mohauhgn : That's the one :) I didn't actually think to search on the Microsoft website, as when I read it, it was just one long HTML document, and Microsoft actually has formatting :)
That was a neat job, and grats to you for working on it.
Printable View
mohauhgn : That's the one :) I didn't actually think to search on the Microsoft website, as when I read it, it was just one long HTML document, and Microsoft actually has formatting :)
That was a neat job, and grats to you for working on it.
A bit of info on the MS on linux claim. Around the time of code erd Microsofts ISP put a stop gap fix in. They frontended MS's web site (running on then vunerable IIS servers) withe some apache servers running modproxy and modrewrite to implament a passthrough proxy. In fact if you talk to a MS consualtent this is still one of the ways they recomend securing OWA. Seems the thinking is anything that exploits apache will be dead in teh water at IIS and anything that exploits IIS will die at the proxy layer. We used this method heavely at one of the compaines I worked for, if you can wrap our brain around regular expressions it works like a charm.
I wasn't actually a part of the hotmail conversion. JDP was a team that MS put together that consisted of extremely large corporate exchange installations and a team of MS developers. We were basically a really big team of beta testers that had resources to really stress windows 2000 and exchange 2000 in a lab environment. We did a lot of beta testing and a lot of product improvement recommendations.
This should REALLY concern you.Quote:
Well I'd consider that SELinux is a kernel patch. It is a research in and of itself but once you patch it becomes part of the kernel.
NSA: "Yay we made a neat kernel patch, we shall dub it SE Linux. It's too bad this SE Linux is just a research prototype, but it served our needs."
Ghost of Torvalds: "Wow, that research prototype is cool! Let's add it to the production system, giving it the guise of being something more or safer than a research prototype."
Linux Users: "Well it is in the kernel, it must be stable and proven! The Ghost of Torvalds would never trick us like that, and even though people joke about anyone being able to just piss in the kernel, we know in our hearts it isn't true!"
At the end of the day you've been lied to by kernel.org.
cheers,
catch
PS. Not to be too harsh to Linux users, I could go around and interview Windows users as well... except all I'd have to post bck is people telling me about their grandchildren or that they finally mastered the more complex "one bunny ear goes under the tree trunk" method of tying their shoes.
Hey catch can you give me more details?............I am fed up with having to wear slip-onsQuote:
they finally mastered the more complex "one bunny ear goes under the tree trunk" method of tying their shoes.
:p :D
Quote:
Originally posted here by catch
[B]This should REALLY concern you.
NSA: "Yay we made a neat kernel patch, we shall dub it SE Linux. It's too bad this SE Linux is just a research prototype, but it served our needs."
So, previous research projects. Everything starts out as research but matures in time. It's the scientific process at work. But the [sometimes good] folks at NSA wanted to make sure it all works well together so they've worked on it a bit. It's reached a level of maturity that got it into the kernel tree.Quote:
NSA SELinux
The results of several previous research projects in this area have been incorporated in a security-enhanced Linux system.
Now I understand that neither SELinux nor other Linux 'things' provide what you need... and that's fine. You have two options:
1. stick with the proprietary things considering that you trust them [and aren't particularly obsessed by conspiracy theories]
2. start a project to implement what you need [for Linux and open source it]
In terms of the other thread and your TCB path requirements, I undersand you were looking for a finite product rather than the possibility of developing one. But that's there and this is here =)
P.S. Not to show too much zealotry, I'm trying to play a bit of devil's advocate about some things for the sake of discussion and more and more arguments being brought to the table... in the end that's what makes a good debate.
cheers!
- http://www.nsa.gov/selinux/info/faq.cfm#I1Quote:
1. What is Security-enhanced Linux?
Security-enhanced Linux is a research prototype of the Linux® kernel
...Were incorporated into this new research project... which has had no further development by the NSA or plans for further development. Don't kid yourself, it is still a research level project... why in god's name it is in the kernel tree is beyond me.Quote:
So, previous research projects.
Unfortunately I've never been much of a programmer, all of my experience and skill lies in top level design, verification, risk management, and such.Quote:
start a project to implement what you need [for Linux and open source it]
I couldn't agree more.Quote:
Not to show too much zealotry, I'm trying to play a bit of devil's advocate about some things for the sake of discussion and more and more arguments being brought to the table... in the end that's what makes a good debate.
cheers,
catch
PS. nihil: http://wiki.ehow.com/Tie-Shoelaces
Edited for PS
catch, what OS do you run?
If its BSD I'll laugh.
I am largely a Windows 2000 user... though being as a result of being involved in OS research for such a long time I have a number of systems... including FreeBSD and SecureOS (which is a seriously mutilated version of BSDI)
cheers,
catch