Did the NSA fix Vista? — Interesting. My take is that the NSA was more concerned about its being hacked then it doing any hacking.

THE USA GOVERNMENT’S cryptologic organisation, the National Security Agency, has admitted that it is behind some of the security changes to Microsoft’s operating system Vista.

According to the Washington Post, the agency which was once so secret that it was jokingly referred to as ‘No such Agency’ has admitted making ‘unspecified contributions’ to Vista.

Tony Sager, the NSA’s chief of vulnerability analysis and operations group, told the Post that it was the agency’s intention to help everyone these days.

found by Chad Greiner



  1. Tom 2 says:

    Remember when i said, I will get Vista when all its bugs are worked out Scratch that, now I am never getting Microsoft Vista.

  2. Elwood Pleebus says:

    Hmmmm… I wonder if the RIAA is pushing DRM thru the NSA?
    whoops I need more abbreviations. Throw the MPAA in there also.

  3. bryan says:

    This isn’t new, don’t you remember this, from the late 90’s:
    http://www.cnn.com/TECH/computing/9909/03/windows.nsa.02/

    A service pack was released that accidentally showed the name of the second key (_NSAKEY)

  4. Mike Johnson says:

    I would expect them to demand a back door into Vista so they can easily snoop through our private documents. If the FBI can track us and listen in through our cell phones the NSA won’t want to be left out of the domestic snooping so common in these days of terror.

    I really am afraid. Not of terrorists, but of my own government. It amazes me how easily the Constitution has been made null and void.

  5. Chad says:

    There’s nothing unconstitutional about this… IF they helped program a back door and they use it for unlawful search – now THAT’S unconstitutional. I think the people who say Vista is the death knell of Microsoft’s domination in the OS market are right. Crap like this is only going to scare away the technorati – and eventually the mainstream will follow.

  6. Chad says:

    There’s nothing unconstitutional about this… IF they helped program a back door and they use it for unlawful search – now THAT’S unconstitutional. I think the people who say Vista is the death knell of Microsoft’s domination in the OS market are right. Crap like this is only going to scare away the technorati – and eventually the mainstream will follow.

    PS. Thanks for the cred on the post, John!

  7. Mr.Newton says:

    i was going to get Vista but now i’m not so inclined to do so,,in fact i may have just changed my mind,,thanks for the 411 on that.a perfect example of how info from the net can change my mind.always learning!

  8. ECA says:

    I wonder HOW many believed me when I said…
    90% of digital costs are Security, and 10% quality?

    How many KNOW that to get Digital compression passed the FCC, that a DEcompression protocol had to be made so that They could MONITOR what was scrambled??
    for Celphones to be SOLD in the US, that its required that the messages be able to be monitored.

  9. Raff says:

    Reminds me of the nsa version of Lynix they made safe.. You used to be able to download it from nsa.gov

  10. Timbo says:

    But you don’t know paranoia. The Muslims in America are under the government’s microscope. They can’t sneeze without the government hearing and seeing it. And they know it.

    With what they have right now, the government could quickly shut down the drug trafficers and the Mafia. But that would tip their hand too much. After all, we are in a war.

  11. Wayne Bradney says:

    The Washington Post just mentions that some NSA experts helped with testing and configuration, not to provide code or backdoors. No Digg. (Sorry, wong site.)

  12. Wayne Bradney says:

    The Washington Post only talks about some NSA staff helping with testing and configuration — it’s not like they provided code or insisted on back doors. No Digg… sorry wrong site.

  13. TJGeezer says:

    #10 – It has long been rumored that the drug black markets help fund the US secret operations outfits. The San Jose reporter who pieced it all together about the CIA and the Golden Triangle years ago eventually committed suicide, his career wrecked – and yet what he reported has never been discredited, so far as I know. Just ignored or dismissed with slurs.

    Why should the government shut down black markets by, oh, regulating instead of prohibiting drug use, when black markets are so lucrative? I doubt it has anything to do with tipping their hands. They WANT us to know they’re watching. Same reason they WANT to be able to torture “suspects.” It isn’t to get good information (they know torture doesn’t work for that), it’s to keep people fearful.

    Look at the reaction to this news of NSA involvement with Vista. Doesn’t matter if it’s true or not – it makes people a little more edgy, a little more nervous.

  14. Spencer says:

    If the NSA put a back door in Vista, it was probably for spying on foreign governments or to do industrial espionage for American corporations.

    But you know they will eventually use it against US citizens sometime in the future. Anything you can imagine, no matter how repugnant, someone will eventually do.

    Assuming there is a back door.

  15. Jägermeister says:

    Get Linux.

    —–

    #8 How many KNOW that to get Digital compression passed the FCC, that a DEcompression protocol had to be made so that They could MONITOR what was scrambled??

    Yeah, thank goodness… Imagine not being able to decompress zip files… 😉 I guess you meant encrypt/decrypt. 🙂

    —–

    I hate “Sorry, you can only post a new comment once every 15 seconds. Slow down cowboy.”

  16. Mark says:

    “Tony Sager, the NSA’s chief of vulnerability analysis and operations group, told the Post that it was the agency’s intention to help everyone these days. ”

    WTF. Oh thank you Tom Sager.

    You gotta love this shiit.

  17. TJGeezer says:

    LOL. Hey Tony – don’t help me, help him! That guy over there. Not me.

  18. V says:

    First, an article that isn’t the Inquirer…
    http://www.washingtonpost.com/wp-dyn/content/article/2007/01/08/AR2007010801352.html

    What they’re discussing is running mock attacks and then defending against them. Personally, I think it’s a good idea. If the NSA’s hackers can’t get in, then nobody can.

    If they did put in a back door, I have plenty of confidence that someone will find it. It would be a huge embarrassment to Microsoft and someone else will release a patch to close the hole.

  19. ECA says:

    16,
    Yep, they could do 10 times the work in 1/2 the time, EXCEPT…
    The NSA dont want to pay anyone to do the job, with so many versions, how to infect Each one.

  20. Greg Allen says:

    Isn’t this a job for the OpenSource community? With all the energy and creativity we have, why are we relying on Microsoft for our security?

    Here is my priority list:
    1) email

  21. Greg Allen says:

    Isn’t this a job for the OpenSource community?

    With all the energy and creativity out there, why are we relying on Microsoft for our security?

    Here is my priority list:

    1) email
    I want protection both from snoops and spoofs. It seems like a double-key signature system would be easy to do.

    2) surfing
    I want ALL my surfing encrypted — not just transactions. And I want the URLs encrypted, too. Again, how hard would this be to do?

    3) Viruses, spyware, etc.
    For me, personally, this is overrated. But I suffer from others neglect.

    I use Norton for AV and Zone Alarm for my firewall and I’ve had no problems since they’ve been installed (BTW: I leave my computer on-line 24/7.)

    However, I’ve had SEVERAL other people let some worm/virus get access to their address book and misuse my email address. What a pain!

    Couldn’t the OpenSource community do something about this? Seems like they could install some sort of sniffer for servers to flag suspicious email and web pages before they get to people’s unsecured computers.

  22. ECA says:

    22,
    good points..
    I would LOVe to see EMAIL totally rewritten so ‘No Source” can hide there location…

    whats funny, is I reinstalled win2000 on a computer, and was setting up the DIALUP…There site was MSN..
    NEVER NEVER NEVER hit a site you are NOT sure of on Startup of IE…
    This was IE4, before I could update ANYTHING…7 virus and 17 bots infested the machine. From the MSN main page.
    MSN dont AV/AB the adverts, they are grabbed randomly from someplace ELSE…
    Wonder WHOM invented the idea of EMBEDDING scripts into graphics???
    Whom invented the idea of placing HOLEs in their browser to let trackers, and adverts ONTO your machine??
    MS did it..

  23. Grrr says:

    #4, #15, #17 – I couldn’t agree more…

  24. Greg Allen says:

    #23

    This problem with email seems like a piece of cake to solve. I submitted a suggestion to the Thunderbird wiki but nobody seemed interested or even concerned about security.

    A double-key encryption scheme (like PGP) would be a breeze to implement.

    Your first email exchange would probably have to be plain-text but after you exchange keys, all communication would be signed and encrypted end-to-end.

    Besides encryption, digital signatures would help alot. It would put an end to those phishing emails supposedly from your bank.

    The other thing needed is to encrypt your in-box and stored email so that the IT guys or coworkers can’t snoop your mail off-hours.

    Again, this would be a no brainer to solve. (Either TruCrypt or PGP could do that.)

    The trick is to have LOTS of people using email encryption so that all email clients will follow. I think this could happen if Thunderbird implemented it. But, as I said, the guys there seemed to have no vision for it.

  25. Sundog says:

    19. “What they’re discussing is running mock attacks and then defending against them. Personally, I think it’s a good idea. If the NSA’s hackers can’t get in, then nobody can.”

    http://en.wikipedia.org/wiki/Gary_McKinnon

    “The computer networks he is accused of hacking include networks owned by NASA, the US Army, US Navy, Department of Defense and the US Air Force plus one belonging to The Pentagon.”

    This guy was in a London flat using a dialup modem and a copy of PCAnywhere. Dont you feel safer now?

  26. CynicAl says:

    The scariest words you’ll ever hear:

    I’m from the government, we’re here to help.

  27. ECA says:

    25,
    take a step backwards…
    Mail only in 1 format…NOT 10…
    TXT or BIN…ONLY..
    Text format for msgs.
    BIN for binary data..

    If you open and RUN it, its your fault.
    I dont need email grabbing data from SOME site, I dont want, or tracking me for opening it with ActiveX or java.
    Its BS that my email can be used to grab stuff off the net…
    ALSo I would want the FROM address not able to be spooked.

    26,
    and you REALLY think the NSA has the best hackers??
    So, WHAT, I can get 1000 times MORE people that are 1/2 as good and we can burn the world.


0

Bad Behavior has blocked 10574 access attempts in the last 7 days.