Microsoft Announces 'Windows 10 China Government Edition', Lets Country Use Its Own Encryption

At an event in China on Tuesday, Microsoft announced yet another new version of Windows 10. Called Windows 10 China Government Edition, the new edition is meant to be used by the Chinese government and state-owned enterprises, ending a standoff over the operating system by meeting the government's requests for increased security and data control. In a blog post, Windows chief Terry Myerson writes: The Windows 10 China Government Edition is based on Windows 10 Enterprise Edition, which already includes many of the security, identity, deployment, and manageability features governments and enterprises need. The China Government Edition will use these manageability features to remove features that are not needed by Chinese government employees like OneDrive, to manage all telemetry and updates, and to enable the government to use its own encryption algorithms within its computer systems.

Business as usual

Doing business with totalitarian governments is all good as long as the money keeps pouring in.

Re:Business as usual

Doing business with totalitarian governments is all good as long as the money keeps pouring in.

TFS says China, not the US.

Re:Business as usual

[jellomizer]

But who is the totalitarian government? China or the United States?
Being that the world is recovering for a wide spread ransom ware attack caused from an long time "unpatched flaw" used by the United States National Security Agency. It would make sense for a government such as China to try to protect its data with its own "security measures".

I am not being naive in not bringing up that China will probably have an encryption algorithm with a back door so the government can weed out subversives. However chances our our counties being the United States, United Kingdom, Canada, Germany, France... Are not agencies of good and riotous, but have a complex set of national needs to protect order.

While I am sure profit was Microsoft big factor, however there is also a general global self interests to make sure the world stays up to date in software. Being that Windows is so dominate world wide not caving in for this case, would mean China would use outdated hacked versions of Windows, with their spying happening anyways. At least with Microsoft having some control, the fact that the Chinese Windows 10 has Government Encryption will let subversives to know what not to use.

Re:Business as usual

Of course. That's why the US signed a $110 billion arms deal with Saudi Arabia. You gotta keep the military-industrial complex's snouts in the trough.

Re:Business as usual

[James+Carnley]

Encryption is not tied to any one country. If they switch from AES (which has no backdoors) to ANYTHING ELSE then it is by definition less secure. There is no security benefit from using their own encryption. Even a conspiracy theorist would admit that the chances of AES being broken by even the NSA is close to 0.

So this change by China is not about protecting itself from foreign governments but is completely about controlling information and allowing itself to spy on its citizens.

Re:Business as usual

[sheph]

Ok undisclosed vulnerability (created by Microsoft's carelessness) leveraged by our intelligence agency vs Tiananmen Square. Please tell me about your governmental totalitarian equivalence in this regard. All countries have spies. Spying on our own people was hardly cool, but it's not executing our dissenters either. Let's not muddy the waters with false equivalence.

Re:Business as usual

If you think the US is a totalitarian government, you might just brush up on your history a bit. You piss on a MAGA hat in public, you will be cheered. Do some anti-government stuff on the street of a true totalitarian country, and you might just wake up in pieces, organs sold to the highest bidder.

The US has its problems, but it is definitely not a totalitarian country by any means.

Re:Business as usual

[XXongo]

But who is the totalitarian government? China or the United States?

China.

Being that the world is recovering for a wide spread ransom ware attack caused from an long time "unpatched flaw" used by the United States National Security Agency. It would make sense for a government such as China to try to protect its data with its own "security measures".

That is indeed sensible, but it is unrelated to totalitarianism. The fact is that China is a totalitarian system.

Re:Business as usual

Everyone else continues to use Microsoft Windows 10 US Government Edition!

Re:Business as usual

[Austerity+Empowers]

It would make sense for a government such as China to try to protect its data with its own "security measures".

China should make its own operating system to their own spec, and no one can buy it, and no one can pay their engineers who worked on it, and they can suck it.

No one should be catering to their government's needs, it should be free to fall on its face.

Re:Business as usual

The backdoor in AES is the selection of strong keys.... Do not forget this.

