fun fact about microsoft and security
Moderator: General Moderators
fun fact about microsoft and security
In security there's a scale going from 1-5 (5 is in theory, I don't think anything today is security 5.)
I don't remember the acronym, I think it's ael 1 to 5.. or something like that.
So from now i'll say ael (but i'm prolly wrong in the use of the acronym)
Anyways, government apps require ael 3 and army ael 4.
Well windows nt when it got out was certified ael 4, you know how, (they just couldn't do it) so they unplugged the machine from the server, and unplugged IT IS ael 4...hehe i'm not kidding
As soon as you plug your computeron ANY network it loses it's certification hehehe..
Good Job microsoft
I don't remember the acronym, I think it's ael 1 to 5.. or something like that.
So from now i'll say ael (but i'm prolly wrong in the use of the acronym)
Anyways, government apps require ael 3 and army ael 4.
Well windows nt when it got out was certified ael 4, you know how, (they just couldn't do it) so they unplugged the machine from the server, and unplugged IT IS ael 4...hehe i'm not kidding
As soon as you plug your computeron ANY network it loses it's certification hehehe..
Good Job microsoft
- evilmonkey
- Forum Regular
- Posts: 823
- Joined: Sun Oct 06, 2002 1:24 pm
- Location: Toronto, Canada
I was trying to find it (i'll find it eventually it was a link a friend gave me, they where talking about the security issues etc and brought up this exemple)
They where just pointing that a certified security ael 3-4 (whatever) is USELESS because even on a network, (i think windoes xp is 3) well it will be 3 ONLY if you NEVER add ANY third party programs. You add mysql on ypour server BA<M no more certification.
So that was tehre point, no server STAYS certified.
They where just pointing that a certified security ael 3-4 (whatever) is USELESS because even on a network, (i think windoes xp is 3) well it will be 3 ONLY if you NEVER add ANY third party programs. You add mysql on ypour server BA<M no more certification.
So that was tehre point, no server STAYS certified.
-
d3ad1ysp0rk
- Forum Donator
- Posts: 1661
- Joined: Mon Oct 20, 2003 8:31 pm
- Location: Maine, USA
-
d3ad1ysp0rk
- Forum Donator
- Posts: 1661
- Joined: Mon Oct 20, 2003 8:31 pm
- Location: Maine, USA
- Buddha443556
- Forum Regular
- Posts: 873
- Joined: Fri Mar 19, 2004 1:51 pm
I think Draco_03 maybe referring to TCSEC and Windows NT 3.5. It's only certified C2 in non-networked configuration and without the WOW subsystem. It certianly isn't A1.
[EDIT TO ADD]You could also be referring EAL too - Evaluation Assurance Level. Either way I still think it's Windows NT 3.5 you may be referring to here.
[EDIT TO ADD]You could also be referring EAL too - Evaluation Assurance Level. Either way I still think it's Windows NT 3.5 you may be referring to here.
