[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Linux at C2 - was Re: Is this mail list dead?
Pedro Rosa wrote:
>
> Casey Schaufler wrote:
>
> > Pedro Rosa wrote:
> >
> >> Note that Linux is not a OS with a very limited set of purposes. Don't
> >> tell me that attempts to enforce a security scheme at core bottom will
> >> not hinder such sections like real-time or clusters. So I think it is
> >> too risky to put two things in one boat.
> >
> >
> > Your concerns are unfounded. Even though you've asked me
> > not to, I'll point out that Irix does all you've mentioned.
>
> Cool. Where is Irix? Am I seeing Irix? Have I heard about Irix? Well I
> have seen AIX. Solaris, a little bit of SCO, a little of Xenix,
All of which at least claim C2. Did you know a version of Xenix
was evaluated at B2?
> > What do you mean by a "secured architecture"?
>
> I mean that being out of the main development will give a conceptual
> weakness to Linux that probably will never be solved. So we will hardly
> expect that the inners of the kernel may answer to the C2 requirements.
Right. That's why I don't want it on the outside.
> If you talk about the corporate
> environment then you will probably be right. But don't forget the
> general user, the middle man, the small enterpeneur.
I shan't. On the other hand, the corporate (or worse,
government) environment has more money to spend than you do.
> And don't forget
> that the World does not start in New England and ends in Alaska.
The CAPP/C2/assurance market is bigger in the EU
than in the US. Check Swedish privacy law if you
want to start getting nervous.
> In
> other places around the world there are tons of people who less need
> such thing (well, there are also tons of those who BADLY need it). It it
> is not 99,99%. But surely it is also not 80%. More than 90% is a sure
> level. Even those who are dead confidential, prefer to have things set
> apart, in a iron closed room, with guards and dogs around. And they
> rarely trust their dearest secrets to the dust box...
These people have addressed their security concerns
using other than software means, just as the home
game player has addressed his via ISP selection.
> It's ultra-security out of a corporate environment, with "keep-out"
> yellow signs, machine guns and velure gloves (ok I _exagerated_). It's
> stupid ultra-security for the general user as he may get convinced that
> having "C2 compatibility" will save him from Earthquakes, Floods and
> Fires. And give him a safe heaven against Grey Governements, the Smoking
> Man and Maulder's corporation (cool I _exagerated_ again).
Love the description!
> But what if he has to break his head to configure the whole stuff? Or
> forgets to read the HOWTO/INFO/FAQ/RTFM?
Then he'll be vulnerable. We always count on TFM.
> Here we have a manythousandsofusersnetwork on Linux.
> 99,9999999999999999999999999999999999999999999% of cases (the number is
> NO JOKE) were and are caused by some jerk "gifting" his/her password to
> the "best friend" or "neighbor". It's extraordinary that every other
> break in attempt starts exclusively from this point. First one gets
> other's login. Then he starts breaking in...
Yup.
> Why do we need to go that way back? There's a much more recent sad
> example of it. Well the thing cannot be 100% C2, but it tries hard to
> follow it. Till now I have nightmares on how it broke...
C'mon, tell us which one. I love razzing my peers!
> Well I would really like to see such an implementation in
> Real-Life(TM)... Fear not. We are only here to KKND... For a better
> Future...
I give up. KKND?
--
Casey Schaufler Manager, Trust Technology, SGI
casey@sgi.com voice: 650.933.1634
casey_p@pager.sgi.com Pager: 888.220.0607
-
Securedistros: A common list for all secured Linux distributions
Archive: http://humbolt.nl.linux.org/lists/