In a gigantic police operation many thousands hackers from a gang calling themselves "Slashdotters" were lifted from their beds and arrested this night for organising a massive DDOS (Distributed Denial Of Service) attack to the main NSA network. It is not yet clear which foreign country payed the leader of this gang known under the name Commander Taco to destabilize the national security of the U.S.
You can actually see the site.
by
paleck
·
· Score: 4
Re:Unplugging the computer...
by
dr_labrat
·
· Score: 3
The problem is not that they had to fork the linux kernel, but rather that they are forced to make do with whatever Microsoft allows them to do to make their servers secure.....
Forking the kernel can be a good thing, and it shows how flexible linux can be...
-- The secret of success is honesty and fair dealing. If you can fake those, you've got it made.
(Marx)
Re:Unplugging the computer...
by
Ambassador+Kosh
·
· Score: 3
Actually you are partly right and mostly wrong. They forked linux not to get it as secure as w2k but to make it a secure operating system. Since they had the source code to work with they have worked on adding features to linux to make it secure in a way that other operating systems can not be guaranteed to be.
With their linux dist they get many eyes looking at it and they can do anything they want with the source code to make it as secure as possible.
Given the choice of mostly secure which the nsa can get with w2k and redoing parts of linux to make it actually secure which would you choose? It seems obvious which one the nsa chose. Also they are more changes in their linux dist then just the kernel.
-- Computer modeling for biotech drug manufacturing is HARD!:)
Re:Unplugging the computer...
by
spectecjr
·
· Score: 5
And they forked linux because they could it being open source and all. They would undoubtedly have done the same with win2k, but they can not because it is closed source.
The NSA has the Win2k source code. It's very easy for universities and other establishments to get the source, slightly less easy for large companies, and slightly less easy still for small companies and individuals (although they're changing this as we speak...)
They finally post a/. article that isnt directly attacking windows - and seemingly people crawl out of the woodwork to provide a kneejerk reaction to the words "Windows" and "Secure".
Heres a small dose of insight, from someone who's beta tested MS operating systems for 5 years (or so.)
Microsoft listens to users suggestions. They may not respond to you, they may not integrate them into the OS. But they do listen. MS does not make an insecure operating system on purpose - Beta testers have a whole newsgroup to focus on security and how to improve it before the final build is released. Its part of their role and responsability to test for exploitable security holes - if you don't think they're doing a good enough job, how about you send a request to betareq@microsoft.com and ask to be on the next beta team for windows. Keep in mind though, they usually only want experienced users and there are checks and balances to make sure you're a functional beta tester - not just someone who enjoys bragging about having teh leet XP build #x.
The beta process is not perfect, IMHO - Bugs do get knocked down (i've thought for a long time they should let the beta testers moderate bugs) and i have an extreme distaste for setting a release date before the beta testers agree that testing is complete. XP is remarkable right now, but not perfect. This part is MS's fault.
If you have an intelligent, well-thought-out, non-kneejerk "windows sucks *chortle*" suggestion/comment regarding windows - you may go to http://www.microsoft.com/mswish/
(p.s. - When you list your beta testing experience, the following line is a bad, bad idea: "I tested (unofficially) Windows XP, 2000, ME, 98SE, 98.... you get the idea. har har har *snort*":)
Re:Unplugging the computer...
by
DaveHowe
·
· Score: 3
I think it would be more appropriate to say they took an OSS product, and modified it to suit what they wanted it to look like - as doing so is one of the strengths of Open Source.
I doubt they actually WANT secure versions of windows out there - several governments seem to be viewing windows with mounting suspicion for official use.... --
--
if you want to make God laugh, tell him your plans
Yet another DDoS attack logged...
by
cperciva
·
· Score: 5
Anyone care to speculate on what DoD's reaction to a full-scale slashdotting would be? Given that they report routine pings and port scans as "attacks" I imagine their reaction to this unsolicited SYN flood would be similarly excessive.
Now, I've worked with security-clearance-required data before. I think it's absolutely fascinating to consider encoding the clearance level and need-to-know requirements into the filesystem. As others have noted, Linux is the only OS extant they could have done this kind of work with.
This is probably the most false claim I've ever seen on Slashdot. SE Linux is based on research into
Capabilities: A concept that is literally over a decade old in OS design as can be seen by the POSIX 1.E standard that never got drafted (although some people prefer to call what POSIX suggested "privileges" and the fact that many operating systems support "encoding clearance into the filesystem and OS" otherwise known as capailities including Spring, EROS, KeyKOS, and Mungi.
