|
-
October 21st, 2005, 01:39 PM
#11
mohauhgn : That's the one  I didn't actually think to search on the Microsoft website, as when I read it, it was just one long HTML document, and Microsoft actually has formatting
That was a neat job, and grats to you for working on it.
-
October 21st, 2005, 03:51 PM
#12
A bit of info on the MS on linux claim. Around the time of code erd Microsofts ISP put a stop gap fix in. They frontended MS's web site (running on then vunerable IIS servers) withe some apache servers running modproxy and modrewrite to implament a passthrough proxy. In fact if you talk to a MS consualtent this is still one of the ways they recomend securing OWA. Seems the thinking is anything that exploits apache will be dead in teh water at IIS and anything that exploits IIS will die at the proxy layer. We used this method heavely at one of the compaines I worked for, if you can wrap our brain around regular expressions it works like a charm.
Who is more trustworthy then all of the gurus or Buddha’s?
-
October 21st, 2005, 03:54 PM
#13
I wasn't actually a part of the hotmail conversion. JDP was a team that MS put together that consisted of extremely large corporate exchange installations and a team of MS developers. We were basically a really big team of beta testers that had resources to really stress windows 2000 and exchange 2000 in a lab environment. We did a lot of beta testing and a lot of product improvement recommendations.
-
October 21st, 2005, 10:21 PM
#14
Well I'd consider that SELinux is a kernel patch. It is a research in and of itself but once you patch it becomes part of the kernel.
This should REALLY concern you.
NSA: "Yay we made a neat kernel patch, we shall dub it SE Linux. It's too bad this SE Linux is just a research prototype, but it served our needs."
Ghost of Torvalds: "Wow, that research prototype is cool! Let's add it to the production system, giving it the guise of being something more or safer than a research prototype."
Linux Users: "Well it is in the kernel, it must be stable and proven! The Ghost of Torvalds would never trick us like that, and even though people joke about anyone being able to just piss in the kernel, we know in our hearts it isn't true!"
At the end of the day you've been lied to by kernel.org.
cheers,
catch
PS. Not to be too harsh to Linux users, I could go around and interview Windows users as well... except all I'd have to post bck is people telling me about their grandchildren or that they finally mastered the more complex "one bunny ear goes under the tree trunk" method of tying their shoes.
-
October 21st, 2005, 11:12 PM
#15
they finally mastered the more complex "one bunny ear goes under the tree trunk" method of tying their shoes.
Hey catch can you give me more details?............I am fed up with having to wear slip-ons
 
-
October 22nd, 2005, 12:43 AM
#16
Originally posted here by catch
[B]This should REALLY concern you.
NSA: "Yay we made a neat kernel patch, we shall dub it SE Linux. It's too bad this SE Linux is just a research prototype, but it served our needs."
NSA SELinux
The results of several previous research projects in this area have been incorporated in a security-enhanced Linux system.
So, previous research projects. Everything starts out as research but matures in time. It's the scientific process at work. But the [sometimes good] folks at NSA wanted to make sure it all works well together so they've worked on it a bit. It's reached a level of maturity that got it into the kernel tree.
Now I understand that neither SELinux nor other Linux 'things' provide what you need... and that's fine. You have two options:
1. stick with the proprietary things considering that you trust them [and aren't particularly obsessed by conspiracy theories]
2. start a project to implement what you need [for Linux and open source it]
In terms of the other thread and your TCB path requirements, I undersand you were looking for a finite product rather than the possibility of developing one. But that's there and this is here =)
P.S. Not to show too much zealotry, I'm trying to play a bit of devil's advocate about some things for the sake of discussion and more and more arguments being brought to the table... in the end that's what makes a good debate.
cheers!
/  \\
-
October 22nd, 2005, 01:51 AM
#17
1. What is Security-enhanced Linux?
Security-enhanced Linux is a research prototype of the Linux® kernel
- http://www.nsa.gov/selinux/info/faq.cfm#I1
So, previous research projects.
...Were incorporated into this new research project... which has had no further development by the NSA or plans for further development. Don't kid yourself, it is still a research level project... why in god's name it is in the kernel tree is beyond me.
start a project to implement what you need [for Linux and open source it]
Unfortunately I've never been much of a programmer, all of my experience and skill lies in top level design, verification, risk management, and such.
Not to show too much zealotry, I'm trying to play a bit of devil's advocate about some things for the sake of discussion and more and more arguments being brought to the table... in the end that's what makes a good debate.
I couldn't agree more.
cheers,
catch
PS. nihil: http://wiki.ehow.com/Tie-Shoelaces
Edited for PS
-
November 30th, 2005, 03:42 AM
#18
catch, what OS do you run?
If its BSD I'll laugh.
...This Space For Rent.
-[WebCarnage] 
-
November 30th, 2005, 05:06 AM
#19
I am largely a Windows 2000 user... though being as a result of being involved in OS research for such a long time I have a number of systems... including FreeBSD and SecureOS (which is a seriously mutilated version of BSDI)
cheers,
catch
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote