Slashdot Mirror
UK Government Wants a Backdoor Into Windows
REBloomfield writes "The BBC is reporting that the British Government is working with Microsoft in order to gain backdoor access to hard drives encrypted by the forthcoming Windows Vista file system. Professor Anderson, professor of security engineering at Cambridge University, urged the Government to contact Microsoft over fears that evidence could be lost by suspects claiming to have forgotten their encryption key."
Let bad guys use deniable encryption schemes and this won't even be a concern... Please, someone in the U.K. gov get a clue about encryption!
\u262D = \u5350
... until the crack is published :)
(sadly this is more insightful than funny)
\u262D = \u5350
\ They just want to play with the big boys. We all know the NSA, the CIA, and the FBI each have their own key! \
Never ask for directions from a two-headed tourist! -Big Bird
What, the Gestapo isn't happy that they might not be able to read the contents of your hard-drive? What a surprise.
"The more prohibitions there are, The poorer the people will be" -- Lao Tse
It wouldn't surprise me in the least if the US govt has had a back-door inserted into Vista. The problem for the UK govt is that clearly the US govt doesn't want to share it with them. And would the uS govt want to allow any other govt to have their own back-doors, with the potential to remotely access PCs running Vista in the US? Somehow I doubt it.
Laziness, ignorance; the same that prevents them from using encryption now.
Pretty sure that's the point of encryption. Making sure that nobody but you and people you trust can read your data, and anyone else up to and including the government can't. Even if they really really want to.
When did a healthy mis-trust of government suddenly get you tin-foil hat status, and a visit from the FBI?
-- Sorry, I can't think of anything funny to say here.
US export restrictions for cryptographic software were violated when PGP spread worldwide.
This bring up an interesting point on ITAR and the US. Some encryption technologies could violate ITAR if they are done in the US and then exported to other countries. If I remember right, that was part of the reason encryption on OpenBSD was done in Canada.
Oh, and there are a few people who also consider encryption a matter of freedom of speech.
Some would, but how many governements and what is protected under the law. That is different everywhere. Others, also, consider it a privilege.
Some of these laws, in paticualr with the US, are actually there to protect it from other countries. Many people in the country may not want to protect the countires competitive edge but others do and that is part of what our government has been taked with for a long time.
Evolution or ID?
If governments force a backdoor to be installed, it'll be for sale to crackers before the gold masters are pressed, and common knowledge a few weeks later. So "trusted computing" can be subverted using the govt master key. And anyone who actually wants to keep secrets will install somethng that works while not requiring a magic dongle on the mobo. The govt will be able to read data from clueless suspects as they do now. So a win all round. And who doesn't suspect MS would leave backdoors anyway?
It was inevitable something like this would happen after the whole 90 day detention debacle. Labour kept using the excuse of "needing time to break encryption" for requiring 90 days of detention without trial. Anyone with half a brain told them that any decent encryption is going to take many years to break, so I guess this is their response.
You should not be able to read the files without logging into the computer with your password and/or other identification token.
After logging in, the files are accessable. But not before. Someone who just swipes your PC would boot into Windows but would be unable to read any data files, even with a seperate boot CD. That's the whole idea.
But if the government adds a backdoor, you can bet that a hacker (white or black hat) would find it as well, probably within a few weeks of the OS being out. Thus making the encryption useless.
The whole government complaint is useless anyway because for all they know people can be using deniable encryptionn schemes *today* and they'd never even know about it.
Err... You did not understand the target.
The problem UK govt is having and US govt will have the moment they realise what is going on is that any media files on Vista PCs when distributed correctly via the supplied Vista Windows Media frameworks will be immediately encrypted and locked down using the TPM module to the specific machine. On top of that this will be determined by the people who distribute the files, not the users. This makes the current approach of taking disks out and hooking them to a forensic environment unfeasible. They will have to be decrypted on the machine after the user has logged in. It is sufficient for the user to refuse to log in on the machine and the police is stuffed.
As a result any attempt to collect proof of child pr0n and b00tleg movies/music will run into some serious difficulties as long as the providers of illegal goods have done their job of using Windows Vista right.
