|
|
Windows 7 security courtesy of the NSA
Author: Gareth HalfacreePublished: 19th November 2009
With Microsoft working closely with the NSA, Windows 7 should prove the most secure version of the OS yet.
As reported over on the NPR News Blog - via Maximum PC - the NSA - the secretive security organisation which often finds itself the subject of spy thrillers and conspiracy theories alike - has coughed to its work with Microsoft which saw the NSA "leverag[ing] our unique expertise and operational knowledge of system threats and vulnerabilities to enhance Microsoft's operating system security guide without constraining the user's ability to perform their everyday tasks," according to Richard Schaeffer, the NSA's information assurance director.
Although this isn't the first time the NSA has poked around at an operating system in order to improve security for all - the organisation is also responsible for the Security Enhanced Linux system which finds use in most modern distributions - but this marks the one of the first times that its Information Assurance division has had the chance to do so "in coordination with the product release, not months or years later in the product cycle."
This partnership with Microsoft isn't new - the NSA also helped out with security functionality for Vista and XP, and works with other vendors including Apple and RedHat to keep their systems safe - but demonstrates the importance of security to a modern operating system, to the point where an organisation tasked with keeping a nation safe will voluntarily get involved.
Of course, while improved security is always a good thing, there will be those who see the partnership as a problem: with one of the NSA's remits being to monitor electronic communications, it's easy to get carried away with theories of backdoors hidden in the system and deliberate holes punched in cryptography implementations. Whether the public admission of the NSA's hand in Windows 7's development will help or hinder sales of the OS remains to be seen.
Are you pleased to see the NSA taking a proactive approach to protecting the US's electronic infrastructure, or does it have you reaching for the tinfoil hat while wishing the spooks would keep their hands off your OS? Share your thoughts over in the forums.
Related
Comments (60)- Site Links:
- About
- Email Editor
- Newsletter
- Privacy
- RSS
- Score Guide
- Our Other Websites:
- Auto Express
- Channel Pro
- Computer Buyer
- Computer Shopper
- Den of Geek
All content © bit-tech.net 2000-2010
© Copyright Dennis Publishing Limited licensed by Felden
(Grabs tinfoil tracksuit)
http://mundy.typepad.com/photos/uncategorized/2008/03/30/ceiling_cat.jpg
leave all passwords set to default.
leave all ports open on servers.
leave unencrypted data on laptops in public places.
leave unencrypted data on flash drives in public places.
apologise when data gets hacked/leaked.
acording to what you said they are not gettign hacked someone is just logging on is that really hacking?
i dont think so and even when they encrypt it you can still unencrypt it if you have enough time
Come comrades, together we can defeat these capitalist pigs!!
*Knock knock* "FBI!"
Something everyone seems to forget - The vast majority of us aren't interesting enough to be watched by other non-government people, why would the government be willing to watch you? Pretty sure they can live without knowing which folder your porn's hidden in.</antitinfoil>
or something similar...
:|
Every email you send and Google search you do is sent through the NSA, I thought everyone knew that.
Tinfoil hat is saying that is not happening.
C:/users/proxess/Desktop/
Linux:
/home/proxess/Desktop/
Go ahead, come take my porn!
how do they explain that.. strait out the box a puppetmaster can already take full control like in xp (be it spoof or getting a toolbag to run a codec so he can watch riding miss daisy) and it's been demonstrated already, programs running with full permissions without any blip on the uac
so whatever they're doing, they already fing failed XD
Clone it first then you can start cracking the clones...
I do seem to remember a couple years ago people going to jail for attempting access to a U.S. gov site, due to the fact that the site was for authorized personnel only; and therefore constituted "trying to gain access to an un-authorized website"; deemed hacking.
The laws have probably changed since then, and if I am remembering correctly the site in question was not meant to open to the internet, but was somehow still on the internet if you accessed it directly via ip.
And if anyone it's interested, C:?.../my documents/temp/ On the desktop and D:/chris/ on the fileserver ;)
I just hold my other hand infront of the webcam! or wear a Bill Oddy mask!
But no one uses that one, so it was a bit of a waste really. Read the rest of the article next time as it also goes on to say they've worked with many companies including Microsoft for many years.
No one told Barclays (who use Red Hat).