Access Control Lists: Again this is an ancient concept which has been implemented in quite a number of OSEs including some versions of Solaris, *BSD and Win2K.
Both of these concepts are things that Linux either does not support or supports in a limited manner. Currently Win2K outshines Linux in the granularity of the permissions and security model and filesystem support for things like encryption. I'm not an OS bigot and run both OSes at home but seeing something so blatantly false and jingoistic just begs to be challenged.
Color me confused. Wouldn't it be fairly simple to force any process or file to have only the permissions of its creator? I thought that in standard-flavor Linux it was impossible for any user to give a file or process permissions beyond the user's own?
That's fairly easy and rather insecure. The hard part is limiting permissions in small chunks to different programs. Basically, the assumption is that any program is potentially hostile so you want them to run with the minimum amount of permissions necessary. For example, just because I can delete files, send emails and edit the registry in Windows doesn't mean that it is the wisest thing to have any script that runs from my email program have the same permissions that I do, the same thing goes for *nix and all those buffer overflow bugs that exploit setuid(). Ideally I should be able to say "start [web server of choice] but the only thing it can do is listen on port 80 and serve read files from directories A, B, and C and everything else is explicitly disallowed to the apache process"
Okay, ignoring the ad-hominem "blatantly false and jingoistic" . . .
Sorry about that, its just sometimes people seem to just be as guilty of spreading FUD as the so-called "evil" corporations that it gets exasperating.
I apologise for those comments.
Now . . . you're saying, if I understand, that the NSA's SE Linux is just hacking the Linux kernel to put in some stuff that's been talked about and even done in other OSes for years?
And stuff that isn't even all that novel for Linux?
Yes and Yes. Actually what regular Linux is implementing (which is different from what the NSA is doing with SE Linux) is POSIX 1.e capabilities or "priviledges" which involves splitting up the permissions typically given to the root user (e.g. can connect to ports under 1024, can mount kernel modules, can change ownership of files, etc) into discrete entities that can be apportioned to other users and processes. This was something that the POSIX folks tried to agree on in the eighties (or is it seventies) but never came to an agreement on how best to implement it. Check out the Linux Capabilities FAQ for more information.
The NSA is working on "true capabilities" which is being able to grant and revoke extremely granular permissions to all objects/entities in the system. This concept is similar to java.policy files being maintained for every entity in the system. Making sure that policies can be tracked in such a manner that they are revokable is the most difficult part (e.g. if I lose permissions to connect on a certain port or write to a certain file, then every process or file that I've created should lose those permissions as well).
Okay, ignoring the ad-hominem "blatantly false and jingoistic" . . .
I am a rank newbie into the world of Linux/Unix/POSIX/etc. Please treat what you see as deceit and jingoism as pure, unabashed ignorance. It may not be an excuse for breaking the law, but from what I've seen it's a good enough excuse to post on/.;)
I'm posting from a Win98 machine at the moment because, quite frankly, I'm more comfortable with it. I'm not particularly an OS bigot either. I just plain didn't (and still don't) know anything about any of those other projects.
On the one hand, thank you for pointing out to me the factual errors in my assumptions and suppositions, but on the other, I guess I'd appreciate if you'd not attribute to malice what can be adequately explained by stupidity. Perhaps it's a rarity to find someone who readily admits to it, but I'm much more interested in learning new things than mud-slinging and name-calling.
Now . . . you're saying, if I understand, that the NSA's SE Linux is just hacking the Linux kernel to put in some stuff that's been talked about and even done in other OSes for years? And stuff that isn't even all that novel for Linux?
-- -- Robert Bunn, gun-toting neo-Nazi anarchist redneck freak
Unplugging the computer...
by
Carnage4Life
·
· Score: 5
Interesting, there are about 18 comments as I post this and over half are jokes about unplugging the computer to make it safe. The truth of the matter is that by NSA guidelines no popular operating system is secure enough out of the box and has to be extremely looked down.
What is perhaps even more interesting is that at least Win2K can be secured to a level that is suitable for the NSA, they actually had to fork the Linux kernel to get the same functionality out of Linux.
--
Re:Unplugging the computer...
by
adalger
·
· Score: 3
Okay, posting before investigating the link is lame. So I know I'm lame.
However, I went and checked the link. They didn't "fork the kernel to get it secure enough for them." They performed some research and experimentation in secure treatment of sensitive data being integrated into an operating system. This is vastly different from the kind of security being discussed in the referenced info on Win2k.
