Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zimmermann Enters Debate on Microsoft Encryption

Posted by michael on from the or-lack-of-it dept.

Golygydd Max writes "I didn't see much coverage of the RC4 flaw in Microsoft Office that was uncovered recently by a researcher, Hongjun Wu. Now, PGP creator Phil Zimmermann, dissatisfied with Microsoft's response, has joined in the debate. In an interview with Techworld he castigates Microsoft for their inadequate response: 'The lay user ought to be entitled to assume that the encryption produced by Microsoft is adequate. ... If Microsoft wants to earn the respect of the cryptographic community and the public it must rise to the occasion by producing competent security.' The cynic might ask, 'what respect', but should Microsoft have taken a flaw in some of its most popular programs more seriously?"

24 of 381 comments (clear)

  1. First rule of Microsoft encryption by Anonymous Coward · · Score: 4, Insightful

    Do not use Microsoft encryption.

    1. Re:First rule of Microsoft encryption by JeffWhitledge · · Score: 5, Interesting

      Consider NSA's track record:

      • In the seventies they recommended changes to DES, which in the early ninties were discovered to have made it more secure.
      • They have developed and are freely distributing the source for an improved-security version of Linux.

      An agreement with Microsoft to ensure insecure encryption would be very out of character for them.

      That is, unless they're just a bunch of Linux freaks.

      --
      These comments do express the opinions of my employers, and, personally, I think they're complete rubbish.
    2. Re:First rule of Microsoft encryption by Anonymous Coward · · Score: 4, Informative
      Wasn't RC4 closed source until the source leaked out on the web
      The algorithm was one of RSA's trade secrets. It wasn't the source that was leaked but a description of the algorithm. Consequently, third-parties implemented the algorithm and there was nothing RSA could do about it -- it wasn't patented, RSA preferring the trade secret route, and copyright didn't apply because you can't copyright algorithms.
      which were patched, and it was a better algorithm for being "open sourced", albeit against it's will.
      It wasn't improved as far as I know, but the algorithm is sometimes known as arcfour. This is because RC4 is trademarked. Perhaps you were thinking of this.

      Also, it is a little misleading to say it was "open sourced" against its will. Firstly, because it wasn't "open sourced" in the strictest sense but more importantly, RC4 is just an algorithm with many different implementations and an algorithmic description is information. And as we all know, information wants to be freeee.
  2. copyright by oliverthered · · Score: 4, Insightful

    How else are we supposed to get access to all these works in 150 years time (or 50 in some countries) when the copyright expires on them.

    --
    thank God the internet isn't a human right.
    1. Re:copyright by ceeam · · Score: 4, Funny

      Fear not, Disney is working on it.

    2. Re:copyright by j0nb0y · · Score: 4, Insightful

      Copyright expiration? Copyrights don't expire. Congress extends them again every 20 years. And they'll keep doing so, forever, since the Supreme Court ruled that it was perfectly okay!

      --
      If you had super powers, would you use them for good, or for awesome?
  3. Employ Mr. Zimmerman by antivoid · · Score: 5, Interesting

    Perhaps Microsoft should employ Mr. Zimmerman of PGP to fix M$'s broken code.

    The fact that so many documents written (especially now) are using Microsoft formats, makes this problem very dangerous.

    Its worth mentioning that any docuemtns that are actually worth protecting should by default not rely on Micrsofts (lack of) security, as it is a known trend that Microsoft fails time and time again to provide adaquate security.

    People think "wow! encryption, and NOT a lame password". By as per normal, scratch a little deeper and you can see how flawed microsoft code actually is...

  4. Have to say it.... by GillBates0 · · Score: 5, Funny

    Zimmermann makes some Pretty Good Points in the interview.

    --
    An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
  5. MS Encryption is a joke by bigtallmofo · · Score: 4, Informative

    I especially dislike their Encrypted File System (EFS). One of its highlights is that the first administrator account set up in a domain is designated an "Encrypted Data Recovery Agent". What does this mean? If you use your domain login at work to encrypt your data, the administrator has immediate ability to decrypt it anytime they want.

    How is this done? Every file that is written to an encrypted folder by User A has a private encryption key generated for it. That private encryption key is then encrypted with User A's public key and every designed Encrypted Data Recovery Agent's public key. Then either User A or any such recovery agent's private key can then decrypt the file.

    Of course, MS just lets lay users assume their "encrypted" files are private.

    --
    I'm a big tall mofo.
    1. Re:MS Encryption is a joke by gUmbi · · Score: 4, Insightful

      One of its highlights is that the first administrator account set up in a domain is designated an "Encrypted Data Recovery Agent". What does this mean?

      For corporations (the target market for EFS), it means that if someone is fired, quits, dies, etc. then their data is not lost foreever.

    2. Re:MS Encryption is a joke by danheskett · · Score: 4, Insightful

      MS encryption should be better, but what you describe is not a flaw.

      In a corporate setting it should not be permissible for an employee to conceal data from the owner of the data and machines. The owner of machine - aka the corporation - should have final say over what is encrypted or not.

      Imagine what could be done if there was no way for a high-level sysadmin to decrypt user files. Imagine the damage that could be done.

      AI spiteful (ex)-employee could easily encrypt and forever destroy sensitive data that is irreplaceable.

      Not only that, but it is entirely possible that the user could accidentally render the data unencryptable. That'd be bad.

      EFS is not for a typical user to permanently encrypt data that can never be revealed. It is primarily designed so that sensitive data on corporate laptops can be stored in a way that if it is stolen it cannot be decrypted. This purpose is well served by EFS.

      There are many excellent critiques of MS's security and data protection capabilities. There is no need to overreach and bash things that do actually work as intended.

    3. Re:MS Encryption is a joke by 0123456 · · Score: 4, Insightful

      "Imagine the damage that could be done."

      Such as, exactly?

      "AI spiteful (ex)-employee could easily encrypt and forever destroy sensitive data that is irreplaceable."

      Or they could just del *.*. Or format c:. Or burn down the building.

      This whole 'spiteful employee' argument is nonsense. The only reasons to have a 'key recovery agent' are to recover password for clueless employees and to spy on slightly more clued employees.

    4. Re:MS Encryption is a joke by Proteus · · Score: 5, Insightful

      While I agree that the 'spiteful employee' arguement is largely bunk, the 'employee who quit, got fired, or otherwise left unexpectedly' arguement is not.

      e.g. I am a sysadmin, and I store all the incident reports on a Win2k3 EFS box, encrypted to my key. These incident reports are important to whomever is doing my job -- no one needs to see them unless I leave unexpectedly. If I get trampled by a herd of malicious gnus on the way to work, the top-level admins will need access to my data, as will whoever replaces me.

      There are two solutions to that -- share my key or use the EFS recoverable key system. Guess which I'd rather do?

      --
      We may not imagine how our lives could be more frustrating and complex—but Congress can. – Cullen Hightower
  6. Don't Worry by Dipster · · Score: 5, Funny
    It'll be fixed in the next installment. Just give them more of your money...

    Why fix it in a free patch, when they can charge money for a new version that you have a reason to buy?

  7. GPG/PGP by digitalchinky · · Score: 4, Insightful

    You could always just dump their encryption and use PGP/GPG in its place.

  8. I wonder when... by cerberusss · · Score: 5, Interesting

    I wonder when someone writes a script to google for Word documents, get the protected ones out and decrypt them. Ought to be a fun project.

    --
    8 of 13 people found this answer helpful. Did you?
  9. Why it is "low priority" by Anonymous Coward · · Score: 5, Insightful

    MS considers it a low priority because there is no tool that currently is known to be available that can leverage the theoretical issues brought up in the paper. I agree with them. An issue is "high priority" when there is a tool that can be used by an end user now as an exploit. That is how you prioritize things in real life.

    1. Re:Why it is "low priority" by quigonn · · Score: 4, Insightful

      That is how you prioritize things in real life.

      This "there is no program to exploit it, so this security issue is not important"-type of attitude is extremely dangerous. The slogan is to act, not to react, especially with security issues. And Microsoft actually should have learned from their part of history...

      --
      A monkey is doing the real work for me.
  10. Encryption easily broken by Neo-Rio-101 · · Score: 4, Interesting

    I've toyed around with MS's "encryption" and all I can say is the following:-

    1) That password you give your administrator account on your system can be hacked off in under 5 minutes with the Emergency Boot CD EBCD . So much for encryption.

