NSA backdoor creates security hole in Windows

A number of people have written in with the news that Cryptonym has found an apparent backdoor for the NSA (called NSAKEY) in all current versions of Windows. However, you can open this backdoor yourself and install your own strong cryto module in place of the built-in one. More details are also online, but to be quite frank, we aren't quite sure on this one-so, if you're more qualified comment, please do so below.Update: 09/03 11:19 by H :Thanks to Jens Hillman for more information from the German Chaos Computer Club. Der Webpage ist auf Deutsch-Babelfish it.

Re:Is it possible this is a decoy?

[kkenn]

Not quite as bad as that. Check the PGP FAQ which talks about the relative merits of the different algorithms.

Re:Well, this is another argument for getting sour

[MindStalker]

That is exactly why I don't believe in socialist. For some reason government just can't take issues seriously. While in a capitolistic company, every thing that could possibly go wrong is taken with the upmost seriousness usually. (This is one reason I'm not worried about y2k in america)

It's all about control...

[Da+w00t]

I REALLY liked it when windows decided it wanted to run away with (one, just one) of my CPU's on my nice P2 400x2 machine. I tought it right quick -- kill -9 vmware fixed it right nicely.

Re:We let the government decay to a dangerous poin

[Simon+Brooke]

AC writes:


I remember him saying before Waco that the four best police agencies in the world were (in order) the FBI, the Texas Rangers, the Texas Department of Public Safety, and the Mexican Federal Judicial Police.


Every so often someone in the British establishment says 'British [X] is the best in the world'. It's always a sign of a major scandal brewing in [X], whether that's beef, banking or beaurocracy. 'The best in the world' means out-of-touch and complacent, and out-of-touch and complacent is very, very close to corrupt.

Re:Well, this is another argument for getting sour

And the NSA is a baaaaaad place to be if you are a Christian, because they see that as compromising you, like secret homosexuality.

Not true. Bible Studies are held in the cafeterias quite often, and there are more WWJD badge chains than I can count.

And the coffee comment is bogus - if you don't want the stuff in the cafeterias you have to provide your own anyway.

As for whether or not the three-letter-agencies still work, I'd say that they do. There really is more going on in the world than the stuff that makes it onto CNN.

Re:That was a theoretical attack

[porkchop_d_clown]

Thanks for the correction - I had forgotten who had actually written the trojan.

--

Re:That was a theoretical attack

[porkchop_d_clown]

First, it isn't FUD, it was done - although (as another person pointed out) it was never released outside AT&T, which contradicts what I had originally read, but I guess Thompson would know better than I what he did with the Trojan.

Second - That doesn't eliminate my main point: There's no reason why someone with access to one of the main GNU distributions sites couldn't pull the same trick off today, by slipping the trojan into gcc.

--

Re:oooh is my face red

Its still more correct than the original poster's implication that we may still be running a C compiler with a backdoor like this in it.

At which point did he do that? He said that it had existed (which turned out to be incorrect, true). In any case, it has been a long, long time since UNIX releases used the original K&R compiler.

Re:We let the government decay to a dangerous poin

And it's not an iron law. There are a few stout souls who recognize their level of incompetence and avoid it (for example, a friend of mine recently jumped off the management track because he realized that he couldn't deal with the stress of it.) There are others who target their level of desire, which is possibly significantly below their level of incompetence (for example, there was a guy named Ernie where my dad works whose level of desire was very low. He knew the work of everyone two levels above him; he trained most of them. But he refused to be promoted beyond what he was comfortable with, even though he obviously could do the work.)

Re:Sorry but that's BULL

[cwilkins]

It was NT3.51, on very specific hardware (A Compaq somethingorother), and C2 orangebook only.

MS has of course used this to imply that NT has been C2 certified -- worded carefully so as not to be an outright lie.

the begining

[discore]

i have a feeling this is just the begining to a lot of government related spying-on-your-computer stuff. we'll see. sure we've heard a lot about it but is it happening now to a huge extent?

Re:the begining

[DrNO]

so, what was all that commentary about excessive parinoia? It seems pretty clear that those of us who tend to trust in governments and big busines's good intentions should revise our opinions.

Re:the begining

You are excessively paranoid.

Some of us probably aren't cautious enough.

Don't say "we" when you're really trying to preach to us.

Re:the begining

I would be more worried about what thy may put on your machine. Think about it. You make an enemy out of some jerk who (has dirt on, or is a friend of) some government offical. Now we can't keep nuke secrets off the web (see http://www.fas.org/nuke/hew/Library/Teller.html ) so there is no way that key will stay out of the wrong hands. Your door get blown down at 4 AM and your hard drive is full of kiddy porn or worse that they uploaded while you were sleeping. Think it can't happen? They've done worse in Waco and at Ruby Ridge, they just didn't use a computer as the weapon of choice.

Re:the begining

[kootch]

in the immortal words of Kurt Cobain:

"just because your paranoid doesn't mean they're not after you."

Re:the begining

[discore]

oh im not neccisarily paranoid about it. i don't have too much to hide on my windows box. it's just interesting that the government wants to know what's on everyone's computers really badly for some reason, and it's obvious they are willing to go to quite excessive lenghts to get it. is that a government that should be trusted? one that can't even trust its people?

One more nail in the coffin...

[Space+cowboy]

*If* this is true (I don't have Windows, so I can't try and check!) then surely its one more reason for Linux to be trusted over Windows. Or (more accurately) for open source to be trusted over closed source.

Re:One more nail in the coffin...

Open, so that a small elite 1% of the population who can read C and figure out the obfuscations, and sort out the fact that the C compiler itself, or any of the libraries it links code against, may have back-door-injecting features included. Yep.

Re:One more nail in the coffin...

I would have to agree. There's an excellent probablility that someone will spot a trojan horse in OS code. Consider how many people are making a living a security consultants.

Re:One more nail in the coffin...

[Analog]

Lessee, that would make nearly 3 million people in the US alone, over 50 million worldwide, and all it takes is one to find it and say something...

Re:One more nail in the coffin...

[Ralph+Wiggam]

I agree with you, but you're forgetting one thing. I trust that 1% of folks because they have no financial, legal, political, or nationalist ties to any one entity. If any one of the people in that 1% finds something shady going on, they have the ability to bring the whole world's attention to it (read: slashdot.org). I have one semester of C training and as far as I'm concerned, the Linux kernel code is complete giberish. Still, I trust it because a group of brillaint, nerdy guys I don't know are checking it out for me.
When you get a group of people with shared ties writting code (in this case financial and political) where it would not be in thier self-interest to cry wolf, you end up with interesting situations like this one.

skepticism note: I would not be suprised if this story was either an anti-MS hoax pulled by some fanatical open source group or if the naming scheme is a joke from a 25 year old programmer at MS and has nothing to do with the National Security Agency.

-Barry

Re:One more nail in the coffin...

exactly.. open for everyone to see exactly what is going on, or closed so that big bill and his buds in the NSA can enforce a law outside their own country.

Is it possible this is a decoy?

It was easy to discover so maybe it's just a coverup for something larger NSA put in there, which is still active? Good thing this can't happen with Open Source software like Linux!

Re:Is it possible this is a decoy?

The question goes further.

You had to inject binary libraries into your system at some point to bootstrap it.

Even if you replaced those libraries with new versions for which you've stepped through the code, they had to be built using the earlier versions.

Better learn how to read machine code and get REALLY good at it. And by the time you can prove your system isn't compromised it will be obsolete.

Deal with it. You can't have complete privacy. In real life or on your computer. It's never been possible, and it never will be. Base your security model on that fact, and stop ripping up the floorboards looking for funny pieces of wood that don't match. Unless that's really what you enjoy doing.

Re:Is it possible this is a decoy?

[um...+Lucas]

According to the PGP manual distributed with the binaries, MD5 is just about completely broken... Meaning that it is possible to generate new text that conforms to the old signature. The alterntive is SHA, developed by: the NSA...

I guess it's a battle of the lesser of two evils, broken implentation vs. strong implentation written by the organization that everyone seems to love to hate

Re:Is it possible this is a decoy?

[dirty]

Does anyone else rember the ComBot backdoor? Basically what happened was ComStud, the guy who wrote ComBot (an irc robot) put in a few lines of code that allowed him to have full access to the bot. It wasn't 100% obvious what was going on because the backdoor was placed in two files (one part copied the crypt()'d version of "HAQD" into a global string w/ the comment /* Don't ask, it works */). This was located in main.c. The other part was located in ctcp.c which would crypt() the first word of the ctcp command and if it matched the other string it would treat the command as if it came from the owner of the bot. It took a little while to get discovered, but it did.

Basically being open source doesn't prevent something from being back doored, but it does make it harder. Not to mention the ComBot example isn't the greatest, it could have been hidden better.

Re:Is it possible this is a decoy?

[HyPeR_aCtIvE]

Ummm, sorry to burst your bubble but this COULD happen in Open Source software like Linux. Just because it is open source doesn't mean that something can't be hidden within it.

Now granted, the person who is doing the hiding has to be MUCH trickier about doing it ... but still, how many times have you been looking at someone else's source code and said:

"What the @#$% do those 3 lines of code do? Hrmmm, oh well, doesn't look like the section I was trying to find anyway . . ."

Because they are very obscure lines of code, that don't seem to be what you are looking for, so you don't take the time to 'play computer' and try to figure out what they are ...

Re:Is it possible this is a decoy?

bullshit.. every time there is abscure code we pull it to bits and leave nasty words in the source commentary. Then we post it to bugtrak if it is actually evil and the person who wrote it says "hey, can't blame me for tryin'".

Re:Is it possible this is a decoy?

[PigleT]

Short answer: I've never said that.

Admittedly I don't exactly read all the source that goes on my machine at all, either though :)
~Tim
--

Re:Is it possible this is a decoy?

[settonull]

> Ummm, sorry to burst your bubble but this COULD
> happen in Open Source software like Linux. Just
> because it is open source doesn't mean that
> something can't be hidden within it.

I agree that it could, but I think it is much less likely. While everyone might not take the time to look at those three lines of code, we don't need everyone to. All we really need is one person to notice and point it out to people.
(this happened recently if I recall, a popular mirror was cracked and code trojaned, but it only took a short while to get things sorted out)

There is also a difference in trust that exists today, though it might not be that way forever. Because of the nature of the people doing the open source work, I have much greater trust in say linus, alan, etc doing what's best for me, than I do in MS or the US gov.

Re:Is it possible this is a decoy?

[dattaway]

Yes, this is true. *Always* check the md5sum of those popular packages against multiple mirrors. That would not protect you if the source was intercepted before it was mirrored, but that's what we get when our pants get caught down without widespread authenticication and encryption. Its a war. Corrupt organizations (I won't mention the NSA) might win and sooner than you think.

NSA Security

why would the NSA add a back door to windows security? (windows security,,, he he) isn't creating vunerable operating systems the job of microsoft? or maybe the NSA backdoor was an improvement over microsoft's own security bugs.

didn't the NSA give NT only a minimal security rating? ...like only on certain hardware, while not connected to a network?

Re:NSA Security

Note that Linux doesn't have ANY comprable security rating.

Is anybody working on it? It will involve a code freeze, by the way.

Re:NSA Security

[dirty]

It wasn't the NSA, the rating was the "equivalent of a C2 rating" which means absolutely bunk. If it were really C2 Microsoft would have gotten a real C2 rating. And I think all NSA ratings, except D1 which offers no protection require that the machine not be connected to a network and not have a floppy drive. Nothing connected to any network is every 100% secure.

Re:NSA Security

[Mr.+Slippery]

And I think all NSA ratings, except D1 which offers no protection require that the machine not be connected to a network and not have a floppy drive.

There is a network interpretation of the TCSEC; it's the Red Book in the rainbow series. However, it does make all sorts of assumtions about the physical security of the network that are unrealistic for most of us.

I worked on a firewall based on HP's trusted (B1/CWM) version of HP-UX with MaxSix trusted networking. It was a real mindfuck.

And I think it's possible to have a floppy drive or other removable media in a trusted system; you just can't have the possibility of booting from it.

Re:NSA Security

It costs a *LOT* of money to go through the C2 security test suite (Millions if I heard correctly) and MS only does this when a client wants a C2 site. It also takes years for the assessment to complete. It's not something MS is just "going to do". and they're not going to do it for every release and service pack.

Re:NSA Security

There is a thing called standards. IEEE, software engineering and all that. In order to get c2, one imagines they followed and conducted testing in order to get c2. I imagine large slabs of of code were 'ticked off' because someone said high up trust us, we are god. So now MS is guilty of writing SELF MODIFYING CODE, which should mean certification should be removed. Secondly hostile code/antivirus signatures will be in for a rough trot, as checking will have to be suspended for these modules. Lastly the methodology is out. Just how prime are these numbers?

Re:NSA Security

This is an export issue. It is easier to export cryptography if there is a backdoor, a key reveiled, or some other thing that allows the NSA to more easily break the code. Take it from someone whos been arround cryptographers who have to deal with export issues.

Re:NSA Security

It is true that windows NT4 is NOT certified to contain classified material while connected to a network. The only way you can use an NT4 system for classified material is to disconnect it from the network, plug in completely different drives(to store only the classified inf), and watch your back. I believe the navy rated NT3.51 for classified use, but definately not NT4.

Fix it yourself?

[MrPlab]

If you can fix it yourself

Well, that's almost impossible for half of the Windows population.. and hardly possible for people who know what they're doing :)

How come I'm not surprised when I hear about more and more backdoors in Windows?

Matt
_____________________________________

Will hasten retreat from Windows

[Sleepy]

I've answered a lot of questions from coworkers, friends and acquaintences regarding Linux as an OS. While most of them "get it" they've had no REAL* reason to run screaming from Windows to Linux

(* By this I mean some compelling reason for overnight change.)

Previously, what it would have taken to get these people to switch from Windows to Linux was a more refined Gnome/KDE and a more graphical installer (sorry gui RPM, while powerful, is just too different).

Now they're scared..

Scott

We all knew MS was looking in on us...:)

Is this really a shock to anyone?

Re:We all knew MS was looking in on us...:)

The entire article is suspect. A "back door into Win95..." since when does Win9x use any security, who needs a backdoor when the front door isn't even closed much less locked. At most this seems to effect https transactions (correct if I'm mistaken). Does the NSA really need to know your credit card number or bank info? Seems they have much more direct ways to get that info than packet sniffing and decryption.

Isn't it possible that in this case NSA doesn't stand for "Nataional Security Agency"? Black helicoptors are not buzzing your house. But don't say your a church or the ATF might have a BBQ at your place.

Re:We all knew MS was looking in on us...:)

[alumshubby]

It's not all that hard to envision somebody from NSA being introduced to somebody from M$, and after a drink or two, discussion rolls around to those twin hobbyhorses, Terrorism and Narcotraffic. "Hey, you could really help your country out here by just putting in this little bitty ol' hack..."

If you really like conspiracy theories, here's the quid pro quo: "We can talk to some people (read: harrass or coerce some people) at DOJ to cut you guys some slack on the antitrust thing -- you know, slap-on-the-wrist, admonish you to play fair, just enough to satisfy the media that Justice Was Served [Commmentor's note: I mistyped "Serviced" at first], and you guys can get back to business as usual."

Re:We all knew MS was looking in on us...:)

Sysadmin- "You see, boss, it's an Open Source operating system, but thousands of people have reviewed the code and we're sure that there are no security holes in the codebase."

Boss- "You're talking about the codebase as it exists as a tarball out on a FTP site on the net somewhere. You're saying you can prove without a doubt that nobody has gained access to the source code installed on THIS machine since you last rebuilt the kernel? I don't care at all about wether your friends on the net have secure systems. I am asking you about THIS machine. Why do we need to keep the source on this machine anyway? Can't anybody who gets access do a lot more tricks than if the source was locked in a vault somewhere?"

Re:We all knew MS was looking in on us...:)

MS? I thought it was the NSA...
Maybe this is just a big conspiracy theory, but it seems like the NSA probably forced MS to put that particular hole in Windows. I find it hard to believe that even MS would OFFER to do this (unless, of course, they had their own nefarious reasons).

OTOH, MS might have made the symbol _NSAKEY just to throw everyone off. Either way, it's bad.


(I wouldn't be anonymous if I could remember my password or if my DNS was updated and I didn't have to use the base IP)

Re:We all knew MS was looking in on us...:)

It is for the PHBs First, the Hotmail fiasco, and now this.

-"You see, boss, those closed products are more open to surprises"
-"Yeah, you were right all this time. Let's deploy linux then."

Yes, i'm dreaming, but why not? :)

This could be very good for all open OS's.

[Dast]

The fact that some American agency can spy on supposedly "secure" systems in other contries may make their admins think twice about using Windows (or any other closed OS). This is something even the PHB's can't ignore.

I know if I owned a company, I sure wouldn't want NSA taking my company data to help out some American company. Yeah, sure, they are not supposed to, but what is to stop them.

So admins in countries other than US: start looking at open *nix systems. You can actually have some security with *BSD and Linux.

(Heh. Just like America seems to be the last country still holding off on the metric system, it will be the last country still using Windows.)

Re:This could be very good for all open OS's.

[dwmw2]

(Heh. Just like America seems to be the last country still holding off on the metric system, it will be the last country still using Windows.)

Hey - we're doing a fair job of holding off on the metric system here in the UK.

Re:This could be very good for all open OS's.

[Adam+Knapp]

Well it is called the English system.

Re:This could be very good for all open OS's.

(Heh. Just like America seems to be the last country still holding off on the metric system, it will be the last country still using Windows.)

Hey - we're doing a fair job of holding off on the metric system here in the UK.

Well in that case, you can keep your Windows too :)

Re:This could be very good for all open OS's.

and holding off genetically-modified food. with any luck Amerika will be the last country still eating THAT, too... __ .nosig

My 2 bits

[tweek]

It's really kind of sad. I read the article straight from slashdot and not even *I* got the feeling that the NSA had anything to do with this, and I'm one of the biggest anti-ms/government types here at the office. Is this company reputable? Aren't they being stepping rather lightly on the side of slander/libel ( i forget which one applies) on Microsoft? It seems rather irresponsible on thier part. Maybe I'm just feeling semi-pro MS today after reading the Newsweek interview with Bill Gates. At least he's putting his money to good use.

Re:My 2 bits

Don't go spoiling our fun, you jerk.

Re:My 2 bits

Best case, they found 1 or 2 unknown, unreviewed, entities that can open the backdoor other than Microsoft. NSA, or not, this is a problem.

Re:Isn't this illegal?

[Borealis]

If they actually used it to actively spy on people without a warrant then a qualified "yes". Basically it's the same deal as with key escrow, just because they *can* use it to spy does not necessarily mean that they will use it. They are supposed to obtain a warrant before doing that sort of thing.

The problem that most people have is that some government agencies are a little loose about obtaining warrants, or alternatively the judges may be a little too loose about granting them. The very fact that they could be able to access all your data without your knowledge is what riles most folks.

errors

[MacJedi]

No one figured out that backdoor until Microsoft forgot to remove the explicit name NSA_Key in NT SP 5? What kind of joke is this? Or is it a programmer at Microsoft that's covertly working for the Open Source movement? :)

It could be a joke. It could be nothing at all. But why are there two keys- and why was this kept hidden? Sure, if it is the NSA that has backdoored Windows- that is a Bad Thing(tm). But I don't care if a janitor that put it in there- a backdoor is a backdoor is a backdoor.

Also, I think that this would be exactly the way that the NSA would invade our privacy- through collusion. Why spend the time cracking an OS when you can have Bill and his boys save you the trouble? If you need another example, look at Echelon. Don't spy on your own people, spy on the others and trade the information. Same idea.

It's a decoy. The NSA has a backdoor somewhere else, much less obvious, and this is meant to make us believe the NSA backdoor has been found.

This is a real possibility, but I don't think so. Why bother making a decoy if the source is closed? We may have never found it had not someone droped the ball with SP5. I'm not saying there aren't other backdoors elsewhere, for all I know the entire TCP/IP stack is rigged, but thanks to closed source and unethical collusion it's likely no one will ever know.

You know, many of us like to bash M$

[EXpunk]

And not without reason, certainly. OK, here is another problem with a Microsoft product, big shock. Hotmail had a "back door", no kidding.

BUT, that does not give anyone the right to be pricks.

Someone I work with was just flamed by another person to whom my co worker had sent a document in an M$ format. The recipient was a Linux user, and the only geeks my co worker has encountered were me and the geeks here (i.e. some laid back MFs)

For many of us there is no alternative, we have to be compatible with other businesses. Yes, there are products that will open Word/Excel documents, but going back again is not always easy. Any of you ever try to open a Claris document in Word 98 on a Mac? It gets all buggered up.

Spreading the Linux/Unix gospel would be _much_ easier without people being smeg heads about it when someone uses a different platform. You want a Mac? Be my guest. You think Win98/NT is the bees knees? Knock yourself out. You want a powerful, stable

All we do when we flame people for standing up for M$ or using their products is make the Linux/Unix community look bad, like childish, bad tempered simpletons. It is counter productive to flame, mail bomb, or crack someone for using or liking another product.

Here is a neat idea. Before you write that flame, pretend that person is right in front of you. Or better yet, remember that it makes YOU look bad.

*rant mode cancel*

Sorry, I just don't understand why people who would otherwise be perfectly polite and cool suddenly become total a**holes over really stupid smeg.

blah blah blah, I'll shut up and drink my beer :)

Re:You know, many of us like to bash M$

[Greeno]

Sit back and let me buy you a cold frosty one.... Nice to see some sense in the advocacy of Linux. I have to use MS at work - and for the most part it does what it's supposed to do (when its up). Whenever people flame MS worshipers it just makes them put up the barriers and retaliate in kind..... Still, its Friday and it's hometime. TTFN Guys&Gals Have a good weekend.

Re:You know, many of us like to bash M$

I'm a WinNT user by trade, but prefer Linux as a server OS. But NT is what I'm required to support at work. I'm a software developer of 18 years, and just to give some of you Linux flamers an idea how utterly stupid you all come off sounding (And I'm sorry Mac users, this was from one of your flamers) A PC-MAC flame contained a response from the MAC side stating the two and three button mouse is just TOO dangerous for a user. What would happen if your pressed the wrong button?!? You might wipe your hard drive or something! The response (as could be expected) was along the lines of: You'll bring up a context menu to help you select what you want to do. As for two buttons being WAY to complicated, how do you managed to use the keyboard? I think this demonstrates how lame the argument can sound quite clearly. Agrabren (I'm still waiting for my passwd to my email server, this is my first post)

Re:You know, many of us like to bash M$

[despair]

Amen to that. I'll advocate Linux to Windows users because I think it is a better alternative in most cases (but not all!), but I'm no zealot. At a guess, I'd say that most of the "Linux/BSD is the best. Everything else sucks!" people are all fairly new to (less than 5 years of experience with) their oh-so-holy OS. How often do you see old-school BSD or Linux hackers flaming the shirt off of a Windows user? Never? How often do you see them flame other unix-like OS users based on which OS they have chosen to use? Never? Like I mentioned before, I like Linux (haven't tried a BSD though). It is unfortunate that the majority of the vocal Linux community has the attitude that 'Linux is better than Windows, so it must be better than everything else,' along with 'Windows users are stupid.' Like people have mentioned before, they may only have Windows boxen at work, so to send something as an MS Word document may be the only option for them. Before you blast the next person who sends you a Word document, remember that while they may be limited to specific OSs at work, at home (and in their hearts) they may be a Linux bigot just like you.

Re:You know, many of us like to bash M$

[Masem]

Amen. I don't care for Win9x (and if you read the article, the 'backdoor' is in there as well), but I have to use it because of my chosen profession. Plus, I like to play games. Sure, Linux is great for everything else, but until it gets a *FULLY* compatible Office app, and a tons more in terms of recent or coreleased commercial games, I cannot get rid of Microsoft products.

Re:You know, many of us like to bash M$

[H0ek]

I agree. Most long-term users of Linux that I know are confident in their "Linux"-hood ;-) I guess you would be too if you had to install an entire operating system from a two-foot stack of floppies. But I digress. What am I worried about with Micro$oft security problems? I have no secrets. My life is Open-Source ;-)

Re:You know, many of us like to bash M$

I know that when I receive an email with an msword document I send a polite reply along the lines of 'please resend in a standard format.' It really pisses me off, actually, it's even worse than sending HTML, but I am careful not to send what I would consider a flame. Would you consider that a flame?

There are plenty of alternatives available, (I prefer flat text and honestly have seen very few documents that need anything more, which is saying a bit since I am a professional writer by trade and thus see a *lot* of documents, but I also accept text enriched or even rtf if formatting is truly necessary.)

And btw, I'm not even on a linux box (got that on another partition and slowly trying to migrate to it, if I don't switch to freeBSD instead, recent articles and especially flames posted to them from linux zealots have encouraged me to look into it) just win95. Yes, it is possible to run win95 after deleting Word. I hate that godawful excuse for a wordprocessor with a passion, I finally quit the job that required me to use it and will never use it again. But EVEN WORD has an option to save as text.

Freedom of information act?

Couldn't we use the freedom of information act to request document related to their dealing with Microsoft. I seriously doubt they could claim "It's a matter of national security that we not release these documents". Just a thought.

Re:Computer "BUG" (NSA listens in)

[Jimhotep]

I've read that phones can be listened to
even when on the hook

but I'm just crazy

NSA key to read Windows?

[malkavian]

We have here a widely known security agency, which, I get the strong impression, could pull on the skills of some very competent crackers should it be required to... And a notoriously insecure OS. Why on earth would they need a back door?? If these guys want in, they'll get in, and work out a tool to do it to any machine they care to name... Just doesn't make sense.. I'd assume the key refers to something else with the same acronym. Malk

CryptoAPI pretty pervasive

[MenTaLguY]

How many people actually USE the cryptoAPI? It seems to me that unless you're using this stuff, all of this has no effect.

Pretty much everyone and everything under Windows, directly or indirectly ... ActiveX code signing, Outlook, Internet Explorer ... authentication, I think ... you name it.

Berlin-- http://www.berlin-consortium.org

Re:We let the government decay to a dangerous poin

Good you mentioned the FBI. I have a lot of respect for and know a lot of old FBI agents by virtue of my father, who was one himself. The difference between the old guys and the new guys is night and day. Waco would never have happened when the people that Hoover had in were running the place -- they would have grabbed him jogging, and gotten a warrant and served it politely and firmly. Torching women and children was inconceivable. I remember my father's reaction -- he didn't say a word for almost a week.

I don't care if Hoover did spend his leisure time in a nice Chanel day-to-evening and tasteful-yet-daring Ferragamo pumps -- he got in and kept good people who did real detective work. They went out and they detected. And having known quite a few of them, I have to say that they were remarkably good people, in an absolute sense of good. The didn't lie, cheat, or steal. They were good to dogs and children. They were morally inflexible, but that was understandable. I don't know what happened to those people and people like them.

Lately, with the lastest unpleasant revelations about what ever the Hell happened in Waco, there has been a lot of footage of the Texas Rangers testifying before Congress. They are big, fat, sneaky-looking rednecks. They are probably vicious and quick on the trigger. And damn but they do look like good detectives. Where the attorneys for the FBI keep saying things that don't make sense, the Texas Rangers are direct and clear and so obviously in contempt of the FBI that it is hard for me to watch it.

My father is not around to see this (pancreatic cancer), but I remember him saying before Waco that the four best police agencies in the world were (in order) the FBI, the Texas Rangers, the Texas Department of Public Safety, and the Mexican Federal Judicial Police. After Waco, he never brought it up again.

The iron law of beaurocracy is that only first rate people promote first rate people. Second rate people promote third rate people, third rate people promote fourth rate people, and so on. I think that it is time for housecleaning in at least one are (the FBI). Clearly, this can be extended to other places.

Re:Stealth Operation?

[Ivo]

It's in SP4 too. But in SP4 they removed the debug symbols correctly so that you can't *SEE* it.

In SP5 they made some mistake, due to which the alleged backdoor can be seen.

I still don't believe it's really a backdoor though until I see some proof of that, but hey, it's nice pro-Linux press. :-)

Greetings,
Ivo

Re:This is nutz!

The government DOES have the ability to listen to any home in america! Haven't you heard of an infinity transmitter? this is a device to cause a phone , on the hook, to go active, and transmit just like an open mike! these have existed for at least 50 years, and no one seems to have cared, even though you see them in books and movies all the time. (At least on my reading list.)

Some NSA backdoors are explicit

[Paul+Crowley]

First, this is being presented at Crypto '99, not Def Con Two. It's peer reveiewed, guys, it's pretty much bound to be legit.

Second, every copy of Lotus Notes carries an explicit NSA backdoor, called the "Cryptographic Differential Work Factor". Essentially the point is that part of every secret key is encrypted with the NSA's public key, so where we would have to brute-force 128 bits to get in, they have to brute force only 40. So there's precedent; it's not as implausible as some people here seem to think. It may not be a back door in the simplistic way some people are thinking of, though.

