The National Security Agency has provided assistance to Microsoft and Apple in securing their Windows and Mac OS X operating systems, according to a report published Tuesday.
While Microsoft has sought NSA’s assistance for several years in the development of security for its Windows Vista operating system, due to be released to consumers January 30, as well as its Windows XP operating system, it has only recently acknowledged the intelligence agency’s role in securing the operating systems.
Neither Microsoft nor NSA gave any specifics about the nature and extent of NSA’s contributions to Windows Vista, but NSA did say that it ran exercises to test Windows Vista security with two teams, a “blue team” which attempted to secure Windows Vista computers and a “red team” which attempted to break in to them.
“Our intention is to help everyone with security,” Tony W. Sager, the NSA’s chief of vulnerability analysis and operations group, said yesterday. . . .
Microsoft said this is not the first time it has sought help from the NSA. For about four years, Microsoft has tapped the spy agency for security expertise in reviewing its operating systems, including the Windows XP consumer version and the Windows Server 2003 for corporate customers.
With hundreds of thousands of Defense Department employees using Microsoft’s software, the NSA realizes that it’s in its own interest to make the product as secure as possible. “It’s partly a recognition that this is a commercial world,” Sager said. “Our customers have spoken.”
Other software makers have turned to government agencies for security advice, including Apple, which makes the Mac OS X operating system. “We work with a number of U.S. government agencies on Mac OS X security and collaborated with the NSA on the Mac OS X security configuration guide,” said Apple spokesman Anuj Nayar in an e-mail. — Washington Post
Microsoft’s cooperation with NSA was first disclosed in a footnote to the Windows Vista Security Guide, which reads: “At the request of Microsoft, the National Security Agency Information Assurance Directorate participated in the review of this Microsoft security guide and provided comments that were incorporated into the published version.”
An NSA spokesman denied that the agency provided any source code, the human-readable set of instructions which tell the computer how to accomplish its task, for either Windows or Mac OS X. “This is not the development of code here. This is the assisting in the development of a security configuration,” NSA spokesman Ken White toldComputerworld.
In 2001, NSA released a security architecture called SELinux, an optional add-on to the Linux operating system, to provide enhanced security. Unlike its contributions to Windows and Mac OS X, SELinux is developed in the open, and all of its source code is available for public inspection. This development process allows for faster resolution of software bugs and makes it almost impossible to conceal malicious code within, as another developer looking at the code would be likely to discover it.
While analysts are pleased with the Microsoft announcement, one calling it a “Good Housekeeping seal” of approval, some security experts are displeased, especially with the secrecy surrounding the scheme.
“A few years ago I was ready to believe the NSA recognized we’re all safer with more secure general-purpose computers and networks,” says security expert Bruce Schneier, “but in the post-9/11 take-the-gloves-off eavesdrop-on-everybody environment, I simply don’t trust the NSA to do the right thing.”
(No Ratings Yet)
Loading ...
Join the members of the Liberty Conspiracy as they discuss issues ranging from the "Incorporation Doctrine" and gun rights, to the NBA, to protests conducted at military funerals, protests that are being challenged by government, and which will be heard by the philosopher kings in the U.S. Supreme Court.
When neoconservative Ben Stein accused Congressman Ron Paul of being antisemitic for merely wanting to ask WHY Islamic terrorists want to attack the civilians living under western governments that have meddled in the Mideast, the members of the Conspiracy could not sit by silently.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works license.
Video published by this site is licensed under a Creative Commons Sampling+ license.
Facebook
Digg
del.icio.us
reddit.com
Newsvine
Ray
Jan 09, 2007
Now why does this worry me.
Wonder if they included a clipper chip ;-)
Jan 10, 2007
Dragan’s Blog on Security » NSA Helps Microsoft and Apple for Better Security
Jan 10, 2007
Diary of an Ad Man » Blog Archive » Self-Care and Productivity
Q
Jan 10, 2007
here’s the new secret login:
username: nsa_admin
password: bendover
David Parton
Jan 10, 2007
Oh this is great now we have microsoft having the NSA troubleshoot there own stuff whats next?? Microsoft having people make there OS’s and software??
