"Copycats? You're going to resort to name calling in an attempt to discredit actual success and reality?"
We were talking about trusted extensions. Basically every feature they had came from Orange Book. CMW's like Trusted Solaris were watered down versions of high-security products like GEMSOS, XTS-300/400, and Boeing SNS Server. They had more features and prettier interfaces due to lack of rigor in implementation. Tons of 0-days but checked the right boxes. That with COTS push by DOD killed off high-security while letting crap like Trusted Solaris proliferate. Preventable 0-days and covert channels still abound in Solaris and Linux. Its market share was an accident of policy and economics combined.
"Name another commercial UNIX operating system today"
"Apparently not as smart as quoting lots of facts not relevant to the given context (desktop operating system) and then dismissing decades of R&D and actual commercial success of Solaris in a snide manner."
That's a different discussion than we were having about whether Trusted Solaris invented or pioneered the security concepts Qubes is implementing. It didn't for key concepts and wasn't even on list of high-security stuff. The best in CMW model is probably Argus's tech baked into either Solaris or RHEL. The best in UNIX/Linux is stuff coming out of CompSci where prototypes make BSD's or Linux immune to most code injections and/or leaks. The best in commercial are separation kernels that run Linux or POSIX apps untrusted with security-critical stuff on dedicated runtimes w/ secure middleware. The ideal would be a combo of that with CompSci stuff.
Unfortunately, Trusted OS's w/ huge amounts of kernel code are a broken model that never worked. I mean, they were known to be broken when CMW's were introduced as a compromise to get insecurity-loving OS users to adopts some features of high-security. It was bait. Solaris's risky, 0-day-filled TCB might be better than RHEL's or another's 0-day-filled TCB but that's a weak comparison if one wants low vulnerability, eh?
Far as commercial success, I you would similarly count (original) Windows NT process isolation and security architecture as more secure than Trusted Solaris due to "decades of R&D" from Microsoft and Microsoft's "actual commercial success." Heck, one had millions to tens of millions while the other had billions. Yet, I realize that's marketing and lock-in in action rather than $$$ made = better security. Actually, more money and market share usually means less security. Sad fact.
"Enjoy your pyrrhic victory"
We didn't win: low quality and security with high-lockin abounds. Expanded with web app silos. If anything, the mainstream OS's are getting pyrrhic victories for themselves at long-term expense in technical debt and damage to users.
We were talking about trusted extensions. Basically every feature they had came from Orange Book. CMW's like Trusted Solaris were watered down versions of high-security products like GEMSOS, XTS-300/400, and Boeing SNS Server. They had more features and prettier interfaces due to lack of rigor in implementation. Tons of 0-days but checked the right boxes. That with COTS push by DOD killed off high-security while letting crap like Trusted Solaris proliferate. Preventable 0-days and covert channels still abound in Solaris and Linux. Its market share was an accident of policy and economics combined.
"Name another commercial UNIX operating system today"
"Apparently not as smart as quoting lots of facts not relevant to the given context (desktop operating system) and then dismissing decades of R&D and actual commercial success of Solaris in a snide manner."
That's a different discussion than we were having about whether Trusted Solaris invented or pioneered the security concepts Qubes is implementing. It didn't for key concepts and wasn't even on list of high-security stuff. The best in CMW model is probably Argus's tech baked into either Solaris or RHEL. The best in UNIX/Linux is stuff coming out of CompSci where prototypes make BSD's or Linux immune to most code injections and/or leaks. The best in commercial are separation kernels that run Linux or POSIX apps untrusted with security-critical stuff on dedicated runtimes w/ secure middleware. The ideal would be a combo of that with CompSci stuff.
Unfortunately, Trusted OS's w/ huge amounts of kernel code are a broken model that never worked. I mean, they were known to be broken when CMW's were introduced as a compromise to get insecurity-loving OS users to adopts some features of high-security. It was bait. Solaris's risky, 0-day-filled TCB might be better than RHEL's or another's 0-day-filled TCB but that's a weak comparison if one wants low vulnerability, eh?
Far as commercial success, I you would similarly count (original) Windows NT process isolation and security architecture as more secure than Trusted Solaris due to "decades of R&D" from Microsoft and Microsoft's "actual commercial success." Heck, one had millions to tens of millions while the other had billions. Yet, I realize that's marketing and lock-in in action rather than $$$ made = better security. Actually, more money and market share usually means less security. Sad fact.
"Enjoy your pyrrhic victory"
We didn't win: low quality and security with high-lockin abounds. Expanded with web app silos. If anything, the mainstream OS's are getting pyrrhic victories for themselves at long-term expense in technical debt and damage to users.