

NSA helped with Windows 7 development - ilamont
http://www.computerworld.com/s/article/9141105/NSA_helped_with_Windows_7_development

======
Erwin
NSA has been contributing to Linux development for longer:
<http://www.nsa.gov/research/selinux/>

~~~
joe_the_user
Hmm,

I feel much better about NSA involvement with Linux because of it's open
source nature.

The NSA could be working to patch security holes in Windows or it could be
installing back doors or both. With Linux, it's clear they're patching
security holes/vulnerabilities.

~~~
christopherolah
There's also the small matter of whether they should be using tax payers
dollars to fund the development of a proprietary product. I realise that most
people use Windows but it still leaves a bad taste in my mouth. And I'm not
even American!

~~~
tspiteri
Aren't Microsoft tax payers themselves?

~~~
po
Probably not. I would be surprised if their accounting department has not
found ways to completely offset all of their tax liabilities.

I know they don't pay state tax:
<http://crosscut.com/2008/02/02/microsoft/11167/>

------
cakeface
"Microsoft was not immediately available for comment on the NSA's
participation in Windows 7's development." - This totally sounds like someone
sent an email, waited 5 minutes, and then posted this article.

------
NathanKP
NSA tries to help with practically every project. I remember in Bruce
Schneiner's "Applied Cryptography" he talked about how the NSA worked on
various encryption algorithms in use including the DES tables.

Nobody was quite sure what the NSA did to the tables, but when they came back
they were different. Naturally, there is speculation that they built in
backdoors. (These days it is an obsolete argument anyway as DES has already
been broken by brute force because of its short key length.)

~~~
evgen
Close. The real story is that that the design of the s-boxes in DES appeared a
bit strange to the crypto community, and there were rumors that the NSA had
been involved in selecting the values. Foul play was suspected. It turns out
that the values in the DES s-boxes were very resistant to differential
cryptanalysis, much more than they would have been if they were selected
randomly. Either the NSA knew this technique back in the 70s or the IBM
researchers figured it out and agreed to keep it secret (both claims have been
made); it was not until independent discovery in the 90s that we all learned
why the s-boxes had those specific values.

------
dmoney
Maybe the NSA just wants to make Windows more secure, to make cyber-warfare
harder for everyone else. But assuming the NSA is malicious, it wouldn't need
to install a back door. "Helping" with development gives it access to the
Windows source code. Thus it gets a better shot at finding vulnerabilities it
could exploit. They just need to stay ahead of patches.

------
bdr
The NSA has long advised MS about what crypto systems to include in Windows.
In particular, I heard that MS was advised to support elliptic curve
cryptography within a two-year timeframe, which is shorter than usual, leading
some to speculate about undisclosed flaws in other systems.

------
cmars232
So that's why my PC opened all those TCP connections when I typed in 'ammonium
nitrate'.

------
gcopenhaver
So even with the NSA helping secure Microsoft Windows, there's still lots of
vulnerabilities being found in it all the time.

wow

