Jerrold Leichter <[EMAIL PROTECTED]> writes:
>There was also an effort in England that produced a verified chip. Quite
>impressive, actually - but I don't know if anyone actually wanted the chip
>they (designed and) verified.
The Viper. Because it needed to be formally verifiable, they had to l
- Original Message -
From: "Ian Grigg" <[EMAIL PROTECTED]>
> * In contrast, someone who knows little about cars,
> can objectively evaluate a car. They can take it
> for a test drive and see if it feels right. Using
> it is proving it.
I'm not totally convinced of this... Someone wit
- Original Message -
From: "Ian Grigg" <[EMAIL PROTECTED]>
Sent: Saturday, October 11, 2003 1:22 PM
Subject: Re: NCipher Takes Hardware Security To Network Level
> Is there any reason to believe that people who
> know nothing about security can actually eval
At 10:22 PM 10/13/2003 +1300, Peter Gutmann wrote:
So why is this stuff still present in the very latest certification
requirements? Because we're measuring what we know how to measure, whether it
makes sense to evaluate security in that way or not. This is probably why
penetrate-and-patch is sti
On Mon, 13 Oct 2003, Jerrold Leichter wrote:
>Very few real efforts were made to actually produce a "provably correct" OS.
>The only serious commercial effort I know of was at DEC, which actually did
>a provably-correct virtual machine monitor for VAXes. I knew some of the
>guys who worked on t
| ... An extreme example of this is the use of formal methods for
| high-assurance systems, as required by FIPS 140-2 level 4. Why is it in
| there? Because ... the Orange Book ('85) had it in there at the highest
| levels. Why was it in there? Because the proto-Orange Book ('83) had it in
| th
"Anton Stiglic" <[EMAIL PROTECTED]> writes:
>But the problem is how can people who know nothing about security evaluate
>which vendor is most committed to security? For the moment, FIPS 140 and CC
>type certifications seem to be the only means for these people...
Yeah, it's largely a case of look
Anton Stiglic wrote:
>
> - Original Message -
> From: "Peter Gutmann" <[EMAIL PROTECTED]>
> > [...]
> >
> > The problem is
> > that what we really need to be able to evaluate is how committed a vendor
> is
> > to creating a truly secure product.
> > [...]
>
> I agree 100% with what you sa
- Original Message -
From: "Peter Gutmann" <[EMAIL PROTECTED]>
> [...]
>
> The problem is
> that what we really need to be able to evaluate is how committed a vendor
is
> to creating a truly secure product.
> [...]
I agree 100% with what you said. Your 3 group classification seems
accur
I wrote:
>Peter ("I define myself to be A BIT CYNICAL about all this").
Since it could appear that I'm gratuitously bashing FIPS 140 (or certification
processes in general) here, I should clarify: As with all attempts at one-
size-fits-all solutions, one size doesn't quite fit all. You can break
Peter Gutmann wrote:
> Uhh, so you're avoiding privilege escalation attacks by having
> everyone run as root, from which you couldn't escalate if you wanted
> to.
Indeed so.
"What do you do to prevent ordinary users from abusing access to the
software"
"we don't allow them on - only admins can use
- Original Message -
From: "Peter Gutmann" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, October 07, 2003 11:07 AM
Subject: Re: NCipher Takes Hardware Security To Network Level
> "Anton Stiglic" <[EMAIL
"Anton Stiglic" <[EMAIL PROTECTED]> writes:
>This is why you get requirements of the type that it should run on Windows in
>single-user mode, which I take to mean have only an admin account. This
>prevents privilege escalation attacks (regular user to root) that are easily
>done.
>
>I think this
- Original Message -
From: "Peter Gutmann" <[EMAIL PROTECTED]>
> [...]
> If you think that's scary, look at Microsoft's CryptoAPI for Windows XP
FIPS
> 140 certification. As with physical security certifications like BS 7799,
you
> start by defining your security perimeter, defining ever
I was asked by someone to anonymously forward the following reply to
Joshua Hill to the list. (Second time in a week, and on the same topic!)
If you reply, please don't put my name in the reply -- this isn't my
comment.
--
> >
>In fact, if you're clever, you can manage to not trouble yourself to get the
>key-management, etc. certified, getting only the simple, symmetric-cipher
>stuff run through the process. The government will still buy your
>"encryption devices" (FIPS-140 certified) and will conveniently ignore the
> In fact, if you're clever, you can manage to not trouble yourself to get
> the key-management, etc. certified, getting only the simple, symmetric-cipher
> stuff run through the process.
You can, but that doesn't mean that it's ok.
Key management is explicitly covered under FIPS 140-2. If yo
I was asked by the author of this to forward it with the sender
information removed.
From: [someone]
Subject: Re: NCipher Takes Hardware Security To Network Level
On Mon, Oct 06, 2003 at 01:38:13PM -0400, R. A. Hettinga wrote:
>
> --- begin forwarded text
>
>
> Status: U
>
--- begin forwarded text
Status: U
Date: Mon, 06 Oct 2003 12:40:41 -0400
From: Somebody
To: "R. A. Hettinga" <[EMAIL PROTECTED]>
Subject: Re: NCipher Takes Hardware Security To Network Level
Don't identify me, since I'm not sure what parts of my NDA are still
<http://www.crn.com/Components/printArticle.asp?ArticleID=44909>
CRN --
Print This Article
NCipher Takes Hardware Security To Network Level
By
Charlene O'Hanlon
CRN
9:35 AM EST Mon., Oct. 06, 2003
NCipher Monday
unveiled a network-level version of its nShield Hardware Secu
20 matches
Mail list logo