U.S. Navy Works To Improve Linux Security

MrPhiles writes "Just saw an article at Washington Technology talking about how the Navy is developing a Secure Auditing tool for Linux. I think it's cool that government agencies are taking steps to obtain credentials necessary for open source use in high-security environments."

Great but

[jsse]

I wish they'd spend more money on auditing Windows too.

Of course, crash on "division by zero" is a feature, not a bug. :)

Re:Great but

[rritterson]

It's not quite the same, obviously. The Navy software engineers can easily tweak and fix any holes they find. With Windows you are limited to the framework MS provides and the hope that they will fix any problems discovered.

The NSA released documents on how to secure WinXP and Win2K server not too long ago- it was even posted on /.

Re:what is the kernel lacking?

[Beryllium+Sphere(tm)]

>Would one of ya'all gurus please explain this?

Attend, my son :-)

The key word seems to be "forensic". They want to replace syslog with something sufficiently tamper-resistant to persuade a judge that it's good enough for legal evidence. There are already some clever hacks for this, such as hiding the real syslog process and leaving a fake one around for an intruder to disable or corrupt.

Re: with no desire to be clever

[Black+Parrot]

> navy penguin

That's the guys who weren't quite tough enough to make the Seals, right?

Re:what is the kernel lacking?

[bill_mcgonigle]

They want to replace syslog with something sufficiently tamper-resistant to persuade a judge that it's good enough for legal evidence.

Just echo the syslog output to a 9-pin dot matrix printer...