Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Security Services May 'Have Moles Within Microsoft,' Says Researcher

Posted by Soulskill on from the clippy-was-a-double-agent dept.

Barence writes "U.S. government officials could be working under cover at Microsoft to help the country's cyber-espionage programme, according to one leading security expert. According to Mikko Hypponen, chief research officer at security firm F-Secure, the claim is a logical conclusion to a series of recent discoveries and disclosures linking the U.S. government to 2010's Stuxnet attack on Iran and ties between Stuxnet and the recent Flame attack. 'It's plausible that if there is an operation under way and being run by a U.S. intelligence agency it would make perfect sense for them to plant moles inside Microsoft to assist in pulling it off, just as they would in any other undercover operation,' he said. 'It's not certain, but it would be common sense to expect they would do that.'"

7 of 228 comments (clear)

  1. Ockham's razor by Anonymous Coward · · Score: 5, Insightful

    ... or they just paid/threatened Microsoft. Much simpler and easier.

    1. Re:Ockham's razor by Anonymous Coward · · Score: 5, Funny

      "Moles in MS" would be a big no-no, no?

      Actually, it sounds like it'd be a runaway hit reality show.

      "For the past year, we sent a Google developer deep undercover at Microsoft armed with an Android-powered hidden camera and an agenda to subtly promote open technologies. Now, we're going to show you the results. Sometimes hilarious, sometimes heartbreaking, sometimes horrifying; tune in starting this August on Slashdot TV for 'Moles in Microsoft' to see what happens when development ideologies collide in the real world."

    2. Re:Ockham's razor by Aighearach · · Score: 5, Interesting

      We can get even simpler and easier, MS already gives the military access to their source code so that it can be reviewed. This is a requirement for all the software used on the most secure systems.

      It has always been viewed as a joke around here, because unless they are going to fix the bugs themselves, having the source isn't going to make windoze take extra care about your data.

      So the simplest and most obvious answer is, they didn't need to sneak in, and they didn't need to make threats either.

    3. Re:Ockham's razor by s.petry · · Score: 5, Insightful

      I'm not even sure they would have to do that. The technical details in TFA are a bit scarce, but enough exists for a better theory than the TFA presents.

      Someone with some hefty CPU power broke the MS cert, which allowed them to create their own at will and spoof a MS cert.

      The Government has the access to MS source code, and their methods. If you know where hooks get applied and how priorities work, you don't need to be from MS to write good code. You just need to be a good coder.

      Spoofing Windows Update server really would not be that hard. Hell you don't even need a real man in the middle attack if you have a forged Cert and know the structure. You just need to spoof a DNS answer, the client will do everything else for you.

      Having the fake key is huge! Write an application, sign as Genuine MS, put on a faked Windows update server, reroute a DNS call. Shazam! Of course there is other knowledge required, such as evading AV detection, etc.. but they had that figured out very well also.

      It would take a good team, and time, but no need to have a mole. I would not be surprised if the US Government had moles in MS, but if they did it would primarily be for reasons other than Stuxnet and Flame, or any other computer espionage program.

      --

      -The wise argue that there are few absolutes, the fool argues that there are no probabilities.

    4. Re:Ockham's razor by ackthpt · · Score: 5, Funny

      We can get even simpler and easier, MS already gives the military access to their source code so that it can be reviewed. This is a requirement for all the software used on the most secure systems.

      It has always been viewed as a joke around here, because unless they are going to fix the bugs themselves, having the source isn't going to make windoze take extra care about your data.

      So the simplest and most obvious answer is, they didn't need to sneak in, and they didn't need to make threats either.

      That explains some of the mental breakdown of returning veterans...

      --

      A feeling of having made the same mistake before: Deja Foobar
  2. Wouldn't surprise me. by Anonymous Coward · · Score: 5, Insightful

    What would surprise me, is if the US thinks they're the only one.

  3. Re:They don't need them... by Gr33nJ3ll0 · · Score: 5, Insightful

    In this case the article is talking about MS CERTIFICATES, so having access to the source code is irrelevant.