Home Mail MemberMap Chat (0) Wallpapers
Go Back   ChiefsPlanet > The Royal Lounge > D.C.

Reply
 
Thread Tools Display Modes
Old 06-25-2013, 09:35 AM  
KILLER_CLOWN KILLER_CLOWN is offline
Be HEALED!!!!!!!
 
KILLER_CLOWN's Avatar
 
Join Date: Feb 2002
Location: Fascist State
Casino cash: $5336
NSA helped with Windows 7 development

Privacy expert voices 'backdoor' concerns, security researchers dismiss idea

Computerworld - The National Security Agency (NSA) worked with Microsoft on the development of Windows 7, an agency official acknowledged yesterday during testimony before Congress.

"Working in partnership with Microsoft and elements of the Department of Defense, NSA leveraged our unique expertise and operational knowledge of system threats and vulnerabilities to enhance Microsoft's operating system security guide without constraining the user to perform their everyday tasks, whether those tasks are being performed in the public or private sector," Richard Schaeffer, the NSA's information assurance director, told the Senate's Subcommittee on Terrorism and Homeland Security yesterday as part of a prepared statement.

"All this was done in coordination with the product release, not months or years later during the product lifecycle," Schaeffer added. "This will improve the adoption of security advice, as it can be implemented during installation and then later managed through the emerging SCAP standards."

Security Content Automation Protocol, or SCAP, is a set of standards for automating chores such as managing vulnerabilities and measuring security compliance. The National Institute of Standards and Technologies (NIST) oversees the SCAP standards.

This is not the first time that the NSA has partnered with Microsoft during Windows development. In 2007, the agency confirmed that it had a hand in Windows Vista as part of an initiative to ensure that the operating system was secure from attack and would work with other government software. Before that, the NSA provided guidance on how best to secure Windows XP and Windows 2000.

According to Marc Rotenberg, the executive director of the Electronics Privacy Information Center (EPIC), the NSA's involvement with operating system development goes back even farther. "This battle goes back to at least the crypto wars of the early '90s," said Rotenberg, who remembered testifying about the agency's role in private sector computer security standards in 1989.

But when the NSA puts hands on Windows, that raises a red flag for Rotenberg, who heads the Washington, D.C.-based public interest research center. "When NSA offers to help the private sector on computer security, the obvious concern is that it will also build in backdoors that enables tracking users and intercepting user communications," Rotenberg said in an e-mail. "And private sector firms are reluctant to oppose these 'suggestions' since the US government is also their biggest customer and opposition to the NSA could mean to loss of sales."

Rotenberg's worries stem from the NSA's reputation as the intelligence agency best known for its eavesdropping of electronic messaging, including cell phone calls and e-mail.

Andrew Storms, the director of security operations at nCircle Security, didn't put much credence in the idea that Microsoft would allow the NSA to build a hidden entrance to Windows 7. "Would it be surprising to most people that there was a backdoor? No, not with the political agenda of prior administrations," said Storms. "My gut, though, tells me that Microsoft, as a business, would not want to do that, at least not in a secretive way."

Roger Thompson, chief research officer at AVG Technologies, agreed. "I can't imagine NSA and Microsoft would do anything deliberate because the repercussions would be enormous if they got caught," he said in an interview via instant messaging.

"Having said that, I think we should understand that there is every likelihood that certain foreign governments are constantly looking for vulnerabilities that they can use for targeted attacks," Thompson continued. "So if they're poking at us, I think it's reasonable to assume that we're doing something similar. But I seriously doubt an official NSA-Microsoft alliance."

The NSA's Schaeffer added that his agency is also working on engaging other major software makers, including Apple, Sun and Red Hat, on security standards for their products.

"More and more, we find that protecting national security systems demands teaming with public and private institutions to raise the information assurance level of products and services more broadly," Schaeffer said.

Microsoft was not immediately available for comment on the NSA's participation in Windows 7's development.

