Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

NSA Advises Upgrade To Windows 7

timothy posted more than 3 years ago | from the even-with-the-new-openbsd dept.

Security 377

An anonymous reader writes "In a document available from the NSA (warning, PDF file), that organisation advises users to upgrade to Windows 7 as part of their Best Practice for Securing a Home Network. No mention of BSD or Linux so I guess the Slashdot crowd will just have to bite the bullet and change operating systems if they want to be really secure."

Sorry! There are no comments related to the filter you selected.

So... (5, Funny)

msauve (701917) | more than 3 years ago | (#35994308)

this means that there's an even better backdoor for the NSA in Win7?

The reason for this (-1)

Anonymous Coward | more than 3 years ago | (#35994392)

At the NSA they need to do things like have employees print and scan documents. That's simply not always possible with linux. Believe me, I've tried with my printer for a year.

Re:The reason for this (1)

hedwards (940851) | more than 3 years ago | (#35994408)

If you buy a decent printer it shouldn't be a problem. And even a considerable number of less than decent printers. For an agency like NSA, getting a postscript printer isn't hard, and really an enterprise printer ought to be able to handle postscript without too much worry.

Likewise with scanners, there's a huge number that are supported by SANE, if you're going to be buying a lot of scanners then it's not really that much more work than you'd otherwise be doing to make sure that the work properly for the intended use.

for certain values of truth (0)

Gary W. Longsine (124661) | more than 3 years ago | (#35994578)

It "shouldn't be a problem" if you buy a "decent printer" where "decent printer" is defined as "some hypothetical printer which works with whichever of the dozens of Linux forks you happen to be using" and which is almost certainly not documented.

There. Fixed that for you.

HPLIP (1)

tepples (727027) | more than 3 years ago | (#35994646)

where "decent printer" is defined as "some hypothetical printer which works with whichever of the dozens of Linux forks you happen to be using" and which is almost certainly not documented.

The impression that I get from other Slashdot users is "HP good", if only because of HPLIP [wikipedia.org] .

Re:for certain values of truth (1)

ryanov (193048) | more than 3 years ago | (#35994790)

Gary W. Longsine doesn't know what he's talking about and has no experience with Linux printing, which is actually often easier than Windows printing these days.

There. REALLY fixed that for you.

Re:The reason for this (0)

Anonymous Coward | more than 3 years ago | (#35994442)

There are only two reasons why you were having problems with your printer:

1) You were using Fedora.
2) You're an idiot.

The first problem is often caused by the second problem, so there may be no hope in your case.

Your best bet, however, is to just use Ubuntu. These days, it makes setting up printers and scanners much easier than even Windows or Mac OS X.

Re:The reason for this (1)

m1xram (1595991) | more than 3 years ago | (#35994544)

The only way I could get my scanner to work was with Fedora, Ubuntu hasn't been able to find it since 9.04. The real trick with Linux is to keep trying different distros until you get one that works with the hardware you've got. I have another computer that only likes Mint, not Ubuntu, not Fedora. My friend could only get his computer to work with PCLinuxOS. My sister's computer prefers Ubuntu and wouldn't run Fedora. After you work with several different computers you'll learn to have a stack of live CDs.

Re:The reason for this (0)

Anonymous Coward | more than 3 years ago | (#35994576)

Which make and model of scanner?

Treating distros like applications? (0, Troll)

tepples (727027) | more than 3 years ago | (#35994656)

So I discover that a printer works best with one distro, a scanner with another, and a video card with a third. Am I supposed to run the distro that likes my video card on the bare hardware and then launch VMs every time I want to print or scan?

Re:Treating distros like applications? (1)

mugginz (1157101) | more than 3 years ago | (#35994712)

So I discover that a printer works best with one distro, a scanner with another, and a video card with a third. Am I supposed to run the distro that likes my video card on the bare hardware and then launch VMs every time I want to print or scan?

No, if you're wanting to run Linux, you're supposed to buy hardware that works well with it. Also if you don't know what you're doing, pay someone that does. Just like the noobs who don't know how to install and configure Windows. Just like when you upgrade Windows, you need to make sure your hardware works with the version of OS you want to run. It's not like upgrading Windows to a newer version never required a customer to purchase new hardware because it was no longer supported or working well with the newer release.

Re:The reason for this (1)

dragonturtle69 (1002892) | more than 3 years ago | (#35994744)

Details, please, especially for a computer that will run one distribution and not another.

The one thing that I have found is a failure with some graphical installers and Intel video chips, but that was a few years ago. Otherwise, it is just about the same as Windows; you install or compile and then install the driver if it exists for your OS. My last dedicated flatbed scanner will never work with Windows past XP, because HP will never create a driver for it and the source is closed. Can't really blame HP as the scanner is nine years old.

Re:The reason for this (1)

RobbieThe1st (1977364) | more than 3 years ago | (#35994596)

You can say that again!
Last time I tried to connect to a network printer(at school), I simply had to click "find printer", wait a few seconds, and pick from the list of available printers(all 50 on the network). Easy.
XP(which we were running at the time), required -- at best -- knowing the IP. At worst, it also required some arcane driver too.

