NSA recommends users ditch Windows XP

May 2, 2011, 2:03 PM EST

The National Security Agency (NSA) is advising users to upgrade from Windows XP to either Windows Vista or Windows 7. Furthermore, the organization says that when possible, choosing a 64-bit version of Windows is recommended. We at TechSpot wholeheartedly agree.

The NSA's latest recommendation comes as part a 10-page document titled "Best Practice for Securing a Home Network" (PDF). Interestingly, and unsurprisingly, Linux is not mentioned at all. Here is the crux of the advice:

Migrate to a Modern OS and Hardware Platform

Both Windows 7 and Vista provide substantial security enhancements over earlier Windows workstation operating systems such as XP. Many of these security features are enabled by default and help prevent many common attack vectors. In addition, implementing the 64-bit mode of the OS on a 64-bit hardware platform substantially increases the effort of an adversary to attain a system or root compromise. For any Windows-based OS, verify that Windows Update is configured to provide updates automatically.

Although Windows Vista and Windows 7 are used by 35 percent of users around the world, Windows XP still trumps them both with 53 percent market share, according to the latest April 2011 data. This is very unfortunate given that XP is a decade-old operating system.

Microsoft knows this and is making its own attempts to woo users off the platform. The software giant still supports those using XP, despite its hate for the ancient OS.

On April 14, 2009, Microsoft retired Mainstream Support for XP, and with it, support for IE6. The company is not planning to retire Extended Support for the operating system until April 8, 2014. If the company ends up releasing XP SP4 (highly unlikely), it will retire support for SP3 (released in April 2008) two years later, or in April 2014, whichever comes first. In short, Windows XP will continue to be officially supported by Microsoft for about three more years. Despite the support options, Redmond still wants XP and IE6 to die.

http://www.techspot.com/news/43579-nsa-recommends-users-ditch-windows-xp.html

;D Well they would, seeing as they "helped" :D MS with both OS's before they were released. Wonder why, NOT :P

It wouldn't do for people to have security etc Apps in place that won't work on Vista/W7 that might interfere with covert etc intrusions ;D

That's my take on it anyway ;)

Probably sound advice, but as ever, we have debated this for many moons here on Wilders. Like most people, I believe that users will update/upgrade their hardware when they can afford it. Not all countries are as affluent as the US. Of course, if you want to be completely safe from malware attacks you could always hide out in a mansion somewhere with no Internet/Phone connections & surround yourself by 10 foot walls. You may not be as safe as you think even there though ...

-{ Quote: "Originally posted by Daveski17

Of course, if you want to be completely safe from malware attacks you could always hide out in a mansion somewhere with no Internet/Phone connections & surround yourself by 10 foot walls. You may not be as safe as you think even there though .." }-

;D = BL, allegedly ;)

-{ Quote: "you could always hide out in a mansion somewhere with no Internet/Phone connections & surround yourself by 10 foot walls." }-
And end up dead :P

Anyway, NSA should have recommended some other OS that needs a kick in the back to gain market share.
Such as Mac OS X, or Linux. :) .

-{ Quote: "It wouldn't do for people to have security etc Apps in place that won't work on Vista/W7 that might interfere with covert etc intrusions ;D " }-
There's XP Mode available on Windows 7 Pro and above.

I won't take NSA's bait, mate.
Win 7 is far from great.
IMO it has too much freight.
With a booty so wide it needs a license plate
Ergo, I shall wisely await...
The impending arrival of Windows 8. :shifty:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

In the meantime, my XP-based box is fecund but chaste. Impregnable. :thumb:

-{ Quote: "Ergo, I shall wisely await...
The impending arrival of Windows 8. :shifty:" }-
How do you know if it'll be better? This time it's not an enhancement of the previous version, but an entirely new one. More likely to have problems.

and after a month of windows 8..........patches.

I always love the latest & greatest ;D

Lately I have been asking myself this question..

If I don't do any online transactions and have no passwords/#s stored that are of any value, what exactly do I have that I need to really worry about?

This excludes important data, because if it ain't backed up, it ain't safe from either malicious activity or a dead harddrive.

