Didn't Bush give a talk a few months ago showing a map of Iraq showing current troop deployments thoughout Iraq? I think it was a townhall in Iowa or something? (I could be wrong about that though)

The war on terrorism.

The war on terror.

The war in Iraq.

The war on drugs.

The war on teenage sex.

The war on blogs.

War, war, war, war.

Not to mention the thousands of military computers on the public internet that are commandeered by spam bot networks. There is NOTHING stopping terrorists from commandeering portions of the botnets, military or otherwise -- access can be had for a few dollars -- and using them for increasingly sophisticated denial of service attacks on important internet targets. No one in the government, R or D, is talking about this threat, but it's absolutely real.

Having served in the military, it comes as absolutely no surprise that the official brass accidently gives away more secrets than blogs from actual soldiers in the field.

By "info... that could endanger U.S. operations" I don't think they mean actual security breaches as much as "info about what it is actually like to be a soldier in Iraq, which would show the public just how fucked up it is over there."

Fnarf, the bot-net thing is really only a problem if those military computers are running DOS or Windows instead of something more secure like Unix, Linux, or Mac OS X. Do you know what OS they use?

I agree with #5

Frontier, not Freedom.

Uh, Phil, nobody uses those other OSes. The military is almost entirely Windows, just like everybody else. The vast majority of military computers are off-the-shelf Dells or whatever, just like everybody else.

Um, Fnarf, everyone who knows better uses those other operating systems. Why would anyone concerned with security, much less the U.S. military, be using an operating system for which 10's of thousands of malware programs are released each year when much more secure alternatives exist?

Also, can you cite any statistics to back up your claims?

Yawn.

@2 - I'm declaring an American patriotic War on War.

No more funding, no more troops - if you want to invade Iran or Iceland or stop trance music dancing - do it yourself, but get your hands out of my pocketses and off my troops.

Right -- I didn't think so.

Phil, Phil, Phil. I'm sure you're a zealous defender of all things linux and all things open source, but reality just isn't paying attention.

It shouldn't take you too long googling to find out that Dell, for one, has a multi-billion-dollar contract to provide stuff to the military, or that they even have a special portal available to the military to order it through.

They use some linux stuff too. The difference is, every time a copy of linux gets installed there are 45 blog entries claiming "see! Linux IS better! We're winning! It's true! Finally!".

I've seen dozens of pictures of soldiers in Iraq, commanders at Dohar, and Pentagon dweebs holding Windows machines. The frigging Iraq war was PLANNED in PowerPoint running on Windows machines. And the presence of bots running on military computers has been reported in the New Yorker just last week.

If you think linux is "better", more power to you. If you think it's the dominant OS in the military, you're just plain wrong.

Fnarf, why are you making guesses about what I might think and feel rather than supporting your own arguments with some references or presenting counter-arguments to the points I've raised?

Windows has been a security nightmare since it was just a DOS GUI. Unix was written with a focus on security, as it has always been a multi-user system. Linux and Mac OS X are both have their roots in Unix, and both have been leaps and bounds ahead of Windows for years when it comes to network security. Windows development is driven by marketing departments with a focus on selling software, mostly to people who don't know anything about it. Unix development is driven by computer scientists with a focus on making it work well and do what users want. It's not surprising how things have turned out.

Why the military would base our national security on Windows is beyond me. But then, I have no reason to think that they do other than your claims about what you've seen on television.

oops -- s/on television/in pictures/

Phil M: Security is important to the military, and Windows is insecure, therefore the military must be using mostly *nix.

Fnarf: Just because the military should use a secure OS doesn't mean they do, and they don't.

Phil M: That's too stupid to believe. Show me some evidence.

Fnarf: Huge Dell contract, clear trend visible in current pictures, recent credible reporting on security issues stemming from military windows use.

It's admittedly been a while, but in my time in the Army, I saw exactly one computer that wasn't DOS/Win, an ancient Xerox GUI system that was universally loathed and couldn't talk to anything else.

If the U.S. military had ever made a substantial move away from Windows, that would have been real news.  There has been no such news.

Phil M doesn't seem to understand that while the U.S. military has many smart people concerned with security, it is also a large bureaucracy that suffers from inertia and favors the path of least resistance.

