Skip to comments.NSA Is Giving Microsoft Some Help On Windows 7 Security
Posted on 11/18/2009 8:33:06 AM PST by FromLori
The National Security Agency has been working with Microsoft Corp. to help improve security measures for its new Windows 7 operating system, a senior NSA official said on Tuesday.
The confirmation of the NSA's role, which began during the development of the software, is a sign of the agency's deepening involvement with the private sector when it comes to building defenses against cyberattacks.
"Working in partnership with Microsoft and (the Department of Defense), NSA leveraged our unique expertise and operational knowledge of system threats and vulnerabilities to enhance Microsoft's operating system security guide without constraining the user's ability to perform their everyday tasks," Richard Schaeffer, the NSA's Information Assurance Director, told the Senate Judiciary Committee in a statement prepared for a hearing held this morning in Washington. "All this was done in coordination with the product release, not months or years later in the product cycle."
The partnership between the NSA and Microsoft is not new.
In 2007, NSA officials acknowledged working with Microsoft during the development of Windows Vista to help boost its defenses against computer viruses, worms and other attacks. In fact, the cooperation dates back to at least 2005, when the NSA and other government agencies worked with Microsoft on its Windows XP system and other programs.
The NSA, which is best known for its electronic eavesdropping operations, is charged with protecting the nation's national security computing infrastructure from online assaults.
As these systems become increasingly dependent on private-sector computing products, the NSA has reached out to a growing number of software companies.
"More and more, we find that protecting national security systems demands teaming with public and private institutions to raise the information assurance level of products and services more broadly," Schaeffer said.
Schaeffer said that the NSA is also working to engage other companies, including Apple, Sun, and RedHat, on security standards for their products. The agency also works with computer security firms such as Symantec, McAfee, and Intel.
A growing array of law enforcement authorities, intelligence officials, and private computer experts has been warning about the rising threat of cyberattacks.
"The FBI considers the cyber threat against our nation to be one of the greatest concerns of the 21st century," Steven Chabinksy, the deputy assistant director of the FBI's cyber division, told the same congressional committee.
The Obama administration has been under pressure to name a cybersecurity chief to reinvigorate the government's efforts to protect its most sensitive computer networks. Some press reports suggest that appointment could come as early as next week.
Update at 5:30 p.m. ET: The text of Schaeffer's testimony, as prepared for delivery, is now online here.
Update at 2 p.m. ET: The NSA and other cybersecurity experts say that simple precautions (such as installing system updates regularly and running anti-virus software and firewalls) should protect against about 80% of the attacks out there. This means that if users took these steps, the NSA and others could focus on the more dangerous 20%, or so the theory goes. Put another way, of course, that means about 20% of attacks are sophisticated enough to theoretically defeat standard security measures.
If Microsoft wanted to really understand how to enhance system security while allowing users relative freedom, they’d take a good hard look at UNIX. But that doesn’t generate headlines, does it?
Right. Just helped Micro$oft increase the price.
What OS do MACs use?
Windows is the environment that most viruses, worms and other exploits are written for. They don’t find anything familiar to attach to when encountering a different operating system. Therefore, my dedicated Internet browsing computer uses Linux. My Windows computers are kept off the Internet.
NSA back door no doubt.
Could cause a surge of Mac buying by terrorists.
Linux is becoming a better and better option daily..
For a host of reasons..
It’s the NSA!
They don’t NEED a back door.
If they want in, you can’t stop them...
Why do you assume that Apple is not working with NSA too?
Cyber attack is not what the NSA is in this for; they want a guaranteed back door into every computer.
What OS do MACs use?
Here's Apple's Open Group brand certificate, which entitles Apple to use the UNIX brand. . . There are UNIX pretenders, and there is the real thing. Mac users, realize that qualifying for UNIX is no small feat, especially for an open source, BSD-based OS.
You are the gold watcher correct?
I don’t know sorry.
Don't worry though, I won't talk even under water boarding.
He misspoke, right?
He meant to say "in my mind that this IS accurate," right?
Certainly microsoft,Apple,Sun, and the rest aren't going to tell the federal gestapo NO.
It is long past time all Americans were educated about the Alien and Sedition Acts of the early 1800s,the abuses of habeas corpus,etc. by Lincoln, the Woodrow Wilson demands that any criticism of the government be treason in order to force the U.S. into the European war of 1914 in which we had no need to join.
Power hungry dictators always silence dissent.
NSA has been “working with” Microsoft since the mid-90s.
Yes right he phrased it wrong I actually e mailed him about a Cryptogen article and this is what he said about that...
Someone else asked me the same question yesterday. This was my response:
It would appear that Adrian Ash has read and taken great stock of the moron - Jon Nadlers smear job of me. I wrote a number of articles about this as I gathered more information. The first one I wrote cited gold trades [which I mistakenly assumed were done in NY COMEX which would have been futures]. I subsequently learned that the trades were actually put on in London [making them forwards] and the beneficial owners stood for ALLOCATED delivery instead of POOLED delivery which is what caused all the problems for the criminals who sold what they did not have.
For Adrian Ash to suggest I have not dealt with and explained this adequately I really have nothing else to say except I pity him and Im glad Im not wearing his shoes. I stand by what Ive written and this issue is not going away in fact, it is getting bigger and uglier by the day.
There should be more coming on this in the VERY near future. I dont think Adrian Ash or the folks at Bullion Vault are going to like it
I'd be surprised if that wasn't part of the deal.
Me? I'd be astonished.
Nonsense. The NSA is smart enough to know that there's no way to keep a secret like that. I think it's perfectly appropriate for the NSA to be lending their expertise to things like this. Just makes sense.
I have some knowledge about a particular project between Microsoft and the Secret Service that was really fascinating, and wholly on the level. I won't comment on the particulars but it was a perfectly appropriate cooperation between a government agency with a problem and a private company with a solution.
Thank you for the information. I appreciate it.
NSA admits to helping with not only Windows 7, but also Vista, XP and 2000. Geez, I feel so much more secure now.
Yes me too I have that dang visa!
Yes me too I have that dang vista!
Course I guess I shouldn't have striked the first wording. From NSA's standpoint, "improved security measures" are the ones that take the least CPU time to bypass.
They're a bunch of drug crazed hippies that still think they're fighting [against] the Vietnam war?
Guess what OS they are using http://toolbar.netcraft.com/site_report?url=http://www.nsa.gov ?
The answer is that they are handling the outer defense line with Akamai that runs Linux.
Wonder if that toolbar is good? lol
Wonder if that OS toolbar is good? lol