Pentagon Creates 'Do Not Buy' List of Russian, Chinese Software (defenseone.com) 180
An anonymous reader quotes a report from Defense One: The Pentagon is warning the military and its contractors not to use software it deems to have Russian and Chinese connections, according to the U.S. Defense Department's acquisition chief. Officials have begun circulating a "Do Not Buy" list of software that does not meet "national security standards," Ellen Lord, defense undersecretary for acquisition and sustainment, said Friday. The Pentagon started compiling the list about six months ago. Suspicious companies are put on a list that is circulated to the military's software buyers. Now the Pentagon is working with the three major defense industry trade associations -- the Aerospace industries Association, National Defense Industrial Association and Professional Services Council -- to alert contractors small and large. Lord said defense officials have also been working with the intelligence community to identify "certain companies that do not operate in a way consistent with what we have for defense standard." Asked if programs and weapons were compromised by foreign software, Lord said, "These are more widespread issues. I don't think we're focused on one particular system."
Re: (Score:1)
It was a reference to Game of Thrones, idiot.
Re: (Score:2)
I wouldn't know such detail... I stopped watching after the first season when it became obvious it wasn't going to be escapist enough for me.
Re: (Score:2, Insightful)
It’s not a wall, it’s anti-hacking by a foreign government. This is long overdue basic digital security for military secrets.
Long overdue and still too relaxed.
Re: you ignorant slut! (Score:1)
We just got hacked by the Russians and now you whine like a bitch when the government actually does something about it?
Are you fucking stupid or a Russian bot?
Re: (Score:1)
I am a security analyst and recently took a trip to Russia. There are a lot of jobs [freelancer.com] out there. And they pay well. The Russians are looking for every way to "hook" into American
Re: (Score:2)
When has a wall ever stood the face of time.
The Romans built a wall around my home town of Chester, large parts of it are still there... granted it has been repaired, and maintained, with parts rebuilt over the years.
The Chinese built long stretches of wall centuries ago that are still standing.
Walls can last a long time if properly built and maintained... the question is- is it smart to build the walls in the first place? In the 21st century a wall isn't very much of a barrier anymore.
Re: (Score:1)
Re: (Score:2)
Free immigration (Score:1)
This was all before the welfare state.
Re: (Score:3)
Re: (Score:2)
Immigrants actually add value to the American economy, so it's not clear what you're on about...
Re: (Score:2)
What value? More profit for the CEO's because they keep the wages low?
Re: (Score:2)
What walls can we build next? Oh, right: 200-foot walls along all our borders to keep the monsters and zombies at bay....
Which was a campaign promise, which a lot of people want, which would help us economically, and which should be at the very least debated without rancor.
Show us how unrestricted immigration will benefit us and we'll listen.
Debate by insult is not debate.
Show how the wall will benefit, and also while you're at it show how every country without one (so basically every country) has unrestricted immigration. How is the wall coming though? Because you're right, it was a promise, is Mexico still paying?
Re: (Score:2, Insightful)
Show how not building a wall is the same as unrestricted free-for-all access to all and you are a genius ... but you can't, because you and your "arguments" are dog shit stupid.
Winning friends and influencing people, I see.
Re: (Score:1)
If you had a valid argument you'd make it instead of crying about how you're being treated. You know who has a valid reason to cry? Asylum-seekers fleeing political situations created in large part by American greed, especially when our government kidnaps their children and locks them in cages.
Re: (Score:2)
Fixed fortifications [wikiquote.org] are a monument to the stupidity of man -- General George S. Patton
Re: (Score:1)
There are longstanding US immigration laws and policies. The laws were in place way before Trump was ever elected. All he has done is push for existing laws to be enforced as written. And the way in which people have been detained and separated from their underage children is the direct result of enforcing laws already on the books. Laws and policies that were put into place by the Legislative branch not the Executive branch. Those eager to dump the consequences of those laws are now basically arguing anyon
Re: (Score:1)
Hey, Russia - if you're listening, (Score:1, Funny)
Hey, Russia - if you're listening - put all Microsoft products on that list.