If I then make sure any online transactions are completely safe, would I still need Vista or win7? Do I have anything to lose at all except the time it takes to reformat or reimage?

What is it that the "majority" has that means so much they should switch to a different OS that could be compromised the same as an old flavor?

Sul.

Everyone is missing the big picture. The NSA (spy agency) wants everyone to use vista/seven. Is there perhaps an ulterior motive? Maybe vista/seven is easier for nsa to hack into. I'm surprise some people here in the forum actually agree with the nsa since the people in this forum are probably more paranoid than the average person in the street, I can see easily through nsa "friendly" advice.
If you run XP bareback with no firewall/antivirus then they might have a point.

I really like W7, but I want be ditching XP anytime soon. We just recently switched to W7 on some of our machines at work, but most of the machines at work don't have the hardware to support W7 so I don't see them replacing hundreds of PC's. That's only in my division. We have thousands of machines on the network.

-{ Quote: "Probably sound advice, but as ever, we have debated this for many moons here on Wilders.
Like most people, I believe that users will update/upgrade their hardware when they can afford it.
Not all countries are as affluent as the US." }-
+1. :thumb:

I might upgrade my hardware if the need arises, by my OS will stay the same, and it ain't Vista or 7. I want nothing to do with anything that the NSA has had their hand in.

-{ Quote: "I might upgrade my hardware if the need arises, by my OS will stay the same, and it ain't Vista or 7. I want nothing to do with anything that the NSA has had their hand in." }-

Maybe the NSA could cook up their own OS ? Any takers?

-{ Quote: "Maybe the NSA could cook up their own OS ? Any takers?" }-

I bet they've already got one ... ;)

-{ Quote: " Of course, if you want to be completely safe from malware attacks you could always hide out in a mansion somewhere with no Internet/Phone connections & surround yourself by 10 foot walls. You may not be as safe as you think even there though ..." }-

This exactly what happened to Osama Bin Laden.

-{ Quote: "This exactly what happened to Osama Bin Laden." }-

No kidding ... ;)

I'm going on to use XP SP3, despite I have also a Seven's license: I run XP with firewalll, HIPS..... - as I'd do if I used Seven - and I have no security problems.

Sully:

Privacy and security.

I guess you probably don't have WiFi, but you are easier to track (geolocation) if you actually have it. If you have a non-wireless router ? I wouldn't be surprised if MAC addresses of those routers are shared/sold.

What if your computer became part of a botnet ?
What if somehow, someone put child porn on your computer ?
Or both ?

There are lots of ways to correlate data, what you have on your computer (or what you do with it) and other data (government, corporations).

Whenever you hook up your computer to a network, you are at risk.

I'm not worried about it :)

But there is a risk.

And I guess that the security agencies 'prefer' Windows 7 because it retains more data and perhaps because Windows 7 may have a backdoor or more likely, have a backdoor-like vulnerability.

Geesh, If NSA wants to buy me all new hardware, I'll bit.

This paranoia is a riot. I use XP Pro SP3 and am not changing any time soon.

I have a secure password on my router, use the most advanced encryption it has and have all my PC's secured with Sandboxie, OA, and Appguard.

I chuckle a bit about the urgency we are given about keeping up to date, and in general I agree with that advice. But I can't help wondering, gee my computer is very secure on the monday before patch tuesday, and it suddenly and miraculously became in secure after patch tuesday unless I update.

I've always lagged behind the patches to let others beta test them and being very busy lately, I haven't done the patching in a few months. Funny my computers are still secure, with no infections.

With a bit of common sense and some the excellent software talked about here, I think XP can be every bit is secure.

I also can't help note that as I read about problems everyone is having with some software, I get interested in testing and find oops it's x64. Hmm.

NSA I'll pass.

Pete

Oh as a PS on the X64 thing. Yes there is a memory advantage. The XP box I am on right now has 4gb ram, so yes I can't use it all so I am limited. But wait, I can fire up a VM machine that I've given 1gb ram to use, and while it's running, I can run my futures charting software, Quickbooks, All of the Office 2010 programs I use, Paperport, and browse on the web, with no obvious performance hit. Yep, I am ram limited, but I can run anything I need.

