Re: Win NT security

[Andrew Lowenstern <andrew_loewenstern@il.us.swissbank.com>]

>  How is Novell more secure or securable than NT? Comparing an OS to
>  a networking system, strikes me as unproductive; people run Novell
>  on servers, not desktops. NT can run a 32 bit API on several 64
>  bit flavors of hardware, it is multitasking and multithreaded...
>  comparing it to Novell is apples and oranges.

actually, NetWare has a 32-bit API, runs on 64-bit hardware (maybe, they have  
a SPARC version and may have a PA version, but I haven't kept up), is  
multitasking and multithreaded.  Most people don't think of NetWare as a Real  
OS(*tm), but it is QUITE robust.  You could put it on someones desk, but it  
doesn't run windows.  The main reason it's primarily a server OS is because  
Novell markets it that way.

What is really cool about NetWare that has more cypherpunks relavance than  
most of this thread is that it has built-in support for single point network  
logins via RSA authenticated certificates (the inital password exchange is  
encrypted with RSA as well).  This has been a feature for about 2 years now  
and is, as far as I know, the only major operating system that has native  
support (at all levels of the OS - not a Unix with kerberos thrown in) for  
such a thing out of the box.  NetWare has a much more sophisticated security  
system than any Unix I've seen or heard about.

My only complaint against Novell here is they think details about the  
security system are a big secret (such as RSA key lengths and the specific  
PRNG and hashing algorithms used).  Pretty typical corporate mentality at  
work...  While they may use RSA, it is my understanding that Novell in the  
past has used weak home-grown hashing and encryption algorithms for password  
storage.


andrew