US security agency eyes open source

The US National Security Agency, known to conspiracy theorists as the No Such Agency, is taking a noticeable interest in Linux, in the belief that it can develop an almost uncrackable secure operating system for sensitive file storage.

The NSA said it would be working closely with software emulation developer, VMware, to develop an open source based platform which can be confidently used for "certain sensitive or classified applications and environments".

Project NetTop, as it has been dubbed, will combine VMware's virtual machine technology with the NSA's extensive knowledge of cryptography, to create different certified levels of security that can exist on the same network. The NSA currently uses a different physical network for each level of security, so a user with access to 'top secret' and 'sensitive' would need two computers on his desk.

"Users in the national security community have an increasing need for commercial off-the-shelf software, and to provide them with this functionality without compromising on security we currently require them to use different computers for different applications," said Paul Pittelli, director of information assurance research at the NSA.

"A security enhanced virtual machine monitor is an important component to help us provide practical security. NetTop will take virtual machine security to the next level by making separation and isolation certifiable. This level of security is obviously important for government users but will also appeal to security-conscious commercial users," he said.

The NSA first announced its interest in the Linux operating system in early January, when it announced a prototype version of 'security enhanced' Linux.

VMware has now been drafted in to make sure that security stretches out over the network. The prototype includes enhancements providing stronger protection against tampering and bypassing of application security mechanisms, and greater limits on the damage that can be caused by malicious or flawed applications.

"Open source software plays an increasingly important role in federal IT systems, and NSA's security experts are also making a valuable contribution to the open source community," said Jeffery Hunker, senior director for critical infrastructure at the White House National Security Council.