Re: I need a system the U.S. government cannot 'hack'
From: karl levinson, mvp (levinson_k_at_despammed.com)
Date: 11/20/05
- Next message: Roger Abell [MVP]: "Re: I need a system the U.S. government cannot 'hack'"
- Previous message: karl levinson, mvp: "Re: Download freeware RKR scanning software (detect Sony rootkit & others)"
- In reply to: S. Pidgorny
: "Re: I need a system the U.S. government cannot 'hack'" - Next in thread: Roger Abell [MVP]: "Re: I need a system the U.S. government cannot 'hack'"
- Reply: Roger Abell [MVP]: "Re: I need a system the U.S. government cannot 'hack'"
- Reply: Imhotep: "Re: I need a system the U.S. government cannot 'hack'"
- Reply: Proprietor_PER_Ltd: "Re: I need a system the U.S. government cannot 'hack'"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 20 Nov 2005 08:53:25 -0500
"S. Pidgorny <MVP>" <slavickp@yahoo.com> wrote in message
news:eezkLmW7FHA.3880@TK2MSFTNGP12.phx.gbl...
> You can use the same system that US government is using, the one that
> _you_ could not hack. Oracle is Common Criteria-certified, and SQL Server
> 2005 is under evaluation.
Well, careful not to confuse Common Criteria with "secure" or "more secure."
What Common Criteria says to me is "The product contains certain security
functions, but no guarantee has been made as to the robustness and code
quality of those functions. The product can be secured if you know how, but
is not necessarily secure by default. No guarantee is made that you will be
able to find instructions on how to configure it to CC specifications. The
product has been around for more than two years and has probably been
replaced by now with a newer version that is more secure but not yet CC
certified. The manufacturer is a large company with a fair amount of money.
No guarantee is made that this is superior or even good software, with
regards to security or general functionality."
Windows 2000 and I believe XP are on the CC list, but neither of those are
the hack-proof systems the OP thinks s/he needs, especially not in the
default settings and without frequent patching. And all of those secure
systems typically use TCP/IP, DNS, ARP, etc. which have known security
issues for which there is no simple patch to fix.
To the OP: no system is hack-proof. You need to change your search
parameters from "hack-proof" to "reasonably secure." Also, security is not
a product. You can't buy a secure device and drop it in place. You need a
team of experts you trust to design a secure collection of systems.
Unfortunately, once you start trusting other humans, those humans become a
theoretical security risk. Your risk can never be zero, there is always
some level of risk you will need to accept instead of mitigate.
- Next message: Roger Abell [MVP]: "Re: I need a system the U.S. government cannot 'hack'"
- Previous message: karl levinson, mvp: "Re: Download freeware RKR scanning software (detect Sony rootkit & others)"
- In reply to: S. Pidgorny
: "Re: I need a system the U.S. government cannot 'hack'" - Next in thread: Roger Abell [MVP]: "Re: I need a system the U.S. government cannot 'hack'"
- Reply: Roger Abell [MVP]: "Re: I need a system the U.S. government cannot 'hack'"
- Reply: Imhotep: "Re: I need a system the U.S. government cannot 'hack'"
- Reply: Proprietor_PER_Ltd: "Re: I need a system the U.S. government cannot 'hack'"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
