[rescue] FrameMaker FYI
Steve Sandau
ssandau at gwi.net
Fri Mar 26 14:37:30 CST 2004
>>> Yes and no. The basic *design* of Windows is fraught
>>>with flaws and security issues. Is it even possible to
>>>write a secure piece of software for that platform?
>>
>>I'll let you know Dave, I'm busy porting IEFBR14 [0] from MVS to WinXP - my goal is tu use all my programming-fu to make it 100% secure. ;^)
>>
>>My Code will be secure, but I'm not sure I can certify it's security in a particular environment...
>
>
>
> In this context, I've always found this an amusing note:
> One of the things Microsoft used as a selling point to tout NT was how
> secure it was. "The only operating system in its class to achieve the
> coveted US Government C2 security rating," blah, blah, blah.
>
> Turns out if you read the fine print of NT's C2 certification, there's a
> mandatory condition: NT is certified C2 secure so long as the machine is
> not connected in any way to any form of network. The instant you plug in
> that network cable, kiss your C2 certification goodbye.
>
I believe that there were even further limitations. I think it was only
3.51 that was C2 and only if certain things were not installed, and
certain patches and so on were installed. The scenario under which it
was C2 compliant was extremely limited. I did some reading about that
since I work for a govt. contractor and work on Navy networks.
Reminds me of a salesman who called up just as we got rid of our last
Windows server. He wanted to talk to me about "upgrading" to Windows NT
4. At that tims I had even more of a dislike for it than I do now, and I
said "Please tell me what I could possibly be running on my servers that
would make NT4 an *upgrade*." The conversation didn't last long after
that...
Steve
More information about the rescue
mailing list