The algorithm the guy used to find the key is documented in Adi Shamir and Nicko van Somoeren's paper "Playing Hide and Seek with Stored Keys" - you can find a link to the paper here alongside my implementation of the technique described.
--

Re:Encryption is needed now!

We need strong encryption, based on standards that we can all meet. Then we need to do away entirely with anonymnity on the 'net. Digital signatures can and will make that possible.

So cryptography is important, and it will help people shut out spam and get rid of the creepy nature of the 'net as it now stands. It will also make people accountable for what they say in public online, just as we're accountable for what we say in public in the real world.

These are good things.

Re:Comedy of errors

[Shafik]

Good points but:

4) The NSA just wants to make it easy for them and
if MS didn't screw up probably no one would know. Who the hell wants to hack into a box
when you can have a backdoor. Also there is
nothing saying a foriegn agency of some sort
couldn't make NT less hackable, although
IMHO they would be using Unix in first place
but you never know.

Of course this assumes the who thing is really what it looks like.

who knows these days, eh?

vmware

[shaldannon]

if you're trying to avoid windows, don't run vmware...all vmware does is act as a virtual machine...you still have to run 'doze on top of it...


Who am I?
Why am here?
Where is the chocolate?

Re:vmware

[slackergod]

yeah, but with vmware you can slap windows into a virtual network, behind a linux firewall, which you can control absolutely with ipchains, etc.

Re:Encryption is needed now!

[wings]

Let's see...

First Microsoft uses questionable business practices to monopolize the market, and the government is a little slow in acting upon that, ensuring Microsoft products like Windows and Office are installed on most of the world's PCs.

Then we see articles like this: Feds Want Access to Your Machine where the Government wants to make it easer to search for passwords and override encryption using 'devices, if necessary'.

And third, we find that (if this is true) function calls to make access easier may already be installed on Windows computers.
wings

Re:Encryption is needed now!

[bnenning]

It always amuses me when anti-anonymity posts come from ACs...

Re:Isn't this illegal?

[Jimhotep]

Any part of the government can do
anything it wants to.

It's a free country.

mama if that's moving up then I'm moving out

[G27+Radio]

I hate my apartment. Yeah, it's in a nice neighborhood and all, but it sucks that:

a) The leasing company owns it, I just pay to use it.

b) The leasing company has a key which they use to enter my apartment with or without my consent.

c) They take their sweet time about fixing stuff.

If someone were giving away free land with housing on it I'd move in a nanosecond because:

a) I would not have to continually pay the leasing company rent despite shoddy maintenance.

b) No one else gets a key unless I give it to them. I still can't stop a determined government agency from barging in, but at least they can't just waltz in because the leasing agency doesn't mind handing over my key.

c) I'll deal with mowing the lawn myself especially if the house is well built and helpful neighbors take care of fixes/improvements in a timely manner--free of charge no less!

I'm not exactly hopeful that I'll find such a situation, at least not in RL.

numb

Re:mama if that's moving up then I'm moving out

[nstrug]

Umm, I don't know where you live, but generally a landlord cannot enter your apartment without your explicit consent unless in an emergency (fire, leaking pipes etc.) If they do, change the locks and charge it to them. Go to your city hall - they usually have a leaflet called 'Tenants' Rights'.

Nick

Re:mama if that's moving up then I'm moving out

[Slur]

The post was an analogy about Windows NT.
An analogy compares one thing to another.

Yeah, I'm a Mac programmer. You got a problem with that?

Re:Come on kiddies....the NSA is MUCH smarter than

Not necessarily. They tell MS to put in some code and MS does. NSA probably didn't do any of the coding themselves, just gave them a set of keys and an algoritm or something. Prior to SP5, the debugging info was stripped out, so it didn't matter what the function was named since it would be removed upon compilation. Someone made a mistake in SP5 and it got left in.

But who knows, maybe the NSA acronym used here has nothing to do with the national security association. Maybe it's an MS parody on RSA..

We need verification!

[DerMarlboro]

I agree with the folks who are saying that the link to the National Security Administration is a weak one. NSA could stand for anything. But it is definitely a serious enough matter to warrant further investigation. How can we verify the nature of this key? Are there any MS or NSA contacts out there that know anything? Can we find any case of the NSA key having been used to compromise security? Can we find use of the NSA key anywhere in Windows code? Anyone thought of asking the big-wigs at MS to explain the meaning of the NSA key? Can we get this into the mainstream press, and force a statement from Microsoft?

Re:We need verification!

[Ender+Ryan]

As if that would do any good! Microsoft would just make up some story, or say it was one of their programmers (who they just fired for it) playing a joke.

Gimme a break, we will most likely NEVER get a decent answer for this.

We are left with only one choice these days if we value our privacy, use an Open Source OS, like Linux or *BSD.

I'm not even a Linux advocate, or an OSS advocate, I just use whatever works for a given job. Interestingly enough, Linux works for almost everything I do(except games dammit!).

Re:Isn't this illegal?

I believe it is. However, the UK and USA have an agreement such that the UK spies on the US, and tells the USA and vice verse, thus nicely circumventing any 'you may not perform SIGINT in your own country' type rules.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[ejay]

The phrase "If you ain't breakin' the law you ain't got nothin' to worry about" was one used frequently by government snoops during the McCarthy era witch hunts.

And you will hear Nazis uttering similar phrase too in old grade B black and white melodramas.

If you are not doing anything illegal then the government does not even have the right to inquire and we need to make sure it stays that way.

Yet another reason to abandon Micro$oft. Real operating systems don't need mice.

Re:Larry Ellison said it best when he said:

Bouncing a laser off of a window, and measuring the reflection allows very impressive eavesdropping.

Doesn't work so good if the building is tall (sway) or if it is a windy day.

I've never seen it done, but I'm quite convinced that the patternt on your screen and the state of your CPU can be monitored in real time, from a quarter mile away

The exploit is called TEMPEST.

Re:Open source

Armed with a debugger and a good knowledge of assembly, everything is open source!

FAKE?

Is this a fake? Becaus I do not have ANY o the reg keys they mention in this article. not a single one, and my windows runs fine err well as well as windows can run rather. unfortunatly since I do tech support I am forced to use a windows machine (no I dont know why either it's just tech support). Anyway I cant find the keys, so am I safe? whats the deal?

Re:FAKE?

[Jonny+Royale]

I downloaded the file offered to replace the original Key Provider...get it, and look in the TestReplacement.cpp file for the registry key they're hitting.
While I'm at it, why isn't the source for this patch provided? They only provide the source for testing the patch...hmmmm...

Menwith Hill

[acb]

Distance has little to do with it... all your traffic would go through Menwith Hill if you lived in Istanbul, Helsinki or Cairo. They watch all of Europe, North Africa and the Middle East from there.

Re:Shocking

[Enoch+Root]

Why don't we stick to Microsoft bashing?

Oh, and miss the golden opportunity of a story to put X-Files to shame? It's all really obvious to me.

JFK Jr. knew about it, and tried to counteract the NSA by flying away to Mexico in a plane. Now, the NSA were afraid, so they contacted Naval Intelligence, who downed JFK Jr.'s plane by using the HAARP project and a bit of plutonium from Cassini.

But fortunately, the aliens infiltrated Microsoft (not that it's hard) and they mind-controlled the programmer to put the REAL key value of NSA_KEY in place! And it's up to the Linux community to save the world and provide strong crypto to dolphins to they don't end up in the FBI's tuna salads.

It's not because it's false that it ain't fun. :)

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

Off-Topic, but really funny...

[Morendil]

The German Webpage has the following phrase :

Die von Microsoft für Programmierer zur Verfügung gestellte Anwendungsschnittstelle für Verschlüsselungsfunktionen, die sog. "Crypto API"

where the last few words actually mean "the so-called Crypto API" (and are short for "die sogenannter Crypto API"). This is translated by BabelFish as

The application interface for encoding functions, provided by Microsoft for programmers, which sucked. "Crypto API"

which is in fact a very quite appropriate translation, even if it is right for the wrong reason... ;)

One assumes "sog" is the past perfect conjugation (sp?) of a verb that actually means "to suck" in a more or less literal sense.

Re:The Microsoft Reaction

Do you really think Microsoft cares about what the dinks on Slashdot think?

Re:Computer "BUG" (NSA listens in)

[sanderb]

I've read that phones can be listened to even when on the hook
but I'm just crazy

No, you're not necessarily crazy.
The way I remember it here in the Netherlands a group of criminal defense lawyers complained about a year ago. In a lot of their cases a phone tap was authorized against (suspected) criminals, after which the police reports mentioned that the phone was accidentally off the hook while criminals were chatting (not on the phone mind you, just in the room) about their endeavours.

The lawyers thought, 'hey our phones are never off the hook, why are our clients so clumsy!'.

So some independent institute (not Mindcraft) did some tests and as it turns out for a lot of phonenetworks in the Netherlands, when you put a high frequency directly on the twisted pair line, you can listen in even when the phone is on the hook....

Crack that bitch..

Thet's crack those keys and publish the coresponding private keys, then anyone can sell a security upgrade for winblows.. and it may open up new wway to hack windows.

Re:My God, It's a global conspiracy!

[Jburkholder]

You might wanna go back and try that with NSA, CIA FBI and AT&T also! ;-)

PGP

[Hellsson]

Does this NSAKEY thing apply, in any way, to use of PGP from Network Associates?

NSA isn't the bad part

[Bookem+Danno]

yeah it's possible that MAYBE the NSA has this key and blah blah blah.
but think about this - you can remove it.
so basically a new key can be loaded into your computer to allow non-authorized CryptAPI calls to be made.
Does anyone else find this very disturbing?
I don't know if i'm catching the doc right or not, but couldn't a trojan progam be loaded overwriting the NSAKAY variable to a new key, which could then authenticate a certificate for some no-name site that could then, when you visit it, install apps on your computer at it's choosing?
again - to busy to go into the details of the doc - so i appologize if i'm completely mistaken.
well back to work now

Re:NSA isn't the bad part

[bookemdano]

Whoops. Sorry, man.

Didn't see that there was another Bookemdano (more
or less here). You got dibs, I'll change to another alias.

Re:NSA isn't the bad part

[Jack_Lord]

He back, 'bra.

Why the NSA would do such a thing?

[SyscoKid]

Becuase of all the lil' script kiddies cracking abunch of sites... And the fact that alot of classified information has been obtain through a windows operating system..

Re:Running screaming to Linux?

[Phrogman]

What I plan on doing is redesigning my system layout so that it is a dual-boot Linux/Win98 system, with nothing important under Win98 because it will be there solely for the purpose of playing games (which is about all its good for it seems), and all of my personal information, and written materials safely over on the linux side (and now it seems, probably encrypted as well). I don't have anything to hide from anyone in particular, but I sure dislike the idea of a foreign government agency (I am Canadian) being able to pry through my information, without my permission and in complete violation of the law.

Mind you the US is heading towards becoming a World Empire anyways - First Echelon, now this bs.

Linux Here I come, full steam!

The downloadable "fix"

The organization that found this has provided a fix available for download that removes the NSA key. My question is, whose key did they replace it with, if any? Their own perhaps.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

The problem with allowing the random hard drive scan is the same as police check points. Pull everyone over, and arrest those are breaking the law. Problem is, there is this thing called the bill of rights...something about unreasonable search and seizure...due process. Besides, it would have been nice if you had written a remotely coherent post.

No.

[kuro5hin]

I thought it was illegal for the NSA to spy domestically? Or is that just the CIA.

No laws apply to the NSA. Seriously, I'm not making this up. They cannot even be compelled by Congress to officially admit they exist. They are simply, by charter, not under the authority of anyone (as far as we know, of course. And "Charter" is kind of a vague word here too-- no one outside the agency is really sure what their charter is, as the only document that could be called their "charter" has never been released to anyone, either). And SIGINT is their business, wherever the SIG's may come from, or go to. For the most part, they've tended to view their mission as foreign intelligence, but they've certainly not been above domestic snooping when they feel it's in their interests. Not to mention their collection of domestic data for foreign countries and turning it over unexaminied (UK/USA). Big Brother is most definitely watching.

Re:No.

The ability to have privacy is an abstraction.

It's fun to think that there is a spy beneath your bed at night listening to you. It gives you the illusion that something you are doing is worth them spying on.

That helps give people with rather empty lives something to feel important about. Keeping that spy down there from learning too much.

Carry on. Enjoy your games.

Re:No.

Are you signing your post 'psychologic madness'?

Because I think you're again eggagerating.

You're not psychotic or mad. You're just having a little fun.

Re:No.

I know this is flamebait and I just have to say that this is quite a hopeless attitude and I'm glad I'm not that pathetic

Get the word out NOW!

[mcdett]

Don't let this slip by. Tell everyone you know and help them to understand the implications of this. We already have several smaller news organizations trying to get a comment from M$. IF the word gets out and the bigger news organizations start to care we will all benefit.

Re:Isn't this illegal?

I'm not much of a fan of terrorists, but if some descided to blow up the NSA I'll be cheering.

Re:That's just being lazy

[HyPeR_aCtIvE]

If you don't know and don't care to find out what the three lines mean then why the hell are you even worring about how secureyour os is?? What are you going to do trust someone??? Yeah, and like 1000's of other people you get burnt just like them. If I can't see the code, I won't use it on my servers.


Ok, so you personally have looked at every line of code that Linux runs, and have personally verified every single bit of it? If so, I congratulate you ... However I personally don't know anyone who does this.


In fact, the particular case that I was mentioning was if I had a piece of code (Lets say majordomo), and I just wanted to add one neat bit of functionality into it. I'm going to search through the code skimming it to find what looks like the area my code should fall, and insert it there. I'm not going to take the time to fully figure out what all of the program does, just to follow the flow enough to get where I am wanting to be, and I think that most other programmers I know work the same . . .

Re:Remember Backorifice?

They could install a variation of it in the computer, or their own homemade app, and they're set.

This hole is so big we can navigate the Enterprise (which is a really huge ship) through it

This is horrible!

[X-Usagi]

You people are talking about how this is good for the Open Source community, and aren't even really expressing the extreme sense of betrayal you should be feeling.

This a horribly wicked infringement on our Privacy and on the Privacy of others.. this had better reach the ears of the populace. For once a wide-spread scare such as as the one that this might incur could actually produce "helpful" legislation, instead of the backwards kind that always seems to arrise from terrible events but actually ends up doing no good... from this we may actually be able to get some good done.

Sure, I am now secure in my Privacy, I am behind a firewall, I'm starting to use SSH, I really only use Linux as my main OS (though I do use Solaris and plan on trying out FreeBSD). However, we mustn't forget our "friends" that use WinX or those we work with.

Monitoring the monitor

[phil+reed]

The exploit is referred to as 'Van Eck' monitoring. 'Tempest' refers to the technology to block this kind of monitoring.


...phil

Re:Monitoring the monitor

[prijks]

shredding the instructions to the shredder...

Re:Come on kiddies....the NSA is MUCH smarter than

[mikej]

It may be a "cute joke", but it appears to be a "cute joke" that radically compromises the security of _any_ WindowsNT system that uses crypto (VPN servers, for example). They've got a demonstration whereby any local user can replace the _NSAKEY value, possibly with one of their own. It looks like a *huge* backdoor. I'd like to see more proof, but I don't have an NT system handy :(

Re:Come on kiddies....the NSA is MUCH smarter than

(XenonOfArcticus -- can't login because of DNS probs) Question: Product Liability? If it can be shown that this is a demonstrable and possibly exploitable security flaw, and that Microsoft knew of it and failed to take action, I smell large-dollar liability lawsuits from major IT corporations. How big is the NSAKEY? If it's the public half, could Distributed crack the other half?

Re:Duh!

[acb]

Face it. If you want to keep a secret, its better not ever go across a wire, airwave or hit magnetic medium.

That won't help; they can just use a SQUID to read it out of your brain.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Jimhotep]

Love them Nazi films.

like the line
"your papers"
love that one

say, how many documents are you required to
carry to travel legally in the state I live in?

lets see
drivers license
liability insurance form
car registration sticker
car inspection sticker
license plates

"your papers"

just have to get this in
the Nazi party was "National Socialist"
how could they be "right wingers"?

Re:Computer "BUG" (NSA listens in)

Oh why didn't I think about that? According to your theory, we don't even need computers, just stick a calculator into the microwave, heat five minutes, and voila! you surf the net.

Spying on American Citizens?

[kevlar]

If we had a truely just system of government, then this would constitute evidence that the NSA was breaking the law and spying on American Citizens. Its one thing if they implement this type of thing in all software leaving the country, its completely different however when 256M people are going to be potentially using the software at one point. As soon as I have some evidence that this is in fact happenning, I'm going to make a couple phonecalls to my congresswoman and senators.

Re:Spying on American Citizens?

[delmoi]

I'm going to make a couple phonecalls to my congresswoman and senators.

then you are very stupid
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

Re:Spying on American Citizens?

[kevlar]

Stupid? First of all, I'm not the one with the hotmail account. Secondly, I'm sure they'd _LOVE_ to know that the OS used by probably 75% of the governments computer systems has information on it which is readable by the NSA, and due to espionage that everyone knows is occurring, readable by the Chinese, Koreans, Russians, etc. Hell, I'm sure the Chinese could brute force the private key, in which case they'd have the same level of access as the NSA.

Heard About This Two Years Ago

From someone who did consulting work for the NSA and the NRO (National Reconnaissance Organization), saying that the Clinton Administration has insisted they put in a backdoor (starting, I think, with Windows 95) in exchanging for killing the FIRST set of anti-trust investigations at Microsoft. My source said he had heard the same rumor from two people "in the profession" who didn't know each other, but I hadn't seen any confirmation of it until now.

Re:Well, this is another argument for getting sour

[fReNeTiK]

This post just scared the hell out of me...
--

That's what they want you to think...

[Fict]

I see a lot of people saying "If the NSA put a backdoor in windows, would they really call it NSAKEY?" Well.. Maybe they would, after all no one would expect them to. It would be stupid. Perhaps that's what they want you to think.

------------------

Re:Encryption is needed now!

[dattaway]

I remember a great anonymous remailer in Finland that we used in our college days when engaging in email from from the social newsgroups and getting a penpal. Sometimes being anonymous helps when finding relationships.

I remember that anonymous site getting raided because Scientologists were unhappy about a very vocal critic used that site to post very unflattering things about them. It was an army of lawyers from hell that ended what many thought was a great service. The computer was taken and the logs were no longer secret...

Re:This is nutz!

[um...+Lucas]

This is probably due to laziness on Microsofts part, or due to their marketing drones... I seem to recall the same thing occuring a few years back with Lotus Notes... The domestic version used 64-bit keys, while the "for export" version used 40-bit keys plus a 24-bit NSA key... The end result being that anyone interested in the data would face a 64-bit key (probably considered unbreakable a few years ago) while the NSA would only need to crack a 40 bit key (been breakable for quite a while)... This only applied to the exported versions, though.

Microsoft, in their marketing wisdom, probably chose not to have a domestic version and an exportable version, so as not to taint buyers of the exportable version with notion that it had easily defeated security. Therefore, they kept quiet about it, and did what Lotus did, but for their entire product line rather than just the part that was destined for sale outside the US...

I'd be much more angry with MSFT than the NSA... It's their (NSA's) job to collect information and spy, it's up to the people, businesses, and our gov't reps to try to keep them in check.

The Solution

[AftanGustur]

The "solution" for MS/NSA/Unknown is to move the NSA/Unknown keys to the part of the code that is verified by the MS key.

That way MS/NSA/Unknown still get to use there keys, is will be impossible to remove or change (It will break the integrity test) and No foreign parties will be able to create and distribute Crypto code.

Expect this to be "fixed" in the Y2000 relese.
--
Why pay for drugs when you can get Linux for free ?

Code freeze? Pshaw!

[acb]

Where's the fun in that?

Besides, if you're really paranoid, you'll go for OpenBSD, not Linux.

*What* DES back door?

[Paul+Crowley]

Years of analysis of DES has shown that the only back door in DES was right out in the open: the 56-bit key. Everything we've learned about cryptanalysis in the mean time has shown that IBM (and possibly the NSA) went to some lengths to strengthen DES against attacks we didn't even know about at the time. What are you taking about?

I don't believe any of your three possibilities. I think it's exactly what it seems, and that the NSA like to have their lives made easier.
--

Re:*What* DES back door?

[Enoch+Root]

I did say "alleged backdoor"... I didn't want to cause a panic. :)

I'm talking of the tampering done on the S-boxes by the NSA when IBM sent them over. Cryptanalysis shows that the NSA strenghtened aspects of it, while other aspects seemed purposefully weakened. I don't have the details... It's mentioned in Bruce Scheier's "Applied Cryptography".

Cryptanalysis has shown DES to be secure, but there remains the lingering doubt that the NSA tampered with it on purpose to facilitate their own brand of secret cryptanalysis algorithms. Hey, I'm sure DES has been cracked by the NSA a long time ago. It ain't for nothing that the AES is being selected.

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

Re:"Unknown Third Party"??

Have a look at the quantity of gov contracts withoutr security rating. "Smart Ships" and so on. And according to the military regulations these systems were not allowed to be bought. At the same time they were bought by thousands. And this is just in the US. Outside of the US it was even uglier. None could get financing from an american institution unless running NT. Now you know why.

TEMPEST

[acb]

If it radiates a electromagnetic signal, it's not secure.

Unless your Pilot has a solid lead case, I suspect it's vulnerable.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Jimhotep]

Ever do something just to see what happens?

Re:Computer "BUG" (NSA listens in)

[Jburkholder]

Ooooh, and I bet they could grab your web cam and take compromising pictures of you with your girlfriend in bed if the computer is in your room!

And they could remotely install a plug-in to get your keyboard to capture your fingerprints in case you download any kiddie porn, and turn your monitor into an x-ray machine so they can take pictures of your brain while you play quake to tell if you are a potential school-shooter.

Geez, too bad the NSA doesn't have anything better to do than spy on average computer hackers. Guess they got tired of interecpting everyone's email and following foriegn nationals around watching for them to rent u-hauls and buy fertilizer.

Cow Orkers Using Word!

What the hell are you guys doing using Word to exchange email for? Export it into something portable - like text! Serves your cow orker right.

Re:Cow Orkers Using Word!

Hey cool-guy, Before you start flaming and making yourself look foolish, where did it state that he was using Word to exchange mail? It stated he sent a document THRU mail in a M$ format. Not quite the same, as even M$ uses standard encoding methods to allow other mail readers to receive attachments. So, are you now trying to argue that word processors need to be banned all together because Linux doesn't support M$ word format in any word processors? Sounds like Linux needs more powerful word processors. (Sorry for that last little attack, I'm actually quite a fan of Linux, and the Open Source initiatives) Agrabren (Still waiting for my password for a non-Anonymous Coward account)

Is my PDA the only private device I have anymore?

[el+bastardo]

Reading through all this, I have come to the conclusion that the only truly private machines left are those that

1. Are not connected to a network
2. Are under the complete physical control of the user, and no one else
3. (Corrolary to above) Never leave the user's sight

The only device I own that (almost) qualifies is my PDA (a Palm III). It never leaves me, and is completely under my control. However, it does occasionally connect to other machines (modem, hotsync). But realistically, this is the only device on which I can comfortably put private data.

What we need is an open-source crypto program for PDA's that can be used to

1. Protect private data even better
2. Be used to beam messages via IR to other users (it's kinda hard to eavesdrop when you're Can you imagine [insert favorite evil entity here] trying to eavesdrop on IR connections? OK, so it's a bit impractical, but it's still a cool idea. Now, if I just had the Palm SDK......

Re:Well, this is another argument for getting sour

[ywwg]

Yay capitalism!

This will be fixed in the next version/SP !

[AftanGustur]

Don't worry, this bug/mistake will be fixed in the next release or servicepack.

All that MS has to do is to include the NSA and the "Unknown" key in the code that is verified by the Microsoft key.

Don't worry, Big brother knows what's good for you.
--
Why pay for drugs when you can get Linux for free ?

Revenge of the Sysadmin

Actually I've got this linux CD right here...

Re:Computer "BUG" (NSA listens in)

[FreeUser]

Theoretically they could even do this on systems that don't have microphones attached -- by using the system's speakers. A speaker can easilly be used as a microphone (ambient sound in the room can move the speaker's magnet(s), which in turn produce small signals going up the speaker cable and into the sound card. A little clever programming, loaded into the MS "security" module ... well, you get the idea). Do a little signal cleanup on the raw data and wala -- it may not be 32-bit stereo, but it is understandable.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[kevlar]

If you aint' breakin' the law
you ain't got nuthin' to worry about.


A Man smarter than you once said that, except he used proper grammer. His name was Adolf Hitler and this was one of his techniques at removing privacy and civil rights from the people of his country. Go figure.

Re:Isn't this illegal?

it's the purpose of the NSA to spy domesticly

Re:Comedy of errors

[Enoch+Root]

Regarding the NSA taking the "easy way in" as an explanation of why they need a backdoor to crack NT:

I think if I were both lazy and resourceful (I know, same thing) like the NSA is, I wouldn't put in a silly backdoor. Even if it's closed-source, it doesn't mean that you won't have tons of security consultants poking around the OS, and let's face it, Win98 source code was available in parts even before it came out. (Or so I remember from warez sites... Feel free to contradict me on this.)

What I'd do is, sit down with Microsoft security experts (tee hee... sorry, couldn't help it) and map out how their own security works. Then, instead of requiring a backdoor in the OS itself, make a small, portable tool that exploits a security hole so obscure that only by being NSA dudes and working with Microsoft can you find it.

And if at some point along the line your security hole is made public, then it's just a silly security hole, not a NSA mole. So you sit down again with MS security (hah hah hah! oops) and find another one.

Am I missing something here? A direct backdoor still sounds like a silly idea to me.

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

Re:Computer "BUG" (NSA listens in)

[Jburkholder]

no argument. see my reply to the previous post

NEWS.COM - Mainstream coverage

[Gryphon]

... is here.

Nothing more than a gloss-over news alert at this point, but at least another source is looking at this.

Maybe we can determine whether this is for real or not with a 3rd party verification.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[pal]

he could have, except that historians say germany didn't have nukes while hitler was alive.

Re:Well, this is another argument for getting sour

Heh. I went to Georgetown. Georgetown is sort of a staging area for people that want to do stuff for the Federal Government. I went to work for the EPA (all the UNIX I could stand, until recently, when NT really started being pushed). I kept in touch. I have heard the same, exact story from people who went FBI after law school, from people who did the same with DoJ, and from people who started out in State and are now at think tanks. It isn't just part of the Federal Government that is broken, it is most of it. As much as I like to believe that I was on the side of the angels at the EPA, I kept seeing stuff that I couldn't believe. Everyone knew that MBTE would get into the water. EPA pushed it through anyway. Now every body of water in California and most of them in New York have noticeable levels of a known carcinogen, courtesy of the EPA. And we knew this going in. As I get older, I keep wondering what motivated our parents' generation to screw things up as badly as they did.

Re:Sounds like a Canadian

Well, no, actually, I'm not. I was sent to a "public school" by my parents when I was growing up (the American Schools had a series of pretty well publicised pot busts, so off I went) and have never shaken all of the little cues. On the phone, Indians think I am Indian, South Africans think I am South African, Irish think I'm Irish, Canadians think I'm Canadian, and so on, mostly curious at how long I have been in the States. Not professionally helpful, but funny. Judging from your response, I assume that you are Canadian.

And I probably need to keep my spleen in check.

Re:Isn't this illegal?

The NSA operates foreign and domestic, and as long as they act "in the intrest of national security" no one can gainsay them. (And trying to prove they weren't acting so would most likely be a hard task) As far as the I have friends in the NSA, well I myself have had some contact with goverment agencies that are fairly strict on security clearances (work as an inspector for nuclear powerplants with near reactor access, not like there is anything to see) and I feel pretty safe in assuring you that you would never know if your best friend worked for the NSA.

Re:The Microsoft Reaction

No, they don't. But they DO care about what the PHB's and lusers who read CNET News think....

http://www.news.com/News/Item/0,4,41277,00.html? st.ne.fd.mdh.ni

Yet another reason for other countries

[Vicegrip]

To avoid MS Windows like the plague. How could any non US civil service or government ever allow a Windows installation on their machines knowing the potential issues. After hearing this, why would they even want to take the risk? If you're an American you might trust the NSA, but I'll bet if you're French you trust the NSA like you would trust a politician to tell the truth.
Use an open source operating system. It's the only safe way to ensure you know what you are getting.
Linux is the only way to go.

C2 security compliance

C2 security requires not being hooked to a network.
Any Platform
Any OS

latent

Re:C2 security compliance

[Slothrup]

Only A- level security prevents you from being hooked up to a network.

