OT: Here's one to throw at the Linux firewall admins
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 5 Aug 2003 23:15:51 -0500
--Linux Rated Less Secure than Windows--
When Microsoft announced last fall that the International
Organization for Standardization (ISO) had awarded Windows 2000 the
highest possible grade in the Common Criteria (CC) security
certification, open-source advocates downplayed the honor as
insignificant and unrelated to real-world security analysis. This
week, however, ISO also awarded Linux the CC security certification,
and as one might expect, the open-source community greeted the
announcement with cheers. There's just one catch: Linux got a lower
security rating than Win2K did last year.
ISO granted Linux a "low to moderate" security rating, whereas
Win2K received a "moderate to high" security rating. According to
people close to the certification process, ISO tested Linux for higher
security ratings but the open-source solution achieved only the "low
to moderate" rating.
Further dampening the celebration is news that most Linux
installations didn't receive the certification. Sponsored by a
$500,000 fee that IBM paid, the certification applies only to SuSE
Linux and then only when that product is installed on certain IBM
hardware. Still, the certification is an important first step for
Linux, which is trying to position itself as a viable alternative to
Windows in various situations. Microsoft has made significant
security-related improvements to Windows since the company launched
its Trustworthy Computing initiative a year and a half ago.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
Other related posts:
