Dailydave mailing list archives
Re: Some recent articles
From: robert () dyadsecurity com
Date: Fri, 1 Apr 2005 15:54:42 -0800
Dave Aitel(dave () immunitysec com)@Fri, Apr 01, 2005 at 02:29:49PM -0500:
Basically, the cost of ownership of Windows (despite all their recent work) is so high that people should really only use it as a platform if security is not a concern, is what the government is trying to say.
This mindset of eliminating the perception of insecurity while not actually fixing the problem is pervasive. Market pressure is an interesting thing to watch. I think the market is warming up to the idea of having product vendors specify what security mechanisms are built in, what level of assurance to place in the security mechanisms, tests to validate that the security mechanisms are performing correctly, and documentation on how to use the product on networks where there may be directed malice. Not surprisingly, those basic needs have not changed much since the 80's when the Orange book (http://www.radium.ncsc.mil/tpep/library/rainbow/5200.28-STD.pdf) came out. As people grow tired of constantly being compromised, I predict a growing popularity for standards like Common Criteria (http://www.commoncriteriaportal.org/). Robert -- Robert E. Lee CEO, Dyad Security, Inc. W - http://www.dyadsecurity.com E - robert () dyadsecurity com M - (949) 394-2033 _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Some recent articles Dave Aitel (Apr 01)
- Re: Some recent articles robert (Apr 01)