Posted on 11/18/2009 8:33:06 AM PST by FromLori
The National Security Agency has been working with Microsoft Corp. to help improve security measures for its new Windows 7 operating system, a senior NSA official said on Tuesday.
The confirmation of the NSA's role, which began during the development of the software, is a sign of the agency's deepening involvement with the private sector when it comes to building defenses against cyberattacks.
"Working in partnership with Microsoft and (the Department of Defense), NSA leveraged our unique expertise and operational knowledge of system threats and vulnerabilities to enhance Microsoft's operating system security guide without constraining the user's ability to perform their everyday tasks," Richard Schaeffer, the NSA's Information Assurance Director, told the Senate Judiciary Committee in a statement prepared for a hearing held this morning in Washington. "All this was done in coordination with the product release, not months or years later in the product cycle."
The partnership between the NSA and Microsoft is not new.
In 2007, NSA officials acknowledged working with Microsoft during the development of Windows Vista to help boost its defenses against computer viruses, worms and other attacks. In fact, the cooperation dates back to at least 2005, when the NSA and other government agencies worked with Microsoft on its Windows XP system and other programs.
The NSA, which is best known for its electronic eavesdropping operations, is charged with protecting the nation's national security computing infrastructure from online assaults.
As these systems become increasingly dependent on private-sector computing products, the NSA has reached out to a growing number of software companies.
"More and more, we find that protecting national security systems demands teaming with public and private institutions to raise the information assurance level of products and services more broadly," Schaeffer said.
Schaeffer said that the NSA is also working to engage other companies, including Apple, Sun, and RedHat, on security standards for their products. The agency also works with computer security firms such as Symantec, McAfee, and Intel.
A growing array of law enforcement authorities, intelligence officials, and private computer experts has been warning about the rising threat of cyberattacks.
"The FBI considers the cyber threat against our nation to be one of the greatest concerns of the 21st century," Steven Chabinksy, the deputy assistant director of the FBI's cyber division, told the same congressional committee.
The Obama administration has been under pressure to name a cybersecurity chief to reinvigorate the government's efforts to protect its most sensitive computer networks. Some press reports suggest that appointment could come as early as next week.
Update at 5:30 p.m. ET: The text of Schaeffer's testimony, as prepared for delivery, is now online here.
Update at 2 p.m. ET: The NSA and other cybersecurity experts say that simple precautions (such as installing system updates regularly and running anti-virus software and firewalls) should protect against about 80% of the attacks out there. This means that if users took these steps, the NSA and others could focus on the more dangerous 20%, or so the theory goes. Put another way, of course, that means about 20% of attacks are sophisticated enough to theoretically defeat standard security measures.
NSA has been “working with” Microsoft since the mid-90s.
Yes right he phrased it wrong I actually e mailed him about a Cryptogen article and this is what he said about that...
Someone else asked me the same question yesterday. This was my response:
It would appear that Adrian Ash has read and taken great stock of the moron - Jon Nadler’s smear job of me. I wrote a number of articles about this as I gathered more information. The first one I wrote cited gold trades [which I mistakenly assumed were done in NY – COMEX – which would have been futures]. I subsequently learned that the trades were actually “put on” in London [making them forwards] and the beneficial owners stood for ALLOCATED delivery instead of POOLED delivery – which is what caused all the problems for the criminals who sold what they did not have.
For Adrian Ash to suggest I have not dealt with and explained this adequately – I really have nothing else to say except I pity him and I’m glad I’m not wearing his shoes. I stand by what I’ve written and this issue is not going away – in fact, it is getting bigger and uglier by the day.
Best,
Rob Kirby
There should be more coming on this in the VERY near future. I don’t think Adrian Ash or the folks at Bullion Vault are going to like it
I'd be surprised if that wasn't part of the deal.
Me? I'd be astonished.
Nonsense. The NSA is smart enough to know that there's no way to keep a secret like that. I think it's perfectly appropriate for the NSA to be lending their expertise to things like this. Just makes sense.
I have some knowledge about a particular project between Microsoft and the Secret Service that was really fascinating, and wholly on the level. I won't comment on the particulars but it was a perfectly appropriate cooperation between a government agency with a problem and a private company with a solution.
Thank you for the information. I appreciate it.
NSA admits to helping with not only Windows 7, but also Vista, XP and 2000. Geez, I feel so much more secure now.
/sarcasm
Yes me too I have that dang visa!
Yes me too I have that dang vista!
Course I guess I shouldn't have striked the first wording. From NSA's standpoint, "improved security measures" are the ones that take the least CPU time to bypass.
They're a bunch of drug crazed hippies that still think they're fighting [against] the Vietnam war?
Guess what OS they are using http://toolbar.netcraft.com/site_report?url=http://www.nsa.gov ?
The answer is that they are handling the outer defense line with Akamai that runs Linux.
Wonder if that toolbar is good? lol
Wonder if that OS toolbar is good? lol
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.