No Subject
Anonymous
nobody at replay.com
Sat Nov 14 19:31:08 PST 1998
At 09:35 PM 11/14/98 -0500, John Young <jya at pipeline.com> wrote:
>
>An NSA team presented at NISSC98 in October
>"The Inevitability of Failure: The Flawed Assumption
>of Security in Modern Computing Environments:"
...
>Not that NSA would ever exploit OS weaknesses not warned
>about.
>
Part of the context for this: NSA is trying to encourage their new
testing program for security products. My feeling is that program, in
turn, is intended to preserve the spaces for all the employees
involved in the failed TCSEC/Rainbow testing program. I say "failed"
because it hasn't caught on in the private sector, it's expensive and,
of course, the laughable "C2 in '92."
If you can't trust your OS, Dum-dum-Dah! NSA to the rescue with
testing!
The new Common Criteria is to replace TCSEC/Rainbow next year, but if
it walks like a duck....
More information about the cypherpunks-legacy
mailing list