Anonymous wrote: <<snip>>
failed TCSEC/Rainbow testing program. I say "failed" because it hasn't caught on in the private sector, it's expensive and, of course, the laughable "C2 in '92."
While I was never a great fan of the Rainbow Series, to say that it failed because it hasn't caught on in the private sector is not holding very close to the point of it all. The "typical" private sector approach to security is to do nothing 'til the hackers come over the iInternet and wreak havoc the throw up a proxie server/firewall and go back to normal practices until the next "event" and try to plug That Hole. C2 by 92 was an effort on the part of the govenment/military to stop those practices on their own parts. True, not ompletely succesful, but hey what the Hell, how many of the efforts by them folk are? PHM