[Ilugc] Open Source: A Security Imperative!

• From: ganeshacomputes@xxxxxxxxx (Ganesha Computes)
• Date: Thu, 4 Apr 2013 22:40:03 -0700

Dear sankarshan,

Thanks for the highly insightful and informative response to my article.
I respectfully disagree with your suggestion that a national distribution
is a worthless concept.
You are correct to point out that highly secure installations should run
custom distros, and follow lock-down policies.

However, I am talking about bringing the entire machinery of government to
a pragmatic level of security.
Hence a national distribution is not such a bad idea, IMHO.

Read this article on how China is doing it, and why India should follow
suit.

http://bit.ly/chinalinux

I look forward to hearing from you, either on this channel, or privately.

Best Regards,

- Ashwin.



On Thu, Apr 4, 2013 at 8:00 PM, Sankarshan Mukhopadhyay <
sankarshan.mukhopadhyay at gmail.com> wrote:

On Fri, Apr 5, 2013 at 7:56 AM, Ganesha Computes
<ganeshacomputes at gmail.com> wrote:

I have written an article to share with you:

http://bit.ly/security_must

"I recommend standardizing on a GNU/Linux distribution, preferably of
Ubuntu lineage. If desired, a national distribution might be created."

There exist well documented security standards
<http://iase.disa.mil/stigs/os/unix/red_hat.html> for example which
can be readily adopted. This concept of a "national distribution" has
been mulled over for at least the past 6 years. Creating a
distribution is remarkably easy - in fact, all it takes is a manifest
file for packages you'd want in and, a set of customizations you'd
want. It is creating the entire set of ISV applications,
certifications, support, security audit that is the expensive part of
the gambit.

"A national distribution" is a fallacy that ends up wasting a lot of
money, making unfortunate noise and, being completely worthless.
Highly secure installations run their custom versions of distributions
and, follow remarkable lock-down principles. Meanwhile, you should
also take a look at <http://www.isecom.org/research/osstmm.html>

--
sankarshan mukhopadhyay
<https://twitter.com/#!/sankarshan>
_______________________________________________
ILUGC Mailing List:
http://www.ae.iitm.ac.in/mailman/listinfo/ilugc

• Follow-Ups:
  • [Ilugc] Open Source: A Security Imperative!
    • From: Sankarshan Mukhopadhyay
  • [Ilugc] Open Source: A Security Imperative!
    • From: satyaakam goswami

• References:
  • [Ilugc] Open Source: A Security Imperative!
    • From: Ganesha Computes
  • [Ilugc] Open Source: A Security Imperative!
    • From: Sankarshan Mukhopadhyay

Other related posts:

• » [Ilugc] Open Source: A Security Imperative!- Ganesha Computes
• » [Ilugc] Open Source: A Security Imperative!- Sankarshan Mukhopadhyay
• » [Ilugc] Open Source: A Security Imperative! - Ganesha Computes
• » [Ilugc] Open Source: A Security Imperative!- Sankarshan Mukhopadhyay
• » [Ilugc] Open Source: A Security Imperative!- satyaakam goswami
• » [Ilugc] Open Source: A Security Imperative!- Sankarshan Mukhopadhyay
• » [Ilugc] Open Source: A Security Imperative!- satyaakam goswami

1. Home
2. ilugc
3. Archive
4. 04-2013

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---