It was designed weak with a large keyspace that intentionally produces weak keys if selected at random. Only a small subset of the keyspace has strong security.

Why would they make it broken if they use it you ask? Well they strategically require all keys are created by the NSA and they simply make sure to only hand out strong keys. If you use it yourself you have to be "lucky" to have used a strong key since most of the pool is weak.

It is not a backdoor in "theory" but it's definitely a backdoor in "practice". When an algorithm can be "accidentally stronger in some cases" that my friend is how governments today hide backdoors.

Also read about the first 6 rounds of AES which were "solved" by someone. If the first 6 rounds have been broken, the rest isn't far off.

Re:Business as usual

Encryption is not tied to any one country. If they switch from AES (which has no backdoors) to ANYTHING ELSE then it is by definition less secure. There is no security benefit from using their own encryption. Even a conspiracy theorist would admit that the chances of AES being broken by even the NSA is close to 0.

So this change by China is not about protecting itself from foreign governments but is completely about controlling information and allowing itself to spy on its citizens.

There will be two flavors of this OS version. One with very strong encryption (used by chinese government), and the consumer flavor with a gaping backdoor.

Re:Business as usual

[chispito]

But who is the totalitarian government? China or the United States?

Compared to China's recent past, neither. I suspect it doesn't matter, though, as you're probably ignorant of most actual human rights issues in the world, and are narrowly focused on the excesses of the NSA, CIA, and FBI versus how much each government actually tries to control its citizens' public and private lives.

Being that the world is recovering for a wide spread ransom ware attack caused from an long time "unpatched flaw" used by the United States National Security Agency. It would make sense for a government such as China to try to protect its data with its own "security measures".

This is also ignorant. The security flaw would still be there, for someone else to discover, if the NSA had not discovered it. It would also still be there if they had not informed MS so that it would be patched in the March 2017 updates. And, while we're talking about how nice everyone is, even Russia, erm, I mean the "Shadow Brokers," knew better than to disclose it until MS patched it--though I suspect that was so they could also get a little bit of mileage out of it. Should the NSA hoard bugs? Debatable. Would millions of computers worldwide be patched right now if the NSA had not had the bug in the first place? No.

But guess what? Even if China has their own special version of Windows with their own crypto, it does NOT make them safe from future 0-days. When you have arbitrary code execution on a system, you have access to ANYTHING that system has access to. If the system can decrypt the data, then so can you.

Re:Business as usual

What are the differences between weak and strong AES keys?

Re:Business as usual

[butzwonker]

If they switch from AES (which has no backdoors) to ANYTHING ELSE then it is by definition less secure. There is no security benefit from using their own encryption.

This is the most preposterous and uninformed bullshit about cryptography I've heard for a long time. AES had fairly low security margins even at the time it was introduced, and it is easy to come up with a slower, but ostensibly more secure Feistel cipher provided you have some expertise in cryptography and cryptanalysis and are careful. AES has been developed as a replacement for 3DES, with speed and applications in finance and bank transactions in mind, not for high security demands. It makes a lot of sense to replace it with a cipher that has larger security margins for applications in government and military, for instance, or to replace it with your own cipher that you have analyzed more extensively than AES so far. Government agencies have their own level of expertise in cryptanalysis and their own set of criteria.

Re:Business as usual

It would make sense for a government such as China to try to protect its data with its own "security measures".

China should make its own operating system to their own spec, and no one can buy it, and no one can pay their engineers who worked on it, and they can suck it.

No one should be catering to their government's needs, it should be free to fall on its face.

What's wrong with a government paying someone else to do it for them? That's how markets work. As an individual consumer, you can't demand a feature and get it but if you were, say, willing to buy 5 million copies of the product, you can bet your butt any company would consider custom making and designing a product for you. There isn't any real difference between this China/Microsoft deal and any other government contract.

Re:Business as usual

[Hentes]

There is nothing "usual" in this. Windows telemetry is already the largest surveillance operation in the world, handing the keys over to the Chinese government will give them some very scary probing capabilities.

