In Deployed troops to get new security tool, allowing access to latest computers – Nextgov we are told the armed forces, specifically the Central Command, are to be handed a DVD with all the suggested security settings for windows operating systems ready to be installed. This will assure that thousands of PCs have consistent, up-to-date settings. This is a problem, and maybe a false-flag operation to aggressively identify security leaks or illuminate attacks that might otherwise fly under the radar. But whatever, it illustrates the shaky Windows operating system security options, all 1200 of them. Highly trained military users refuse to manually set these up, lacking the time and resources that would ensure a consistent level of PC security on thousands of deployed devices. If the government were to share a 5¢ DVD copy of this with every American, wouldn’t it make computing and internet use safer for all? Or would it annoy commercial interests with influence in the capital, and much more seriously, close off government surveillance opportunities of your PC?
For non-military agencies, there is a standard, the U.S. Government Configuration Baseline but most users ignore it or can’t comply with all its guidelines. The cost for preparing and distributing and maintaining the new security tool is a hidden cost of doing the Windows operating system. Open source or Macintosh systems are less prone to the kinds of attacks that the complicated and vulnerable Windows system is open to but are generally not used outside of government science agencies.
Synchronizing and updating hardware settings “is a complicated and time-consuming process that is outside the normal area of expertise for most organizations,” Defense spokeswoman April Cunningham said. The new tool eliminates the need for military personnel to adjust more than 1,200 settings. It also provides three enhanced security features for the Microsoft operating system that are designed to keep out malicious software, including AppLocker, Data Execution Prevention and Structured Exception Handler Overwrite Protection.
Would the Iranians have wanted something like this to shield their PCs from the Stuxnet virus? Will this tool force improvement in civilian, commercial security software? Windows system attackers are endlessly creative, and there are more of them every day. I suggest that this product, something we taxpayers have paid for, be made available to every American. Why not? Unless there is a nasty back door in your system the Government wants to keep ajar.
Note: as I write, social networks are alive with debate on the looming Government shutdown and of course the question arises, “will Gov workers have to turn in their work Blackberries?”
Russell Imrie is a sometimes content producer, webmaster and an American Indian self-styled social critic now living in the Washington DC area. 1. My earlier blog on evolving social networking and its political power 2. on the blogging phenomenon and classic [print] journalism. This is to say nothing about social networking. I tweet at tweedyBard. Copyright by Russell Imrie forever.