Message-ID: <CAGx1TMCwQb-H3CEqBYUbZpzFEKpH5528O84ucYN-faG+DyL7Ww@mail.gmail.com>
Date: 2012-05-09T18:10:15Z
From: Richard M. Heiberger
Subject: registry vulnerabilities in R
In-Reply-To: <4FA9376F.5050106@alum.mit.edu>
I spoke to someone in the military who did some investigation.
This is his response
>> 1. I'm sorry that I don't have anything good to report. The military is
>> cautious with it's networks and I'm no longer able to use R at work. I
>> don't know anything about this registry issue but the show stopper for me
>> even trying to get R on the military network is CRAN. All that r-project
>> checks on contributed applications is if they load (or compile as
>> necessary)
>> cross-platform. I could make an argument for the security of the Core
>> functionality of R but not for the contributed packages.
On 5/8/12, Paul Martin <pamartin at alum.mit.edu> wrote:
>
> Kirtland Air Force Base has denied approval for the use of R on its
> Windows network. Some of their objections seem a bit strange, but some
> appear to be legitimate. In particular, they have detected registry
> "vulnerabilities"
> which are detailed in the attachment.
> I know nothing about Windows registry vulnerabilities. If any of these
> issues are
> legitimate concerns, I would like to see them fixed for everyone's
> benefit.
> I would
> appreciate a referral to the appropriate forum for this information. I
> am
> willing
> to assist in getting questions answered and gathering additional
> information.
> Thank you,
> Paul Martin
> Air Force Research Laboratory
> Kirtland Air Force Base
> Albuquerque, New Mexico
>