> Looks like trusted XENIX is going to be the highest rated.
Trusted Xenix (TX) was a TIS (now NAI) product. They haven't sold it in a long time. It was based on Xenix (a Microsoft product, believe it or not). Some of the folks that worked on TX told me that compatibility killed it. Since it took a long time to march through all the heavy-duty software engineering required to get the TCSEC rating, versions of TX tended to lag behind the times when compared to non-trusted UN*Xes in terms of functionality. Since it was seldom capable of running the most popular applications of the day, its sales suffered.
I dug a copy of the TX distro out of a closet a while back. Someday I'm going to install it just to see what it's like. BTW, ratings are assigned to given OSs on given hardware. TX was rated on some really old Intel stuff - i386's, I think. So it might take some digging through used computer sales to reconstruct a historically accurate TX installation.
Freshmeat.net's security section lists several projects that are attempting to bring some of the more useful aspects of mandatory (that is, non-discretionary) access control to Linux. RSBAC and LOMAC are two examples. LOMAC (my project) is developing a loadable kernel module that adds a kind of MAC to standard off-the-CDROM Linux kernels. It's specifically designed to be unobtrusive and to avoid causing incompatibilities with existing software. RSBAC provides a richer selection of MAC functionality than LOMAC, but is implemented as a kernel patch rather than an LKM. Folks interested in MAC for Linux might want to take a look at these and other security-related projects on freshmeat.
I got a list of BBSs in my area code by grepping the FidoNet nodelist. The nodelist lists BBSs worldwide, so this strategy should work for people outside my local area, too. You can get a copy of the nodelist by by web-searching for "nodelist" and "fidonet".
I was thinking of getting involved with FidoNet, but the feudal nature of their net-wide behavior policy turned me off. You can find info on FidoNet and their policies at www.fidonet.org.
Lynx is my preferred web browser. I use it to read and post to Slashdot, which implies that I use it nearly all the time;^). I never see graphical advertisements or stupid animations, and I never have to wait for frames to render (and re-render, and re-render) themselves. I can't use Lynx for everything - it's hard to browse sites that provide multi-regioned images as the sole means of navigation. However, I find Lynx to be the most efficient and distraction-free means of downloading information from mainly text-based sites like Slashdot and the news sites to which Slashdot often links.
Designers of graphical browsers might consider including an easily accessible Lynx-like text-only mode, in addition to the usual collection of individual "images off"-type options.
Unfortunately, the Government Printing Office is charging $25 for each paper copy. I was interested in going down and getting a copy, but why pay $25 for a description of how bad M$ is, when I can get that sort of stuff for free on SlashDot?;^) - Tim
The Soul of a New Machine is one of those rare books that can convey the feeling a techie gets when totally immersed in an interesting problem. What's more, it does so in a way a layperson can easily grok. As I read, I felt a profound sense of empathy with the engineers as they struggled to build the machine of their dreams. When they conquered a problem, I felt joy. When they burnt out from the stress, I felt loss. I recommend this book to anyone who wonders what being a techie is really about.
I've found that markup-based languages like Tex are good for collaborative projects here at work. Since their source is ASCII-text based, it's easy for our source-control system (CVS) to correctly merge versions of a document modified by different authors. We don't have a tool to merge documents stored in binary formats, like Word, Wordperfect, etc.
Here are two passages from the GPL (www.gnu.org/copyleft/gpl.html) that seem relevant to the discussion of potential RedHat patents: ... Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. ... For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program.
ac> Ultimately the only real way to improve ac> security is careful auditing of packages.
There may be other, complimentary, ways of improving Linux security. For many years, people in the security research community have been working on systems whose security relies only upon the kernel, or a small part of the kernel sometimes called a reference monitor (RM). The general idea is, once you've implemented your RM properly, it will guarantee certain useful global security properties even in the presence of user-space applications with exploitable bugs. I personally believe that implementing an RM in the theoretically optimal way would probably make unreasonable and unacceptable demands on the Linux architecture. However, I suspect that a sub-optimal implementation in a Loadable Kernel Module (LKM) could provide some security benefits with zero impact to the Linux code-base. The LOMAC project is implementing an experimental prototype of such an LKM-based RM, which may be downloaded under the GPL from ftp://ftp.tislabs.com/pub/lomac . If the LOMAC experiment succeeds, LKM-based tools like it may become a useful complement to the careful auditing of packages.