Re - NSA Operating Systems etc

-{ Quote: "NSA has developed and distributed configuration guidance for operating systems. These guides are currently being used throughout the government and by numerous entities as a security baseline for their systems.

http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_systems.shtml" }-

-{ Quote: "NSA Helping with Windows 7 Security

The National Security Agency is a life-long friend of Windows and Microsoft.

NPR reports that the National Security Agency (NSA) has been working with Microsoft to improve the security measures of Windows 7. The NSA has been involved with the new operating system since its inception, showing that the agency is committed to getting more involved with the private sector in regards to cybersecurity. The agency revealed its involvement yesterday during a hearing held in Washington.

"Working in partnership with Microsoft and (the Department of Defense), NSA leveraged our unique expertise and operational knowledge of system threats and vulnerabilities to enhance Microsoft's operating system security guide without constraining the user's ability to perform their everyday tasks," said Richard Schaeffer, the NSA's Information Assurance Director. "All this was done in coordination with the product release, not months or years later in the product cycle."

www.tomshardware.com/news/NSA-Windows-Microsoft-Security-OS,9118.html" }-

-{ Quote: "What was NSA's involvement in producing Windows Vista security ...

Has NSA “approved” the use of Windows Vista and Internet. Explorer 7 on government systems?

http://www.nsa.gov/ia/_files/os/winvista/Windows%20Vista%20FAQs.pdf" }-

ALSO

-{ Quote: "NSA Security-Enhanced Linux (SELinux)

"National Security Agency research project, to modify the Linux kernel with enhanced security-related functions, including mandatory access controls."

http://www.nsa.gov/research/selinux" }-

Don't get me started on the "infamous" NSAKEY in our comps :P

-{ Quote: "Don't get me started on the "infamous" NSAKEY in our comps :P" }-

Hmmm ... this is all very interesting. The NSAKEY (http://en.wikipedia.org/wiki/NSAKEY) particularly. Personally, I've always loved conspiracy theories. :wacko:

I believe that the NSA is one of the biggest intelligence gathering agencies in the world. Apparently they were so secretive that no one had really heard of them until comparatively recently.

-{ Quote: "NSA Helping with Windows 7 Security

The National Security Agency is a life-long friend of Windows and Microsoft." }-
Yeah, the NSA is a life-long friend and the DOJ is a life-long enemy. Good to know the various agencies of the U.S. government have open lines of communication. ::)

-{ Quote: "and after a month of windows 8..........patches." }-
Oh my god, patches for an OS? You never see those on Linux and OSX right? ;D

-{ Quote: "Everyone is missing the big picture. The NSA (spy agency) wants everyone to use vista/seven. Is there perhaps an ulterior motive? Maybe vista/seven is easier for nsa to hack into. I'm surprise some people here in the forum actually agree with the nsa since the people in this forum are probably more paranoid than the average person in the street, I can see easily through nsa "friendly" advice.
If you run XP bareback with no firewall/antivirus then they might have a point." }-
I don't think that Wilderssecurity is the place to start conspiracy theories based on no facts. :)

Let's go full-force hypothetical (just for arguments sake) that the NSA has true benevolent motives here. (I did write 'full-force hypothetical')

If the average user (e.g. running admin), is better off having Vista/7 instead of XP, it must mean, the NSA is counting on UAC and/or IE9 to make the world a better place?

The modus operandi of the NSA etc, is NOT to make the world a better place. If only it were !

-{ Quote: "Everyone is missing the big picture. The NSA (spy agency) wants everyone to use vista/seven. Is there perhaps an ulterior motive? Maybe vista/seven is easier for nsa to hack into. I'm surprise some people here in the forum actually agree with the nsa since the people in this forum are probably more paranoid than the average person in the street, I can see easily through nsa "friendly" advice." }-
As soon as it was revealed that the NSA "helped" Microsoft to "secure" Vista, my decision was made. I will never own it or Win-7. I won't use it. I will not even allow one to be hooked up to the same LAN as my primary unit.