Frankly, the UK govt should whinge elsewhere. MPAA and the TP group is a good start. Whinging at MSFT is not going to get them anywhere because it will be not just MSFT, it will be everyone implementing this on every device in 5 years time.
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
Why would anyone consider 'trusted computing' some binary program which you haven't compiled yourself is beyond my understanding.
Since when does the government have a right to all evidence in any case? One aspect of English law that I thought existed, is that the people should be protected from the government (particularly from self-incrimination). One could reasonably argue that the average citizen needs the availability of government-inaccessible encryption, due to the decreased cost (in terms of time and manpower) required to search through computer records vs. paper records. Current computers, and the massive amounts of data that they store (internet cookies, browsing history, cache data, registry entries, etc.) make fishing expeditions much, much, easier on law enforcement than sifting through physical documents and interviewing co-workers and family.
And right now Osama's thinking, "Wow, this is better than I could possibly have hoped for..."
For the same reasons that I use Firefox as a web browser and OpenOffice.org as an office suite, if I felt it necessary to encrypt my filesystem I'd use somebody else's tools to do it. (Even if I weren't aware of such a backdoor into my filesystem).
I guess now when I go save the data from a Dell laptop with a linux live-CD I won't be able to because the data will be encrypted. I'm sure my friends and family will love to hear that I managed to save their picture collection, but the files are totally useless.
If you refuse or claim you have forgotton and they don't believe you, then it's two years in gaol for you sonny jim.
I'm not saying I like the idea of MS actually intentionally putting a back door in their OS, what with all the ones that are in it by accident. But I can see them trying to justify it. After all, depending on what you're likely to get busted for, two years locked up may be a cakewalk to what you'd get if they could get your data.
Of course this will only help catch stupid criminals. At least until it becomes a criminal offense to install encryption that doesn't have a nift key for concerned governmental authorities to use. Personally, I see it as a big overstep of government power. Privacy rights and all.
"It is a miracle that curiosity survives formal education." -Albert Einstein
Sorry, cheap jibe.
This is amazing - especially when the idea is being promoted by a 'Professor of Security Engineering' at a reputable university. How can adding a backdoor to security systems be anything other than a massive weakness just waiting to be exploited?
Imagine if this went ahead - the British government would want access to versions of Windows sold in this country, the American government to US copies of Windows, the German government ... and so on and so on... Would Microsoft allow the Chinese government access to their citizens' disks? The Chinese government are signed-up members of The War Against Terror - so they could claim they need access, and besides recent experience says that big businesses will always accommodate governments no matter how repressive.
And it gets worse. Microsoft would either have to make a single key that would open every machine in the World; or they would have to issue copies of all the keys to every government - the British government won't accept not being allowed into a suspected terrorist's (and we have a splendidly wide definition of 'terrorist' in this country) computer purely because the suspect happens to be foreign.
But it will all supposedly remain secure and not fall into the hands of wrong-doers.
The Home Office, IT and Microsoft - what an unholy trinity we have there. With this level of stupidity the legislation can't be far off.
...the TrueCrypt binaries alone in your possession then every piece of digital media you own that appears to contain random bytes will be accused of holding an encrypted volume and they will torture out of you whatever they want to hear you say.
Oh wait, I forgot... civilized Western nations never commit torture upon their subjects.
If you need security badly enough that you need to encrypt something, then transparency of source code and algorythm level is essential. OSX is no better than Microsoft on this respect ("oh wait, you mean it was in reality an 8 bit XOR encryption instead, what do you mean a company has lied to me?!").
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
FTA:
The system uses BitLocker Drive Encryption through a chip called TPM (Trusted Platform Module) in the computer's motherboard.
It is partly aimed at preventing people from downloading unlicensed films or media.
"This means that by default your hard disk is encrypted by using a key that you cannot physically get at...
