Slashdot Mirror
Windows Gets Independent Security Certification
linumax writes "Microsoft Corp. on Wednesday clinched Common Criteria security certification from the U.S. government's National Information Assurance Partnership for six versions of its flagship Windows OS. The products receiving CC certification include Windows XP Professional with Service Pack 2 and Windows XP Embedded with Service Pack 2. Four different versions of Windows Server 2003 also received certification. Common Criteria certification, which was ratified as an international standard in 1999, helps customers in key market segments evaluate IT products when making software purchase decisions and contribute to higher levels of consumer confidence in IT product security, Lipner said. SuSE Linux ES 9 has already achieved the certification and almost a year away from being released, Red Hat Enterprise Linux 5 is on the path toward EAL4 certification."
Now all the US police departments (that have to use EAL-4 systems) can buy upgrades from Win2000 to XP. Perfect timing, with all that DHS money coming down the pipe right now...
As a Windows user considering the switch to the Intel Mac's coming soon, I'm curious if Tiger (OS 10.4.4 or whatever) has gotten this certification? I know the argument is that you're more secure no matter what since no one writes spyware etc for the Mac, but is it certified? I'm honestly curious, so I know what I'm in for.
If I remember right, there is a certification fee. Of course, that makes sense, since certifying an OS costs the certifier. But you're not saying that; you're implying that MS payed a bribe to get certified.
Care to back that up with references? Or is this just typical Slashdot trolling?
Actually if you want to get serious about it they should use a "Trusted" OS like Trusted Solaris or similar OS that uses mandatory access controls. OpenBSD does not have support for that in the base configuration the last time I checked, although it is probably sufficient for general purpose computing.