Now, I've worked with security-clearance-required data before. I think it's absolutely fascinating to consider encoding the clearance level and need-to-know requirements into the filesystem. As others have noted, Linux is the only OS extant they could have done this kind of work with.
I don't think anything they might have added would necessarily outright interfere with the main tree, but it would almost certainly create completely unnecessary overhead for most desktop users. OTOH, it might be a big bonus for corporations concerned about industrial espionage to have such features available.
-- -- Robert Bunn, gun-toting neo-Nazi anarchist redneck freak
This is only to be used for non-spying means. Really. There is no need for users to worry about invasion of privacy as we at the NSA are above that.
Additionally, please ensure that you give your files clear names such as "Nuke blueprints" or "Kiddie Porn". We suggest this purely to help you organise your file system.
--
A (possible) side note from NSA ...
by
Aceticon
·
· Score: 3
If you forget the administrative password just phones us and we'll get it for you!
Different goals, different OS'
by
Jetifi
·
· Score: 3
Um. May I suggest you read this document which explains the philosophy behind the kernel modifications.
Securing Windows 2000 and 'forking' (actually patching) the Kernel were both done with different goals.
In a nutshell, the modifications done to the kernel were done to impliment the 'Flask' security architecture, which (mainly) is about separation between setting and enforcing security policies, and how this is applied to the various types of resources. In addition, SELinux was the by-product of a research project, and is not used operationally by the NSA.
The suggested configurations for Windows 2000 have different goals, and is not a handbook for implimenting the Flask architecture on Windows 2000.
Backdoors are possible in Open Source - if you put them in the compiler.
Suppose I set up a website with my new compiler. I give a binary download and a source download. What I don't tell people is that the binary download contains extra code which adds a backdoor to the software it compiles. It also recognises when it is compiling itself and adds all this extra code.
So now you've got a corrupt compiler which generates back doors.
Of course you have to persuade someone to download the binary compiler first. But if they're working on a system without a compiler - that's exactly what they'll do. Or they installed the compiler direct from the CD.
I'm afraid the only way to 100% sure that your compiler is not corrupt in this way is to write your own. At least one that's good enough to compile another one.
We've been using these "Security Baselines" as we call them in our organization for a while.
We have a *LOT* of Win2K boxes spread over a continent, and whenever one's compromised, we always find that the administrator or operator was not following the baseline. I don't know of any baselined machines being compromised.
Reams of NSA information on how to make your Win2k box "secure" just points out that Win2k was not meant for the large majorities of home users. Microsoft expects your Win2k system to be operated in a network. This includes allowing remote users to access your registry, view your clipbook, browse your directory, or connect to it via Telnet, right out of the box. It is not set up by default to be the gateway computer to the net.
I came up with a step-by-step checklist a while back for all my friends that were running non-networked Win2k home systems directly connected to the net. I don't know how good an idea it was to give step-by-step directions on how to change registry settings, but hey, no one has locked themselves out of their computer yet (at least that I know of). You can see it here:
http://www.gpick.net/sbr/security/w2ksecuritytips. htm
Their web site is so secure that I can not even look at it.
-CrackElf
-- "Blake is an idealist, Jenna. He cannot afford to think." - Kerr Avon, Star One, Blakes 7
Some very true, but old-hat, stuff
by
adalger
·
· Score: 3
Only open digitally signed Word documents received from trusted individuals via trusted paths. This is Microsoft's preferred security solution. While this can guarantee the source of the document, it does not guarantee that the trusted source was free of infection when
the document was sent.
Not to be a knee-jerk basher, but does it really surprise anyone that MS's preferred solution is inadequate?
Macro viruses pose a serious threat to Microsoft Office users. The best defense is to be alert to the danger, and to trust no document that was externally created.
Okay . . . and this the NSA spent years researching and deciding on? I mean . . . okay. I don't suppose they've got a bunch of chimps randomly banging on keyboards over there, but . . . well, it would seem that perhaps the Great and Powerful NSA could come up with something a little better than "Look both ways before crossing the street and don't talk to strangers."
-- -- Robert Bunn, gun-toting neo-Nazi anarchist redneck freak
Re:Really clever posts here
by
species267
·
· Score: 3
Agreed name calling is a little low, but Linux can be secured and is used in big old nokia firewalls used by the likes of BT, admittedly they stick on a number of 3rd party/proprietry software to sure things up, but most operationg systems need that.(do you run zone alarm or similar on win 2K?)
I have run win 2000 pro as well, its nice enough, and stable(I didn't run it for too long), no real complaints except the cost.
as for good software, it is out there, it just means you have to look thurther than PC world, and if you still can not find what you want, find a software company that can produce it for you - I can almost gaurentee that if you want it someone else will to.
