[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: How NSA access was built into Windows



On Thu, 2007-01-18 at 16:07 -0800, Les wrote:
> On Thu, 2007-01-18 at 23:55 +0800, Ed Greshko wrote:
> > If you guys really want to continue this silly ass thread I can create a
> > mailing list for your enjoyment.
> > 
> > Let me know, and I can create a list for all of you and subscribe all of you
> > and you can continue this endless exchange.
> > 
> Hi, Ed,
> 	This is indeed an endless exchange, but a valuable one at that.  For
> example a quote from the NSA paper that Dr. Smalley was a part of:
> 
> By arguing that secure operating systems are indispensable to system
> security, the authors hope to spawn a renewed interest in operating
> system security. If security practitioners were to more openly
> acknowledge their security solution’s operating system dependencies and
> state these dependencies as requirements for future operating systems,
> then the increased demand for secure operating systems would lead to new
> research and development in the area and ultimately to commercially
> viable secure systems. In turn, the availability of secure operating
> systems would enable security practitioners to concentrate on security
> services that belong in their particular components rather than dooming
> them to try to address the total security problem with no hope of
> success. (http://www.nsa.gov/selinux/papers/inevitability/)
> 
> Gives us a view that this topic must continue to be given air time.  It
> is vital to users and customers of users of computing architectures, not
> just Linux, but all operating systems.
> 
> I hope that our discussion, while sometimes vitrolic and often arcane,
> brings all of you to thinking about the issues of data and system
> protection.  It is vital to the network that "no system" not a server,
> nor a user workstation, be unprotected from malicious use.  Moreover, it
> is important that mechanisms exist to report violations of that security
> to parties that will endeavor to close the holes that permitted that
> violation to occur, and to parties that will seek out and punish those
> that violated that security world wide.
> 
> Regards,
> Les H
> 
> 
> 
> 
Personally I would like to see this discussion continue as when it
started I had a vague idea of what SElinux was. Now I know a lot more
and have even done a little googling about it. One thing that does
confuse me though, is If m$ has been getting advice from the NSA about
secure operating systems since 98 or so why is windows security so
bad ;-). Also when I find I don't have the time to follow a topic I can
always stop reading it and concentrate my time on the other topics.I
don't have to go off in a huff, and if it gets too intrusive I just
create a filter that dumps the offending topic into the waste bin. Hows
that for freedom of choice?
-- 
Registered Linux user number 414240
Guy Fawkes the only person to enter the Parliament with honest
intentions and he was going to blow them up




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]