Slashdot Mirror
Microsoft Gets Help From NSA for Vista Security
An anonymous reader writes "The Washington Post is reporting that Microsoft received help from the National Security Agency in protecting the Vista operating system from worms and viruses. The Agency aimed to help as many people as they could, and chose to assist Vista with good reason: the OS still has a 90 percent lock on the PC market, with some 600 million Vista users expected by 2010. From the article: 'The Redmond, Wash., software maker declined to be specific about the contributions the NSA made to secure the Windows operating system ... Microsoft said this is not the first time it has sought help from the NSA. For about four years, Microsoft has tapped the spy agency for security expertise in reviewing its operating systems, including the Windows XP consumer version and the Windows Server 2003 for corporate customers.'"
Information Assurance has long been one of NSA's primary missions. NSA ran the Trusted Product Evaluation Program (TPEP) since 1983, which evaluated off-the-shelf commercial products against standardized security criteria, and employed various experts from government, military, academia, and industry. Contributions or recommendations from TPEP often were incorporated into future iterations of vendor products. The expanded Common Criteria programs, which grew in part out of the US Trusted Computer System Evaluation Criteria (TCSEC, the famous Rainbow Series of security publications), picked up where TPEP left off, now administered by the National Information Assurance Partnership (NAIP) of NSA and NIST.
NSA's Information Assurance Directorate also provides public security configuration guides for many popular applications, operating systems, database servers, routers, and other networking equipment.
Also, don't forget to check out NSA's Security-enhanced Linux (SELinux) (FAQ).
When US computing, communications, and networking implementations are more secure, we all benefit, and NSA contributes to this in its overall mission.