Why Is The International Space Station Switching From Windows To GNU/Linux?
-
The real reason is ofc that their current support contractor has decided it likes penguin flavored koolaid more than the alternatives. :rolleyes:
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
-
http://www.itechpost.com/articles/9064/20130512/why-international-space-station-switching-windows-gnu-linux.htm[^]
Quote:
One benefit of the transition to GNU/Linux is that it will essentially make the computers immune to future viruses,
Really!
Since when is Linux immune to viruses? Linux generally has been much less of a target, but it is probably going to be a bigger target now on the ISS. Who was the idiot at NASA that forgot to scan the Russian's computer for viruses *before* the launch?
-
Since when is Linux immune to viruses? Linux generally has been much less of a target, but it is probably going to be a bigger target now on the ISS. Who was the idiot at NASA that forgot to scan the Russian's computer for viruses *before* the launch?
> Since when is Linux immune to viruses? There is some merit in the argument that WIndows is a bigger target because of its popularity. However, Linux and the other Unix variants have a different security model. By default, you have *no* permissions, and they are granted to you explicitly. Windows until recently wasn't of that ilk. Most desktop versions of Linux are designed around the fact that you don't need to be root for general work and for those other occasions there is sudo (or the GUI equivalents). Windows is in the unfortunate situation of having to support a lot of backward compatibility with its earlier incarnations that had a more relaxed attitude to security. Microsoft have done quite a lot in recent times and fair play to them. But they can't fix the holes and keep complete compatibility without introducing a lot of complexity and that complexity creates further holes to exploit.
-
> Since when is Linux immune to viruses? There is some merit in the argument that WIndows is a bigger target because of its popularity. However, Linux and the other Unix variants have a different security model. By default, you have *no* permissions, and they are granted to you explicitly. Windows until recently wasn't of that ilk. Most desktop versions of Linux are designed around the fact that you don't need to be root for general work and for those other occasions there is sudo (or the GUI equivalents). Windows is in the unfortunate situation of having to support a lot of backward compatibility with its earlier incarnations that had a more relaxed attitude to security. Microsoft have done quite a lot in recent times and fair play to them. But they can't fix the holes and keep complete compatibility without introducing a lot of complexity and that complexity creates further holes to exploit.
Linux is more susceptible to viruses than you may realize. http://en.wikipedia.org/wiki/Linux_malware[^] I can see good engineering reasons to choose Linux over Windows. If you need an OS that is minimal, can run solid compiled C code on dedicated devices, is dedicated to one or two specific primary tasks, then Linux makes good sense when you have the support people with the UNIX and C coding background. I can see where this is a common requirement in spacecraft systems. The Linux kernel is faster than the Windows kernel, but it is also less capable than the Windows kernel. If you need efficient multithreaded and multitasking from the OS, then Windows may be a better choice. Both represent good choices for the tasks that they each do best, and both represent safe and secure choices.
-
Linux is more susceptible to viruses than you may realize. http://en.wikipedia.org/wiki/Linux_malware[^] I can see good engineering reasons to choose Linux over Windows. If you need an OS that is minimal, can run solid compiled C code on dedicated devices, is dedicated to one or two specific primary tasks, then Linux makes good sense when you have the support people with the UNIX and C coding background. I can see where this is a common requirement in spacecraft systems. The Linux kernel is faster than the Windows kernel, but it is also less capable than the Windows kernel. If you need efficient multithreaded and multitasking from the OS, then Windows may be a better choice. Both represent good choices for the tasks that they each do best, and both represent safe and secure choices.
Certainly within the user space, such things as viruses infecting a document with scripting capability are a threat on all platforms. The issue for systems that use these things are their escalatability (is that really a word?). :) What we desire in an OS is an enclosed walled garden environment for users sufficiently robust to protect the machine from the misdeeds of the user or anything that they may run. The biggest threat to your machine is from the user themselves via social engineering exploits. It's very difficult to protect against these aspects. Doing your work as a non-privilege escalated user is a good first step but the user is the weak point of the system. The best you can do it protect the system from unintentional drive-by attacks via open ports and web-based vectors. If you have some malicious program or web page telling the user to do something stupid and the go ahead and do it, then well what can you do really? :(
-
Certainly within the user space, such things as viruses infecting a document with scripting capability are a threat on all platforms. The issue for systems that use these things are their escalatability (is that really a word?). :) What we desire in an OS is an enclosed walled garden environment for users sufficiently robust to protect the machine from the misdeeds of the user or anything that they may run. The biggest threat to your machine is from the user themselves via social engineering exploits. It's very difficult to protect against these aspects. Doing your work as a non-privilege escalated user is a good first step but the user is the weak point of the system. The best you can do it protect the system from unintentional drive-by attacks via open ports and web-based vectors. If you have some malicious program or web page telling the user to do something stupid and the go ahead and do it, then well what can you do really? :(
Amen to that! The most malicious virus is the EBKAC virus. :)
-
Certainly within the user space, such things as viruses infecting a document with scripting capability are a threat on all platforms. The issue for systems that use these things are their escalatability (is that really a word?). :) What we desire in an OS is an enclosed walled garden environment for users sufficiently robust to protect the machine from the misdeeds of the user or anything that they may run. The biggest threat to your machine is from the user themselves via social engineering exploits. It's very difficult to protect against these aspects. Doing your work as a non-privilege escalated user is a good first step but the user is the weak point of the system. The best you can do it protect the system from unintentional drive-by attacks via open ports and web-based vectors. If you have some malicious program or web page telling the user to do something stupid and the go ahead and do it, then well what can you do really? :(
Ralph Little wrote:
The biggest threat to your machine is from the user themselves via social engineering exploits. It's very difficult to protect against these aspects. Doing your work as a non-privilege escalated user is a good first step but the user is the weak point of the system.
