OS X Security Evaluation

Discussion in 'MacRumors News Discussion (archive)' started by arn, Jul 4, 2002.

  1. arn
    macrumors god

    arn

    Staff Member

    Joined:
    Apr 9, 2001
    #1
    According to CNet, Apple has submitted Mac OS X for an independant security evaluation.

    The testing, being done as part of the U.S. government's National Information Assurance Partnership, will evaluate Mac OS X and Mac OS X Server on a series of common criteria used by a number of countries to evaluate the security features of various technologies. The evaluation allows governments and businesses to compare the relative security features of different products.

    Submitting the operating system for testing could help give the Mac more clout in government circles, said Tom Goguen, director of worldwide product marketing for Apple's server software unit.
     
  2. macrumors 68020

    sparkleytone

    Joined:
    Oct 28, 2001
    Location:
    Greensboro, NC
    #2
    well maybe they can get OS X running on the 286's that run our NATIONAL FLIGHT TRACKING systems. of course it wouldnt look to good on a MONOCHROME screen!
     
  3. macrumors 6502

    Joined:
    Jun 5, 2002
    Location:
    Maryland
  4. macrumors 6502a

    drastik

    Joined:
    Apr 10, 2002
    Location:
    Nashvegas
    #4
    good, more power to them. I think that this coiuld be a big boost for Apple. I have a friend at the State Department who uses Macs at home, but appearantly Gov. IT ain't intereted.

    ;)
     
  5. macrumors member

    Joined:
    Dec 27, 2001
    #5
    Hmmmmm

    I don't know but there have been big security leaks in OS X... I don't know if they are already fixed but I think it won't be secure enough for the gouvernement
     
  6. macrumors 68020

    sparkleytone

    Joined:
    Oct 28, 2001
    Location:
    Greensboro, NC
    #6
    there haven't been big security leaks in OS X. there have been big security leaks in apache and openSSL. big difference. apple did a great job packaging the fixes in a timely manner.
     
  7. macrumors 6502a

    Joined:
    Nov 25, 2001
    Location:
    Champaign, IL, USA
    #7
    good point, sparkleytone. I really don't think that it's fair to blame apple for something that effects all *nix OS's.
     
  8. macrumors 6502

    Joined:
    Mar 15, 2002
    Location:
    Winter Park, FL
    #8
    Listen, even if their are a few leaks, OS X has to be more secure than Windows. :)

    Bill
     
  9. macrumors regular

    Joined:
    Jun 12, 2002
    #9
    Software is coming. Government is the single biggest buyer of computers in the US. (AFAIK disclaimer :)

    Some enterprising individuals should start some consulting businesses for the government fitting the software to their needs. Could sell a bunch of easy to use imacs, emacs and more.
     
  10. macrumors 6502

    Joined:
    May 2, 2002
    #10
    This is so Apple with have an evaluation, so they can in future create a secrue Darwin kernel, just like Solaris, or AIX have done. So being the tests, etc. will take a year or so to complete, this will not make anyone in the Gov't's buying dept. turn their heads and sign a check. There is little chance that Apple got EVERYTHING right right off the bat, this will merely tell them where to improve so they can come back and try again :D
     
  11. macrumors regular

    Joined:
    Sep 4, 2001
    Location:
    San Diego, CA
    #11
    Reasons for Security Evaluation

    I think you called this right, however I believe there is a reasonable chance that they will pass the first time for the simple reason that they are building on a known software foundation. Given that the evaluation takes over a year (according to a local San Diego paper), it may include "find and fix" opportunities. Not sure what the rules are, but I doubt that it is a simple pass/fail.
     
  12. macrumors regular

    Joined:
    Dec 13, 2001
    Location:
    San Francisco Bay Area
    #12
    So I would guess then that Apple is submitting Jaguar. Do you think Apple would submit anything for such testing without feeling confident that it will stand up to the competition? Any idea about security improvements in 10.2?
     

Share This Page