Linux, Common Criteria, and OS Protection Profiles

Linux, Common Criteria, and OS Protection Profiles


“With this COTS GP-OSPP foundation, we expect that evaluating Linux products under similar PPs, like the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI) General Purpose Operating System Protection Profile (BSI GP-OSPP) can also be undertaken”

Well, I would stick with the old TCSEC rules, with a few adjustments, whatever the stricter of the two policies is.

Apple repealed: German politicians to use encrypted phones to block NSA spying

Here comes the apple gig …

LEAKED: German Government Warns Key Entities Not To Use Windows 8 – Links The NSA

And here comes the microsoft gig …

‘But’ they forget to mention (maybe intentionally, counter information,) the VPRO ARM32 and VNC remote control system built in, and the ‘interesting’ technology of TPM 2.0 with ‘remote’ firmware control, which in the ‘new designs’ could probably ‘downgrade’ a regular Intel non-VPRO into a VPRO one (apparently the characteristics are common to all newer Intel, just ‘not activated’ unless you pay them 50 bucks, or unless ‘they’ decide is worth spying on you.)

So my take for PC compatibles is: Intel and TPM 2.0, good only for counterinformation or honeypots, D0, unsafe even if disconnected from network or turned off, TPM 1.x (in this case is possible to enable/disable from firmware,) only running open non proprietary system self installed, only with hard disks pre-2005, and not over C1, anything over C1 on hardware pre TPM age, only disconnected from public networks, very strong cipher always ‘offline’ for public networks, on 1980 simple single task single user machines, pre DOS, pre networks age. 😉

For the others, I would stop at apple pre-intel and windows pre-xp, but only running in virtual machines, with no network access.


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s