I believe you've been confused by the fact that Windows NT is only C2-secure when it is not networked. This is an issue with NT and not with C2 certification.

Re:This is nutz!

[Kythe]

You can't vote out the NSA people, but you can elect people who will abolish the CIA/NSA/others, and rebuild the intelligence system from the ground up, with substantial congressional oversight.

Check voting records, and vote for people who run on platforms that include reform. Or lobby!

Kythe
(Remove "x"'s from

Microsoft admitted working with NSA!

This CNN Story last year talked about the pressure tactics the NSA uses.

In the article, Ira Rubenstein, Microsoft attorney and top lieutenant to Bill Gates, says:
"Any time that you're developing a new product, you will be working closely with the NSA," he noted.

Re:Microsoft admitted working with NSA!

[Bobzibub]

I read this story that in the crypto industry there is an expression they use: "Have you ever been visited by " In the US there is this government official who wanders around trying to convince companies to insert back doors into their encryption systems in return for favourable export licences. There is also a Canadian fellow doing this in Canada as well. The NSA_key is a rather elegant method of allowing targeted systems to have their encryted communications compromised without being detectable otherwise. There is an MS employee in serious caucau right now......But bigger caucau will be hitting the fan in much of the world. There are going to be a lot of governments who are pissed -- well, they knew all along -- but now they will want to be seen to be looking for alternatives to MS and indeed US software products. This would be a good time to short some MS stock... Cheers, all.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

Revolution is a crime. Treason, you know. Now, if Great Britain had been able to spy on the American Colonists as well as Governments now can spy on their citizens, the great crime of the American revolution could have been prevented. Perhaps privacy should be maintained for precisely this reason: there are times when laws should be broken. Privacy gives us the ability to do that.

Re:Better yet, RTF

The RTF format is better, the MS apps use it, and nearly every wordprocessor i've seen can read it.

You Linux guys ought to remember the K&R backdoor.

[porkchop_d_clown]

A couple of years ago, Ritchie revealed that he had put a back door into the original UNIX login program that no one ever caught: He added code to the C compiler so that if the compiler was compiling login.c, it would inject the back door function. He then added code to the compiler so that if it was compiling *itself* it would inject the code to create the login back door.

He then deleted the code from the C compiler source. You could examine the source all you wanted - but when you recompiled the compiler, it inserted the backdoor creation code into the new compiler - and when you compiled login.c, it would add the back door to the login executable.

He claimed the trap door existed for years on many ports of UNIX. Any port of UNIX that was built using a cross-compiled version of the original C compiler had it.

It would be straight forward to replicate this process in GCC. It would spread much more slowly (unless you managed to get your binaries picked up by a major mirror) but it would be nearly undetectable.

--

How about IE5

[Wah]

I submitted this the other day, but I guess it wasn't impo'tant nuff. Basically lets HTML code run ActiveX and do, well, pretty much anything.

Re:How about IE5

Look at securityfocus.com for the EMBED= netscape exploit! Same difference.

Re:How about IE5

MS patched this farly quickly...well quick for them anyway

Re:How about IE5

Oh yeah and here is a link to the patch.

http://www.microsoft.com/Security/Bulletins/ms99-0 32.asp

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Pont]

At least in California, I believe you are legally required to have either an official ID or a driver's license on you if a cop asks for it, whether you are driving or not. It probably only applies to people of a certain age.

Re:Computer "BUG" (NSA listens in)

[phil+reed]

Yeah, and it's too bad the FBI doesn't have anything better to do, so they spied on U.S. citizens simply because they were donating and supporting the wrong political party (i.e. against Nixon).

See, the problem is that we have a demonstrated history of the gvmnt misusing their powers. If it happened once, it can happen again. And what makes you think the NSA wouldn't provide that back door to some other governmental department that asked for it?


...phil

Re:Encryption is needed now!

[SoftwareJanitor]

Then we need to do away entirely with anonymnity on the 'net.

We need to insure that total anonymity on the net is available forever. Cryptography will make that possible.

and it will help people shut out spam

Getting rid of spam won't be that easy. We don't have anonymity in the world of telephones, and we still get telemarketing calls. We don't have anonymity in the postal system and we still get bombarded with junk mail.

and get rid of the creepy nature of the 'net as it now stands

Creepy? Err... what 'net are you on?

It will also make people accountable for what they say in public online, just as we're accountable for what we say in public in the real world.

I read that as 'it will have the same chilling effect on free speech that we see in the real world'. Just as it is possible to circumvent public accountability in the real world, it will continue to happen online.

These are good things.

These are at best pipe dreams. At worst, they will lead to big-brotherism.

Maybe what we need to do is allow people like you that are afraid of somehow, possibly, being offended by something to just filter out anything that is anonymous. But why prevent the rest of us who think that a few Anonymous Cowards out there might occasionally have something worthwhile to say from listening if we want?

Probably just an error!

[PD]

It's been two years since I wrote code to sign certificates, but IIRC, the NSA is at the root of the tree.

There's 5 levels or something like that, and the NSA has the key at the very top of the tree. People like Verisign have a key at level 3 or 4, and we end users might have a personal key at level 5.

This means NOTHING, except that you can prove who you say you are! It doesn't require that you need to trust the NSA for anything, and it won't give them any access.

So, am I on target, or am I talking about something completely different than the subject of the article? It's hard to tell because the article is so vague.

Anyway, I'm not too worried about security holes in my Linux box. Even if someone broke in they would only be able to steal what they could buy for $1.99 from www.cheapbytes.com! heh heh

Re:This is nutz!

[Desert+Raven]

Oh boy, I REALLY hate to tell you this, but the government DOES have a way to listen in to conversations in your house. If you have a regular, non-powered, non-digital phone, it can be used as a listening device. The phone company just "activates" your line from their end, and it's just like taking the reciever off the hook at your end, every phone in the house then acts as a microphone. This technique is taught to police officers in the academy for use in hostage situations. I would find it difficult to believe that agencies like the NSA could not do this from the comfort of their own offices. Shortly after learning about this in the police academy, I switched to using 900mhz channel-skipping phones.

Re:My God, It's a global conspiracy!

Uhh, it's NSAKEY..

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

Lord help us when our government (that's OUR government not THE government) isn't able to prosecute crimes selectively.

We don't need to jail everyone whose tire touches the yellow line in the middle of the road.

We do need the ability to hire people capable of making good judgement (you cops out there reading this know what I mean, and you usually do a pretty good job, btw) in maintaining the social order we all thrive within.

Re:Computer "BUG" (NSA listens in)

[Jburkholder]

No, don't get me wrong, I have a huge distrust of these government agencies' ability and track record to abuse their power. I was just chuckling at the paranioa that your multimedia desktop PC is somehow going to become a magic doorway for the spooks to watch you brush your teeth.

Re:This is nutz!

But at least a wiretap (or close survelence) requires a court order.

Re:Come on kiddies....the NSA is MUCH smarter than

[mikej]

Oops, I need to make a retraction. It's not a backdoor into installed software at all. My bad, it seems.

Ummm.... No, it's not.

[porkchop_d_clown]

The exploit is called TEMPEST.

TEMPEST is the DoD security program for preventing the remote surveillance of computers.

--

Re:Well, this is another argument for getting sour

I know that noise! I got a little education in the permanence and pervasiveness of corporate culture when I made a comment about all motor oils being basicly alike while working for Shell. Jesus Christ on a pogo stick -- you would have thought that I had suggested that we start serving babies in the cafeteria! I actually was verbally courselled for it. Now, it is funny. Then, I nearly had a stroke keeping my mouth shut.

Re:This is nutz!

[Jonny+Royale]

"Libertarians are anarchists who need police protection"

-Kim Stanley Robinson

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Nspectre+Anatomy]

If you aint' breakin' the law you ain't got nuthin' to worry about.


I'm sorry, but... I just have to give an incredulous chuckle every time I see someone spout the above.

Just look at the US Justice Dept's track record and tell me you still believe that.

You rule

post another story!

Re:MS is bad software but...

[Bald+Wookie]

NO, sol.exe has nothing to do with crypto. Its powerful mind control software! Sol.exe is responsible for turning once productive middle age office drones into drooling click and drag morons. Just last month we had send 15 of our best people to the super secret sol.exe deprogramming center. You may be familliar with it. Most people know it as the unemployment office.

-BW

No surprise there.

Well, with Echelon being admitted as being real, and with the admitting that they had used the systems to help out companies in their own countries over non-echelon member countries, who can be surprised? Yes, Microsoft will cooperate with the NSA. Yes, the NSA will use this ability. Yes, if you work for a corporation, the NSA will use the information they gather off your systems to help your competitors if they feel like it. If you want some form of security dont ever use Microsoft products.

Maybe...

[supz]

The hooks have to be specifically for cryptography in order to be illegal. People get around this by providing general "module"
interfaces which can be used for lots of things.... including crypto. Making it crypto specific is a no-no, as far as I know.

Having said this, there are some well-known exceptions: microsoft's crypto apis and sun's java library apis, for example. I don't
know if they got a specific license from the gov't, or if the law was loosened. I rather suspect they got a license.

maybe this is why they got whatever license this guy is talking about.

Babelfish translation

[mapultian]

Ya know, I was always semi-impressed by Babelfish, but this just made me like it more:

"The application interface for encoding functions, provided by Microsoft for programmers, which sucked."

Dude, it said "which sucked", from a translation! That's so cool.

Re:Stop being so paranoid!)

[Cid+Highwind]

>he problem with allowing the random hard drive
>scan is the same as police check points.
>Pull everyone over, and arrest those are breaking
>the law.

Umm, in my state (Texas) the highway patrol *can* pull everyone over and check for drunken drivers, drug runners, etc. The supreme court has upheld roadblocks like this before, as long as they are not selective about who is pulled over. (i.e. stopping every fourth car is allowed, but stopping only cars driven by minorities or teenagers is not) Or so I've heard from two poli-sci professors and a cop. YMMV

Infinity transmitter??

Ummm, I'm an electrical engineer and have been working extensively on a telephone terminal project over the last few weeks. I'm fairly familiar with the schematics and working operation of these devices, and I don't quite see how such a think would be possible, particularly with the much simpler devices of 50 years ago. For most phones the transition from on-hook to off-hook is acheived through an actual physical switch. This is the same switch used to connect the microphone across the tip and ring. Hence unless it closes you aren't going to pick anything up on the other end of the loop. I'm not saying that this can not be done, but it does seem a little unlikely. However, if you have any reliable links to information on how they might do this, please post them. cheers.

Re:Infinity transmitter??

[rnt]

Hack-Tic (a dutch hacker magazine) published in 1992 an article about eavesdropping on telephones that are on-hook (unfortunately the article is written in dutch, but you're probably more interested in the schematics at the end of the article anyway).

I believe the technical term is high-frequency flooding, but IANAEE[0].

The phones on which the technique worked were in fact the older models that do use an actual physical switch. The vulnerable phones used a switch that contained several metal strips.

Basically it works like this: instead of a direct current the phone is fed a high-frequency alternating current. Because of the high frequency the contacts of the switch will act like a capacitor, allowing a current to run through the circuit. The microphone does work that way!
I have seen it work and I was impressed. Audioquality wasn't quite good, but the demonstration did something supposedly impossible so hi-fi audio wasn't important, the conversation in the room was intelligible.

(quite funny: the dutch telecom provider first denied it was possible, but soon started to sell kits to prevent eavesdropping using this technique)

On modern telephones this wouldn't work I guess, simply because the physical switch isn't the only thing inbetween the microphone and the phoneline (amplifiers, filters, whatever...).

I hope this helps...


[0] I am not an electrical engineer...

deliberate

[sql*kitten]

Has anyone considered the possibility that Microsoft deliberately left the symbol in, to reveal NSA's presence without risking liability?

Or is it just easier for you to blindly attack Microsoft given the slightest excuse?

Erm... *about* No Such Agency (was Re:Duh!)

[alumshubby]

Do you really think the NSA has the type of budget problems...

As Ricky Ricardo used to say, "Loooosseeee, lemme 'splain you something." The NSA ain't got no budget. Not in the traditional sense of the term, anyway. They're not required to submit one to Congress for approval. They just get what they ask for, and the dollar figure is classified. As are basically all of their activities. And what's more, unlike the CIA, they have *no* legal restrictions against *domestic* intelligence activities -- seems that during those pesky Church Committee hearings on the CIA's antics, everybody conveniently forgot to ask where the ELINT came from.

Having typed all this, I look forward to that funny click on the line when I pick up my phone tonight. Or maybe my head will just disappear in a pink cloud as I'm driving to work on Monday morning...

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Wired coverage

[jflynn]

There is another, little bit longer story at Wired.

Re:Comedy of errors

[bratell]

Then, instead of requiring a backdoor in the OS itself, make a small, portable tool that exploits a security hole so obscure that only by being NSA dudes and working with Microsoft can you find it.

That is a backdoor.

Comment removed

[account_deleted]

Comment removed based on user account deletion

About CryptoAPI from MSDN:

[.pentai.]

Ok, here, I'm seeing a lot of crap about this, so here it is:

The Microsoft CryptoAPI is a complete set of tools for creating secure Internet and intranet applications. Microsoft distributes the Cryptographic Service Provider Developer's Kit (CSPDK) to authorized recipients located in the United States and Canada, and to persons and entities outside the United States or Canada authorized to receive the CSPDK under specific license from the U.S. State Department, Office of Defense Trade Controls.


That's it, it's a way to make programs to send secure data over networks. It's NOT a way to authorize loading of DLL's and such. In fact, CryptoAPI is loaded via System Services (which must be done by Administrator).

What this means, is that even IF the NSA has a key to CSP's, that means nothing. It means they have authorized DLL's, nothing more. It doesn't mean they can insert them and run them from remotely.

kthxbye

Re:About CryptoAPI from MSDN:

[malice95]

Ok, here, I'm seeing a lot of crap about this, so here it is:

The Microsoft CryptoAPI is a complete set of tools for creating secure Internet and intranet applications. Microsoft distributes the
Cryptographic Service Provider Developer?s Kit (CSPDK) to authorized recipients located in the United States and Canada, and to
persons and entities outside the United States or Canada authorized to receive the CSPDK under specific license from the U.S. State
Department, Office of Defense Trade Controls.


That's it, it's a way to make programs to send secure data over networks. It's NOT a way to authorize loading of DLL's and such. In fact,
CryptoAPI is loaded via System Services (which must be done by Administrator).

What this means, is that even IF the NSA has a key to CSP's, that means nothing. It means they have authorized DLL's, nothing more. It
doesn't mean they can insert them and run them from remotely.


Wrong, The presence of the NSA key (if it is the nsa's key) would allow the nsa to add additional modules into the cryptographic subsystem without
breaking the system. This possibly could allow the
nsa to hack in via another means or access the system at the console, and compromise all security measures by replacing your current cryptographic software with its own versions. Abit, less secure ones. The key (ms's key) is to prevent outside developers from adding crypto modules in windows without approval from MS. Hence that nice 128 bit
connection your browser is making may be plain text to an nsa spoof.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Mr.+Slippery]

China is a "People's Republic." How could a republic be oppressive?

Calling a thing a name doesn't make it so.

Re:I don't think it's for spying on people

[richnut]

It's about TIME someone with some actual windows coding experience wrt Crypto API clears this up.

What I'm wondering is if one CSP can have any runtime access to another CSP or if the modules are protected from each other?

If the CSP's are proected from each other than this really isn't a backdoor at all, Unless of course there's undocumented features to get around module protection.

-Rich

Not on list of accepted papers...

The list of accepted papers for Crypto '99 doesn't mention this.

Does anybody have any other reference to show if this is legit? C'mon posters, let's get some signal through the noise here. We all know what it means if it's legit. (switch to Linux? No shit! The answer to everything at /.) The question at hand is whether it's legit.

Re:This is nutz!

Don't spoil his fun.

He's a libbytardian. He knows he'll never have to answer for any of his theories actually being put to test. If they were, they would be contaminated by reality.

Re:Well, this is another argument for getting sour

I co-oped at IBM and worked there for a few years after college. I was sent to the CIA to upgrade/fix stuff a couple of times. I wish that I could say that I was impressed, but after looking at my badge for .0001 second, the sysadmin there said "Oh, you're from IBM," handed me root on a piece of paper, and went to lunch. I don't know how critical the boxes that I was working on were, but that was a little strange, I think. I still think that it is funny that I was more paranoid than the CIA. And it is just like any government deal -- lousy coffee, light out, just quieter.

Re:Another interpretation

[Ageless]

Export laws restrict you from having any easy way to add strong crypto to a weak crypto system. This is why the Crypto API has the provider signing process with Microsofts key. It restricts new providers to be signed by Microsoft, and MS is not allowed to sign any provider with strong crypto. Export laws suck ass.

Re:Security hole? Really??

[chicken]

This isn't an exploit at all. For those of you who don't know how signing works, here's a quick overview:

To sign a document:
1. Calculate a hash of the document (MD5 is the common method).
2. Encrypt the hash with your private key.

When the user want to verify that it came from you, they:
1. Calculate the hash of the document.
2. Decrypt the provided hash with the public key and check if they match.

So, at this point you know:
1. That the document was not modified since it was signed.
2. That the document came from the source that it was intended to come from.

The reason Microsoft is signing the security modules is to prevent someone from subsituting the DLL and then comprimising your security. (Since you can't sign without the private key).

Now, if this second key (and the third one for that matter), belong to another party, it means that your computers will accept security modules signed by them to run. However, only entities with the matching private key can release the modules.

This validation mechanism only affects the loading of the security module, not the actual secured data. The author of the security modules does not implicitely have access to the encrypted data without the private keys used to encode them. It would have to get your private keys, and then store them somewhere or send them somewhere in order to be able to read your data.

Re:Comedy of errors

[Enoch+Root]

The difference is, you don't implement a backdoor. You exploit one. And you certainly don't name it NSA_Key in development phase.

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

This is being done.

[cduffy]

Wait five months or so.

Re:This is being done.

been done. pgp for pilots is out. d/l it..note that its very sloow and the max key length is something like 512 bits.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[porkchop_d_clown]

More realisticly - show me one person who has never done anything (smoking weed, or had an affair, for example) that could be used to blackmail them. That's the real issue here: being blackmailed by your own government. And for people who think that it cannot happen: What the hell do you think living in the USSR was like? Or china, where children are taught to report their parents' "suspicious" behaviour?

--

Re:Larry Ellison said it best when he said:

[angelo]

Your driver's license has your current address on it. Ever wonder why?

So they know where to send your wallet if you lose it.
To make sure your address matches the one on your cheques.
So they know where your registration forms go.
My address still says "118 montville street" which is not my current location. That is actually on another card as an addendum.

Re:Well, this is another argument for getting sour

Nice story. Did you take creative writing courses in college?

$NAZI =~ fascist

[MenTaLguY]

the Nazi party was "National Socialist" how could they be "right wingers"?

Technically, they were [are] fascist, regardless of what they called themselves.

Honestly, totalitarianism or statism is totalitarianism or statism, regardless of which side of the aisle you choose to stick it on.

Whether it's conservatism or liberalism that you take too far, you invariably end up at the same place. The political spectrum is circular.

Berlin-- http://www.berlin-consortium.org

Re:We let the government decay to a dangerous poin

[Jonny+Royale]

I have to disagree on one thing here, and that's your iron law of bureaucracy. The true iron law is:

Everyone rises to their level of incompetence

Re:Isn't this illegal?

>the NSA's job is SIGINT of domestic and foreign sources. You mean, like kill -SIGINT usa ??? Damn, I hate being interrupted when I'm busy!

Re:Well, this is another argument for getting sour

During my brief and unpleasant foray back into the dirty halls of academentia, I had the pleasure of hearing what had happened to an MBA that I knew during an interview. He mentioned, basically right away, looking at the company president, that he looked an awful lot like Art Garfunkel, the lesser half of Simon and Garfunkel. The resemblance was apparently striking. The interviewing board looked at him like he had just said something awful, and the senior VP said "You really shouldn't have said that." It was as if time stood still. Apparently, it was something that the President and Founder was very sensitive to and it was just something that you just didn't say. Ever. No, he didn't get the job.

Re:Well, this is another argument for getting sour

This guy might be for real, or he might not. But there's a lot of precedent. Not long ago an Israeli agent was caught doing exactly that (faking reports), and almost starting a war with Syria in the process. The story was well publicised, it should be easy to find

Ananias

Moderators smoking super glue again....

*ahem*

Re:Well, this is another argument for getting sour

[jammer]

Typical response from someone who refuses to see the recurring pattern of a government out of control and rapidly falling apart. Open your eyes -- it's not all a paranoid dream. It's real, and the comfy world they've built for you is an illusion. What is the Matrix?

Re:We let the government decay to a dangerous poin

I think that that is the "Peter Princple," actually.

Re:Doubtful

[HyPeR_aCtIvE]

One thing you're forgetting -- generally when package maintainers (Linus, for instance) are reviewing a patch for inclusion in the distribution, they won't accept it unless they understand all the code involved.

This is true, but there are two points that you arn't considering ...

First of all you are implicitly trusting the maintainers ... and they could be the ones inserting (or leaving) the backdoor code in any product. (Not that I distrust them, but it COULD happen)

Secondly that not all code is 'maintained' as well as others. Someone may have written a really cool application that they released as open source just in case someone else wanted to add a new feature. The maintainer in this case may not look over the code as well as they should, and instead are sent back a new set of source files that compile fine and add lots new features, and start using them instead! Or again, the original creator of the program could have added said back doors in.

In any case ... I'm not saying it would be easy to do at all, just that the possibility still exists, and with the level of brilliance that often exists in the programming world, I wouldn't put it past someone to be smart enough to completely hide something small.

Re:Wait just a second...

[Ageless]

Let's see. Do you use a VPN? Authentication? NT Security? Active X code signing? SSL in Internet Exporer? Dozens of others?

Re:I don't think it's for spying on people

Bingo. The algorithms of certain CSPs are classified. NSA probably just wants to install their own CSP for heavyweight crypto protection using black algorithms (Fortezza, STU, Clipper, etc) without giving the code to Microsoft. The NSAKEY is probably the public key for signature verification of these DLLs.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Jimhotep]

you are correct

Re:That does it....

You haven't run any Microsoft code in two years. You're huffing and you're puffing, and you're gonna blow the house down.

Stop trying to be a role model. We're not gonna believe your Linux sodrolling.

Re:people, get a grip

[malice95]

Why don?t you read the document, all that this ?NSAKEY? lets the NSA do is build cryptographic plugins for Windows, it doesn?t give
them the equivalent of root on your system at all! (This if what I got from the article). The *most* that the NSA could do would be to
get you to install there component, then they could read information you encrypted with it. And there is *no* reason to think that the
NSA even has anything to do with this! Remember, the NSA *does* make encryption products. Remember DES? Microsoft might have put
that there to allow easy incorporation of new NSA algorithms

What is to stop the nsa from getting you to
download a popular package that replaces current
crypto plugins with ones that are vulnerable?
If plugins can be replaced using this method then
all crypto software is suspect on your system.
The next time you use your private key to decrypt
something you may be handing it to the nsa.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Jimhotep]

Ole Dolf was one wacky dude.

If he had just had a little more vision, he
could have dropped nukes on Washington.

I would be typing in German.
I would think the "Allies" were nuts out to
destroy the world.
Everything would be just fine for me, because
I would have been born into it. Never knowing
any different.

It's that not knowing anything different that
I enjoy. Like some of the people I have contact
with every day. They don't have a clue and don't
want one. They are happy and don't want to be
bothered with facts.

Cooper calls them Sheeple

Re:We let the government decay to a dangerous poin

Erk. Peter Principle. Time for more coffee.

[I'm quite sure] You're wrong.

[cduffy]

The NSA doesn't release their work.

NASA's contributed a lot to the community. JPL's contributed a lot. The NSA... their business isn't releasing, but absorbing.

[Somewhat less sure of the below]

And if the NSA can get the stuff they signed automatically accepted by the Crypto API, it means they can fake ActiveX signatures (certainly), perhaps authentication stuff... I think some email software uses it... login services?

It's got the potential to be a significant backdoor.

Re:Well, this is another argument for getting sour

A few years ago, I heard something similar from an AIX sysadmin about the NSA, but he had been doing support for Sun boxes at the time. It still bothered him. Makes one wonder about social engineering attacks, doesn't it(There aren't the admins you're looking for, move along, move along ...)? Want to know the most paranoid place that I ever worked? ADM. I think that they were guarding corn syrup trade secrets. Can't have those falling into the wrong hands, can we?

Re:Come on kiddies....the NSA is MUCH smarter than

[Kythe]

Not just a security flaw that Microsoft knew of, but designed in.

Kythe
(Remove "x"'s from

Re:Sounds like a coincidence to me...

[alumshubby]

I'm not saying that it isn't possible, just a little hard to fathom that the NSA would allow such a blatent reference to themselves.

Oh, I dunno. I've seen more egregious security lapses than this that just got overlooked. A foul-up like this "hiding in plain sight" doesn't sound too surprising.

Re:Well, this is another argument for getting sour

Life can suck sometimes. I was a Ranger. Similar stories there. The people who are good at the shooting/looting/breaking part of the job aren't spending time on the paperwork. So, they don't get promoted. When downsizing happens (as it has in the Army), the people who aren't good at paperwork get the boot unless you have no problem doing backflips through your own asshole to please the paperpushers.

I don't know how things used to be, but the old guys have gotten quite bitter and many have left. I split, went to school for another undergrad degree (EE), discovered UNIX, learned it the same way I learned judo (by doing it 18 hours a day until I couldn't unlearn it), and like my job now. But I hope to hell that we never really, really, really need the Army for any situation where we aren't doing 90% of our killing with support weapons, because we will be well and truly screwed. The Army can't fight anymore. After Panama, I thought for a long time about hearing one grunt say to another about his 16 that he had never fired it because he didn't have the manual so he didn't want to take it apart to clean it. This is what the brass feels is OK, just fine, business as usual, and the professional civilian Army.

Ever heard the expression "A lot of guys on the floor?" Well, if we ever seriously need the troops to fight and the officers to lead, there will be "a lot of guys on the floor" at that point.

I am glad that I am out and I wish that I had left sooner.

Feel better?

Re:No real fix...

Enabling the door is one thing. MS will hold they assumed the agency would have proper authorization to use the door. They may even have paper that says this.

Direct involvement is another. If the agency uses the door without legal authorization, and MS was a direct player, they could stand to lose a great deal.

Still, I run Open Source. Everywhere, all the time, and on every device. Accept no subsitute.

Re:Computer "BUG" (NSA listens in)

[Lx]

Well, then the easy solution is to use an OS that won't support your soundcard...long live FreeBSD! -lx

amusement...

[zonker]

babelfish's interpretation of the CCC's page:


The application interface for encoding functions, provided by Microsoft for programmers, which sucked.

Did anyone else find this amusing? It reminds me of the skit Eddie Izzard did on his HBO spot "Dressed to Kill" when he was talking about Hitler and the Nazis.


"and Hitler shot himself in the head... Which is good... Because he was a Nazi Fuckhead."


It loses something when taken out of context though...

Or hack the C compiler

[acb]

Anyone here remember Dennis Ritchie's PCC compiler hack, in which the C compiler in an early version of UNIX (V6, I think) was modified to insert a backdoor in /bin/login, and also to insert the back-door-insertion code into the compiler? Thus, a system could be shipped with clean source for login and the C compiler, relying on a carefully-tainted binary to propagate a security hole.

While it'd be hard for the NSA to replace the gcc in all distributions, it is at least theoretically possible to introduce such a hole which, say, recognises various pieces of crypto code/random number generators and inserts subtle flaws.

Getting even more paranoid: doesn't the NSA have silent filters on all major Internet routes? Could those conceivably be programmed to patch downloads on the fly, modifying them and the md5sum files? (Assuming the level of technology and funding that the Echelon project would imply.)

Re:Or hack the C compiler

That was ken Thompson, I think. It was from an ACM lecture called "On Trusting Trust." I will look up the URL and post it if people are interested.

Re:Or hack the C compiler

[Why2K]

It was called a "Reflections on Trusting Trust" and is available here. Very interesting, and scary, if you think that having the source code automatically makes the system more secure.

THANK YOU! More people should pay attention!

I find a lot of interesting articals here, but the majority of the posters start ranting and raving over something they have absolutly no understanding of. I've heard so many things about MS products that are completely wrong lately, I just can't take it anymore! Investigate how things work first.

Re:All microsoft products will be removed

All Microsoft products were removed from your computers two years ago.

Stop trying to roll out the sod, Linux sodroller. We know you grew it on a sod farm and trucked it in here.

Re:Duh!

