Slashdot Mirror

← Back to Stories (view on slashdot.org)

U.S. Gov't Planning To "Help Us" Secure Computers

Posted by timothy on from the friends-like-these dept.

BahdKo writes: "CNN reported today in this article that the U.S. government is working out a plan to help protect Cyberspace from attacks by "hackers and terrorists." This plan will include the distribution of government-provided software to help clean up insecure Windows installations. It's hard to picture myself executing government provided software on my workstation (we were supposed to be *increasing* the security of the PC's, right?)"

11 of 446 comments (clear)

  1. Website by Anonymous Coward · · Score: 1, Informative

    For more info, including pdf docs and downloadable programs, see: http://www.cisecurity.org/bench_win2000.html

  2. US Gov't does make one good piece of software by Anonymous Coward · · Score: 1, Informative

    This is the best Windows software for time synching I've found. It's free too!

    http://www.boulder.nist.gov/timefreq/service/its .h tm

  3. The tools can be found here by Global-Lightning · · Score: 5, Informative

    http://www.cisecurity.org/

    And to clarify alot of paranoia,
    These tools were built in conjunction with the Federal government, major manufacturers, service providers and academia. The are basically scanners that look for the most common vulnerabilities on systems. And no, you're not installing an NSA/CIA/FBI/TLA backdoor onto your system.

  4. NSA Security Recommendations by ShaunC · · Score: 4, Informative
    The article mentions:
    Clarke spoke to reporters as well as government and corporate officials to announce government-wide standards for securing Microsoft's Windows 2000, the most commonly used operating system for government and corporate computers.

    The Pentagon, the National Security Agency and other private and government organizations devised the standards.
    The NSA's security recommendations for Win2K have been available to the public for some time now. See here. They've also published security guides for NT and Cisco routers, as well as "best practice" suggestions for dealing with email and executables, see here. Yes, that's really an NSA site; I don't know why it's not hosted where you'd expect it to be.

    Shaun
    --
    Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
  5. government isn't that bad by Xzzy · · Score: 5, Informative

    > (we were supposed to be *increasing* the security of the PC's, right?)

    I mean if the government was that incompetent, we'd already know who really killed JFK, right? ;)

    At any rate, I happen to work for the government, and I've also held a few commercial jobs, and speaking on a reletivity scale, the government network has a much better security model than any place I've ever worked.

    They also have a fanatical security "reaction" team that enforces security policy, scours vulnerability lists, and watches logs daily for signs of intrusions. When that apache hole came out a few weeks ago.. they gave every website at the facility about three days to fix it, otherwise they would start black hole-ing ports of machines running unpatched servers.

    Now whether we're an exception or a rule I'm not qualified to state, but the government isn't quite as stupid as you're suggesting. ;)

  6. huh? by finkployd · · Score: 5, Informative

    I understand the reason but I do not understand the execution. Ignoring all "magic lantern" issues, this is just the wrong way to fix it. The government and some companies (Chevron??!) are going to audit the security of Windows, find the flaws and distribute a program to alter it so they are fixed...

    This is easier than just asking Microsoft to design a secure version of Windows? Come on, you already found them guilty of being a monopoly, perhaps a nice sentence would be "make a secure version of Windows".

    If Windows insecurity is such a threat to homeland defense, shouldn't the government be cracking down on the company making the laughably insecure software? Or perhaps simply not using it since it is (by the government's own admission) insecure?

    Or just demand the source code and distribute their own secure version. It worked with NSA-Linux :)

    Finkployd

  7. I feel the same sorta way about SELinux by Mysticalfruit · · Score: 2, Informative

    I've downloaded and looked at it, but I haven't really brought myself to install it.

    I'm sure it's legit through and through, but my Orwellian tendancies flare up when I think about patching the kernel of my machine with something developed by one of the most secretive organizations on the planet, whose primary job is snooping on everybody and everything...

    It's really not the place for the goverment to encouraging people to start installing goverment sanctioned patches. If your a goverment agency, that's a different matter. What the goverment should do is lean very hard on those who are providing unsecure software and enviroments.

    Here's the problem I have...
    The Senate and House of represenatives are way too friendly with big business (read: DMCA/SSCEA), this includes the current administration as well... What this means is that I don't trust them to not put all kinds of provisions to entitle them to stomp all over my civil and constitutional rights based on the premise that they're doing the common good... 'cause their not, they're merely ensuring that the current regime keeps it monopolyies.

    --
    Yes Francis, the world has gone crazy.
  8. Standards Documents by Atryn · · Score: 2, Informative

    Check out the Center for Internet Security where you will find posted the new Win2k and WinNT standard benchmark. Interestingly enough, there have already been benchmarks for other systems, such as Linux.

    --
    Come play Moral Decay!
  9. Why? by Psx29 · · Score: 2, Informative

    Why can't you just use the already provided NSA guidelines to secure your windows machine.

  10. Outraged Conservative here. by Erris · · Score: 3, Informative
    JFK? Who cares about a single man?

    We are talking about the most massively unAmerican activity since voluntary compliance income taxes. The government wants me to install software on my computer, specific to a certian insecure comercial operating system I don't trust to begin with. No fucking way. At any rate, I happen to work for the government, and I've also held a few commercial jobs, and speaking on a reletivity scale, the government network has a much better security model than any place I've ever worked

    They got M$? They are incompetent, fanatical or not because they can not possibly autit all of M$'s massive core of crap, nor can they trust the tools M$ provides them. M$ has no security at all.

    This new uberpatch will NEVER accomplish it's stated goal. IT WILL BE A CARNIVORE that uses your machine's cycles to do it's dirty work. There's an obvious cure for this, the use of free audited operating systems. If they would come out and advise that I'd be much much happier, and NO I don't need your stinking secret patch.

    Remember the fourth amendment? You know, security in your personal papers and effects? This is NOT the kind of security the the bill of rights had in mind.

    Mr. Ashcoft, I call on you to remember your oath of office to uphold the constitution of the United States of America. Let me remind you exacly what you swore to uphold:

    The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

    --
    DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
  11. eh... by MenTaLguY · · Score: 3, Informative

    Given debuggers and disassemblers, people are going to "read" it anyway. But there's no sense in them being spiteful about withholding source.

    --

    DNA just wants to be free...