate.
Few years ago I was working a secure system for XXXXXX and I received a weird demand: Create a top-secret Cryptographic Algorithm. The reason behind working on the system was that there was a suspicion that US agencies had bloated and inserted back-doors in the application even though the source code was available.

Problem is that a top-secret Cryptographic Engine can never be proven to be secure that is why all Cryptographic engines are released in public domain.

Kerckhoffs's principle - Wikipedia, the free encyclopedia

Unfortunately our top agencies are being run by monkeys who know nothing and make weird demands which can never be fulfilled by serious professionals.

And yes you are right, creating an OS is not an easy task, even for the government agencies, forget about the Kernel, even the boot-loader is too complicated. That is why there are hundreds of thousands of Linux System Programmers but only a few hundred Linux kernel developers.

BTW, quest for that "hardened OS" has been going on since stone age and it will continue until eternity. It will never be achieved because they will never be able to arrange proper budget and most importantly, proper people.
 
Last edited:

boris

Regular Member
Joined
May 2, 2012
Messages
347
Likes
256
Country flag
Few years ago I was working a secure system for XXXXXX and I received a weird demand: Create a top-secret Cryptographic Algorithm. The reason behind working on the system was that there was a suspicion that US agencies had bloated and inserted back-doors in the application even though the source code was available.

Problem is that a top-secret Cryptographic Engine can never be proven to be secure that is why all Cryptographic engines are released in public domain.

Kerckhoffs's principle - Wikipedia, the free encyclopedia

Unfortunately our top agencies are being run by monkeys who know nothing and make weird demands which can never be fulfilled by serious professionals.

And yes you are right, creating an OS is not an easy task, even for the government agencies, forget about the Kernel, even the boot-loader is too complicated. That is why there are hundreds of thousands of Linux System Programmers but only a few hundred Linux kernel developers.

BTW, quest for that "hardened OS" has been going on since stone age and it will continue until eternity. It will never be achieved because they will never be able to arrange proper budget and most importantly, proper people.
That was one weird demand, creating crypto takes time and a hell lot of math. You are bang on, even with the budget for a project like this, the right talent is way more important. Kernel developers and system programmers are very hard to find in India given that most programmers are mostly ".NET,PHP" service industry folks. Guys with an excellent base in Computer Organization,C,Assembly,OS- the base requirement for anyone aspiring to get into systems or kernel development, are very few in this country.
 

Free Karma

Senior Member
Joined
Oct 3, 2013
Messages
2,372
Likes
2,600
Sir, I believe you said that we should completely develop a new OS from scratch locally on which I said it won't be feasible and security testing would remain and major issue.
Developing application on top of Linux kernel would be more appropriate.
Here is what I said in post 4:
govt trying to create an Indian OS using Linux.

Are we not saying the same thing? :confused:
 
Last edited:

abingdonboy

Senior Member
Joined
Sep 13, 2010
Messages
8,039
Likes
33,578
Country flag
I remember hearing about the govt trying to create an Indian OS using Linux, perhaps this would be a good time to look into that project.

Got it: Bharat Operating System Solutions | BOSSLinux

BOSS :cool2:

I havent used it myself, but heard it was not that great. Perhaps the govt can put some work into it, and get something useful out of it.

So this is what is happening with boss:
Government's OS BOSS dying a slow death due to lack of patronage
Watch all parts (BOSS is mentioned in part to AFAIK):


Contradicts what this article says and this entire seminar refutes this nonsense "IA love for foreign maal" theory.
 
Last edited by a moderator:

sorcerer

Senior Member
Joined
Apr 13, 2013
Messages
26,920
Likes
98,472
Country flag
I think he is referring to the everlasting device driver problem on Linux. Most devices just don't work on Linux. Only the most popular printers, sound cards, graphics cards, etc. work well on Linux. Most others simply don't work. The crux of the issue is the GPL. Linux insists that the device drivers should be open source, distributed as part of the Linux source code. That is the spirit of GNU GPL . Some manufacturers agreed, most didn't. So, Linux hackers were left with the unenviable task of trying to reverse engineer the drivers, with mixed success.
Yes..You are right..This was what I meant.
When the govt departments are ordering computers on large scale, it goes to the cheapest bidder that match the system specification. That means the hardware can vary wildly in their configurations, not just that but hardware using propreitory drivers. This means installing linux distros would be a hit or miss when we work with such wide configurations.

This could create compatibility issues with Inux and thats when we enter the Backport zone to fix it. This could mean security vulnerability and lack of prompt patches etc etc.

To fix this the Govt should specify certain hardware configurations by stating company or brand names. I dont know how "Democratic" that would look like even though the intentions are clear and clean.

Making a part of network secure and leaving others to vulnerability beats the purpose.


@Dark Sorrow .. This is what I meant.
 
Last edited by a moderator:

Latest Replies

Global Defence

New threads

Articles

Top