Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Releases Super-Secure XP to US Air Force

Posted by ScuttleMonkey on from the true-security-through-obscurity dept.

Wired is reporting that Microsoft is releasing the most secure version of Windows XP ever created, but only if you are the US Air Force. "The Air Force persuaded Microsoft CEO Steve Ballmer to provide it with a secure Windows configuration that saved the service about $100 million in contract costs and countless hours of maintenance. At a congressional hearing this week on cybersecurity, Alan Paller, research director of the Sans Institute, shared the story as an template for how the government could use its massive purchasing power to get companies to produce more secure products. And those could eventually be available to the rest of us. Security experts have been arguing for this "trickle-down" model for years. But rather than wield its buying power for the greater good, the government has long wimped out and taken whatever vendors served them. If the Air Force case is a good judge, however, things might be changing."

15 of 507 comments (clear)

  1. Autorun? by someone1234 · · Score: 5, Funny

    Now i see why they disabled autorun. :D

    --
    Patents Drive Free Software as Hurricanes Drive Construction Industry
    1. Re:Autorun? by TropicalCoder · · Score: 5, Insightful

      You're kidding aren't you? "85 percent of attacks were blocked after the configuration was installed". ...and the remaining 15% were not! The concept of a secure computer running Windows XP is a contradiction in terms. The military needs to do better than this, or China is gonna whup their ass.

    2. Re:Autorun? by tsm_sf · · Score: 5, Insightful

      Wrong analogy. Try: "This bucket has 85% fewer holes than Bucket XP."

      --
      Literalism isn't a form of humor, it's you being irritating.
    3. Re:Autorun? by supernova_hq · · Score: 5, Insightful

      Exactly, locks (unless you pay a shitload for them) are not designed to keep people out. Any locksmith will tell you that the only thing a lock will do is make your neighbours house an easier target.

      Computer security is the same way. You *can* cracl WPA(1/2) encryption, but if you neighbour has his connection open (or is using WEP), you are not likely to become a target.

      The exception, which appears in this situation, is when you are chosen as a target due to a high payoff (military). In this case, simply being harder than your neighbour is NOT going to help you.

    4. Re:Autorun? by nabsltd · · Score: 5, Funny

      I think something like it is already there.

      I hear "bucket, it's XP" all the time around my office.

      What do you mean "you need to get your ear-ring checked?"

    5. Re:Autorun? by timeOday · · Score: 5, Insightful

      99% secure is 100% insecure.

      Holding out for absolute perfection, I see. Let me know when you find it. I'm stuck here on planet Earth where nothing is 100% anything.

    6. Re:Autorun? by Facegarden · · Score: 5, Funny

      The exception, which appears in this situation, is when you are chosen as a target due to a high payoff (military). In this case, simply being harder than your neighbour is NOT going to help you.

      So, what you're saying is, we need to let our economy keep tanking until people would rather hack into Canada?
      -Taylor

      --
      Worldwide Military budgets: $2100 billion. Worldwide Space Exploration budgets: $38 billion. Really, world? Really?
  2. I'll be truly impressed by Anonymous Coward · · Score: 5, Funny

    When the navy puts windows on their ships.

    1. Re:I'll be truly impressed by Amouth · · Score: 5, Funny

      http://gcn.com/Articles/1998/07/13/Software-glitches-leave-Navy-Smart-Ship-dead-in-the-water.aspx?p=1

      i know feeding the trolls - but he wanted to be impressed

      --
      '...if only "Jumping to a Conclusion" was an event in the Olympics.'
  3. I would just love to see... by mdm-adph · · Score: 5, Funny

    ...what they did to make it secure. Is the default wallpaper black with a big picture of a lock on it?

    --
    It is by my will alone my thoughts acquire motion; it is by the juice of the coffee bean that the thoughts acquire speed
  4. It's not a new version, it's just a configuration. by YesIAmAScript · · Score: 5, Informative

    'The Air Force, on the verge of renegotiating its desktop-software contract with Microsoft, met with Ballmer and asked the company to deliver a secure configuration of Windows XP out of the box. That way, Air Force administrators wouldnâ(TM)t have to spend time re-configuring, and the department would have uniform software across the board, making it easier to control and maintain patches.'

    So if you'd like to do it yourself, you can secure your XP too.

    http://nvd.nist.gov/fdcc/fdcc_faq.cfm

    I'm not sure super secure is the right word for this version of XP though, given that there are a lot of security features it is missing that Vista, Windows 7 and some other OSes have.

    --
    http://lkml.org/lkml/2005/8/20/95
  5. MS is probably holding the air force hostage by t0qer · · Score: 5, Interesting

    So I have this on good authority from someone who works there... A few years back the VA decided to start migrating from IIS to apache. At the same time they wanted to migrate file servers as well. When MS caught wind of this, they told the powers that be at the VA, "You drop us, and we'll audit you." Part of the contract MS holds with the VA is they're allowed to perform a license audit any time they want. The VA did its own internal investigation and figured out pretty quickly that MS had them, "Over the barrel" so to speak... I don't think the Air Force really wants to use MS stuff, but if they're in a similar situation as the VA, this doesn't bode well for them. I hope the Obama administration catches wind of this and puts a stop to this practice. It isn't right that my tax dollars are being forced into MS's pockets. I think in these rough economic times our government needs to really start exploring more OSS/free solutions out there.

  6. AF Standard Desktop Configuration by PapaSmurph · · Score: 5, Interesting

    While this was an interesting article, the XP and the Vista versions used by the USAF are the same ones used by the general public. The only differences are the security setting, the firewall configuration, and the user configuration. No one is an admin unless they need to be, and no normal day-to-day work is done in admin mode (same thing you do in Linux, no doubt).

    I didn't know this article was going to be published, but when I found it, I was not surprised by the comments. I've been working on this program for more than 2 years. Users hate it. Developers loathe it. Network security staff loves it.

    Nothing can make Windows (or any other OS) completely secure if it's connected to a network. This is as close as the federal government as ever come.

  7. You too can have your own "Super-Secure" XP setup by jdb2 · · Score: 5, Funny

    It's called running XP in VMware under Linux.

    ( Also, is it just me or does the "XP" after "Super-Secure" look like a smiley representing someone laughing their guts out? )

    jdb2

  8. Re:It's not a new version, it's just a configurati by JATMON · · Score: 5, Insightful

    if you look closely at the article, this is something that the air force did between 2005-2007. so this is actually old news. 'The Air Force began the project in 2005 and finished installing the new configuration on systems in 2007. In contracts with hardware providers it demanded that vendors pre-load the special Windows XP configuration onto systems before delivering them to the Air Force.'