In addition, the protection profiles are limited to:
a level of protection, which is appropriate for an assumed non-hostile and well-managed user community requiring protection against threats of inadvertent or casual attempts to breach the system security. The profile is not intended to be applicable to circumstances in which protection is required against determined attempts by hostile and well-funded attackers to breach system security.
This puts most, if not all, interesting security threats outside of the scope of the testing. Adding two additional protection profiles, as was done this time, is certainly significant, but they still operate under the "no hostiles" caveat.
As far as I could find out 2 years ago.. there is no Certified Protection Profile that does not have this caveat. At some point in the well-funded hostile profile it goes like:
Hostile party finds sufficient threatening manner in order to go around physical/system security via kidnapping, torture, or other means.
Things that an OS can have very few protections against.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds