Home > Linux > FBI supplier readies secure Linux FBI supplier readies secure Linux Eugenia Loli 2004-10-20 Linux 14 Comments Trusted Computer Solutions is branching out from its Solaris roots with a secure version of Linux, due out in spring 2005. About The Author Eugenia Loli Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker. Follow me on Twitter @EugeniaLoli 14 Comments 2004-10-20 7:16 pm i hope they also offer a simple yet full featured (KDE) desktop workstation OS for personal use available for download as a ISO… 2004-10-21 12:08 am SELinux is huge step back compared to Trusted Solaris in terms of security and features. Just to name a few SELinux doesn’t shave: -Secure label aware desktop environment -Secure networking -Secure printing -Process privileges Plus there is a huge mistake in this article claiming that Trusted Solaris runs only on Sun hardware, you can run Trusted Solaris 8 on x86 and on amd64 with the upcoming Solaris 10. Bottom line, Trusted Solaris is still the only product on the market that can offer uncompromised security — I hope FBI are not going to make there environment less secure. 2004-10-21 12:18 am Plus there is a huge mistake in this article claiming that Trusted Solaris runs only on Sun hardware, you can run Trusted Solaris 8 on x86 and on amd64 with the upcoming Solaris 10. At present, TCS customers can only run applications on Trusted Solaris, as this is the only “trusted” operating system available on the market. Perhaps you should re-read the article. And what do you know what TCS is and isn’t going to add to they’re version of secure Linux? This is an as of yet unrelease product. And why do you even need to try to create an argument here? It’s the same company that’s doing both of these products. 2004-10-21 12:34 am -Process privileges -Secure networking —- it is capable of doing atleast these two things. others are also possible but havent been done yet afaik 2004-10-21 12:48 am > -Process privileges > -Secure networking SELinux is not capable of supporting either of those, at least not in the same sense Trusted Solaris does it. In respect to secure networking Trused Solaris does labeling of all network packets, thus allowing for a very clean separation of security in the network traffic — SELinux is not capable of that. As for process privileges, the last time I checked, they are plain not there in SELinux. 2004-10-21 1:35 am Trused Solaris does labeling of all network packets, thus allowing for a very clean separation of security in the network traffic — SELinux is not capable of that. —- come on. all objects including sockets,processes,files are very much labelled in selinux. heck just check the nov 1 fc3 release when it comes out 2004-10-21 2:27 am > come on. all objects including sockets,processes,files are very much labelled in selinux. heck just check the nov 1 fc3 release when it comes out What you’re referring to is object labeling and has no relevance to secure networking. Object labeling in SELinux still doesn’t prevent delivery of packets to unintended services, which means a security leak. Trusted Solaris on the other hand applies labeling at the packet level in addition to object labels, which adds another level of security on top. 2004-10-21 6:30 am people are already probably thinking solaris is dieing. sun discontinued trusted solaris, they claim that all versions should have been ‘extra seciure’ instead of having a seperate ‘trusted’ version i personally would have waited to see how the opensolaris program turns out, because that’s a real big reason to wait before migrating off incase if you fear that solaris is ‘loosing momentum’ 2004-10-21 7:14 am > sun discontinued trusted solaris, they claim that all versions should have > been ‘extra seciure’ instead of having a seperate ‘trusted’ version Trused Solaris was never dicontinued, it is still a very much supported and actively developed product — you can buy Trusted Solaris 8 today and there will be Trusted Solaris 10 probably starting next year according to Sun. Either get your facts straight before posting or just stop FUD’ing about things you have no clue about. > people are already probably thinking solaris is dieing. Solaris is far from dying and if anything I see it only gaining more momentum with the release of Solaris 10. Solaris 10 is by far the most advanced, secure and full featured OS out there bar none. 2004-10-21 10:55 am One thing i don’t quite understand yet.What’s the value of the Eal security tests? Windows 2000 had allready EAL 4 qualification in 2002.A higher EAL rate than 4 would mean command line operation.Now with the planned release of Trusted Linux they target EAL 4. 2004-10-21 11:19 am EAL4 from security viewpoint is (almost) useless. Just check what EAL4 mean in real life: http://eros.cs.jhu.edu/~shap/NT-EAL4.html Yes, this guy also design an OS that secure, and that security is _provable_. And some thought about higher level (7,8,9) EAL: http://www.eros-os.org/pipermail/e-lang/2002-November/007768.html 2004-10-21 12:37 pm According to Dan O’Dowd of Green Hills Software: >>”There is no way to fix Linux to bring it up to the level of security that is required for national defense systems, a level that is already available in proprietary operating systems”<< How TSC can afford to do this: >> O’Dowd claims that a thorough security evaluation of Linux’s use by the military will cost over $1,000 per source code line. “A thorough evaluation of Linux for subversions would cost billions of dollars,” O’Dowd holds. He also believes that “Linux has been selected for use in defense systems with insufficient analysis, review, or vulnerability assessment, because the cost of this analysis would be prohibitive.” He warns, “Every principle of security is being violated to enable Linux to spread through our defense systems. This must not be allowed to continue.” << linuxworld.com/story/44711.htm 2004-10-21 3:33 pm EAL is about design practises. It is not about security. For example, the ability of the system to log access to the system. That is a fundamental requirement of EAL4 and others. The ability to do a buffer overrun of the logging systems and gain shell or root access is a real world security problem but these types of things are not covered in EAL 4. I the higher EAL levels, which have not been official obtained and checked by an outside independent auditor. There are additional design checks, but these require code review thus increasing the cost of the validation significantly. This is primarily why there are no OSes higher than EAL4 right now. You can check out this website (maybe) to see which software is at what EAL level. Also there are many countries that are in the consortium, so some software might be on another countries list and not on the U.S. list. http://niap.nist.gov/cc-scheme/vpl/vpl_type.html 2004-10-21 9:14 pm Thank you!