Sponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| |||||||||||
Green Hills Software strikes againGreen Hills Software strikes againPosted May 4, 2004 14:49 UTC (Tue) by dcoutts (subscriber, #5387)Parent article: Green Hills Software strikes again
I their second parahraph "Open Source Doesn’t Makes Linux More Secure than Windows", am I confused or are they confusing the number of severe vulnerabilities reported with crackers' preference of OS in systems that they attack? They say:"In fact, in every year for the last ten years the number of vulnerabilities reported against Linux exceeds Windows!" Then list a bunch of 'facts', then conclude: "It seems that the only reason that hackers would prefer to attack Linux over Windows is because Linux is easier to attack."
(Log in to post comments)
Green Hills Software strikes again Posted May 4, 2004 15:11 UTC (Tue) by dcoutts (subscriber, #5387) [Link] Another givaway; they laugh that Linux has only achieved EAL2 rating (which is not true - SUSE & IBM paid for EAL3) and could only ever achieve EAL4 but then fail to mention what level their own 'dsigned-for-security' OS has achieved or is ever likely to achieve. In fact, I'm rather incluned to agree with them that "EAL 7 certification should be required for operating systems that run critical defense systems" but I'd put money on Green Hills never producing such an OS. The size of systems that can feasably be produced with current state-of-the-art formal methods (required for EAL7) is a couple orders of magnitude smaller than that required to build an OS kernel. Even when it becomes possible to build a system of the required size, it will still not be economically feasable for a company to build and sell - unless it first gets a contract from a government.
Green Hills Software strikes again Posted May 4, 2004 15:20 UTC (Tue) by Baylink (subscriber, #755) [Link] I'm not sure how true that is.IIRC, the communications processor that was the only box/OS ever certified A1 was based on a stripped and tuned Interactive Unix kernel. (It's been a long time; that might have been one of the B2 boxes.) I assume EAL7 ~= A1?
Green Hills Software strikes again Posted May 4, 2004 15:27 UTC (Tue) by jpb105 (guest, #21364) [Link] They list their security features here and say it has Do-178B Level A Certification.I'm not sure if Real-Time Linux offers any more features than they give Linux credit for. All their Linux 'information' is here. (I only know about Green Hills Software from what I read on the Web)
Green Hills Software strikes again Posted May 5, 2004 20:29 UTC (Wed) by obobo (guest, #684) [Link] When talking to a Green Hills rep a few months ago, I was told that they were in the process of getting Integrity (on a certain hardware platform) EAL 7 certified. Which is a pretty impressive achievement. Their FUD campaigns do make me less likely to buy their OS though (Linux is not an option for a very small RTOS, but Nucleus/ThreadX are, and they don't act as obnoxious as Green Hills).
|
|||||||||||