Microsoft today denied that it has built a backdoor into Windows 7, a concern that surfaced yesterday after a senior National Security Agency (NSA) official testified before Congress that the agency had worked on the operating system.
“Microsoft has not and will not put ‘backdoors’ into Windows,” a company spokeswoman said, reacting to a Computerworld story Wednesday.
On Monday, Richard Schaeffer, the NSA’s information assurance director, told the Senate’s Subcommittee on Terrorism and Homeland Security that the agency had partnered with the developer during the creation of Windows 7 “to enhance Microsoft’s operating system security guide.”
Source: Computerworld
The National Security Agency helped Microsoft harden Windows 7 against attacks and is providing similar assistance to Apple, Sun Microsystems and Red Hat too, an agency official said.
The admission came in prepared remarks delivered Tuesday by Richard Schaeffer, the NSA’s information assurance director, at a hearing before the Senate’s Subcommittee on Terrorism and Homeland Security.
“Working in partnership with Microsoft and elements of the DoD, NSA leveraged our unique expertise and operational knowledge of system threats and vulnerabilities to enhance Microsoft’s operating system security guide without constraining the user’s ability to perform their everyday tasks, whether those tasks are being performed in the public or private sector,” Schaeffer stated.
“All this was done in coordination with the product release, not months or years later during the product lifecycle
Full article at: The Register
Filed under Security
Tagged as cybersecurity, NSA
Computer systems with proper security and network controls should be able to withstand about 80 percent of known cyberattacks, according to a senior National Security Agency official.
There are common steps that people could take to bolster computer security and make it more difficult for would-be-hackers to gain access, Richard Schaeffer Jr., the NSA’s information assurance director, told the Senate Judiciary Committee’s Terrorism and Homeland Security Subcommittee today. He identified three measures in particular as being especially effective.
“We believe that if one institutes best practices, proper configurations [and] good network monitoring that a system ought to be able to withstand about 80 percent of the commonly known attack mechanisms against systems today,” Schaeffer said in his testimony. “You can actually harden your network environment to raise the bar such that the adversary has to resort to much, much more sophisticated means, thereby raising the risk of detection.”
Full article at: GCN
