Ubuntu is a safe operating system. What did you already know? Many of us already knew it, but today February 26 Canonical has had the pleasure of informing that they have received the EAL2 certification Common Criteria (CC), an international standard (ISO / IEC IS 15408) for computer security. The test was done on a zero installation of Ubuntu 16.04.4 LTS, a Long Term Support version that will be officially available in April for three years.
EAL2 ensures that a product satisfies a group of security requirements. Specifically, these security requirements focused on the security objective published on June 27, 2018. The test was performed CSEC, a Swedish security firm. The consultation for the evaluation was conducted by ATSEC Information Security, a laboratory accredited by the United States government and BSI. The certification report is available at this link.
EAL2 confirms what many of us already knew
EAL2, the recent certification obtained by Canonical, is recognized in 30 countries who are members of the CCRA. This certification is required for government use and for financial institutions and organizations that manage sensitive data. For example, we could say that the clouds managed with Ubuntu are safe to store our photos, calendars, contacts, etc., officially, according to this certificate.
To obtain this Common Criteria certificate is need to have a group of programs and hardware used for certification. After a clean install of Ubuntu 16.04.4 following the instructions in the setup guide, additional software runs to put the system in EAL2 configuration, including Ubuntu FIPS packages that offer stronger encryption.
Thus, for many this news does not tell us anything new. Ubuntu is the most popular Linux distribution and it is because of its support, performance, ease of use and security. But it is not bad that the last point is officially recognized.