And follow that thought through.... Operator misuse is the biggest hole in security and the NASA "fix" for that is to switch OSes?
-
Ralph Little wrote:
The biggest threat to your machine is from the user themselves via social engineering exploits. It's very difficult to protect against these aspects. Doing your work as a non-privilege escalated user is a good first step but the user is the weak point of the system.
And follow that thought through.... Operator misuse is the biggest hole in security and the NASA "fix" for that is to switch OSes?
> Operator misuse is the biggest hole in security and the NASA "fix" for that is to switch OSes? No. Changing the OS cannot fix stupid people. :-D
-
Well then, you don't know what you're talking about. They're only switching to Linux on their laptops (as their systems ran Linux already). Why would you use FreeBSD for work? It makes no sense, really.
Well.. obviously _you_ have no idea what you are talking about. Rob said OpenBSD, not FreeBSD (and while related, they are not the same). If you are going to tell someone that they are a fool, then maybe you shouldn't look like a fool yourself. And what exactly is wrong with FreeBSD/OpenBSD/*BSD? Based on your obvious ignorance of BSD flavors, I doubt any answer you give would be creditable.
-
Well.. obviously _you_ have no idea what you are talking about. Rob said OpenBSD, not FreeBSD (and while related, they are not the same). If you are going to tell someone that they are a fool, then maybe you shouldn't look like a fool yourself. And what exactly is wrong with FreeBSD/OpenBSD/*BSD? Based on your obvious ignorance of BSD flavors, I doubt any answer you give would be creditable.
Are you autistic or something? It was an obvious typo. He could've written XYZ instead of OpenBSD, the answer would be the same: they're not upgrading their servers or other systems that would actually warrant and benefit from BSD features, but only a dozen of laptops onboard the ISS. Hopefully you will understand that Debian is a much more natural choice for that.
-
Are you autistic or something? It was an obvious typo. He could've written XYZ instead of OpenBSD, the answer would be the same: they're not upgrading their servers or other systems that would actually warrant and benefit from BSD features, but only a dozen of laptops onboard the ISS. Hopefully you will understand that Debian is a much more natural choice for that.
> Are you autistic or something? It was an obvious typo. No. And the only thing obvious here is that you're an egotistical jerk (to put it very nicely). Maybe you should stick to relevant comments instead of unprovoked personal insults geared to cover up your own insecurities and shortcomings.
-
> Are you autistic or something? It was an obvious typo. No. And the only thing obvious here is that you're an egotistical jerk (to put it very nicely). Maybe you should stick to relevant comments instead of unprovoked personal insults geared to cover up your own insecurities and shortcomings.
Thanks, you saved me the effort of replying. My point stands, they said they were updating for security reasons. OpenBSD has the best track record for security for any Unix platform. 2 remote holes in a heck of a long time. But I didn't expect an informed debate the instant he referred to FreeBSD, which is, while related, a different beast entirely.
"If you don't fail at least 90 percent of the time, you're not aiming high enough." Alan Kay.
-
> Are you autistic or something? It was an obvious typo. No. And the only thing obvious here is that you're an egotistical jerk (to put it very nicely). Maybe you should stick to relevant comments instead of unprovoked personal insults geared to cover up your own insecurities and shortcomings.
Are you trying to insult me or bore me to death? Whatever it is, you're not doing it right. Try sounding less like you've just taken some gender studies course and maybe people will actually take you seriously. Also don't bother responding or something like that, I'm off this site.
-
Well.. obviously _you_ have no idea what you are talking about. Rob said OpenBSD, not FreeBSD (and while related, they are not the same). If you are going to tell someone that they are a fool, then maybe you shouldn't look like a fool yourself. And what exactly is wrong with FreeBSD/OpenBSD/*BSD? Based on your obvious ignorance of BSD flavors, I doubt any answer you give would be creditable.