From: David Loysen <dwl@hnc.com>
To: cypherpunks@toad.com
Message Hash: cc572d51cec64e5be0a785a47db5a7e7f1dda5a62e193dc5a0cf84b00ab78a3d
Message ID: <199603211813.KAA15750@spike.hnc.com>
Reply To: N/A
UTC Datetime: 1996-03-21 21:49:23 UTC
Raw Date: Fri, 22 Mar 1996 05:49:23 +0800
From: David Loysen <dwl@hnc.com>
Date: Fri, 22 Mar 1996 05:49:23 +0800
To: cypherpunks@toad.com
Subject: Re: NT's C2 rating
Message-ID: <199603211813.KAA15750@spike.hnc.com>
MIME-Version: 1.0
Content-Type: text/plain
At 04:53 AM 3/21/96 -0800, you wrote:
>> Basically, I'm now questioning the C2 rating of Windows NT. The
>> entire security layer is modular to the Kernel. As a modular
>> driver, it can be removed, rewritten, and replaced.
>
>Good questioning.
>
>> So, what makes it secure? What gives it the C2 Rating? How would
>> one go about getting a C2 rating?
>
>The fine print says its insecure as soon as its connected to a network.
Ain't nothing fine about that print. An operating system or piece of
hardware may be C2 certifiable. But only a complete system in a specific
configuration can be certified as C2 compliant. The way I read the orange
book, no system with a network connection can ever be C2. For that matter a
system can't get C2 unless it is in an area where you can control and
monitor physical access to the system.
So if you can't hack it over the wire, and you can't remove, rewrite and
replace the kernel because you can't get near the keyboard what's the problem?
dwl@hnc.com
David Loysen
619-546-8877 x245
Return to March 1996
Return to “Mark Aldrich <maldrich@grctechs.va.grci.com>”