[Ageless]

There is a VERY big difference in computing time to crack a 512 bit key compared to a 1024 bit (which any security conscious person is using) or even more so, a 2048 bit key (which we paranoids) use.

people, get a grip

[delmoi]

Why don't you read the document, all that this 'NSAKEY' lets the NSA do is build cryptographic plugins for Windows, it doesn't give them the equivalent of root on your system at all! (This if what I got from the article). The *most* that the NSA could do would be to get you to install there component, then they could read information you encrypted with it. And there is *no* reason to think that the NSA even has anything to do with this! Remember, the NSA *does* make encryption products. Remember DES? Microsoft might have put that there to allow easy incorporation of new NSA algorithms

People please, realize that this *does not* give the NSA the ability to look at anything on your windows box, at most it might give them the ability to decrypt information that you encrypt with MSFT products. Since most people don't encrypt anything anyway, this has no baring whatsoever.

Also, I believe that there is a lot of Code in Linux that comes out of the NSA, correct me if I'm wrong
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

Re:people, get a grip

Why couldn't the NSA just get you to download a copy of their software signed by the original Windows key, if they are in cohoots with Microsoft?

Re:Not in my edition.

[Enoch+Root]

Tell you what, I'll transcribe the passage I have in mind when I get home.

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

Perhaps for NSA internal usage?

The feature in question appears to be a code hook which would enable the NSA (or someone else) to add additional cryptographic modules to Windows without having to get them signed by Microsoft.

This may have been a concession to the NSA in the hopes that they might use Windows internally, with their own home-grown crypto modules.

The Cryptonym people point out that this would also make it possible for any third party to bypass Microsoft's mechanism to enforce US crypto export restrictions. One would only have to replace the NSA key with their own key before loading the module.

Re:We let the government decay to a dangerous poin

[Mr.+Slippery]

I don't care if Hoover did spend his leisure time in a nice Chanel day-to-evening and tasteful-yet-daring Ferragamo pumps -- he got in and kept good people who did real detective work

Such as spying on Martin Luther King's sex life?

Or the Red Scare?

Or Nixon's "enemies list"?

Kinda like Back orifice, eh?

hehehe

Scott McNealy said it

It wasn't Larry Ellison. Either way, it's a really stupid comment. Privacy is a good thing, and anyone who gives up so easy "get over it" has already lost their freedom as well. Live free and fight back. I am not a number! I am a free man! -MadAhab, too lazy to log in...

Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Jimhotep]

So what if the govt. can look at
what you are doing.

If you aint' breakin' the law
you ain't got nuthin' to worry about.

Paranoia is supposed to fun and relaxing,
so just don't worry about it!

Oh, by the way. My Y2K watch party starts
Dec. 31st at 6am CST.
If New Zealand falls, the rioting will begin
about 9am CST.

Look for Russian nukes to start raining down
between 3 and 6pm CST.

I'll be drunk and laughing.

sleep tight y'all!

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

Are you serious?

Selective prosecution of crimes is one of the great evils taking place in this country today.

You are right, however, that we don't need to jail everyone whose tire touches the yellow line. It's not a violent crime, no need for jail. We are already jailing too many people who do not need to be there. If someone isn't a threat, don't jail them. Fine them. They have still been punished, and the govt. makes money instead of spending it.

As far as cops doing a pretty good job of making good judgements, I wish I lived in your world, because where I live nothing could be further from the truth.

Judges are even worse. Back in my freshman year in college I was arrested for driving without a license. This was a crime and I deserved to be punished. I'll concede that point. However, the "gentleman" who appeared in court directly ahead of me plead guilty to his third offense of spousal abuse. The judge fined him a paltry $75 and sent him home. I then took my turn and plead guilty to driving without a license (I was guilty after all). This same judge sentenced me to a two week jail term.

This is not the only such story of which I am aware.

It's high time that our criminal justice system (and government in general) were given a serious reality check.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Rombuu]

You don't need any of those if you are taking the bus....

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[haeger]

You are joking, right?
What about personal privacy? What about buissness secrets?

If this is allowed, why don't we just install video-cameras in all houses to make damn sure noone is breaking any laws there, heck why don't we put people in jail to make SURE they don't commit any crimes.

*I know I shouldn't bite on troll posts, I just can't help myself.*

//Somewhat anonymous coward.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

cue Adam Ant Ok I'll show you such a person - me. I've never smoked anything at all, never had an afair, never even had unmaried sex, never did anything whatsoever that could be used to blackmail me. I'd make a perfect politician - actually I wouldn't I'm too honest, I can't stand even small lies. And you use a computer pretty good for a 14 year old. Suggestion, live a little. Smoke a bowl, get a blow job from a total stranger. Have a little fun

Seriously, I am pretty much blackmail free as well, but for the opposite reason--I've screwed up and done "so much" (not much really, but compared with the previous poster, I've got horns and a tail) that I can't remember all of it.

A while back I heard a comedian talk about a new political party he wanted to start called the guilty party. Things like:

Yeah, we know how to deal with drugs, shit, some of us have DEALT drugs...

I'll vote for that...

As for the NSA/Microsoft thing--has anyone taken a good look at intel's Pentium II and higher processors. Want to guarentee there aren't any hooks in there? Want to bet that the alleged random number generators are REALLY random? Or even random enough?

You AREN'T paranoid, they ARE out to get you.

Fully anonymous digital currency

Geodesic Networks

Freedom

The next revolution will be the last revolution, it will be the end of government as we know it. It's time just about time. As someone else said:

They outlaw guns for the proles but issue machine guns to increasing numbers of cops of various kinds

The outlaw drugs, but issue amphetamines to their pilots and soldiers

The outlaw reinforced doors, but build bunkers for themselves.

Nothing unusual in these police state policies. The rulers _always_ want the ruled disarmed and terrorized

to which I add:

They've outlawed hacking, but they backdoor your OS.

The censor your discussions, but are free to say anything they want

This is supposed to be OUR country (those outside the U.S., map that to your local government and do as you will), why the FUCK do we all this shit? Because you people are SHEEP. Fucking SHEEP. How many of you still have Windows on your machines? WHY? To play games?

GAMES????

Yeah, escape. Go on, get out. Play your games, watch your TV, babble on IRC. Don't think TOO much, don't interact in meat space, don't get excited. Mouth the slogans, but don't REALLY CARE, don't bother to DO anything. Hold up no-talent dweebs like Mitnick as heros, and ignore people like Zimmerman who GAVE YOU THE TOOLS TO FREE YOURSELF

Free yourself, and your government will crumble.

Microsoft isn't the enemy. The NSA isn't the enemy, Complacency is the enemy. Complacency and dependense on authority. Authority will ALYWAYS back door you--and never give a reach around.

You say you care? About what? When was the last time you swung a hammer for habitat for humanity? When was the last time really cared enough about the environment to ride your bike to school/work instead of a car? When was the last time you fed a homeless person, or offered to be a foster parent/big brother/big sister?

Oh--that's right. It's the governments job. Yeah, give them the authority, give them the power. Get the back doors.

Security comes through personal vigilance, not through the law.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

You don't need any of those if you are taking the bus....

If you have no ID, and no money, or little money, you can legally and constitutionally be arrested for vagrancy.

America, home of the free, free to the power of the people in uniform--TSOL

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Jimhotep]

no I'm not
personal privacy is dead
business secrets probably aren't

how do you know THEY haven't already put a
camera in your house? remeber the wall penetrating radar story a few weeks back?

if trying to get people to THINK is trolling,
then yes, I'm trolling

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

just have to get this in the Nazi party was "National Socialist" how could they be "right wingers"?

Perhaps it could be because they were "right wingers" who had co-opted the National Socialist party. Geez. Do a little reading in the history isle!

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[ars]

Ok I'll show you such a person - me. I've never smoked anything at all, never had an afair, never even had unmaried sex, never did anything whatsoever that could be used to blackmail me. I'd make a perfect politician - actually I wouldn't I'm too honest, I can't stand even small lies.

The only blackmail would be privacy type things, not illegal type things. For a (not so good) example someone installs a camera in the bathroom and takes a picture, then blackmails me by saying he would release it unless... But other then things like that I'm blackmail immune.

And yet I still value my privacy quite a bit.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Deimos_]

Germany was had a heavy water experiement with the intent of making an atomic bomb. We got to it first.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Kythe]

Perhaps I'm just not as hopeless as you.

Many people are fighting hard to protect privacy. I think it's foolish and defeatist to give up on that goal. It would be even if things were ten times worse (i.e. if there were cameras in every house).

It is very important that this fight be fought.

Kythe
(Remove "x"'s from

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

Show me one person on this planet that isn't breaking at least one law -- knowingly or unknowingly. All this does is enable selective prosecution of anyone the gov. wants to take out.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

Putting people in jail doesn't stop them from committing crimes. hell, it probably encourages crime.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Jimhotep]

like a small church?
or some kid that breaks into a web page?

Re:Encryption is needed now!

[SoftwareJanitor]

Well, anonymity isn't easily legally accomplished on the Net. If one is willing to resort to illegal means, it is fairly easy. If one is willing to find a publicly accessable computer (such as a university lab, public library, etc) and use an email service that doesn't strictly check info, then it could be pretty difficult to trace, but not very convenient. This may or may not change as 'internet kiosks' become more common.

However, as I was saying, what all this really means is that the original poster is off base in thinking that anonymity on the Net is so much worse than what happens in real life.

This does not seem like a backdoor...

[blawrence0]

The key in question allows the holder of the corresponding private key to sign a cryptographic package and have it be installable and accessible via the Windows Crypto API. Big deal.

How is such a package going to get on your machine? Either it is distributed on the NT CD, or it is installed on a machine some time after NT is installed.

If it is being distributed on the CD, this implies complete MS cooperation, what would be the point of signing a backdoored package with an NSA key? Just get MS to go ahead and sign it.

If it is installed somehow after NT is installed then ANY means used to distribute such a package could also be used to defeat the whole code signing check, by simply replacing or patching ADVAPI32.DLL or any other files involved. So to coerce MS to install the code authentication key is not necessary, and it merely risks drawing unwelcome attention like that given here.

Ben Lawrence

Re:This is odd

[phil+reed]

I choose to use Yahoo for my mail address to absorb spam. It's much easier for me to ditch it if I need to.

You should evaluate based on what he says, not trivalities such as e-mail address.


...phil

Re:Chinese Reply via Linux

[phil+reed]

Go away, troll.


...phil

This is nutz!

I would have never thought the US Govt or MS would have gone this far! I can't think of a more disturbing development - and I am not exactly security aware even. This is like the government building into every house the ability to listen in on conversations in the house. To me, this shows how afraid it is of it's own citizens. This is a highly coordinated and well thought out attack on personal privacy and it runs counter to what good government should be. This is worse than the stuff in spy novels. If your government can do this, it is time to be afraid, very afraid. Add to that the fact that Microsoft is involved and well... I dont want to think about it.

Re:This is nutz!

[Adam+Seline]

Rebuild the intel community? How about rebuild the government from the ground up! Throw out EVERYTHING, and start with JUST the Constitution That's what the 2nd Amendment is there for, not hunting. Gee, and we trust the FBI too - has anyone looked at THAT list: Waco (enough said) Ruby Ridge Mr Jewel (Leak lots of info on an innocent man) Randolph (can't catch the guy they now claim did it) James "Whitey" Bulger (Killer they had working for them) The FBI files at the Whitehouse

Re:This is nutz!

[Kythe]

Bite your tongue. I am most certainly NOT a Libertarian -- quite the opposite.

I'm glad to see others here are also not of that nutcase persuasion.

However, civil liberties and defense of democracy are not the exclusive domain of Libertarians. In fact, I'd argue the opposite is true.

The notion that the U.S.'s intelligence community has too little oversight is shared by many people, of many different political persuasions. Moreover, my post specifically addressed this particular issue: if the NSA is, indeed, insisting on backdoors in domestic software, then their actions are over the line.

Kythe
(Remove "x"'s from

Re:This is nutz!

[Jimhotep]

No, this is good.

Trust your govt.!

They work for YOU.
if you live in the U.S. that is

Re:This is nutz!

[Kythe]

Most people don't seem to realize just how little oversight is built in to the U.S. intelligence community. I'm willing to bet that few people (much less our elected representatives) outside the NSA knew they had Microsoft doing this.

Anti-democratic? Absolutely. It's what happens without checks and balances.

I'm finding that more and more, calls to rebuild our intelligence system from the ground up, with extensive oversight, sound not only reasonable but necessary as well.

BTW: one doesn't have to be paranoid, or a Libertarian (I'm a Liberal), to see the problems this sort of thing poses to civil liberties.

Kythe
(Remove "x"'s from

Re:This is nutz!

[Kythe]

I'd appreciate it, if this is their idea of "working for us", that they'd work a little bit less for us.

Kythe
(Remove "x"'s from

Re:This is nutz!

Rebuild the intel community? How about rebuild the government from the ground up! Throw out EVERYTHING, and start with JUST the Constitution That's what the 2nd Amendment is there for,

After throwing out everything, why bother starting with anything, after all, once you cut out a cancer, do you replace it with another one?

Re:This is nutz!

Please tell me this is a joke. The switchhook is mechanical. Sorry. No such thing as line "activation" ... now, broadcasting your conversation at 900mhz is much easier to follow; especially when you have a channel tracker...

Re:This is nutz!

[Adam+Knapp]

I'm not quite sure how you propose to vote out the people in the NSA, seeing as how they are not elected it would be relatively difficult. Also, since Congress discusses such things as "National Security" in private figuring out who not to vote for is difficult let alone who you actually should vote for.

Re:This is nutz!

Yes this can be done. A 5Mhz signal is sent down the line from the far end. At this frequency the impedance of the hook switch is low and the signal "jumps" across. The carbon mic modulates this signal and produces a AM modulated radio wave. Then you can just listen in with a radio attached to the far end of the line. Not to many of these old phones left however. Also this is easily defeated by putting a small capacitor across the line to short out the high frequency signal.

Re:This is nutz!

This is like the government building into every house the ability to listen in on conversations in the house.

Well, telecommunication companies are required by law to ensure that communications are easily tappable. Combine this with the on hook listening (if it really is possible) mentioned in other replies and this is essentially what you have.

Re:This is nutz!

[Jimhotep]

vote them out

you can flush congress every two years
I call it "term limits"

Re:This is nutz!

That's exactly why citizens should be able to arm themselves as they see fit. The government should ALWAYS be afraid of its citizens. That's the ONLY thing that keeps them in check.

Re:This is nutz!

Only if they want the collected evidence to be admissable in court. The NSA needs no court of law to persecute its victims... therefore, they need no court order.

Exactly -- It's NOT a backdoor

People here are completely misunderstanding this. It's not a backdoor that lets the NSA read anything encrypted by your machine. And it's also not a backdoor that gives the NSA access your machine.

Follow the link and read the article! This is merely a way for someone besides Microsoft to add crypto services to the machine. The only reason there is a cryptographic check to prevent people from adding other crypto services is because of silly US export laws.

begin this!

[RoLlEr_CoAsTeR]

I'm thinking that NSA should have already known this, right? I mean:

1. It's their job.
2. It's been there since the beginning of Windows (or since the beginning of the Win32 versions, right?)
3. Are these people really the first to figure it out>
4. How could we know that they've not known all along? Perhaps they have been using it, even in some small, obscure, or very unnoticed way, and we're seemingly not the worse for it.

Well, that's just my thoughts. Although I don't like the idea that it's there, and I know I'll download a fixer for Win98 when they code one, I'm not going to panick, because we all knew Windows sucked anyway, right?

Re:begin this!

[mrjinks]

"...Perhaps they have been using it, even in some small, obscure, or very unnoticed way, and we're seemingly not the worse for it."

No spook agency worth their trenchcoats and sunglasses would use a hole like this in obvious ways. They also wouldn't risk discovery by using this back door on just anyone. Relying on the obvious exploitation of a security hole to prove its existence is bad practice.

-m

Well, this is another argument for getting source.

I really don't care about the licence, as long as I get the source. I would preferr GPL, but I want the source. I didn't used to feel that way, but as time has gone on I have changed my mind. The issue is less that the NSA is spying -- we need spies -- but that the whole national security apparatus of the US has ceased to be effective. CIA agents abroad have to meet quotas for recruiting foreign nationals. Not USEFUL foreign nationals, just somebody. They don't meet the quotas, they don't get good reviews. I have had friends who have worked for the NSA, and outside of a few areas, most of these people are carreer beaurocrats making their numbers. Like bosses who make up for management skill by saying that they will fire anyone 5 minutes late, the NSA is making up for the fact that most of the good spies left during the Bush Administration by compromising everyone, so that they can do their work without having to try hard. It doesn't have to be USEFUL work, just something to meet their quotas. The real issue here (well one issue, the other being the utility of having the source) is that we have let the goverment decay to the point where it is a danger to us.

Re:Well, this is another argument for getting sour

So, you're saying that the federal government was, at some mythical point in the past, flawless?

Re:Microsoft Denies Story

[malice95]

Dam I guess this was all just fud and we should
all go home and lead our simplistic lives again.
Boy Microsoft vehemently denied it. I guess we all
must be wrong.


Unfortunatly noone will ever know if their data is
really safe unless someone can build an exploit
that uses a known key pair (replacing the NSA key)
to replace already installed cryptographic modules
with vulnerable ones. Sounds like a project:)

These are scary times we live in..

Malice95

Re:Well, this is another argument for getting sour

I worked at Coca Cola one summer many moons ago (1991) and it was the same with The Formula (you could hear the caps). You didn't even joke about that. Really.

Re:Well, this is another argument for getting sour

Want to know the most paranoid place that I ever worked? ADM. I think that they were guarding corn syrup trade secrets. Can't have those falling into the wrong hands, can we? Of course not. They're worth money.

That does it....

I will never run a piece of Microsoft code at home ever again. As soon as I get PPP working on my home-brew linux system, it's dd if=/dev/zero of=/dev/hda1 for me. But then again, all my comms traffic goes through Menwith Hill - I'm around 15 miles away.

Re:Microsoft Denies Story

[Gentle+Ben]

Regardless of whether or not an actual backdoor exists and regardless of what it does (verifies whether or not illegal software is loaded or permits the NSA to enter your system) do you think that MS could afford to admit to this? There would be such a hue and cry for them to refund money on their software that they would sink from the lawyer's fees much less any funds they actually refunded.

Verification? or Paranoia?

[theonetruekeebler]

Although this certainly does look bad, and adds to the increasingly large stack of reasons I don't like using MS products, I can think of three other scenarios behind this that would make me worry less:

• It's a hook: MS has been reading the same trade journals as we have, and figured this was a valid future possiblity, so like any responsible program designer, they added a hook for future API expansion.
• It's a private joke: Like the cited article said, these symbol names are usually stripped out of the binaries before they are shipped to users. Who among us has never made a facetious function declaration like mangle_client_data()? I suspect that if I were creating a silly and undocumented function in a crypto API at three a.m., I'd probably call it NSA_BACK_DOOR() or something equally wise-assed.
  Early in my career I out an incompletely tested beta to a single customer who fortunately had a sense of humor, because eventually a dialogue popped up on her screen that said "Error: We're fucked as of line nnnn." See, I'd compiled with the -DTEST switch still in the Makefile instead of -DPRODUCTION.
• NSA != National Security Agency: It stands for something like "Nancy's Special Algorithm". Okay, this one's weak, but I said three possibilities and by-ghod I'm gonna provide three possibilities.

  Then again, maybe what we need is a full-blown X-Files conspiracy theory: this really is a back door explicitly added for the NSA, and the programmer, a closeted civil-libertarian "forgot" to strip the .ddl. Why would MS put a government back door in their software? Simple: in exchange for willing coorporation on this vital Matter of National Security, the NSA is going to lean on the DoJ in the anti-trust suit and get any possible consent decree reduced to "write 'Monopolies are no fair' on the blackboard five hundred times." Better yet: six or seven years ago the NSA recognized that MS would control 90% of the PC industry and had DoJ bring the anti-trust suit so they could lean on MS to start adding back doors to sweet FA.

  Or not. Maybe it's just a #define from three years ago that never got commented out. When you've got twenty million lines of code to wade through, things like this tend to get overlooked.
  
  --

Re:Verification? or Paranoia?

[rumba]

sweet FA? desolation boulevard... and using it as a metaphor for the backdoor. keebler, you are gorgeous.

I am now worried...

[His+name+cannot+be+s]

You know, for a long time, I've been not too terribly concerned with the US government's activities when related to 'spying' on it's populace.

For the first time, I am now moving off of that position, as if this little factiod is true, it really means that we should all be a little more scared about the personal freedoms we enjoy.

I'm a little shocked. And a little outraged. This has got to be the most strong argument for Open Source/Free Software that I've ever seen. This sort of thing would^h^h^h^h^h couldn't happen if there were a million peers viewing the source.

Un-fscking-beliveable..

*long live linux*

Re:I am now worried...

"would^h^h^h^h^h couldn't" "Un-fscking-beliveable" What are you some kind of computer doofus? Use normal english (or any other valid 'language') when posting. Use dweebazoid-speak when interfacing with a machine. Thank you.

Verification? was Re:the begining

[Andrew+Gilmore]

This is interesting, but how do you prove it? I mean, all they've got is the fact that NSAKEY showed up as a debugging symbol. Sure NSA happens to be the acronym of a particularly annoying secret government agency, but...

At least, it DOES appear that there is more than one key available in the crypto packages. Whose keys? This should be the rallying call, and since we don't have the code, we can't tell.

This is a VERY good reason to be suspicious of Microsoft products.

How many people actually USE the cryptoAPI? It seems to me that unless you're using this stuff, all of this has no effect.

Andrew
----

Re:Verification? was Re:the begining

[Winged]

How many people actually USE the cryptoAPI? It seems to me that unless you're using this stuff, all of this has no effect.

Unfortunately, everyone who has PGP 6.0 or higher (including the International version) without buying the RSA add-on, and the 128-bit high-security package from Microsoft. Not to mention everyone who uses MSIE.

Specifically, PGP 6.0 and higher use CryptoAPI to provide backwards-compatibility with RSA-signed/encrypted PGP 2.x messages, allowing them to be decrypted and encrypted to. (Unfortunately, this screws the security model a little bit, because since it can only generate a Diffie-Hellmann keypair, the 2.x recipient can't verify the signature.)

When an API is invented, people start using it. Once people start using it, it's dangerous. Ergo, creating an API that has backdoors is dangerous. Period.

Microsoft, fight the NSA.

Re:Verification? was Re:the begining

[abcess]

How do you prove it? Well, if you had REALLY read the whole document, you'd have seen how it was proved. There ARE two RSA Public keys contained in the code. These are readily exctracted from the code, once you have the key, you can verify it's owner from information held inside the key itself.

be afraid, be VERY afraid.....and read more thoroughly next time

Re:Verification? was Re:the begining

[Slur]

Andrew Wrote:

This is a VERY good reason to be suspicious of Microsoft products.

Unfortunately when I installed Microsoft Windows I checked the box that said "Always trust content from Microsoft," so I'm bound by my agreement to always trust Microsoft.

Yeah, I'm a Mac programmer. You got a problem with that?

Re:Verification? was Re:the begining

Who the hell knows what we use.

Re:Anti-Microsoft FUD

Yep.

It pushed you over the limit and you just now this morning installed Linux as a result.

You're trucking in sod again, Linux sodroller.

I dunno...

[mi3ke]

This sounds a bit fishy to me. Would they actually be stupid enough to go to all the trouble to bury a black-ops backdoor in a major OS, and then name it something as obvious as NSAKEY? It'll be interesting to see what spin MS tries to put on this, but I have a hard time believing that the NSA would be THAT clueless...

Re:Come on kiddies....the NSA is MUCH smarter than

[Ishamael]

i don't like you anymore

Read the actual article!

There is no security flaw. There is no backdoor. This is overblown anti-Government, anti-Microsoft FUD.

Re:You couldn't make it up

We will all be involved in public/open robotic space missions.

Because your crappy code will then be raining hardware down onto our heads.

Re:Stop being so paranoid!)

That is right. They need probably cause to search your car, but there are any number of reasons that they can use. On the other had, it is not like the DPS focuses on this, so you pretty much have to get their attention. I have, for driving while really tired. Once they searched my car. They always apologised and told me to go home and get some rest. I can't say that this has made me any more paranoid about the DPS. On the other hand, the DPS has standards. I am not sure about the NSA...

I'm personally certain it's legit.

[Paul+Crowley]

(1) The paper's being presented at a rump session, so it won't appear in the list of accepted papers. It won't have gone through the same rigourous review as an accepted paper, but hell, they wouldn't let the crypto loonies of this world (David A Scott aka SCOTT16U.ZIP_GUY) present such a session.

(2) the _NSAKEY certainly refers to *a* public key. It's a stretch of unusually high entropy data, which nearly always means cryptographic data: even compressed stuff doesn't look like that. Furthermore, it's being fed to BSafe's public key routines: look at the CCC's debugger output.

(3) Micros~1 wouldn't fuck around with that sort of thing. I don't think anyone's going to label a public key "NSAKEY" as a joke.

(3) But the NSA are very likely indeed to put pressure on them to introduce this sort of "feature" - it's quite a common occurence for a guy with a sharp suit to turn up at the offices of commercial crypto implementors and discuss, let's say, how best to speed the export process. In the case of Lotus Notes, they did it entirely above ground, although the Swedish Government didn't read the small print when they banked their information system on Notes and they were quite annoyed to discover that the NSA had a way in.

Put aside your speculation: this is the real thing. The NSA hold the private key that allows their software to do pretty much whatever they want to the CryptoAPI system, if you'll consent to run any code they've had their hands near. And we all know how tricky that is.

Personally, I'm ecstatic: the unearthing of this information is a huge boon both to the Open Source and crypto-security communities.
--

Peer review

this is being presented at Crypto '99, not Def Con Two. It's peer reveiewed, guys, it's pretty much bound to be legit.

According to the webpage this was presented at the rump session, thus it wasn't peer reviewed before presentation. It probably was reviewed during and after presentation, though :).

Peeter

Re:Peer review

[Jonny+Royale]

If it was presented in a rump session, it should be on the Rump Session schedule, shouldn't it? I don't see it...unless that "Bill Gates' Private Key" part is it...

A "sodroller"?

[MenTaLguY]

...enh, basicaly an "astroturfer", from what I can figure.
Berlin-- http://www.berlin-consortium.org

This reminds me of a DeepSpace 9 episode

[rottz]

This whole NSAKEY thing kinda reminds me of a StarTrek DeepSpace 9 episode, where they found out that odo was infected with a virus and this happened when he had a federation health checkup. So they sent a message to federation HQ and told them they had the cure for odo's infection, so it would lure a guy from Section31(the federation's NSA). It worked and some guy named "Sloan" shows up looking for it, but then finds out it was a fake message. He tried to say it was done in the best interest of the federation, because they wanted odo to link up with the founders(leaders of the dominoin) so it would kill them all. Which is not related to putting a backdoor in a computer OS, but does show how governments try to excuse their own actions by sayings "It WAS in the best interest of national security". So I am looking forward to how MS/NSA is gonna spin things, their PR departments must be going CRAZY right about now!! NSA will probably put all the blame on Microsoft or people in Microsoft will be having some mysteries accidents!

Games are that important to you?

Hey, I'll ride a bike (one of the few things I can still do without a license in this country), or read a book, or throw a frisbee, before I'll boot up an NSA-compromised operating system on my computer just for entertainment.

Enlightening NTBUGTRAQ Listserv posting [Long]

[jedinite]

Sorry about the length, but this very well written email from Russ posted to NTBUGTRAQ does a perfect job of laying out all sides of this issue...

-----Original Message-----
From: Russ [mailto:Russ.Cooper@RC.ON.CA]
Sent: Friday, September 03, 1999 2:58 PM
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: Alert: CryptoAPI and _NSAKey issue


-----BEGIN PGP SIGNED MESSAGE-----

This is also available at http://ntbugtraq.ntadvice.com/_nsakey.asp

Whoa horsie...

I had a long chat with Andrew Fernandes this morning, as well as
another chat with others, and of course I've had a ton of messages
sent my way with various links to various stories about the issue.

I wanted to get a few things straight before I sent this message, but
given how quickly things are spreading it makes sent to send something
interim.

Ok, so here's what I can tell you.

1. Andrew's speculation about the _NSAKEY being a backdoor for the NSA
is based on;

a) The variable is called "NSA".

b) Its a second key, not known to exist in Windows previously.

c) What possible purpose would a second key serve?

d) Its presence, arguably, weakens CryptoAPI (Andrew explains this on
his website at ,
I'll elaborate more later.

2. Sources close to Microsoft say that the key is a "Backup" key. It
is owned by Microsoft, and only Microsoft have the private key to it.
The key was named "_NSAKEY" because the NSA insisted that Microsoft
include a backup key in their CryptoAPI before the Commerce Department
would approve its inclusion in NT 4.0.

