-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NSA shows the way to develop secure systems
,----[ Quote ]
| The unprecedented release of the project into the open source community aims
| to demonstrate how highly secure software can be developed cost-effectively,
| improving industrial practice and providing a starting point for teaching and
| academic research. Originally showcased in a conference paper in 2006, it has
| the long-term aim of improving the development practices of NSA’s
| contractors. Tokeneer was created as a fixed-price project, taking just 260
| person days to create nearly 10,000 lines of high-assurance code, achieving
| lower development costs than traditional methods per line of code.
`----
http://www.net-security.org/secworld.php?id=6619
Recent:
NSA's Linux
,----[ Quote ]
| So, do you trust it or not?
|
| [...]
|
| The packaged form of SELinux, as seen in Red Hat Enterprise Linux and other
| distributions, is already working.
|
| SELinux mitigations -- http://www.tresys.com/selinux.html -- 2 each for 2005
| and 2006, up to 4 in 2007 (including a big Samba vulnerability) and already 1
| in 2008. More here: http://www.linuxworld.com/news/2008/022408-selinux.html
|
| Posted by: Don Marti at April 8, 2008 02:09 PM
|
| [...]
|
| I trust it. It is GPL, has been reviewed by many, and it works. I think it
| should be the job of the government/NSA to help us secure our computers *in
| open and transparent ways*. It benefits the economy and the nation as a whole
| to have more secure infrastructure. I liken it to the national highway
| system. It is in everyone's interest both military and civilian.
|
| Posted by: Tracy R Reed at April 8, 2008 02:47 PM
`----
http://www.schneier.com/blog/archives/2008/04/nsas_linux.html
Related:
Did NSA Put a Secret Backdoor in New Encryption Standard?
,----[ Quote ]
| Which is why you should worry about a new random-number standard that
| includes an algorithm that is slow, badly designed and just might contain a
| backdoor for the National Security Agency.
`----
http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115
,----[ Quote ]
| Is this a good idea or not? For the first time, the giant software maker
| is acknowledging the help of the secretive agency, better known for
| eavesdropping on foreign officials and, more recently, U.S. citizens as
| part of the Bush...
`----
http://www.schneier.com/blog/archives/2007/01/nsa_helps_micro_1.html
Microsoft could be teaching police to hack Vista
,----[ Quote ]
| Microsoft may begin training the police in ways to break the
| encryption built into its forthcoming Vista operating system.
`----
http://www.vnunet.com/vnunet/news/2150555/microsoft-teaching-police-hack
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkjsBvkACgkQU4xAY3RXLo71BACfZu/UduHABvxKElXIuceLgPYQ
QToAoJbjBc+ZbE6t43jPfMrMXCqmOi1T
=CWDF
-----END PGP SIGNATURE-----
|
|