Slashdot Mirror

← Back to Stories (view on slashdot.org)

IBM Clinches Security Certification for Linux

Posted by CmdrTaco on from the we're-like-secure-or-something dept.

Nimey writes "IBM has gotten Linux certified under the Common Criteria specification. " What this means is that government can consider Linux when making purchasing decisions. Linux got the highest rating possible.

14 of 373 comments (clear)

  1. Another link by manduwok · · Score: 5, Informative

    CNN.com has this story too.

  2. Big win for Linux! by Anonymous Coward · · Score: 5, Informative

    Microsoft set out to get Win2K certified and only completed the process last October according to .

    Linux now has the upper hand because MS does not yet have XP certified.

  3. Re:Alright...? by azzy · · Score: 5, Informative

    I think what this means is that they can pick Linux and have a piece of paper supporting their choice. Got to cover their own backs I guess.

  4. Re:Just wondering.. by nakhla · · Score: 5, Informative

    I believe Linux received an EAL 2. Windows 2000, however has received an EAL 4. An EAL 4 involves more security checks and requirements.

  5. Re:Can vs. Will by Anonymous Coward · · Score: 5, Insightful

    And you think IBM doesn't know how to handle bureaucrats? They invented the game and probably patented it as well.

  6. Linux in Government by Sogol · · Score: 5, Interesting

    I'm a sysadmin for a large government data center. We've been using Linux in production for years, and we always purchase boxed distributions, even some preconfigured(!) machines from Dell. Government regulations do, however, prevent me from ordering Windex and Duster. These are considered janitorial supplies, and there is no justification in Information Systems procuring these items. So frankly, I'm not sure what all the fuss is about. Things look a lot different on the ground.

  7. Over-hype - not highest rating possible by eer · · Score: 5, Informative

    The EAL2+ assurance level achieved is NOT the highest rating possible by a long, long shot - it's actually close to the lowest. But, it's a great start.

    IBM and SuSE say they're working on a higher level CAPP evaluation, which roughly equates to the old C2 TCSEC criteria.

  8. Re:Just wondering.. by Anonymous Coward · · Score: 5, Informative

    Check out here: http://www.commoncriteria.org/

  9. Re:Can vs. Will by Liselle · · Score: 5, Insightful

    Don't underestimate how cheap people can be. It goes hand-in-hand with greed. Windows is not precisely free.

    Members of government are also accountable to their constituents. As people become more and more aware of Linux, they will also become more aware of the security problems with Windows. A few years ago, there was no basis for comparison. Now there is, and the more information that gets out there, the better. It's cliche' now to say this, but the days are numbered for stranglehold Microsoft holds, one way or the other.

    --
    Auto-reply to ACs: "Truly, you have a dizzying intellect."
  10. Re:Can vs. Will by idontgno · · Score: 5, Informative
    There are a lot of factors, indeed, but at in least one US military IT acquisition that I'm familiar with, the choice of OS platform was driven purely by purchase cost. That's why this contract chose Major-Brand (tm) PCs with some flavor of RedHat (with support contract) to succeed Sun Ultra workstations running Slowlaris(tm), the incumbent system in the field. Customer wanted to drive the acquisition cost down down down.

    Even the greediest government agency has to operate within budget, after all. And in the US military, budgets have held mostly constant while obligations associated with things like war-fighting have gone up, so your non-combat line items get shrunk to make up the difference.

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.
  11. Re:Can vs. Will by keester · · Score: 5, Insightful

    The fact is that developers can now start recommending Linux. Anti-Linux / Pro-Windows people can no longer use the excuse that Linux isn't an "approved" OS.

    Surprisingly, it can be hard to convince most people in government positions, civil service, military, contractors, etc., that _we_ don't want to pay for Window's licenses, and _we_ don't always need to spend waaayyyy too much money on waaayyyy too much hardware.

    This is great news for people that work for the government. Kudos to IBM for footing the bill on this, as it is an expensive process.

    --
    Take it easy? I'll take it anyway I can get it . . .
  12. Re:Just wondering.. by Anonymous Coward · · Score: 5, Informative

    You can get an overview at networkcomputing.com or at the common citeria web site.

  13. Re:It must really be secure then... by Mr+Bill · · Score: 5, Funny
    Microsoft has prepared a nice guide for ensuring compliance to the common criteria guides for the Windows Sysadmin

    Does it include removing the Ethernet card from the system???

  14. Smell those contracts by Teahouse · · Score: 5, Insightful

    This announcement means only one thing. IBM would not have gone through this trouble unless there were a few large contracts (DARPA/DOD) that will underwrite the expense in the future. Think I'll buy a few more shares of IBM stock today.

    --
    "Curiosity killed the cat, but for a while I was a suspect."- Steven Wright