Editorial
- ---------

There's a bunch of somewhat understandable furor going on over the
idea that the NSA might have a backdoor to Windows. Unfortunately,
however, all of this is based on a variable name. Anyone who programs
knows that variables might get named anything for a variety of
reasons. One would expect that they would be named descriptively, but
alas, not everyone follows such stringent conventions (can you spell
"Easter Egg"?).

The Conspiracy Theorist's theory goes;
- -------------------------------------

- - The NSA has a signing key on your box.

- - The NSA can implant a Trojan to replace the module which performs
encryption on your box with one that doesn't perform encryption, and
because the failure of signature verification against Microsoft's key
is silent, they can get their trojan'd app up and running without you
being any the wiser.

- - The NSA can then sniff your traffic, now being conducted in
plain-text.

There's obviously a ton of variations possible on this theory, they
take your private key, they replace your key with another, etc...

They only have to get a Trojan to you and get you to run it, and as
those same Conspiracy Theorists always say, there's
likely bugs in the OS designed to allow them to do
this...

Yeah, could be true.

My take from Microsoft's Perspective;
- ------------------------------------

- - We want to have one build of our products that simultaneously
supports weak or strong encryption functionality.

- - We want to be able to ship this one product world-wide, changing as
few bits as possible for those that are being shipped outside the U.S.
and Canada.

- - We'll build an API (good, bad, or otherwise) that allows the
controlled bits to be inserted into an infrastructure, then get the
infrastructure approved, and all will be good.

- - Commerce (with advice from lots of people including the NSA),
agrees, and tells Microsoft they have to sign everything that can use
the infrastructure. That way, Microsoft can ship its product anywhere,
and Commerce will know that only those products that have been signed
by Microsoft will be able to run on the OS.

- - You want to build a Cryptographic Service Provider (CSP), the module
that performs the encryption, you gotta get Microsoft to sign it for
it to run. Microsoft doesn't sign anything that doesn't have the
appropriate Commerce Department Export approvals first.

Wonderful, life's good, Microsoft doesn't have to manage multiple
versions based on Crypto-strength, folks can implement whatever crypto
they want (assuming its Commerce approved).

Oh, the second key, I almost forgot;
- -----------------------------------

I'm told the NSA insisted there had to be a backup. No explanation as
to why yet, that's what I've been told. One theory that made a lot of
sense to me was the simple idea of;

What happens if Microsoft's key is ever compromised? Well, they'd
simply revoke it, right? Yeah, but the problem is that you'd have no
way of telling a Microsoft system that there's a new key. You'd have
to rely on the old one to tell it about the new one. But if there's a
backup key, and they're kept separate, you could use the Backup to
verify the new key to replace the primary.

That's only meaningful to Microsoft since there's no revocation lookup
being done on the primary anyway. Microsoft would have a way to
salvage its name by using a new key. In practice, this would be near
impossible to deploy, but hey, at least there's a way to do it
securely.

BUT!!!
- ------

Andrew's discovery goes beyond this NSA stuff. There's a real issue
here. Andrew has found that by replacing the _NSAKEY with one of your
own, you are able to add a CSP to the system signed only by you. This
by-passes Microsoft's signing controls (the ones Commerce needed to be
in place to allow Microsoft to ship its products world-wide).

As Andrew says, "Export controll is effectively dead for Windows."

More importantly, it means you can add a CSP that does whatever you
want it to do, and then modify existing Windows .dlls that call
CryptoAPI such that they are signed by you instead of Microsoft. This
will cause them to fail the Microsoft signature verification, but
they'll pass verification against your own signature. Windows will
silently let them run and do whatever it is you want them to with the
CryptoAPI environment.

In theory, you create your own CSP to replace Microsoft's supplied CSP
(implementing whatever you wanted in it, say boosting 40-bit to
128-bit), modify the second key to one of your own, install your CSP
over Microsoft's, and fire up any application that uses CryptoAPI. The
signature will fail Microsoft's verification, pass yours, and
everything should work as if you had a U.S./Canadian version.

Fortify for Windows NT (I'd sure love to see
that implemented, anyone up for the challenge?)

It also means the encryption you use on your system could be
compromised in the same fashion, assuming it relies on CryptoAPI
(hasn't this been called for by the U.S. President's commission?)

Andrew's demonstration program effectively proves most of this;

http://www.cryptonym.com/hottopics/msft-nsa/Repl aceNsaKey.zip

On the other hand;
- -----------------

If there were only one key present in the system, Andrew acknowledges,
then this wouldn't be possible. However, it would still be possible to
subvert the export controls by trojanning all of the necessary .dlls
used with CryptoAPI with ones signed by your key, and then replacing
the Microsoft key with your own. Its a lot more work, but it would
still achieve the same results.

Nobody is suggesting that any of this is a Remote Exploit, or
something you have to worry about receiving in Email. Sure, Andrew's
program demonstrates that a running application can subvert the second
key and implement its own CSP...in memory...which is possible but
unreliable.

Bottom-line:
- ------------

I think the NSA thing is being over-hyped. Sure, its possible, and we
need Microsoft to make their official statement about it to have it on
the record. Once they do, if anyone can prove its not their key I will
happily help them. I doubt anyone will...although I also doubt that
people will readily accept that it is a second Microsoft key (who
killed JFK?)...maybe Microsoft can sign something with the second key
so we could verify it somehow??

Meanwhile, the risk of your system's cryptographic methods being
exploited is limited while folks figure out how it could be done
effectively. I'm looking at how you could audit access or
manipulation, but what's really needed is a TripWire-like
functionality (http://www.tripwiresecurity.com/). Alternatively,
Microsoft should build-in some additional mechanism to verify that
something that should be Microsoft signed, really is Microsoft signed,
and not a blind failover to the second key.

As to the issues of a third key in W2K, I have no information
regarding this beyond what Andrew has said.

More as information becomes available.

Cheers,
Russ - NTBugtraq Editor

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2

iQCVAwUBN9AoOBBh2Kw/l7p5AQEArgQApuinKKbm2VgQ3etb 6mm4MPu2IPiO4Orr
lhhzz3yYNqCJW0kgubSiPcZoOyHvD3VU2IXLk4CKRqeIhQEz 1UXJhJWF11qYF888
pJQpo08ejP3aozx7AB4+37O7gWkLGcH+wAC8siMpOMMUjgHJ UhkzOZ0Fa+tbXxt3
ntSOJU8kXus=
=Ihd3
-----END PGP SIGNATURE-----


---------
Titanic Wrecking Crew

Re:Enlightening NTBUGTRAQ Listserv posting [Long]

It's a fairly good discussion. I also made a post about it below, but just included the URL rather than the complete text. You can read my comments in that post subject; NT bugtrac's take.

This is what a coworker had to say:

[jtseng]

Microsoft CSP architecture closely resemble the Intel Common Desktop Security Architecture (CDSA).
These architectures were designed to allow third parties to easily extend or add (1) Cryptographic Functions,
(2) custom Security Policy, and (3) internal or external Key Storage functions. With this architecture,
users are presented with many choices of CSPs and can select any of the available CSPs
for encrypting messages.

Normally, Crypto Service Provider (CSP) manufacturer such as SmartCard vendors will
first submit their devices' public key to Microsoft.
Microsoft then incorporates the key into the Trusted Computing Base of the Operating
System. Upon loading of the CSP module, the public key is then used to authenticate and integrity-protect
the CSP codes and devices. In the final release version of the Window 2000, we will see other public keys
installed, in addition to NSA and Microsoft's keys.

Why is NSA public key pre-installed on the Operating System? My guess is that the NSA CSP contains
the necessary protocol for recovering encrytion keys thru third party agent known as the Key Recovery Agent (KRA). These key recovery functions are absolutely required on systems deployed in Federal agencies.
The Key Recovery Protocol is an emerging standard. And only specially designed Cryptographic
functions that have third party KRA's key embeded can recover keys.

Details on CDSA and Kery Recovery Protocol can be found at:
http://developer.intel.com/ial/security/document ation.htm
http://www.kra.org (Key Recovery Alliance web site)

Today's English Lesson: Oxymorons

Re:Computer "BUG" (NSA listens in)

Interesting, just checked this across a couple of schematics. A high frequency might just do the trick, as long as you were very close to the terminal equipment. Namely, the high frequency might create an effective short across the hook switch. You could moniter the power consumed, and the signal would be noisy as hell, but in principle it might just work.

The only catch is that this would only probably work on an all discrete set. Most modern phones use an IC to handle the Dual tone and key-pad. And the Microphone is connected directly to this IC. Since their is no mechnism for providing the DC signal necessary to drive the IC without actually closing the hook switch, it is unlikely that the variable resistance of the microphone would make a detectable difference in the power consumed by the device. But I can't say that for certain as I don't have the technical specs for such ICs sitting in front of me.

The point is that, while this sort of spying might work on older telephone sets, it doesn't seem likely for anything modern... at least not through this particular mechanism.

Running screaming to Linux?

Windows is beginning to make me sick. I'd switch to Linux, if only they'd support the latest and greatest games. Q3 is a start, but not enuff to push me over the edge.

Re:Running screaming to Linux?

[matt_king]

Sorry to be a "Me too", but I have to agree with the above comment. I am a gamer above all else, and right now Linux just doesn't have the games I want to play. Quake3Test is fine, and so Is Civ:CTP, but we need more than that.

Re:Running screaming to Linux?

So do that!

I can already guess at the responses to this. But what nobody in the entire linux community seems to grok is that you can use different tools for different purposes. Do you think the NSA cares if this guy plays Duke Nukem 3000 or whatever? Dual boot, use Windoze for what it's good for... who cares? 3/4 of the people I know who run Windoze sure as hell didn't pay for it anyway. So just what is your problem? Ideological? Sorry, but I live in a practical world, and it's just as practical (at this time) to use an alternate operating system for anything I actually care about, and Windoze for crap, as to spend 3 hours out of every day trying to hack and slash things to work the way I want them to. I'm just not that bored, yet.

Re:I don't think it's for spying on people

[dracosystems]

OK, I've been very curious about this myself, and I know the key wouldn't be called nsakey for the simple reason that those types +have+ to come up with a name for the project, like ohh, Silent Storm. However the mechanism still bothers me. I am rusty on the mechanism here, but as I understand it, if you have the correct private components of either of these two keys, you have the ability to remotely change crypto behavior on an NT system ?
I guess in essence, I am quite curious about who holds each of the private keys that go with the public key information, and what rights can they extert through that key ?

New Distributed.net project? Find the NSA Keys??

[Dios]

Why not try to find the keys? That would be a serious blow to microsoft/nsa security.

But it goes in the reverse too...

[mosch]

How many times have you seen those three lines and wondered 'what do they do?' and decided to trace them? With open source it's terribly easy to do so and if I noted three lines of code in PAM which allowed access via a third party, I'd certainly be quite public about my announcement.

Wrong question...

[Millennium]

Unquestionably it's illegal. It violates the Constitutional ban in search and seizure without a warrant.

The question is, "Does the NSA care that it's illegal?" The answer is, undoubtedly, no.

It's hard-coded, not simply pre-installed...

[MenTaLguY]

Why is NSA public key pre-installed on the Operating System?

I was wondering that too, except the key is not pre-installed, it is hard-coded .
Berlin-- http://www.berlin-consortium.org

Re:Well, this is another argument for getting sour

I have friends who used to work for the NSA and they hated it. They hated the fact that no one takes you seriously if you don't live in a suit, the fact that it really is Department of Defense and as much fun as boot camp, and that people are often real jerks to each other. It is interesting to hear their comments about movies like Enemy of the State (comments like "Yeah right, like we could get a satellite moved around without 30 signatures, 20 meetings, and ten days notice"). They had some fun, but they were not happy. And the NSA is a baaaaaad place to be if you are a Christian (as in, you like Bible study, not that you handle snakes at your desk), because they see that as compromising you, like secret homosexuality. I think that this is because they would like people with a somewhat blank moral slate and feeling strongly about an independant moral authority might make you say no. Of course, the worst thing that I ever heard about was people smuggling in good coffee, but perhaps I just know the boring nerds! ;)

Re:Comedy of errors

[Jonny+Royale]

I see two more:

• It's a trap by M$ to find out if you installed any illegal software...
• It's a trap by the writers of the press release so they'll see how many people install THEIR patch, and make themselves vunerable this way..

Re:Wait just a second...

[Black+Parrot]

> Too bad Windows isn't open source so we could all go check it...

I suspect we'll have massive lawsuits filed within days, and a resulting court order to open the relevant parts of the code.

If the Administration opposes the suit, or if Microsoft loses some more source code, that will tell us all we needed to know anyway, won't it?

Meanwhile, it's fun hitting the news sites every few minutes to see the pecking order of how the story propagates.

How could this be used to break in?

[muwahaha]

Can someone tell me precisely how the NSA could
use this to break in to someone's computer?

My understanding is that this key might be used
by a computer to verify software downloaded from
the internet. Will the operating system accept
software signed with any of the three keys
mentioned in the article? This should be easy
to check, if as is claimed in the article, the
key named NSAKEY can be altered.

Even if that's true, the only way I can think to
exploit this is to convince the target computer
to download a cryptography module or whatever
from a site I control. How could you do that?

Alex.

Re:How could this be used to break in?

As I read the article, it's a cascade. Receiving a signed module, it first checks the MS key, then the NSA's key (all those with other speculation about the meaning of this acronym can duly hang your heads in shame. MS's own statement confirms it.), then the mysterious "third" key. If it fails the one test, it goes to the next. The security model here is "trust Microsoft" - already scary, but now this other module can do things even beyond MS's knowledge or control.

Re:How could this be used to break in?

The CSA modules verify all privileged access coming over the net. If someone were to replace the NSAKEY with some module of their own (using Back Orifice perhaps? Or one of NT's myriad holes), they could have the OS accepting modules signed by them, rather than approved by Microsoft, whom you trust (according to MS). Once this is in place, your browser, for example, may execute any kind of hostile applet signed by the intruder, grant it file system access, whatever. Part of the problem is that, when a module fails MS module check, it cascades to the next level automaticallly, where the intruder module can approve it.

Re:How could this be used to break in?

[malice95]

The theory is:
If this is the NSA's key, and they have the other
half of it. Then, it may be possible to get a user
to download software and install it or break in
in the middle of the night and install it. The
software would be signed with the other half of
the key. If the operating system accepts multiple
keys for software installiation authorization
beyond MS's key then it would accept the NSA key.

The nsa software could replace a current
cryptographic module rendering that encryption
method usless for security.

This could comprimise all sorts of data such
as passwords, 128 bit web transactions, vpn
networks, encrypted files..etc..etc. By replacing
the software used to generate the encryption you
can effectivily nullify the encryption.

You could get someone to install your special
code in many ways..

A virus, active X is full of holes, hiding it
inside popular software, breaking in and
installing it yourself..etc..etc. This would
be a very difficult attack for a cracker to
perform as they would have to replace the nsa
key first but it wouldnt be hard for the nsa
to do it with all the power of the US goverment
behind them. Of course noone has proven any of
this yet.. give it some time, I am sure someone
will come up with something to prove or deny this
possibility.

Malice95

Re:How could this be used to break in?

[muwahaha]

OK. I'm amazed that this topic has generated almost 500 responses in that case. Alex.

Re:Computer "BUG" (NSA listens in)

[overshoot]

Jburkholder wrote:
Geez, too bad the NSA doesn't have anything better to do than spy on average computer hackers. Guess they got tired of interecpting everyone's email and following foriegn nationals around watching for them to rent u-hauls and buy fertilizer.

Paranoia aside, there are a number of reasons to be upset about the NSA installing backdoors.

• They've already been caught reading supposedly-secure commercial mail and passing the fruits to commercial competitors. They may not be interested in your sex life, but do you want to have your business available to your competitors?
• A large part of the security of encryption lies in the fact that any given key is of limited value -- you can only read one person's mail, etc. If that key is a backdoor to every WinNT box on the planet, though, the picture changes somewhat. In the end a security hole is a security hole.
• Keep in mind that the NSA is first and foremost a political entity. RIght now they're trying to convince Congress to pour lots more money and power their way based on the supposed insecurity of computers in the USA. Their chances of success are obviously improved by reduced computer security.

Slashdotters Take Leadership

1) The US Government want to invade your privacy and control you by any means necessary. The NSA key in Windows is only one of many such programs, to be sure. 2) Also, this week, the truth comes out that the US agents and Waco (i.e. David Koresh) used incindiary grenades against civilians (i.e. men, women and CHILDREN). What kind of rescue attempt or law enforcement is this? The time for talk is over. THE FEDERAL GOVERNMENT OF THE US HAS DECLARED WAR AGAINST ITS CITIZENS. All necessary politcal actions must begin now. I support peaceful protests, strikes, boycotss on a large scale and let them escalate it from their.

Re:Well, this is another argument for getting sour

[Hobbex]

Thats funny, I found it quite conforting.

Oh, wait, maybe you are on the wrong side of the corrupt, effectively totalitarian, world repressing regime...

-
/. is like a steer's horns, a point here, a point there and a lot of bull in between.

"Unknown Third Party"??

[Brother]

Excuse me? Microsoft goes 'I'll lie back and
let all you government agencies blatantly
compromise the flaccid security in our
products'

How much do they get paid? Or is this more
sinister? Perhaps the DOJ will magically
let them off the hook?


--------------------------------------------

Re:"Unknown Third Party"??

[shadrack]

Maybe the have incriminating videos of all the senior MS execs? Just kidding.

enh... I think not

[MenTaLguY]

Has anyone considered the possibility that Microsoft deliberately left the symbol in, to reveal NSA's presence without risking liability? Or is it just easier for you to blindly attack Microsoft given the slightest excuse?

Replace Microsoft in that sentence with any other major corporation -- Occham's Razor still applies. I could possibly buy that this was deliberate on the part of an individual employee, but I find it highly improbable that the management of ANY large company would make that sort of decision.

Berlin-- http://www.berlin-consortium.org

Re:Can you say "jumping to conclusions"?

Here Here! Spreading FUD like this is not a good advert for the open source community. You obviously don't believe in your systems to beat Microsoft if you have to jump on a piece of crap like this! _NSAKEY, present in the debugging info. Hmm, like this proves EVERYTHING, ja? Perhaps the opensource community should learn to THINK before jumping - the drop may be longer than you think. Well done (sincere) to all of those who have called this into doubt. That shows responsibility and maturity many /.ers don't seem to posess.

There is no backdoor, so no problem

The "lock" this key controls is that of adding more service providers to your system. It isn't a backdoor into anything encrypted via any other provider. It doesn't allow the key holder access to your private data. Relax.

What having multiple keys means is that multiple administrative enties are allowed to install other crypto packages on a Windows box without the rest of the Windows crypto package getting upset. The only reason Microsoft even locks this down is because US government export laws on encryption technology retrict them for making it "too easy" to install strong crypto. So to prevent someone from easily dropping in strong crypto, they had to add this key. The ironic thing is that it appears to be the case (assuming that this NSAKEY belongs to the real NSA) that the NSA wants to be able to drop in its own strong crypto without asking Microsoft like they make everyone else.

Offtopic?

SOME moderator can't handle analogies!

cripes!

Come on kiddies....the NSA is MUCH smarter than...

[mattz]

...that! This must just be some M$Programmer(tm)'s idea of a cute joke!

It's NOT a backdoor!

Read the article!

Re:We let the government decay to a dangerous poin

Yeah, but on the whole, the vast majority of the FBI's time was spent chasing around bad guys and it would have been hard for incompetence to flourish. As it is now, the FBI crime lab, which was the model for the world, is a joke. This is just sad and it shouldn't have been allowed to happen. Hoover, for all his faults, largely kept standards up. No, the hipocrysy of him enjoying the taffeta while pursuing other homosexuals isn't lost on me, and neither is his persecution of Reds, of civil rights leaders, and so on, but on the whole, the old, cranky FBI was dramaticly more effective.

And I am not sure that you are correct about the enemies list -- I think that this was just Nixon and that Hoover was actually on the list. I think (obviously, you may correct me).

Sounds like a Canadian

I'm willing to admit I could be wrong, and his story certainly fits into my model of the US intelligence community as barely capable. But, the language he's used here tells me he's either a Canadian or a Brit. Most likely Canadian.

Re:Sounds like a Canadian

Nuh-uh, Canadians are much closer to Americans than to the British in their writing (all that american TV and magazines gets to our heads after a while you know). This guy does sound european though.

All microsoft products will be removed

[Da+w00t]

From any computer system I run. This is just totally fscking insane. I am in complete shock. I'm going to go out and buy a copy of vmware to keep microsoft where it belongs.

Re:All microsoft products will be removed

What is a sodroller?

Re:All microsoft products will be removed

[Tony-A]

anonymous cow with a bad case of .....

Re:Well, this is another argument for getting sour

What exactly do you mean by "the NSA is a baaaaaad place to be if you are a Christian?" I have heard a lot of weird things about No Such Agency, but I am not aware that they have an on-site colosseum, lion pen, and so on. Must beat watching pigeons during lunch though!

That was a theoretical attack

and never implemented

please don't spread FUD.

Re:That was a theoretical attack

Bzzt. Wrong.

See http://attila.stevens-tech.edu/~khockenb/ken_thoms on_trojan_cc.txt for the full story.

This is why there will be a Y2K disaster...

[Kymermosst]

Okay, here we go...

A symbol called "NSAKEY" from an unstripped binary is immediately taken to mean the U.S. National Security Agency, without any evidence whatsoever.

Someone decides it MUST be the U.S. National Security agency, and presents it as such, with no evidence to back it up. A purely opinionated and paranoid assumption.

For kicks, I looked up "NSA" in my dictionary... it stood for five different entities, only one of which is the National Security Agency.

At any rate, it ends up on Slashdot and provokes the usual knee-jerk reaction. While it's possible that the paranoid assumption is true, it's still not known, but yet was presented by the media as the truth.

This is why, even if 100% of all computing devices that used dates are corrected for Y2K, there will still be a Y2K crisis. Paranoid assumptive reactions like the one we witness here and now.

All because a symbol in an unstripped binary from M$ is called "NSAKEY."

Incredible, isn't it?

Re:This is why there will be a Y2K disaster...

You idiot! You're so dogmatically committed to the viewpoint that makes you feel secure that you will continue to argue what Microsoft themselves have already conceded. Go read the Wired Article cited earlier. Microsoft Spokeman's Robert > Culp said the key was added to signify that it had passed NSA encryption standards. So Microsoft themselves says the key refers to the NSA, but in your delusional world, this is still not the case. I suppose you think Microsoft accidently said that when they really meant it stood for "Nancy's Silver Armadillo" or something. Your view of reality is so delusional, it is incapable of even percieving when it is already refuted.

Re:This is why there will be a Y2K disaster...

[Kymermosst]

I personally don't care. I don't use Windows, and I don't give a damn what happens with it. And the wired article wasn't referred to when I read the Slashdot posting.

At any rate, it really doesn't matter. It's not a "back door," and Microsoft owns the key. I don't see a problem here except that you can replace the key. But that's typical of M$ stuff anyway. There's no remote exploit, and Windows will never be immune to local attacks.

At least Microsoft follows some of the laws, right? It was mandated by an agency that has the granted authority to require what it does. You don't like it? Maybe you should think about how you vote the next time you are at the polls. Or maybe you should become a politician. All you people bitch about the goverment doing what it does, but the percentage of eligble voters doing anything about it is slim to none. Blame yourselves.

On another point: Before you go calling me an "idiot," and saying I have "supposed" things which I have not, and calling me "delusional," you'd better learn something about me first. Until then, keep your presumptuous remarks to yourself. I did not see the wired article when I posted my comment, which I did immediately after reading the "press release" that made mere assumptions about the "NSAKEY" well before M$ said anything. So, excuse me for doubting a vague and assumptive piece of "journalism."

Now it's my turn to make some presumptuous remarks about you. (An eye for an eye, to say...)

You probably believe everything you read in print or see on TV.

You are probably only worried because you use M$ software.

You probably vote democrat.

Re:This is why there will be a Y2K disaster...

[Kymermosst]

Well, if you believe the horse's mouth, it looks like I was right to doubt. A perfectly logical, and probably truthful explanation, even if it did come from M$. It may have been an NSA requirement to have two keys, but... OMG, the NSA doesn't own either one! Imagine that.

So, while the NSA requires a backup key in case of compromise or disaster, they are not promoting "back doors" in products, at least not in this case.

At least I know I don't jump to conclusions. It would seem my view of reality is not so delusional after all...

Of course, I can't really believe M$'s explanation, but I'd rather give them the benefit of doubt rather than immediately jump to the conclusion that the NSA has a backdoor to all copies of Windows. They don't have the time, budget, or manpower to make use of something like that. I'd sooner believe that the NSA mandated the Windows Number and PIII PSN, so that they could track down people and confiscate their stuff, than to try and compromise machines remotely. They may be a big, bad, nasty government agency, but (a) they are in charge of domestic security, not international intellegence. (b) being a government entity, cost is always an issue in an age of budget cuts, and it'd be a lot cheaper to raid someone's home a la BATF or FBI than to sit there and hack their machines remotely.

BTW, I've worked for Uncle Sam, and I do know what goes on in government. It's more red tape, hype, and wag-the-dog type stuff than proactive "spying on the public" type stuff anyway. Why do you think people believe that the government keeps extra-terrestrial creatures and technology at Area 51 of Groom Lake? See my signature line. Why do you think the government doesn't deny it? Because they want people to believe that, instead of finding out the truth.

Re:This is why there will be a Y2K disaster...

Well, you got one thing right: you cannot accept the MS explanation. The premise is that they need a backup key in case the original key is *physically* destroyed. Microsoft never heard of data redundancy? Have the private key in Redmond, in Japan, and in Rio, say? Preposterous. Hence, we can dismiss the Microsoft story not on the basis of what either you or I would "like to believe", but on logic, much better grounds. Current score: yes, NSAKEY refers to the NSA, no, MS has still not come clean on the issue. Your initial post repeatedly described those who sensed the fingers of the NSA in this as "paranoid", commonly taken to mean "delusional". You did this with a sarcastic and insulting tone on the basis on your *assumption* that these beliefs were *probably* false. You had a certain vision of reality, of what sorts of things are "credible" and were indeed insulting to those with a different view. When your vision proved false, and the one you ridiculed (as least with regard to the connection between NSAKEY and the NSA) proved true, I gave you the same tone you put out, and you cry "foul!" and start muttering about presumptiousness. Look in the mirror, bud. Now you admit, to the extent of being coherent at all, that you know the MS position doesn't stand up, but you would "rather" believe it. I'd rather believe in Santa Claus, but place more value on critical thinking than that. As for your own "presumptions", no, you're continuing to strike out - I usually vote third party, I don't believe everything I read or see on TV and in fact the anti-paranoid line you expose is the viewpoint bludgeoned into us by the media, "conspiracy" being presented only as fiction, e.g., X-files, and ridiculed as a serious suggestion, even when presented by the First Lady. My employer does force me to use Windows, but I also use Linux and Mac, not that any of that BS is appropos of anything. I suppose if you can't make a case on topic, you can always wander off into a smoke screen of irrelevancies. I would like a more respectful discussion, actually. But I'm tired of the double standard. If you're going to attack "paranoia" with sarcasm and contempt, you should expect the same in return. And not run off into irrelevancies when you lose the argument.

Re:Wait just a second...

Actually, NSA in this context stands for Not Secure Anymore.;-)

Or perhaps, it should really should be FBIKEY. Naming if NSAKEY is the FBI's idea of a joke.

Re:This is NOT a backdoor to government spying!

> This key is not a backdoor that allows the NSA
> (or whoever) to read encrypted data.

though it is not one, it can be used to weaken
the security of data encrypted with CryptoAPI


> This key is merely a control that restricts who > can install additional security service
> providers into Microsoft's crypto framework.

i see that neither in the pressrelease nor in the code in the screenshots.

to me this looks like a backdoor to install cryptohooks not signed by M$.

Re:Then what the hell is this?!!?

[Rational]

They seem to come from UUnet... Is that the NSA's backbone?

"Crypto With A Hole"

[richi]

1. This is Microsoft's solution to the "cryto with a hole" problem.
2. It's no secret that Microsoft put this into CryptoAPI, I've heard MS people talk about this in public seminars 12 months ago, at least.

The "hole" problem is that it's illegal in many countries to export a system that would allow pluggable crypto modules to be added. Hard to define exactly what such a system is (and isn't) to my mind, but there you are. Probably sufficient legal test that the "intention" was there, but I'm not aware that this has been tested in court.

CryptoAPI is a classic c-with-a-h setup -- you can install "service providers" that implement alternate crypto schemes (rather like we install an OpenMail service provider into MAPI to make Outlook work with OpenMail).

The deal they struck with the feds was that the SPs wouldn't work unless they were signed by MS *or* the NSA.

As I said, the *existence* of this system is not a secret, but the location of the code was (at least de fecto).

I'd bet that few people at MS actually figured out that they had to prevent a binary patch, let alone decided to strip the symbols to prevent it!

