NT's C2 rating
Rick Smith
smith at sctc.com
Sat Mar 23 03:13:11 PST 1996
Regarding the comment:
>> Basically, I'm now questioning the C2 rating of Windows NT. The
>> entire security layer is modular to the Kernel. As a modular
>> driver, it can be removed, rewritten, and replaced.
C2 is no big deal. It means you have the typical security measures
that can be disabled or bypassed by a trojan horse. You're not doing
serious protection till you put in mandatory protections like what
appears in B or A level systems.
The big deal is that few vendors have tried to get NCSC evaluations.
Rick.
smith at sctc.com secure computing corporation
More information about the cypherpunks-legacy
mailing list