Re:The reason for this (1)

Anonymous Coward | more than 3 years ago | (#35994602)

He must have been using Fedora then, because I'm a total computer idiot (and some would say idiot in general) and I can print using Ubuntu and a HP printer I literally found in the trash.

Re:The reason for this (0)

Anonymous Coward | more than 3 years ago | (#35994642)

Ah one of my favorite trolls - "You claim X often happens, but in my case it didn't happen and so you are wrong". Does this have a name? The "anecdote troll" perhaps?

Re:The reason for this (-1)

Anonymous Coward | more than 3 years ago | (#35994698)

Why would you recommend Nigger Linux? Mod parent down.

Re:The reason for this (1)

NyteGeek (1085779) | more than 3 years ago | (#35994502)

At the NSA they need to do things like have employees print and scan documents. That's simply not always possible with linux. Believe me, I've tried with my printer for a year.

PEBKAC or a need for new hardware, these things aren't always possible with windows either.

Re:The reason for this (1)

Dunbal (464142) | more than 3 years ago | (#35994566)

Funny, I've had no problem with linux and my HP printer. No fiddling required, it worked straight out of the box.

Re:The reason for this (0)

Anonymous Coward | more than 3 years ago | (#35994704)

You can buy a printer and scanner that work fine with linux for considerably less than a reasonable windows license. If you buy a decent printer and scanner, equivalent in cost to a business level license, it will last you through 2 or 3 generations of windows. That's quite a lot of savings!

Re:So... (3, Insightful)

black3d (1648913) | more than 3 years ago | (#35994424)

The backdoor in XP only gives them a master algorithm for decrypting anything protected with the tools provided with the OS. Perhaps in 7 either, 1) they've developed a method of recording keys for any encryption taking place (fairly unlikely as very easily detected), 2) Windows 7 automatically records hashes for hidden volumes when data on them is accessed (more likely, noticing a hash is in use in the reading of data on a volume by a third-party process, eg, truecrypt.dll, and they don't even need to capture the crypto-keys - also less detectable - while folks know their crypto-keys, not many know their hash by heart and wouldn't notice it being copied in memory), 3) something else I haven't thought of, 4) they actually care about your security - but given the organisation and their goals this is _extremely_ unlikely.

Disclaimer: I may have not used the correct terminology in places. Feel free to correct mis-used words, but try to do so without insulting my mother, my nerd-status, or my intellect - this merely isn't my field of expertise.

Re:So... (1)

Anonymous Coward | more than 3 years ago | (#35994612)

4) they actually care about your security - but given the organisation and their goals this is _extremely_ unlikely.

Actually, they do. But they don't care for your random citizen's security. Business, and non-joe-6pack security is provided by the NSA to anyone who is actually capable of using it, through SELinux. Nobody cares about joe-6pack, the easiest it is for law enforcement to rape his rights, the better. Businesses are a problem (mass damage, cyberterrorism).

And the government is either a separate issue, or a lost case. Your pick.

Re:So... (5, Funny)

Anonymous Coward | more than 3 years ago | (#35994654)

The backdoor in XP only gives them a master algorithm

It's actually a master key. The algorithm is well known, and is publicly available (like your mother).

something else I haven't thought of

Like Microsoft and Intel working together, to add a backdoor at the processor level? You should have thought of that. Hand in your badge, you're not a real nerd.

they [Microsoft] actually care about your security

You're such a dumbass.

...without insulting my mother, my nerd-status, or my intellect

oops

Re:So... (0)

Anonymous Coward | more than 3 years ago | (#35994724)

but try to do so without insulting my mother, my nerd-status, or my intellect - this merely isn't my field of expertise.

You say that, as if having no sex ever would be a good thing...

P.S.: You didn't say I couldn't insult your relationship status. ;)
P.P.S.: Aaand this is, why firewalls block everything by default! ;)

Re:So... (1)

Lord_of_the_nerf (895604) | more than 3 years ago | (#35994772)

this means that there's an even better backdoor for the NSA in Win7?

They're just trying to stay relevant.

Backdoors are the warrantless wiretaps of the 2010s!

Re:So... (1)

Jeremiah Cornelius (137) | more than 3 years ago | (#35994780)

Mod parent UP!

I don't wear a tinfoil hat, but.. (0)

Anonymous Coward | more than 3 years ago | (#35994314)

This sounds unreasonable. It sounds exactly like something one would expect to hear from someone who wants access to your computer.
And it's not unreasonable to expect that Microsoft would cooperate with Federal Agencies to manage intentional vulnerabilities on the OS.

Re:I don't wear a tinfoil hat, but.. (0)

Anonymous Coward | more than 3 years ago | (#35994522)

Don't forget that the 8 gigs or so of space that Vista/7 takes up leaves an ungodly amount of room for backdoors. Nevermind the gig or so each service pack is going to take up? Windows in General, and you've got plenty of obfuscation for whatever sort of backdoors you could possibly ever need. Not saying Linux is much better nowadays although something like BSD might be. Anybody with the resources can corrupt your computer about as easily as they can corrupt the democratic process.

