NSA helps Apple, Sun and Red Hat harden their systems
That the American National Security Agency has previously helped Microsoft harden various Windows versions is old hat, but what is news is that the NSA now also assists Apple, Sun and Red Hat with increasing the security of their operating systems. This was made public in a hearing at the US Senate's Subcommittee on Terrorism and Homeland Security.
With these measures the NSA is responding to the increasing number of threats it perceives to critical infrastructures and economic systems. While such efforts are generally laudable, assistance by the NSA quickly tends to create the rumour of government controlled back doors being introduced into commercial products.
Currently, however, the NSA doesn't seem to be involved too deeply in the development process and says it is only helping with creating security guidelines and check lists for protecting operating systems against certain types of attacks. NSA instructions for hardening various systems, for example Mac OS X, Red Hat, Solaris and Windows, can already be found on the NSA's pages. To what extent these guidelines are to differ from those that are currently in planning remains to be seen.
The Agency's Information Assurance Director said at the hearing that the NSA also helped protect Windows 7 against attacks. According to the Director, the NSA's experience was already incorporated during the development of the operating system and resulted in Windows 7 supporting the Security Content Automation Protocol (SCAP), which essentially combines a range of open security standards. The Director said this is to improve subsequent product security management.