Read more about Government IT in Computerworld's Government IT Topic Center.

http://www.computerworld.com/s/artic..._7_development

An old article from 2009 but it seemed appropriate.
Posts: 24,211
KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.
  Reply With Quote
Old 06-27-2013, 06:37 AM   #2
KC-TBB KC-TBB is online now
It is, what it is...
 
KC-TBB's Avatar
 

Join Date: Sep 2006
Location: Lawrenceville, GA
Casino cash: $5180
hmmmm long article, but food for thought.
Posts: 1,043
KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.
  Reply With Quote
Old 06-27-2013, 06:38 AM   #3
KC-TBB KC-TBB is online now
It is, what it is...
 
KC-TBB's Avatar
 

Join Date: Sep 2006
Location: Lawrenceville, GA
Casino cash: $5180
I like the comment..."if they got caught"...who'd a thunk it?
Posts: 1,043
KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.KC-TBB must have mowed badgirl's lawn.
  Reply With Quote
Old 06-28-2013, 06:09 AM   #4
banyon banyon is offline
Supporter
 
banyon's Avatar
 

Join Date: Aug 2005
Location: Dodge City, Kansas
Casino cash: $5832
Clearly they did not help with windows 8, because it blows.
__________________
Posts: 32,694
banyon wants to die in a aids tree fire.banyon wants to die in a aids tree fire.banyon wants to die in a aids tree fire.banyon wants to die in a aids tree fire.banyon wants to die in a aids tree fire.banyon wants to die in a aids tree fire.banyon wants to die in a aids tree fire.banyon wants to die in a aids tree fire.banyon wants to die in a aids tree fire.banyon wants to die in a aids tree fire.banyon wants to die in a aids tree fire.
  Reply With Quote
Old 06-28-2013, 10:50 AM   #5
KILLER_CLOWN KILLER_CLOWN is offline
Be HEALED!!!!!!!
 
KILLER_CLOWN's Avatar
 

Join Date: Feb 2002
Location: Fascist State
Casino cash: $5336
Quote:
Originally Posted by banyon View Post
Clearly they did not help with windows 8, because it blows.
True..but it's the Microshaft patttern. Put out a good OS then a crappy one, rise and repeat.
__________________
"Not every one that saith unto me, Lord, Lord, shall enter into the kingdom of heaven; but he that doeth the will of my Father ... And then will I profess unto them, I never knew you: depart from me, ye that work iniquity."

"If the people let government decide what foods they eat and what medicines they take, their bodies will soon be in as sorry a state as are the souls of those who live under tyranny." - Thomas Jefferson
Posts: 24,211
KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.KILLER_CLOWN is obviously part of the inner Circle.
  Reply With Quote
Old 06-28-2013, 03:16 PM   #6
Fish Fish is offline
Missing Dick Curl
 
Fish's Avatar
 

Join Date: Sep 2005
Casino cash: $7358
JFC Clown... this was debunked in 2009. The article you're posting is just a rehash of bullshit that was talked about even before Win7 hit the market.

The NSA doesn't "Help" software manufacturers code their software. That's retarded. The only thing the NSA does, is provide security compliance standards to the software manufacturer. They don't do a single bit of coding, and there's certainly not any "Backdoor" access bullshit. That's simply not how it works. The NSA wanted to be more involved, to the point of requesting hardware/software manufacturers like M$ to install what was called the "Clipper chip", which would have allowed a hardware back door of sorts to law enforcement. But logically, M$ said "**** NO".

Quote:
Microsoft denies it built 'backdoor' in Windows 7
Don't worry, company tells users; NSA involved only in security compliance standards

By Gregg Keizer
November 19, 2009 03:07 PM

Computerworld - Microsoft today denied that it has built a backdoor into Windows 7, a concern that surfaced yesterday after a senior National Security Agency (NSA) official testified before Congress that the agency had worked on the operating system.

"Microsoft has not and will not put 'backdoors' into Windows," a company spokeswoman said, reacting to a Computerworld story Wednesday.

On Monday, Richard Schaeffer, the NSA's information assurance director, told the Senate's Subcommittee on Terrorism and Homeland Security that the agency had partnered with the developer during the creation of Windows 7 "to enhance Microsoft's operating system security guide."