Re:Business as usual

[cryptizard]

Also read about the first 6 rounds of AES which were "solved" by someone. If the first 6 rounds have been broken, the rest isn't far off.

Terrible leap of logic here. There are lots of things that are easy for the first few iterations and then grow exponentially in difficulty. Take this anecdote about Ramsey numbers for instance:

Erdos asks us to imagine an alien force, vastly more powerful than us, landing on Earth and demanding the value of R(5, 5) or they will destroy our planet. In that case, he claims, we should marshal all our computers and all our mathematicians and attempt to find the value. But suppose, instead, that they ask for R(6, 6). In that case, he believes, we should attempt to destroy the aliens.

Moreover, the attacks you are referencing are only theoretical attacks that reduce the complexity of breaking AES from 2^128 to 2^100, still far out of reach for existing technology. They also require a very cumbersome security model where the attacker gets to observer ciphertexts encrypted under several keys that are mathematically related to the target key. This does not happen in real life.

About this:

It was designed weak with a large keyspace that intentionally produces weak keys if selected at random. Only a small subset of the keyspace has strong security.

This is complete nonsense. No one has ever discovered weak keys in AES.

Re:Business as usual

Low security margin? Perhaps you care more about idealism than security. AES-256, as it stands with current methods, can't be feasibly broken within the lifetime of the sun with all of the energy contained within the sun. Just ask Bruce Schneier, whom, by any account, is more of a valid authority than butzwonker.

Re:Business as usual

[cryptizard]

I agree that there is nothing wrong with AES, but there is also nothing wrong with wanting to use your own encryption if you are the Chinese government. They have their own extremely qualified cryptographers, we are not talking about some guy in his basement coming up with his own block cipher. If the situations were reversed and the Chinese government had invented and standardized AES, there is no way the US government would use it even if every academic in the world said it was secure.

The Chinese block cipher is called SM4 and its algorithm is publicly available. It is a pretty standard Feistel construction, if it is truly vulnerable then people will discover that and then everyone will know. That is how science works.

Re:Business as usual

[DarkOx]

But who is the totalitarian government? China or the United States?

China obviously, to suggest otherwise makes we weep for our future. You apparently have no understanding of Totalitarian means or your blind rage at the abuses of our government has cause you to loose perspective entirely. Totalitarianism is more about breadth of government than structure or power. In theory you can have totalitarian republic, in practice I am sure eventually people would get tired of it and no matter how propagandized would start to vote for people seeking to relax the rules. When totalitarianism is really scary is when its combined with Authoritarianism ( a small ruling party or individual that isn't accountable to the governed ) as is the case in China.

Even the monarchies of old Europe were not totalitarian. A totalitarian government says, jellomizer you shall be a rice farmer, because we say so, that you don't want to be a rice farmer does matter. It says your wife will have your child ripped from her womb because you can't pay the taxes required to have more than two children. It says a highway is going to be put thru here, we are paving over your ancestral home and you may or may not be compensated it depends on how the local government feels about your loyalty this week. That is the kind of stuff totalitarian governments do! That is the kind of thing that happens in China!

Our relationship with China is one of our societies greatest moral depravities. That we should enable an support that government through trade is an out rage. That we allowed the evil UN to give recognition of China to the PRC over the legitimate democratic ROC is a tragedy. We should should have refused to sit with them on the Security council we should have told the rest of the UN its China or US as a member not both! We walk if you let the RPC represent China. We should recognize Taipei as the lawful capital of China.

Re:Business as usual

[TechyImmigrant]

The backdoor in AES is the selection of strong keys.... Do not forget this.

Please identify a weak key or a structure for a weak key for AES that leads to a practical attack. I know of no such attack.

Re:Business as usual

[TechyImmigrant]

What makes you think this is about AES and what makes you think the algorithms that China wants to use are not superior to the NIST options?

In the case of hashes, the Chinese options are simply better both in terms of resistance to known attacks and implementability and come courtesy of the professor who broke SHA-1, who is Chinese.

