Jump to content

computer security: CS

Guest Jim

By Guest Jim
in Windows 98

 Share

Recommended Posts

Guest Jim

Guest Jim

Posted
Posted

The CC [Common Criteria] has a test rating called the EAL [Evaluation

Assurance Level]. I have read that win2k for biz has an EAL 4+. This is

without any of the critical updates and I have read in wiki that there are

at most 7 levels of EAL and anything past 4 is like NSA certified for

government special services employing kernel layer CS policies. By far more

than any of us would ordinarily need. Does anyone know what the EAL is for

win98se is, and where to find this data at MS or a qualified significant

other? Does win98.x have sufficient kernel layer CS policies in place? Some

people believe win 2k pro was the best that MS ever built; is there a place

to find out about other MS OS like xp and Vista and Longhorn etc.?

  • Replies 3
  • Created
  • Last Reply

Popular Days

Popular Days

Guest philo

Guest philo

Posted
Posted

Re: computer security: CS

 

 

"Jim" <invalid@example.invalid> wrote in message

news:%23EBKuBOoIHA.5096@TK2MSFTNGP02.phx.gbl...

> The CC [Common Criteria] has a test rating called the EAL [Evaluation

> Assurance Level]. I have read that win2k for biz has an EAL 4+. This is

> without any of the critical updates and I have read in wiki that there are

> at most 7 levels of EAL and anything past 4 is like NSA certified for

> government special services employing kernel layer CS policies. By far

more

> than any of us would ordinarily need. Does anyone know what the EAL is for

> win98se is, and where to find this data at MS or a qualified significant

> other? Does win98.x have sufficient kernel layer CS policies in place?

Some

> people believe win 2k pro was the best that MS ever built; is there a

place

> to find out about other MS OS like xp and Vista and Longhorn etc.?

>

>

 

Don't know if win98 had any EAL rating but I rather doubt it.

 

Win2k did not reach EAL 4 until SP3 (might have been sp2 ...but I think it

was sp3)

 

 

IMHO: Win2k is Ok...but only after sp4 and all critical updates are applied.

Guest Jim

Guest Jim

Posted
Posted

Re: computer security: CS

 

I have worked on all MS but vista. Also, ibm 360/370, prime and dec pdp11

workgroups. According to some writes in wiki, much of this kernel

abstraction layer CS is no longer around except in special cases involving

government high security labels of state transition machines. Such strong

*-properties are not needed or wanted in the public domain. However, this

stuff is like '70s and '80s era technology. Cetainly an adequate CS policy

by '90s and 2k is not unreasonable. I have not had to many problems with

this win98se. Everyone I have talked to about vista seem to give it a thumbs

down. I do not know unless I work on a system for awhile. I would like to

find an EAL for win98.x and xp on up to what is selling today. I am lossing

interest in MS because of the poor support even before the so called life

cycle crap. Perhaps I should have ask this stuff in another NG.

Guest MEB

Guest MEB

Posted
Posted

Re: computer security: CS

 

Well if your really interested in security, why would you run Windows or

one the MS servers anyway.

One of the Unix clones, Solaris, BeOS, or something alone those lines would

give a much better chance of individual control. Much of what is found in MS

products comes from outside sources anyway, and generally several years

after it was implemented elsewhere [like not till the next MS OS].

Non Microsoft OSs require more than most common users can provide or

understand: knowledge of what IS in the wild and WHY it should be protected

against, and what needs to be done pursuant to it. The general population

[for some unknown reason] wants an OS they can install and get the *feeling*

that they are protected, and if not, that "Microsoft" will provide some fix

"for them" [rather than fixing the issue themselves] at some time; and

something that contains most of the *goodies* they might use..

 

I personally, have always considered MS products as produced for the

"masses", not those in the security field or concerned with it. All of the

OSs were issued with holes big enough to float a battleship through. If it

weren't for the constant patching, Microsoft would likely have lost the OS

battle years ago.

 

On the other side of the coin, 98 CAN be made extremely secure for a *plain

jane masses offering": from policies, to encryption, to dozens of other

*addins/add-ons* related to security, IF you take the time and make the

effort. And so can the other OSs [keeping in mind the OS may never be fully

secured].

 

--

MEB http://peoplescounsel.orgfree.com

--

_________

 

 

"Jim" <invalid@example.invalid> wrote in message

news:Oa9iDLQoIHA.420@TK2MSFTNGP02.phx.gbl...

| I have worked on all MS but vista. Also, ibm 360/370, prime and dec pdp11

| workgroups. According to some writes in wiki, much of this kernel

| abstraction layer CS is no longer around except in special cases involving

| government high security labels of state transition machines. Such strong

| *-properties are not needed or wanted in the public domain. However, this

| stuff is like '70s and '80s era technology. Cetainly an adequate CS policy

| by '90s and 2k is not unreasonable. I have not had to many problems with

| this win98se. Everyone I have talked to about vista seem to give it a

thumbs

| down. I do not know unless I work on a system for awhile. I would like to

| find an EAL for win98.x and xp on up to what is selling today. I am

lossing

| interest in MS because of the poor support even before the so called life

| cycle crap. Perhaps I should have ask this stuff in another NG.

|

|

 Share
Go to topic listing
×
×
  • Create New...