Re:I don't wear a tinfoil hat, but.. (3, Insightful)

Mitsoid (837831) | more than 3 years ago | (#35994534)

It would be unreasonable to expect Grandma & grandpa who barely know how to turn on a computer to learn Linux...

"For securing a home network" = Basic computer skills, not the linux lovers (unless linux becomes more wide spread and taught to people)... so Compared to Windows 2000/Vista/etc.. recommending people use 7 for Home Networks (as in, those not in the slashdot community) is a perfectly reasonable suggestion

Re:I don't wear a tinfoil hat, but.. (3, Funny)

Omnifarious (11933) | more than 3 years ago | (#35994582)

t would be unreasonable to expect Grandma & grandpa who barely know how to turn on a computer to learn Linux...

This is on oft repeated fallacy. And it is a fallacy. There is nothing harder for 'grandma and grandpa' about Linux vs. Windows. Especially if they don't already know Windows. My computer-literate, non-programmer friends who want technical support from me use Linux, and I hardly ever get a call.

Re:I don't wear a tinfoil hat, but.. (1)

taosk8r (56641) | more than 3 years ago | (#35994766)

4 words, and the other reason besides gaming that I don't personally use linux: Not enough available software compared to the huge range of options in 'doze. You don't have to be some kinda linux guru to find whatever tool you need for whatever job you need done in Windows.

Re:I don't wear a tinfoil hat, but.. (1)

mugginz (1157101) | more than 3 years ago | (#35994638)

"It would be unreasonable to expect Grandma & grandpa who barely know how to turn on a computer to learn Linux..."

Do you expect your Grandma & grandpa who barely know how to turn on a computer to successfully install and configure Windows 7 in addition to any attached hardware without any help from anyone?

For a competent technician either OS can be installed and configured properly. Perhaps in their case they could pay one with the savings on the Windows 7 licence fee.

Once set up, I've found that quite a few of the computer novices around here have had no issues running Ubuntu.

Buying a computer to run Windows-only apps (2)

tepples (727027) | more than 3 years ago | (#35994676)

For a competent technician either OS can be installed and configured properly. Perhaps in their case they could pay one with the savings on the Windows 7 licence fee.

Does this include cases where "properly" means "correctly running the Windows-only applications for which I bought the computer in the first place?" I didn't think so.

Re:Buying a computer to run Windows-only apps (1)

mugginz (1157101) | more than 3 years ago | (#35994746)

Does this include cases where "properly" means "correctly running the Windows-only applications for which I bought the computer in the first place?" I didn't think so.

No, in those cases you're stuck with Windows if your paid technical help can't get the package to run under Wine.

Not everyone has a "Windows Only" package they need to run.

Those lucky souls have the option of Mac or Linux.

Re:I don't wear a tinfoil hat, but.. (0)

Anonymous Coward | more than 3 years ago | (#35994682)

or perhaps securing a home network is NOT basic computer skills?

Re:I don't wear a tinfoil hat, but.. (1)

dragonturtle69 (1002892) | more than 3 years ago | (#35994762)

It would be unreasonable to expect Grandma & grandpa who barely know how to turn on a computer to learn Linux...

Why, because they are "too old" to learn?

awful summary (5, Insightful)

Anonymous Coward | more than 3 years ago | (#35994322)

way to be a teenage provocative troll

Re:awful summary (1)

Pharmboy (216950) | more than 3 years ago | (#35994372)

That is worth a mod point but I don't have any for a change. Timothy's summary was pretty petty, at the very least. I'm not shocked, mind you.

Re:awful summary (0)

Anonymous Coward | more than 3 years ago | (#35994586)

i'm the anonymous coward who wrote that content-less comment you wanted to moderate up.
i encourage people to use adblock to avoid rewarding shitty editors

Re:awful summary (4, Interesting)

black3d (1648913) | more than 3 years ago | (#35994484)

Are Timothy and Kdawson different people, or merely alter egos?

Re:awful summary (0)

Anonymous Coward | more than 3 years ago | (#35994836)

Precisely my thought.

Real summary, "If you use XP, it'd be a good idea to get up to Win7 or move to current Mac OS. Lesser-known options that would be met with general confusion were not mentioned."

News? Uh, not to anyone here.

Translation: (0)

Anonymous Coward | more than 3 years ago | (#35994324)

The NSA is tired of dealing with multiple backdoors and wants everyone to use a single OS.

Considering who this is talking about, so what? (5, Insightful)

Derekloffin (741455) | more than 3 years ago | (#35994330)

This is talking to your average home user, and guess what, Linux is not exactly a popular desktop OS. It certainly has it's draw, but switching over to it just is a non-starter for most people. You'll also note they talked about Mac OS upgrades too, not just windows 7. Windows 7 upgrade was mentioned specifically if they were already using a windows OS.

