Slashdot Mirror
Microsoft Denies It Built Backdoor Into Windows 7
CWmike writes "Microsoft has denied that it has built a backdoor into Windows 7, a concern that surfaced yesterday after a senior National Security Agency (NSA) official testified before Congress that the agency had worked on the operating system. 'Microsoft has not and will not put "backdoors" into Windows,' a company spokeswoman said, reacting to a Computerworld story Wednesday. On Monday, Richard Schaeffer, the NSA's information assurance director, told the Senate's Subcommittee on Terrorism and Homeland Security that the agency had partnered with the developer during the creation of Windows 7 'to enhance Microsoft's operating system security guide.' Thursday's categorical denial by Microsoft was accompanied by further explanation of exactly how the NSA participated in the making of Windows 7. 'The work being discussed here is purely in conjunction with our Security Compliance Management Toolkit,' said the spokeswoman. The company rolled out the Windows 7 version of the toolkit late last month, shortly after it officially launched the operating system."
Why do people think that the back door is in Win7?
The NSA put the backdoor in the Intel compiler, that's a much better place to put a backdoor or more accurately spread a backdoor
It's not like they need to put a back door on it. There will be about 500 exploits found within the next year as it is.
http://twitter.com/OLDTELEGRAM
Odds are the NSA is privy to whatever the current exploits are for windows operating systems anyways. I wouldn't be surprised if they had staff working on breaking into Windows machines if for nothing else than attacks on targets outside the US.
"It's for the RIAA."
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
The NSA did SELinux (for Linux...) so I don't think it's unreasonable to think they might have helped MS on security issues without doing anything nasty.
NSA: "We wrote a guide and a separate tool to help in enterprise security management"
ComputerWorld: "OMG NSA TROJANED WINDOWS 7"
NSA: "WTF? We made a document and stand-alone download..."
ComputerWorld: "CONSPIRACY!"
NSA: "Uh, we work with linux too you know... SELinux...?"
ComputerWorld: "FRONTPAGE HEADLINE NEWS! WINDOWS 7 BACKDOOR EXISTS!"
Slashdot: "ZOMG! NSA MADE A WINDOWS 7 BACKDOOR!"
An OS that runs on 90% of computers in the world is a de facto strategic weapon.
MSFT would sell their children's souls to keep Windows on the government's desktop PCs.
If Microsoft had assisted the NSA and deliberately buggered their security model for the government's purposes, it would be a federal crime for them to admit it.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
To say it more clearly, the allegation is that NSA put the back door in, microsoft didnt deny it. They are using political speak to make is sound like nobody put back doors in.
An think about it, what self respecting intelligence agency wouldnt want a back door in windows. Their job is to collect intelligence, and windows is almost everywhere and handles lots of information.
It might sound paranoid to say windows is bugged by the NSA, but it totally ignorance to suggest they wouldnt want to bug it.
Glenn Beck is an idiot, and one of the biggest reasons this country is falling apart. Anyone who likes him automatically relinquishes any credibility in any conversation. The man does nothing but stir up fear with lies.
Never believe something until it is officially denied. :o)
What the "we're able to shut down your computer if we suspect you may not have an authorized version of our software" backdoor isn't enough of a backdoor for them?
You are welcome on my lawn.
Or another reasonable conclusion: the spokesperson did not, in fact, talk to every single developer who may have worked with the NSA to confirm that no back door was put in, and managed to get independent "third-party" developers to code-review everything to confirm this, thereby saying the truth as s/he knows it, which does not need to line up with objective truth as it really is.
I've failed to keep count of the number of times I see a press release from $work claiming that we do or do not do something that I know damned well falls short of the truth. They don't usually ask me.
Any admittance by Microsoft that they had would probably be deemed by the US government as a national security threat. Thus they are probably prohibited from saying anything other than a denial.
This is a company that was convicted of predatory criminal monopolistic practices. They were nearly torn in two. Suddenly it all ended for them as if it never happened and they came through with a sweet deal that gave them even greater market share for products (via their voucher system).
This same company holds the keys to 90% of the world's computers. The NSA has the dubious role of the most massive electronic communication surveillance entity in the world, of the world. Those two joined mean something other than what that denial professes.
You can rightfully imagine the dismay about their disclosure for any foreign government.
If you think there is going to be a serious threat of cyber-attack in the next 20 years, then you are more paranoid than all the tin hat wearing conspiracy theorists in all existence (past and present). At least, give the world those 20 years to undo that monopoly instead of using American tax payer dollars propping up that criminally convicted predatory monopolist.
You can lead a man with reason but you can't make him think.
.
An think about it, what self respecting intelligence agency wouldnt want a back door in windows. Their job is to collect intelligence, and windows is almost everywhere and handles lots of information.
It might sound paranoid to say windows is bugged by the NSA, but it totally ignorance to suggest they wouldnt want to bug it.
You are overlooking the fact that intelligence agencies are, also, usually tasked with preventing (as much as possible) foreign countries from collecting intelligence about the U.S. government. If Windows has a back door that the NSA can use, how would they prevent foreign intelligence agencies from using it? It is a well understood fact that any security vulnerability that is introduced will be discovered by those with nefarious goals (the NSA would not view their own goals as nefarious, but they would consider the goals of many foreign intelligence agents to be nefarious).
The truth is that all men having power ought to be mistrusted. James Madison
One of the biggest reasons this country is falling apart? On his best night less than 1% of the country is watching his show. You give him way too much credit.
Developers: We can use your help.
Whether they did or did not put a back door in windows is arbitrary. What is of concern is a government department doing free work to improve the profitability of a single corporation against the corporate interests of every other competing corporation. Remember the screams coming out of Redmond when the NSA produce SE Linux, taht would be made available for free to all taxpayers.
Now you have the NSA and the department of defence attempting to prop up the security incompetence of a corporation at tax payer expense so that corporation can now turn around and charge their customers for work their customers already paid for.
If M$ is to security incompetent to produce reliable software, no government departments should be steeping ion to to their work for them they should simply stop using their software rather the propping up the company at taxpayer expense.
Besides everybody knows backdoors belong in hardware not software, any tech person with more than half a brain dual boots and uses the Linux side of things for anything they want to keep safe and secure, the windows side is built to power a game console and that's all it should be used for.
Chaos - everything, everywhere, everywhen
Seriously, you're absolutely correct. The NSA has every incentive to improve the security of Windows, not compromise it. They did the same for Linux, where you can see the changes they made. In the past, they've made suggestions for improvements to encryption algorithms that academic researchers later realized had a sound mathematical basis. The NSA is as much about strengthening computer systems as they are compromising them. Hell, if in a particular situation they want to compromise the security of a system, all they usually have to do is ask (see: AT&T et. al.).
The thing is, they know that important information they want to be kept secret is going to exist on Windows machines. On Linux machines. On [x] machine that isn't necessarily controlled directly by the NSA.
And even outside such "National Security" secrets... The NSA may want to listen in on your phone calls, but it doesn't help them at all for every Tom, Dick, and Sally to have their credit card information stolen, their bank acccounts phished and plundered, and so on.
The enemies of Democracy are
Glenn Beck is not the problem; he merely is a symptom of it.
That said, Beck and his Fox News colleagues are indeed pouring gas on the fire. Other networks are helping by providing coverage to their non-stories. (The vaccine "controversy" being one such non-story that is touted by all networks, believed by liberals and conservatives alike, and has absolutely zero scientific evidence to back it up)
-- If you try to fail and succeed, which have you done? - Uli's moose
Why would Microsoft build a back door into Win7, when the front door is so wide open?
Which is exactly why the NSA is contributing. Previously, the NSA would develop their own guide for locking down Windows. With WindowsXP they decided that effort was redundant and instead collaborated with Microsoft on their security guidelines and tools. The NSA also provides penetration and cryptographic expertise.
The NSA has an obvious interest in helping Microsoft produce a secure product as the govt uses it quite heavily. As for backdoors, you don't really need to insert backdoors in the form of undisclosed vulnerabilities. It would not surprise me if the NSA had access to the Microsoft signing keys which would be of great value for compromising a system.