Re:"Crypto With A Hole"

[bookemdano]

Back at the beginning of the anti-trust stuff, when there were settlements out of court, I speculated that M$ might have cut a sweet deal with the feds -- that they might have avoided further prosecution by placing a backdoor in all future versions of Windoze.

But this seems even worse, if this backdoor has existed since the release of Windoze95. Or is it just that the backdoor was added on later in patches and updates?

Re:We let the government decay to a dangerous poin

Are you "the infamous tms" or are you just a fan of IBM's methods of tape management?

You're joking, right?

[Kythe]

'Though so. ;^)

Kythe
(Remove "x"'s from

oooh is my face red

Ken wrote: the compiler was never released outside.

Original FUD spreader wrote: He claimed the trap door existed for years on many ports of UNIX. Any port of UNIX that was built using a cross-compiled version of the original C compiler had it.

Shit, so maybe it was implemented, but never released. big fscking deal. Its still more correct than the original poster's implication that we may still be running a C compiler with a backdoor like this in it.

Re:Well, this is another argument for getting sour

No, but that it was a lot less intrusive. The MBTE deal was instructive for me because the government had to ignore overwhelming evidence that this was a bad fix, that it would have lasting problems, that it would be expensive, and that it would likely come back and bite them. That is a big, hairy deal. Someone should pay, and class action suits are gearing up. And there was no ambiguity here. I guess that I think that I have seen the goverment grow more and more irresponsible over the last fifteen years. I don't think that I am just paying more attention now.

Computer "BUG" (NSA listens in)

If the NSA can download and execute arbitrary code on a windows machine- Then they could turn on the microphone and send the sound to them. Imagine having the capability to listen to conversations through every windows computer in the world. Not a bad idea- have people pay to bug themselves. -M.E.

Re:Computer "BUG" (NSA listens in)

One little problem, I wasn't aware that the output connetion to your speakers from you sound card could double as an input directly to the A/D. But maybe I'm wrong on this.

Re:Computer "BUG" (NSA listens in)

[Zigurd]

Speakers, yes: Plug your headphones into your mic plug and yell into them. Cool.

Trouble is, the voltage won't be interpreted in any useful way by the DAC. This part does not work backwards. So unless you plug your headphones into the wrong plug, you are "safe."

The laser on the window hack works, too. I tried it when playing with using a piezoelectric crystal, a mirror, and a photocel to amplitude-modulate audio onto a laser beam for a high school project. Bouncing it off a window (old single-pane windows work best) gives you noisy but usable audio. You need a clear shot to and from the window, though, which was the hardest part, and you cannot start the path from below the window unless your receiver is way up high.

Re:Computer "BUG" (NSA listens in)

[discore]

last i heard there isn't a magical way to get into a computer via power cables or something. the box would have to be on the net. so that eliminates a bunch of boxes. second off, i dont think it quite works like what you explained. go read the article a little more careful.

Where would you look?

About the posts on this thread that says that NSA would be too smart to put anything like this more or less readable to anyone ... Where would you hide something? Somewhere hard to find where everyone is searching or less hard to find where people aren't looking or suspicious about what they find? The "real" NSA guys/gals are brilliant - never ever question that. They're probably smarter than you and I. Ever read "Art of War"? Never underestimate your enemy. Think about it.

Re:Encryption is needed now!

[um...+Lucas]

That anonymity on the net is gone, hasn't existed, and won't exist... Think IP addresses... your ISP knows it... Did you ask them how long they keep their logs when you signed up? Who runs Anonymizer? What are their creditials? Face it, everything you do or say on the net is and will be traceable.

Encryption can help, but it doesn't defeat traffic analyis. And unless everyone is using it, encrypted communications serve to raise warning flags, that "this" message is supposed to be secret... And PGP, as simple as it is, is too much to bother people like my mother with... No matter how alarming it is to her, she'd then have to explain to all her friends how to use PGP as well... Not a simple task.

Re:Well, this is another argument for getting sour

[Zigurd]

I thought Jimmy Carter and Joan Claybrooke (sp?) take the rap for 55.

I don't recall my Dad slowing down in the Nixon years. The EPA, on the other hand, we should'a impeached him! Oh. Never mind.

Another interpretation

[jabber]

Towards the end of the overview part of the article, there is a blurb about foreign IT managers now being able to replace the weak encryption shipped (exportable) from the U.S. with strong encryption of their own choosing...

Since Windows is a U.S. product, it is subject to U.S. export regulations on strong encryption. This gaff in security may be an oversight, or it may be a way of enabling strong security usage, without torquing-off the D.O.J. any further than it already is.

Though, I don't see why M.S. would not just provide 'replacable' security.

Then again, given M.S. 'reputation' with security, it is unlikely that they would actually do something benevolent in the area. Still, something to think about... M.S. ServPack5 now allows foreign companies (in fact all users) to keep the NSA from peeking in their drawers.

Re:Another interpretation

[griffjon]

This whole shebang is likely the deal MS worked out (like key escrow) to export CAPI (Crypto API). In normal crypto, if you want to export better than 40/56 bit (56 if you're financial), you have to give in to key escrow (what ZixMail does, what Hushmail moved to the British West Indies to avoid).
So for software, what better method of key escrow than to give the NSA a backdoor into the API?

Still, a good reason to move to open OS'es, for the simple reason that it took until now, through reverse engineering and an oops in the SP5, to find this out.

Open Source High Encryption? Beside pgp?

[malice95]

Are their any other open source HIGH encryption
products out there like 2k bits + that will work
with windows and linux? Something that me an my
friends can use to exchange files and email without concern of it being intercepted and cracked. Also possibly encrypting files locally
on the hard drive? I am not sending gov secrets
out or anything but My privacy is mine damit.
If this story is true then I suppose even pgp
is vulnerable in a windows platform? Is this a
correct assumption?

Malice95

can you say...

...bo2k mod?

But what I'd really like to know about and get my hands on is the hardened version of windows that Microsoft handed over the NSA just after selling its sole to The Man (tm). If microsoft doesn't get the shit kicked out of it during the punishment/sentencing phase of the anti-trust trial, I won't at all be surprised (I'm expecting a light wrist slapping and tounge lashing)

I also find it curious in a supposed effort to maintain control of "information" assets, the NSA seems to have inadvertently provided a potential exploitable security compromise for the entire USA... nay... world. The optimist in me says that there are true patriots working at the NSA who understand where things are headed politically within the United States and they're busy building the foundations for dismantaling and unraveling of the web of bullshit that is currently being weaved by the elitist politicos in DC. On bad days, when I'm not feeling so optomistic, I expect the comming cusp-point trial of the human race's sole and the subsequent enivatable evolutionary slate-wiping that is such a common feature of the earth's biological past (it is my staunch personal believe the humans have far more to fee from themselves than any content sized asteriod from outer space).

Ease up

[EXpunk]

I didn't say that was how we were sending email. What was sent was a first draft of a legal document, which required the use of several types of formating.

See, now this is what I'm on about. Why do you feel the need to be all jumping on my case? I mean for real, I know that there are a lot of morons on the web, right? If there was a better option (i.e. more commonly used) we'd be all over it.

But it's NOT a backdoor!

Even if this is the NSA's key, so what? All it means is that they're hypocrites with regard to US security laws. The key only lets you install new security services inside Microsoft's crypto framework. That's it. It doesn't give you access to any information encrypted by other providers. The only reaon there's a lock on this install capability is to allow Microsoft to meet US export standards on encryption (they can't make it too easy to add strong crypto). If this really is an NSA key, then the NSA just wanted it to be easy for them to install strong crypto.

In other words, so what? This doesn't let the NSA, Microsoft, or anyone else snoop on my encrypted data. And I already knew the government had a rediculous security policy. BFD.

Re:But it's NOT a backdoor!

[McKing]

Reading this, I started thinking...

1. The alleged NSA key allows new security services to be installed. Fine, but what if one of these services is installed w/o the user's knowledge (Outlook/Office, anyone?)

2. "It doesn't give you access to any information encrypted by other providers." Do you know this? I am not a crypto person, but what if the alleged NSA key triggered some hidden portions _within_ the CryptoAPI that allow programs using _this_ key to do just that?

Combine the two, and you've got yourself a nice digital "wiretap", courtesy of MS and NSA.

I'm not as paranoid as some, but more paranoid than most :)

Comedy of errors

[Enoch+Root]

You know, at first I was outraged and shocked at this article. But now I can't help but smirk.

No one figured out that backdoor until Microsoft forgot to remove the explicit name NSA_Key in NT 4 SP 5? What kind of joke is this? Or is it a programmer at Microsoft that's covertly working for the Open Source movement? :)

I also find it pretty pathetic that the NSA would need to contact Microsoft and implement a backdoor to access NT. I sure know most crackers I know don't need a friggin' insider at MS to crack NT until it weeps.

So I see three possibilities about this:

It's a hoax of some sort, or a private joke by the NT programmers. It sure is working.

It's a decoy. The NSA has a backdoor somewhere else, much less obvious, and this is meant to make us believe the NSA backdoor has been found. I mean, the alleged backdoor in DES is much more complex and subtle than multiplying my a fixed key when encrypting.

It's true, and the NSA are truly pathetic, and their cryptanalysis talents are severely, severely overrated.

I find the third option to be the most amusing. :)

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

Re:Comedy of errors

[Kythe]

I vote for three. I think the NSA is maybe 5-10 years (at MOST) ahead of public-domain cryptography. Hardly enough lead-time to magically have mathematical solutions to the world's toughest public-domain cryptosystems.

Of course, it's always possible that they engage in all kinds of spying methods, and this is just one of them. But I truly believe that ascribing all-powerful status to ANY organization of humans is bound to fall short of the mark.

Kythe
(Remove "x"'s from

Re:Comedy of errors

Fourth, the NSA said quite unwillingly to microsoft "ok.. so we get $5 million AND the backdoor?" and microsoft said "that was the agreement" NSA: "You're sure no-one will ever find out" Microsoft: "Of course, we'll strip the symbols, they'll have no idea what this does." That should have been the title of the story NSA relies on Microsoft for national security.

Re:Isn't this illegal?

[justo]

what about the export of all this to other countries? isn't that illegal?

The courts are your friend...

[nstrug]

There is only one thing to do in these circumstances: sue. Sue MS for providing access to your data to a third party without your knowledge and sue the NSA for installing surveillance software without a warrant - doesn't matter whether they used it or not.

You probably wouldn't be able to get away with a suit against the NSA in the US, so this needs to be done in France or the UK or somewhere. France would be ideal as investigating magistrates have extraordinary powers and the French are certainly not shy of pissing off the US government. They also have (like the US) little respect for the concept of sovereign immunity and wouldn't think twice about raiding and searching US government facilities on French soil (not that there are very many for this precise reason).

Take the whole thing to the courts and blow the whole shabby deal wide open.

Nick

Re:The courts are your friend...

[jafac]

Airbus is already suing because they claim their secrets were Echelon-ed and leaked to Boeing.

"The number of suckers born each minute doubles every 18 months."

Re:Anti-Microsoft FUD

Actually, this evening. And yes, it'll be my first Linux install. Hey, I've got all weekend + labor day to customize it all nice. :) Couldn't have made for better timing.

No, it's not a backdoor.

This key just allows holders to install extra security services. Nothing else. Big deal.

Re:No, it's not a backdoor.

[cduffy]

And if you install a security service which automatically authenticates you...

Sorry. If there were a way someone could install new PAM modules on my machine, I'd be calling that a backdoor.

And who is suprised?

[ColonelNorth]

The Federal Government has been making aliances et al for years now. For example, the NSA can get new credit cards for agents at will legally giving the company false info, ie the agent's alias or what have you. Corperate alliances are what have made groups like the CIA and the NSA what they are today. I'm sorry I'm cutting this short, but I'm at work. More detail laiter in the day.

Can anyone verify this?

[Kythe]

Anyone else with debugging info to check this?

Kythe
(Remove "x"'s from

Disinfo tactics on /. ???

There seem to be an inordinate amount of AC & 1st time posters here (check user info)...

Re:Well, this is another argument for getting sour

Oh, come on. I know they're only paying minimum wage for disinformation moles, but you can do better than that --- subtle aspersions just won't fly in this environment.

Where's the proof?

Am I missing something? The article says "It turns out that there are really two keys used by Windows; the first belongs to Microsoft, and it allows them to securely load CryptoAPI services; the second belongs to the NSA." But they don't say how they know it belongs to the NSA. I hope it's more than just finding something called 'NSA KEY.' It is hard to believe that the government put a secret backdoor into windows and then used 'NSA KEY' as the name of their key.

Re:Where's the proof?

microsoft has now admitted that the NSA stands for the NSA...

They needed this FUD as a cover.

They (Micros~1 that is) needed this because it will take everyone's mind off their Passport/Hotmail screwup. Then when this gets viewed as nothing but a load of crap the Passport/Hotmail screwup gets forgotten too.

Whew, talk about conspiracies.

No binary-only drivers in Linux!

[Morgaine]

I hope this event gives paranoia a new lease of life, before it becomes accepted practice for hardware manufacturers to supply binary-only drivers for Linux.

It's bad enough to run binary-only applications, but to some extent their impact can be controlled. In contrast, once you add an opaque binary-only module into the kernel then all bets are off.

Thanks!

Thank you! I wasn't going to have the time today anyway ...

Read "The Puzzle Palace"

Same game, different day. Written in the 1980s, "The Puzzle Palace" by James Bamford is very enlightening. Anything but the worst assumption of this hole is ridiculous. http://www.amazon.com/exec/obidos/ASIN/0140067485/ o/qid=936410139/sr=8-1/002-7437712-53728 02 With the advent of the cable modem, all critical files a person has could be pulled within seconds. Time to get serious about security!!!

We dont need proof...

...this is slashdot

Re:screw the nsakey, who owns the third key?

Microsoft Devlopers claim not to know who this third key belongs to. Check pout the article at http://www.techweb.com/wire/stor y/TWB19990903S0014

Empirical Test of Assumptions

The discussion so far has found many who found it quite likely that NSA meant National Security Agency and quite a few others who called them "wackos", "naive", and the like. Well, now that it has been settled, we can see whose assumptions about the world were correct.

Re:Stealth Operation?

It (_NSAKEY) is not a registry entry. It's a variable name, stored in the .dll itself, in the debugging info section. The variable exists in all versions, but its name is only in the SP5 version, because it's the only version that hasn't had the debugging info stripped out (see the unix strip command...) So it's not in the Registry of an SP 5 machine or any other machine... - MElvey

Fones??? They can listen to every house!

This is like the government building into every house the ability to listen in on conversations in the house.

Hi. That was already done. Well, not everyone has a computer, and of those that do, not all of them use Windows and are, therefore, safe. Do you have a phone? There is a similar "backdoor" built into every telephone via the network they are connected to. Recent legislation requires that this "backdoor" be more powerful and userfriendly, including the power to LISTEN WHEN THE PHONE IS ON THE HOOK (don't work with very old phones, just newer electronic ones), to the people who turned those childrens home in Texas into a concentration camp a few years back.

Would the bastards who burnt all those poor children, the same bastards who gave themselves the legal power to listen to your house via an on hook phone, bust into your computer and steal your privacy? Could a presidential executive order require Microsoft to install a back door into Windows and shut the fuck up about it in the name of national security? If it is within the power of the president to sign such an executive order, would he do it in the name of "national security" or would he not do it out of respect for the privacy of the people. Of course he would sign it! Look at how Orwellian our phones have become! Cellular phones are doubling, again, by law, as tracking devices.

Re:Then what the hell is this?!!?

Terror

Yell at MSFT, not NSA

[um...+Lucas]

This is probably due to laziness on Microsofts part, or due to their marketing drones... I seem to recall the same thing occuring a few years back with Lotus Notes... The domestic version used 64-bit keys, while the "for export" version used 40-bit keys plus a 24-bit NSA key... The end result being that anyone interested in the data would face a 64-bit key (probably considered unbreakable a few years ago) while the NSA would only need to crack a 40 bit key (been breakable for quite a while)... This only applied to the exported versions, though.

Microsoft, in their marketing wisdom, probably chose not to have a domestic version and an exportable version, so as not to taint buyers of the exportable version with notion that it had easily defeated security. Therefore, they kept quiet about it, and did what Lotus did, but for their entire product line rather than just the part that was destined for sale outside the US...

I'd be much more angry with MSFT than the NSA... It's their (NSA's) job to collect information and spy, it's up to the people, businesses, and our gov't reps to try to

Sorry but that's BULL

[NetWare5]

What are you, working for Microsoft???? Microsoftlied about NT being C2 certified. The certification MS achieved was C2 ORANGE BOOK which is suited for stand-alone computers. For NT to achieve C2 certification, it had to be unhooked from a network, and unhooked from modems. That is, of course, ridicolous. Of course, MS did NOT say that the C2 cert. they had with NT was orange book. However, for the real, REDBOOK C2 certificate, you have to be part of a network. It's much tougher to achieve. The only NOS that has C2 redbook certificate is NetWare 4.11 with SP 3. Novell is in the (long) process of certifying NetWare 5.0 as C2 redbook compliant. Dunno where they are in the process. BTW, Microsoft certified oly NT 3.51, I don't believe NT 4.0 will be ever certified because it's seeking a redbook certificate this time. And we all reasonablepeopleknow that NT as a server is not secure.

SOME ADDITONAL INFO

[Kythe]

From a Techweb Story:

'Fernandez reported his re-discovery of the two CAPI keys, and their secret meaning, to the "Advances in Cryptology, Crypto'99" conference held in Santa Barbara. According to those present at the conference, Windows developers attending the conference did not deny the "NSA" key was built into their software. But they refused to talk about what the key did, or why it had been put there without users' knowledge.

But according to two witnesses attending the conference, even Microsoft's top crypto programmers were stunned to learn that the version of ADVAPI.DLL shipping with Windows 2000 contains not two, but three keys. Brian LaMachia, head of CAPI development at Microsoft was "stunned" to learn of these discoveries, by outsiders. This discovery, by van Someren, was based on advance search methods which test and report on the "entropy" of programming code.'

Kythe
(Remove "x"'s from

Consider also OpenBSD

[Ungrounded+Lightning]

If you're considering BSD variants you should remember that OpenBSD is the open-source BSD variant whose focus is security. (And it's maintained in and distributed from Canada, so no export crimps on encryption.)

Re:Consider also OpenBSD

[flatrbbt]

I ran a bsd once. Freebsd. I was very impressed with the way it ran. Yes, Openbsd is likely a very good choice.

Re:Well, this is another argument for getting sour

Actually, you have given me a nice BOfH-ish idea. Handling snakes at my desk, now there's an idea ...

Putting one and one together...

Remember the article Feds want access to your machine and the Clipper chip?

The infrastructure is there. Once the law passes, the required warrents come in 30-foot rolls...

Re:Well, this is another argument for getting sour

No, I remember this well because you used to be able to make real time across Arizona and Nevada (I think that neither had a speed limit until the '70s). The speed limit was Nixon. Carter and Claybrook/Nader were a host of safety and pollution issues, some well overdue and some fantatically bad ideas (PCVs were well overdue at that point as standard, as were better engines, but the safety issues where they would threaten everyone and then pull back over and over was not OK, and their pretty much arbitrary decisions about pollution level drove every neat care from the US during that time period). Grrrr.

History Lesson

[Aglassis]

Do you remember the great Unix backdoor? In the early C compilers developed by Ken Thompson the compiler would recognize when 'logon' was being compiled and insert code so that Thompson could enter with his username and password any computer that had UNIX installed regardless of whether or not he had a valid account. This source could be removed from the compiler of course. But to recompile the compiler without it you had to use the compiler itself, which added the code again. Unless you are willing to write a compiler from assembly code you can't be sure that you are not running specially added code. I wouldn't wager a bet that gcc DOESN'T have this type of hack.

CSP

[heh2k]

what exactly is the windows CSP used for? general crypto or auth'ing certaing programs as coming from trusted sources or what?

The real truth of this article

[malice95]

Basically it all boils down to.. if you want real
accountable security for your computer systems
then you must use Open Source Os's and software.
MS could put any dam thing to want in windows
and we would NEVER know. Who the hell knows what
is going on in those binaries. An extreme example
is MS money, Maybe bill gates has the bank info
for every user of this software thats on the net.
Now I know thats a wacked out example but with
closed source products it is really easy to do.

Using MS products to run banks, goverment agencys,
etc.. IMHO amounts to placing way to much trust in some nameless and faceless coders from redmond.

Is anyone else being probed from the IP?

I'm on Windows NT Server SP4. Do I have the backdoor?

198.6.1.82
198.6.1.162

Re:Is anyone else being probed from the IP?

I was getting them occasionally, but not for the past six months or so. I don't think it has anything to do with the back door, they're just checking to see what's out there. Of course, you never know.

Re:Is anyone else being probed from the IP?

Re:Is anyone else being probed from the IP?

test

Wait just a second...

[wanderingstar]

Let's all just participate in a little reality check here, folks - just because something is named "NSA" it automatically means it has to do with the United States National Security Agency? As any Windows programmer can tell you, "LSA" in Microsoft parlance means "Local System Authority" - the subsystem that validates your logons. Why the heck shouldn't "NSA" stand for "Network System Authority"? And this is just one possibility... Geeze, the article offers ABSOLUTELY NO PROOF that the key named "NSA" stands for National Security Agency. Think before you fly off the handle.

Re:Wait just a second...

[dattaway]

Meanwhile, it's fun hitting the news sites every few minutes to see the pecking order of how the story propagates.

As expected, msnbc denies the association with the NSA. Looks like this article was carefully prepared by the PR chefs to me.

Re:Wait just a second...

[Kythe]

Quite true...but you'd think that a close analysis would indicate more about the variable, such as whether the NSA_KEY were the same for all systems.

We really need more info.

Kythe
(Remove "x"'s from

Re:Wait just a second...

And, correct me if I'm wrong, this only affects products that use the CryptoAPI. Seems to me that anyone who was concerned with security wouldn't be using the Microsoft solution in the first place, would they? I wonder how many people actually have files encrypted by the CryptoAPI on their Windows box...

speed

Re:Wait just a second...

[dreamwish]

Of course, the acronym NSA would have *NOTHING* to do with the fact that it was in the cryptAPI DLL, right? So it must mean something else.

Re:Wait just a second...

That's a very good point. Perhaps we've all gone a little crazy with paranoia here. Too bad Windows isn't open source so we could all go check it...

I wouldn't be so anonymous if I could remember my password...

Heh!

[Lurking+Grue]

Micro$oft always claimed that their systems were open. They just never told us HOW open....

Re:Well, this is another argument for getting sour

Nice BOfH-ish idea #2: Feed lusers to the lions during lunch as cheap entertainment. Don't know if this would count as animal abuse or not though. Perhaps hyenas instead. They seem to be less picky.

MS has succesfully spread a lot of FUD about C2...

[NetWare5]

I don't want to repeat this stuff.

This is NOT a backdoor to government spying!

People here are completely misunderstanding this. Read the press release! Let's try to be rational.

This key is not a backdoor that allows the NSA (or whoever) to read encrypted data. This key is merely a control that restricts who can install additional security service providers into Microsoft's crypto framework. Microsoft is required by the government to make it difficult for others to add strong crypto to this framework in order to legally export it. So they make security providers run their addition by someone who has one of these keys before they can install their provider. Big deal.

If you want to get upset about something, you can whine about the NSA wanting an easy way around the very restrictions they insisted get put in there, but that's another story.

How do you pick var names?

[pres]

I don't know about you but if I was writing crypto code I am sure I would be tempted to throw in names like this just for my own enjoyment. (and to mess with the minds of the other programmers of course).
While it does have to be looked into, it really does sound more like a joke on the parts of the programmers.

Re:How do you pick var names?

Isn't is said that VMS had two structures in the security code called KGB and CIA?

Encryption is needed now!

[dattaway]

We need strong encryption implimented in the masses before its too late. There is too much plain text transfer and lack of authenticication. Imagine a few individuals trying to trojan your patch you submitted on freshmeat. Now, imagine the illusive NSA handling those packets for a brief moment in time to contaminate yours and everyone else's space forever. Paranoid? Perhaps I am, but I have been getting a noticable increase in /var/log/secure in the last few months.

If we don't protect ourselves from crackers and rougue governments, hell is going to walk on this planet soon. I predict it happening soon with the current lax security (or complete lack of!)

Damn the NSA. Send it to hell.

Re:Encryption is needed now!

[SoftwareJanitor]

Your points are good, especially those about traffic analysis. However, they appear only serve to further weaken the argument of the person I was replying to.

In many ways, the 'net is a far less anonymous place than the 'real world'.
In the real world I can still send a letter w/o a return address (or even with a bogus return address). If I am careful to avoid leaving fingerprints on it, it is difficult for the recipient to tell much more than what zip code it was mailed from. It would be virtually impossible for someone (or even a gov't agency) to watch every person depositing mail into every public mail recepticle all the time.
In the real world I can still make a call from a public pay phone using coins and/or a calling card (if necessary) that I can purchase with cash at a place like Wal-Mart. If I am careful not to leave fingerprints on the phone, and I do something like record a message in someone else's voice or with a voice synthesizer, it is virtually impossible to tell who made the call.

The preceeding examples haven't caused the real world to come to an end, so I see little reason why what little anonymity we have on the 'net is a bad thing.

Re:Encryption is needed now!

[um...+Lucas]

I'm not saying that anonymity on the net is a bad thing... I'm just saying it can't happen... Computers need to know what computers they're talking to in order to communicate (except for broadcasting purposes, but that's not how we do things)...

If you want anonymity, don't expect to find it on the Net... It's just not really feasible. If you want to communicate anonymously & privately, all the methods you mentioned above will work just fine... They're just easily duplicated in the online world

Re:Encryption is needed now!

[bookemdano]

Crypto plus dynamic IPs, and change your e-mail header to an anonymous e-mail account. Lots of people do this.

Someone might suspect who you are if they know what ISP you use, but only your ISP can verify this, and most don't have the time or interest to do this unless ordered to do so by law enforcement.

And of course, don't use a Pentium-III or post M$ Word documents to the Internet.

Re:Encryption is needed now!

[meridian]

it doesnt really matter if the operating system you are using is already backdoored. wouldnt be hard for anyone to load a keystroke sniffer. btw i noticed this in my samba logs after trying to install win2k rc1. anyone know what it is? localhost > ALL-ROUTERS.MCAST.NET: icmp: router solicitation localhost > ALL-SBMS.MCAST.NET: igmp nreport ALL-SBMS.MCAST.NET [ttl 1] localhost > MICROSOFT-DS.MCAST.NET: igmp nreport MICROSOFT-DS.MCAST.NET [ttl 1] localhost > MICROSOFT-DS.MCAST.NET.42: udp 19 localhost > ALL-ROUTERS.MCAST.NET: igmp leave ALL-SBMS.MCAST.NET [ttl 1]

Re:Encryption is needed now!

[fr33cl4m]

It was not the unflattering things he said, but
the copyrighted text which he posted anon from
the site. If he was just a vocal critic, the
lawyers would not have gotten very far.
Anon posting can be quite valuable....but there
are rulez ya know. If you were a battered spouse
would you be more apt to seek help on the net
through anon posts, or would you like your name
to appear where the world (including the abusive
partner) could see it.

No.

> If you aint' breakin' the law > you ain't got nuthin' to worry about. I HATE when people say this in regards to privacy. It's something an advocate for no privacy would say. Thus incriminating people for wanting privacy. There are tons of reasons for privacy. First off people really don't like others snooping around ( well most ). Second off there are tons of ways people can misuse having access to your things. Corporations like Insurance companys will not allow you to have health insurance because they know that you had a paper cut when you were 7, etc. The ability to have privacy is A Good Thing [tm].

psychoholic madness.

Is this what Steve Gibson has been working up to?

Steve Gibson, the guy who writes all his Win32 stuff in assembly language has got a crazy section on his web site where he hints at something like this. Check it out! http://www.grc.com/steve.htm#project-x best; gjvc

MS is bad software but...

[dclydew]

I doubt that an NSA backdoor would be called NSAKEY. More likely it would be called sol.exe hehehe:-)

Re:Ummm.... No, it's not, or it is

[Velox_SwiftFox]

It seems to have become the vernacular for the monitoring techniques as well. In any case you can download "anti-Tempest fonts" to make the monitoring harder from the site linked to in the previous comment.

And also on CNN, now

[Kythe]

URL: http://www.cnn.com/TECH/comp uting/9909/03/windows.nsa/

Kythe
(Remove "x"'s from

That's just being lazy

If you don't know and don't care to find out what the three lines mean then why the hell are you even worring about how secure your os is?? What are you going to do trust someone??? Yeah, and like 1000's of other people you get burnt just like them. If I can't see the code, I won't use it on my servers.

Patch a trojan?

