Slashdot Mirror
HP To Sell Custom High-Security GNU/Linux Distro
bc90021 writes: "CNET has this story about Hewlett Packard's new secure version of Linux. Using 2.4.2, it can supposedly detect attacks as they happen. (At $3,000, I think it should counter-attack, too.) It will be available on HP servers (duh), or on servers that pass the RedHat 7.1 server qualification tests."
What, me worry?
Here are some of the issues listed on the page:
- secure administration model
- lockdown
- process containment (compartmentalization)
- file system protection (MAC)
- auditing.
So I presume that these will all be central to the new product. It seems fairly sensible - and it will be interesting to find out the details of exactly what they've implemented, and how.In all honestly, I do hope the HP does well selling these $3,000 linux boxes. Not because of that its in there, but service/skill it took to actually took to configure the box right.
(I assum of course that the box does what it says it does)
Just like the thought that musicians will give their the music away (via the internet) but charge for real live preformances, the new economy (excuse me) may well be based very much on what the acutally person can do and what can not be replicated digitally. Ie, Doctors don't charge for the information they have and tell you, they charge for the skill in which they apply it to you. That is, all the information about treating asthma is in books, but I doubt ou would want to read the man page asthma and just treat yourself, but you pay the doctor to apply his skill to treat you.
Thus HP is charging for the skill it takes to make more-secure internet boxes and perhaps, in this age, $3000 is a good start and in the future that skill may be worth even more.
Anyway, thanks
Sigs are dangerous coy things
I am announcing this product in an hour. Shankland loves to jump the gun.
The kernel component of HP Secure Linux is under the GPL license. All of the other Linux security vendors currently hide their security mods to the kernel in binary-only modules, IMO abusing the modules exception to the kernel. HP would rather not play games of getting around the GPL. The user-mode component of Secure Linux is not GPL-ed, but we understand that given the kernel drivers, programmers can roll their own.
Thanks
Bruce
Bruce Perens.
To most /. readers three kilo-bucks is a little much to pay for something you can download. To understand why this makes sense for business sales you have to think like a manager. A lot of managers don't care so much about what something costs as the reputation of the vendor.
Consider these two options:
A) The bearded, long-haired, overly-caffeinated freak from down the hall says "Hey, I can download this stuff for free off the internet. It'll make us really secure, honest." (Disclaimer: I am a bearded, long-haired, overly-caffeinated freak.)
B) A well-respected vendor has a $3000 product that will make the computers really secure. If it doesn't work, we can call them up and bitch at them. Furthermore, we have someone outside the company to blame if it breaks.
Now, you're the manager. You choose. This is a savvy move by HP - in addition to whatever actual value-added there is in their product, they are also cashing in a little on their name and reputation. They're selling percieved value as much as actual value.
Information wants to be $1.98/lb.
Check this out..
For $2,500/year, I can certify that your Linux box is 100% secure, and do whatever is necessary to make it secure and keep it secure.
If your box is ever hacked, I will dole out $10,000 on the spot.
There, beat that HP. :)
I'm only half serious, but would be glad to work something like this out if there were any takers.
The point of this exercise is to show that you don't need to buy Linux from a big slow vendor to get support. But most of you already knew that.