The government shouldn't be the only folks horrified at this one. MS wants to turn your entire computer against you, encrypting all of its contents and allowing you to read it only if MS wants to allow it. Even if you're okay with that, imagine if something in the scheme goes wrong? I've used the Windows Encrypting File System in XP, and if you lose your encryption key (not that hard--say, if you reformat your hard drive) you are permanently locked out of all the data you've encrypted.
If this is true, MS really wants a death grip on your computer. I'd never use Vista under those circumstances.
Penny - plain text accounting
From what I've been reading in the news what's the use of another stupid law when they can just get a couple of ex-Iraq army guys to torture the hell out of them. Most geeks I know would spill the beans as soon as these bad boys showed up. Especially if they show the "illegal key-holder" the film of the British soldiers battering, clubbing, kicking prisoners in Iraq. Isn't this what Tony Blair meant when he said "What's good for the goose is good for the gander"?
{I hate to have to include a disclaimer but this IS sarcasm}
Billions and billions have and are being spent on a fake and false attack on innocent people but the big problem is that YOU may be hiding a few quid on your computer. Fascism has taken over.
When will the courts realize the bloody obvious fact that bits on a hard drive are evidence of nothing! Until computers are not able to be remotely hijacked with all tracks erased, there's no way to prove who put the bits there!!!
As more and more traditional forms of evidence (audio tapes, photos, DNA records, VOTES for god sakes) become digitized, the more we need to be skeptical of them.
And don't bring up digital signatures so long as keyloggers exist.
Frankly I think it sounds insane.
Think of the number of people who work at Microsoft, even if you limit yourself to the people working upon the OS and not Office, etc, you're talking about literally hundreds of people who can view the source.
Then there are the people who gain access to the source code under educational licenses, NDAs, etc.
The idea that all of them could miss something that was a backdoor is a little hard to swallow. If there were something in the code that was meant to be used then I'm sure it would have been spotted.
(I guess you could say that the recent WMF vulnerability was in the code for years and nobody spotted it - but that is a relatively simple mistake and small piece of code.)
And even if there were a backdoor in the code, what does that even mean?
Would it cause the machine to reformat? Disable the firewall? (Thatd be useless behind a NATing device) Make outgoing connections to Microsoft? (That'd fail for non-connected hosts, and be caught by many people with hardware firewalls / etc).
Really this just sounds like a conspiracy theory ..
Couldn't I just do that with a UNIX operating system too?
> The point is that they might use some obscure algorithm nobody knows
But they don't (invalid point).
> They can also implement standard algorithms such as AES
Which they did.
> but were they correctly implemented?
Yes. Ever heard of test vectors? It's easy to verify if a cipher is correctly implemented using official test vector sets.
> One minor thing - NIST certification is expensive, I doubt TrueCrypt will pass it, unless some company pays for this.
Now, I bet you are the developer or seller of the commercial encryption software you mentioned. Your message basically is: "Look, without money they are worse than us. Commercial stuff is better. Free software sucks." You are just a troll.
The most important point is, however, that being open source is a _premise_ of any security software that is to be trusted by general public. Closed source security is not real security.
Can you imagine this headline: "Government Wants a Backdoor Into Linux"
There would be world-wide laughter, and Linux would continue as before.
Only proprietary software is weak to government control.
Britain has sadly already become a police state. Only criminals and cops have guns, cameras everywhere, illegal to state non-liberal opinions, and now this. Once the control structure is fully in place, most Brits will find themselves being openly persecuted. Anyone want to bet how long it will be before they start implanting RFID chips in everyone? They'll start with the kids and say it's for safety.
Unfortunately, some in the U.S. want that here. I hope the red states can save us.
"The idea that all of them could miss something that was a backdoor is a little hard to swallow."
Sure, but at the same time, such a 'backdoor' does not necessaraly need be a huge part of the code base. There could very well be a very small, controlled group working on that specific piece of code and no one else ever needs to see it in order to write their own part of the code. You don't have hundreds of people looking at ALL the code, you have hundreds of people looking at hundreds of pieces of the code. And Microsoft is NEVER going to licence all of the code to educational/insertgrouphere/whoever. They won't ever release any so called 'backdoor' code.
"And even if there were a backdoor in the code, what does that even mean?"
