Jump to content

Something to be worried about


Recommended Posts

This is definatly something to be worried about and apparently another reason to go with Linux:

A CARELESS mistake by Microsoft programmers has revealed that special access codes prepared by the US National Security Agency have been secretly built into Windows. The NSA access system is built into every version of the Windows operating system now in use, except early releases of Windows 95 (and its predecessors). The discovery comes close on the heels of the revelations earlier this year that another US software giant, Lotus, had built an NSA "help information" trapdoor into its Notes system, and that security functions on other software systems had been deliberately crippled.

The first discovery of the new NSA access system was made two years ago by British researcher Dr Nicko van Someren. But it was only a few weeks ago when a second researcher rediscovered the access system. With it, he found the evidence linking it to NSA.

Computer security specialists have been aware for two years that unusual features are contained inside a standard Windows software "driver" used for security and encryption functions. The driver, called ADVAPI.DLL, enables and controls a range of security functions. If you use Windows, you will find it in the C:\Windows\system directory of your computer.

ADVAPI.DLL works closely with Microsoft Internet Explorer, but will only run crypographic functions that the US governments allows Microsoft to export. That information is bad enough news, from a European point of view. Now, it turns out that ADVAPI will run special programmes inserted and controlled by NSA. As yet, no-one knows what these programmes are, or what they do.

Dr Nicko van Someren reported at last year's Crypto 98 conference that he had disassembled the ADVADPI driver. He found it contained two different keys. One was used by Microsoft to control the cryptographic functions enabled in Windows, in compliance with US export regulations. But the reason for building in a second key, or who owned it, remained a mystery.

A second key

Two weeks ago, a US security company came up with conclusive evidence that the second key belongs to NSA. Like Dr van Someren, Andrew Fernandez, chief scientist with Cryptonym of Morrisville, North Carolina, had been probing the presence and significance of the two keys. Then he checked the latest Service Pack release for Windows NT4, Service Pack 5. He found that Microsoft's developers had failed to remove or "strip" the debugging symbols used to test this software before they released it. Inside the code were the labels for the two keys. One was called "KEY". The other was called "NSAKEY".

Fernandes reported his re-discovery of the two CAPI keys, and their secret meaning, to "Advances in Cryptology, Crypto'99" conference held in Santa Barbara. According to those present at the conference, Windows developers attending the conference did not deny that the "NSA" key was built into their software. But they refused to talk about what the key did, or why it had been put there without users' knowledge.

A third key?!

But according to two witnesses attending the conference, even Microsoft's top crypto programmers were astonished to learn that the version of ADVAPI.DLL shipping with Windows 2000 contains not two, but three keys. Brian LaMachia, head of CAPI development at Microsoft was "stunned" to learn of these discoveries, by outsiders. The latest discovery by Dr van Someren is based on advanced search methods which test and report on the "entropy" of programming code.

Within the Microsoft organisation, access to Windows source code is said to be highly compartmentalized, making it easy for modifications to be inserted without the knowledge of even the respective product managers.

Researchers are divided about whether the NSA key could be intended to let US government users of Windows run classified cryptosystems on their machines or whether it is intended to open up anyone's and everyone's Windows computer to intelligence gathering techniques deployed by NSA's burgeoning corps of "information warriors".

According to Fernandez of Cryptonym, the result of having the secret key inside your Windows operating system "is that it is tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system". The NSA key is contained inside all versions of Windows from Windows 95 OSR2 onwards.

"For non-American IT managers relying on Windows NT to operate highly secure data centres, this find is worrying", he added. "The US government is currently making it as difficult as possible for "strong" crypto to be used outside of the US. That they have also installed a cryptographic back-door in the world's most abundant operating system should send a strong message to foreign IT managers".

"How is an IT manager to feel when they learn that in every copy of Windows sold, Microsoft has a 'back door' for NSA - making it orders of magnitude easier for the US government to access your computer?" he asked.

Can the loophole be turned round against the snoopers?

Dr van Someren feels that the primary purpose of the NSA key inside Windows may be for legitimate US government use. But he says that there cannot be a legitimate explanation for the third key in Windows 2000 CAPI. "It looks more fishy", he said.

Fernandez believes that NSA's built-in loophole can be turned round against the snoopers. The NSA key inside CAPI can be replaced by your own key, and used to sign cryptographic security modules from overseas or unauthorised third parties, unapproved by Microsoft or the NSA. This is exactly what the US government has been trying to prevent. A demonstration "how to do it" program that replaces the NSA key can be found on Cryptonym's website.

According to one leading US cryptographer, the IT world should be thankful that the subversion of Windows by NSA has come to light before the arrival of CPUs that handles encrypted instruction sets. These would make the type of discoveries made this month impossible. "Had the next-generation CPU's with encrypted instruction sets already been deployed, we would have never found out about NSAKEY."

