Linux Today: Linux News On Internet Time.

Federal Computer Week: Is Linux secure enough?

Sep 19, 2001, 22:45 (44 Talkback[s])
(Other stories by Heather B. Hayes)
"Although proponents argue that Linux is at least as secure - and perhaps more secure - than Unix, Microsoft Corp.'s Windows NT or Novell Corp.'s NetWare, there is still concern at many federal agencies about the operating system's safety.

The idea that Linux is more vulnerable than other systems, however, "is absolutely a misconception," said Terry Bollinger, principal information systems engineer for Mitre Corp., a think tank that performs federally funded research. "But because the genesis of Linux comes out of the hacker community - hacker in the good sense, where there's this international global effort to develop a source code that is fully open, fully visible to everyone - that immediately brings up all sorts of concerns and worries about what that means. Can people break in? Can people plan Trojan horses? It's almost a reflex action." Reflex or not, concerns about security have kept many agencies at bay, especially the Defense Department. Incidentally, the efforts of an agency famous for its suspicious nature may eventually help the rest of government put aside its fears. This spring, the National Security Agency released a prototype of a security- enhanced Linux system and released it to the public.

The prototype boosts Linux with new, stronger protections against tampering and bypassing application security mechanisms and with greater limits on the damage that can be caused by malicious or flawed applications. Among the new features are much-needed access controls at the user level and within the software itself."

Complete Story

Related Stories: