Comment on The IRS Tax Filing Software TurboTax Is Trying to Kill Just Got Open Sourced
hildegarde@lemmy.blahaj.zone 10 months agosecurity through obscurity is not security
Security can mean security against hackers, but it can also mean security against revealing classified information. Classified information about weapons systems (e.g. performance characteristics) is inherently embedded into the code running on those systems, and therefore shouldn’t be open sourced.
Source: used to write classified code
A lot of functionality can be decoupled from anything that needs to be classified. A HUD is a HUD and no one should be hard coding in performance characteristics of the F-35 into it for example. I’ve also worked on government projects and holy crap does the code quality vary wildly, even before you get into “it’s still working so deal with the problems, it doesn’t have the budget for updates”.
Using ‘off the shelf’ parts/code can save significant time and money. There’s a reason subs use xbox controllers. Government websites and data interfaces at the very least should have the audit-ability that open source provides.
A HUD is a HUD
sure but the HUD from the F-35 is very specifically designed to work in an F-35. It’s very similar, and comes from the same family, as the software running on other planes. But it’s not identical.
And yes, performance limits would be hard coded into the software because the HUD needs to alert the pilot when they are getting close.
That’s what config files are for. It would be a nightmare to hardcode weight and balance and have to recompile the HUD every time you change the loadout or refuel the plane.
Most code, algorithms, etc are not any more sensitive than the concept of desks and file cabinets. No, guidance programs for missiles probably shouldn’t be put on GitHub, but there’s a reason RSA and other encryption algorithms were open sourced. It’s better to have more eyes looking for inefficiencies, weaknesses, and vulnerabilities than to just assume it’s good because no-one on the team responsible is smart/engaged enough to find them.
For the F35 unfortunately a lot of its capabilities seems to be cloud based. (At least for maintenence, I don’t know of on the air).
That’s why I’m angry my stupid government still has wants to buy the stupid things instead of sitting this generation out and going to an own 6gen aircraft.
If it’s developed for the government, even by a private contractor, it’s still considered US government code and is public domain. It’s why sqlite is public domain.
I personally doubt there’s much available in the off-the-shelf fighter HUD system market, personally.
then the code maintainers are doing it wrong.
Any information that shouldn’t be public knowledge such as specs, account credentials, access tokens etc should be in a configurable/dynamic format such as an ENV variable or a config file, that way confidential info isn’t part of the working tree.
This should not be an issue in a properly maintained codebase.
Eh, there’s an intrinsic amount of information about the system that can’t be moved into a configuration file, if the platform even supports them.
If your code is tuned to make movement calculations with a deadline of less than 50 microseconds and you have code systems for managing magnetic thrust vectoring and the timing of a rotating detonation engine, you don’t need to see the specific technical details to work out ballpark speed and movement characteristics.
Code is often intrinsically illustrative of the hardware it interacts with.
Sometimes the fact that you’re doing something is enough information for someone to act on.
It’s why artefacts produced from classified processes are assumed to be classified until they can be cleared and declassified.
You can move the overt details into a config and redact the parts of the code that use that secret information, but that still reveals that there is secret code because the other parts of the system need to interact with it, or it’s just obvious by omission.
If payload control is considered open, 9/10 missiles have open guidance control, and then one has something blacked out and no references to a guidance system, you can fairly easily deduce that that missile has a guidance system that’s interesting with capabilities likely greater that what you know about.
Eschewing security through obscurity means you shouldn’t rely on your enemies ignorance, and you should work under the assumption of hostile knowledge. It doesn’t mean you need to seek to eliminate obscurity altogether.
I think when it comes to the code that controls the navigation, control, detonation, etc, or our munitions, that perhaps that should not be publicly reviewable. Not because of hacking concerns, but it does give info to a potential enemy that could render them less effective.
It seems to be working out fine in Ukraine…
outhouseperilous@lemmy.dbzer0.com 10 months ago
Uh, clearly you haven’t seen the quarterly earnings reports.