NIST fucked up royally with SHA3, putting it up to a popularity vote. The Europeans turned up at the meeting in strength and voted for the home team. It had nothing to do with the algorithm. Hence the adoption of SHA3 in hardware is going nowhere. We wanted a new hash, not a license to waste gates and power.

There was an interesting dynamic at ISO SC27 WG2 a couple of years ago, where the Chinese (literally, the proposals come from nation state delegates) hash proposal was presented, along with a proof of why all the SHA were fucked and why the new structure dealt with it. At the same meeting, the NSA were there presenting Simon and Speck block ciphers for adoption by ISO (which are superb ciphers from any way you look at it, far superior to AES or SMS4 in implementability and at least as secure in security). The crows were having none of it. All comments were of the form "You're the NSA and we don't trust you". Keep in mind the comments are coming from representatives of governments. not individuals. I am not a US citizen, but I was a US delegate.

China has a legitimate reason to dislike some of the NIST crypto options and legitimate reasons to prefer their own.

If this was open source people would be happy that you could use your own choice of crypto algorithms. Microsoft would be better off making the crypto plugable in windows for the rest of us, not just the Chinese government.
 

Re:Business as usual

[TechyImmigrant]

Low security margin? Perhaps you care more about idealism than security. AES-256, as it stands with current methods, can't be feasibly broken within the lifetime of the sun with all of the energy contained within the sun. Just ask Bruce Schneier, whom, by any account, is more of a valid authority than butzwonker.

Lower. Jesus H. Read before you type. Also learn what security margin means with respect to block ciphers. It's difference between the number of rounds in the algorithm and the number of rounds broken in the best known attack. With AES it is absolutely lower than many other block ciphers.

Re:Business as usual

What do you mean it is less secure? Do you know what encryption they will use? Can they not devise their own that may be the best out there? Every single encryption was designed by someone.

Re:Business as usual

Or how about
China does not trust US software not to have backdoors and universal key for the encryption.

Lets face it, the US has proven it should NOT be trusted, not just once but time and time again.

China is a big enough market (and one with massive growth potential) that it can and will make these sorts of demands. And just like the US, the believe they have the right of sovereignty.

Re:Business as usual

[Cipheron]

It can have both. The government ones will need a backdoor for the government to get in to monitor their employees, they could use the same thing on PCs shipped to citizens.

chinese government

probably has some alternative features, to watch what their people are doing....

Re:chinese government

[JcMorin]

I think windows have already most of the what they need, they can probably grab even more stuff like url visited, app running time but the whole concept of reporting data to a server is built-in Windows 10 and that's save a lots of time for Chinese Gov.

Re:chinese government

the NSA also needs that in the regular edition

Re:chinese government

It's funny that people don't realize that MS's holds the master encryption key,
which they'll happily share with whomever pays the most. This confirms it.

CAP === 'contempt'

Re: chinese government

[TheOuterLinux]

In the U.S. It's already legal for ISP's to sell web history, and since Micro$oft wants as many purchases on their App Store as possible, they probably already know software usage too. Intelligence agencies can just purchase your unencrypted web traffic without a need for a warrant. I guess China just wants to do it for free. I thought Window$ 10 was the worst OS, but I guess the Chinese version would be on another level of its own.

Re: chinese government

[Miamicanes]

> It's funny that people don't realize that

> MS's holds the master encryption key,

> which they'll happily share with whomever pays the most ... or any court that orders them to.

  That said, Microsoft has UNQUESTIONABLY taken steps to limit the scope of any one court's or government's ability to compromise that master key by using it to encrypt sub-keys used to encrypt sub-sub-keys used to encrypt the *actual* key they'd have to reveal.

Example: a new installation of Windows generates a 256-bit salt (probably derived from the license key or GUID) & stores it locally, then communicates it to Microsoft (who also discerns the country). Microsoft computes the sha256 hash of that salt plus their own sub-sub-key, then repeats it a million times with the output of the previous hash in place of their sub-sub-key. They then communicate the final hash back to the newly-installed Windows, which securely stores a copy & uses IT as its master key going forward. If a future court demands the key, MS obtains the salt from the computer in question, re-derives the key, and shares THAT with the court. Salt unobtainable? Mathematically-impossible to re-derive the key in any sane amount of time. Key revealed? The court can now decrypt THAT computer, but no other. If push came to shove, Microsoft shares the sub-sub-key(s) for that jurisdiction plus the algorithm, and tells them to have fun.

