Date: Thu, 12 Sep 2013 13:53:52 -0600 From: Brett Glass <brett@lariat.org> To: Jonathon Wright <jonathon.s.wright@gmail.com>, Julian Elischer <julian@freebsd.org> Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org>, John-Mark Gurney <jmg@funkthat.com> Subject: Re: FreeBSD Transient Memory problem? Message-ID: <201309121953.NAA24598@mail.lariat.net> In-Reply-To: <CAGX1DMYAheUAV_eB4Z4R_YaMDx_LzrepEag5KyBC=EOxzhUiMQ@mail.g mail.com> References: <CAGX1DMbQP=TggYQm-3hra0Od3gjgz5xQ8bEMMrueuhL6kuZMUA@mail.gmail.com> <20130912053559.GF68682@funkthat.com> <979901F9-5F25-4DF1-95A8-32473C55B25F@gmail.com> <52320144.2090807@freebsd.org> <CAGX1DMYAheUAV_eB4Z4R_YaMDx_LzrepEag5KyBC=EOxzhUiMQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 01:33 PM 9/12/2013, Jonathon Wright wrote: >*Description of Finding:* Object reuse cannot be verified. The FreeBSD >servers used have not been evaluated or certified by NIAP. As such, it >cannot be verified that the operating system ensures transient memory >cleansing (object reuse) features are in place. Translation: The FreeBSD Project doesn't participate in, and hasn't paid money to be certified by, a program run by the NSA... a shadowy government agency which has been known to actively compromise security and spy on citizens. We recommend that our clients move to a less secure OS so that their systems can be spied upon and their security compromised. --Brett Glass P.S. -- For more on NIAP, see www.niap-ccevs.org. Note that this site will deposit multiple tracking cookies in your browser which you may want to delete after visiting it.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201309121953.NAA24598>