How NSA access was built into Windows
John Bowden
john.bowden43 at blueyonder.co.uk
Fri Jan 19 00:23:09 UTC 2007
On Thu, 2007-01-18 at 16:07 -0800, Les wrote:
> On Thu, 2007-01-18 at 23:55 +0800, Ed Greshko wrote:
> > If you guys really want to continue this silly ass thread I can create a
> > mailing list for your enjoyment.
> >
> > Let me know, and I can create a list for all of you and subscribe all of you
> > and you can continue this endless exchange.
> >
> Hi, Ed,
> This is indeed an endless exchange, but a valuable one at that. For
> example a quote from the NSA paper that Dr. Smalley was a part of:
>
> By arguing that secure operating systems are indispensable to system
> security, the authors hope to spawn a renewed interest in operating
> system security. If security practitioners were to more openly
> acknowledge their security solution’s operating system dependencies and
> state these dependencies as requirements for future operating systems,
> then the increased demand for secure operating systems would lead to new
> research and development in the area and ultimately to commercially
> viable secure systems. In turn, the availability of secure operating
> systems would enable security practitioners to concentrate on security
> services that belong in their particular components rather than dooming
> them to try to address the total security problem with no hope of
> success. (http://www.nsa.gov/selinux/papers/inevitability/)
>
> Gives us a view that this topic must continue to be given air time. It
> is vital to users and customers of users of computing architectures, not
> just Linux, but all operating systems.
>
> I hope that our discussion, while sometimes vitrolic and often arcane,
> brings all of you to thinking about the issues of data and system
> protection. It is vital to the network that "no system" not a server,
> nor a user workstation, be unprotected from malicious use. Moreover, it
> is important that mechanisms exist to report violations of that security
> to parties that will endeavor to close the holes that permitted that
> violation to occur, and to parties that will seek out and punish those
> that violated that security world wide.
>
> Regards,
> Les H
>
>
>
>
Personally I would like to see this discussion continue as when it
started I had a vague idea of what SElinux was. Now I know a lot more
and have even done a little googling about it. One thing that does
confuse me though, is If m$ has been getting advice from the NSA about
secure operating systems since 98 or so why is windows security so
bad ;-). Also when I find I don't have the time to follow a topic I can
always stop reading it and concentrate my time on the other topics.I
don't have to go off in a huff, and if it gets too intrusive I just
create a filter that dumps the offending topic into the waste bin. Hows
that for freedom of choice?
--
Registered Linux user number 414240
Guy Fawkes the only person to enter the Parliament with honest
intentions and he was going to blow them up
More information about the users
mailing list