The important point: the master key ITSELF is stored in pieces distributed across multiple jurisdictions, INCLUDING Russia and China... the likelihood that they'd ever act in union is approximately zero. So the US might be able to compel Microsoft to disclose their "US" sub-key(s), and the pieces of the master key that US courts can order the disclosure of, but it would NEVER be able to obtain the complete global master key.

It sounds like in this case, Microsoft has basically generated a new master key for the China-Government edition, delegated responsibility for its safeguarding to China, and washed its hands. It has no implications for non-Chinese users, unless you're using a pirated Chinese-Government copy (which, in all likelihood, will have so much malware added by whomever made the pirated copy available, the theoretical ability of China's government to decrypt it would be the LEAST of your real-world problems).

Re:chinese government

[Opportunist]

How's that "alternative" in Win10?

Re: chinese government

[Opportunist]

That's bad enough if it's MY computer.

Re: chinese government

You have literally no idea what you are talking about.
None of those words go together.

Re: chinese government

We all have heard about grand security systems before. The Maginot Line was going to hold off Germany. The Great Wall, barbarian hordes. However, even with the key stashed via various countries, there are always to get it. Bribe one sysadmin because all he cares about is the cash. Another sysadmin has ethics, so a relative "disappears", and he has to choose between handing out that chunk or finding his daughter in pieces. Another sysadmin is single and has morals... but government officials where he is are bribed and he gets a choice between coughing it up or being tossed into prison for some vague sedition charges. Still another sysadmin falls sick, health insurance doesn't cover things, so he is given the choice of getting treatment versus dying, with all that is needed is to let someone access a HSM.

What one man may secure, another man will break. Then, there is collusion. The Russians want one guy, the Brits want someone else. If each country forces their respective MS install to cough up a key piece, then they all can go after their aims.

The best thing of all? No master keys. Someone, somewhere will break the system, and the world will be in a... world of hurt when (not if) it happens.

Re: chinese government

[Miamicanes]

Encryption isn't an insurmountable barrier... it's just a speed bump. Hopefully, a really big one that can't easily be driven around... but a speed bump nonetheless.

Realistically, if you encrypt a 128-bit AES key using a 2048-bit RSA key and follow all current best practices for padding & implementation, you can feel 99.9% confident that an attacker with the resources of a state espionage agency won't be able to defeat it within 5 years... 99% confident they won't be able to defeat it within 10 years, about 95% confident they wouldn't be able to defeat it within 20... and about 10% confident they wouldn't be able to do it within 100 years.

For a good example of how you can end up with an implementation that "works", but has compromised strength, Google "textbook RSA" (RSA is *notoriously* hard to "get right" if you try treating its basic algorithm as a cookbook without paying attention to OTHER details like padding & format of the plaintext).

Lately, Elliptic Curve has gotten more attention, because more than a few people have been getting nervous about our current de-facto RSA monoculture (for asymmetric-key encryption). RSA itself has no immediate threats, but we need to have a credible "Plan B" in case some horrific exploit that can't be mitigated by longer keys gets discovered. At this point, using ElGamal or some other alternative would be a bad idea (RSA is better-understood & not demonstrably worse than alternatives), but that could literally change almost overnight.

Windows 10, as it should have been.

Controlled updates, managing all telemetry, and rolling your own encryption? Where can I buy this magical product?!?

Re:Windows 10, as it should have been.

"Controlled updates, managing all telemetry, and rolling your own encryption? Where can I buy this magical product?!?

China?

Re:Windows 10, as it should have been.

Wow, never though that there would be a time where I am honestly considering getting a "Chinese government edition".

Thanks Microsoft.

Re:Windows 10, as it should have been.

[Opportunist]

Or we could just *snicker* pirate a Chinese version.

Oh the ironing!

Re:Windows 10, as it should have been.

[some+old+guy]

Or just wait for the next windows update.

Re:Windows 10, as it should have been.

[courteaudotbiz]

We must assume that only the Chinese governement will have access to change how these settings behave. You really think the Chinese government is going to authorize anyone to put any settings in these magical boxes?

Can I have a copy.

"remove features that are not needed by Chinese government employees like OneDrive, to manage all telemetry and updates"

Excellent! Where can I get a copy?

Re:Can I have a copy.

Me too. This is exactly the Windows I've been wanting for years. Does MS even realize what a market there is for this in the US?

Re:Can I have a copy.

Sure they do, but the market for your data is much better. Also, people bitch a lot but they keep buying Windows, so why would Microsoft care what their users think?

Re: Can I have a copy.

[fubarrr]

Want to buy party membership?

Re:Can I have a copy.

[sheph]

People really need to better understand the business dichotomy in a capitalist society. The software is not the product. The stock is the product of any company. They care far more what shareholders think than what users think. Users are a dime a dozen. And what are you going to do? Go to Linux? Go ahead. Eventually you're going to run into an app you need that only runs on Microsoft and you'll be back eating whatever dog food they decide to serve you. Security be damned. Privacy be damned. Usability be damned. That's really how it is.

Re:Can I have a copy.

[AmiMoJo]

There may be hope for the rest of the world. If Microsoft puts in the necessary work to remove all that stuff and keep the OS working, chances are there will be some way to enable the enhancements on other versions too.

Re:Can I have a copy.

[Opportunist]

Got to Linux? Check.
Program needs Windows to run? Does it run in $old_version? If yes, install $old_version in VM. Seal it against network so the fact you're using $old_version of Windows doesn't cause a security problem.

Problem solved.

Re:Can I have a copy.

This message brought to you by: your local internet marxist.

Re:Can I have a copy.

> Excellent! Where can I get a copy?

China. Says so right in the article.

Re:Can I have a copy.

I haven't been forced to run Windows to do anything important in a long time. If a business decides to build their shit on sand (Windows), that's on them. And since virtualization is cheap these days, there's no real reason to run Windows on bare metal unless you're a mainstream PC gamer. GNU/Linux, the BSDs, fuck even OS X is more capable in all other environments. Windows is basically a corporate OS. They have laptops, tablets, and phones, sure, but you can't do anything productive on a tablet or a phone without some serious hackery. Nobody's building software on a Surface Pro.

Re:Can I have a copy.

I keep uninstalling OneDrive and updates keep reinstalling it.

Rename needed for "OneDrive"

They are going to use the one word "Backdoor" for this edition. This edition is also expected to double the bandwidth costs for chinese since they will uploading the data twice: to Chinese Govt Server instead of just the Redmond's one. For others, NSA saves the cost by procuring it with their own bandwidth.

Windows 10, Jordania Edition?

Or Windows 10, North Corea Edition? Or perhaps Catalonia or Surinam? Or Qatar?

C'mon, Microsoft. Be inclusive!

Re:Windows 10, Jordania Edition?

win 10 Germany, france, uk...tailoring access to large markets sounds like a great new revenue stream and a tidy way to get past the different privacy laws in each jurisdiction.

The First Good Version of Windows

Microsoft finally makes a "good" version of Windows... only to make it exclusively available to supporting an oppresive regime.

Thanks, Microsoft.

Enable The Government To Use Its Own Encryption

[James+McGuigan]

"enable the government to use its own encryption algorithms"

Re:Enable The Government To Use Its Own Encryption

[James+McGuigan]

"enable the government to use its own encryption algorithms"

This would either imply one of two things (or both):

1. The Chinese Government wants to install encryption backdoors in its own systems, to prevent employees from keeping secrets from it.

2. The Chinese Government is worried that the US government has installed encryption backdoors in the standard algorithms and wants to enable its employees to keep secrets from the US government

Re:Enable The Government To Use Its Own Encryption

ROT2500

Re:Enable The Government To Use Its Own Encryption

[93+Escort+Wagon]

How long will it be before someone in the current US government asks for a "Freedom Edition" requiring NSA-provided encryption, I wonder?