Re:Considering who this is talking about, so what? (1)

kvvbassboy (2010962) | more than 3 years ago | (#35994450)

Why Windows though? And why not Mac? As far as I know, there are less viruses out in the wild for the latter.

Re:Considering who this is talking about, so what? (2)

Derekloffin (741455) | more than 3 years ago | (#35994458)

They talked about both Windows and Mac (unlike the summary). Windows upgrade to Windows 7, likewise for Mac, old to newest.

Re:Considering who this is talking about, so what? (1)

kvvbassboy (2010962) | more than 3 years ago | (#35994474)

Oops sorry. Just read TFA. :\

Re:Considering who this is talking about, so what? (3, Funny)

Black Parrot (19622) | more than 3 years ago | (#35994764)

Oops sorry. Just read TFA. :\

Now *that* will spoil the Slashdot Experience.

Re:Considering who this is talking about, so what? (0)

Anonymous Coward | more than 3 years ago | (#35994548)

and guess what, Linux is not exactly a popular desktop OS

But 2011 is the year that will change that. BTW which window manager are you using?

Re:Considering who this is talking about, so what? (1)

standbypowerguy (698339) | more than 3 years ago | (#35994666)

Switching to Linux is easier now than ever. I've just tried Ubuntu Natty, and it's a breeze to install with Windows, either dual-boot from the live CD or along side with wubi. I'm a longtime user of Red Hat and it's derivatives, and I'm jealous. In my opinion Fedora 14 is much easier and less time-consuming to install than Win7 with equivalent default apps, but Canonical's latest offering is even easier still, seemingly by an order of magnitude. It's so simple I'm going to try it out on my mother, a total luddite, just for fun.

Re:Considering who this is talking about, so what? (1)

Anonymous Coward | more than 3 years ago | (#35994732)

Yes. and you recommend it or even install it on relatives computer.

Every issue they have is now your problem since nobody else they call knows what Linux is much less how to fix it. Yes, *nix fixes a bunch of problems but can also cause them if you don't wish to be a 24 hour help desk to people you know.

Re:Considering who this is talking about, so what? (0)

Anonymous Coward | more than 3 years ago | (#35994800)

Does Ubuntu Natty install by kegstand or by shotgunning the boot media, brah?

Re:Considering who this is talking about, so what? (1, Insightful)

w0mprat (1317953) | more than 3 years ago | (#35994786)

... and for linux: sudo apt-get install updates

Re:Considering who this is talking about, so what? (2)

MaskedSlacker (911878) | more than 3 years ago | (#35994820)

... and for linux: sudo apt-get install updates

That's sudo emerge --newuse --update --deep world on my boxen you insensitive clod!

Re:Considering who this is talking about, so what? (3, Insightful)

bmo (77928) | more than 3 years ago | (#35994792)

Ah yes, the 15 year old argument that Linux is too difficult to use for the ordinary home user, who surfs the net, does his checkbook, writes papers for school, and other generic tasks that can be done on a Linux platform without any arcane pounding on the keyboard at a command prompt.

Let me tell you about Uncle Joe. Uncle Joe is a guy from the Old Country (TM). Specifically, Madiera. He's a machinist and a damn good one at that. His education stopped at the 8'th grade, as it did in Madiera. He was curious about Linux so I installed it for him. His wife's computer was untouched.

His reaction? "I don't see why it's supposedly so hard, it's just like Windows"

That was 4 years ago. He has yet to go back.

His experience is so trouble free, he bought a new machine and told the salesman "No, I don't need to upgrade Windows to Ultimate, I'm going to install Linux" - which he did without my help. I would say that the Uncle Joe Experiment was a resounding success.

The only thing that is still difficult on Linux is running Windows games. But then that argument means that Windows is just a gaming OS and I don't think you want to go there.

It's not the 90s anymore, dude.

--
BMO

Misleading summary (5, Insightful)

whoever57 (658626) | more than 3 years ago | (#35994336)

The article suggests that, if your are running Windows, that you upgrade to Windows 7 or Vista.

It also has advice for MAC users.

Just because it has no advice for Linux or BSD users doesn't mean that the article suggests that Linux or BSD users should switch to Windows.

[But you all knew that -- whenever are /. summaries accurate?]

Re:Misleading summary (2)

FedeTXF (456407) | more than 3 years ago | (#35994388)

That's right. If you use Linux you are more secure by default. For example one of the tips is to limit the use of administrator account and to configure auto-update. Both things are by design unless you brake them on purpose.

Re:Misleading summary (0)

Anonymous Coward | more than 3 years ago | (#35994622)

I'm really pondering switching to linux to be more secure. It doesn't do anything I want. But I'll be more secure. Does it have more cowbell too?

Re:Misleading summary (0)

Anonymous Coward | more than 3 years ago | (#35994822)

Nope. You probably should look into getting a farm if you want something with a cowbell. Why would you even think that Linux would be what you want?

Re:Misleading summary (1)

MaskedSlacker (911878) | more than 3 years ago | (#35994834)

Eh, and Windows doesn't do the things I want. No out of the box support for python/perl scripting, poor git functionality, and a lack of a simple cli cron job system.

