Slashdot Mirror

← Back to Stories (view on slashdot.org)

German Government Warns Windows 8 Is an Unacceptable Security Risk

Posted by timothy on from the nicht-ganz-recht dept.

An anonymous reader writes "Die Zeit has access to leaked documents from the German government warning that Windows 8 is an unacceptable security risk for sensitive workloads. The story is written in German here, but automatic translators (such as Google Translate) do a readable job. Particularly of concern is the inability to opt out of TPM 2.0 usage."

7 of 373 comments (clear)

  1. Windows is an option today - not an requirement by madsdyd · · Score: 5, Insightful

    Good thing alternatives exists.

    I am not advocating they should "just change". I am just saying that on a personal level I am very happy that thrustworthy alternatives exists, and that Windows (no longer) is an requirement at the workplace or at home, but just an option.

    Thank you, Stallman, Linus, and all you other people around the world, who have used your time to provide us with these alternatives.

    And, yes, I know some people will claim that Windows is an requirement for the specific uses you have. I don't really care - for the wast majority of computing users around the world, Windows is an option, not an requirement. And, I am happy for that.

  2. Re:This is known by Anonymous Coward · · Score: 5, Insightful

    Except in the last few months we have had complete and utter proof we are no longer paranoid enough of U.S.A. intelligence agencies and their co-opting of U.S.A. companies to do their work for them.

    At this point we can completely trust that Microsoft Windows is and will be used for industrial and governmental espionage activities by the U.S.A. intelligence agencies.

  3. Re:Not just Win8 by h4rr4r · · Score: 5, Insightful

    Are you totally ignorant of the software world?

    Linux is at this point more popular than windows, if we count embedded devices and servers. Windows has come a long way, but until very recently it had some serious problems. The issue stems from the design philosophy not any level of obscurity.

  4. Re:Not just Win8 by Anonymous Coward · · Score: 5, Insightful

    > The only reason that I can think that an open source OS would be more secure than Windows is because of obscurity.

    No, obscurity doesn't offer much security at all.

    Open Source stuff tends to be more secure because it has so many people looking at it, from many different perspectives, both professionals and amateurs, all working together to improve the code and make it more secure.

    Microsoft, on the other hand, are the only people who can patch and improve their code. And they have demonstrated again and again that they can't be trusted to do this in a timely and useful manner.

  5. Re:Not just Win8 by Skapare · · Score: 5, Insightful

    The advantage of Open Source is that you or anyone else can fix the software if/when security problems are found, whether in the OS, core libraries, network stack, or any Open Source applications. We are not dependent on the original developers to make any such fixes. I have done this a couple times in the past by fixing security issues in open source code before the developer fixes were available (I could have waited a day and got the developer fixes).

    --
    now we need to go OSS in diesel cars
  6. Re:How is TPM a security risk? by thegarbz · · Score: 5, Insightful

    I was also a nice trustworthy person which caught people by surprise when I stole money from their wallets.

    Ok no I wasn't but just because the NSA has at times released software without backdoors should in no way influence your opinion of their future performance, especially given future performance is malware that provides a back door, not to mention back doors to every ISP in the country, spying on international conferences etc. Honestly it would be outright foolish to assume that anything they had a major hand in is safe.

    That said TPM serves one purpose, secure the system from the prying hands of the user. The only thing holding back DRM being the primary beneficiary of TPM is the lack of adoption and the fact that TPM is entirely voluntary. If every computer had a TPM module regardless of the users preference you could be damn certain that many DRM schemes would be using this. A trusted key store safe from the user is exactly the kind of security system a DRM scheme needs to operate well.

    Just because something hasn't (yet) come true does not make it FUD.

  7. Re:How is TPM a security risk? by cbope · · Score: 5, Insightful

    This. This is overblown BS written by someone who doesn't understand TPM and what it can and can't do.

    The story also fails to mention that the TPM module is usually an option and typically only available on corporate PC's. Not to mention the fact that it can be disabled in BIOS/EFI if you are admin over that system.

    TPM is not even required by Windows 8. RT... well that's another issue but this article is mainly about PC's, not RT tablets.