Maybe it would just mandate use of a particular elliptical curve algorithm...

Torrent?

[clonehappy]

It should be easier to determine what Chinese servers to block at the firewall than to play Microsoft's game of obfuscating where the telemetry data is being sent to.

Meanwhile

[kkoo]

Everyone else continues to use Microsoft Windows 10 US Government Edition.

Re: Enable The Government To Use Its Own Encryptio

[AvitarX]

Could be both.

Fear of US back doors, wants Chinese back doors.

I suspect though that it will end up being less secure wither way. Less tested for attack however they implement it.

Sure thing

Now all we have to do is to wait for a gov employee to seed it on the torrents.
Please send us the activation key also.

Totalitarianism

[XXongo]

I have to remind you that "totalitarianism" is not a synonym for "a government I don't like", nor even "a government that does despicable things."

It is "a system of government that is centralized and dictatorial and requires complete subservience to the state."

The US does not (yet) assert total control over its citizens, although some political factions might like to go in that direction.

Re:Totalitarianism

You need to step out of the basement, that is exactly how the US operates in several key areas: border intersections, airports, etc. You just don't want to acknowledge that fact.

Re: Totalitarianism

Borders and airports are very easy in the US if you're a citizen and white. I speak from personal experience.

Re:Totalitarianism

A government is supposed to prevent people from crossing in without authorization.

Re:Totalitarianism

It says "complete subservience to the state", not just complete in several key areas.

Re:Totalitarianism

[nomadic]

Interestingly, China used to be a totalitarian state but I think they've moved over into the authoritarian state category.

Re:Totalitarianism

If the scan-strip and physical groping of kids is "authorization", the US is doomed.

Re:Totalitarianism

[jbmartin6]

And the people in China are also only subservient in several key areas.

Re:Totalitarianism

[Darinbob]

I am allowed to mock and ridicule the leader of my country in the US, it's practicaly my civic duty to do so. I don't know of any totalitarian governments that allow that sort of freedom.

Do not mistake a few totalitarian like facets to be the same as being in a totalitarian state.

Re:Totalitarianism

one way to draw the line: in US border check is to keep people out... in China (and MANY other places), border check is to keep people *in*.

Re: Totalitarianism

[Brockmire]

Border intersection? Wtf. Did you mean border crossing?

Re: Totalitarianism

Security screening is a condition of commercial aviation, to screen out those who would cause harm to a flight (effectiveness is a separate debate).

Nothing to do with what you suggest.

Screening to cross a border is a simple matter for hundreds of millions of travelers a year. (And don't confuse the matter with Customs enforcement, either)

Re:Totalitarianism

[Cipheron]

Governments evolve this way because at the end of the day it's not cost-effective for one group to control every aspect of everyone's life. e.g. if they're projecting their authority to control what you have for breakfast every day then that's a lot of paperwork for something which gains them very little power, in fact it drains the ruling party's resources.

Re:Totalitarianism

[nomadic]

Also it's hard to maintain totalitarian rule when you have a growing, politically significant middle class.

this should be a clear message to ALL of us

[evolutionary]

Okay, if the Chinese Government required a special version of this Windows to run in their country, then something stinks about it. Like the data collection and invasive controls that windows 10 possessed from the get go. Doctors, Lawyers, Accountants or virtually anyone handling confidential information need to be paying attention. The very use of Windows 10 in their work violates client/patient confidentiality. (as it sends file header + other potential information possibly not revealed yet) to MS and from their to the US Government. IIn the movie "Bridge of Spies" I remember Hank's line to the CIA agent "We are not having this conversation" concerning a spy he was representing.

