From: David Collier-Brown <davec-b@rogers.com>
To: bloat@lists.bufferbloat.net
Subject: Re: [Bloat] [Cerowrt-devel] wired article about bleed and, bloat and underfunded critical infrastructure
Date: Mon, 14 Apr 2014 21:16:49 -0400 [thread overview]
Message-ID: <534C8881.40206@rogers.com> (raw)
In-Reply-To: <mailman.25637.1397518890.1815.bloat@lists.bufferbloat.net>
> Dave Taht <dave.taht@gmail.com> wrote...
>
> On Mon, Apr 14, 2014 at 4:22 PM, <dpreed@reed.com> wrote:
>> All great points.
>>
>>
>>
>> Regarding the Orange Book for distributed/network systems - the saddest part
>> of that effort was that it was declared "done" when the standards were
>> published, even though the challenges of decentralized networks of
>> autonomously managed computers was already upon us. The Orange Book was for
>> individual computer systems that talked directly to end users and sat in
>> physically secured locations, and did not apply to larger scale compositions
>> of same. It did not apply to PCs in users' hands, either (even if not
>> connected to a network). It did lay out its assumptions; but the temptation
>> to believe its specifics applied when those assumptions weren't met clearly
>> overrode engineering and managerial sense.
> I worked on C2 level stuff in the early 90s, and on a db that tried to get B2
> certification - it was difficult, slow, painful, hard, and ultimately
> just a checkbox
Going far off-topic, I wrote a tongue-in-cheek article that was actually
a suggestion we use labelling and crypto to create severely simplified
orange-book compartments, in turn to protect confidentiality...
http://www.slaw.ca/2014/01/02/thank-goodness-for-the-nsa-a-fable, with a
more technical expansion at
http://broadcast.oreilly.com/2013/12/where-were-ye-orange-book-in-w.html
In part, this was to see if I could reduce the problem space to
something a startup would find possible to fund...
--dave
--dave
--
David Collier-Brown, | Always do right. This will gratify
System Programmer and Author | some people and astonish the rest
davecb@spamcop.net | -- Mark Twain
next parent reply other threads:[~2014-04-15 1:16 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <mailman.25637.1397518890.1815.bloat@lists.bufferbloat.net>
2014-04-15 1:16 ` David Collier-Brown [this message]
[not found] <mailman.3.1397502002.11580.bloat@lists.bufferbloat.net>
2014-04-14 19:51 ` David Collier-Brown
2014-04-11 18:22 [Bloat] wired article about bleed and " Dave Taht
2014-04-11 19:43 ` [Bloat] [Cerowrt-devel] " dpreed
2014-04-14 0:57 ` Dave Taht
2014-04-14 23:22 ` dpreed
2014-04-14 23:41 ` Dave Taht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/bloat.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=534C8881.40206@rogers.com \
--to=davec-b@rogers.com \
--cc=bloat@lists.bufferbloat.net \
--cc=davecb@spamcop.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox