Shark Bait

Knowledge Centers

Operating Systems

Networking & Internet

Mobile & Wireless

Security

Storage

Business Intelligence

Servers & Data Center

Computerworld Reports

Industry

See your link here

C. J. Kelly

A Day in the Life of an Information Security Officer

The NSA doesn't need a backdoor to Vista

20 comments

IT TOPICS:Security

Don't get too excited when you read the Washington Post story about Microsoft working with the National Security Agency on Vista security. I don't think the NSA actually has the time or desire to create an operating system backdoor so it can spy on citizens, which is somewhat inferred here.

And here, Schneier says "A few years ago I was ready to believe the NSA recognized we're all safer with more secure general-purpose computers and networks, but in the post-9/11 take-the-gloves-off eavesdrop-on-everybody environment, I simply don't trust the NSA to do the right thing."

Okay, let's do a little calculating, shall we? The Post story says,

Windows commands more than 90 percent of the worldwide market share in desktop operating systems, and Vista, which is set to be released to consumers Jan. 30, is expected to be used by more than 600 million computer users by 2010, according to Al Gillen, an analyst at market research firm International Data.

I have no idea how many Windows systems are actually connected to the Internet as we speak, but having backdoor access to a gazillion personal computers doesn't sound very efficient when there are so many other ways to eavesdrop. Who needs backdoor access? Most hackers don't need a handy-dandy built-in backdoor. The NSA doesn't need one either. I would hope they are smarter than that, there in the security think tank with a federal budget behind them.

Why do we think that our own government has even the time to spy on us regular people? It is because we have this basic fear that some day we will not be free and that our government will become the evil empire and that the more power we give to our government, the more at risk we become. It's the basic distrust we have that actually keeps us as free as we are. A terribly difficult balance to achieve. You don't mind someone invading your privacy for a good reason if you trust them. If you don't trust them, you shoot them as soon as they step over the threshold. That's our mentality.

The sky is not falling. The NSA has better things to do. And besides, the bad guys are all probably on Linux.

Email this

Digg this

What People Are Saying

Add new comment

The Gestapo Loves You

Submitted by Ian on September 12, 2008 - 8:45 A.M.

Technically prior to the so called "patriot act" (patriotard act) is has been it is illegal for the US government to spy on its citizens. The way it works is that the NSA builds the back door and the British equivalent (GCHQ) of the NSA does the actual spying. The reverse is true for the British, the NSA collects information on British people and the forwards it to the GCHQ. See, all nice and legal like.

As far as the Washington post article... All it really tells you is that the American people aren't going to do a darn thing about it. Take American Idol off the air and you'd unleash a crap storm. Build NSA back doors into their PC's and they hardly rattle their chains.

Reply | Report this comment

I don't trust neither

Submitted by software downloads on August 3, 2008 - 9:01 P.M.

I don't trust neither Microsoft nor the NSA not to build in backdoors..

One should also note that it was the NSA who developed SELinux. An implementation for a new security model that toughens computers against attackers, including the NSA of course.

Reply | Report this comment

Yes, since the code's being

Submitted by entroper on October 5, 2007 - 11:45 A.M.

Yes, since the code's being actively scrutinized by many grey and black hats, if it's there, there will be attempts to open it 'real soon now', and we'll all know about it shortly thereafter.

Reply | Report this comment

Keeping track of our

Submitted by NSA on January 29, 2007 - 2:15 P.M.

Keeping track of our citizens is fairly easy. We have the largest storage and fastest computers on the globe. All just to track and spy on each and every citizen in the US. We record your movement with your 911 GPS chip in your phone and GPS systems and trackers in your vehicles. We can even listen on any phone, even if it is hung up. On-Star is a great tracking and listening tool. Everywhere you use a credit card, ATM card or show an ID card we know it. We have installed cameras on every traffic light and can tap all cameras to keep an eye on you. With incremental back up we copy your drive every time to come anywhere near the internet. DRM is just a FBS-NSA-SS tool to cover our tracks and hide the real reason your computer slows down. With RFID chips soon mandated into food and clothing we will track your every move day and night. VISTA will be a new key to streamline our info gathering. With all this info we can blackmail and coerce you into doing whatever we want. Oh yea, weâ€™ll look for â€œterroristsâ€ too. Welcome comrade to the brave new world.