Doesn't it occur to anyone that this supposed "patch" could be a trojan? First they release this scary article about a flaw in croptyapi and they just happen to have a patch to cure it for you. The rants about how Windows isn't open source start, but did you notice the patch isn't open source? Sure they have a cpp file but it just makes calls a couple of DLLs, where is the source for the DLL's? What do those calls REALLY do? Maybe all of you who ran the patch have just installed BO2K on your systems.

There's a sucker born every minute.

Re:I don't think it's for spying on people

[Vudu+Child]

Suppose all this is true, and I have no reason to doubt that it is, as you pointed out in your last sentence there is still an NSA key installed by default in the Microsoft OS's and thus available for any other use. If one is sufficiently paranoid one should replace that key.

Earlier in the year a paper was published on the vulnerability of keys, because of their entropy, to a brute force search of the hard drive by a virus. I now think that I might want such a tool to see what keys are installed on my system. Anyone heard of such a tool being written?

Re:Well, this is another argument for getting sour

[Danse]

As I get older, I keep wondering what motivated our parents' generation to screw things up as badly as they did.

Same things that always screw things up. Greed, arrogance, paranoia, and fear.

So NSA also needs another trapdoor.

[Ungrounded+Lightning]

It DOES allow the holder to install additional
security services into MS's security framework. But the holder has to have access to your
machine to do that.

So that means they also need a trapdoor that lets them run on the machine, but once they have it they can use this trapdoor to hack your security modules.

This trapdoor is where it was easily findable because that's where the code prety much had to be in order to augment the security install checking. But how do you know the other one isn't in there somewhere?

Re:So?

The cryptographic security system is based on trusting Microsoft, not on trusting you. All CA's you care to use have to be signed by MS, so MS (and now, the NSA) are the CAs of the CAs. If the system works as it is supposed to (leaving aside the important question of whether how it is *supposed* to work is any good), you should not be able to change which CAs are acceptable on your own computer - just those which you do, in fact, accept. From those MS approves, you can choose those you like. Therefore, this hole makes it possible for an intruder to do something even *you* should not be able to do under the security model given.

Sorry, that was not really what I meant.

I am coming off sounding like some sort of flat-earther. Yes, I think that stratified charge engines were a good thing and I have no love for American cars or the companies that make them, but I am upset at the continued unequal application of rules to trucks and vans, the lack of emphasis on getting morons off the road (we don't need speed limits in general, just fewer bozos), and more consistant safety standards.

Re:We let the government decay to a dangerous poin

don't care if Hoover did spend his leisure time in a nice Chanel day-to-evening and tasteful-yet-daring Ferragamo pumps -- he got in and kept good people who did real detective work.

It's not his personal life people object to. It's was is files on citizens who did nothing but object to the government.

Oh, and ask your father about "Cointelpro". Then look it up for yourself.

I can't see anything in the constitution that allows the FBI OR the NSA. That however is just me.

As a quote on a mailing list commenting on the FBI and the FCC went:

One is the legacy of Herbert Hoover

One lis the legacy of J. Edgar Hoover

And like all hoovers, the both suck

Re:Security hole? Really??

[Zigurd]

True, but it's still an exploitable feature. The feature was designed to ensure only trusted and legal crypto providers could be installed. If the provider can be installed, then it can be trusted as far as Microsoft's vetting process can be trusted. The fact that another signer can sign without you knowing makes it possible to fool you into thinking that you are loading a kosher crypto provider when you are not.

The stated purpose is probably the original designed purpose, but that does not take away from the fact this is an exploitable feature.

Re:Well, this is another argument for getting sour

It is more that the policies that gave agencies like the EPA a huge amount of oversight were depending on a worldview and outlook (in the case of the EPA it was "let's save the environment before it's all gone") that was deliberately never codified in an attempt by liberals to make an end run around the legislative branch on key issues that could turn out to be unpopular enough to get voted down, similar to the way that they used the judicial branh to "legislate from the bench" on issues like abortion. I am not saying that I think that the intentions in either case I cited were bad, just that by building an organization on foundations of sand is a poor idea. What did the EPA do? They wrote and enforced regs. What happened when the earlier people put in by Nixon and Carter left or were booted out during the Reagan administration? The only people there to replace them were people brought in not as environmentalists but to write regs and fine people. And so the EPA has gotten very good at that. Fixing many of these problems will require getting these parts of the gov back doing what they were supposed to do in the first place. And I too think that it has gotten worse.

Remeber the expression that a zealot is someone who redoubles their effort once they have lost sight of their goals?

oh, you most certainly can...

[xeno]

Funny, that -- at the SANS seminar on cyberterrorism in Seattle this week Alan demo'd just what you suggest -- a real-life picture of a startled-looking young man taken with his own webcam by a cracker using NetBus. His girlfriend is on the bed in the background, with both video & sound broadcast to the world. According to SANS, 60-70% of NT-based ISPs in the US have a serious NetBus infestation.

Go search for NetBus. Or BO. You chuckle. Someone else watches. And if you don't think it'll happen to you, you should look at my home router logs (on an unadvertised ip).

Re:Well, this is another argument for getting sour

weasel-cam.

Re:The Microsoft Reaction

[iabervon]

The thing that makes this flaw interesting is that, unlike their other flaws, it is not in the code which protects the user from other people, it's in the code that protects Windows itself from users. The hole has an effect similar to breaking copy protection, except that instead of letting the cracker copy the program, it lets them install additional cryptographic software. This ability is considered really bad by the government, and software which has it may not, in general, be exported.

Usually it's just customers who are affected by MS security holes, and MS doesn't have to care about customers. But in this case, it's the government that's affected, and MS does have to care. I expect a major press release and a fix pretty soon.

The simplest would be to require the keys to be signed by MS, so random people can't just swap them.

Microsoft responds.

A load of old bollo*ks, as we say where I come from: http://www.microsoft.com/security/bulletins/backdo or.asp In summary: "trust us, there is a second key, but we wounld let NSA have it..."

2nd of april?

[flok]

So, like the 3d of September is now the second "fools-day"?
---------------------------------
F.J.J. van Heusden
Mobile: +31-6-22390057
e-mail: flok99@dds.nl
---------------------------------

So did Cisco, Netscape, etc...

There is also a foriegn person working in the US on Linux... it would be a shame if Mr. Torvolds were deported or imprisioned, wouldn't it?

Re:This is odd

Uh, this is coming from a guy thats using HOTMAIL???

I agree. _NSAKEY. Give me a break.

Some programmer is having a giggle.

Re:Well, this is another argument for getting sour

How about locking the lusers in a normal 84" enclosed rack with several agitated weasels and beating the sides with baseball bats for a few minutes. Mmmmmmm ... the rack of weasel joy ... yes, it has been one of those weeks, how can you tell ... Returning to the topic at hand, I get to say I told you so to alot of people this weekend, so there has been at least one good output. But really people, are y'all surprised? This is MICROSOFT. Companies, like people, have moral characters, and some are immoral. Microsoft is one of those companies. IBM is generally moral, Compaq less so, Dell not at all. Think about it. How do you feel about companies you know well? Can you really say that it is because of their policies per se or it is because you know that that they would kill you and sell you organs on the black market if they could get a decent return on investment and could get away with it(to quote Dilbert)? Microsoft is an immoral company. This is another example (as if y'all should really need another).

Re:Stop being so paranoid!

[Deimos_]

Damn all those exclamation points ;) Anyway, what you said is very true, and I think I might have found a way around having any of that BS. I'd like people to check it out and see if its legitamate before I make a move. I want my constitutional rights damnit and their not being supplied! I want Life, Liberty, and the Pursuit of happiness (my happiness is total and complete privacy, plus alot of other things which are 'against the law'. you can shove it if you think its impossible)

The company is called 'Freedom Bound'

I've been thinking about using their services to cancel my social security contract with the government under the basis that when I signed it (with my footprint, or whatnot) I was not aware of the full implications of the contract and therefor by law it is void and an act of fraud. There are also a few other contracts which I would like to have canceled. For chrissakes! I was less than 2 days old when I got 'signed' my social security contract, there was NO way I could know what I was getting into. I've already berated my parents for signing it, but it wasn't really their fault either because they didn't know as well.

What it sounds like, when you are not bound by the social security contract, you (obviously) don't have a ssn, don't have to have social security, or really any tax taken out of your pay check, don't have to answer to the IRS at all (I might be wrong on this one, refer to the link I supplied for more accurate information). You are not required to register your vehichle, have insurance on it, or have drivers license, because you are no longer a driver, but you are a traveler. As a traveler, you don't have to follow traffic laws and state and local cops have no jurisdiction over you. (I'd still stop at redlights and go the speed limit, crashing into another car isn't that fun)

Someone tell me I'm smoking crack or completely right. Please help, I need more opinions on this company before I commit $850 to them. It sounds too good to be true.

-=Deimos=-

SMC - and programs to verify CSP

In the end it all boils down to a branch statement. What this lovely discussion missed was this inherent weakness has been FUDDed by self modifying code, and other undocumented stuff. The original article mentions all older varients of MS products too.. Couple this with the statement that MS kerboris is NOT compatible with IBM's DCE kerboris (yet) This means linking MS boxes with other products will remain difficult to resolve. Try connencting NT to Solaris or OS/2 over a network - and PROVE something stinks The European competition model is no more. In order for an MS box to trust another box, certain inbuilt controls will have to be reverse engineered. Lets hope the EEC recognise that MS has an unfair monopoly - least till interconnection is achieved without penalty

Re:Come on kiddies....the NSA is MUCH smarter than

[Kythe]

The NSA is made up of humans. Granted, humans with little oversight, but they're hardly infallible. As we all know, neither is Microsoft.

Real or not, I think this deserves a serious, deep investigation, since this "feature" is evidently found both in domestic and foreign copies of Windows NT.

Kythe
(Remove "x"'s from

Re:Well, this is another argument for getting sour

Well, I hadn't really thought of it as "getting the EPA in touch with their inner hippie" but you have a good point. And don't harsh on the liberals too much man, it was Nixon that started the EPA after all (and the 55mph speed limit).

Re:Right.....

Second, what would be the NSA's benefit in getting MS to do this for them?

If you can't see the benefit, then you don't go into security work, you are insufficiently paranoid.

the only sure way to prevent security leaks in win

[rumba]

...is to never store anything you don't want corrupted on the drive and to reformat it every month or so and install a fresh copy of the OS. this will also close up memory leaks and put back all the .dlls that got "updated" and now cause your machine to crash every 10 min or so. it will also get rid of all the copies of back orifice that those nasty activeX hackerz slipped you when you went to the porn/serialz site "accidently." i just look at it as preventative maintenance.

win98 guru

Re:screw the nsakey, who owns the third key?

[flatrbbt]

Cool. Thanks for the url.
It certainly seems strange that the people writing the code would not know where the code came from.
I think they are lying sacks of shit.
please excuse my language,

Just because it has a call named NSA....

doesn't mean the NSA is involved. Come on gang, let's be realistic. If the NSA was gonna stick a backdoor in a piece of software, do you think they'd plaster their name all over the call? It could be anything -- an inside joke, or an acronym that stands for something else (hmmm... NT security audit?)

Let's not get paranoid until we have more information.

Inadvertent Debugging info

If it really was a case of someone at microsoft shipping the binary with debugging symbols in it instead of the stripped version, then we would be seeing something that wasn't intended for our consumption. We wouldn't be surprised to see the name NSA in the source, right ? He's suggesting the name in source leaked out in the binary because they left debugging symbols in the shipped version.

Which would be really bad quality control, I think.

I don't think it's for spying on people

Having used the CryptoAPI for about a year, and having been forced to get Microsoft to sign a CSP (Crypto Service Provider) for me, what it REALLY appears that the _NSAKEY value is for is this: Microsoft wanted to make sure it didn't violate US export law. They asked the US government, which replied, "Make sure that the CryptoAPI doesn't load unapproved cryptographic modules." Microsoft did this by requiring CSP developers to send the DLL to them (you can opt to send just the hash) along with a document stating whether the CSP was exportable or not. Then, someone in the government said, "Well, we want to be able to use our own CSPs in Windows without having to send them to Microsoft." They got Microsoft to add a second DLL verification check using a separate RSA key. For those who don't know, CSPs are DLLs that provide key and certificate management, hashing, and encryption/decryption services to applications. There is a small API of functions that they support. If some boogeyman wanted to spy on you through one, that means that someone would have to get that code onto your machine first, then register it (it's in the Registry under Software/Microsoft/Cryptography/Defaults/Providers ). This still leaves open the possibility that the verification code is being used to verify something else other than a CSP, but that hasn't been shown yet.

Security hole? Really??

Ehm, did anyone actually read the press release?

As far as I can tell, a competitor to Microsoft discovered the following:

* There is not one, but two keys that are used for the verification of CSP modules;
* This key is called 'NSAKEY' in the debug info for some NT4/SP5 executables.

The best you can say is that "this raises questions". It could be a "back door", but certainly no "security hole": the ability to install CSPs on a system doesn't give you a whole lot except the ability to PROVIDE AN ALTERNATIVE METHOD to encrypt/decrypt data. In other words: no existing encrypted data is compromised, and an application has to specify it WANTS to use the new CSP.

Of course it's more fun to start paranoid rants agains "M$" right away, but even for the most fanatic Microsoft-sceptic, it should be clear that:

1. The information is provided by a Microsoft competitor, and very sketchy at that;
2. It doesn't conclusively PROVE anything: just hint at certain vulnerabilities;
3. If the 'back door' indeed exists, its exploit potential is minimal.

Whatever.

Re:Security hole? Really??

[jovlinger]

So what about this attack:
NSA writes a new DES provider that in addition to performing DES, also emails them all keys used (or something more subtle, but you get the idea). Now sign it with NSA private key, and overwrite the old dll with the compromised one. The previous one was signed by MS, this one by NSA, but both have valid signatures. When an application asks for DES encyption, the compromised one is successfully loaded.

What am I missing?

Re:Security hole? Really??

What you're missing is that this attack requires you to install code from the NSA on your machine. If you don't trust the NSA, you wouldn't do that.

A lot of assumption are made here

[javatips]

It seems that a lot of people are blinded by theyre Microsoft hate. (note that I don't like them very much either) It seems that to asume that because some symbol have NSA in it, it refer to The NSA, one must have a lot of paranoia. I don't say that this has nothing to do with the NSA. But we should not forget that maybe it's for other purpose than for the NSA use. It could be (any reasonnable person will akcknoledge the possibility) that the symbol name with NSA it it is a pure coincidence. I don't refute the accusation, I just want to raise a point that Microsoft WILL raise when they will defend themself of the allegations. SeeU!

Final straw.

[Any_doom?_a_cow_runs]

Hereforto, from now on, only open source crap for me.

I don't care if I have to stop playing halflife, byebye MS stuff.

Byebye anything from pretty much any company. Trust no one for real.

If I can't get a supergeek to tell me the code is 1) legit 2) fairly secure and 3) hasn't been fucked with by spooks then 4) It goeth the way of ye dinosaurs on my HD. Since, gee, pretty much only some *nix variants have a shits chance in hell of passing those 3 (by way of being able to see the code in the first place) thats all I'll use.



Anonymous Coward, get it? :)

Re:Misunderstanding

[flatrbbt]

Yes, I understand that this in itself does not allow access. It does however, completely compromise the security model of the system by allowing unauthorized services to be installed without knowledge of the sysadmin, which is completely unacceptable.

Alleged DES Backdoor by NSA

[Enoch+Root]

As promised, here is the passage from Applied Cryptography by Bruce Schneier that deals with NSA's tampering of the S-boxes. This is from the second edition, pp. 284-285:

In addition of being accused of reducing the key length, NSA was also accused of modifying the contents of the S-boxes. When pressed for design justification for the S-boxes, the NSA indicated that elements of the algorithm's design were "sensitive" and would not be made public. Many cryptographers were concerned that the NSA-designed S-boxes hid a trapdoor, making it possible for them to easily cryptanalyze the algorithm.

Since then, considerable effort has gone into analyzing the design and operation of the S-boxes. In the mid-1970s, Lexar Corporation and Bell Laboratories examined the operation of the S-boxes. Neither analysis revealed any weaknesses, although both found inexplicable features. The S-boxes had more features in common with a linear transformation than one would expect if they were chosen at random. The Bell Laboratories team stated that the S-boxes may have hidden trapdoors, and the Lexar report concluded with:

Structures have been found in DES that were undoubtly inserted to strenghten the system against certain types of attack. Structures have also been found that appear to weaken the system.

On the other hand, this report also warned:

...the problem [of the search for structure in the S-boxes] is complicated by the ability of the human mind to find apparent structure in random data, which is really not structure at all.

[...]Various oddities about the S-boxes appeared in the literature. The last three output bits of the fourth S-box can be derived in the same way as the first by complementing some of the input bits. Two different, but carefully chosen, inputs to S-boxes can produce the same output. It is possible to obtain the same output of a sigle DES round by changing bits in only three neighboring S-boxes. Shamir noticed that the S-boxes entries appeared to be somewhat imbalanced, but wasn't about to turn that imbalance into an attack. [He mentioned a feature of the fifth S-box, but it took another eight years before linear cryptanalysis exploited that feature.] Other researchers showed that publicly known design principles could be used to generate S-boxes with the observed characteristics.

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

Re:Well, this is another argument for getting sour

This is not the first time that I have heard comments about Christians and the NSA. Were your friend(s) harassed for doing the bible study thing? I am an atheist, and I have questions about some people (who handle snakes, for instance), but in general I cannot see bothering other about any religious beliefs that don't conflict with work. And yet this keeps coming up from people in security around here (San Antonio).

Re:We let the government decay to a dangerous poin

OK, fine, I am sorry I brought up Hoover.

UUNet DNS Servers it appears

[abcess]

These both appear to be UUNet DNS servers, atleast according to ARIN whois. 198.6.1.162 is listed as one of the DNS servers for reverse mapping for 198.6.0.0 - 198.6.255.255 as is 198.6.1.83, as for 198.6.1.82 it is listed as a host with ARIN and is listed as one of the name servers responsible for reverse mapping for the same address block when you use nslookup, which means it is likely used for the same purposes.

Now, it is highly unlikely that the NSA or anyone else would be doing anything else from these servers, they're probably kept decently busy doing DNS stuff, besides, they're mission critical boxes for UUNet. This doesn't mean that the IPs aren't being spoofed though.

It seems to me that it's improbable that this would be the info to look for, though it is certainly possible. 198.6.1.82 and 198.6.1.83 seem to be located in Fairfax, VA, so who knows....there's all sorts of possibilites

Re:UUNet DNS Servers it appears

[The+Future+Sound+of]

I think you'd have to use the one that handles .gov addresses, such as:

http://www.nic.gov/cgi-bin/whois?s=nsa.gov

Surprised?

[joq]

No one should be surprised about this backdoor left open to the NSA. Has everyone forgotten that the NSA snoops all things transmitted in the entire world?

Or has everyone actually forgotten the other agencies in cahoots with the NSA to provide unsecure data transmissions in every shape form or fashion worldwide?

Everyone can cry foul all they want but the sad reality is there is nothing anyone can do no matter how hippiesh you think your going to get about the matter.

Hippiesh == reversion back into the 60's type radical fighting for a /dev/null cause

The NSA should not be taken lightly in the Linux community to those who aren't familiar to programming and coding, since anyone can backdoor scripts and bineries to have information mirrored to another destination.

Its a sad crying shame but its part of the worldy balance of good and evil no matter how cheezy it may sound.

What if there were no NSA, or FBI? How chaotic would things be, no matter how you think of it. Things would be in a sad state worldwide. I in no way agree with the methods, and I highly doubt someone at the NSA would randomly pick someone to "monitor."

So unless you're doing something highly illegal why even bother pissing a bitch and flying off the rocker? While it is unethical it's the NSA... They're bound to snoop things one way or the other so the best way to handle the situation is to go on with life...

Re:We let the government decay to a dangerous poin

Let's not revise history too quick here, bubba. The FBI has done one or two things other that listening to MLK slap around his mistress. I have issues with a lot of organizations, but I don't damn them wholesale for screwups as long as they are not their main product (like Microsoft with bugs). Yes, it is sad that they went after MLK. Very sad, on a number of levels. That doesn't make the organization bad. This security plant is, well, pathetic, but that doesn't man that we should toss out the NSA. They just shouldn't do that.

Microsoft Denies Story

[Froomkin]

Wired reports MS's denial at http://www.wired.com/news/news/technology/story/21 577.html. They say the key is only used to verify compliance with US export control laws.

A. Michael Froomkin,
U. Miami School of Law,POB 248087
Coral Gables, FL 33124,USA

Re:Microsoft Denies Story

Oh give me a break. If it was mandated by the government MS would have nothing to lose revealing it. On the other hand if it's just a variable name taken out of context, how many of the anti-MS whackos are going to believe it?

My favourite posting so far is the hilarious one from the fellow claiming he was running around his company uninstalling all MS products, because of this. Bwahahaha! Firstly, I don't his porn surfing Pentium 133Mhz sitting in his bedroom living at his parents house qualifies as "his company", and secondly the proposterous idea that ANYONE professional is going to take a SYMBOL dump as proof of some conspiracy is ridiculous. Give me better proof than conjecture of some zealots.

Re:Microsoft Denies Story

[jafac]

"Wired reports MS's denial at http://www.wired.com/news/news/technology/story/21 577.html. They
say the key is only used to verify compliance with US export control laws."

well then, it looks like the NSA in "NSAKEY" DOES stand for "No Such Agency".
Not a joke, and not an acronym for "Network Service Address" (or whatever).

So, how likely then is MS's explanation to be true - if the worst that is suspected (MS-NSA collusion) is true?

"The number of suckers born each minute doubles every 18 months."

Re:Microsoft Denies Story

>>Oh give me a break. If it was mandated by the government MS would have nothing to lose revealing it. Oh, right, I'm sure France, much less Russia, China, or Serbia, would be perfectly happy to trust the US government. "Oh, Uncle Sam asked for it? That's OK then. Ship us another 10,000"

Free Get Out Of Jail Card

[Zaxo]

If you're being prosecuted on evidence found in your computer.

Or somebody else's for that matter.

Zax -- Not A Lawyer.

Testing?

All I wanna say is, this is one HELL of a way to test the new server, guys! ;)

Re:Well, this is another argument for getting sour

I know what you mean. Like dealing with CA, you sort of assume that you will be screwed. I would just rather not, thankyouverymuch.

Anti-Microsoft FUD

I realize that this is a bit of a FUD piece. As mentioned, there is nothing to tie the NSA variable to the actual agency. However, this is proof that FUD works. It has finally pushed me over the edge to installing Linux. I'll probably enjoy it too, damn it.

Thanks.

Re:Then what the hell is this?!!?

[madprof]

I'm neither laughing nor crying. Just wondering why on earth you've said this.
Neither turned up in server logs from what I have seen.
Maybe the NSA are pretending to be AOLers? :-)

Duh!

The NSA just plain doesn't need a back door into windows security. Did everyone miss the post about RSA-155 being cracked in three months in secret...? How about Shamir's "twinkle" system? Do you really think the NSA has the type of budget problems that have prevented Shamir from building his system (which he claims would cost a mere $250,000 on first run) And do you think they'd have a hard time mustering the computing power to crack RSA-155 in less than three months? Think about this... who is SGI/Cray's bigggest customer (of super computers)? Drumroll please! The United States Government. Face it. If you want to keep a secret, its better not ever go across a wire, airwave or hit magnetic medium.

-E

Re:Well, this is another argument for getting sour

I went to grad school with a guy that was a ranger in nam.. He was a great guy.

While his "skills" have diminished with age, you would not want to mess with him.

He is now a highly respected scientist

You couldn't make it up

It's amazing, just when you think Microsoft couldn't possibly screw up any more, or concoct a more disasterous PR nightmare ... they manage it ! The last few months have been getting crazier and crazier (read : saner and saner) ...

Maybe the people I've been telling to get rich quick by shorting Microsoft stock will pay more attention next time ... ;)

I find it difficult to believe that any PHB could seriously try to defend continued use of Windows (et al) in a corporate environment after the past few weeks. All that'll be left is hot air & bluster. Microsoft are finished . That's it, game over. What shall we do now ?

Anyone fancy getting involved in public / open robotic space missions ?

Re:Well, this is another argument for getting sour

we can still own you :)

maybe it is part of a backdoor...

[dermond]

being able to replace the crypto api could be a part. a person who is able to install a module in the crypto api has a full power over the computer anyway.. most important and interesting information one would want to intercept would be passed through the crypto api and if one has a convenient way to repace that modules. this could be part of a backdoor....

dermond.

We let the government decay to a dangerous point

I agree with your sentiments, and I suspect you are right about the institutional and bereaucractic rot in the three-letter agencies. What ever happened to real spying and real detective work ? Nowadays the FBI wants to automatically collect information on everyone rather than figure out who the criminals are, and the CIA doesn't even have any spies on the ground in Serbia. And they want to make up for their incompetence by giving everyone in the world a microchip in the butt so they can sit in their cusshy rolly chair and do their job with Excell.

Correct.

Microsoft should sue them for libel.

Re:Open source

You're an idiot.

Shocking

[chuck]

I assume it's not the same people in this discussion that were slamming Roblimo for posting or believing something with no evidence. Clearly Microsoft has provided themself with a backdoor to everyone's system. Officially, it is so that Microsoft can upgrade the CryptoAPI security on Windows. I find it shocking that no comment I have seen yet identifies a problem with this. This is supposed to be security? Then, there is a second key. What is it for? We don't know, but because it is called NSAKEY, suddenly this is a government conspiracy? Well I have got news for you:

I am the NSA, and I am watching you

Okay, did you believe that? If you did, go and have a lie down, because your brain isn't well rested. Any moron can use the letters N, S, and A. Perhaps it is ``Nominal Secondary Access.'' The point is, you have no clue. There is no evidence that the real NSA is involved. Why don't we stick to Microsoft bashing?

hehehe

The application interface for encoding functions, provided by Microsoft for programmers, which sucked. first perfect translation I've seen from babelfish yet!

No, they wouldn't.

They're too clever. But Microsoft might. And if the NSA only ever saw the API with the identifiers removed, how would they know?

Re:No, they wouldn't.

I thought the "forgot to remove the symbolic info" part was the funniest thing about the whole article. Eagerly looking forward to the MS press release on this one. Black Parrot /nologin

Stealth Operation?

[RISCy+Business]

I've got one NT box that I work on, a workstation..

NT 4 Workstation SP4 Build 1381.

I can't find the key. Applying the patch doesn't work. I can't install SP5 (CiscoWorks won't install then.) and going through the registry with REGEDIT.EXE doesn't show the registry entry mentioned.

So I'm inclined to believe that either it's not in SP4, or Microsoft has hidden it REALLY well. Applying the patch as instructed, even using the binary executable that you can download, does nothing. And a test against it fails. Yet I can still log on, so the registry cryptography keys must be intact.

This is scary. And a good reason to ban Windows from your office.

-RISCy Business | Rabid System Administrator and BOFH

Re:Stealth Operation?

RTFA .. read the fucking article. It say it's in SP5 you goon. :)

psychoholic madness

Re:Stealth Operation?

[jafac]

grep "NSAKEY" msnt128.exe

...
nothing.

Not in MY SP5. . .

"The number of suckers born each minute doubles every 18 months."

Three words!

[Slur]

Network Security Administrator
Yeah, I'm a Mac programmer. You got a problem with that?

There would be no need for two keys

Geniuses, Microsoft wouldn't have to create a separate key for the NSA. They could simply give a copy of the original key to the NSA (or anyone they wanted) at which point they would be free to sign CSPs or anything else without any way for anyone to know. Obviously, NSAKEY means something else.

I'll second that.

MS Money info storage.

2nd level basement of an off campus building, way in the back, through 5 different security doors, in a wire cage surrounded by video cameras, with motion sensors under the floor, and above the ceiling. Power is filtered and cleaned to prevent any data going in or out, only one fiber optic cable leaves the cage, and if it is is interupted for a millisecond, they know.

Re:Stop being so paranoid!

This is 100% legitimate. Hurry up and send your money before they get busted!

Ohno the NSA can read your UO password! get a life

Why the hell would you need privacy for playing games? Whats the NSA gonna do? Fine you for using codes? I hate people like you! quit using "lack of games" as an excuse for not running linux. If thats your excuse, your too lame for linux anyway. Linux is for intelligent people, NOT YOU!

Re:Well, this is another argument for getting sour

I deal with CA all the time and I think that I need one of those racks of weasel joy (Rax 'O' Weezl Joy, now available in white to make the blood show up better and the non-functional handle area inside pre-clawed for added fear)(Weasel-Rama, now in 360 degree Weasel-A-Round). Anyone remember the Kentucky Fried Movie? Rent it tonight!

screw the nsakey, who owns the third key?

[flatrbbt]

Why is there a third public key for some "unknown"?

