NSA Is Giving Microsoft Some Help On Windows 7 Security

NSA Is Giving Microsoft Some Help On Windows 7 Security

www.npr.org

"Working in partnership with Microsoft and (the Department of Defense), NSA leveraged our unique expertise and operational knowledge of system threats and vulnerabilities to enhance Microsoft's operating system security guide without constraining the user's ability to perform their everyday tasks," Richard Schaeffer, the NSA's Information Assurance Director, told the Senate Judiciary Committee in a statement prepared for a hearing held this morning in Washington. "All this was done in coordination with the product release, not months or years later in the product cycle."

(visit the link for the full news article)


Related News Links:
judiciary.senate.gov
judiciary.senate.gov

Related AboveTopSecret.com Discussion Threads:
Check if NSA warrantless surveillance is looking at your IP traffic
The Echelon System. Proof.
NSA open ports in Vista to Spy on you

The NSA has been working with Microsoft for a very long time.

It has long been rumored that Echelon was built in as a backdoor into Microsoft Windows systems at the bequest of the NSA since Windows 95.

However, this is yet one more nail in the coffin to add fuel to the fire that the NSA has a backdoor to conduct warrantless surveillance of domestic citizens.

Granted, I use the NSA's SE-Linux but as it is Open-Source it is under Peer-Review, and if you are paranoid, you can view the Source Code to look for backdoors.

And, granted the NSA has a vested interest in the security of Microsoft Windows systems as many US DoD/Military Systems utilize Windows, including our Nuclear Submarine fleet, believe it or not!

However, it doesn't mean that such doesn't cast light or doubt on this partnership.

If something is coded and embedded into the very Operating System at the Hardware Abstraction Layer then there is no way to detect it or circumvent it either.

It definitely generates more questions than it does answers.

www.npr.org
(visit the link for the full news article)

great just great
i got myself a copy of windows 7 and now i regret it
NSA????

Don't worry MA, anything that's in Windows 7 has been there as long as you have been using windows. Windows 7 is worth it, at least it runs well.

reply to post by damwel


oh that's not true bro
firstly considering the partnerships between MS and holywood
Hollywood forced Microsoft to display not so good image quality of hollywood movies and with ALOT of blu-ray restrictions in image quality.

using VLC instead of wmp helps but only so much

That does it... I think I'm going over to Mac now. But then again, I'm sure they are into Mac systems too...

Maybe taking us back to the dark ages wouldn't be such a bad thing...

Still on windows XP at office, but linux at home(not very friendly to me)

NSA damn the Gov. has their claws in everything!

I still get a kick out of the MAC commercial: www.youtube.com...

reply to post by fraterormus


Didn't gary mckinnon say he hacked windows machines, when he saw the ufo data and photos?

This sounds familiar. Anybody ever read Digital Fortress? I think the source code for windows seven is millions of lines long (but that is just speculation, I usually don't do that). Who has the spare time to review all those lines in detail and look for back-doors?

Thats like asking a mosquito to help prevent malaria. Line2

I have never had a reason to believe that any of my electronic communication devices were free from the prying eyes and ears of the government. It would not concern me in the least if NSA had a built in backdoor to my computer with windows 7. Do you want security? Communicate using everyday language that has a different meaning for you and the recipient or use apparent meaningless riddles.

[edit on 18-11-2009 by tamusan]

Again with the "OMG Windows has a back doors". Man this myth just won;t die. If it's any consolation, the way things are going, it might just be true in a few years, but not now. Unless someone wishes to enlighten me as to where these back doors are, and why are they not already being exploited by mountain dew drinking geeks who like nothing better than to poke holes in the Windows Operating System.

Pray tell, show me the door.

Members of this site should at least be somewhat concerned that the nations top signals intelligence agency is helping write the code of a massively distributed operating system. With the current Federal Laws the NSA can and may already have seeded personal computers around the country with spyware.

Tread carefully my friends.

The NSA to Store a YOTTABYTE of Your Phone Calls, Emails and Other Big Brothery Stuff

[edit on 18-11-2009 by projectvxn]

reply to post by projectvxn


The NSA has a vested interest in "helping" Microsoft secure their crap, as they seem rather inept at doing it themselves. No one can dispute that due to the fact that the vast majority of end user pcs run Windows, and Windows is the primary attack vector, combined with the distributed network potential of millions of vulnerable pcs around the globe, all with ever increasing amounts of network capacity, that the potential risk of exploitation is not a serious risk.

Botnets are real you know, and they can cause very real problems for both the end user and the wider internet. If people can't learn to take care of it themselves, the responsibility will ultimately fall back to the next in the chain of accountability, the vendor. Lets not forget, the entire IT community bemoans Windows for being insecure. Guess you just can't please some folk.



[edit on 19-11-2009 by quackers]

What the possibility of designing a linux OS that sits between the Router and the phone line, a traffic sniffer at the physical level, shouldn't the linux distro be able to see ALL data transferred through the OSI Topology? (Packets sent on all layers of network communication).....

