ASW 1.0 is obviously what you were using on the LT. ASW 1.0 was shipped with
Dragon’s NaturallySpeaking 1.0 and 2.0. As you saw, even though it told you
“below average,” recognition and performance were fine.

The categories assigned to various ranges of speech-to-noise ratios in ASW 1.0 were
arbitrary—and, as Dragon saw, readings that gave perfectly fine performance but were
labeled “below average” caused a good deal of unnecessary concern and stress for

In NaturallySpeaking 3.0, including standard, preferred and professional versions,
Dragon includes ASW 2.0. The results it shows are not as alarming to users.

It seems that Dragon’s engineers were a bit too conservative with respect to the
capabilities of their product—a rare and admirable event in the software world.

For unknown reasons, MetroBook is still bundling NaturallySpeaking 1.0 with its
notebooks. But an upgrade to Version 3.0 is available for $19 from Dragon, or 1stVoice
will do it at no charge with a notebook purchase.

NaturallySpeaking 3.0 offers significant improvements in recognition accuracy. This is
becoming a mature product very quickly. But the trade-off is that it really needs 96M of
RAM to run well in Microsoft Word 97 or Corel Corp. WordPerfect 8.

David Schorr
Palo Alto, Calif.

We were pleased to see your coverage of the National Information Systems Security
Conference and the signing of the Mutual Recognition Arrangement in the article,
“U.S., four nations agree on security evaluation criteria” [GCN, Oct. 12, Page 1]. However, we need to clarify some
statements in the article.

In reporting the relationship between Federal Information Processing Standard 140-1,
the Orange Book and the Common Criteria (CC), the article stated that the new
international agreement covering the evaluation of computer security products and systems
will ultimately replace FIPS 140-1 and the Orange Book. This is not correct, and we think
it may mislead your readers.

The MRA, the CC, FIPS 140-1 and the Orange Book are different things entirely. FIPS
140-1 and the Orange Book are specific sets of technical security requirements, while the
CC is a more general standard—a language if you will—used to derive and specify
the security properties of products or systems. The MRA is an international arrangement to
provide mutual recognition of CC-based tests among participating countries.

Contrary to the implications in the GCN story, there is no plan for either the CC or
the MRA to replace either FIPS 140-1 or the Orange Book. Indeed, FIPS 140-1 is currently
undergoing its five-year review, with completion expected in December 1999.

For readers who would like a better understanding, we have included more precise
descriptions of the various programs and their terminology as well as the National
Institute of Standards and Technology and National Security Agency plans at the following
Web sites:

Stuart Katzke
Chief, Computer Security Division
Gaithersburg, Md.

Louis Giles
Chief, information assurance partnerships, evaluations and knowledge management
NSA Information Systems Security Organization
Fort Meade, Md.


Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.