Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Helps Police Crack Your Computer

Posted by timothy on from the not-linux-enabled dept.

IGnatius T Foobar writes "Microsoft has developed a small plug-in device that investigators can use to quickly extract forensic data from computers that "may have been used in crimes." It basically bypasses all of the Windows security (decrypting passwords, etc.) in order to eliminate all that pesky privacy when the police have physical access to your computer. Just one more reason not to run Windows on your computer."

10 of 558 comments (clear)

  1. Flaw by Narpak · · Score: 5, Insightful

    Seems to me that if all you need to do to get full access to anyones computer (anyone running Windows that is) is a Microsoft made device; that is a serious security flaw.

    --
    The Long Now Foundation
    1. Re:Flaw by EMeta · · Score: 4, Funny

      Ah, but since the cracking device itself is made by Microsoft, it's not likely to work most of the time anyway. Just MS doing their own part to safeguarding our liberties.

    2. Re:Flaw by gstoddart · · Score: 5, Insightful

      Seems to me that if all you need to do to get full access to anyones computer (anyone running Windows that is) is a Microsoft made device; that is a serious security flaw.

      And, a scary precedent.

      When the man kicks in your door, hooks up his thumb drive to your Linux box and doesn't get what he wants ... you will have committed a crime by not making your information available in a format accessible to law enforcement. Only terrorists would do that.

      The above is a deliberately absurd example. One which I fear is less far fetched than one would have previously hoped.

      Mostly, I agree with some of the other posters here ... if Microsoft can make this, that means there's a defined mechanism you can use to completely defeat any form of security in Windows. And, that's bad; someone will figure this out.

      Cheers
      --
      Lost at C:>. Found at C.
  2. What could possibly go wrong? by mrbah · · Score: 4, Insightful

    Reverse engineering and (more) malicious usage in 3... 2... 1.

    1. Re:What could possibly go wrong? by nawcom · · Score: 4, Funny

      Reverse engineering and (more) malicious usage in 3... 2... 1. Link to torrent of the COFEE thumb drive image on TPB in 3... 2... 1.
  3. How the - by Fynd · · Score: 5, Funny

    ...bypasses all of the Windows security... All of the Windows security - I can't even fathom how complex that device must be, that sure is a lot of security to bypass.
  4. Not new by The+MAZZTer · · Score: 4, Interesting

    Anyone can boot from a Knoppix live CD and mount NTFS drives in Linux and poke around. NTFS security is not applied under Linux so you can have a look at anything you want. I don't see how this is a big deal.

    The only thing that might be a problem is browsing the registry, but I wonder if wine's regedit can load native Windows registry hives. If so, then all Microsoft has done is taken existing Linux functionality and made it user friendly for the police.

    Speaking of which, anyone wanna place bets as to how long it takes for this tool to spread across p2p and torrent sites?

  5. Really? by SatanicPuppy · · Score: 5, Insightful

    No unix using a non-encrypted file system is secure if you have physical access to the machine...Why would you assume it's any different with Windows?

    I'd just boot knoppix and mount the partition. There, I have access to all the files. That goes for windows AND unix/linux.

    If you really depend on the password for anything other than stopping casual or remote access, you're just fooling yourself.

    --
    ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
  6. Re:If It's Possible... by vux984 · · Score: 5, Insightful

    So, the sheer fact that there is a device that can do this also means that anybody can do this because the methods are in place for bypassing security. It's only a matter of time before someone spends enough energy to develop a device that can do this (outside of Microsoft).

    No. The ONLY question that is of any interest is whether or not this device actually has a back door to Windows encryption. Somehow I seriously doubt that it does. Its probably little more than a bootable drive with NTFS support, and some tools. If you've got a password on your login, it doesn't mean you are using encryption. And this tool probably just lets you get straight to searching the -unencrypted- disk without cracking the login, or without pulling the drive and installing it somewhere else to scan through.

    The implications of a device like this are scary to say the least. Although I'm not a Microsoft hater, this alone is more than enough to make me take a second look at options other than Microsoft Windows.

    I suspect your average Linux LiveCD Recovery Disk has all the same tools on it. MS is just getting on board with their own version, to remove another area, where, right now, you have to use Linux. If that's the case the implications aren't scary at all.

    And this whole are article is pure FUD.

    Unless they've provided a back door to the encryption. That is the -only- question. But I really doubt they have.

  7. Nothing to Hide... by SilentBob0727 · · Score: 4, Funny

    In unrelated news, it is now a felony not to run Windows on your machine, and Linus Torvalds has gone into hiding.

    --
    Life would be easier if I had the source code.