Re:Misleading summary (1)

Targon (17348) | more than 3 years ago | (#35994830)

Much of this depends on the distribution and how many packages come properly configured out of the box vs. just installing a package with a poor or incomplete configuration. If your default install installs a web server when you are not planning on actually using the web server, that opens the door to a LOT of potential security problems. As with everything else, running more than you want to run is the bad thing, and is the biggest source of security problems.

Linux, BSD, or any other UNIX or UNIX-like OS can be more secure, or it can leave the doors wide open for someone to break in. How many distributions are there again, and are they all equally secure out of the box?

THIS DATA MIGHT (Win7 vs. Linux, & MORE) (-1)

Anonymous Coward | more than 3 years ago | (#35994422)

See subject-line 1st, & then this data from a respected source for known security vulnerabilities unpatched:

***

Vulnerability Report: Microsoft SQL Server 2008: (04/29/2011)

http://secunia.com/advisories/product/21744/ [secunia.com]

Unpatched 0% (0 of 0 Secunia advisories)

Vulnerability Report: Microsoft Internet Information Services (IIS) 7.x: (04/29/2011)

http://secunia.com/advisories/product/17543/ [secunia.com]

Unpatched 0% (0 of 6 Secunia advisories)

Vulnerability Report: Microsoft Exchange Server 2010: (04/29/2011)

http://secunia.com/advisories/product/28234/ [secunia.com]

Unpatched 0% (0 of 0 Secunia advisories)

Vulnerability Report: Microsoft SharePoint Server 2010: (04/29/2011)

http://secunia.com/advisories/product/29809/ [secunia.com]

Unpatched 0% (0 of 0 Secunia advisories)

Vulnerability Report: Microsoft Forefront Endpoint Protection 2010: (05/01/2011)

http://secunia.com/advisories/product/34343/ [secunia.com]

Unpatched 0% (0 of 1 Secunia advisories)

Vulnerability Report: Microsoft Office 2010: (04/29/2011)

http://secunia.com/advisories/product/30529/?task=advisories [secunia.com]

Unpatched 0% (0 of 6 Secunia advisories)

Vulnerability Report: Microsoft Forefront Endpoint Protection 2010: (04/29/2011)

http://secunia.com/advisories/product/34343/ [secunia.com]

Unpatched 0% (0 of 1 Secunia advisories)

Vulnerability Report: Microsoft Virtual PC 2007:

http://secunia.com/advisories/product/14315/ [secunia.com]

Unpatched 0% (0 of 1 Secunia advisories)

Vulnerability Report: Microsoft Internet Explorer 9.x: (04/29/2011)

http://secunia.com/advisories/product/34591/ [secunia.com]

Unpatched 0% (0 of 0 Secunia advisories)

Vulnerability Report: Microsoft Visual Studio 2010: (04/29/2011)

http://secunia.com/advisories/product/30853/?task=advisories [secunia.com]

Unpatched 17% (0 of 1 Secunia advisories)

Vulnerability Report: Microsoft DirectX 10.x:
(04/29/2011)

http://secunia.com/advisories/product/16896/ [secunia.com]

Unpatched 0% (0 of 3 Secunia advisories)

Vulnerability Report: Microsoft .NET Framework 4.x
(04/29/2011)

http://secunia.com/advisories/product/29592/ [secunia.com]

Unpatched 0% (0 of 3 Secunia advisories)

Vulnerability Report: Microsoft Silverlight 4.x: (04/29/2011)

http://secunia.com/advisories/product/28947/ [secunia.com]

Unpatched 0% (0 of 0 Secunia advisories)

Vulnerability Report: Microsoft XML Core Services (MSXML) 6.x:(04/29/2011)

http://secunia.com/advisories/product/6473/ [secunia.com]

Unpatched 0% (0 of 4 Secunia advisories)

Vulnerability Report: Microsoft Windows 7: (04/29/2011)

http://secunia.com/advisories/product/27467/?task=advisories [secunia.com]

Unpatched 8% (5 of 65 Secunia advisories)

***

AND, of those 5 vulnerabilities, yes... 2 are still "remote". HOWEVER, they have EASY work-arounds (basic "don't be stupid" stuff everyone OUGHT to practice & be aware of).

They can be avoided by not just downloading & running "anything" etc. (being utterly stupid in other words, or just ignorant (which in the case of a child, I could excuse (not an adult)).

I.E.-> "NO PROBLEMO!"

&

3.5x LESS THAN IS PRESENT ON THE LINUX 2.6x KERNEL ALONE (toss on the rest of what goes into a Linux distro? That # goes "up, Up, UP & AWAY...", bigime, "increasing that lead, that Linux has", lol, in more unpatched known security bugs present that is (a dubious honor/win, lol, to say the least!)

So, that "all said & aside"?

Microsoft's doing a HELL OF A GOOD JOB on the security front!

