Rob Housman, the Executive Director of the Cyber Secure Institute, put out this statement concerning two disturbing trends in cybersecurity: the growing number of unsupportable security claims and the increasing reliance on widely held beliefs as opposed to tested and proven technologies. The Cyber Security Institute is an analysis and advocacy institute dedicated to serving as the voice for effective cyber security.
One of the Institute’s primary objectives is to cut through the morass of cyber security claims and counterclaims and distinguish what is real and what is not. Lately, the Institute has seen a significant uptick in the number of unsupportable, if not patently false, security claims being made. We have also seen a growing reliance upon widely held beliefs that may or may not be based in proven fact.
Along these lines we feel it necessary to highlight and debunk two recent examples of these trends:
Erroneous Claims: Marc Brown, a Wind River vice president, recently told Military Embedded Systems that Green Hills Software’s real time operating system is “only certified under ‘high robustness’; they did not certify under EAL6+, as they did not actually add in the necessary requirements to comply with EAL6.”
His statement is false. Even a cursory review of the Green Hill’s listing on NSA/NIAP’s website shows that the Integrity technology has, in fact, been certified under both the relatively new “high robustness” standard and at EAL6+. For Wind River to suggest otherwise is false.
In contrast, the NSA/NIAP listing for Wind River’s VXWorks MILS 2.0 technology shows that it is presently being evaluated but has not been certified at any level. It is nonsensical for a company that is not certified to attack a technology that has received the highest security certification ever by the federal government.
Additionally, Wind River’s criticism here displays a serious lack of understanding of the current certification standards. Wind River’s statement implies that high robustness is somehow a lesser security. In fact, a close review of the two sets of certification requirements shows that they are both extraordinarily rigorous. Most technologies on the market today are not even close to being able to meet either standard. And, in the RTOS vertical one might argue that the high robustness standard is even tougher than EAL6.
Rather than attacking technologies that have already been certified secure, we would encourage Wind River to focus on its own going certification process. If they can achieve this high standard we look forward to working with them.
Reliance on Truisms: eWeek recently published an article entitled “10 Reasons Why Google Android Is Secure.” In the article eWeek states, among other things, that Android is secure because it is built on open source software and because the platform technology is Linux-based. Both of these arguments are seriously flawed.
First, while many believe that open source software is more secure, in fact, the process by which open source software is created raises the serious risk that malicious code can be inserted into a program. With tens of thousands of lines of code — much of it of unknown or little known origins — and without any formal proof of the code, there simply is no way to ensure that open source software is fully secure — let alone prove it. Any one who doubts this need only refer back to the frightening revelation by Ken Thompson, one of the UNIX creators, that he was able to insert an untraceable Trojan in the UNIX login command.
Second, while many believe that Linux is a more secure software platform, in fact, Linux isn’t significantly more secure than the other uncertified systems that are currently on the market. There are thousands of published known vulnerabilities in Linux and untold numbers of other exploits known to hackers and criminals, as well as our enemies.
Debunking these truisms will be seen by some as an act of heresy. However, our cybersecurity systems must be based on tested, proven technologies, not on beliefs, no matter how widely held.
There is only one truly secure Smart or App Phone in use today: the one used by Pres Obama. It is no coincidence that the President’s phone runs on a certified secure system, not a Linux-based, open source technology.
More info: Cyber Security Institute