- note I use OpenBSD rather than Linux (but thats my current personal preference)
- those who can spell care, those who can't don't -
Slashdot Mirror
In a gigantic police operation many thousands hackers from a gang calling themselves "Slashdotters" were lifted from their beds and arrested this night for organising a massive DDOS (Distributed Denial Of Service) attack to the main NSA network. It is not yet clear which foreign country payed the leader of this gang known under the name Commander Taco to destabilize the national security of the U.S.
For some reason you have to go to http://www.nsa.gov/winsecurity and then proceed from there.
The problem is not that they had to fork the linux kernel, but rather that they are forced to make do with whatever Microsoft allows them to do to make their servers secure.....
Forking the kernel can be a good thing, and it shows how flexible linux can be...
The secret of success is honesty and fair dealing. If you can fake those, you've got it made. (Marx)
Actually you are partly right and mostly wrong. They forked linux not to get it as secure as w2k but to make it a secure operating system. Since they had the source code to work with they have worked on adding features to linux to make it secure in a way that other operating systems can not be guaranteed to be.
With their linux dist they get many eyes looking at it and they can do anything they want with the source code to make it as secure as possible.
Given the choice of mostly secure which the nsa can get with w2k and redoing parts of linux to make it actually secure which would you choose? It seems obvious which one the nsa chose. Also they are more changes in their linux dist then just the kernel.
Computer modeling for biotech drug manufacturing is HARD!
And they forked linux because they could it being open source and all. They would undoubtedly have done the same with win2k, but they can not because it is closed source.
The NSA has the Win2k source code. It's very easy for universities and other establishments to get the source, slightly less easy for large companies, and slightly less easy still for small companies and individuals (although they're changing this as we speak...)
Simon
Coming soon - pyrogyra
They finally post a /. article that isnt directly attacking windows - and seemingly people crawl out of the woodwork to provide a kneejerk reaction to the words "Windows" and "Secure".
:)
Heres a small dose of insight, from someone who's beta tested MS operating systems for 5 years (or so.)
Microsoft listens to users suggestions. They may not respond to you, they may not integrate them into the OS. But they do listen. MS does not make an insecure operating system on purpose - Beta testers have a whole newsgroup to focus on security and how to improve it before the final build is released. Its part of their role and responsability to test for exploitable security holes - if you don't think they're doing a good enough job, how about you send a request to betareq@microsoft.com and ask to be on the next beta team for windows. Keep in mind though, they usually only want experienced users and there are checks and balances to make sure you're a functional beta tester - not just someone who enjoys bragging about having teh leet XP build #x.
The beta process is not perfect, IMHO - Bugs do get knocked down (i've thought for a long time they should let the beta testers moderate bugs) and i have an extreme distaste for setting a release date before the beta testers agree that testing is complete. XP is remarkable right now, but not perfect. This part is MS's fault.
If you have an intelligent, well-thought-out, non-kneejerk "windows sucks *chortle*" suggestion/comment regarding windows - you may go to http://www.microsoft.com/mswish/
(p.s. - When you list your beta testing experience, the following line is a bad, bad idea: "I tested (unofficially) Windows XP, 2000, ME, 98SE, 98.... you get the idea. har har har *snort*"
I think it would be more appropriate to say they took an OSS product, and modified it to suit what they wanted it to look like - as doing so is one of the strengths of Open Source. I doubt they actually WANT secure versions of windows out there - several governments seem to be viewing windows with mounting suspicion for official use....
--
-=DaveHowe=-
The site nsa.gov is running Apache/1.3.11 (Unix) on Solaris.
if you want to make God laugh, tell him your plans
Anyone care to speculate on what DoD's reaction to a full-scale slashdotting would be? Given that they report routine pings and port scans as "attacks" I imagine their reaction to this unsolicited SYN flood would be similarly excessive.
Tarsnap: Online backups for the truly paranoid
Funny, I thought it was "CIAagentsareweenies".
This is probably the most false claim I've ever seen on Slashdot. SE Linux is based on research into
- Capabilities: A concept that is literally over a decade old in OS design as can be seen by the POSIX 1.E standard that never got drafted (although some people prefer to call what POSIX suggested "privileges" and the fact that many operating systems support "encoding clearance into the filesystem and OS" otherwise known as capailities including Spring, EROS, KeyKOS, and Mungi.
- Access Control Lists: Again this is an ancient concept which has been implemented in quite a number of OSEs including some versions of Solaris, *BSD and Win2K.
