Re: [Fed-Talk] Re: FIPS 140-2 discussion...
Re: [Fed-Talk] Re: FIPS 140-2 discussion...
- Subject: Re: [Fed-Talk] Re: FIPS 140-2 discussion...
- From: Mark Radleigh <email@hidden>
- Date: Fri, 15 May 2009 12:57:50 -1000
- Thread-topic: [Fed-Talk] Re: FIPS 140-2 discussion...
> Date: Fri, 15 May 2009 11:46:10 -0500
> From: "Timothy J. Miller" <email@hidden>
> Subject: Re: [Fed-Talk] Re: FIPS 140-2 discussion...
> To: Amanda Walker <email@hidden>
> Cc: Fedtalk List <email@hidden>
> Message-ID: <email@hidden>
> Content-Type: text/plain; charset="utf-8"
>
> Amanda Walker wrote:
>
> EAL2 is not a terribly high bar, though. Jaguar made it to EAL3 when
> configured properly, as I recall.
>
> Yes, but there are *far* more non-CC validated systems in existence than
> there are CC validated systems. Especially when one considers that
> many *patches* invalidate the validation. :)
>
> -- Tim
> ------------------------------
Which is *exactly* why I never patch my systems! I wouldn't want to be out
of compliance now would I? :)
For those of you who don't subscribe to sarcasm, that was a joke. Yes, I
*do* patch my systems. ;)
On another note, Amanda was mentioning wanting a "hardened ExpressCard" that
works with a KSD-64 equivalent (or something like that). I remember last
year at a crypto conference that a particular company actually had an
'external' drive that required a PIN or KSD type 'key' to unlock (yes, the
whole hard drive was encrypted). It worked, but sure was clunky at the
time! However, I did heard rumors that they would have re-engineered it for
laptops by now. Sure wish I could see what they came up with and hope it
will work with MacBooks! :)
Of course, I'm never too sure if this is reality or if I'm still dreaming at
times... :D
Mark
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden