[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Linux is More Secure than NT? Prove It.



A recent osOpinion article perked my interest about the Navy's recent
decision to use the Microsoft Windows operating system in its next
generation aircraft carrier
(http://www.fcw.com/fcw/articles/2000/0807/news-navy-08-07-00.asp). Two
years earlier, a divide by zero error on a Microsoft Windows NT machine left
the USS Yorktown dead in the water for over two hours
(http://www.gcn.com/archives/gcn/1998/july13/cov2.htm). The sequence of
these events forces one to ask the question: why would the government choose
the Microsoft Windows operating system despite the known defects and
problems? The answer is really quite simple - they do not have a choice in
the matter. 

The Department of Defense has a little known rule that all computer products
(hardware and software) containing classified or unclassified sensitive
information must be evaluated and rated. The National Computer Security
Center (NCSC), a branch of the NSA, is responsible for evaluating and rating
commercial security products. These products fall into one of four
divisions: D - Minimal Security, C - Discretionary Protection, B - Mandatory
Protection, and A - Verified Protection. Divisions C, B, and A are divided
into classes: C1 - Discretionary Security Protection (no longer in use), C2
- Controlled Access Protection, B1 - Labeled Security Protection, B2 -
Structured Protection, B3 - Security Domains, and A1 - Verified Design (see
Orange Book, http://www.radium.ncsc.mil/tpep/library/rainbow/index.html).
The ratings, in order from least secure to most secure, are D, C1, C2, B1,
B2, B3, and A1.

To make the rating system a little clearer, I'll draw an analogy. Microsoft
DOS with the equivalent security of a Speedo - not very secure - would have
a D rating. Microsoft Windows 95/98/ME with the equivalent security of a
wooden barrel - stops rotten vegetables thrown by novice users but not
bullets from professional hackers/crackers - would have a C1 rating.
Microsoft Windows NT/2000 with the equivalent security of a bulletproof vest
- able to stop professional hackers/crackers - has a C2 rating. 

Microsoft was very cunning in obtaining this rating. Microsoft Windows NT
4.0 is the only general-purpose operating system rated by the NCSC
(http://www.radium.ncsc.mil/tpep/epl/historical.html). Other operating
systems are rated, but those operating systems are designed for specific
machines like mainframes and supercomputers, not general-purpose personal
computers. Since all computer products containing classified or unclassified
sensitive information must be rated for the government to use them,
Microsoft Windows is the only general-purpose operating system the
government can use. Hence, Microsoft has a monopoly on all general-purpose
operating systems sold to the government. 

If you really want to break Microsoft's monopoly, you need to get
alternative operating systems, like Linux, rated by the NCSC. Many
companies, like Red Hat, do not want to invest the time or money to have
their products evaluated and rated, but I believe that the potential for
government contracts (and the knowledge that our nuclear secrets are a
little bit safer) is well worth the investment. In addition, Microsoft will
no longer be able to beat the Linux crowd over the head with the "No
Security Rating" argument
(http://www.microsoft.com/NTServer/nts/news/msnw/LinuxMyths.asp). 

I believe Linux is capable of much more than just meeting the C2 rating
Microsoft Windows NT holds. Since Linux can do everything that Microsoft
Windows NT can do (and then some), one can reasonably assume that Linux can
achieve a minimum C2 rating. In order to meet the B1 requirements, the
operating system must be able to append security information to objects
after they leave the system. Microsoft Windows NT could not achieve this
rating because they supported only the FAT file system for floppy disks,
which cannot track security information. Linux supports the EXT2 file system
for floppy disks, and the kernel can be compiled to remove support for the
less secure FAT, forcing users to use a file system that contains security
information, hence mandatory protection. However, requirements for B3 and A1
require that the operating systems be stripped of all components not vital
to system security (http://www.radium.ncsc.mil/tpep/epl/epl-by-class.html).
While this is theoretically possible given the Open Source nature of Linux,
stripping away all non-security components would change the nature of Linux,
and the stripped down version of Linux would no longer be a general-purpose
operating system. I believe Linux is capable of at least a B1 or perhaps a
B2 rating. 

I believe companies of alternative operating systems should buckle down and
have their products rated by the NCSC to better compete with Microsoft and
make us feel proud (and more secure) in using alternative operating systems,
like Linux. Please email companies of alternative operating systems, like
Red Hat, and tell them to get their products rated by the National Computer
Security Center.

That's my two-cents worth. For more information on Commercial Product
Evaluations, check out the website of the NCSC at
http://www.radium.ncsc.mil/tpep/.





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]