I got an MS/CS from UIUC after attending from 94-96. Although I did not qualify for financial aid on entry, I got a teaching assistant job the first day I checked in with the CS department. Being a big 10 school, they have a huge need for TA's to teach basic comp sci courses to undergrads. So, I got a free ride all the way, and eventually got a research assistantship to do my thesis work. Also, I should note that their huge undergraduate population is approximately 50% female, FYI. - Tim
Although the author's article did not increase my respect for obscurity, his implicit point - that it's a good idea to question conventional wisdom - is a good one. I witnessed a prime example of this while watching the panel sessions at the 1999 IEEE Symposium on Security and Privacy. Several of the speakers professed new respect for the "penetrate and patch" technique. Among the government-funded security research community, which spent much of the last decade or so searching for foolproof methods for producing software demonstrably free of security holes, the conventional wisdom used to be that penetrate and patch was the height of inept foolishness. But, as several panelists pointed out, in the real world it is the de facto standard, because (as any Microsoft employee probably knows) it requires no burdensome initial investment in detailed design, formal verification, and heavy-duty software engineering practices that might delay a release. Considering that the "foolproof" methods have turned out to be commercially impractical, a renewed interest in penetrate and patch may be a good thing.
The various Ham Radio clubs in the Washington DC metro area put on similar flea markets, which they call "Hamfests" or "Computerfest/Hamborees". There's usually one every two months or so. They're great fun for kids and adults who act like kids when exposed to cool computer equipment. Interested Slashdot readers may be able to find similar events in their area by looking up their local Ham Radio club's website. I love hamfests.
I'm lucky enough to make a living adding experimental security functionality to kernels. I'm attracted to Linux and *BSD not because they are non-mainstream, but because I can customize them easily. As long as I can pride myself on running a kernel that I've modified extensively, I don't mind if a lot of unadventurous casual users are running the "stock" version. A large user population is a good thing, actually, since it increases the direct applicability of my research to real-world situations.
Shameless plug - see LOMAC entry on freshmeat.net .
Slashdot Mirror
> Looks like trusted XENIX is going to be the highest rated.
Trusted Xenix (TX) was a TIS (now NAI) product. They haven't sold it in a long time. It was based on Xenix (a Microsoft product, believe it or not). Some of the folks that worked on TX told me that compatibility killed it. Since it took a long time to march through all the heavy-duty software engineering required to get the TCSEC rating, versions of TX tended to lag behind the times when compared to non-trusted UN*Xes in terms of functionality. Since it was seldom capable of running the most popular applications of the day, its sales suffered.
I dug a copy of the TX distro out of a closet a while back. Someday I'm going to install it just to see what it's like. BTW, ratings are assigned to given OSs on given hardware. TX was rated on some really old Intel stuff - i386's, I think. So it might take some digging through used computer sales to reconstruct a historically accurate TX installation.
- Tim
Hi!
Freshmeat.net's security section lists several projects that are attempting to bring some of the more useful aspects of mandatory (that is, non-discretionary) access control to Linux. RSBAC and LOMAC are two examples. LOMAC (my project) is developing a loadable kernel module that adds a kind of MAC to standard off-the-CDROM Linux kernels. It's specifically designed to be unobtrusive and to avoid causing incompatibilities with existing software. RSBAC provides a richer selection of MAC functionality than LOMAC, but is implemented as a kernel patch rather than an LKM. Folks interested in MAC for Linux might want to take a look at these and other security-related projects on freshmeat.
- Tim
Hi!
I got a list of BBSs in my area code by grepping the FidoNet nodelist. The nodelist lists BBSs worldwide, so this strategy should work for people outside my local area, too. You can get a copy of the nodelist by by web-searching for "nodelist" and "fidonet".
I was thinking of getting involved with FidoNet, but the feudal nature of their net-wide behavior policy turned me off. You can find info on FidoNet and their policies at www.fidonet.org.
- Tim
Lynx is my preferred web browser. I use it to read and post to Slashdot, which implies that I use it nearly all the time ;^). I never see graphical advertisements or stupid animations, and I never have to wait for frames to render (and re-render, and re-render) themselves. I can't use Lynx for everything - it's hard to browse sites that provide multi-regioned images as the sole means of navigation. However, I find Lynx to be the most efficient and distraction-free means of downloading information from mainly text-based sites like Slashdot and the news sites to which Slashdot often links.