    2) Files encrypted in Windows 2000 (the OS I tested then on) were still visible in their directories, despite their contents being encrypted. To me, this wasn't good enough. I wanted the whole filesystem to be encrypted, with plausible deniability that the files that certain files (or even file systems) never even existed.
    To add injury to insult, I could easily become administrator with the EBCD and get the encryption key easily to break the encryption anyway.

    3) Built in Windows encryption isn't good enough, forcing you to get third party products to do the job right. This means that you pay through the nose if you haven't got the technical skill to set up a Linux or BSD box running free encryption modules and samba.

    But come on. If MS made a perfect operating system, they wouldn't have a business model selling updates. Instead of dropping support for old products, I'm almost expecting their next OS to have a use-by date embedded in their EULA and OS to FORCE you off their old system after so many years.... or else!

    --
    READY.
    PRINT ""+-0
    1. Re:Encryption easily broken by Vellmont · · Score: 4, Insightful


      1) That password you give your administrator account on your system can be hacked off in under 5 minutes with the Emergency Boot CD EBCD . So much for encryption.
      That doesn't have anything to do with encryption. Anytime you have physical access to a computer all bets are off as far as security. You can do the exact same thing in linux, and most of the time you don't even need a CD. Just add a 1 to the kernel boot options and boot into single user mode. No password required, immediate root access. Sure, you can put a password on changing those bootloader options, but just slap in a linux emergency boot CD, and suddenly you have root access to all files.

      Linux encrypted filesystems I know almost nothing about, but I've also never seen a distribution that supports it out of the box. There's probbably one out their, but it's not a mainstream linux feature.

      --
      AccountKiller
  11. Indeed: what respect? by FridayBob · · Score: 4, Insightful

    Their programmers might care, but M$ itself isn't interested in respect from the cryptographic community, because it's something that doesn't matter to their stockholders; it's too obscure for them to care about. M$ only responds to this kind of thing once the news gets out and the public begins to perceive it as a problem. Security through obscurity, remember? Basically, M$ are only in it for the money; a statement that explains their entire track record.

  12. Ha, ha! by 200_success · · Score: 4, Funny

    Dear security researchers,

    You can try to crack our encryption all you want. Microsoft Office(TM) documents are still the most secure format in the world, since you still won't be able to render them properly even if you manage to decrypt them.

    Sincerely,

    The Microsoft Corporation

  13. Users don't want strong MS Office encryption by gfecyk · · Score: 4, Insightful

    Least of all your US government. The NSA makes a bulletproof distribution of Linux, and other US government offices shun it in favour of Windows.

    Sun Microsystems released Star Office, and a bunch of open source wonks built OpenOffice, with better track records. Yet US government offices shun them in favour of Microsoft Office.

    I'm not sure why they do, especially an omniscent body like the US government who knows these things exist. It must be because they don't want to use them.

    And every day users? Well, users could have taken e-mail content security into their own hands over a decade ago when PGP was out, or eight years ago when PGP for the Exchange client came out. But NO, they didn't want to use it. They could have used S/MIME which was slightly easier to use, but NO, they didn't want to use it.

    Users don't care enough to demand strong encryption in their applications. And Microsoft is in business to make money. They aren't going to waste time making a product that no one will buy. And YOU, slashdotters, aren't going to convince users to buy an alternative through fear, uncertainty and doubt.

    --
    Use Evolution instead of Outlook? Bewa
  14. Re:Do they care? by dioscaido · · Score: 4, Interesting

    Uhm... yes, they REALLY care. I can tell you that being on the inside. Every project was halted and all employees took secure coding technique seminars. Right now security is a top priority for all MS products. We are now forced to undertake arduous Threat Modeling of our applications, and undergo repeated security checkpoints along the way. Once things are 'ready to ship' they first need to go through a dedicated security group that audits the source and the threat models and either turns away the software or allows it's release. So anyway, yeah, there's a hell of a lot of work around here when it comes to security. And it's very noticeable if you see the software coming out of here post- 2003.

    As to whether they 'care' about this encryption thing. They are obviously looking into it. But the fact is Office is run by millions of people, so they can't just overhaul the encryption system and release a hotfix without breaking lots of stuff. So these things take time. I do hope they change their methods, though.