Author Topic: Microsoft says Windows 2000 passes security check  (Read 1201 times)

Zombie9920

  • Member
  • **
  • Posts: 1,309
  • Kudos: 33
Microsoft says Windows 2000 passes security check
« on: 30 October 2002, 19:32 »
http://www.forbes.com/business/newswire/2002/10/29/rtr771249.html

Did you know that Win2K has an EAL Level 4 certification....there are *NO* Linux distributions that are certified meeting Level 4 standards. Actually I don't think that Linux is EAL certefied at any certification level. ;P

Scotty

  • Member
  • **
  • Posts: 43
  • Kudos: 0
Microsoft says Windows 2000 passes security check
« Reply #1 on: 30 October 2002, 19:55 »
So?
I tried hard to come up with nasty signature but I can't think any at this hour so I just say that m$ can go to hell for all I care.

Zombie9920

  • Member
  • **
  • Posts: 1,309
  • Kudos: 33
Microsoft says Windows 2000 passes security check
« Reply #2 on: 30 October 2002, 23:48 »
Microsoft Windows 2000 Awarded Common Criteria Certification

http://www.microsoft.com/presspass/press/2002/Oct02/10-29CommonCriteriaPR.asp

Crunchy(Cracked)Butter

  • Member
  • **
  • Posts: 329
  • Kudos: 125
Microsoft says Windows 2000 passes security check
« Reply #3 on: 30 October 2002, 23:52 »
But it makes no difference anyway, its still as unstable and still allows unauthorised access, the only difference it does make is that it is now certifiable for hacks and viruses!

voidmain

  • VIP
  • Member
  • ***
  • Posts: 5,605
  • Kudos: 184
    • http://voidmain.is-a-geek.net/
Microsoft says Windows 2000 passes security check
« Reply #4 on: 31 October 2002, 00:18 »
Yeah, I think I'll rush right out and get a copy:

Windows 2000 Security.
Someone please remove this account. Thanks...

Zombie9920

  • Member
  • **
  • Posts: 1,309
  • Kudos: 33
Microsoft says Windows 2000 passes security check
« Reply #5 on: 31 October 2002, 00:24 »
quote:
Originally posted by void main:
Yeah, I think I'll rush right out and get a copy:

Windows 2000 Security.



Ahh, I see that Linux Security is really worth rushing out to get.  :rolleyes:

foobar

  • Member
  • **
  • Posts: 308
  • Kudos: 0
    • http://www.fuckmicrosoft.com
Microsoft says Windows 2000 passes security check
« Reply #6 on: 31 October 2002, 00:26 »
Where is this going? I mean - have those linux distros been tested for them EAL standards, and why might they be so important?
Linux user #283039

Gosh, I love Linux Quake.


voidmain

  • VIP
  • Member
  • ***
  • Posts: 5,605
  • Kudos: 184
    • http://voidmain.is-a-geek.net/
Microsoft says Windows 2000 passes security check
« Reply #7 on: 31 October 2002, 00:42 »
quote:
Originally posted by Zombie9920:
http://www.forbes.com/business/newswire/2002/10/29/rtr771249.html

It took three years and "many millions of dollars," he said. "This is an important milestone for the company."



Yeah, millions of dollars... right into the pockets of the testers that is.

 
quote:

Plagued by security vulnerabilities in its software that left customers open to attack and prompted criticism from experts, Microsoft embarked in January on a company-wide program, dubbed "Trustworthy Computing," to improve the security of its products.

Microsoft has gotten mixed reviews for its efforts, and some experts said that while the new security rating may help the software giant get contracts with governments, banks and others who have strict requirements for bids, it did not necessarily mean the software has fewer flaws in it.



Yep, the above pretty much sums it up. Windows 2000 is no more secure than it was the day Code Red swept through the Win2k/IIS portion of the internet.

And certifications do mean something. Look at the "MCSE", it's an easy way to pick out the lusers in the stack of resumes. MCSE on a resume goes straight into the trash bin.
Someone please remove this account. Thanks...

voidmain

  • VIP
  • Member
  • ***
  • Posts: 5,605
  • Kudos: 184
    • http://voidmain.is-a-geek.net/
Microsoft says Windows 2000 passes security check
« Reply #8 on: 31 October 2002, 01:01 »
Also note on this list:

http://www.commoncriteria.org/ccc/epl/productType/eplinfo.jsp?id=99

That IBM AIX 4.3.1 (UNIX) made the EAL4 certification almost 4 years ago and Solaris 8 (UNIX) almost 2 years ago. And now that Windows 2000 is near the end of the Microsoft product life cycle it enters the mix. Yep, they get it certified and then they no longer support it.
Someone please remove this account. Thanks...

hm_murdock

  • VIP
  • Member
  • ***
  • Posts: 2,629
  • Kudos: 378
  • The Lord of Thyme
Microsoft says Windows 2000 passes security check
« Reply #9 on: 31 October 2002, 03:42 »
what does any kind of certification have to do with anything? it's just some guy writing off on something. It doesn't make it good.

I could certify my penis as being "the best prick on the planet" and it wouldn't matter. The proof is in the puddin'... Win2K ain't secure. If it were, it wouldn't get knocked on its ass by every shitty virus that comes along.

so piss in bill's eye
Go the fuck ~

voidmain

  • VIP
  • Member
  • ***
  • Posts: 5,605
  • Kudos: 184
    • http://voidmain.is-a-geek.net/
Microsoft says Windows 2000 passes security check
« Reply #10 on: 31 October 2002, 04:11 »
And here's what one Win2000 MCSE has to say about this hacked up version of Win2k getting certified:

http://newsvac.newsforge.com/newsvac/02/10/30/1622252.shtml?tid=3

 
quote:

I'm the guy who made the above post titled 'It's about the money'. Just for kicks, I went and put up the following on their discussion forums in reply to the story:

(A little bit of background: yes, I use Linux for my daily chores, I am a fan of Linux, and I think it is a better operating system overall. However, I work with all operating systems, including Windows 2000 and XP, and am a fully certfied Windows 2000 MCSE. So I don't blindly bash Windows without knowing what I'm talking about. I bash it because I know *exactly* what I'm talking about.)

Go read this article first: http://news.com.com/2100-1001-950083.html (There is a group working on gathering up the money to get Linux CC Certified. IE: They *are* working towards it. Do your research before mouthing off.)

First off, not being CC Certified does not mean it is less secure: it simply means that no one has ponied up the $$$ to run Linux through the gamut of tests to get that certification. It may well be that Linux is just as, or more, secure than Windows 2000, but until it is run through the same certification tests, you can't use that certification to judge wether it is more or less secure. If Linux went through that gamut of tests and *failed*, then you could claim that Linux was less secure. Until that happens, though, the author's opinion is nothing more than that: an opinion, and a horribly misinformed one at that. My problem is not even with Microsoft or Windows in this case, it's with the shoddy reporting masquerading as some sort of fact that has been put up in this article.

Let's not even begin on the fact that he is comparing a basic system kernel with a fully patched operating system + suite of applications. Then there's this beautiful line:

"That
Someone please remove this account. Thanks...

Doctor V

  • Member
  • **
  • Posts: 661
  • Kudos: 0
Microsoft says Windows 2000 passes security check
« Reply #11 on: 31 October 2002, 06:02 »
Getting such a certification means nothing.  With M$'s $ getting people to say Win2K secure is not difficult.  Windows will never be as secure as Linux.  Linux has a more advanced security structure.  Windows runs with the same amount of security as Linux running in root, only with more bugs.

V 0.8.7