Re:Hey, Russia - if you're listening, (Score:4, Insightful)
Global (outside of US) "Do Not Buy" List":
* Microsoft
* Apple
* Google
* Facebook (and other "Social Media"
* Alexa / Cortana / next name "active" "smart" speaker/mic
* "Cloud" services with any US-based nexus.
Software you can trust! (Score:5, Interesting)
Great to know, a list of software that doesn't contain US government sanctioned backdoors. If the Pentagon doesn't like it, then you can be 99% sure it values your privacy and doesn't harvest your private data.
The irony, is that i might sound like a troll, but this is the truth.
Proprietary software is untrustworthy. (Score:2)
Actually the irony is that you can not be sure of that at all precisely for the same reason we can not trust so much of the software on and off this Pentagon list. Your post is currently moderated as "Interesting" but would be better moderated as "Funny" because it might be a joke, but it certainly is
Re:Software you can trust! (Score:5, Insightful)
"If the Pentagon doesn't like it, then you can be 99% sure it values your privacy and doesn't harvest your private data."
False. All it means is that it doesn't hand it to US intelligence agencies.
Re: (Score:2, Insightful)
And you care why? Are you fighting the Chinese? I'm sure the Special Forces guys are all atremble because the Chinese have their fingerprints! OMG! Maybe they have fingerprint seeking bullets too!
I feel much less threatened by spy establishments of other countries having my data than my government. Why?
I'm not a defense contractor with secrets to steal. I'm just an everyday Joe like the vast majority of Americans. Those spy organizations are never going to bother with me.
My government, on the other hand, co
Re: (Score:1)
No it won't. The deep state is not fond of Trump, he has not (yet?) started a single war in 2 years. They counted on Hillary for their income.
Re: (Score:2)
Re: Sensible precautions. (Score:1, Offtopic)
Windows 98 sux. Run Red Hat 4.3 instead.
Re: (Score:2)
Man, way to bring me back to /.'s hayday. All we need now is for Netcraft to confirm it.
... and a Beowolf cluster of Natalie Portman’s hot grits.
"Do Not Buy' (Score:1)
Good Idea (Score:1)
Because the current behaviour of Russia and China isn't very friendly to say the least, it's very aggressive. And with such a whimp as a president who just needs to hear the magic words and he will give you the droll lock and roll over for Putin like a pet for his owner.
And please don't compare the behaviour of Russia or China to US-Israel-stuxnet. On the one side nobody in his right mind wants to have a nuclear armed Iran and on the other the action taken was precisely directed towards one goal, uran enric
US & Israel are always the GOOD GUYS? (Score:3, Insightful)
US & Israel are good, always good, and will be good forever.
On the other hand, China & Russia are bad, always bad, and will be bad forever.
Stuxnet is good, but anything coming out of China / Russia is bad.
Is that what you are saying??
Re: (Score:1, Insightful)
Re: (Score:1)
Re: (Score:1)
Re: (Score:3, Interesting)
Re: (Score:2)
In the US the politicians are elected.
Presidents are selected, not elected.â â Franklin D. Roosevelt
Re: (Score:2, Offtopic)
Re: (Score:2)
The attack that legitimized cyber-war, for which the most vulnerable country is the US, and which did not significantly slow down Iranian uranium enrichment for very long ( https://www.tandfonline.com/do... [tandfonline.com] ) ?
It is 2018 (Score:2)
No mention yet ... had to do something (Score:2)
Maybe they had trouble finding it because systemd didn't mount the drive correctly?
Includes ... (Score:3, Funny)
Facebook, Instagram, Twitter, Snapchat, Whatsapp, and other social media platforms that foreign countries contaminate with ad-buying.
Re: (Score:2)
You really believe its ad=buying that is the danger here? Like the data from social media platforms isn't already being freely handed to and abused by at least the US government?
Re: (Score:2)
You're talking about scraping personal data.
I'm talking about stirring the pot.
