-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

NSA shows the way to develop secure systems

,----[ Quote ]
| The unprecedented release of the project into the open source community aims
| to demonstrate how highly secure software can be developed cost-effectively,
| improving industrial practice and providing a starting point for teaching and
| academic research. Originally showcased in a conference paper in 2006, it has
| the long-term aim of improving the development practices of NSA’s
| contractors. Tokeneer was created as a fixed-price project, taking just 260
| person days to create nearly 10,000 lines of high-assurance code, achieving
| lower development costs than traditional methods per line of code.
`----

http://www.net-security.org/secworld.php?id=6619


Recent:

NSA's Linux

,----[ Quote ]
| So, do you trust it or not?
|
| [...]
|
| The packaged form of SELinux, as seen in Red Hat Enterprise Linux and other
| distributions, is already working.
|
| SELinux mitigations -- http://www.tresys.com/selinux.html -- 2 each for 2005
| and 2006, up to 4 in 2007 (including a big Samba vulnerability) and already 1
| in 2008. More here: http://www.linuxworld.com/news/2008/022408-selinux.html *
|
| Posted by: Don Marti at April 8, 2008 02:09 PM
|
| [...]
|
| I trust it. It is GPL, has been reviewed by many, and it works. I think it
| should be the job of the government/NSA to help us secure our computers *in
| open and transparent ways*. It benefits the economy and the nation as a whole
| to have more secure infrastructure. I liken it to the national highway
| system. It is in everyone's interest both military and civilian. * *
|
| Posted by: Tracy R Reed at April 8, 2008 02:47 PM
`----

http://www.schneier.com/blog/archive...sas_linux.html


Related:

Did NSA Put a Secret Backdoor in New Encryption Standard?

,----[ Quote ]
| Which is why you should worry about a new random-number standard that
| includes an algorithm that is slow, badly designed and just might contain a
| backdoor for the National Security Agency. *
`----

http://www.wired.com/politics/securi...tymatters_1115


,----[ Quote ]
| Is this a good idea or not? For the first time, the giant software maker
| is acknowledging the help of the secretive agency, better known for
| eavesdropping on foreign officials and, more recently, U.S. citizens as
| part of the Bush...
`----

http://www.schneier.com/blog/archive...s_micro_1.html


Microsoft could be teaching police to hack Vista

,----[ Quote ]
| Microsoft may begin training the police in ways to break the
| encryption built into its forthcoming Vista operating system.
`----

http://www.vnunet.com/vnunet/news/21...ng-police-hack
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkjsBvkACgkQU4xAY3RXLo71BACfZu/UduHABvxKElXIuceLgPYQ
QToAoJbjBc+ZbE6t43jPfMrMXCqmOi1T
=CWDF
-----END PGP SIGNATURE-----