No one told Bank of America (who use Red Hat).
No one told the New York Stock Exchange (who use Red Hat).
etc. etc.
Once again you've been caught out shooting your mouth off over things you don't understand.
Considering, if you read the article, it says the NSA helped with Windows XP and Vista, then you're f*cked either way.
This discussion is silly IMO..
Followed by
clean up the mess
claim it all caused billions in damages
find a scapegoat to take the fall
hide incompetence so scapegoat takes the blame for all past mistakes and lack of planning, security and investment
Well, if its in the US anyway.
Wow what a lot of pent up rage you have there over anyone who dares prefer MS over Linux. Tell you what - next time you think of posting, say to yourself "It's only a piece of software" 20 times and then consider it again.
Don't tell me what to do. Why don't YOU stick your head up your a_s_s and say to yourself "it's only a forum" 21 times. Back at you.
After being forced to use Fedora at uni I have to say I can only recommend not touching it to anyone who wants to listen. There are a couple of great *NIX distros out there but, at least for me, Red Hat/Fedora isn't one of them.
Once again? You are making yourself look the fool since everytime you open your mouth, the next post corrects your sweeping bias statement completely. Come and put some money into the deep pockets at Microsoft and buy a real OS instead and that freebee "MINORITY" crap you love so much. Just like every other smarter and happier Microsoft customer on the planet. ;-D
"I disapprove of what you say, but I will defend to the death your right to say it"
Evelyn Beatrice Hall
Unfortunately it is not the jobs of the staff or the moderators to make sure every single bit of information that someone posts is correct, that's unreasonable and while I agree people shouldn't be able to just go rampant and slag off what they hate without good reason or about stuff they know nothing about there's no stopping it unfortunately, there's nothing wrong with defending what you love against lies but you went about it in the wrong way, that argument is only gonna turn into a big fight ending with you two getting the banhammer. Personally I would like to punch him in the face but you need to hold back, calm down and represent the Linux community that have turned to the good side ;)
Quote which lies have been stated and while your at it quote your reason to start the pissing contest in the first place. Don't start crying now you've been shut up.
For those of you who seem to think having an outside authority help look at the security problems that Windows has, let's do a hypothetical...
Let's ASSUME that in the past, all Windows distro's have been done only in house at Microsoft. Now one company knows how the OS works inside and out, the good and the bad, the strenghts and the weaknesses. What stops Microsoft (or a rogue employee for that matter) from leaving in place, a security flaw/backdoor/trojan/what-have-you and using that whenever the US Gov't or some other gov't applies pressure, money, or both to Microsoft and says "Let me in"?
I believe that the announcement that the NSA has consulted on the security portions of the Windows OS does very little in making it more or less secure to those who are worred about the government getting in. However, I also think that it does make it more secure from independent hackers, script kiddies, and other such parties.
OK, since this is a Windows 7 based topic. Let's base my comment in relation to Microsoft based OS. You are completely naive to think that the world bases it's servers in the majority favour of Linux based operating systems. Don't embarrass yourself trying to convince anyone that the majority of the world uses Linux because the numbers DO NOT LIE! Therefore, to highlight my original comment that it is a "MINORITY" OS is correct. Maybe, if you changed the tone of your original post here and in other topics to sound less derogatory towards Microsoft, for no reason other than the fact you don't like Microsoft then just maybe, you won't get me or anyone else challenging you. If you can't handle the argument then don't start it. Don't start crying because you can't leave an anti-Microsoft comment in a Microsoft based topic without being challenged
To be honest, I come across people like this all the time: you simply can't be arsed to take the time to get the facts straight and, instead, just 'get the FUD' and tow the MS line. I can't believe you actually thought SE Linux was a distro in itself. You clearly have no idea about linux but you're quite happy to pass judgement on it. Like your username says, you are a crazy man.
EDIT
Sorry Nexxo
Again you bring nothing to this topic of any interest. Again you cloud your own prejudice and again bad mouth me and anyone else who questions your prejudice. Why do you continue to talk nonesense about Linux in a Windows based topic. I would understand it if the topic base was Linux but it isn't and still you infect every topic about Windows with your bias Linux views.
Go and play in the "MINORITY" topics pal!
You are boring me. Just get out of my face, minion.
