From owner-freebsd-security@FreeBSD.ORG  Thu Sep 12 19:54:03 2013
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 29D7EF7;
 Thu, 12 Sep 2013 19:54:03 +0000 (UTC)
 (envelope-from brett@lariat.org)
Received: from mail.lariat.net (mail.lariat.net [66.62.230.51])
 by mx1.freebsd.org (Postfix) with ESMTP id C48E322BF;
 Thu, 12 Sep 2013 19:54:02 +0000 (UTC)
Received: from Toshi.lariat.org (IDENT:ppp1000.lariat.net@localhost
 [127.0.0.1]) by mail.lariat.net (8.9.3/8.9.3) with ESMTP id NAA24598;
 Thu, 12 Sep 2013 13:53:57 -0600 (MDT)
Message-Id: <201309121953.NAA24598@mail.lariat.net>
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Thu, 12 Sep 2013 13:53:52 -0600
To: Jonathon Wright <jonathon.s.wright@gmail.com>,
 Julian Elischer <julian@freebsd.org>
From: Brett Glass <brett@lariat.org>
Subject: Re: FreeBSD Transient Memory problem?
In-Reply-To: <CAGX1DMYAheUAV_eB4Z4R_YaMDx_LzrepEag5KyBC=EOxzhUiMQ@mail.g
 mail.com>
References: <CAGX1DMbQP=TggYQm-3hra0Od3gjgz5xQ8bEMMrueuhL6kuZMUA@mail.gmail.com>
 <20130912053559.GF68682@funkthat.com>
 <979901F9-5F25-4DF1-95A8-32473C55B25F@gmail.com>
 <52320144.2090807@freebsd.org>
 <CAGX1DMYAheUAV_eB4Z4R_YaMDx_LzrepEag5KyBC=EOxzhUiMQ@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org>,
 John-Mark Gurney <jmg@funkthat.com>
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Sep 2013 19:54:03 -0000

At 01:33 PM 9/12/2013, Jonathon Wright wrote:

>*Description of Finding:* Object reuse cannot be verified. The FreeBSD
>servers used have not been evaluated or certified by NIAP. As such, it
>cannot be verified that the operating system ensures transient memory
>cleansing (object reuse) features are in place.

Translation: The FreeBSD Project doesn't participate in, and hasn't paid
money to be certified by, a program run by the NSA... a shadowy government
agency which has been known to actively compromise security and spy on
citizens. We recommend that our clients move to a less secure OS so that their
systems can be spied upon and their security compromised.

--Brett Glass

P.S. -- For more on NIAP, see www.niap-ccevs.org. Note that this site will
deposit multiple tracking cookies in your browser which you may want to
delete after visiting it.