Thoughts on secure operating systems
Remarks attributed to Gene Spafford and Cynthia Irvine by the EE Times and a marketing offensive by Green Hills against Linux don't provide an accurate picture of software security issues for operating systems and, in fact, add to the confusion. In what follows, I want to try to move the discussion to a less emotional and more balanced basis. One of my points is that security certifications have serious limitations and costs. That's not to say that certifications are bad or useless -- far from it. But certification is not a cure-all, or without problems, and people need to be able to distinguish between marketing and actual engineering.
By Victor Yodaiken at Linux Devices.
[ Read more ]