NSA Is Giving Microsoft Some Help On Windows 7 Security
November 18th, 2009Other software makers have turned to government agencies for security advice, including Apple, which makes the Mac OS X operating system. “We work with a number of U.S. government agencies on Mac OS X security and collaborated with the NSA on the Mac OS X security configuration guide,” said Apple spokesman Anuj Nayar in an e-mail.
Novell, which sells a Linux-based operating system, also works with government agencies on software security issues, spokesman Bruce Lowry said in an e-mail, “but we’re not in a position to go into specifics of the who, what, when types of questions.”
—Microsoft Vista Developed with Help from U.S. National Security Agency
Via: NPR:
The National Security Agency has been working with Microsoft Corp. to help improve security measures for its new Windows 7 operating system, a senior NSA official said on Tuesday.
The confirmation of the NSA’s role, which began during the development of the software, is a sign of the agency’s deepening involvement with the private sector when it comes to building defenses against cyberattacks.
“Working in partnership with Microsoft and (the Department of Defense), NSA leveraged our unique expertise and operational knowledge of system threats and vulnerabilities to enhance Microsoft’s operating system security guide without constraining the user’s ability to perform their everyday tasks,” Richard Schaeffer, the NSA’s Information Assurance Director, told the Senate Judiciary Committee in a statement prepared for a hearing held this morning in Washington. “All this was done in coordination with the product release, not months or years later in the product cycle.”
The partnership between the NSA and Microsoft is not new.
In 2007, NSA officials acknowledged working with Microsoft during the development of Windows Vista to help boost its defenses against computer viruses, worms and other attacks. In fact, the cooperation dates back to at least 2005, when the NSA and other government agencies worked with Microsoft on its Windows XP system and other programs.
The NSA, which is best known for its electronic eavesdropping operations, is charged with protecting the nation’s national security computing infrastructure from online assaults.
As these systems become increasingly dependent on private-sector computing products, the NSA has reached out to a growing number of software companies.
“More and more, we find that protecting national security systems demands teaming with public and private institutions to raise the information assurance level of products and services more broadly,” Schaeffer said.
Schaeffer said that the NSA is also working to engage other companies, including Apple, Sun, and RedHat, on security standards for their products. The agency also works with computer security firms such as Symantec, McAfee, and Intel.
A growing array of law enforcement authorities, intelligence officials, and private computer experts has been warning about the rising threat of cyberattacks.
“The FBI considers the cyber threat against our nation to be one of the greatest concerns of the 21st century,” Steven Chabinksy, the deputy assistant director of the FBI’s cyber division, told the same congressional committee.
The Obama administration has been under pressure to name a cybersecurity chief to reinvigorate the government’s efforts to protect its most sensitive computer networks. Some press reports suggest that appointment could come as early as next week.
so i have at least *one* saving grace in running a win 9X machine.
this stuff hurts my head -even if it is *over* my head…
i gave up a long time ago thinking i’d ever have a clean system, but i came to running this 9X system… and then tried to load 2000 on it but the bios balked at not being APCI compliant (no biggie, power management is no loss -and hitting F7 would’ve let it continue on to install anyway). i then didn’t bother to go ahead and update the bios and have remained with 9X… glad now, now that i think about it.
but yeah, the background to all this hit me a coupla years back:
http://zuma.vip.warped.com/impass.htm#nsa
Why would the USA gift the world working cryptography?
Much better to sell them Engima or Crypto AG?
Perfect at the time and perfect in real time.
Learn Linux, learn to destroy your HD or SSDs.
Know using a networked computer is like making an international phone call in the 1980’s Eastern bloc.
Someone is always listening.
Is Apple any better? All I feel is a few more people have seen the open source structure.
Another aspect is to get US gov clearance, you have to work with the NSA to sell to the gov.
The USA likes it both ways, secure at home, easy around the world. They push MS on any trade partner. They like MS for the troops. “I move the cute icon and the horizon lights up”
You know, I like the NSA. They’re a bunch of good folks. At least, they haven’t knocked down my door and dragged me out in the middle of the night …. Well, not yet.
I already trust that they’ve seen enough about me to know who I am, what I had for breakfast, and has a more accurate list of who I’ve slept with than I can remember.
Microsoft, on the other hand, I don’t trust them.
I don’t imagine the “Microsoft COFEE” wasn’t done without the express permission of the NSA. Hell, it’s exactly what the NSA needs. Who needs to crack security, when it can be built into the OS to hand everything over on request. BTW, for those who haven’t heard about, COFEE is Microsoft’s “Computer Online Forensic Evidence Extractor” tool. It’s for the exclusive use of law enforcement. Google it if you want to know more. 🙂
@JWSmythe,
should we be trusting of Google either (i ask rhetorically.
***
…frankly, as far as this whole NSA and computers subject goes, i do expect some day all the backdoors and whatnot they’ll need will be right on the motherboards somehow, like say hardcoded into the processor…