Designers of graphical browsers might consider including an easily accessible Lynx-like text-only mode, in addition to the usual collection of individual "images off"-type options.
- Tim
Unfortunately, the Government Printing Office is charging $25 for each paper copy. ;^)
I was interested in going down and getting a copy, but why pay $25 for a description of how bad M$ is, when I can get that sort of stuff for free on SlashDot?
- Tim
The Soul of a New Machine is one of those rare books that can convey the feeling a techie gets when totally immersed in an interesting problem. What's more, it does so in a way a layperson can easily grok. As I read, I felt a profound sense of empathy with the engineers as they struggled to build the machine of their dreams. When they conquered a problem, I felt joy. When they burnt out from the stress, I felt loss. I recommend this book to anyone who wonders what being a techie is really about.
I've found that markup-based languages like Tex are good for collaborative projects here at work. Since their source is ASCII-text based, it's easy for our source-control system (CVS) to correctly merge versions of a document modified by different authors. We don't have a tool to merge documents stored in binary formats, like Word, Wordperfect, etc.
- Tim
Here are two passages from the GPL (www.gnu.org/copyleft/gpl.html) that seem relevant to the discussion of potential RedHat patents:
...
Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all.
...
For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program.
- Tim
ac> Ultimately the only real way to improve
ac> security is careful auditing of packages.
There may be other, complimentary, ways of improving Linux security. For many years, people in the security research community have been working on systems whose security relies only upon the kernel, or a small part of the kernel sometimes called a reference monitor (RM). The general idea is, once you've implemented your RM properly, it will guarantee certain useful global security properties even in the presence of user-space applications with exploitable bugs. I personally believe that implementing an RM in the theoretically optimal way would probably make unreasonable and unacceptable demands on the Linux architecture. However, I suspect that a sub-optimal implementation in a Loadable Kernel Module (LKM) could provide some security benefits with zero impact to the Linux code-base. The LOMAC project is implementing an experimental prototype of such an LKM-based RM, which may be downloaded under the GPL from ftp://ftp.tislabs.com/pub/lomac . If the LOMAC experiment succeeds, LKM-based tools like it may become a useful complement to the careful auditing of packages.
- Tim Fraser, NAI Labs
I got an MS/CS from UIUC after attending from 94-96. Although I did not qualify for financial aid on entry, I got a teaching assistant job the first day I checked in with the CS department. Being a big 10 school, they have a huge need for TA's to teach basic comp sci courses to undergrads. So, I got a free ride all the way, and eventually got a research assistantship to do my thesis work. Also, I should note that their huge undergraduate population is approximately 50% female, FYI.
- Tim
Even if all the *BSD operating systems disappeared tomorrow, BSD would not be dead. Try grepping for 'BSD' in your Linux kernel source.
Although the author's article did not increase my respect for obscurity, his implicit point - that it's a good idea to question conventional wisdom - is a good one. I witnessed a prime example of this while watching the panel sessions at the 1999 IEEE Symposium on Security and Privacy. Several of the speakers professed new respect for the "penetrate and patch" technique. Among the government-funded security research community, which spent much of the last decade or so searching for foolproof methods for producing software demonstrably free of security holes, the conventional wisdom used to be that penetrate and patch was the height of inept foolishness. But, as several panelists pointed out, in the real world it is the de facto standard, because (as any Microsoft employee probably knows) it requires no burdensome initial investment in detailed design, formal verification, and heavy-duty software engineering practices that might delay a release. Considering that the "foolproof" methods have turned out to be commercially impractical, a renewed interest in penetrate and patch may be a good thing.
I do not speak for my employer.
- Tim
The various Ham Radio clubs in the Washington DC metro area put on similar flea markets, which they call "Hamfests" or "Computerfest/Hamborees". There's usually one every two months or so. They're great fun for kids and adults who act like kids when exposed to cool computer equipment. Interested Slashdot readers may be able to find similar events in their area by looking up their local Ham Radio club's website. I love hamfests.
- Tim
I'm lucky enough to make a living adding experimental security functionality to kernels. I'm attracted to Linux and *BSD not because they are non-mainstream, but because I can customize them easily. As long as I can pride myself on running a kernel that I've modified extensively, I don't mind if a lot of unadventurous casual users are running the "stock" version. A large user population is a good thing, actually, since it increases the direct applicability of my research to real-world situations.
Shameless plug - see LOMAC entry on freshmeat.net .