Re: Linux is More Secure than NT? Prove It.

Sat, 16 Sep 2000 01:24:15 -0700 

On Fri, 15 Sep 2000, Wagner, Joseph wrote:

> (http://www.fcw.com/fcw/articles/2000/0807/news-navy-08-07-00.asp). Two
> years earlier, a divide by zero error on a Microsoft Windows NT machine left
> the USS Yorktown dead in the water for over two hours

Did it ever recover?  The story I heard was that it had to be towed back
to port.

> To make the rating system a little clearer, I'll draw an analogy. Microsoft
...
> Microsoft Windows NT/2000 with the equivalent security of a bulletproof vest
> - able to stop professional hackers/crackers - has a C2 rating. 

Windows 2000 has been rated as C2 secure under any configuration,
AFAIK.  This subject has been discussed to death on SlashDot on several
occasions.  Those who are familiar with the rating process state over and
over that operating systems are not rated, computer configurations which
include specific software configurations are rated.  So NT 4.0 itself has
no C2 rating.  A computer running Windows NT with no POSIX subsystem, no
floppy disk drive, and no networking capability was rated as C2 secure.

Now, would you claim that this is the configuration that will be used by
the Navy?  Several computers running Windows NT independantly operating a
ships subsystems, but requiring a human user due to the requirements of no
network availability doesn't sound terribly useful.

> Microsoft was very cunning in obtaining this rating. Microsoft Windows NT
> 4.0 is the only general-purpose operating system rated by the NCSC

Except that it wasn't rated as a general-purpose operating system.  It was
running a system in a specific, less general-purpose configuration that
was certified.

> operating system. I believe Linux is capable of at least a B1 or perhaps a
> B2 rating. 

I don't think so.  I think that the requirments for B1 are more strict
than you think.  Note that SGI some time ago provided preliminary code to
move Linux closer to B1 capability (see http://oss.sgi.com/projects/ob1/).

MSG




_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to