I'm interested to know how anyone is planning on making an assurance or correctness argument for anything running on an opt-in grid. We worry enough about malicious agents corrupting data on our own systems - it seems to me that international scale information warfare could have a field day with this.
I see what you're saying, but if those multiple instances need access to the same data - say, avionics, the data is vulnerable at the risk level of the lowest assured entry point. The weight option is a given, you are correct - but them having a really, really, secure VM implementation doesn't make the multiple windows implementations running on them any more secure. If that were the case, why didn't the NSA stop with NetTop, and not bother pursuing the High Assurance Platform?
This is silly. It is an EAL6+ operating system that will host EAL4+ guest operatnig systems, probably so that someone can actually do something useful with it. So, can someone explain to me how the data in that EAL4 operating system isn't vulnerable to a casual/incidental attacker? How does running a vulnerable OS on an invulnerable OS make the vulnerable one any safer? (I have the same problems with people claiming VMWare makes them more secure...)
Slashdot Mirror
I'm interested to know how anyone is planning on making an assurance or correctness argument for anything running on an opt-in grid. We worry enough about malicious agents corrupting data on our own systems - it seems to me that international scale information warfare could have a field day with this.
I see what you're saying, but if those multiple instances need access to the same data - say, avionics, the data is vulnerable at the risk level of the lowest assured entry point. The weight option is a given, you are correct - but them having a really, really, secure VM implementation doesn't make the multiple windows implementations running on them any more secure. If that were the case, why didn't the NSA stop with NetTop, and not bother pursuing the High Assurance Platform?
This is silly. It is an EAL6+ operating system that will host EAL4+ guest operatnig systems, probably so that someone can actually do something useful with it. So, can someone explain to me how the data in that EAL4 operating system isn't vulnerable to a casual/incidental attacker? How does running a vulnerable OS on an invulnerable OS make the vulnerable one any safer? (I have the same problems with people claiming VMWare makes them more secure...)