People may brush this off in the USA but countries in other countries potentially doing international business, scientific research, or many other things may not their information going to a foreign power. We weren't exactly thrilled when NASA emails wound up being copied to China with a simple DNS availability message boost (we have since corrected, THAT was scary). Windows 10 is and has always been a trojan in it's very conception and we all need to say "No". Windows 7 or Linux, possibly Apple (but I'm not sure I trust them with their iron grip policies particularly on their Iphones) are perfectly user friend/usable solutions.

Those In the Medical profession, I know many hospitals/doctors are stuck with Windows-only drivers/software packages but the medical industry is going to have to make some serious choices: either publicly tell the world their information will go the US Government/Microsoft (for possibly sale) or the medical community will have to demand drivers//software versions that are Linux or Mac compatible. Some are staying on Widows 7 for this reason, but MS had is trying to pressure everyone to go to Windows 10 either by withholding critical updates (they did patch XP for the NSA contributed ransomware so clearly some mandates there) or possibly through other means. (remember, they did start by force feeding which got a public stick) There could even be legal implications for lawyers and medical professions that could be violated here. Hopefully we'll start getting the message soon. It's becoming a not so brave new world.

Re:this should be a clear message to ALL of us

Your point, citizen?

Re:this should be a clear message to ALL of us

[evolutionary]

that a foreign power as basically said windows 10 is a threat to their secrets for the first time in ms history and anyone who values confidentiality or privacy needs to ditch ms windows.

Re:this should be a clear message to ALL of us

Those In the Medical profession, I know many hospitals/doctors are stuck with Windows-only drivers/software packages

They are not stuck. Throw money at the problem, someone will write your FLOSS alternative. That's where PGP came from, the German government threw money at encryption. I'm sure the medical industry can afford to hire some programmers. Seems they even have an ethical responsibility to.

Fixed headline

[azrael29a]

Microsoft Announces 'Windows 10 China Government Backdoor Edition'

Re:Fixed headline

[Opportunist]

The difference to the version everyone else is using is the "China" part, I get it?

NSAKEY

Does it still contain NSAKEY?

Re:NSAKEY

Probably not. It's a 1024 bit key.

Some?

You mean ALL factions. I'm quite sure Hillary would love to dictate every facet of your life to you, given the choice.

Note: I am not a Republican.

guys guys

This isn't an either-or question. Can't we agree that both China and US are evil totalitarian governments.

Re: guys guys

Hmm, indeed, we can.

what about Windows EU edition?

I wonder what happened to the EU version with that window thing that let you get another browser, or that other EU version without the media player (rofl).

The U.S. government is weak and corrupt.

I wish the U.S. had a real government, not the one we have now, which is messy and badly supervised everywhere I look.

1/Nth of a Key != The Key... Contempt of Court

1/Nth of a Key != The Key... Contempt of Court

What governments crave!

Everyone else continues to use Microsoft Windows 10 US Government Edition.

It has what craven Governments crave!

trump should remove there H1B's from china for thi

[Joe_Dragon]

Trump should remove there H1B's from china for this. This IS THE USA WE DO NOT BOW TO RED CHINA!!!

Microsoft must have very little money...

... when it agrees to customize (and sell) its windows operative system on a per country basis. Microsoft... on its way down...

Windows 10 China Government Edition

It contains all your hacking tools and utilities, right there on the desktop! For all your industrial espionage needs, think "Windows 10 China Government Edition".

Possible +/- side-effects of special version

[Picodon]

Assuming that it will have a specific version identifier, this could have the side-effect of clearly identifying Chinese government computers, marking them as prime targets for their foes, but conversely also eliminating the risk of friendly-fire.

Huh...

[XSportSeeker]

Man, the chinese government just gets all the good things.... wait what?

Only One Version - My Ass!

So how many different versions of Windows 10 are there now?

How exactly are we as software developers supposed to test our software against them?

Fucking ridiculous...

Nothing to see here folks, move along

[thunderclees]

M$ selling out to the PRC? How si this even news?
M$ has done anything the CPC has asked of them.
Yet, the CPC does nothing about software piracy so M$ continues to lose revenue.

“Compromise is a stalling between two fools.” - Stephen Fry

Can you imagine

[kaatochacha]

The backdoors this software is going to have?