Where's the ... (Score:2, Interesting)
... list?
Re:Where's the ... (Score:4, Informative)
Re: (Score:2)
I was curious what the list contains but it seems it doesn't exist yet. Darn.
Re: (Score:2)
The list should never be "finalized". It should be constantly updated.
Re: (Score:2)
The US does not want to list the holding companies it knows about.
All proprietary software (Score:2)
Proprietary software cannot be trusted. It must always be treated as potential spyware. Only free-as-in-freedom software can be allowed for critical tasks.
Re: (Score:1)
This. One thousand times this. Even the CFR 21 part 11 requires it (though the FDA won't admit it).
Free as in freedom software is critical to the future of humanity.
Stuff like this clearly demonstrates that.
Re: (Score:1)
Re: (Score:2)
Except that person needs to be present at compile time, which doesn't work if you are compiling it yourself or (more likely in the case of governments) having a central national body compiling the code for use by the various agencies in that country.
Downloading someone else's precompiled binaries is only marginally better than someone else's precompiled proprietary code, although there are usually several options you can choose from at least.
Re: (Score:2)
No software should be 'trusted' for critical tasks*. All software should be treated as being potentially compromised.
Here's a recent example [bleepingcomputer.com] that highlights this point.
Creating and maintaining a 'do not use' list is an obvious way to eliminate the low hanging fruit, but it's by no means sufficient.
That being said, like many others, I'm going to agree that not only is this not really news, because it contains nothing new and no real information, this announcement is actually tantamount to propaganda and noth
Re: (Score:1)
No, Russia has engaged ISIS at the request of the UN recognized government of Syria. The US is not welcome in Syria because it was supporting terrorists whose stated goal was overthrown of the UN recognized government of Syria.
Re: (Score:2)
Nonetheless they are the recognised government of syria, and there are many other governments around the world doing terrible things to their own people.
And the syrian government has sufficiently powerful allies (ie russia) that you cannot go and invade them directly.
Re:Part good and part stupid (Score:4, Insightful)
Good little Chinese propaganda troll. China is many,many,many times more of threat than Russia.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
China and Russia are perfectly happy to settle for absolute control over the pieces they claim as theirs,
Nonsense. That might apply to Russia (I'm not sure, personally) but China has deliberately pursued policies intended to make it look that way while harboring notions of ruling the world. And as little as I like the USA running around the world bombing brown people for money, I'd like it a lot less if China were running things, and so would most everyone else. Except, of course, people in China. Things would simply not change much for them, since they're already being treated the way everyone would be treate
Cool (Score:2)
I'm looking forward to Russia and China releasing their own tit-for-tat list of consumer products that come with preinstalled NSA/CIA backdoors.
Re: (Score:2)
And if you had to choose from the recommendations given, which of the three would you go with?
Re: (Score:2)
None. If security was a real concern I'd always go opensource, and audit the source then build from it.
Netcracker Telecommunications Software (Score:2)
Should do an advertising campaign as well (Score:2)
tracking on link to main story !! why (Score:1)
Since when does slashdot link to stories with tracking on them - ?oref=d-topstory - ? I thought that was against the slashdot code.
Best case scenario Beau just copied the link from somewhere else with the tracking already on there.
Re: (Score:1)
Fake news (Score:2)
Where is the list? (Score:2)
I hate article like that one. I want to see the list!
This only seems fair... (Score:1)
Asked if the military's security expectations were arbitrary and unfair, Pentagon Spokesman Squamous Turdstocking III said, "It's not that we're catagorically against back doors in our software. We just want to make sure only Russia and our Commander In Chief have a set of keys.
It beggars belief (Score:2)
politics or security ? (Score:2)
It's sad that everything has become political and you cannot be sure that there are any security reasons for these listings.
Buy American dipshit (Score:2)
Everyone in the defense industry should be required to buy American. It's fucking insane that we let Chinese and Russian technology into the industry at all.
Russian Anti-Virus Removed from Govt Systems 2017 (Score:1)