[quote=moneymaker]Never said it was anything new, just that most people don’t know it. The NSA can still spoof a MAC address and spy on somebody that way. Just interesting to me that Microsoft was so slow to join the EV thing. Also I hear that Apple is pretty darn secure. I have not had any issues but I did not realize how vulnerable one can be on a non secure site until now.[/quote]Even spoofing a MAC will not get you past the cert check on SSL. If you read my references, you will notice that the EV things is basically BS. BTW Apple is not that secure, though their recent phones have fixed previous problems. OSX still has some security problems, and they are not that proactive on fixing their browser – there are some known 0-days on Safari.
BTW, there is hardened versions of Linux, SELinux, which is now incorporated into the main kernel thread. SELinux was mod’d on recommendation of NSA. https://www.nsa.gov/research/selinux/ This was not done to allow them to get in, the NSA needed a secure OS for themselves and MSFT nor Apple were stepping up. The NSA lost SGIs Trusted IRIX (which I used to work with) with SGIs implosion, Suns had questionable security – could barely hold onto their C3 cert. Trusted IRIX was B-1. This eval was along the old style inspect – test according to the Rainbow-Series publications and not the ‘newer’ EAL-CAPs.
