[rescue] FrameMaker FYI

Steve Sandau ssandau at gwi.net
Fri Mar 26 14:37:30 CST 2004

>>>   Yes and no.  The basic *design* of Windows is fraught
>>>with flaws and security issues.  Is it even possible to
>>>write a secure piece of software for that platform?
>>I'll let you know Dave, I'm busy porting IEFBR14 [0] from MVS to WinXP - my goal is tu use all my programming-fu to make it 100% secure. ;^)
>>My Code will be secure, but I'm not sure I can certify it's security in a particular environment...
> In this context, I've always found this an amusing note:
> One of the things Microsoft used as a selling point to tout NT was how
> secure it was.  "The only operating system in its class to achieve the
> coveted US Government C2 security rating," blah, blah, blah.
> Turns out if you read the fine print of NT's C2 certification, there's a
> mandatory condition: NT is certified C2 secure so long as the machine is
> not connected in any way to any form of network. The instant you plug in
> that network cable, kiss your C2 certification goodbye.

I believe that there were even further limitations. I think it was only 
3.51 that was C2 and only if certain things were not installed, and 
certain patches and so on were installed. The scenario under which it 
was C2 compliant was extremely limited. I did some reading about that 
since I work for a govt. contractor and work on Navy networks.

Reminds me of a salesman who called up just as we got rid of our last 
Windows server. He wanted to talk to me about "upgrading" to Windows NT 
4. At that tims I had even more of a dislike for it than I do now, and I 
said "Please tell me what I could possibly be running on my servers that 
would make NT4 an *upgrade*." The conversation didn't last long after 


More information about the rescue mailing list