Echoing earlier concerns, Marc Rotenberg, the executive director of the Electronics Privacy Information Center (EPIC), questioned the wisdom of letting the NSA participate in OS development. "The key problem is that NSA has a dual mission, COMPUSEC, computer security, now called cyber security, and SIGINT, signals intelligence, in other words surveillance," Rotenberg said in an e-mail.

Yesterday, he raised the issue, which isn't new, of whether the NSA pressures companies like Microsoft to craft so-called "backdoors" into their code that would let the agency track users and intercept users' communications. Rotenberg called it an "obvious concern," and added that it might be difficult for major software makers to turn down NSA "suggestions" because the U.S. federal government is an important customer.

Today's categorical denial by Microsoft was accompanied by further explanation of exactly how the NSA participated in the making of Windows 7. "The work being discussed here is purely in conjunction with our Security Compliance Management Toolkit," said the spokeswoman.

The company rolled out the Windows 7 version of the toolkit late last month, shortly after it officially launched the operating system.

The compliance management toolkit provides a set of security configurations that address additional levels of risks beyond those addressed out of the box, as well as tools to deploy these configurations and monitor what Microsoft calls "configuration drift." The toolkit is aimed at enterprises, government agencies and other large-scale organizations.

Microsoft's rejection of the idea that it's hidden a backdoor in Windows came as no surprise to security researchers, who yesterday expressed doubt that the company would put its reputation at such risk. "I can't imagine NSA and Microsoft would do anything deliberate, because the repercussions would be enormous if they got caught," Roger Thompson, the chief research officer of antivirus vendor AVG Technologies, said yesterday.

John Pescatore, an analyst with Gartner Research, agreed. "[The concerns] are way overstated," he said today in an e-mail. "NSA worked with Microsoft and others, like Cisco, on security configuration standards for [their] products."

Cisco, in fact, has built "lawful intercept" capabilities into its products, including its Internetworking Operating System (ISO) and its VoIP (Voice over Internet Protocol) lines. The term describes the process by which law enforcement agencies conduct electronic surveillance of circuit and packet-mode communications under authorization, such as electronic wiretap orders.

Rotenberg still questioned NSA involvement. "The key point is that the NSA is not the right agency to promote computer security in the private sector," he argued. "The risks to end users are real -- the original NSA key escrow proposal, 'Clipper,' was a terrible idea -- and there is too little transparency about these arrangements."

The Clipper chip Rotenberg referred to was a project first proposed in 1993 that would offer ultra-strong encryption, but would allow access to encrypted data by law enforcement. The NSA proposal, however, raised a firestorm of protest and the idea was ultimately dropped.

What you should be concerned about, is the "Lawful Intercept" bullshit that Cisco allows, and is briefly mentioned in the above article. That's an actual legit concern. Cisco actually did bend over to NSA demands.
__________________
Posts: 25,848
Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.
  Reply With Quote
Old 06-28-2013, 03:56 PM   #7
Molitoth Molitoth is offline
Chiefs Rubberneck
 
Molitoth's Avatar
 

Join Date: Apr 2004
Casino cash: $7649
Movie: The Net


Company builds Anti-Virus software with a backdoor.

I wouldn't doubt MS has their own.
Posts: 11,488
Molitoth is too fat/Omaha.Molitoth is too fat/Omaha.Molitoth is too fat/Omaha.Molitoth is too fat/Omaha.Molitoth is too fat/Omaha.Molitoth is too fat/Omaha.Molitoth is too fat/Omaha.Molitoth is too fat/Omaha.Molitoth is too fat/Omaha.Molitoth is too fat/Omaha.Molitoth is too fat/Omaha.
  Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump




All times are GMT -6. The time now is 11:15 AM.


This is a test for a client's site.
A new website that shows member-created construction site listings that need fill or have excess fill. Dirt Monkey @ https://DirtMonkey.net
Powered by vBulletin® Version 3.8.0
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.