They don't want the training costs and challenges (not to mention the political headaches) of adopting Mac OS or *nix.  The culture is naturally distrustful of open source, and the Pentagon is not exactly crawling with iconoclast computer geeks eager to rock the boat.

As recently as the mid 90's, only a selected few units were getting Gore-Tex jackets and rain paints.  The rest of the army still made do with 50's era heavy coats and rubberized nylon ponchos.

Phil M is living in a dream world.

Fnarf: Military uses computers and as we all know, computers are commandeered by spam bot networks. There's nothing stopping terrorists from commandeering military computers.

Phil: The bot-net thing is only a problem if those military computer are running somtheing crappy like DOS or Windows instead of Unix, Linux, or Mac OS X. Anybody know what they use?

Fnarf: Phil, you're an idiot. It's impossible to use computers without Windows, and thus everyone uses Windows. Surely the military just picks up a copy of PC Magazine, calls whoever has a comfortable, corporate-friendly advertisement, and orders some shitty Windows machine like your average sheep.

Phil: No, not everyone uses Windows. People who know better don't. Surely the military has the sense not to. Hell, even you are aware of all the malware that is able to infect Windows. Can you cite any statistics to back up your claim that no one uses anything but Windows?

Fnarf: La, la, la, la.

Phil: Typical response.

Fnarf: Philly, Phil, Phil. I don't know anything about Unix or Mac OS X, but I heard from my Microsoft buddies that Linux is a joke. I can tell that you spend your days evangelizing the greatness of shareware. Check into it and you'll find that Dell is in bed with not only Microsoft but the military. You Unix weenies and your little blogger friends will never win. I've seen plenty of pictures of soldiers doing their important military work on their military computers and every time, there was a little Windows thingy on the screen. I helped plan the U.S. occupation of Iraq, and we used Microsoft PowerPoint to do it. I know what you think, and you're a fool.

Phil: Quit putting words in my mouth. I said it's ridiculous to assume that every computer is at risk of malware infestation because that stuff rarely if ever affects anything but Windows, and that anyone who knows anything about computer security knows better than to mess with Windows, and you said there are no real alternatives and thus it's impossible for the military to avoid this mess. Back it up with more than heresay, please.

Lostboy: What's so natural about fearing open source? I'm afraid of relying on the ideo that an attacker will never see the source code as part of security policy, espeically when the alternative is something that I and everyone else can look at to make sure it's secure. Security through obscurity is foolish.

Phil M @19: You seem unclear on the concept.  The idea is to be shorter and clearer than the original, revealing its essence.

On second thought, my bad.  Your aim here seems to be to obscure the essence.

@20: Actually, you're putting words in my mouth.  I never said that open source is bad or that security through obscurity is good.  I said that military culture naturally distrusts open source, and you have not rebutted that.

You keep arguing that *nix/open source is more secure than Windows, even though no one is disagreeing with you about that.  Meanwhile, you ignore any challenge to your underlying assumption, that the military must not be using Windows, because other things are better.

One more pot-kettle problem I missed: The evidence presented by Fnarf and me is largely anecdotal, but it is evidence.  Phil M, you have so far presented no evidence at all to support your position (or to rebut Fnarf's).

I don't want to be the kettle, so I guess I should give Phil M @20 a more direct answer.

I agree that security through obscurity is foolish. : From a military leadership point of view, though, the question looks very different.

First of all, no, "I and everyone else" can not look at open source code to be sure it's secure.  A very limited group of cryptography and programming experts can, and "I and everyone else" have to take their word for it.

Typically populist military men are prone to see such experts (fairly or not) as elitist, and may specifically see them (fairly or not) as biased toward advocating an open source agenda, casting doubt on assertions of security.

Military leaders are sympathetic to doubts about open source security, because they are inclined to believe that no defense is perfectly secure.  Every security system has vulnerabilities, so part of the defense is to hide those vulnerabilities so that an enemy can not easily exploit them.  No officer would ever publish guard schedules and maps of his security system to the public, no matter how tight he thinks his perimeter is.  They are naturally inclined to regard open source software in the same light.