News Windows 7 security courtesy of the NSA

Grabs the wheel and steers back to reality:

For those of you who seem to think having an outside authority help look at the security problems that Windows has, let's do a hypothetical...

Let's ASSUME that in the past, all Windows distro's have been done only in house at Microsoft. Now one company knows how the OS works inside and out, the good and the bad, the strenghts and the weaknesses. What stops Microsoft (or a rogue employee for that matter) from leaving in place, a security flaw/backdoor/trojan/what-have-you and using that whenever the US Gov't or some other gov't applies pressure, money, or both to Microsoft and says "Let me in"?

I believe that the announcement that the NSA has consulted on the security portions of the Windows OS does very little in making it more or less secure to those who are worred about the government getting in. However, I also think that it does make it more secure from independent hackers, script kiddies, and other such parties.

 

You said few used SE Linux. That's either a lie, or you are so mind-blowingly ignorant that you shame yourself.

 

OK, since this is a Windows 7 based topic. Let's base my comment in relation to Microsoft based OS. You are completely naive to think that the world bases it's servers in the majority favour of Linux based operating systems. Don't embarrass yourself trying to convince anyone that the majority of the world uses Linux because the numbers DO NOT LIE! Therefore, to highlight my original comment that it is a "MINORITY" OS is correct. Maybe, if you changed the tone of your original post here and in other topics to sound less derogatory towards Microsoft, for no reason other than the fact you don't like Microsoft then just maybe, you won't get me or anyone else challenging you. If you can't handle the argument then don't start it. Don't start crying because you can't leave an anti-Microsoft comment in a Microsoft based topic without being challenged

 

Look, that's fine. If you want to go ahead and ignore the server space, that's up to you, but I really think you have to ask yourself: are the facts important here, or aren't they? If the facts aren't important then go ahead and stick with your bizarre definition of 'minority', but if they are then you clearly need to go away, do some homework and then come back and argue your points.

To be honest, I come across people like this all the time: you simply can't be arsed to take the time to get the facts straight and, instead, just 'get the FUD' and tow the MS line. I can't believe you actually thought SE Linux was a distro in itself. You clearly have no idea about linux but you're quite happy to pass judgement on it. Like your username says, you are a crazy man.

 

Reported

EDIT

Sorry Nexxo

 

Again you bring nothing to this topic of any interest. Again you cloud your own prejudice and again bad mouth me and anyone else who questions your prejudice. Why do you continue to talk nonesense about Linux in a Windows based topic. I would understand it if the topic base was Linux but it isn't and still you infect every topic about Windows with your bias Linux views.

Go and play in the "MINORITY" topics pal!

 

You are boring me. Just get out of my face, minion.

 

You gotta love their passion to have the last word no matter what!

 

Can we please just ban both from this topic and move on?

 

+1

When reason fails, time for the banhammer!

 

(1) The NSA paranoia is mainly thanks to Jerry Bruckheimer and Tony Scott, with their 1998 movie starring Will Smith.

The real NSA isn't like that. The place is filled with mathematicians, code breakers, data analysts, and computer folks. There is no "field ops" people. No Jack Bauer like characters. They don't send people out to hunt you down directly.

They are signals intelligence. All they do is listen, gather data, and try to understand how all the data they gather relates to a situation...Then pass it on to whoever can deploy people. (CIA if outside of USA, FBI if inside of USA, etc). They are the folks that quietly sit there and listen. If you don't do something that raises a flag on their systems, then you shouldn't be worried.

(2) SELinux is a solution developed from the NSA. The objective was to create a mandatory access control (MAC) framework for low cost, off the shelf OS that is Linux. They released the source code in 2000, and it was incorporated into the mainline Kernel in 2003. (it went through a number of eyes before it was accepted).

The following has support or already implements SELinux by default.
=> Red Hat (from version 4 onwards)
=> CentOS (from version 4 onwards)
=> Fedora (from Fedore Core 2 onwards)
=> EnGarde Secure Linux (since 2005)
=> Ubuntu (supported since version 8.04 onwards)
=> Debian (supported since version 4 onwards)
=> Hardened Gentoo
=> Yellow Dog Linux
=> OpenSUSE (basic support only. Since version 11.1)

Bare in mind, SELinux isn't not the be-all or end-all. It doesn't not offer memory protection mechanisms. This is where Exec Shield or PaX come into it.

Windows's attempt at MAC is called Mandatory Integrity Control. It was introduced in Vista and 2008 Server. IE's Protected Mode uses this mechanism to run in a least privileged mode...Again, MIC is not the be-all...It is vulnerable to squatting attacks. eg: Allows one to potentially disable background protection service of AV solutions.

(3) The NSA only assist in Windows where they took part in creating guides and policies in order to better secure US Govt computers. They didn't directly contribute code to Microsoft. They also create guides for Linux systems. (As the US Govt have a number of solutions using Linux in their collection).

Think about it: If NSA really went through MS's code, you'd think the recently discovered SMB2 bug that crashes Windows 7 would be there?

If you're that scared, don't use Windows. Maybe you'll benefit in other ways in the long term.

 

+1 to aussiebear ^ is about the way it is. I see someone does their homework.

 

Shame, nothing again!

Getting back on topic finally. Do we know of any other security agencies who have helped operating system developers? How many other government agencies have left their fingerprints/backdoors?

 

Well done aussiebear. It's refreshing to have someone else on these forums who actually understands something about linux.

I'd go further and recommend not only avoiding windows, but using OpenBSD if you're serious about security. You trade off some functionality though, eg. you don't get anything near Linux's 40+ different file systems support.

 

You mean "It's refreshing to have someone else on these forums who actually shares my views about linux."

Shame really since it has no relevence to the topic in question.

 

Do you guys ever put a sock in it? I mean really, even a mod asked you two to stop, yet you continue..

Obviously that's a rhetorical question..

 

No problem guys, Sorry!

Getting back on topic finally again. Do we know of any other security agencies who have helped operating system developers? How many other government agencies have left their fingerprints/backdoors?

 

Amen to that.

Shurrup or ill put a sock in you both.




I didn't say your mouths either...

/puts on rubber gloves and pulls a pair of used, red football socks from the dirty washing basket.

 

Getting back on topic finally again, again & again. Do we know of any other security agencies who have helped operating system developers? How many other government agencies have left their fingerprints/backdoors?

 

Get back on topic.

Windows 7 security courtesy of the NSA

That is the topic. Stick on it, or ill keep removing posts.