Wow, another NSA leak: Network security code appears on GitHub
SIMP(ly) your tax dollars at work
The NSA today revealed it has uploaded source code to GitHub to help IT admins lock down their networks of Linux machines.
The open-source software is called the System Integrity Management Platform (SIMP). It is designed to make sure networks comply with US Department of Defense security standards, but the spy agency says it can be adapted by admins to meet individual security needs as well.
"The open-source software method of transferring technology from the federal laboratory to the marketplace is extremely efficient," said Linda Burger, director of the NSA Technology Transfer Program.
"The open-source community can leverage the work that NSA has produced, and the government can benefit from that community's expertise and perspective. It's a win for everyone – and for the nation itself."
To use the software, you'll need to be running Red Hat Enterprise Linux 6.6 or 7.1, or the same versions of CentOS. It has been released under version 2 of the Apache License.
The release comes as part of the NSA's ongoing technology transfer program, a scheme to take code developed in house and make it available to the software community to bolster up security. The agency’s Information Assurance Directorate set up a GitHub page in 2013, and has been feeding code in ever since.
Although the NSA's budget is secret, it's rumored to be a little less than a billion dollars a month, so it's nice that computer users get something back for that expenditure, besides being monitored online. ®