Linux vulnerable to infiltration

Linux source code could be infiltrated by dubious elements, including spies, according to a white paper released by Dan O'Dowd, chief executive officer of Green Hills Software Inc. This is his second white paper in a series that his company describes as being focused on "the urgent security threat posed by the use of the Linux operating system in U.S. defense systems, including the Future Combat System and Global Information Grid." Provocatively titled "'Many Eyes' - No Assurance Against Many Spies," Tuesday's paper debunks the fallacy that the "many eyes" with access to Linux source code ensure that it is free of Trojan horses or other malicious software.

Here is O'Dowd's argument:

"Now that foreign intelligence services and terrorists know that we plan to trust Linux to run some of our most advanced defense systems, we must expect them to deploy spies to infiltrate Linux. The risk is particularly acute since many Linux contributors are based in countries from which the U.S. would never purchase commercial defense software. Some Linux providers even outsource their development to China and Russia."

Read Full Story