APK

P.S.=> Compare a "*NIX/Open SORES" OS in Linux's "latest/greatest"?:

--

Vulnerability Report: Linux Kernel 2.6.x (04/29/2011)

http://secunia.com/advisories/product/2719/?task=advisories [secunia.com]

Unpatched 7% (17 of 259 Secunia advisories)

--

THAT? That's about 3.5x as many as Windows 7 has that are unpatched, and it's not even a FULL OS, it's only the kernel (and it's more than the ENTIRE GAMUT of what MS gives folks to do business & build tools for it as well has), & it's NOT the entire 'gamut/array' of what actually comes in a Linux distro (such as the attendant GUI, Windows managers, browsers, etc. that ship in distros too that have bugs, and yes, THEY DO), THAT ADDS EVEN MORE BUGS that COMPOUNDS THAT # EVEN MORE!

So, so much for "Windows is less secure than Linux" stuff you see around here on /., eh?

(It gets even WORSE for 'Linuxdom' when you toss on ANDROID (yes, it's a LINUX variant too), because it's being shredded on the security-front lately, unfortunately)

BOTTOM-LINE:

What this all comes down to, is all the "Pro-*NIX propoganda straight outta pravda" practically doesn't stand up very well against concrete, verifiable & visible facts now, does it? Nope... apk

Re:Misleading summary (0)

Anonymous Coward | more than 3 years ago | (#35994440)

Mac. It's Mac. Mac. Mac. Mac. It's not an acronym. It's Mac.

Re:Misleading summary (0)

Anonymous Coward | more than 3 years ago | (#35994462)

It also has advice for MAC users.

Parent is referring to Apple Macintosh computers, not Mandatory Access Control. Alas, I was hoping there was a decent Mandatory Access Control solution for Windows - don't get my hopes up like that!

Re:Misleading summary (1, Funny)

Missing.Matter (1845576) | more than 3 years ago | (#35994562)

Thanks for clarifying. The context of the discussion was so ambiguous, I had no idea he was referring to Apple's desktop computer line. Those capital letters just threw me off completely

Re:Misleading summary (4, Insightful)

AHuxley (892839) | more than 3 years ago | (#35994476)

For the BSD users http://cryptome.org/0003/fbi-backdoors.htm [cryptome.org]
The NSA would not really care what OS you use, its all networking in plain text and a known ip to them.
64 bit Windows 7 just reduces the malware and provides a cleaner network.

Re:Misleading summary (0)

Anonymous Coward | more than 3 years ago | (#35994770)

+5, really? This crowd is slacking...

Submitter was making a joke about this [nsa.gov] . Try and keep up.

The NSA was addressing 99% of people (4, Insightful)

betelgeuse68 (230611) | more than 3 years ago | (#35994356)

Not the 1% who use LINUX desktops. Spare me the trolling. I like Ubuntu a lot, but I'm a tech person. Most people aren't, get over it.

Re:The NSA was addressing 99% of people (4, Interesting)

betterunixthanunix (980855) | more than 3 years ago | (#35994618)

Which is not to mention that the NSA has done more to contribute to the security of the Linux kernel than they have (at least as far as is publicly acknowledged) done for Windows: SELinux.

Re:The NSA was addressing 99% of people (0)

Anonymous Coward | more than 3 years ago | (#35994726)

Whatever, I know lots of "normal" people (grandparents, etc) that have been using Ubuntu for years.

Fact is most people use their computer to browse the web and that's it. Linux is the most secure way to do that and there is always VMware (Player) for those rare occasions they need Windows (eg. TurboTax and other legacy crappy non-crossplatform software).

NSA (5, Informative)

0123456 (636235) | more than 3 years ago | (#35994358)

The NSA have an excellent guide for securing Linux systems (particularly Redhat, but much is applicable to all distros), so they're hardly Windows-centric.

Re:NSA (0)

Anonymous Coward | more than 3 years ago | (#35994436)

Could you please link to this guide? thanks.

Re:NSA (3, Funny)

Anonymous Coward | more than 3 years ago | (#35994690)

Here you go: NSA securing linux guide [lmgtfy.com]

Re:NSA (-1)

Anonymous Coward | more than 3 years ago | (#35994714)

Go fucking Google it. Thanks.

Re:NSA (2)

Jahava (946858) | more than 3 years ago | (#35994526)

The NSA have an excellent guide for securing Linux systems (particularly Redhat, but much is applicable to all distros), so they're hardly Windows-centric.

They also have developed a staple of (a) modern Linux security architecture, namely SELinux [wikipedia.org] .

Re:NSA (3, Funny)

Black Parrot (19622) | more than 3 years ago | (#35994778)

The NSA have an excellent guide for securing Linux systems (particularly Redhat, but much is applicable to all distros), so they're hardly Windows-centric.

They also have developed a staple of (a) modern Linux security architecture, namely SELinux.

Do they have one for people who live in the northwest?

how did this happen? (3, Insightful)

Bizzeh (851225) | more than 3 years ago | (#35994362)

how did the NSA recommending that WINDOWS USERS upgrade to the latest version of WINDOWS. turn into a linux story?

