Do you believe that the recent lobbying efforts by the music industry are (1) an honest attempt to stop what they believe is only a criminal action or (2) an anti-capitalistic market intervention, designed to prevent competitors from entering into the online-music market before they exist? If (1), how do you believe the industry would respond to legislation which required (a) open content formats; and (b) guaranteed full-quality fair-use personal copies; if (2), how do you explain this dichotomy, and why should we as consumers tolerate it?
Linux received it's evaluation at a level of EAL2; according to the CC guidelines, this is "structurally tested" and means that it should "not demand more effort on the part of the developer that is consistent with good commercial practice"; applicable where "a low to moderate level of independently assured security" is required.
Windows 2K received an EAL4+, according to NIAP's
evaluated product list; which is *supposed* to show it was "methodically designed, tested, and reviewed". This is probably about on par with the old Orange Book (TCSEC) C3 it used to have. EAL4 does "not require substantial specialist knowledge" and is the "highest level in which it is likely to be economically feasible to retrofit in an existing product line." It's intended that an EAL4 system shows "low-level design for the Target of Evaluation (ToE)"; with testing that supports "independent search for obvious vulnerabilities."
That being said, having an EAL2 or EAL4 will probably not get you into a job that involves holding classified data.
All of this is accessible from , the CC website.
Slashdot Mirror
Do you believe that the recent lobbying efforts by the music industry are (1) an honest attempt to stop what they believe is only a criminal action or (2) an anti-capitalistic market intervention, designed to prevent competitors from entering into the online-music market before they exist? If (1), how do you believe the industry would respond to legislation which required (a) open content formats; and (b) guaranteed full-quality fair-use personal copies; if (2), how do you explain this dichotomy, and why should we as consumers tolerate it?
Linux received it's evaluation at a level of EAL2; according to the CC guidelines, this is "structurally tested" and means that it should "not demand more effort on the part of the developer that is consistent with good commercial practice"; applicable where "a low to moderate level of independently assured security" is required.
Windows 2K received an EAL4+, according to NIAP's evaluated product list; which is *supposed* to show it was "methodically designed, tested, and reviewed". This is probably about on par with the old Orange Book (TCSEC) C3 it used to have. EAL4 does "not require substantial specialist knowledge" and is the "highest level in which it is likely to be economically feasible to retrofit in an existing product line." It's intended that an EAL4 system shows "low-level design for the Target of Evaluation (ToE)"; with testing that supports "independent search for obvious vulnerabilities."
That being said, having an EAL2 or EAL4 will probably not get you into a job that involves holding classified data.
All of this is accessible from , the CC website.