PDA

View Full Version : OS X Security Evaluation


arn
Jul 4, 2002, 12:55 PM
According to CNet (http://news.com.com/2100-1001-941540.html?tag=fd_top), Apple has submitted Mac OS X for an independant security evaluation.

The testing, being done as part of the U.S. government's National Information Assurance Partnership, will evaluate Mac OS X and Mac OS X Server on a series of common criteria used by a number of countries to evaluate the security features of various technologies. The evaluation allows governments and businesses to compare the relative security features of different products.

Submitting the operating system for testing could help give the Mac more clout in government circles, said Tom Goguen, director of worldwide product marketing for Apple's server software unit.

sparkleytone
Jul 4, 2002, 01:48 PM
well maybe they can get OS X running on the 286's that run our NATIONAL FLIGHT TRACKING systems. of course it wouldnt look to good on a MONOCHROME screen!

DavPeanut
Jul 4, 2002, 02:03 PM
sounds good

I'm a regular!

drastik
Jul 4, 2002, 02:27 PM
good, more power to them. I think that this coiuld be a big boost for Apple. I have a friend at the State Department who uses Macs at home, but appearantly Gov. IT ain't intereted.

;)

SubFredZero
Jul 4, 2002, 03:30 PM
I don't know but there have been big security leaks in OS X... I don't know if they are already fixed but I think it won't be secure enough for the gouvernement

sparkleytone
Jul 4, 2002, 04:14 PM
there haven't been big security leaks in OS X. there have been big security leaks in apache and openSSL. big difference. apple did a great job packaging the fixes in a timely manner.

j763
Jul 4, 2002, 07:09 PM
good point, sparkleytone. I really don't think that it's fair to blame apple for something that effects all *nix OS's.

billiam0878
Jul 4, 2002, 09:49 PM
Listen, even if their are a few leaks, OS X has to be more secure than Windows. :)

Bill

synergy
Jul 5, 2002, 09:25 AM
Software is coming. Government is the single biggest buyer of computers in the US. (AFAIK disclaimer :)

Some enterprising individuals should start some consulting businesses for the government fitting the software to their needs. Could sell a bunch of easy to use imacs, emacs and more.

shadowfax0
Jul 5, 2002, 06:01 PM
This is so Apple with have an evaluation, so they can in future create a secrue Darwin kernel, just like Solaris, or AIX have done. So being the tests, etc. will take a year or so to complete, this will not make anyone in the Gov't's buying dept. turn their heads and sign a check. There is little chance that Apple got EVERYTHING right right off the bat, this will merely tell them where to improve so they can come back and try again :D

mmcneil
Jul 7, 2002, 10:32 AM
Originally posted by shadowfax0
This is so Apple with have an evaluation, so they can in future create a secrue Darwin kernel, just like Solaris, or AIX have done. So being the tests, etc. will take a year or so to complete, this will not make anyone in the Gov't's buying dept. turn their heads and sign a check. There is little chance that Apple got EVERYTHING right right off the bat, this will merely tell them where to improve so they can come back and try again :D

I think you called this right, however I believe there is a reasonable chance that they will pass the first time for the simple reason that they are building on a known software foundation. Given that the evaluation takes over a year (according to a local San Diego paper), it may include "find and fix" opportunities. Not sure what the rules are, but I doubt that it is a simple pass/fail.

CHess
Jul 7, 2002, 12:38 PM
So I would guess then that Apple is submitting Jaguar. Do you think Apple would submit anything for such testing without feeling confident that it will stand up to the competition? Any idea about security improvements in 10.2?