The more I look back at Vista and Win-7 since the time of that announcement and see just about every security "enhancement" they've come up with defeated, including 64 bit, I don't accept that they did anything to make it more secure for users. I'd be more inclined to believe that it's been "improved" from a national security point of view, for their benefit only. It's the same repeating story. A new OS looks secure for a while, but once the malware writers figure out what's changed, the new OS proves to be as vulnerable as its predecessors, if not more so. I trust what I have far more than any of Microsofts current and supported systems and will continue to until I actually see my security package defeated.

When almost every other electronic user device is being found to track users, call home with their data, and store extended records of user activities, how can anyone believe for one minute that Windows and MS aren't doing the same thing? I'm betting that they do and that it just hasn't been found yet.

-{ Quote: "The more I look back at Vista and Win-7 since the time of that announcement and see just about every security "enhancement" they've come up with defeated, including 64 bit, I don't accept that they did anything to make it more secure for users." }-
Contrary to your beliefs, the fact is that newer versions of Windows are more secure than older versions without third-party programs.

A few rootkits infect 64-bit. Compare that with the thousands that infect 32-bit. UAC lowers the rights of processes that do not need admin access. Compare the amount of malware working with limited rights to those with admin rights. Once again, a huge difference. Etcetera, etcetera.

-{ Quote: "The modus operandi of the NSA etc, is NOT to make the world a better place. If only it were !" }-

That's like saying MI5/6 doesn't want to make the world a better or safer place. That is sort of their job description now the Cold War has ended. Well, that & driving Aston Martins with ejector seats maybe. ;)

They've had a lot longer to exploit 32 bit. Give it some more time. They'll find a lot more. It won't be long before Vista and 7 get patched as much as XP does.

As for 3rd party security apps, I trust them more than I trust MS to protect my system or privacy. Nothing has defeated them yet and I don't expect to see it happen anytime soon.
If switching to linux didn't require re-learning everything all over again, I probably would. But after spending years with DOS, Linux command line feels like a foreign language.

-{ Quote: "They've had a lot longer to exploit 32 bit. Give it some more time. They'll find a lot more. It won't be long before Vista and 7 get patched as much as XP does. " }-
That's not the main reason, which is PatchGuard. Also it doesn't explain the lack of limited rights malware.

All this updating is getting complete out of control. Where does it end? If the corporate giants have their way not until every single person is bankrupt. Besides, the best security software is between your ears anyway. :)

-{ Quote: "Contrary to your beliefs, the fact is that newer versions of Windows are more secure than older versions without third-party programs." }-Unsupported assertions. Gee, the view from Mount Olympus must be great this time of year. :dry:

-{ Quote: "All this updating is getting complete out of control. Where does it end? If the corporate giants have their way not until every single person is bankrupt. Besides, the best security software is between your ears anyway. :)" }-

Plus One all the way! :D

-{ Quote: "Unsupported assertions. Gee, the view from Mount Olympus must be great this time of year. :dry:" }-
I just supported them. Read the rest of the post and #33. Gee, I must've been too far away for you to see properly.

-{ Quote: " It won't be long before Vista and 7 get patched as much as XP does.

" }-
No need for the wait. 7 already gets a boat load every other month. Sometimes, twice monthly. I installed 7 on the day it was released. Installed it on 16.5 gig partition and was left with about 12.5 gig free space. I've installed about 20 very small useful apps which amount to, I'll be generous here and say .5 gig. Today, I have 5.5 gig of free space with System Protection and hibernation turned off. I'm sure not all is due to Win updates but I'd bet a big portion of it is.

Oh, Goody,another thread saying how much XP sucks,and it's just a security nightmare and needs to be replaced,ASAP!

Thanks for the laughs! :argh: :argh: :thumb:

-{ Quote: "The modus operandi of the NSA etc.
is NOT to make the world a better place.
If only it were !" }-
+1. :thumb:

-{ Quote: "All this updating is getting complete out of control. Where does it end?" }-

Until every single person is bankrupt.

-{ Quote: "If the corporate giants have their way not until every single person is bankrupt." }-

You took the words right out of my mouth LOL! ;D ;)

-{ Quote: " Besides, the best security software is between your ears anyway. :)" }-

Hopefully ...

