I feel much better about NSA involvement with Linux because of it's open source nature.
The NSA could be working to patch security holes in Windows or it could be installing back doors or both. With Linux, it's clear they're patching security holes/vulnerabilities.
There's also the small matter of whether they should be using tax payers dollars to fund the development of a proprietary product. I realise that most people use Windows but it still leaves a bad taste in my mouth. And I'm not even American!
I get where you're coming from, but let me play devil's advocate. The NSA has a possibly unique position of being able to protect the United States' information infrastructure from emerging threats, on account of their well funded, top-secret research in this field.
Now for better or for worse, Microsoft Windows plays a major role in US business infrastructure. So isn't it a good thing for the NSA to use its position to strengthen the USA against new attacks that, perhaps, only this agency has the ability to see coming?
"Microsoft was not immediately available for comment on the NSA's participation in Windows 7's development." - This totally sounds like someone sent an email, waited 5 minutes, and then posted this article.
NSA tries to help with practically every project. I remember in Bruce Schneiner's "Applied Cryptography" he talked about how the NSA worked on various encryption algorithms in use including the DES tables.
Nobody was quite sure what the NSA did to the tables, but when they came back they were different. Naturally, there is speculation that they built in backdoors. (These days it is an obsolete argument anyway as DES has already been broken by brute force because of its short key length.)
Close. The real story is that that the design of the s-boxes in DES appeared a bit strange to the crypto community, and there were rumors that the NSA had been involved in selecting the values. Foul play was suspected. It turns out that the values in the DES s-boxes were very resistant to differential cryptanalysis, much more than they would have been if they were selected randomly. Either the NSA knew this technique back in the 70s or the IBM researchers figured it out and agreed to keep it secret (both claims have been made); it was not until independent discovery in the 90s that we all learned why the s-boxes had those specific values.
Maybe the NSA just wants to make Windows more secure, to make cyber-warfare harder for everyone else. But assuming the NSA is malicious, it wouldn't need to install a back door.
"Helping" with development gives it access to the Windows source code. Thus it gets a better shot at finding vulnerabilities it could exploit. They just need to stay ahead of patches.
The NSA has long advised MS about what crypto systems to include in Windows. In particular, I heard that MS was advised to support elliptic curve cryptography within a two-year timeframe, which is shorter than usual, leading some to speculate about undisclosed flaws in other systems.
