ZDTV: The Philosophy of SecurityDec 21, 1999, 01:50 (13 Talkback[s])
(Other stories by Simson L. Garfinkel)
[ Thanks to Jeremy Allison for this link. ]
"Windows and Unix take diverging approaches to computer security. Can both be right?."
"When discussing networks, people often want to know which is the most secure system. This is sometimes comes down to the fundamental question of the operating system. Is Windows NT a secure operating system? Is NT more secure than Unix? The answers to these questions depend a lot on your philosophy of computer security...."
"The Unix philosophy of computer security is fundamentally different. Instead of focusing on what is actually possible with today's tools and attacks, it focuses on what is theoretically possible given the underlying structure of the operating system. For example, instead of relying on complicated file-system structures to obscure the location of information on a computer's hard drive, Unix researchers created cryptographic file systems to protect data using data encryption. Microsoft designers could have used encryption to strengthen NT's ACLs, but they didn't."