[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ISN] Australian Govt 'safe list' snubs Microsoft
By James Pearce
17 December 2002
Microsoft's products have been left off a list compiled by the Defence
Signals Directorate that aims to evaluate and advise whether software
is appropriate for use by Australian Government agencies.
The Defence Signals Directorate Evaluated Product List (DSD EPL)
provides a listing of products that have been deemed appropriate for
use within the Australian Government for the protection of
non-national security electronic information, according to the
"The reason that there are currently no Microsoft products on the EPL
is that no Microsoft products have gone through evaluation in
Australia," the DSD told ZDNet Australia in correspondence.
"However, the Microsoft Windows 2000 operating system has recently
completed evaluation under the equivalent US program, the Common
Criteria Evaluation and Validation Scheme (CCEVS)."
Windows 2000 Professional and Windows 2000 Server were passed by the
CCEVS on the 25 October this year. Australia, along with the US and
around 13 other countries, participates in the Common Criteria
Recognition Arrangement (CCRA), whose participants have agreed to
mutually recognise each other's product evaluations.
Government agencies were using Microsoft products years before any
were declared as safe by the DSD because the EPL is a recommendation,
rather than having regulatory force. According to the DSD, government
agencies have to comply with DSD guidelines only when using
cryptography to protect Commonwealth information, and must utilise a
DSD-approved firewall to protect connections between government and
The DSD said one reason why some products aren't on the list is the
high cost that can be incurred by developers attempting to have their
product listed. This certainly has a deterring effect on the
proponents of open source software, who are trying to convince all
levels of government to convert to open source.
"We're very keen on seeing local [Australian] government look more
seriously at adopting open source technology, but people said it's not
on the evaluated product list by the DSD," Con Zymaris, CEO of
Cybersource told ZDNet Australia . He said the only way to get an
open source system such as Linux on the EPL was to have a large
corporation decide it would be beneficial for them if the government
used Linux and therefore funded the research.
The issue of whether government agencies should use open source
software is a contentious one. The Initiative for Software Choice, a
US lobby-group backed by computing giants such as Microsoft, Intel and
Cisco Systems, is petitioning the US government to avoid open-source
It is worried about a recent report by independent IT research
corporation MITRE, which concluded, among other things, that removal
of open source software would remove the demonstrated ability of that
software to be updated rapidly in response to new types of
Zymaris believes there is a sea-change occurring in the government.
"In the past few months things seem to have become more positive," he
said. "There is a higher awareness rate, and the IT managers have a
more positive attitude [towards open source]."
"The government has particular ways and processes of doing things,"
added Zymaris. "We shouldn't say 'Hey! Change all that and do it our
way!', we should find the best way to work with them."
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@xxxxxxxxxxxxx with 'unsubscribe isn'
in the BODY of the mail.