Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: [News] China Makes Windows Executable to Spy on Citizens

Ezekiel wrote:
GreyCloud wrote:

Tim Smith wrote:
In article <4a2e6ac5$0$15085$bf4948fe@xxxxxxxxxxxxx>,
 Erik Jan <Erik@xxxxxxxxx> wrote:
I don't see why Western industry should do this. It has tolerated
several backdoors and spyware in Windows for the benefit of Microsoft
and for the NSA. Nothing new here.
There's no creditable evidence of an NSA backdoor in Windows. There was
one sensationalistic report, pretty quickly shot down by the
cryptographic community.

Cite please.



So where's the lying freetard (Eric Jan) cite of the several known backdoors
in Windows?





http://www.pcworld.com/article/12720/expert_casts_doubt_on_windows_back_door.html

<quote>
Expert Casts Doubt on Windows Back Door
Security agency could find easier routes through Windows, says
cryptographer.


But respected cryptographer Bruce Schneier, president of Counterpane
Systems, a Minneapolis-based cryptography and security consultancy, noted
that if the NSA wanted to compromise Microsoft's CryptoAPI, which supports
the encryption of data in Windows programs, there are easier ways.

The NSA could convince the company to divulge the secret-key portion of its
signature key, for example; get Microsoft to sign an NSA-compromised
security module; or install a module other than CryptoAPI to break
encryption strategies.

"It's not an NSA key so they can secretly install weak cryptography on the
unsuspecting masses," said Schneier. "There are just too many smarter
things they can do to the unsuspecting masses."

Schneier also pointed out that the NSA doesn't necessarily need a key to
compromise security in Windows because programs such as Back Orifice can do
so on most systems without keys.

Perhaps the biggest tip-off to skeptics was the name of the key itself. If
the NSA did have a secret key, naming it "NSAKEY" seemed too obvious. While
companies such as Microsoft, which don't release their source code for
review, are always under suspicion that they could be hiding back doors in
their products, anyone with a debugger could have found the "NSAKEY" name,
Schneier observed.
</quote>




http://orlingrabbe.com/microsof_nsa.htm

<quote>
Please apply a bit of simple critical thinking here:

If the NSA wanted to have real backdoor functionality, they would much
more likely simply steal Microsofts own keys instead of embedding
additional keys with an obvious symbol name. Remember: The NSA is the
world's largest key thief. They have stolen crypto variables from
well-protected military and government agencies from all over the world
using the usual repertoire of techniques (bribery, extortion,
eavesdropping, hacking, infiltration, etc.). If they can do it with
eastern military agencies, they can most certainly also do it easily
with Microsoft, which is orders of magnitudes less well protected than
the usual NSA target. If there is a real NSA backdoor key in Windows,
that it would certainly be identical to Microsoft's own key.
</quote>

</quote>


That is possible, but it would be far easier to just cut a deal with M$ to have those back doors.
After all, isn't windows supposed to be the worlds most popular os?
And wouldn't it be very easy for NSA to just go in and snoop around to see what other foreign governments are doing? Far cheaper that way in my opinion and doesn't risk any bodys life in spying in this fashion. And of course there is also the canadian scientist that directly asked M$ to comment about this, in which case
there was no response at all.


--
"It is impossible to defeat an ignorant man in argument."
William G. McAdoo.
American Government official (1863-1941).

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index