Paul H. Merrill
PaulMerrill at acm.org
Sat Nov 14 20:11:25 PST 1998
Anonymous wrote:
<<snip>>
> failed TCSEC/Rainbow testing program. I say "failed"
> because it hasn't caught on in the private sector, it's expensive and,
> of course, the laughable "C2 in '92."
While I was never a great fan of the Rainbow Series, to say that it
failed because it hasn't caught on in the private sector is not holding
very close to the point of it all. The "typical" private sector approach
to security is to do nothing 'til the hackers come over the iInternet
and wreak havoc the throw up a proxie server/firewall and go back to
normal practices until the next "event" and try to plug That Hole.
C2 by 92 was an effort on the part of the govenment/military to stop
those practices on their own parts. True, not ompletely succesful, but
hey what the Hell, how many of the efforts by them folk are?
PHM
More information about the cypherpunks-legacy
mailing list