Reply | Report this comment

600 million computers is a

Submitted by Anonymous on January 23, 2007 - 2:07 P.M.

600 million computers is a lot, but not too large for a consolidated database. A 'backdoor' doesn't have to look like subseven to be useful for data correlation. usernames, passwords, keywords, and keystrokes are more than enough information to be extremely useful. And, I'm all for the NSA doing that these days.

The bigger question is much more whether or not it would be implemented properly, or even if it is possible to do so, without this tool being exploited by other foreign states or determined hackers, or the next mega-worm to stop planet earth from rotating. I trust NSA's intentions. I don't trust that they can build a backdoor safely, however. It's an oxymoron to begin with.

Reply | Report this comment

And your point is? As a

Submitted by C. J. Kelly on January 17, 2007 - 7:25 P.M.

And your point is? As a private citizen, I don't want any backdoors. Got a problem? Reformat. As a government employee? I don't want a backdoor. Reformat.

But, back to my original point. I don't think Microsoft and the NSA are in bed together. It just doesn't make sense.

Reply | Report this comment

I donâ€™t believe what I

Submitted by Anonymous on January 16, 2007 - 3:41 A.M.

I donâ€™t believe what I have just read from C.J.Kelly.
If she is a security officer, then her current employer should reevaluate her worthiness.
The point of having a back door in windows or any other software is to gain access when needed. After a target Person/Computer has been identified, direct access to the OS will provide first hand information, without the hassle of doing much analysis.

Reply | Report this comment

The death of idealism.

Submitted by C. J. Kelly on January 15, 2007 - 6:48 P.M.

The death of idealism.

Reply | Report this comment

It seems historically naive

Submitted by Anonymous on January 15, 2007 - 1:14 P.M.

It seems historically naive to say, "The government has better things to do than spy on us." For example, the Soviet KGB routinely monitored its ordinary citizens without regard to probable cause. They read virtually all international mail, whoever the correspondents. Did that branch of the KGB have better things to do? Clearly not: on the contrary, that kind of surveillance was exactly what they considered the best thing they could do, and so they were doing it. Oleg Kalugin writes that this branch of the KGB had an enormous staff, rooms full of mostly young women, who opened the letters, skimmed them for suspicious language, and made notes on who should be watched. It was a grand operation, and it often snagged valuable information.

Do we then say that "our" NSA would never do such a thing? A few years ago I would have said yes: there was and is a law forbidding it. But since the warrantless wiretapping story has come to light, we may no longer rationally claim that the NSA eschews spying on US citizens. They have shattered that trust, and it is irrational and naive to hold on to the shreds of that broken promise.

Reply | Report this comment

With more and more

Submitted by One of the Linux Bad Guys on January 15, 2007 - 3:56 A.M.

With more and more governments joining the free(open)software wave, our world is becoming really evil, isn't it ? ;-D

Reply | Report this comment

Obama Drupal-ing around; whitehouse.gov goes open source

Testing Microsoft Security Essentials and the Hosts file

Spammer trick of the month: Delayed DNS

And things were going along so well, too

LIVE Nov 10, 2009 12:00 PM ET

Architecting Business Intelligence Applications for Change: The Open Solution

LIVE Nov 12, 2009 02:00 PM ET

The State of PCI DSS Compliance at Organizations Today
Download this resource today!

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.

Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.

Why Email Must Operate 24/7 and How to Make This Happen
Learn how to avoid an email outage by implementing a hosted email continuity solution.

Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!

