Couple of stories today on the Air Force making a deal to get a “special security tweaked” version of XP.  And in the TaoSecurity blog, asks “Will Microsoft sell this “special version” elsewhere, and if so, is the Air Force the guinea pig paying to develop this version?”

Uh..sir… all the information YOU need to have this version is in this guide.  But here’s the catch.  The special version that works for the Air Force MAY NOT work for you.  In fact, YOU may be able to tweak and tune more securely than they can.

I’d probably guess they have a lot of legacy apps and interoperability they have to deal with so I’m going to go out on a limb and say that I just “might” be able to tweak down tighter than the Air Force can.. I could be wrong.

The bottom line folks… we’ve got the tools and information right NOW today to do exactly what the AirForce is getting. 

Read the …um… manual folks.  It takes a real good understanding of your network, not a deal with Microsoft to be secure.

And while you are at it… read the Threats and Countermeasures guide and the 2k3 security guide.


One Response to So if the Airforce can get this, why can’t you?

  1. David says:

    200% correct Susan.

    The design of our SOE which I believe to be quite similar is all about our legacy applications and core regression testing of lets pretend a few hundred unique apps. Some 89999 individual tests if you believe my numbers.

    This is my major gig not my SBS customers of course.