I always knew this would be the case. The German government discovered this sort of thing within the video conferencing software in windows. And have long since commissioned thier own operating system for government use. [/b]

Source: http://totse2.net/totse/en/politics/nation...sswa168922.html

And I thought that Windows was security challenged enough...

Link to comment
Share on other sites

QUOTE (thrash300 @ Nov 5 2009, 09:39 PM) <{POST_SNAPBACK}>
QUOTE ((NE)Fobby(GEN) @ Oct 23 2009, 02:40 AM) <{POST_SNAPBACK}>

Linux is for the people that are locked up in their basements shaking their fists at the world :P[/b]


Great post.[/b]

QUOTE (thrash300 @ Nov 7 2009, 11:45 AM) <{POST_SNAPBACK}>
This is definatly something to be worried about and apparently another reason to go with Linux:[/b]

Link to comment
Share on other sites

QUOTE (R315r4z0r @ Nov 7 2009, 09:15 PM) <{POST_SNAPBACK}>

Great post.


hehe, burned Trash.

But I have my doubts on the truth of this article. If this were true, then all the news would be all over it. What's more, is that they are too mild about it all, they don't really seem to condemn it. Then they come up with that third key, at least to my limited knowledge of CPU's it's not explained what this key does, and they seem more worried about that third key they know nothing about then the key they already claim to know is used by the NSA to check up on anyone on the world with windows above windows 95.

Besides, what would windows need a key for to enter anyones computer? They have within the warranty of nearly every product they sell (and update) that their product will send information about the useage of the program to microsoft for their marketing. What is that extra key for then?

I highly doubt that this is true at all, find me another artikle or similiar where they are talking about this. A deliberate worldwide loophole in every windows computer would cause a bit more stir if you ask me.

Edit: Out of curiosity, I just checked the 'site', which is just 2 lines with 'Yes, this is the website of Cryptonym Corporation (of the "NSA Key" fame).
I hope to, sometime in the near future, put a brief explanation the whole story online, so stay tuned...'
Which is rather strange for a big discovery of someone who graduated and deals with advanced computertechniques to make such a dumb site.

Edit 2: The site you are referring too has a lot of strange topics, such as an erotic section. I highly doubt that a site like that offers real information, it's more likely to try and keep viewers with sensational and less sensational things, such as:
Abductees / Contactees
Abducted by ay-lee-ens.
Area 51 / Groom Lake / Roswell
Made famous by the movie Independence Day, Area 51 is real, but what goes on there is a secret.
Crop Circles and Cattle Mutilations
Cattle Mutilation Phenomena refers to thousands of cases in North America where cattle have been found mutilated under abnormal circumstances. The cows are found dead, exsanguinated (all their blood has been removed), and have had certain organs surgically removed from their bodies.
Cydonia and Moon Mountains
Dreams / Auras / Astral Projection
Flying Saucers from Andromeda
Free Energy
Fringe Science
Government UFO Coverups
Gravity / Anti-gravity
Life Extension
MJ-12 - The Alien-Government Conspiracy
Men In Black
and not to forget:
A Guide for Explosion and Bombing Scene Investigation by NIJ
Consistent collection of quality evidence in bombing cases will result in more successful investigations and prosecutions of bombing cases. While this Guide can be useful to agencies in developing their own procedures, the procedures included here may not be deemed applicable in every circumstance or jurisdiction, nor are they intended to be all-inclusive.
A Look Ahead: Tomorrow's FBI
The law enforcement community of tomorrow will serve a society far different than that of today. Indeed, the differences may be so dramatic that law enforcement organizations which are not prepared for the future may be unable to respond to those communities they are sworn to serve.
A Reply to: How to Beat Spec Ops, SWAT and SOG by Anonymous
A reply to the article, "How to beat Spec Ops, SWAT, SOG"
A Report to the American People on the Work of the FBI by FBI
Some terrorism now comes from abroad. Some terrorism is home-grown. But whatever its origin, terrorism is deadly and the FBI has no higher priority than to combat terrorism; to prevent it where possible; and where prevention fails, to apprehend the terrorists and to do everything within the law to work for conviction and the most severe sentences. Our goal is to prevent, detect and deter.

I mean, come on! If this is serious, then I'm a lunatic that has to be locked up for clear thinking!

Yours sincerely,
Link to comment
Share on other sites

Simply a false scare article.

I'm not worried, no-one should be either :) . Lots more scary things out there.

1. The only resources on this are from UNRELIABLE sources. BBC/CNN are reliable and neither of them have anything like this. There are no footnotes, nor places of proof or citation.

2. The EU would have put antitrust proceedings against MNS if this were true.

3. Modern firewalls are exceptional these days and would close any backdoor loophole sych as this.

4. There would be a lot more coverage on this.

And finally? There are lots more scary things in the world kids. Viruses, scareware, malware, unsecured networks are all far more serious problems.

Conspiracy theorists need to get a grip. We did land on the moon, btw.

And apart from the cost, there's still no reason to go to linux.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...