All White Papers | All Webcasts

Computerworld Reports

8 Questions To Ask About Your Intrusion-Security Solution

Computerworld Technology Briefings IT Service Management

Computerworld Briefing - Analytics: The Art and Science of Better

All Computerworld Reports

Receive the latest technology news and information.

	Computerworld Daily News (First Look and Wrap-Up)
	Computerworld Blogs Newsletter
	The Weekly Top 10

View all newsletters

* E-mail Address:

* Industry:

* Job Title:

* Company Size:

* Country:

* State:

I would like to receive offers via e-mail from Computerworld partners.

C. J. Kelly's Archive

IT Topics

Sponsored Links

Play NetApp's New Data Defense Game.

How Do You Rank as an Innovation Leader? Download Recent Study.

Play NetApp's New Data Defense Game.

Extraordinary times demand Brocade Extraordinary Networks.

No Payments for Up to 6 Months on Orders over $500.

NetScaler VPX : Harness the Power of Virtualized Web App Delivery

64-page prescriptive guide to security, compliance, and IT operations.

Streamline IT Costs. Boost Performance with WAN Optimization

Enterprise Network & Server Monitoring Software. Cross over to Traverse...

Keep your IT expertise up to date. Join the Intel Premier IT Professionals.

Crystal Reports Server: More options. Not more money.

Parallelism is not just for HPC. Create rich apps from desktop to device. Get the eval.

Tolly Performance Report "Citrix NetScaler with nCore Outperforms F5 BIG-IP"

Save up to 61% plus Free Cheesecake

Find IT jobs in the Healthcare industry on Dice.com

With the NEW KODAK i700 Series Scanners get full speed at 300dpi!

Not All QSAs Are Created Equal: What You Should Know Before You Buy

The arrival of Serial Attached SCSI (SAS) marks a new era in storage scalability

The AMD Virtual Experience Virtual Trade Show

New DW Options and Price Points. View Teradata Platform Family Data Sheet.

See how AT&T can help protect your network.

3 Innovations. 3 Free Downloads. Free trials of Windows 7, Windows Server 2008 R2 and Exchange Server 2010.

Take the Netezza TwinFin TestDrive!

Citrix NetScaler with nCore Outperforms F5 BIG-IP - Learn More

New Analytical Platform Options. Download Data Sheet and More.

Get more enterprise mobility value for up to 25% less.

Unified Communications: Thoughts, Strategies and Predictions. Join the discussion.

NYUs M.S. in Management and Systems. Offered Online and On-site.

Increase UPS efficiency without sacrificing protection

Crystal Reports Server: Single server access to reports & dashboards

Create new opportunities. See business making progress now

ESET NOD32 with ThreatSense(R) - Get your free trial now!

Looking to add Unix/Linux functionality to Windows?

Join the conversation about the hottest IT trends with Computerworld on Twitter.

ITwhitepapers.com - Access thousands of white papers on 300+ technical topics.

Leverage Your Cisco infrastructure for Superior Application Performance

Learn about the AMD Virtual Experience

Introducing: Project Icebreaker

About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map

CIO

Computerworld

CSO

DEMO

GamePro

Games.net

IDC

IDG

IDG Connect

IDG Knowledge Hub

IDG TechNetwork

IDG Ventures

IDG.net

InfoWorld

ITwhitepapers

ITworld

JavaWorld

LinuxWorld

Macworld

Network World

PC World

The Industry Standard

Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.

The NSA doesn't need a backdoor to Vista

What People Are Saying

The Gestapo Loves You

I don't trust neither

Yes, since the code's being

Keeping track of our

600 million computers is a

And your point is? As a

I donâ€™t believe what I

The death of idealism.

It seems historically naive

With more and more

Related Posts

Today's Top Stories

Hot Posts

Recent Comments

White Papers & Webcasts

Computerworld Reports

Newsletters

C. J. Kelly's Archive

IT Topics

Sponsored Links