Comment Re:Lessons to be learned: (Score 1) 230
This group has some misconceptions about the FIPS 140 process. First, they rightly point out that the level 4 cert on the IBM 4758 does not cover the CCA software, and then they go on to talk about how a bug in this (admittedly, non-evaluated software) shows the weakness of FIPS 140-1.
What we were trying to say was that the FIPS process has a weakness in the real world - in that the statements it makes ("This is a really secure piece of hardware") are of limited practical use technically (because this type of hardware is meant to encapsulate a software product) and are of limited practical use to would be purchasers (because the salepeople stress the certification and fail to point out that this is only one part of the picture).
Don't lose sight of the point that the CCA software is shipped for free to 4758 users; it's not as if it's a completely separate thing.
Now, just to put all this 4758 bashing into perspective: The IBM 4758 is an amazingly secure cryptographic module.
I totally agree. But remember that "security" is a property of systems and is not an entirely useful adjective to apply to components.
What we were trying to say was that the FIPS process has a weakness in the real world - in that the statements it makes ("This is a really secure piece of hardware") are of limited practical use technically (because this type of hardware is meant to encapsulate a software product) and are of limited practical use to would be purchasers (because the salepeople stress the certification and fail to point out that this is only one part of the picture).
Don't lose sight of the point that the CCA software is shipped for free to 4758 users; it's not as if it's a completely separate thing.
Now, just to put all this 4758 bashing into perspective: The IBM 4758 is an amazingly secure cryptographic module.
I totally agree. But remember that "security" is a property of systems and is not an entirely useful adjective to apply to components.