Anyone not convinced by the value of new stuff like ASLR, SEHOP, the above already mentioned PatchGuard etc?
OK, 3rd party software suppliers will have to make sure, some of it is actually used on their stuff but isn't this also an advantage over XP?
Probably/perhaps it doesn't warrant spending hundreds of dollars on new HW and a new MS OS license but surely there are some improvements in Vista/7 we can all agree on? Or am I being naive here?

-{ Quote: " UAC lowers the rights of processes that do not need admin access. Compare the amount of malware working with limited rights to those with admin rights. Once again, a huge difference. Etcetera, etcetera." }-

Isn't that what a LUA does in XP?

Is this recommendation by the NSA based on XP vs. Vista/7 when both use their built-in security structure (Windows Firewall, Windows Defender, UAC, etc.), or is there something fundamentally more secure about Vista/7 than XP even if both use the same 3rd party firewall and antivirus with Windows security apps disabled.

For example, would XP with Norton 360 Premium be less secure than Vista with the same security suite assuming both have the same UAC and other policies in place?

-{ Quote: "The modus operandi of the NSA etc, is NOT to make the world a better place. If only it were !" }-
I'm afraid you can say that about a lot of 3-letter word organizations :shifty:

-{ Quote: "All this updating is getting complete out of control. Where does it end? If the corporate giants have their way not until every single person is bankrupt. Besides, the best security software is between your ears anyway" }-
You don't have to update if you want, you can use windows 3.1 until the end of time. You can't expect a company (Microsoft, Apple, Google, whatever) to support a product forever for free, personnel have to be paid.

-{ Quote: "No need for the wait. 7 already gets a boat load every other month. Sometimes, twice monthly. I installed 7 on the day it was released. Installed it on 16.5 gig partition and was left with about 12.5 gig free space. I've installed about 20 very small useful apps which amount to, I'll be generous here and say .5 gig. Today, I have 5.5 gig of free space with System Protection and hibernation turned off. I'm sure not all is due to Win updates but I'd bet a big portion of it is." }-

Try system tools -> disk cleanup. A lot of files (like with SP1) are saved so, in the case it goes wrong, you can undo the patch. Otherwise you can use CCleaner to clean up your browser and other applications.

-{ Quote: "No need for the wait. 7 already gets a boat load every other month. Sometimes, twice monthly. I installed 7 on the day it was released. Installed it on 16.5 gig partition and was left with about 12.5 gig free space. I've installed about 20 very small useful apps which amount to, I'll be generous here and say .5 gig. Today, I have 5.5 gig of free space with System Protection and hibernation turned off. I'm sure not all is due to Win updates but I'd bet a big portion of it is." }-
11GB just for the system? That's a lot of code, all of it potentially containing flaws and vulnerabilities. Just the quantity of it all but guarantees there's undiscovered vulnerabilities, and lots of places for an NSA backdoor to hide. There's no sensible reason that an OS has to be that big, except to force users to upgrade their hardware. By comparison, this dual boot unit has 2 system partitions. One is 3.78GB. The other is 1.09GB.

In this respect PCs are going in the opposite direction of other user goods.We got past the bigger is better mentality with cars. The typical presnt day car is a far cry from the 4000+ lb monsters we had in the 60s and early 70s. Todays cars don't need 300 horsepower just to pull their own weight. PCs just keep going in the opposite direction, with more RAM, more speed, and needing more power just to run the OS. In this respect, they're just like the old gas guzzlers that used almost as much fuel idling as the new ones do driving. Maintaining all those user activity records must use a lot of power.

Even if one accepts the "more secure" argument for Win 7, I wouldn't trust it in regards to protecting your privacy, not after the NSA got involved. If we really want to improve our personal privacy and security, we should ditch the NSA.

-{ Quote: "Isn't that what a LUA does in XP?" }-
It can't conveniently elevate processes though. Also UAC provides more protection like IE's Protected Mode and locks down the settings for MSE, ESET, and AVG.

Also forgot to mention the greatly improved Windows Firewall.