+1
When reason fails, time for the banhammer!
The real NSA isn't like that. The place is filled with mathematicians, code breakers, data analysts, and computer folks. There is no "field ops" people. No Jack Bauer like characters. They don't send people out to hunt you down directly.
They are signals intelligence. All they do is listen, gather data, and try to understand how all the data they gather relates to a situation...Then pass it on to whoever can deploy people. (CIA if outside of USA, FBI if inside of USA, etc). They are the folks that quietly sit there and listen. If you don't do something that raises a flag on their systems, then you shouldn't be worried.
(2) SELinux is a solution developed from the NSA. The objective was to create a mandatory access control (MAC) framework for low cost, off the shelf OS that is Linux. They released the source code in 2000, and it was incorporated into the mainline Kernel in 2003. (it went through a number of eyes before it was accepted).
The following has support or already implements SELinux by default.
=> Red Hat (from version 4 onwards)
=> CentOS (from version 4 onwards)
=> Fedora (from Fedore Core 2 onwards)
=> EnGarde Secure Linux (since 2005)
=> Ubuntu (supported since version 8.04 onwards)
=> Debian (supported since version 4 onwards)
=> Hardened Gentoo
=> Yellow Dog Linux
=> OpenSUSE (basic support only. Since version 11.1)
Bare in mind, SELinux isn't not the be-all or end-all. It doesn't not offer memory protection mechanisms. This is where Exec Shield or PaX come into it.
Windows's attempt at MAC is called Mandatory Integrity Control. It was introduced in Vista and 2008 Server. IE's Protected Mode uses this mechanism to run in a least privileged mode...Again, MIC is not the be-all...It is vulnerable to squatting attacks. eg: Allows one to potentially disable background protection service of AV solutions.
(3) The NSA only assist in Windows where they took part in creating guides and policies in order to better secure US Govt computers. They didn't directly contribute code to Microsoft. They also create guides for Linux systems. (As the US Govt have a number of solutions using Linux in their collection).
Think about it: If NSA really went through MS's code, you'd think the recently discovered SMB2 bug that crashes Windows 7 would be there?
If you're that scared, don't use Windows. Maybe you'll benefit in other ways in the long term. :)
+1 to aussiebear ^ is about the way it is. I see someone does their homework.;)
Getting back on topic finally. Do we know of any other security agencies who have helped operating system developers? How many other government agencies have left their fingerprints/backdoors?
I'd go further and recommend not only avoiding windows, but using OpenBSD if you're serious about security. You trade off some functionality though, eg. you don't get anything near Linux's 40+ different file systems support.
Shame really since it has no relevence to the topic in question.
Obviously that's a rhetorical question..
Getting back on topic finally again. Do we know of any other security agencies who have helped operating system developers? How many other government agencies have left their fingerprints/backdoors?
Amen to that.
Shurrup or ill put a sock in you both.
I didn't say your mouths either...
/puts on rubber gloves and pulls a pair of used, red football socks from the dirty washing basket.
Windows 7 security courtesy of the NSA
That is the topic. Stick on it, or ill keep removing posts.
http://i42.photobucket.com/albums/e314/Nexxo00/Thread-Offtopic-Jules.jpg
That said, I think that as well applies to this case.
Also, the guys above are both stupid. From the one hand, the Windows guy is biased as hell. The term Minority for both the GNU/Linux and Mac OS X community is at least rude. I happen to be on both and I find myself, as the minority, working better on both this OS's. I however was frustrated by the amount of maintenance did Windows need to do basic tasks. That doesn't apply on you so good for you, but bashing the preferences and ideals (in general) of others is really irritating, your also being submissive on the other making your self more fool than ever. On the other hand, the Red Hat guy is trying to something right but then fails bad only because he falls to the other guys level and is also being submissive. The SE is really not for desktop users but rather for extreme security purposes and as such it restricts the average users moves. As such, putting a SE on Windows wouldn't be beneficial and also creates a risk of NSA looking over at your logs.
Thanks
The reason I'm asking if any other agencies have helped OS developers is based on the fear of any british government department being involved. They've shown bad form here by being completely incapable of safe storage of their own data including our personal details on too many occassions recently. If they can loose our date, they can also loose the code they helped the developers with.
Is this the kind of help they should be asking for?