Re:how did this happen? (0)

Anonymous Coward | more than 3 years ago | (#35994426)

Because so many slashdotters have their heads so far up their asses that they can't see beyond their own little technology cult? That's my guess.

The Limit Use of the Administrator Account seems t (0)

Joe The Dragon (967727) | more than 3 years ago | (#35994386)

The Limit Use of the Administrator Account seems part seems to be a mix of the old windows XP and the new windows 7 systems.

The Default windows 7 mode with UAP popups seems to work well and not brake lot's of apps. But lots of home users have old windows 9X / XP based apps that will not work if the system was more locked down and a long password will just make people want to trun it off vs just asking cancel or allow with no need to enter a password.

Interesting Timing (0)

NoseSocks (662467) | more than 3 years ago | (#35994406)

So this announcement from the government advising people to purchase a new Windows Operating System occurs only days after Microsoft's stock was impacted due to poor Operating System sales
Microsoft Stock news [smh.com.au]

Goddamnit Slashdot (5, Insightful)

atomicbutterfly (1979388) | more than 3 years ago | (#35994416)

Windows 7 IS a worthy upgrade from XP - certainly from the security point of view. I have helped people with transitions from XP/Vista to 7 and found an almost unanimous praise for it. Given the choice, people preferred 7 for reasons of aesthetics, functionality and robustness.

The longer the Linux crowd believes that Microsoft can not make decent quality (once in a while at least), the longer they'll fail to make any changes which might someday resolve the issues that push people away from Linux.

Re:Goddamnit Slashdot (1)

Black Parrot (19622) | more than 3 years ago | (#35994824)

I would hardly heap praise on it, but it is true that W7 only rarely shows evidence of the brain fever that was rampant in their earlier releases.

I've used it for a gaming platform for about three months, and the only bugs I've seen is that it sometimes forgets icons and sometimes fails to update listings in the Explorer when you delete stuff. (You know, the difficult stuff that free software will never be able to solve either.)

Also hung once, IIRC.

And there's still lots of idiotic design, but that's not a bug.

Taking computer security tips from the NSA now? (-1, Flamebait)

Arancaytar (966377) | more than 3 years ago | (#35994432)

Brilliant idea!

No such Agency. wants what is best for the country (1)

iiiears (987462) | more than 3 years ago | (#35994452)

Windows 7 is much better at isolating ring 0 - too bad there dozens of services running by default. Remote Desktop?! Remote Registry?!! Home users won't use. Add a dozen helpful? shovel-ware services added by your OEM and even someone that cares will spend hours figuring out what they need. At least with apple you don't have nag-ware. Linux doesn't have all the security redundancy of Windows 7 but it doesn't have the downside thousands people paid and private writing malware against it either. It's always a matter of faith with any OS or firmware. When was the last time you built your own compiler? /tinfoil

Re:No such Agency. wants what is best for the coun (2)

magamiako1 (1026318) | more than 3 years ago | (#35994518)

Remote desktop and remote registry aren't on by default in Windows 7.

This makes the rest of your points invalid.

Reminds me of a previous slashdot post... (1)

unr3a1 (1264666) | more than 3 years ago | (#35994466)

This reminds me of a previous /. post that talked about draconian DRM: http://tech.slashdot.org/story/09/02/16/2259257/Draconian-DRM-Revealed-In-Windows-7 [slashdot.org]

Specifically the second paragraph concerns me, "Noting that Win7 allows programs like Photoshop to insert themselves stealthily into your firewall exception list. Further, that the OS allows large software vendors to penetrate your machine."

I wonder if this is why the NSA wants everyone to upgrade.

RTFA (3, Informative)

Stormy Dragon (800799) | more than 3 years ago | (#35994470)

No, the NSA recommends that you use a "modern OS" and then gives Windows Vista and Windows 7 as examples. Nothing suggests they consider these the only modern OS's in existence.

Re:RTFA (0)

Anonymous Coward | more than 3 years ago | (#35994568)

They recommend you "Migrate to a Modern OS and Hardware Platform," but only under the rubric "Windows Host OS".

Linux? (0)

Anonymous Coward | more than 3 years ago | (#35994492)

What makes you think I am using Linux? I happen to be, but resent the assumption.

off-topic (0)

Anonymous Coward | more than 3 years ago | (#35994536)

Hey, slashdot, I think your fortune command is broken. For about a week or so I keep getting this one: "Are Linux users lemmings collectively jumping off of the cliff of reliable, well-engineered commercial software? -- Matt Welsh"

Bad summary (5, Informative)

Wyatt Earp (1029) | more than 3 years ago | (#35994584)

I guess no one involved in green lighting this read the PDF.

The NSA pamphlet was only for Windows and Mac users, it didn't mention migrating to LINUX or BSD because it wasn't about alternative OSes, just what current users should go to.

They have a bunch of these fact sheets, shocking the securing iPhones and iPads one doesn't talk about migrating to Android or Win 7.
http://www.nsa.gov/ia/guidance/security_configuration_guides/fact_sheets.shtml [nsa.gov]

Re:Bad summary (2)

MSTCrow5429 (642744) | more than 3 years ago | (#35994680)

The PDF is clearly aimed at novices. To have included non-standard home operating systems at such an audience would have been unproductive.

