First they spend $200 million to develop their own microprocessor, now this: The Indian government is currently looking into developing its own operating system, both as a means of curbing cyberattacks and “end[ing] the reliance on foreign operating systems.” But is this really a good idea?
The Times of India reports:
The overwhelming belief among government bosses is that an indigenous low-grade, but clean, software could nix the chances of foreign states infiltrating the computers of key Indian establishments and compromising the country’s security. “A sanitised, lower level operating system and application software may be preferred to the advanced versions, which necessarily require access to internet for upgrades,” the official said. The new software could be deployed in key departments that have been under constant cyber attacks. The taskforce [working on a plan to make an indigenous Indian operating system] also includes officials of the Prime Minister’s Office as well as defence, home and telecom & IT ministries.
India is also taking further preventive steps. The defence ministry has already removed many of its computers off the internet. Its officers can’t carry pen drives inside offices. The government has also decided to connect all key government ministries and offices, which number over 5,000, to an alternate exclusive communication network that is being built for the armed forces. This will provide a secure backup during emergencies, or at times when the networks of private telecom operators cannot be used to transmit sensitive information.
A US-based security expert quoted by the Times of India thinks an open source OS for Indian government computers wouldn’t be such a bad idea, but here’s the thing: There are already several Indian-developed, Linux-based operating systems, including BOSS and the education-oriented E-Swecha, the installation of which Richard Stallman helped oversee at the end of 2008. The Indian government could in theory develop an OS from the ground up without using the Linux kernel at all, but that would be wildly expensive.
If Internet access and upgrades are the issue, why not, you know, disable upgrades via the Internet and work on manual installs, or even cut off Internet access entirely, as the military seems to be fine with doing? Building a whole new OS on the taxpayer dime just seems inefficient, expensive, and kind of North Korea-y, and while cybersecurity is a legitimate concern given the number of cyberattacks we’ve witnessed in 2009 and the potential harm wrought by one in the future, this hardly seems like the best way to achieve it.
Have a tip we should know? email@example.com