HRMMMMMM Not happy jan!

reply to post by 5 oClock


The NSA has been working with Microsoft since at least Windows 2000

The National Security Agency (NSA) stepped in to help Microsoft develop a configuration of its next-generation operating system that would meet U.S. Department of Defense (DOD) requirements, said NSA Spokesman Ken White.

Vista

Check out this thread:
Microsoft and Military Weather Control

Don't tell me that everyone here in ATS thought that you weren't monitored at all ?


11-Apr-2005

They are coming

A couple of weeks ago, DID noted that Microsoft may be making a push for a larger share of the defense market in the area of interoperability and collaboration. It would appear that those predictions are beginning to come true.

Microsoft has just launched a public relations campaign to highlight the role of the company’s products in the military’s data-sharing and network-centric warfare operations. This push is apparently part of their determination to pursue new work in major military programs, including the $10 billion dollar Net-Centric Enterprise Services contract and $2 billion Space Operations Center Weapon System Integrator contract.

Microsoft officials are citing their spend of $28 billion on R&D in the past seven years, and plans to spend $40 billion on it in the next six years with an emphasis on interoperability. As part of that effort, they cite products that aid data sharing in five military systems. They are:

1. The Army’s Information Dissemination Management-Tactical (IDM-T) software, which lets commanders and soldiers easily find information in 11 applications that provides warfighting data such as intelligence, weather updates and information about artillery stocks.
2. The Army’s Deployed Theater Accountability Software
3. The Navy-Marine Corps Mobilization Processing System
4. The Air Force’s Single Integrated Space Picture system; and
5. The Air Force’s Synchronized Air Power Management (SAPM) system

The $10 billion Net-Centric Enterprise Services initiative will give warfighters access to military and intelligence networks by customizing searches and combining intelligence, surveillance and reconnaissance data to target and attack enemies.

The Air Force’s $2 billion Air and Space Operations Center Weapon System Integrator contract will manage and update the hardware and software at 17 air and space operations centers worldwide.

www.defenseindustrydaily.com...

Microsoft to include NSA backdoor algorithm in Windows Vista SP1

Posted Tue, Dec 18 2007 12:50 AM by Autonomist0
Various tech bloggers are reporting that Microsoft will include the NSA-recommended random algorithm suspected of containing a backdoor vulnerability in the upcoming Windows Vista service pack. According to Microsoft, the "Dual Elliptical Curve (Dual EC) PRNG from SP 800-90 is also available for customers who prefer to use it," so this algorithm is an option, not the default. Why would Microsoft intentionally include an inefficient and unsecure algorithm? Very likely, because it will eventually be required in governments contracts.

It is hard to blame Microsoft for not wanting to lose government contracts, or to alienate customers who depend on them. The real danger is the (inevitable?) attempts by the state to force this algorithm on everyone else, including requirements that make it mandatory for government contracts, and thus attempt to influence the default configuration by virtue of the state's dominant market share.

Link

Microsoft Offers Secure Windows … But Only to the Government

It’s the most secure distribution version of Windows XP ever produced by Microsoft: More than 600 settings are locked down tight, and critical security patches can be installed in an average of 72 hours instead of 57 days. The only problem is, you have to join the Air Force to get it.

The Air Force persuaded Microsoft CEO Steve Ballmer to provide it with a secure Windows configuration that saved the service about $100 million in contract costs and countless hours of maintenance. At a congressional hearing this week on cybersecurity, Alan Paller, research director of the Sans Institute, shared the story as a template for how the government could use its massive purchasing power to get companies to produce more secure products. And those could eventually be available to the rest of us.

Security experts have been arguing for this “trickle-down” model for years. But rather than wield its buying power for the greater good, the government has long wimped out and taken whatever vendors served them. If the Air Force case is a good judge, however, things might be changing.

Threat Level spoke with former CIO of the Air Force, John Gilligan, to get the details.

Gilligan, who served as CIO of the Air Force from 2001 to 2005 and now runs a consulting firm, said it all began in 2003 after the NSA conducted penetration tests on the Air Force network as part of its regular testing of Pentagon cybersecurity.

NSA pen-testers made Swiss cheese of the network, and found that more than two-thirds of their intrusions were possible because of poorly configured software that created vulnerabilities. In some cases, the culprit was an operating system or application that came bloated with unsecured features that were never re-configured securely by Air Force administrators. In other cases, systems that were configured securely became vulnerable later (for instance, when a system crashed and original software was re-installed without patches that had been on the system before the crash).

“It was really an easy target,” Gilligan says. “All the NSA had to do was scan the network.”

www.wired.com...

I like swiss cheese :-)

[edit on 19-11-2009 by tristar]

Originally posted by damwel
Don't worry MA, anything that's in Windows 7 has been there as long as you have been using windows. Windows 7 is worth it, at least it runs well.

for 3 months it ran somewhat decent enough.. now it runs crappier than Vista sigh

[edit on 19-11-2009 by reasonable]