Guest Jim Posted April 17, 2008 Posted April 17, 2008 The CC [Common Criteria] has a test rating called the EAL [Evaluation Assurance Level]. I have read that win2k for biz has an EAL 4+. This is without any of the critical updates and I have read in wiki that there are at most 7 levels of EAL and anything past 4 is like NSA certified for government special services employing kernel layer CS policies. By far more than any of us would ordinarily need. Does anyone know what the EAL is for win98se is, and where to find this data at MS or a qualified significant other? Does win98.x have sufficient kernel layer CS policies in place? Some people believe win 2k pro was the best that MS ever built; is there a place to find out about other MS OS like xp and Vista and Longhorn etc.? -- Posted via http://computerhelpforums.net Forum to USENET Gateway
Guest philo Posted April 17, 2008 Posted April 17, 2008 Re: computer security: CS "Jim" <invalid@example.invalid> wrote in message news:%23EBKuBOoIHA.5096@TK2MSFTNGP02.phx.gbl... > The CC [Common Criteria] has a test rating called the EAL [Evaluation > Assurance Level]. I have read that win2k for biz has an EAL 4+. This is > without any of the critical updates and I have read in wiki that there are > at most 7 levels of EAL and anything past 4 is like NSA certified for > government special services employing kernel layer CS policies. By far more > than any of us would ordinarily need. Does anyone know what the EAL is for > win98se is, and where to find this data at MS or a qualified significant > other? Does win98.x have sufficient kernel layer CS policies in place? Some > people believe win 2k pro was the best that MS ever built; is there a place > to find out about other MS OS like xp and Vista and Longhorn etc.? > > Don't know if win98 had any EAL rating but I rather doubt it. Win2k did not reach EAL 4 until SP3 (might have been sp2 ...but I think it was sp3) IMHO: Win2k is Ok...but only after sp4 and all critical updates are applied. -- Posted via http://computerhelpforums.net Forum to USENET Gateway
Guest Jim Posted April 18, 2008 Posted April 18, 2008 Re: computer security: CS I have worked on all MS but vista. Also, ibm 360/370, prime and dec pdp11 workgroups. According to some writes in wiki, much of this kernel abstraction layer CS is no longer around except in special cases involving government high security labels of state transition machines. Such strong *-properties are not needed or wanted in the public domain. However, this stuff is like '70s and '80s era technology. Cetainly an adequate CS policy by '90s and 2k is not unreasonable. I have not had to many problems with this win98se. Everyone I have talked to about vista seem to give it a thumbs down. I do not know unless I work on a system for awhile. I would like to find an EAL for win98.x and xp on up to what is selling today. I am lossing interest in MS because of the poor support even before the so called life cycle crap. Perhaps I should have ask this stuff in another NG. -- Posted via http://computerhelpforums.net Forum to USENET Gateway
Guest MEB Posted April 18, 2008 Posted April 18, 2008 Re: computer security: CS Well if your really interested in security, why would you run Windows or one the MS servers anyway. One of the Unix clones, Solaris, BeOS, or something alone those lines would give a much better chance of individual control. Much of what is found in MS products comes from outside sources anyway, and generally several years after it was implemented elsewhere [like not till the next MS OS]. Non Microsoft OSs require more than most common users can provide or understand: knowledge of what IS in the wild and WHY it should be protected against, and what needs to be done pursuant to it. The general population [for some unknown reason] wants an OS they can install and get the *feeling* that they are protected, and if not, that "Microsoft" will provide some fix "for them" [rather than fixing the issue themselves] at some time; and something that contains most of the *goodies* they might use.. I personally, have always considered MS products as produced for the "masses", not those in the security field or concerned with it. All of the OSs were issued with holes big enough to float a battleship through. If it weren't for the constant patching, Microsoft would likely have lost the OS battle years ago. On the other side of the coin, 98 CAN be made extremely secure for a *plain jane masses offering": from policies, to encryption, to dozens of other *addins/add-ons* related to security, IF you take the time and make the effort. And so can the other OSs [keeping in mind the OS may never be fully secured]. -- MEB http://peoplescounsel.orgfree.com -- _________ "Jim" <invalid@example.invalid> wrote in message news:Oa9iDLQoIHA.420@TK2MSFTNGP02.phx.gbl... | I have worked on all MS but vista. Also, ibm 360/370, prime and dec pdp11 | workgroups. According to some writes in wiki, much of this kernel | abstraction layer CS is no longer around except in special cases involving | government high security labels of state transition machines. Such strong | *-properties are not needed or wanted in the public domain. However, this | stuff is like '70s and '80s era technology. Cetainly an adequate CS policy | by '90s and 2k is not unreasonable. I have not had to many problems with | this win98se. Everyone I have talked to about vista seem to give it a thumbs | down. I do not know unless I work on a system for awhile. I would like to | find an EAL for win98.x and xp on up to what is selling today. I am lossing | interest in MS because of the poor support even before the so called life | cycle crap. Perhaps I should have ask this stuff in another NG. | | -- Posted via http://computerhelpforums.net Forum to USENET Gateway
Recommended Posts