Maybe I should post this somewhere else, but this seems to fit in this thread.

NSA file, for home users -http://www.nsa.gov/ia/_files/factsheets/Best_Practices_Datasheets.pdf-

The recommendation to use a modern OS makes sense for the average user.
A 'no brains' approach. This may not protect you against nosy government, but it will keep hackers and some businesses at bay.

I'm a little surprised that they recommend a HIPS for average home users.
As they say: 'A comprehensive host-based security suite
provides support for anti-virus, anti-phishing,
safe browsing, Host-based Intrusion Prevention
System (HIPS), and firewall capabilities.'

For as far as I know, most suites provide no HIPS functionality or only very limited HIPS functionality. Am I wrong ?

Upgrading to the latest version of M$ Office ? If you don't need the features it's a waste of money.

Keeping application software patched ? That makes sense, but often it's redundant. You really don't need to have all your applications fully patched.
In my experience (as a home user) patches tend to break security software or cause other issues. They should have mentioned uninstalling Java ...

Don't download the file if you're afraid the NSA is spying on you ... :dry:

Moderators: feel free to move this post if you feel that is more appropriate.

That eagle in the NSA logo reminds me of something .. if only I could remember what ... :gack:

-{ Quote: "It can't conveniently elevate processes though. Also UAC provides more protection like IE's Protected Mode and locks down the settings for MSE, ESET, and AVG.

Also forgot to mention the greatly improved Windows Firewall." }-

You can't elevate a single process, but you can elevate all processes by switching to the admin. account. Gotta give you that J-L, Win 7s way is safer and more convenient.

LUA on XP with a Sandboxed browser pretty much locks down the browser and setting though.

No doubt Win 7 firewall is an advancement. But improvement...IDK. If you place priority on prevention by using LUA and Sandboxie, you're probably just as safe and don't really need the two way firewall/hips.

Good discussion.

This topic...

-{ Quote: "co·nun·drum/kəˈnəndrəm/Noun
1. A confusing and difficult problem or question.
2. A question asked for amusement, typically one with a pun in its answer; a riddle." }-

NSA - (regardless of thier motive)
Be safe. Spend money on new stuff which is designed better. Use tools which will keep you safe.

USERS -
I would like to be safe. I don't know if I can afford the new stuff - software or hardware. I am not sure what a file is, and sometimes I lose things I download. I've been trying for years to lose my HIPS, now you want me to put them back on? Is my firewall good if I never see it asking me questions? Oh, and why can't I play my favorite online games now?

ADVANCED USERS -
How exactly is a new operating system going to give me any better protection than I already have? If I haven't been infected with a virus or installed a malware in the last few years with my current security setup, why am I suddenly supposed to be afraid and ante up for something I don't need?

REALLY ADVANCED USERS -
Dude, like what are you talking about? You can't be serious.

Sul.

Let's not forget built-in disk imaging.

Although there may be privacy concerns, because of NSA's involvement, I have my doubts.

-{ Quote: "As soon as it was revealed that the NSA "helped" Microsoft to "secure" Vista, my decision was made. I will never own it or Win-7. I won't use it. I will not even allow one to be hooked up to the same LAN as my primary unit.

The more I look back at Vista and Win-7 since the time of that announcement and see just about every security "enhancement" they've come up with defeated, including 64 bit, I don't accept that they did anything to make it more secure for users. I'd be more inclined to believe that it's been "improved" from a national security point of view, for their benefit only. It's the same repeating story. A new OS looks secure for a while, but once the malware writers figure out what's changed, the new OS proves to be as vulnerable as its predecessors, if not more so. I trust what I have far more than any of Microsofts current and supported systems and will continue to until I actually see my security package defeated.

