Date: Thu, 21 Mar 1996 08:09:14 -0500 (EST) From: Mark Aldrich <maldrich@grctechs.va.grci.com> To: owner-cypherpunks@toad.com Subject: Re: your mail On Wed, 20 Mar 1996 owner-cypherpunks@toad.com wrote: <snip>

Basically, I'm now questioning the C2 rating of Windows NT. The entire security layer is modular to the Kernel. As a modular driver, it can be removed, rewritten, and replaced.

So, what makes it secure? What gives it the C2 Rating? How would one go about getting a C2 rating?

Politics make it C2. The DoD mandated, years ago, that all their OSs had to go to the C2 level of trust. Further, they had also mandated POSIX compliance in just about every procurement that they had to publish in CBD. Well, they then proceeded to ignore their own policy and they bought MS DOS all over the damn place because everyone wanted the stuff just like they have at home. You can't play DOOM on SCO UNIX, ya know... So, in order to not look like a bunch of incoherent IRM loosers, they effectively forced the C2 and POSIX compliance stickers onto Windows NT even though everyone (including some nameless NCSC personnel with whom I've spoken) clearly state that C2/POSIX and MS Windows NT is an oxymoron. Now everyone can claim to be running C2 and POSIX systems, even though, by admission of MS, you can't have NT configured for both at the same time. Duhhhhhh... ------------------------------------------------------------------------- | Liberty is truly dead |Mark Aldrich | | when the slaves are willing |GRCI INFOSEC Engineering | | to forge their own chains. |maldrich@grci.com | | STOP THE CDA NOW! |MAldrich@dockmaster.ncsc.mil | |_______________________________________________________________________| |The author is PGP Empowered. Public key at: finger maldrich@grci.com | | The opinions expressed herein are strictly those of the author | | and my employer gets no credit for them whatsoever. | -------------------------------------------------------------------------