Slashdot Mirror

← Back to Stories (view on slashdot.org)

NSA Advises Upgrade To Windows 7

Posted by timothy on from the even-with-the-new-openbsd dept.

An anonymous reader writes "In a document available from the NSA (warning, PDF file), that organisation advises users to upgrade to Windows 7 as part of their Best Practice for Securing a Home Network. No mention of BSD or Linux so I guess the Slashdot crowd will just have to bite the bullet and change operating systems if they want to be really secure."

23 of 377 comments (clear)

  1. So... by msauve · · Score: 5, Funny

    this means that there's an even better backdoor for the NSA in Win7?

    --
    "National Security is the chief cause of national insecurity." - Celine's First Law
    1. Re:So... by black3d · · Score: 3, Insightful

      The backdoor in XP only gives them a master algorithm for decrypting anything protected with the tools provided with the OS. Perhaps in 7 either, 1) they've developed a method of recording keys for any encryption taking place (fairly unlikely as very easily detected), 2) Windows 7 automatically records hashes for hidden volumes when data on them is accessed (more likely, noticing a hash is in use in the reading of data on a volume by a third-party process, eg, truecrypt.dll, and they don't even need to capture the crypto-keys - also less detectable - while folks know their crypto-keys, not many know their hash by heart and wouldn't notice it being copied in memory), 3) something else I haven't thought of, 4) they actually care about your security - but given the organisation and their goals this is _extremely_ unlikely.

      Disclaimer: I may have not used the correct terminology in places. Feel free to correct mis-used words, but try to do so without insulting my mother, my nerd-status, or my intellect - this merely isn't my field of expertise.

      --
      "The true measure of a person is how they act when they know they won't get caught." - DSRilk
    2. Re:So... by Anonymous Coward · · Score: 5, Funny

      The backdoor in XP only gives them a master algorithm

      It's actually a master key. The algorithm is well known, and is publicly available (like your mother).

      something else I haven't thought of

      Like Microsoft and Intel working together, to add a backdoor at the processor level? You should have thought of that. Hand in your badge, you're not a real nerd.

      they [Microsoft] actually care about your security

      You're such a dumbass.

      ...without insulting my mother, my nerd-status, or my intellect

      oops

    3. Re:So... by Black+Parrot · · Score: 3, Insightful

      The backdoor in XP only gives them a master algorithm for decrypting anything protected with the tools provided with the OS. Perhaps in 7 either, 1) they've developed a method of recording keys for any encryption taking place (fairly unlikely as very easily detected), 2) Windows 7 automatically records hashes for hidden volumes when data on them is accessed (more likely, noticing a hash is in use in the reading of data on a volume by a third-party process, eg, truecrypt.dll, and they don't even need to capture the crypto-keys - also less detectable - while folks know their crypto-keys, not many know their hash by heart and wouldn't notice it being copied in memory), 3) something else I haven't thought of, 4) they actually care about your security - but given the organisation and their goals this is _extremely_ unlikely.

      I'd be utterly unsurprised if the NSA or other "security" agencies aren't heavily vested in backdoors for closed-source software, but I suspect what's actually going on here is that they see the end of XP support looming, they know how slow people are to upgrade, and they don't want the country filled with machines that aren't getting security updates anymore. We're easy enough a target now; anyone with the least concern for security must dread the possibility of it getting worse.

      Disclaimer: I may have not used the correct terminology in places. Feel free to correct mis-used words, but try to do so without insulting my mother, my nerd-status, or my intellect - this merely isn't my field of expertise.

      Too bad you didn't turn out to be an ultra-smart nerd, like your mother.

      --
      Sheesh, evil *and* a jerk. -- Jade
  2. awful summary by Anonymous Coward · · Score: 5, Insightful

    way to be a teenage provocative troll

    1. Re:awful summary by black3d · · Score: 4, Interesting

      Are Timothy and Kdawson different people, or merely alter egos?

      --
      "The true measure of a person is how they act when they know they won't get caught." - DSRilk
  3. Considering who this is talking about, so what? by Derekloffin · · Score: 5, Insightful

    This is talking to your average home user, and guess what, Linux is not exactly a popular desktop OS. It certainly has it's draw, but switching over to it just is a non-starter for most people. You'll also note they talked about Mac OS upgrades too, not just windows 7. Windows 7 upgrade was mentioned specifically if they were already using a windows OS.

    1. Re:Considering who this is talking about, so what? by Black+Parrot · · Score: 3, Funny

      Oops sorry. Just read TFA. :\

      Now *that* will spoil the Slashdot Experience.

      --
      Sheesh, evil *and* a jerk. -- Jade
    2. Re:Considering who this is talking about, so what? by bmo · · Score: 3, Insightful

      Ah yes, the 15 year old argument that Linux is too difficult to use for the ordinary home user, who surfs the net, does his checkbook, writes papers for school, and other generic tasks that can be done on a Linux platform without any arcane pounding on the keyboard at a command prompt.

      Let me tell you about Uncle Joe. Uncle Joe is a guy from the Old Country (TM). Specifically, Madiera. He's a machinist and a damn good one at that. His education stopped at the 8'th grade, as it did in Madiera. He was curious about Linux so I installed it for him. His wife's computer was untouched.

