NSA has opened an account on GitHub

The National Security Agency - a US intelligence agency that traditionally works in secrecy - has finally joined GitHub and opened the official page: github.com/nationalsecurityagency . There, the NSA will publish the source code of its programs. There is a peculiar irony in this, since many NSA software has previously leaked to open access, that is, it has become free de facto, without any assistance from the NSA. Like the same EternalBlue tool, which in April 2017 was merged by the hacker group Shadow Brokers among other NSA tools , and later the WannaCry worm and cryptographer was developed on its base.



But of course, the office is not going to voluntarily publish here their secret tools, which are used for espionage and intelligence. But they have a lot to safely share with the community.



In the end, the NSA employs hundreds of highly skilled, brilliant programmers and the best mathematicians. These are good guys, they attend hacker conferences and other computer conferences, including programming, keep in touch with colleagues from the “other side”. Everyone has common interests and areas of knowledge. It is unlikely that NSA employees have the opportunity to hide their place of work.



Traditionally, the NSA was considered a secret organization and did not tell anything about its activities. However, after the leaks of Edward Snowden in 2013, it began to slowly and gradually open up to the world. Even then, the NSA opened an account on Twitter, and now - a repository on GitHub. The agency also opened the site https://nationalsecurityagency.imtqy.com/ . In total, the NSA is ready to share 32 different projects with the world, all of which are part of the NSA Technology Transfer Program ( TTP ) technology transfer program. Although some of the projects are not yet fully presented, they are marked 'coming soon'.

')

The TTP page states that this program is working with “agency innovators who wish to use this collaborative model to transfer their technologies to the commercial market”.



The NSA lists the benefits of open source software and a free license. It is indicated that such a model stimulates the widespread use of software, its widespread installation. The society benefits from the use of such programs, their changes and commercialization of software. In turn, the government benefits from the fact that the open source community is making improvements to the programs.



Many of the projects laid out by the NSA are already very old and have long been available to the community. For example, the SELinux security mechanism has long been included in the Linux kernel. But now we know that it was developed by the NSA, so Linux users can be proud - the NSA code works on their computers.



Other NSA projects are also of some interest. Here are some of them:

• Certificate Authority Situational Awareness (CASA) : a simple tool that detects unexpected and forbidden certificates of certification centers on computers under Windows.
• Control Flow Integrity : A hardware-based technique to prevent exploits that use memory corruption from working.
• DCP : a program that reduces the time required to make a copy of a hard disk for analysis during forensic examination.
• FEMTO : indexing and search system for requests for a sequence of bytes. Provides extremely high search speed on data in arbitrary formats.
• goSecure : an easy-to-use portable VPN built on Linux and Raspberry Pi.
• GRASSMARLIN : provides IP awareness for ICS and SCADA networks with network security support.
• Open Attestation : a project for remotely obtaining and verifying the integrity of the system using the Trusted Platform Module (TPM).
• RedhawkSDR : a software radio framework (software-defined radio, SDR) that provides tools for developing, deploying and managing software radio applications in real time.
• OZONE Widget Framework (OWF) : This is a web application that runs in a browser. It allows users to create lightweight widgets and get convenient access to all their online tools from one place.