When almost every other electronic user device is being found to track users, call home with their data, and store extended records of user activities, how can anyone believe for one minute that Windows and MS aren't doing the same thing? I'm betting that they do and that it just hasn't been found yet." }-

agreed +1 :thumb:

-{ Quote: "agreed +1 :thumb:" }-

http://www.homelandstupidity.us/2007/01/09/nsa-provided-security-help-for-windows-mac-os-x/

The NSA has helped Windows, OS X and Linux (although SElinux is open source, so I doubt that there are any backdoors in there). Last year Google asked help of the NSA (http://www.washingtonpost.com/wp-dyn/content/article/2010/02/03/AR2010020304057.html ). What about Red hat: http://www.h-online.com/open/news/item/NSA-helps-Apple-Sun-and-Red-Hat-harden-their-systems-863889.html . Are you going to stop using all these products?

And yes, they also helped with Windows XP. I really don't understand all the paranoia going around here. A backdoor will never be used on a large scale since this can be detected. If you are targeted individually , then you are most likely screwed anyway.

-{ Quote: "This topic...
-{ Quote: "co·nun·drum/kəˈnəndrəm/Noun
1. A confusing and difficult problem or question.
2. A question asked for amusement, typically one with a pun in its answer; a riddle." }-
NSA - (regardless of thier motive)
Be safe. Spend money on new stuff which is designed better. Use tools which will keep you safe.

USERS -
I would like to be safe. I don't know if I can afford the new stuff - software or hardware. I am not sure what a file is, and sometimes I lose things I download. I've been trying for years to lose my HIPS, now you want me to put them back on? Is my firewall good if I never see it asking me questions? Oh, and why can't I play my favorite online games now?

ADVANCED USERS -
How exactly is a new operating system going to give me any better protection than I already have? If I haven't been infected with a virus or installed a malware in the last few years with my current security setup, why am I suddenly supposed to be afraid and ante up for something I don't need?

REALLY ADVANCED USERS -
Dude, like what are you talking about? You can't be serious." }-
Sul, I love it... :D

Aaron

They also recommend to use Firefox with NoScript/Chrome with NotScript, DEP for all programs, SSID cloaking, MAC filtering and Full disk encryption and lots more. Are you going to stop using that as well?

And I agree, if you're targeted individually you're screwed anyway.

-{ Quote: "http://www.homelandstupidity.us/2007/01/09/nsa-provided-security-help-for-windows-mac-os-x/

The NSA has helped Windows, OS X and Linux (although SElinux is open source, so I doubt that there are any backdoors in there). Last year Google asked help of the NSA (http://www.washingtonpost.com/wp-dyn/content/article/2010/02/03/AR2010020304057.html ). What about Red hat: http://www.h-online.com/open/news/item/NSA-helps-Apple-Sun-and-Red-Hat-harden-their-systems-863889.html . Are you going to stop using all these products?

And yes, they also helped with Windows XP. I really don't understand all the paranoia going around here. A backdoor will never be used on a large scale since this can be detected. If you are targeted individually , then you are most likely screwed anyway." }-
From the first link you posted:
-{ Quote: "“A few years ago I was ready to believe the NSA recognized we’re all safer with more secure general-purpose computers and networks,” says security expert Bruce Schneier, “but in the post-9/11 take-the-gloves-off eavesdrop-on-everybody environment, I simply don’t trust the NSA to do the right thing.”" }-
As for the rest of the companies/products listed:
Google, wouldn't use their software at gunpoint. No matter how "secure" it's found to be, Google has zero respect for a users privacy. I don't allow my system to connect to Google without going thru an anonymous proxy or Tor.

OSX. Never used it. Not sure if I've ever seen it.
RedHat. Never used it.

A potential backdoor is just one issue that comes to mind with the NSA, and not the most likely one. When any law enforcement agency can and does seize your computers, with or without probable cause, regardless of whether a computer was involved in an alleged crime, they don't really need a backdoor. They're seized as a matter of routine. The bigger concern would be all the stored user records, something Windows does very well. I'd suspect that their "security improvements" are more for general surveillance and storing "evidence" should they decide to target an individual. Lots of places to hide usage records in multi-gigabyte Vista and Win-7 systems.

Regarding:
"I really don't understand all the paranoia going around here."
How can you look at the current trends and not be concerned about being constantly watched? All of our internet usage, all of our communications, our movements, our medical records, etc. All or most of our user devices tracking us, calling home, storing locations, etc. One or 2 could pass as the actions of greedy companies, but almost all of them? A lot of this is for the benefit of big money, anti-piracy for instance, for the sole purpose of getting every possible dime out of everyone. Every day, more things become illegal. If some greedy corporate trash thinks that you owe them, you may have more to hide than you realize.