Jan 10, 2007
Sundry Best » Blog Archive » NSA Helped on Vista, XP, and OS X
Michael
Jan 10, 2007
Sounds like Microsoft wanted government approval for the use of their operating system by governemnt agencies. Now they flaunt it around like the NSA certifies their OS secure…
Jan 10, 2007
Cerebellum
Jan 10, 2007
Austoon Daily » NSA provided security help for Windows, Mac OS X
BS Detector
Jan 10, 2007
The headline of this article is highly misleading. While it’s commonly known that Microsoft and the NSA are in bed together on many levels, it’s not fair of the author to draw the same conclusion to Apple.
Collaborating on a “OS X security guide” is not the same as installing a backdoor.
James Babb
Jan 10, 2007
Evidently, spying on your phone calls and email isn’t enough.
Nigel Watt
Jan 10, 2007
Looks like I’ll be learning Linux over the summer.
roger@infolieux.info
Jan 10, 2007
I never confirmed this but I saw a thread from an ex ZA firewala “guru” where he stated that there was some confidential -not to be discussed- obligations from firewalls vendors, included in patriot act II. be it only for its embedded firewall, windows has to give the right keys to the right persons. And it hase to remain completely silent.
Not playing big brother here, this looks completely real.
Ray
Jan 12, 2007
Use Linux as your firewall. It is at least as good in reality as your standard commercial fire wall, and there will be none of this nonsense in it.
Jan 12, 2007
et tu, brute? | .get privacy
Jan 14, 2007
www.TruthRing.org » How NSA access was built into Windows
Jerry
Jan 15, 2007
I only have three things to say about this.
1. Linux
2. Linux
3. Linux
Ray
Jan 15, 2007
Amen Jerry!!!!!!!!
linuxiac
Jan 18, 2007
Worrisome for some, like German Military: http://www.aaxnet.com/news/M010318.html
and China, ( yes, other world governments):
http://www.a42.com/node/314
as the NSAKEY existed since Win95OSR2, NTsp5.
linuxiac
Jan 18, 2007
All my noobs and business, charity, schools, run http://pclinuxos.com behind the firewall http://ipcop.org using an old Pentium 800Mhz box, headless, running Spam Assassin, and Dan’s Guardian.
And to think that the Admin sections and Management want to keep using Microsoft in their organizations! M$ is so easily hacked into, by the network of bright youngsters!
Change grades for everyone!
Ray
Jan 19, 2007
But Microsoft takes a lot more management and monitoring. This means that it takes more people and resources than doing the same thing in the Linux world. Since managers get raises and promotions based on how many people they have working for them and how many resources they control it is to their benefit to select the option that gets them the biggest department, since Linux once it is in place pretty much requires nothing it loses out to being the cheaper solution.
Jan 23, 2007
cwest.gavrilo.net » Get the Facts about NSA reviewing Microsoft
Jan 23, 2007
terrorizethis.org » Blog Archive » NSA provided security help for Windows and Mac OS X
Johan
Jan 26, 2007
I´ve just converted to Linux and I just luuuuve it. Msoft is all about the money, which I find soo lame..!
Feb 07, 2007
warum closed-source nie Vertrauen schafft | .get privacy
Dr Strangetron
Feb 25, 2008
I think it’s safe to assume that their is not much beyond the gov capabilities. Can’t a port opening subroutine be imbedded on all intel ROM chips for example? The only safe platform would be an early era machine like an apple 8k //e before the gov turds got interested in personal computers (no modem or telecom card since Jobs was too cheap to spring for extra components.) But even that gives off a signal through the SCSI I read that receivers at close distance can pick up if a good com tech tries. (Dang, I just threw my 1981 machine away the other day.)
The collusion of big gov and big business makes the line between them very blurry. Best to leave lots of Impeachment and bill of rights material lying around on your drive so that we can educate young gov intel personel how wrongheaded unreasonable search and seizure without a warrant is (fourth amendment.)
Nov 25, 2009
NSA asks hackers for security help - Homeland Stupidity