Search results

Reports on the evaluation of a set of commercial PC‐security products. Argues how, and why, this analysis differs from the kind of security evaluation described in the IT security evaluation criteria published recently by some national security agencies. Draws on an in‐depth examination down to the hardware level, based on the actual executable code and covers even attack scenarios where the attacker can manipulate the hardware of the PC. Summarizes the major findings, pointing out some frequent design faults in PC‐security systems.