When I purchased NT for my company, I did so under the "assumption" that the 128bit security had 1 and only 1 public key. It was an ignorant assumption, I admit...

I can understand MS being pressured into providing a second key for the nsa, but who is the 3rd key for? microsoft?

I have now removed ALL MS products from ALL machines on these premises. linux/freebsd will now be installed... until then, we will make do with 3x5 index cards.

I have also spent the entire morning on the phone to my customers reccomending they do the same.
There is no excuse for a security hole such as this in a "secure" software package.

If you have a registered copy of 95/98/NT, delete it, and write MS and let them know how you feel about it.

I personally hope the rotten bastards, each and every one of them, rot in hell.

If there is no source code, Do NOT install it.

Re:Computer "BUG" (NSA listens in)- not sci-fi

There are many precedents for a variety of interesting hacks to listen in without a microphone. I recommend the book called Spycatcher by Peter Wright, ex British Intellignece science geek. He not only discusses the laser on the window trick, but also bouncing microwaves off objects like ashtrays and such. It's also reasonably trivial to attach devices to your phone line and make the mike live even when the phone is on-hook. Wright also mentions one clever hack where they put microphones in a foreign embessey teletype room and could distinguish the different teletype keys simply by the frequency profile of the sound they made when they struck. With the advent of Tempest techonology it's also easy to intercept video cable emissions and record everything that comes up on your screen.

Bottom line, backdoors in software are simply one of many very clever and very workable ways to bug
you remotely. And you don't even have to be a TLA (three letter agency) to do this - a tiny mike and a pinhole camera will set you back $500, and you can watch anyone via the Net with a bit of clever setup.

Not FAKE, just looking in the wrong place.

[darsal]

Umm, these aren't REG keys. They're labels for offsets in a DLL. The words don't appear in the DLL either, but because of the NT4SP5 patch they were "leaked".

Isn't this illegal?

I thought it was illegal for the NSA to spy domestically? Or is that just the CIA.

Re:Isn't this illegal?

[behrman]

IIRC the law prohibits the CIA from operating domestically, however, the NSA's job is SIGINT of domestic and foreign sources.

Almost, but not quite.

[wahay]

It's not illegal for them to have a key. It's illegal for them to use a key. Prove that they've done it, and you could probably close them down, but how do you prove that?

Right.....

[Patman]

I dunno about the rest of you, but this sounds REAL fishy to me. Not the screwed-up crypto - I don't doubt that. But the NSA? I don't frigging think so. First of all, this guy has zero proof that NSA is involved at all - his only "proof" is the name of one key in one subsystem of the windows operating code, and the fact that that uses the three letter term NSA. I doubt that the NSA would have such a blatantly named key in there. Second, what would be the NSA's benefit in getting MS to do this for them? Seems a little strange, doesn't it? Finally, this strikes me like this guy is jumping on the government paranoia bandwagon for publicity's sake. I don't think this would be a huge story if he just said "There's a crypto problem in Windows systems".

Re:Right.....

The author recognizes that it's just the name of a key. Also, if it were true ofcourse theres a reason for the NSA to involve M$ %) windows populates a ton of computers all accross the globe.

psychoholic madness

But it *IS* a major security problem

Under *any* circumstances, this would be considered a bone-headed mistake on the part of Microsoft-- even if the NSA wanted it only for legit purposes.

Why? Because it destroys credibility. If Microsoft is going to make this sort of adjustment, Microsoft needs to make it clear to the user that he or she is using something that wasn't signed by Microsoft, rather than just keeping the user ignorant of the fact.

If the NSA has to make modifications like that for internal use, then Microsoft needs to make a version specifically for the NSA, and not incorporate the modifications directly into their shipping product. That's good security practice, no matter how you slice it.

Also, if the software were for internal use by the NSA, then the major point is this: The NSA would want some reassurance that the crypto libs were the in-house versions, not Microsoft's. So the NSA would probably have insisted that the computer perform some sort of notification when the in-house libs were loaded.

In summary, you are technically correct that it is *not* a backdoor, strictly speaking. It's simply a *HUGE* security flaw that makes it orders of magnitude easier for ther right person to install a backdoor, and happens to be there for the benefit of the NSA.

CryptoAPI doc's

[Norman+Lorrain]

Here for doc's.

Already reported in April CryptoGram

[XNormal]

In the April CryptoGram Bruce Schneier writes about the threat of viruses and trojans modifying verification keys:

Microsoft had the foresight to include two root-level Authenticode certificates, presumably for if one ever gets compromised. But the software is designed to authenticate code if even one checks out. So a virus can replace the authenticode spare certificate. Now rogue software signed with this rogue certificate verifies as valid, and real software signed by valid Microsoft-approved companies still checks out as valid.

The wrong assumption is that is is a result of Microsoft foresight - the leaked debug symbols reveals the second key to be an NSA key. The analysis about being able to replace one either voluntarily or maliciously is still correct.

Sounds like a coincidence to me...

[slykens]

Its kinda crazy that we assume that because the key is named NSAKEY that it belongs to our beloved NSA. Would the NSA really trust Microsoft to make sure no one finds out about it? Come on, they've got to be smarter than that. If they did, why would they allow their infamous initials to appear in it. I would think if the NSA had anything to do with it that they would have been the ones to test it and ensure that it wouldn't be detectable. I'm not saying that it isn't possible, just a little hard to fathom that the NSA would allow such a blatent reference to themselves.

Re:Sounds like a coincidence to me...

[Borealis]

My understanding of the article is that they never intended to release the symbolic information that identified the key as NSAKEY. As such, perhaps the "accidental" release of that info is actual some MS person with a conscience attempting to let the cat out of the bag....

Encryption illegal in France

Actually I believe the use of encryption in France is illegal. So they wouldn't be using the crypto API anyway!

At least the french government is being honest, rather than try and crack your encryption, they just ban you from using it! Anyone using encryption must be the bad guy! Saves them a lot of work!

Chinese Reply via Linux

And you wonder why Chinese universities and institutions are now contributing to Red Flag Linux?

domestic vs. foreign

[Bananenrepublik]

Shouldnt that read "found in domestic and foreign copies". I think national security of the US is much less related to spying on other countries than on spying on themselves (remember Colorado High School Massacre?). Oh, and Im much more worried if the NSA spys on me than if they spy on you :)

Nazi's, Hitler, Nukes, etc.

[cr0sh]

I have a book call "Vengence" or something, basically about the Nazi V weapon program and the nuclear implications (many of the bunkers and such look so much like "modern" bunkers that it is scary!) - and basically comes away with that Hitler was going after some sort of spent uranium system.

In other words, rather than a bomb, toward the end of the war he was planning on hurling radioactive waste on board V2's at Britain. IMHO, I think this would actually have been more effective in the long run (though the normal fear/morality hit of a real thermonuclear weapon would have been preferred - from a war standpoint), by causing long term illness, etc. with no way to "cure" it (ok, there was some ways, but not very effective ones). Of course, it would have ruined the areas hit for future Nazi habitation...

As far a "nuking" a far away place (like the USA), Hitler also had plans for a modified dual-stage style V2 - putting a man in the nose (for guidance), and sending him into a suborbital flight - skipping off of the upper layers of atmosphere, until he was across the ocean, then he could "fly" in (drop, is more the word) to hit the coast. I can't remember what the thing was called (Antipodal Bomber rings in my head) - and I have come by very little info on it...

Now UCITA is clearer....

Now i know why UCITA has been so accepted...

Then what the hell is this?!!?

Don't be an idiot! Check your server logs for 198.6.1.82 198.6.1.162 Notice how they show up about once a month? Funny huh? Now, are you laughing or crying?

Not in my edition.

[Paul+Crowley]

I don't see any suggestion of purposeful weakening of DES in any way in my edition of AC, except for the small keyspace. Nothing would really shed the doubt of which you speak, but certainly all the evidence points the other way.

The AES is being selected to replace DES because:
* DES's keyspace is too small
* DES's block size is too small
* DES is too slow, especially in software.

--

Check this site out...

[castle]

...For more stunning examples of conspiracy.

Re:Check this site out...

[castle]

oops!
www.infowars.com

Kristalnacht(was Re:2nd of april?)

Naw... It's like the Nazi Kristalnacht, "night of the broken glass", only this time, it's broken Windows.

Re:Well, this is another argument for getting sour

You have no idea, my friend, you have no idea.

I returned to the private workforce last year aften ten years with a government entity that I cannot list on my resume. I have a cover (State) and some canned recommendations. I learned AIX while I was working for the government, and then discovered Solaris, which I like a lot. This got me a job last year without too many questions.

You have no idea how bad it has gotten. Let me fill you in:

1. Quotas: they are set in (a place in Virginia) and not in the country itself. So, a posting in some countries (Denmark or Finland) where a)no one really likes or dislikes the US - they could care less and have no real interest in providing information and b)there is just not a lot happening (we are not, for instance, likely to be invaded by Belgium any time soon) is the kiss of death to your carreer because there is no real way to make quota. Unless (and this is key), you fake it. If you have ethics, essentially, fully half of all of the postings by quantity require you to commit treason (by compromising national security by falsifying any and all contacts and records) or treat it as dead time for your future. This is the neat part -- everyone knows the system is horribly broken and every senior person there winks at the violations. Why? Whey did it themselves. Shades of grinding back at West Point (cheating, for those who didn't attend a service academy, is called grinding, and almost everyone does it).
2. Reviews: this has nothing to do with your actual performance in most cases. The station chief doesn't do them -- your immediate boss does. And, just like high school, there is a pecking order and no real control outside of that. Date a secretary that your boss is interested in, your ass is grass. I didn't, but watched someone get transferred into a carreer-ending position for that, with the suggestion in his records that he was compromising security by dating nationals. There is no meritocracy there anymore.
3. Disregard for security: this happened all the time. People would take home AND MISPLACE TS and worse. We had a person leave his briefcase in a bar. We are lucky that the bartender found it. It had detailed response plans for repelling any c/b/r attacks from a country that I can't name, but if you saw it on a map, would look an awful lot like Iraq. This was serious. It was ignored. And then there are the drinking and drug problems, mostly drinking.
4. Security: They do not get you a house at the far end of a one way street anymore. You are lucky if they try to keep your cover secret. They won't help you move in, so everyone knows that you are coming in from DC or VA someplace. They won't pay for a damned thing (not salary, which is very low, but things like furnishing a house or flat as if you really were an American marketing exec). And your family is at tremendouw risk if you take them, as a result. This was one of the main reasons I left. I spoke Spanish, I was not going to get another European posting, had studied Latin America, and had done briefings on narcoterrorism for a number of people, for a number or years. I looked at the house that they had picked out for me in Bogota -- on a busy street, with a wide alley, with overlooking apartment buildings in line-of-sight, in a neighborhood with access from FIVE directions. They couldn't have done worse if they tried. There was no way in hell that I was taking my pregnant wife there, and she felt the same way. So we both quit.

Bitter? Yes, very. But not at the concept, just the execution. At this point, we need to start over.

Here's Microsoft's Story

http://www.microsoft.com/security/bulletins/backdo or.asp The claim is that this NSAKEY is a backup key in case the other gets destroyed, and that the name is coincidence. Are we really expected to believe this? "Well, we keep the crypto key here in this drawer and you know if there wuz an earthquake of sumpthin', no telling if we could get it out" Has Mickeysoft never heard of data redundancy?

Re:Well, this is another argument for getting sour

If you really are for real, your ass is grass, as I can't imagine there will be a whole lot of unnamed_gov_agency operatives that quit just after he and his pregnant wife were told to move to bogota.

A thought on MS software

[phobos.net]

You'll probably find this paranoid, but remember the basic premise in the film 'hackers'? One company supplying security software for the world, and it had a backdoor?
Now, just imagine that such a thing had happened to Windows. You can transmit whatever you want out from the system every time it browses the web, because no firewall will check what's actually extra in, for example, a URL (as one method for getting data out) as it's outbound, not inbound. What a fine facility for US industrial espionage!

Just toy with the idea. If you start thinking about the implications you could end up rather worried ...
In that light frequent security failures are so much easier to explain.

If you don't think this stuff happens, maybe you ought to find out what the Swedish Government discovered in Lotus Notes a few years back. That was probably accidental, but who knows for sure?

Killing Sales Overseas

[llywrch]

>I also find it pretty pathetic that the NSA would need to contact Microsoft and implement a backdoor to access NT.

No, what is pathetic is that over a hundred sovereign countries now have a good reason to stop buying MS software.

Fer instance, let's say you are a clerk in the UK Foreign Office, & your job is to type memos about Top Secret stuff. And someone in MI-5 discovers that your computer has been talking to one in Virginia at a suspected NSA site. Over an allegedly secure TCPIP network.

How many pairs of underwear will be soiled in this scenario:

1) The clerks?
2) The clerk's supervisor?
3) The sysadmin for the network?
4) The local MS salesdroid?
5) All of the above?


And for extra credit, s/UK Foreign Office/Chinese Foreign Ministry/ & s/pairs of underwear will be soiled/people will be executed/ ?


Geoff

All of the above

[malx]

A joke, a cock-up, and not the only flaw.

Let's face it, if you were the MS programmer told to insert an NSA key (and had no choice), would you make an effort to disguise it when the order came from so far higher up they'd never even see the debug symbols?

Re:Well, this is another argument for getting sour

[raph]

You're not taking into account that said nameless spy agency is too incompetent to track this kind of thing down :)

It's very easy to imagine that enough of the detailed facts have changed to protect the, uhm, err, ok.

But the post itself has the "ring of truth" to me.

No real fix...

[Remus+Shepherd]

From reading the details, they suggest removing the NSA backdoor by changing the NSA key but leaving the MS service key intact. Uh, this isn't much of a fix. If MS collaborated with the NSA enough to put a backdoor in there, they'd certainly be willing to provide their service key if the NSA found a machine they couldn't compromise. It sounds to me as if Windows cannot be made secure.

Re:Well, this is another argument for getting sour

I am not surprised. Focus is something you learn that stays with you. It certainly helped me.

NT BugTrac's take

is available at: http://ntbugtraq.ntadvice.com/default.asp?sid=1&pi d=47&aid=52 The article is written by someone who absolutely must maintain a good relationship with MS and therefore has a strong "not a big deal" bias. However, notice several things: The article concedes that the NSAKEY is indeed something installed at the behest of the NSA. So much for the "Network System Authority" and similar crackpot anti-conspiracy theories. The story is that MS wanted one version for export and domestic and needed a failsafe if the regular Windows security fails or is compromised, although how and why this requirement holds is unclear. It also concedes that, at the very least, this constitutes a serious backdoor security hole. What the anti-paranoid wing-nuts who think this doesn't pose a security threat have not grasped is this: If you attempt to execute a non-MS signed module, which means it could be signed by anyone, Windows fails to verify against the MSKEY module. It then automatically and without error message attempts to verify against the NSAKEY module. If the NSAKEY module accepts it, you never even know it failed the original test. The demo on the original post shows you can replace NSAKEY with any module you like. So if someone gets access to your machine, they can take over your cryptographic security system without your knowledge. Finally, although it attempts to cast doubt, it does concede the conspiratorial view is "possible". Talk about saying the least.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Oh, Come ON!

Frankly, I find all the fuss over this a little amusing. What this amounts to is that somebody found a symbol name evidently inadvertantly left in clear in NT4 SP5 which reads "NSAKEY." Now apart from all the things that NSA could stand for other than National Security Agency, or the chances that some geek at Microsoft found such a label amusing (bet he's not laughing now) I am asked to believe that this "secret" key was not only embedded, with or without Microsoft's cooperation, and obligingly tagged "NSAKEY" so that not only anybody who looked at the code at Microsoft, but the whole world, in the event the name happened not to be disguised in a release version, would know that the NSA was back-dooring Windows. Now, does anybody think that either Microsoft or the NSA, if they wanted to do something like this, wouldn't have used something like "KEY_2" or "XYZKEY" instead? _Really?_ Get a grip. This is another example of some dweebs working themselves into a foaming frenzy over nothing. The NSA, if they're watching at all, are probably laughing themselves sick.

How to remove (and detect) a Thomson Trojan

[Ungrounded+Lightning]

To remove a Thomson Trojan:

1) Write a program to lex and partially parse the language the compiler is written in, identifying the symbols and substituting a new set of its own creation, and writing the result.

2) Run this over all the source files of the compiler (including the preprocessor and any subroutine libraries - statically linked or loadable - that either uses), producing a new set of sources where "the names are changed to protect the innocent".

3) Build from these sources using the possibly contaminated compiler. Any Thompson Trojans in the compiler will be unable to recognize the modified signatures of the insertion points, and will thus fail to propagate.

4) Use the modified ("dragnet") compiler to build from the UNmodified sources, producing another clean version with the original names. Either this clean compiler, or the "dragnet" substitute, can be installed permanently.

5) If you want to determine whether any trojans were eliminated, you can compare the new clean object module to the original compiler. They should be identical unless compile times or pathnames get included in the object, in which case these should be the only difference. (You probably can't compare the Dragnet object to the original: Even if debugging symbols aren't included, the changed names may make symbol table hashing come out differently, resulting in subtle differences in the ordering of parts of the object module.)

If you're truly paranoid, don't confine yourself to the source path. Do a second program to modify the filenames in the makefiles (using care to properly deal with filenames that also must appear in string constants) and redo all the programs on the build path while making your "dragnet" build system (including make and any shells). Then use your "dragnet" version to rebuild the kernel and ALL the executables. This catches any hypothetical stuff that might be hidden in the linker, the filesystem, etc.

Microsoft has already conceded this

Your assumptions about what is credible are clearly deficient. Check out the Wired story already long cited. Microsoft has admitted the key was added because of the NSA, although they say the NSA does not have a copy. So the NSA in NSAKEY pretty clearly stands for No Such Agency.

How about Crypto AG

What was in Notes was not accidental but NSA requirement. Lotus said the same, and, to be fair, the feature was described, but buried, in the documentation. A more telling example is the Swiss Cryto firm Crypto AG, which made dedicated boxes for strong crypto purposes. This was believed for decades because of the famous Swiss neutrality. Countries like Iran relied on this. Turns out it had backdoors for the NSA all along.

Re:Well, this is another argument for getting sour

[jafac]

I don't know about y'all, but ever since MSG, I haven't trusted any chemical known by an acronym.

"The number of suckers born each minute doubles every 18 months."

Misunderstanding

When I purchased NT for my company, I did so under the "assumption" that the 128bit security had 1 and only 1 public key.

You're confused about keys. This key in the news is NOT a key used to encrypt your data. It doesn't allow the holder to read your encrypted stuff. It DOES allow the holder to install additional security services into MS's security framework. But the holder has to have access to your machine to do that.

URL at Microsoft

[bafful]

Their press release is at http://www.microsoft .com/presspass/press/1999/sept99/rsapr.htm, FYI.

Re:Well, this is another argument for getting sour

You are assuming that they care, and sometimes they just don't care, period. For example, an uncle of mine worked for the CIA for about 20 years, quitting close to 20 years ago. He lives in a small town and has written some rather nasty editorials in the local paper (small, local, and happy to have guest editorials) about Clinton. He got a visit from the CIA once, after he alluded to specifically to something that we still haven't officially admitted that we did in Vietnam. Two men came to his house and pulled out his paperwork and reviewed why he couldn't do that, penalties for treason, and so on. But, according to his wife, after they were convinced that he hadn't had some sort of crypto-fascist or left wing conversion and just hated Clinton, they all sat around and drank beer and bitched about the "modern CIA" and "that pinko Clinton" for several hours. He has since written more editorials and has never had another visit, and he hasn't been too much more circumspect. I think that if you are just a normal bitter ex-employee, they could care less. I know from my own personal experience that NIS, the place you allegedly never leave, the place even creepier than the CIA, two years later had completely forgotten me, unless there was something sinister about the way they just didn't care. Perhaps they were trying to make me feel bad ;) Seriously, I think that they could have cared less unless I was making noise about shooting the president or following in the footsteps of Phillip Agee (sp?). I go ahead and tell people what I did and they check it and the Navy will verify almost all of it, and since I work short term Unix contracts (9 months is not unusual) I get my refernces checked a lot. In theory, I am not supposed to do that. In practice, they don't really care. I am sure that I am listed someplace is "electronics guy, dislikes Clinton" and my uncle is listed someplace as a "bitter crank, dislikes Clinton." I am not exactly worried about the black helicopters coming for me.

Re:Maybe patch w/ src requires program src.

[muwahaha]

I know very little about mucking around with
binaries, but perhaps it's difficult to provide
a patch in source code form to a program that
you don't have the source code for.

Alex.

So?

So if someone gets access to your machine, they can take over your cryptographic security system without your knowledge.

Uh, if someone has access to your machine, they can do anything they want to it without your knowledge. They don't need any special key.

Larry Ellison said it best when he said:

[jabber]

"There is not such thing as privacy. Get over it."

I'm with Jimhotep on this one..
If they wanna watch you, they'll watch you. They might be doing it right now. Be afraid - be very afraid.

We (they, they of the NSA) can count your shoelaces and read your newspaper from 100,000 feet up. That's orbital for chrissakes.

Bouncing a laser off of a window, and measuring the reflection allows very impressive eavesdropping.

Your driver's license has your current address on it. Ever wonder why? Did you have your baby foot-printed upon birth?

I've never seen it done, but I'm quite convinced that the patternt on your screen and the state of your CPU can be monitored in real time, from a quarter mile away.

Anyone out there care to comment on S.Q.I.D. technology? My understanding is a bit rusty - and as I understand, that's probably a good thing.

The kicker? There's nothing we can do about any of it.

Re:Larry Ellison said it best when he said:

Your driver's license has your current address on it.

No, it doesn't. Yours might, but mine doesn't.

For over 15 years, my Oklahoma driver's license had a PO box on it.

Now, my Florida driver's license has an address on it that is currently inhabited by people who have no fucking idea what my current address is, and have never heard of me except through any mail they got that wasn't forwarded.

Re:One more nail, but am I the only one...

One more nail fer sure, but am I the only one who sees it as a technical and security non-issue?

Anyone dumb enough to rely on Microsoft-native code for any type of security, is probably too dumb to use any OS or software, without compromising its security by mistake.

Re:I just installed Red Hat!!!

Well, I've done it. I am writing to you from the Netscape Navigator inside Red Hat. Nice. The only real problem I had was that I specified the wrong mouse type, which prevented me from going into the GUI. Once that was cleared up, it worked like a charm. I was especially surprised by the ease at which I was able to set up a PPP connection. Even without documentation.

A little strange, but it looks yummy so far. I'll probably play around a bit more, then buy a real Red Hat so I'll be supported. Wow. This is great!

The Microsoft Reaction

I wonder how everyone's favorite Redmond PR folks will react to this? Lets play the "how long until they address this security flaw" game. My best guess is a release this evening, and full denial of all charges by tuesday.

Can you say "jumping to conclusions"?

[Eddie+the+Jedi]

If all we have to go on is a debugging symbol called "NSAKEY", we've got jack sh*t. In the mind of a programmer, NSA could stand for anything.

--

Doubtful

[MenTaLguY]

"What the @#$% do those 3 lines of code do? Hrmmm, oh well, doesn't look like the section I was trying to find anyway . . ."

One thing you're forgetting -- generally when package maintainers (Linus, for instance) are reviewing a patch for inclusion in the distribution, they won't accept it unless they understand all the code involved.

If you tried something clever like spreading the changes across several patches, that wouldn't really work either.

[Judas] Here's my patch to fix the support for the /dev/blah device
[Maintainer] Hrm. I'll have a look.
...
[Maintainer] What's this little bit of code here do? I think you could probably shave a couple hundred instructions off here if you left it out, and it looks completely unnecessary.
[Judas] There's something screwy with the timing; that was the only way I could get it to work
[Maintainer] Hrm. That seems like a kind of awkward hack to me -- I'd like a solution I could understand better. I just replaced this with a delay loop -- I don't have the blah hardware myself though ... (to mailing list) Hey, could someone with blah hardware give this a try with my modification and see if it still works?
[Mailing List] Okay... it seems fine. In fact, one of us tried it without the delay loop, and there weren't any problems.
[Maintainer] (to Judas) I applied your patch; it seems to work fine without the bit of code though, so I just left that part out.
[Judas] Curses, foiled again!

As a modest package maintainer myself, I personally read every patch I get. Even if the patch author isn't malicious, the patch could still potentially fail in a catastrophic way due to a stupid logic error or invalid assumptions.

One thing that some people don't seem to understand about Open Source is that just because some Joe Schmoe produces some code doesn't mean that it'll end up in the official distribution.

It might be easy to read the code in the official distribution, and it might be easy to modify the code in your own copy, but it's nontrivial to quietly modify the official distribution. To submit a patch is to submit that patch to a lot of direct public scrutiny.

Berlin-- http://www.berlin-consortium.org

haha

[alehmann]

isn't this the textbook reason to avoid all proprietary software?

Re:GOVERNMENT HAS DEVICE TO MONITOR YOU!

Its True Lucky for me I been debugging it as I go, but you can see what I mean http://rEdIrEcT.tO/TOPSECRET50OutperFORMERS

No, BEING done.

[cduffy]

A straight port of PGP to the Pilot is out, yes.

It's slow. It only supports RSA and IDEA. It's incompatible with GnuPG. Its frontend is lousy.

A GnuPG port, with far more algorithms and features, is being done.

How was that a troll?

Explain the trollness of the previous comment. You are dip shit.

your signature sucks by the way

questions

[mcc]

what i want to know is, what DOES this mean? do we have the SLIGHTEST idea AT ALL what the "nsakey" symbol does? even if we accept for a second it's a backdoor for the nsa, what does that backdoor do? is it clear from the dissasembly? any NT admins here who might know details? i've seen at least three contradictory explanatons of what a key in the cryptoAPI means.

they seem to be saying the debugging stuff was left in in the NT service pack and that you could see the names of the variables used.. well hell, there ought to be all KINDS of interesting stuff in there. beyond the NSAKEY thing,seems like it would be fascinating to just thumb through the variable names and see whatall is there. or was it just the security parts and nothing else that had the debugging? is there really a function called CREATE_RANDOM_GENERAL_PROTECTION_FAULT()? (j/k)

has anyone yet gone ahead and run their program to hacksaw out NSA_KEY like they suggest you do? does NT still run? does anything break, suggesting maybe NSA stands for something other than National Security Agency? how do we know that cryptonym's program actually _does_ take out NSAKEY, and not just replace NSAKEY with a key to let cryptononym in your system? How do we know "cryptonym" is not just a front for a shadowy orginisation working to create a human-alien hybrid so they can have FEMA infect all human life with a strange black substance spread by bees which causes the carrier to decompose, becoming food for alien life form and setting off the alien colonisation of earth?

but anyway, whatever this NSAkey thing does, i say we immediately get RCA or RZA or distributed.net or whatever going on cracking it. :)

-mcc-baka
hey.. my mac may crash three times a day, but i have yet to hear about any security holes.

exploitation devices

[RoLlEr_CoAsTeR]

Relying on the obvious exploitation of a security hole to prove its existence is bad practice.
But is that not some of what (cr)hacker (I keep forgetting which word is correct) group(s) such as Cult of the Dead Cow and their Back Orifice 2000 are trying to do? I thought that was one of the excuses for their software; they were doing us all a favor by pointing out (and exploiting) security holes in other software.

Perhaps I am wrong; if so, let me know.

more than your data: keys to excess computing time

perhaps the nsa/microsoft wants more than just the information on your computer. windows and other programs know if you've got a temporary modem connection or permanent lan connection. if you've got a more permanent connection, and they have a way of getting your computer to do things while you're connected to the internet, they have built themselves the largest parallel supercomputer in the world. for instance, if the nsa wants to monitor any/all phone calls, they could have the calls processed by computers on the internet that they have keys to. who knows if other companies are doing this also for extra computing power.

If people are so worried then...

Why don't they a) patch around the MSKEY based validation process, allowing any CSP to be used ? b) recognise that any form of root or validation key can always be replaced, subverted or patched out of use. -------- some thoughts: (b) is a fundamental issue with software implementations of security - and no good, cost effective solutions exist in the software world (I aasume noone can afford to buy or maintain E6 rated personal workstations in an E6 state) (a) can lead to crypto-anarchy - can you ever trust any CAPI or CSP module - as anyone may have written the one installled on your machine. Maybe a minimum level of trust in a common grade CSP has some value. lyal

OS differences don't mean much commercially

A comment on the different OS approaches in this area - would a business using a non-MS system be able to trust any data that may, or may not have come from a MS workstation ? If the workstation is compromised in some fashion, the business transactions are compromised, regardless of the server technology. So, these issues are only really relevant for a) personal users b) those pople who do not want choice in their machines, software. Having choice (apparently a /. commandment) allows difference/ To steal anothers words: "not all differences are created equal, some differences are more equal than others" OR "not all differences are created secure, some differences are more secure than others" Get over it people, face reality! Lyal