China's been working on one (http://blogs.zdnet.com/security/?p=3385). Looks to be based on FreeBSD.

Some downloads here. (http://dancefire.org/article/Kylin_Kernel_Mirror.html)

Comments?

It looks nice, and I would say more if I could find an ISO image in english. Looks a lot like Windoze UI though.

So basically they slapped a fancy pants UI onto FreeBSD? If you're going for secure OpenBSD or TrustedBSD would be the route to go.

Eh I forgot to add I have a US Government linux disc set kicking around here somewhere. Its outdated by now and I don't remember much beyond there were several install options including off site for those who wanted to use it somewhere other than the lab it was intended for. I do recall it wanting Kerberos information for the on site options. Even the old ones like the one I had from 2005 had mandatory access control at the kernel level. Basically all the US Gov't does is the same thing CentOS did, grab RHEL's source and modify it to fit their own needs. I don't know how prevelant they are anymore but they used to use a lot of Sun hardware with Solaris. I know the DTIC's fave icon still shows up as a Sun logo.

The government (NSA) version was SE-Linux (Security Enhanced). It was a freely redistributable version like most. http://www.ibm.com/developerworks/library/s-selinux/ (yeah there's still an nsa link for it also as google will blindingly point out), just thought an article from IBM looking at it from a 3rd party POV would be more interesting lol.

I agree though but am partial to liking BSD for it's better package manager (making life that much easier).

- John

Then of course there's the security through obscurity angle but that's mostly a joke not an actual practice.

So, let me get this story right. China has made a super-secret super-secure OS.

and.you.can.download.copies.off.the.intertubes.

Yeaaaahh, right. Anyone who believes that has never read their Sun Tzu.

"He who knows the artifice of diversion will be victorious."

Youi know, if you had an absolutely secure OS, there would be no purpose in hiding its existence, or even withholding the source code.

Remember the RSA contests? "Here's the cipher algorithm that we use; here's an encoded message; tell us what it says and $10,000 is yours." Sometimes I wish that Microsoft would have taken the same approach; "Figure out a way to compromise our security and we'll give you $100K for the information".

But your point is taken--it's probably a disinformation effort.

heh.. MS has released beta versions of their server product several times to have folks attack it. It was fairly an obvious PR stunt if folks didn't have enough time to exploit it. Otherwise it's also some of the best free contract work one could get (for free). Now about the only thing they've done is put bounties out for worm writers that made them look pretty bad from the massive outbreaks. That's about the only money you might get :-)