It could mean just about anything. It could simply mean that the encryption algorithm simply returns true when the backdoor/decryption key is used instead of false. Or returns the user's key. Or whatever. It doesn't have to be complicated. The best conspiracy is a simple one.
</devilsadvocate>
The idea that all of them could miss something that was a backdoor is a little hard to swallow. If there were something in the code that was meant to be used then I'm sure it would have been spotted.
How can you reasonably garantee that the code running in your PC corresponds to the source code that you have reviewed?
Sounds to me more like the good guy is making a really smart play. Note that it looks like he sort of slipped this in as an aside, since he was really giving evidence about "holding terrorist suspects without charge". Talk about pushing all the right buttons on the govt. machine.
If you are an opponent of TCG / TPM / DRM it is really quite beautiful. As far as I can see it is something like:
"Hey Mr. Government Committee, while you're asking me about terrorist suspects you might want to note that this new TPM / DRM stuff coming real soon from MS/**AA now will make it virtually impossible for you to get info off suspects' PCs. Oh, and the PCs are setup that way by default so no chance of using that fact against suspect. Also, you know that law you fought so hard for where you can jail people for not handing over encryption keys ? - well with this new stuff the key's in hardware and the suspect never has it. If you're worried by this, then maybe you should speak to these guys about crippling the tech..."
Aim big nasty government machine at big nasty corporate machine, stand well back...
Sweet.
But most criminals and terrorists are too stupid to...
It is a mistake to attribute stupidity to either terrorists or criminals. When the DEA monitors traffic from offshore drug traffickers, almost all of the traffic is encrypted. Even emails to girlfriends. The DEA characterized drug traffickers as highly sophisticated and disciplined users of encryption technology.
If you actually believe that terrorists are stupid (instead of tragically misguided), then you're seriously underestimating their ability to carry out their goals.
Regards,
Ross
In the US, 12 September 2001.
In the UK, 8 July 2005.
You get the idea.
After a major terrorist act, the population is angry, not rational. Many are personally affected by the attacks. Thoughts of proportionate responses and civil liberties are overwhelmed by fear and grief.
This is, of course, the ideal time for a government to try to increase its own power at the expense of the people it should represent. This goes double for governments with only a tenuous hold on power, as is usually the case in the US because of its two-party politics, or for governments whose very mandate is dubious, as is the case of Blair's UK government (which didn't actually win the popular vote in England, and has often relied on the votes of Scottish MPs to push through controversial legislation to which their own constituents will be immune because the Scottish Parliament will decide for them separately).
Hence it is precisely in the wake of a terrorist atrocity that we should be keenest to protect our civil liberties, for it is at these times that they will naturally come under the gravest threat.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
I think you missed a key point in his argument: The value of peer review is completely dependent on the experience and knowledge of the peers who perform the review.
With cryptography, the subject matter -- and therefore the skills/knowledge required to peer review it -- is highly complex and subtle. Simply having 1000 programmers examine the code won't prove that it's secure regardless of how thorough they are if they aren't experts in cryptography and the necessary techniques to implement it in a secure fashion.
TrueCrypt may use industry standard ALGORITHMS, however to my knowledge it uses its own IMPLEMENTATION of them. The majority of security weaknesses are found in the implementations of algorithms and protocols, not the algorithm or protocol itself.
Yes I understand that point. However imagine if you were detained by the police for, say 90 days (if they get their way) and you're completely innocent (just like the brazillian man they shot). That's three months... you think your employer is going to keep your job open for you while the police hold you for three months as a terrorist suspect? Imagine being locked up for that long, your life could be totally ruined and you've done nothing wrong, not to mention the huge cost, bills unpaid, lost earnings etc.
I'm sorry but I'd rather take the very tiny increased risk of being blown up than have a system that ruins the lives of the innocent. They are trying to cause terror, and these kind of draconian measures allow them to win. These heavy handed tactics cause more disruption to everyone's lives than a single bomb. It's the same as the old principle that even if it means 100 criminals going free, the innocent should not be wrongfully imprisioned.