Both of these concepts are things that Linux either does not support or supports in a limited manner. Currently Win2K outshines Linux in the granularity of the permissions and security model and filesystem support for things like encryption. I'm not an OS bigot and run both OSes at home but seeing something so blatantly false and jingoistic just begs to be challenged.--
Interesting, there are about 18 comments as I post this and over half are jokes about unplugging the computer to make it safe. The truth of the matter is that by NSA guidelines no popular operating system is secure enough out of the box and has to be extremely looked down.
What is perhaps even more interesting is that at least Win2K can be secured to a level that is suitable for the NSA, they actually had to fork the Linux kernel to get the same functionality out of Linux.
--
This is only to be used for non-spying means. Really. There is no need for users to worry about invasion of privacy as we at the NSA are above that.
Additionally, please ensure that you give your files clear names such as "Nuke blueprints" or "Kiddie Porn". We suggest this purely to help you organise your file system.
If you forget the administrative password just phones us and we'll get it for you!
Um. May I suggest you read this document which explains the philosophy behind the kernel modifications.
Securing Windows 2000 and 'forking' (actually patching) the Kernel were both done with different goals.
In a nutshell, the modifications done to the kernel were done to impliment the 'Flask' security architecture, which (mainly) is about separation between setting and enforcing security policies, and how this is applied to the various types of resources. In addition, SELinux was the by-product of a research project, and is not used operationally by the NSA.
The suggested configurations for Windows 2000 have different goals, and is not a handbook for implimenting the Flask architecture on Windows 2000.
Backdoors are possible in Open Source - if you put them in the compiler.
Suppose I set up a website with my new compiler. I give a binary download and a source download. What I don't tell people is that the binary download contains extra code which adds a backdoor to the software it compiles. It also recognises when it is compiling itself and adds all this extra code.
So now you've got a corrupt compiler which generates back doors.
Of course you have to persuade someone to download the binary compiler first. But if they're working on a system without a compiler - that's exactly what they'll do. Or they installed the compiler direct from the CD.
I'm afraid the only way to 100% sure that your compiler is not corrupt in this way is to write your own. At least one that's good enough to compile another one.
We've been using these "Security Baselines" as we call them in our organization for a while.
We have a *LOT* of Win2K boxes spread over a continent, and whenever one's compromised, we always find that the administrator or operator was not following the baseline. I don't know of any baselined machines being compromised.
Use these; they're a Good Thing.
1:40am PDT, and you guys have slashdotted the NSA, I am so proud of you all :)
Reams of NSA information on how to make your Win2k box "secure" just points out that Win2k was not meant for the large majorities of home users. Microsoft expects your Win2k system to be operated in a network. This includes allowing remote users to access your registry, view your clipbook, browse your directory, or connect to it via Telnet, right out of the box. It is not set up by default to be the gateway computer to the net. I came up with a step-by-step checklist a while back for all my friends that were running non-networked Win2k home systems directly connected to the net. I don't know how good an idea it was to give step-by-step directions on how to change registry settings, but hey, no one has locked themselves out of their computer yet (at least that I know of). You can see it here: http://www.gpick.net/sbr/security/w2ksecuritytips. htm
Their web site is so secure that I can not even look at it.
-CrackElf
"Blake is an idealist, Jenna. He cannot afford to think." - Kerr Avon, Star One, Blakes 7
Not to be a knee-jerk basher, but does it really surprise anyone that MS's preferred solution is inadequate?
Okay . . . and this the NSA spent years researching and deciding on? I mean . . . okay. I don't suppose they've got a bunch of chimps randomly banging on keyboards over there, but . . . well, it would seem that perhaps the Great and Powerful NSA could come up with something a little better than "Look both ways before crossing the street and don't talk to strangers."
-- Robert Bunn, gun-toting neo-Nazi anarchist redneck freak
Agreed name calling is a little low, but Linux can be secured and is used in big old nokia firewalls used by the likes of BT, admittedly they stick on a number of 3rd party/proprietry software to sure things up, but most operationg systems need that.(do you run zone alarm or similar on win 2K?)
I have run win 2000 pro as well, its nice enough, and stable(I didn't run it for too long), no real complaints except the cost.
as for good software, it is out there, it just means you have to look thurther than PC world, and if you still can not find what you want, find a software company that can produce it for you - I can almost gaurentee that if you want it someone else will to.
- note I use OpenBSD rather than Linux (but thats my current personal preference)
- those who can spell care, those who can't don't -