      His reaction? "I don't see why it's supposedly so hard, it's just like Windows"

      That was 4 years ago. He has yet to go back.

      His experience is so trouble free, he bought a new machine and told the salesman "No, I don't need to upgrade Windows to Ultimate, I'm going to install Linux" - which he did without my help. I would say that the Uncle Joe Experiment was a resounding success.

      The only thing that is still difficult on Linux is running Windows games. But then that argument means that Windows is just a gaming OS and I don't think you want to go there.

      It's not the 90s anymore, dude.

      --
      BMO

    3. Re:Considering who this is talking about, so what? by dudpixel · · Score: 3, Insightful

      Good luck getting mum to install windows either.

      what was your point again?

      so if you went to the store and they installed linux for you, how is that different?

      --
      This seemed like a reasonable sig at the time.
  4. Misleading summary by whoever57 · · Score: 5, Insightful

    The article suggests that, if your are running Windows, that you upgrade to Windows 7 or Vista.

    It also has advice for MAC users.

    Just because it has no advice for Linux or BSD users doesn't mean that the article suggests that Linux or BSD users should switch to Windows.

    [But you all knew that -- whenever are /. summaries accurate?]

    --
    The real "Libtards" are the Libertarians!
    1. Re:Misleading summary by AHuxley · · Score: 4, Insightful

      For the BSD users http://cryptome.org/0003/fbi-backdoors.htm
      The NSA would not really care what OS you use, its all networking in plain text and a known ip to them.
      64 bit Windows 7 just reduces the malware and provides a cleaner network.

      --
      Domestic spying is now "Benign Information Gathering"
  5. The NSA was addressing 99% of people by betelgeuse68 · · Score: 4, Insightful

    Not the 1% who use LINUX desktops. Spare me the trolling. I like Ubuntu a lot, but I'm a tech person. Most people aren't, get over it.

    1. Re:The NSA was addressing 99% of people by betterunixthanunix · · Score: 4, Interesting

      Which is not to mention that the NSA has done more to contribute to the security of the Linux kernel than they have (at least as far as is publicly acknowledged) done for Windows: SELinux.

      --
      Palm trees and 8
  6. NSA by 0123456 · · Score: 5, Informative

    The NSA have an excellent guide for securing Linux systems (particularly Redhat, but much is applicable to all distros), so they're hardly Windows-centric.

    1. Re:NSA by Anonymous Coward · · Score: 3, Funny

      Here you go: NSA securing linux guide

    2. Re:NSA by Black+Parrot · · Score: 3, Funny

      The NSA have an excellent guide for securing Linux systems (particularly Redhat, but much is applicable to all distros), so they're hardly Windows-centric.

      They also have developed a staple of (a) modern Linux security architecture, namely SELinux.

      Do they have one for people who live in the northwest?

      --
      Sheesh, evil *and* a jerk. -- Jade
  7. how did this happen? by Bizzeh · · Score: 3, Insightful

    how did the NSA recommending that WINDOWS USERS upgrade to the latest version of WINDOWS. turn into a linux story?

    --
    portfolio
  8. Goddamnit Slashdot by atomicbutterfly · · Score: 5, Insightful

    Windows 7 IS a worthy upgrade from XP - certainly from the security point of view. I have helped people with transitions from XP/Vista to 7 and found an almost unanimous praise for it. Given the choice, people preferred 7 for reasons of aesthetics, functionality and robustness.

    The longer the Linux crowd believes that Microsoft can not make decent quality (once in a while at least), the longer they'll fail to make any changes which might someday resolve the issues that push people away from Linux.

  9. RTFA by Stormy+Dragon · · Score: 3, Informative

    No, the NSA recommends that you use a "modern OS" and then gives Windows Vista and Windows 7 as examples. Nothing suggests they consider these the only modern OS's in existence.

  10. Re:I don't wear a tinfoil hat, but.. by Mitsoid · · Score: 3, Insightful

    It would be unreasonable to expect Grandma & grandpa who barely know how to turn on a computer to learn Linux...

    "For securing a home network" = Basic computer skills, not the linux lovers (unless linux becomes more wide spread and taught to people)... so Compared to Windows 2000/Vista/etc.. recommending people use 7 for Home Networks (as in, those not in the slashdot community) is a perfectly reasonable suggestion

  11. Re:I don't wear a tinfoil hat, but.. by Omnifarious · · Score: 3, Funny

    t would be unreasonable to expect Grandma & grandpa who barely know how to turn on a computer to learn Linux...

    This is on oft repeated fallacy. And it is a fallacy. There is nothing harder for 'grandma and grandpa' about Linux vs. Windows. Especially if they don't already know Windows. My computer-literate, non-programmer friends who want technical support from me use Linux, and I hardly ever get a call.

    --
    Need a Python, C++, Unix, Linux develop
  12. Bad summary by Wyatt+Earp · · Score: 5, Informative

    I guess no one involved in green lighting this read the PDF.

    The NSA pamphlet was only for Windows and Mac users, it didn't mention migrating to LINUX or BSD because it wasn't about alternative OSes, just what current users should go to.

    They have a bunch of these fact sheets, shocking the securing iPhones and iPads one doesn't talk about migrating to Android or Win 7.
    http://www.nsa.gov/ia/guidance/security_configuration_guides/fact_sheets.shtml