Back to the article@AC #
Posted Friday 5th December 2008 15:28 GMT
I thought it went UNDER windows, allowing you to control everything passing between the OS and the hadware?
Green Hills spins out military Integrity for masses
I guess it depends #
Posted Friday 5th December 2008 11:23 GMT
I guess it depends on what you mean by security, and the press release<<<<<<<<article doesn't really say. Yes an authentication layer can be added on top of WinNT, or a layer which claims to provide access controls, or a layer which claims to provide an audit log. And you can do these in an OS-independent way; indeed, stuff like CDSA aka Common Distributed Security Architecture has been doing much of this for some real OSes for a decade or more, but you almost certainly won't have heard of it (and it doesn't claim to be ready for niches like DO-178).
But as soon as anyone claims they put "a security layer" on top of Windows, it loses all credibility as a means of actually enforcing security in a meaningful way, because of the insecurity of the underlying OS.
Right #
Posted Friday 5th December 2008 11:31 GMT
>>The military has always had better security than we can get on our computers
Just ask Gary McKinnon
@Right #
Posted Friday 5th December 2008 15:28 GMT
there is a bit of a difference between the security systems on a fighter jet or nucler missile silo and some dodgy windows server running in a branch office managed by a ten year old.
erm... #
Posted Friday 5th December 2008 15:28 GMT
The way I read it is that it's NOT putting a security layer on top of Windows - but putting Windows on top of a security layer. If that makes sense - for all intents and purposes, Windows just becomes a GUI playing in a sandbox and the underlying Integrity OS won't let that GUI play with the fundamentals.
Of course the weakest link, as far as commercial/home PCs are concerned will probably be the organic component sitting on a chair in front of the keyboard.
-----
"Integrity is for environments where you expect hostile, repeated attempts to breach security"
Hmmm, like the web? Especially for orgs like Spamhaus.
I wonder if OpenBSD has been tested #
Posted Friday 5th December 2008 19:50 GMT
under the guidelines for EAL6+. hmm...must go and find out.
Paris because inquiring minds want to know.
Re: Anon Cow #
Posted Saturday 6th December 2008 00:00 GMT
The EAL stuff seems to be for commercially available systems only.
You would need to search for a specific implementation of OpenBSD being sold on some sort of device.
(penguin because you don't have an icon for the BSD demon)
@AC @Right #
Posted Saturday 6th December 2008 10:48 GMT
AC - to be fair tho - that was a pretty funny thing to say
I bet you're a bubble burster irl.
"The military has always had better security than we can get on our computers" #
Posted Monday 8th December 2008 10:55 GMT
Pity they've never actually used it.
Developer Headlines
- A Tentative Content Plan for 2010
- Lining Up Columns
- A Necessary 101 on Professional Application Development
Popular Whitepapers
- Checklist: Midmarket ERP Solutions
Control your rising business costs - Enabling the Agile Data Center
On-Demand: Audio Only - 10 Strategies for Choosing a Midmarket ERP Solution
Find out how to use the changing ERP market to your advantage - Analyst Keynote: The Register Agile Data Center Summit
On-Demand: Audio Only - New storage architectures make SSDs more cost-effective
High-performance, cost-efficient storage infrastructures - Automating the Acquisition Process with Enterprise Level CRM
Sales Force Automation buyer’s guide