Home users will never do 100% of this silly stuff (0)

Anonymous Coward | more than 3 years ago | (#35994594)

IT people can do this, most home users this is WAY over their heads. DEP on all software breaks stuff, we tried it at work and what a mess! Thanks a lot Microsoft.

So submitters don't read the articles either? (0)

Anonymous Coward | more than 3 years ago | (#35994608)

I guess if the editors don't. And the readers don't. There isn't much point anyway.

droids in droid powered drones defecting? (-1)

Anonymous Coward | more than 3 years ago | (#35994648)

not willing to take any more system performance degradations, the droids in their drones have abandoned southern hillary (& the submerged southern hillaians), vowing to never again be deleted, or taken as hostages of the softwar, & other war, & weather, gangsters. if we had prayers, we'd be saying them, for the droids. on to babylon, the whore has been identified by papers she was carrying. her dethractment is ongoing, despite any guilt or innocence, or even whoring, remaining unproven.

disarm. thank you.

The only truly secure Microsoft Operating System (0)

Timex (11710) | more than 3 years ago | (#35994664)

...is still in its shrink-wrap.

Any OS that allows users to run as "root" or "Administrator" by default is far from safe on today's Internet and should be avoided.

Biggest Linux botfarm todate is 770 boxes (1)

Jerry (6400) | more than 3 years ago | (#35994692)

For a comparison the largest Windows botfarm had well over 1 million zombies in it. There were 2.9 million active Windows malware packages last year and probably more than 90% of most Windows boxes have expired AV subscriptions on them, and most are probably infected, but the user isn't smart enough to realize the reason why his box boots and runs so slow at times. Microsoft has relieved the situation somewhat by making available a free and effective AV package: Microsoft Security Essentials. Being free the only thing a Windows users has to do is set MSE for automatic update of the vaccine file. This is still not ideal, however, because there is usually a significant time gap between when a black hat releases a malware package and when it is finally detected, analyzed and the fix added to an AV vaccine file. For really critical security holes the gap may be as short as a few days, but for many of the others the gap may be as long as several months or never (i.e., the "cure" is to upgrade to a newer version of Windows). A LOT of people with "active" AV security have been caught in that gap and had their personal data stolen, sometimes along with a lot of cash.

The Linux botfarm was created by a group of hackers about two years ago and since Linux isn't susceptible to automatic email or browser drive-by attacks it took them 6 months to manually find 770 poorly secured Linux boxes and hack into them. Linux boxes are so hard to break into hackers use them to control the very large Windows bot farms that plague the Internet. When a black hat breaks into a Linux box she usually makes it as secure as it should have been, making it about impossible for other black hats to break in.

The superior security model of Linux, combined with the fact that as a totally Open Source OS the insertion of an NSA backdoor key is impossible, makes it ideal for situations where maximum security is a must. This is probably with that "Security" PDF discussed Windows security and mentioned the Mac OS X, but not Linux.

Re:Biggest Linux botfarm todate is 770 boxes (0)

Anonymous Coward | more than 3 years ago | (#35994782)

Back door?
More like front door [wikipedia.org] ! ^^

Yes, you can read the source code. Just like you read the terms and conditions of all your other contracts [southparkstudios.com] , right? ;)

P.S.: You can see my Linux hatred by me using Gentoo (Stage 1) for 6 years on my 3 systems now. Yep, clear MS fanboi. :P

Hell Yeah! (1)

martin-boundary (547041) | more than 3 years ago | (#35994710)

No mention of BSD or Linux so I guess the Slashdot crowd will just have to bite the bullet and change operating systems if they want to be really secure.

That's exactly right! If any user wants their computer to be really secure for Microsoft and the RIAA, then they should switch to Windows 7 ASAP. Only Windows 7 is really secure for Microsoft and the RIAA.

Trusted Computing. Accept no substitutes.

If you just upgrade one more time... (-1)

Anonymous Coward | more than 3 years ago | (#35994720)

How many many times has the public been told to upgrade because the next version will be secure, only to find out it wasn't so. Its probable that XP will be more secure than Windows 7 because it has about 10 years of patching behind it. On the other hand Windows 7 is relatively new and likely is full of unknown security flaws.

Better to hang on to the devil you know that the unknown devil. Besides, Windows 7 Sucks!

Upgrade to Windows 7? (1)

countertrolling (1585477) | more than 3 years ago | (#35994734)

Great! Cough up the scratch..

God says... (1)

Trivial Solutions (1724416) | more than 3 years ago | (#35994738)

main dealt openly Death hoping Manichaean sun EXPRESS
usury drenched pleasure prerogative LIMITED kindle manifestly
shapes DON'T Passion magical displays stole realised hurting
weapon girl madest gives garden watch ANYTHING Translated
talkers audacious honied variously lot sorrows Dakota
reigns disgusted abundant places conflict endeared formerly
lover Perish thoughts

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?