-{ Quote: "Sul, I love it... :D

Aaron" }-

+1 Outstanding summary!

-{ Quote: "Let's not forget built-in disk imaging.

" }-

Depends on which version of Win 7 we're talking about..and there are so many.

-{ Quote: "
Regarding:
"I really don't understand all the paranoia going around here."
How can you look at the current trends and not be concerned about being constantly watched? All of our internet usage, all of our communications, our movements, our medical records, etc." }-

no offense, but you may be too paranoid to have the internet, even using linux your ISP is still going to see everything and ISP logs have been leaked.....

-{ Quote: "Depends on which version of Win 7 we're talking about..and there are so many." }-
All of them has disk imaging. For Vista, it's Business and above.

-{ Quote: "no offense, but you may be too paranoid to have the internet, even using linux your ISP is still going to see everything and ISP logs have been leaked....." }-
I'll admit to being what most would call paranoid. That said, your statement needs a slight adjustment. Instead of "too paranoid to have the internet...", it should read "too paranoid because of the internet". As for the statement of mine that you quoted, you can look back through these forums and find example after example of every one of the items I mentioned, with links to actual incidents and proof. When the threats are real, it's not paranoia. It's admitting to a very unpleasant reality and doing what you can to take a stand against it.

I realize that most users either don't have the same views as I do, or not to the same degree. I very much distrust MS and have long suspected that there's a partnership between them and the government. I'm at a loss to understand why Microsoft hasn't been split up under anti-trust laws. AT&T was split up for far less influence and anti-trust activity than what MS is doing. I'm convinced that their giant monopoly is allowed to continue because they're giving the government something in return, an OS that spies on its users. IMO, Windows has become spyware in the form of an operating system, a characteristic that has gets worse with each new version. As for Linux, I just don't have the time to start over learning a new OS. For that reason (among others) I stay with the older versions of Windows, ones I've learned to control and modify using tools that have earned my trust. As for the older systems being insecure, that's all relative. None of them have ever been secure "out of the box". Microsoft, the NSA, and individuals can make all kinds of theoretical arguments about why this version is more secure than that one, but in the end it's the one that allows malicious code to execute that gets compromised. If that code can't execute, the type and number of vulnerabilities doesn't matter. For the typical user, the kind that you don't see here who have no desire to learn about how PCs work and what's involved in actually making one secure, the newer systems are more secure "out of the box" as compared to the older ones. But for those who understand their systems, it doesn't apply.

As for what my ISP sees and/or logs, my normal or casual internet usage is nothing I need to keep secret. When I choose to visit, view, or post something that's more controversial or sensitive, I use Tor. All my ISP knows is that I connected to Tor. Where I went from there they have no way of knowing. All that the site knows is that I connected to them from a Tor node.

-{ Quote: "All of them has disk imaging. For Vista, it's Business and above." }-

My mistake J-L. That certainly is a plus for Win 7.

-{ Quote: "Originally Posted by noone_particular

When the threats are real, it's not paranoia." }-

Indeed ;)

It's an old article and I can't judge its merits: http://www.heise.de/tp/artikel/5/5263/1.html

@ Fly

RE - ADVAPI.DLL / NSAKEY

Yeah, as in Post # 23 - https://www.wilderssecurity.com/showthread.php?t=298489

-{ Quote: "A third key?!

But according to two witnesses attending the conference, even Microsoft's top crypto programmers were astonished to learn that the version of ADVAPI.DLL shipping with Windows 2000 contains not two, but three keys. Brian LaMachia, head of CAPI development at Microsoft was "stunned" to learn of these discoveries, by outsiders. The latest discovery by Dr van Someren is based on advanced search methods which test and report on the "entropy" of programming code.

http://www.heise.de/tp/artikel/5/5263/1.html" }-

Still the debate goes on, but the above third key revelations, if nothing else, "supposedly" spooked the MS programmers !